Cordiant Luxembourg Privacy Notice

CORDIANT CAPITAL FUNDS / ALLIANZ EM LOANS SCS (THE “FUND”) PRIVACY NOTICE

In compliance with the Luxembourg applicable data protection laws and regulations, including but not limited to the Regulation n°2016/679 of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”), as such applicable laws and regulations may be amended from time to time (collectively hereinafter referred to as the Data Protection Laws), Cordiant Luxembourg S.A., acting as data controller on behalf of the Fund (the “Data Controller”) processes personal data in the context of the investments in the Fund. The term “processing” in this notice has the meaning ascribed to it in the Data Protection Laws.

1. CATEGORIES OF PERSONAL DATA PROCESSED
Any personal data as defined by the Data Protection Laws (including but not limited to the name, e-mail address, postal address, date of birth, marital status, country of residence, identity card or passport, tax identification number and tax status, contact and banking details including account number and account balance, resume, invested amount and the origin of the funds) relating to (prospective) investors who are individuals and any other natural persons involved in or concerned by the Fund’s relationship with the investor, as the case may be, including but not limited to any representatives, contact persons, agents, service providers, persons holding a power of attorney, beneficial owners and/or any other related persons (each a “Data Subject”) provided in connection with (an) investment(s) in the Fund (hereinafter referred to as “Personal Data”) may be processed by the Data Controller.

2. PURPOSES OF THE PROCESSING
The processing of Personal Data may be made for the following purposes (the “Purposes”):
a) For the performance of the contract to which the investor is a party or in order to take steps at the (prospective) investor’s request before entering into a contract
This includes, without limitation, the provision of investor-related services, administration of the holdings of units in the Fund, handling of subscription, redemption, conversion and transfer orders, maintaining the register of investors, management of distributions, sending of notices, information and communications and more generally performance of service requests from and operations in accordance with the instructions of the investor.
The provision of Personal Data for this purpose:
– has a contractual nature or is a requirement necessary for entering into (on behalf of the Fund) a contractual relationship with the investor; and
– is mandatory;
b) For compliance with legal and/or regulatory obligations
This includes (without limitation) compliance:
– with legal and/or regulatory obligations such as anti-money laundering and fight against terrorism financing, protection against late trading and market timing practices and accounting obligations;
– with identification and reporting obligations under the foreign account tax compliance act (“FATCA”) and other comparable requirements under domestic or international exchange tax information mechanisms, such as the Organisation for Economic Co-operation and Development (“OECD”) and EU standards for transparency and automatic exchange of financial account information in tax matters (“AEOI”) and the common reporting standard (“CRS”) (hereinafter collectively referred to as “Comparable Tax Regulations”). In the context of FATCA and/or Comparable Tax Regulations, Personal Data may be processed and transferred to the Luxembourg tax authorities who, in turn and under their control, may transfer such Personal Data to the competent foreign tax authorities, including, but not limited to, the competent authorities of the United States of America and/or Canada;
– with requests from, and requirements of, local or foreign authorities.
The provision of Personal Data for this purpose has a statutory/regulatory nature and is mandatory. In addition to the consequences mentioned in the last paragraph of item 2 hereunder, not providing Personal Data in this context may also result in incorrect reporting and/or tax consequences for the investor;
c) For the purposes of the Fund’s legitimate interests
This includes the processing of Personal Data for risk management and for fraud prevention purposes, improvement of the services provided on behalf of the Fund, disclosure of Personal Data to Processors (as defined in item 3 hereunder) for the purpose of the processing on the Fund’s behalf. Personal Data may also be processed to the extent required for preventing or facilitating the settlement of any claims, disputes or litigations, for the exercise of the Fund’s or the Data Controller’s rights in case of claims, disputes or litigations or for the protection of rights of another natural or legal person.
The provision of Personal Data for this purpose:
– has a contractual nature or is a requirement necessary for entering into (on behalf of the Fund) a contractual relationship with the investor; and
– is mandatory;
and/or
d) For any other specific purpose to which the Data Subject has consented
This covers the use and further processing of Personal Data where the Data Subject has given his/her explicit consent thereto, which consent may be withdrawn at any time, without affecting the lawfulness of processing based on consent before its withdrawal (e.g. to receive marketing material (about the products and services of group companies or those of commercial partners), recommendation about services, etc.

Not providing Personal Data for the Purposes under items 2.a to 2.c hereabove or the withdrawal of consent under item 2.d hereabove may result in the impossibility to accept (on behalf of the Fund) the investment in the Fund and/or to perform (on behalf of the Fund) investor-related services, or ultimately in the termination of the contractual relationship between the Fund and the investor.

3. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES
Personal Data may be transferred by the Data Controller, in compliance with and within the limits of the Data Protection Laws, to its delegates, service providers or agents and/or to the Fund’s service providers or agents such as (but not limited to) [the Fund’s alternative investment fund manager], the Fund’s administrative, [domiciliary], registrar and transfer agent, other entities directly or indirectly affiliated with the Fund or the Data Controller and any other third parties who process the Personal Data (on the Fund’s behalf) in the provision of their services to the Fund, acting as data processors (collectively hereinafter referred to as “Processors”) Edmond de Rothschild Asset Management (Luxembourg) (EdRAM”) is deemed a data processor on behalf of the Data Controller.
Such Processors may in turn transfer Personal Data to their respective agents, delegates, service providers, affiliates, such as (but not limited to) certain entities of Edmond de Rothschild Group, acting as sub-processors (collectively hereinafter referred to as “Sub-Processors”)
Personal Data may also be shared with service providers, processing such information on their own behalf as data controllers, and third parties, as may be required by applicable laws and regulations (including but not limited to administrations, local or foreign authorities (such as competent regulator, tax authorities, judicial authorities, etc.))
Personal Data may be transferred to any of these recipients in any jurisdiction including outside of the European Economic Area (“EEA”). The transfer of Personal Data outside of the EEA may be made to countries ensuring (based on the European Commission’s decision) an adequate level of protection or to other countries not ensuring such adequate level of protection. In the latter case, the transfer of Personal Data will be protected by appropriate or suitable safeguards in accordance with Data Protection Laws, such as standard contractual clauses approved by the European Commission. The Data Subject may obtain a copy of such safeguards by contacting the Data Controller.

4. RIGHTS OF THE DATA SUBJECTS IN RELATION TO PERSONAL DATA
Under certain conditions set out by the Data Protection Laws and/or by applicable guidelines, regulations, recommendations, circulars or requirements issued by any local or European competent authority, such as the Luxembourg data protection authority (the Commission Nationale pour la Protection des Données – “CNPD”) or the European Data Protection Board, each Data Subject has the right:
– to access his/her Personal Data and to know, as the case may be, the source from which his/her Personal Data originates and whether such data came from publicly accessible sources,
– to ask for a rectification of his/her Personal Data in cases where such data is inaccurate and/or incomplete,
– to ask for a restriction of processing of his/her Personal Data,
– to object to the processing of his/her Personal Data,
– to ask for the erasure of his/her Personal Data, and
– to data portability with respect to his/her Personal Data.
Further details regarding the above rights are provided for in Chapter III of GDPR and in particular articles 15 to 21 of GDPR.
No automated decision-making is conducted.
To exercise the above rights and/or withdraw his/her consent regarding any specific processing to which he/she has consented, the Data Subject may contact the Data Controller at the following address: 1002 Sherbrooke St. W, Montreal, QC H3A 3L6 (CANADA). Furthermore, any question, enquiry or solicitation regarding this Privacy Notice and the processing of Personal Data by the Data Controller in general may be addressed to CSM-TA@bpere.eu or to Edmond de Rothschild Asset Management 20, Boulevard Emmanuel Servais L-2535 Luxembourg Grand-Duché de Luxembourg for the attention of Edmond de Rothschild Asset Management (EdRAM), or by calling +352 2488 1 .
In addition to the rights listed above, should a Data Subject consider that the Data Controller does not comply with the Data Protection Laws, or has concerns with regard to the protection of his/her Personal Data, the Data Subject is entitled to lodge a complaint with a supervisory authority (within the meaning of GDPR). In Luxembourg, the competent supervisory authority is the CNPD.

5. INFORMATION ON DATA SUBJECTS RELATED TO THE INVESTOR
To the extent the investor provides Personal Data regarding Data Subjects related to him/her/it (e.g. representatives, beneficial owners, contact persons, agents, service providers, persons holding a power of attorney, etc.), the investor acknowledges and agrees that: (i) such Personal Data has been obtained, processed and disclosed in compliance with any applicable laws and regulations and its/his/her contractual obligations; (ii) the investor shall not do or omit to do anything in effecting this disclosure or otherwise that would cause the Data Controller, the Fund, the Processors and/or Sub-Processors to be in breach of any applicable laws and regulations (including Data Protection Laws); (iii) the processing and transferring of Personal Data as described herein shall not cause the Data Controller, the Fund, the Processors and/or Sub-Processors to be in breach of any applicable laws and regulations (including Data Protection Laws); and (iv) without limiting the foregoing, the investor shall provide, before the Personal Data is processed by the Data Controller, the Processors and/or Sub-Processors, all necessary information and notices to such Data Subjects concerned, in each case as required by applicable laws and regulations (including Data Protection Laws) and/or its/his/her contractual obligations, including information on the processing of their Personal Data as described in this notice. The investor will indemnify and hold the Data Controller, the Fund, the Processors and/or Sub-Processors harmless for and against all financial consequences that may arise as a consequence of a failure to comply with the above requirements.

6. DATA RETENTION PERIOD
Personal Data will be kept in a form which permits identification of Data Subjects for at least a period of ten (10) years after the end of the financial year to which they relate or any longer period as may be imposed or permitted by applicable laws and regulations, in consideration of the legal limitation periods (including for litigation purposes).

7. RECORDING OF TELEPHONE CONVERSATIONS
Investors, including the Data Subjects related to him/her/it (who will be individually informed by the investors in turn) are also informed that for the purpose of serving as evidence of commercial transactions and/or any other commercial communications and then preventing or facilitating the settlement of any disputes or litigations, their telephone conversations with and/or instructions given to the Data Controller, the Fund’s alternative investment fund manager, the Fund’s depositary bank, the Fund’s domiciliary, administrative, registrar and transfer agent and/or any other service provider or agent of the Fund or of the Data Controller may be recorded in accordance with applicable laws and regulations. These recordings are kept during a period of seven (7) years or any longer period as may be imposed or permitted by applicable laws and regulations, in consideration of the legal limitation periods (including for litigation purposes). These recordings shall not be disclosed to any third parties, unless the Data Controller, the Fund’s alternative investment fund manager, the Fund’s depositary bank, the Fund’s domiciliary, administrative, registrar and transfer agent and/or any other service provider or agent of the Fund or of the Data Controller is/are compelled or has/have the right to do so under applicable laws and/or regulations in order to achieve the purpose as described in this paragraph.