AboutInvestmentsPeopleSustainabilityContact

Privacy Notice

IIP Privacy Notice

This Privacy Notice explains how IIP processes (i.e. collect, use, share and otherwise process) personal information. As a data controller, we are required to protect personal information and we will process any personal information in accordance with this Privacy Notice, as well as the at all times applicable law.
In the course of our business, we register and use personal data when interacting with individuals who are connected with an investor or a business partner of ours. This could be as an employee, an authorised signatory, a beneficial owner, a director, or a third party connected to one of our investors or business partners.

  • We may process personal data for any of the following purposes, depending on the capacity in which the interaction takes place:
  • Meeting our obligations and providing services to our Investors and business partners
  • Complying with applicable law, including anti-money laundering legislation
  • For administrative purposes, including to secure and maintain our internal systems
  • Carrying out controls to prevent fraud and financial crime

Managing the relationship to our investors and business partners
We will only register and process personal data if we have a legal basis to do so. This means that we register and use personal data when:

  • an agreement is in place or is in process
  • we have received consent to use personal data for a specific purpose
  • we have to comply with certain legal obligations in accordance with
    – The Danish Anti-Money Laundering Act
    – The Danish Tax Control Act
    – The Danish Bookkeeping Act
    – The Danish Alternative Investment Fund Managers Act
    – The Danish Data Protection Act
  • we or the relevant investor or business partner pursue a legitimate interest. This could be when we or the customer have a business or commercial reason, such as administrate the services that the investor has requested, to use personal data, need to prevent abuse and loss, or want to use it for marketing purposes. We will only do so if our interest clearly outweighs the interest of an individual in not having personal data processed by us, cf. the GDPR art. 6.1(f).
What personal data do we register and use?

We typically process the following types of personal data:

  • Basic personal information, for instance name, address, contact information, country of residence, education and occupation.
  • Identification documentation, for example a photocopy of passport, driving licence, or other documentation required by law.
How long do we store your personal data?

We keep the data only for as long as it is needed for the purpose for which the data were registered and used. When the business connection has terminated, we normally keep the data for 5 years. This is primarily due to our obligations under the Bookkeeping Act, the Anti-Money Laundering Act and requirements from the Financial Supervisory Authority.

Third parties and personal data

Which third parties do we share personal data with?
In some cases, we may share personal data with third parties if there is a legal basis for doing so.

  • We disclose personal data to public authorities as required by law, including to the State Prosecutor for Serious Economic and International Crime (SØIK) in accordance with the Danish Anti-Money Laundering Act, to the Danish tax authorities (SKAT) in accordance with the Danish Tax Control Act, to the depositary of the managed alternative investment funds and to the Danish Financial Supervisory Authority (Finanstilsynet) for various purposes.
  • For the performance of a contract, with consent or if we are allowed by law, we may disclose data to external business partners (e.g. banks and external advisors).
  • In connection with IT development, hosting and support, we transfer personal data to data processors, within the EU and the EEA.
  • Data might also be processed by one of our data processors, e.g. one of our suppliers of IT-services. The necessary data processing agreements with the relevant suppliers have been entered into, and these are audited regularly to make sure that they comply with the security measures in our agreement.
What are your rights?

You have the following rights:

  • You have the right to request access to and rectification or erasure of your personal data.
  • You also have the right to object to the processing of your personal data and have the processing of your personal data restricted.
  • If processing of your personal information is based on your consent, you have the right to withdraw your consent at any time. Your withdrawal will not affect the lawfulness of the processing carried out before you withdrew your consent.
  • You have the right to receive your personal information in a structured, commonly used and machine-readable format (data portability).
  • If you are dissatisfied with how we register and use your personal data and your dialogue with us has not led to a satisfactory outcome you can lodge a complaint with the Danish Data Protection Agency: Datatilsynet, Borgergade 28, 5., DK-1300 Copenhagen K, mail: dt@datatilsynet.dk.There may be conditions or limitations on these rights. It is therefore not certain for example you have the right of data portability in the specific case – this depends on the specific circumstances of the processing activity.
    You are always welcome to contact us if you have any questions about your privacy rights and how we register and use personal data. You can contact IIP via email