The Coeli Group processes your personal data with the utmost respect and in accordance with applicable data protection legislation. Coeli continuously strives to improve and develop our services and products, hence the content of this notice is subject to change. Please review this Privacy Notice from time to time in order to remain updated.
There are several controllers of personal data within the Coeli Group and processing may differ from one group company to another. Below is a list of controllers within the Coeli Group.
Coeli Wealth Management AB, org.nr 559008-1716, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (“Coeli Wealth Management”)
Coeli Asset Management AB, org.nr 556608-7648, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (”Coeli Asset Management”)
Coeli Frontier Markets AB, org. nr 556930-8447, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (”Coeli Frontier Markets”)
Coeli Global AB, org. nr 556683-5608, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (”Coeli Global”)
Coeli European AB, org. nr 559128-4574, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (”Coeli European”)
Coeli Shared Services AB, org.nr 559047-6312, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (“Coeli Shared Services”)
Coeli Investment Management AB, org.nr 559031-2723, postal address Sveavägen 24-26, 111 57 Stockholm, Sweden (“Coeli Investment”)
The term personal data refers to any information relating to an identified or identifiable natural person, such as a name, personal identity number, telephone number, address, email address or photograph.
Controllers may process the following categories of personal data:
INVESTMENT SERVICES
We provide investment services in the form of investment advice and portfolio management. Within the scope of these services, we also provide support and ancillary services such as insurance distribution, securities accounts and order management. In order to offer investment advice we collect data from you to perform a situation and needs analysis of your personal finances and related issues, such as your tax situation. Based on the client information we have collected, we can offer you appropriate advice and continuously follow up on your investments. Where appropriate, we can also offer advice on insurance and assist with taking out insurance policies. We also offer a portfolio management service allowing you to hand over investment decisions to a portfolio manager based on an agreed risk profile, investment philosophy and investment policy.
CATEGORIES OF PERSONAL DATA
We process the following data:
– Employment information
– Business information
– Family relationships
– Financial information
– Insurance information
– Health data
– Personal information
– Assessments of suitability and appropriateness
– PEP and anti-money-laundering checks
– Call recordings
– Tax-related data
LEGAL BASIS FOR THE PROCESSING
We need to process personal data in order to provide the services described above and to fulfil our statutory obligations.
The legals basis for processing is that it is necessary for the performance of our contract with you and to fulfil our legal obligations with regard to providing our services and products. On occasion, we rely on the legal bases of legitimate interest and consent, primarily with regard to the development of our services and products etc. and marketing.
SOURCES OF PERSONAL DATA
Our main source of personal data concerning you is you or the company, or as the case may be, any other natural person you represent. We collect the data you share with us when, for example, you complete forms, provide feedback or otherwise communicate through our digital channels. We may also collect data from third parties in order to comply with legal requirements and offer you our services. We use both public and external sources, including the Swedish State Personal Address Register (SPAR), to ensure that the personal data we have concerning you is correct.
PURPOSE OF THE PROCESSING
We process personal data concerning our clients for a number of purposes.
Investment advice, insurance distribution and portfolio management
We process personal data concerning you so that we can provide our services and products in a satisfactory and legal manner and in accordance with our undertakings to you as our client. This applies to the conclusion and performance of contracts, to the provision of the above mentioned investment services, insurance distribution and support services. We also process personal data concerning you in order to enter into, administer, perform and terminate agreements concerning external insurance. In conjunction with this, we have a legal duty to collect data concerning you as our client so that we can formulate appropriate advice and recommendations and otherwise perform our services, including documentation, follow-up and reporting.
Managing brokerage accounts and trading in financial instruments
Personal data concerning you is processed so that we can handle and store your cash and securities in your brokerage accounts, and to ensure the correct trades in your accounts, including identifying who has made decisions about and disposed of the financial instruments.
Identification and customer due diligence
We process personal data to identify you as a client, beneficial owner and representative, in order to ensure regulatory compliance when conducting and documenting customer due diligence. On occasion, we use BankID.
Documentation requirements
The purpose of processing is our legal obligation to document the advice we offer.
Meetings
We process certain personal data for administrative purposes in order to book meetings – either in person or remotely by, for example, telephone – and to market and provide our services and products.
Developing services and products, etc.
We may process your personal data for analytical and statistical purposes in order to improve our services, products, systems or other relevant areas.
Legal obligations
We process personal data concerning you in order to fulfil our legal obligations, including preventing, detecting and countering money laundering and terrorist financing, market abuse and other criminal or dishonest behaviour. Personal data are also processed to meet our legal obligations with regard to reporting to Swedish and international authorities, incident management, etc.
TRANSFER TO THIRD PARTIES
We transfer personal data to relevant government agencies such as the Swedish Financial Supervisory Authority (FI) and the Swedish Tax Agency. When necessary, we also disclose data about you to our suppliers, including our data storage provider. Your contact details may also be shared with selected partners for marketing purposes, unless you object to us doing so.
STORAGE OF PERSONAL DATA
As a general rule, we store personal data concerning you for as long as our contract with you is in effect. . In certain cases, we have a legal obligation to store data for a longer period, such as when required to do so by anti-money laundering legislation, or for as long as a claim for damages arising from the provision of investment services can be made and one year thereafter. In the latter case, this means data will be stored for 11 years after our contract expires.
We ask questions about your family circumstances in order to provide the best possible investment advice. This means that we process certain personal data concerning the family members of our clients.
CATEGORIES OF PERSONAL DATA
We process the following data:
– Personal information (name)
– Family relationships
– Financial information
LEGAL BASIS FOR THE PROCESSING
Clients are under no obligation to provide information about their family. The legal basis for processing is the performance of our contract with the client.
SOURCES OF PERSONAL DATA
We collect the data from our client.
PURPOSE OF THE PROCESSING
The purpose of the processing is to offer the best possible investment advice to our client and to comply with legal requirements regarding the documentation of our business.
TRANSFER TO THIRD PARTIES
The personal data we have concerning your family members will not be transferred to a third party.
STORAGE OF PERSONAL DATA
See the section on the storage of personal data under the heading “Investment services”.
We may enter into an agreement with you to provide legal advice on matters such as tax or family law. Within the scope of this agreement, we may draw up legal documents such as wills, cohabitation agreements, or prenuptial agreements. We can also offer other advice concerning Swedish Private law. We need to process personal data concerning you in order to offer correct advice and to draw up legal documents.
CATEGORIES OF PERSONAL DATA
We process the following data:
– Employment information
– Family relationships
– Financial information
– Personal information
– In some cases, business information and insurance information
LEGAL BASIS FOR THE PROCESSING
We need to process personal data concerning you in order to give advice on relevant areas of law, as well as to draw up any documents according to our agreement. . The legal basis for the processing is the performance of our contract with you.
SOURCES OF PERSONAL DATA
We collect the data directly from you. If you give us power of attorney to do so, we may also obtain data from government agencies and companies.
PURPOSE OF THE PROCESSING
Advice
We process the necessary personal data to be able to offer appropriate legal advice given your situation. This includes personal, financial and employment information and information about your family relationships.
Documentation
We process the same data described in the previous section to document advice and implement other measures at your request.
Booking meetings and identification
We process personal data in order to administer the booking of meetings at which we can offer you advice. Certain types of documents require certain types of signatures. To facilitate secure identification, we process certain personal data concerning you, such as your name or personal identity number, sometimes verified by BankID.
TRANSFER TO THIRD PARTIES
We disclose personal data concerning you to the Swedish Tax Agency, Swedish Financial Supervisory Authority (FI), Swedish Companies Registration Office, Lantmäteriet and any consultants. All recipients are located in Sweden or the EU/EEA.
STORAGE OF PERSONAL DATA
We store personal data for as long as necessary for the performance of our contract and for the length of time within which a claim for damages can be made, which is usually 11 years after the contract expires.
We may market our services and products to you in various ways, including mailing advertisements and newsletters, telemarketing and invitations to events. We also use cookies generated whenever you visit one of our websites. This processing is based on your consent, which can be withdrawn at any time.
CATEGORIES OF PERSONAL DATA
We may process your personal and employment information for marketing purposes. If you attend one of our events, we may also process health data concerning allergies or dietary preferences, if you provide us with such data. We will only process personal data in these categories to the extent we deem necessary for the type of marketing we conduct.
Our websites and applications use cookies. A cookie is a small text file with data about your settings and preferences that is stored in your browser when you visit the website. When we use cookies, we process data on your IP address, browsing habits and visit history. Learn more about cookies in our Cookie Policy.
LEGAL BASIS FOR THE PROCESSING
It is entirely up to you whether we use personal data concerning you for marketing purposes. If you want us to stop marketing our services and products to you, simply get in touch with us. You can find more information about how to object to our use of personal data concerning you for marketing purposes under the heading “Right to object”. You always retain the right to decide whether or not to allow our website to store cookies that are not essential to the functionality of the website in your browser.
If you choose to share information about allergies and other dietary preferences, you have the right to withdraw your consent to our processing of this data at any time. However, if you do so, we will no longer be able to accommodate any requests you may have that are related to allergies or dietary preferences.
We have a legitimate interest in marketing our services. In weighing up our respective interests, we make every effort to ensure that, as the recipient, you are not surprised or unduly disturbed by our marketing. We also have a legitimate interest in analysing data in order to improve your user experience when you visit our website.
We conduct direct marketing and profiling on the basis of your consent when accepting marketing cookies. You retain the right to withdraw your consent to marketing cookies at any time. Learn more about how to change your cookie settings under “Managing cookie settings” and in our information on cookies, which you can find here.
When you attend one of our events, and particularly when processing health data such as allergies and other dietary preferences, we obtain consent via the registration form. If you give your consent on a registration form, you retain the right to withdraw consent at any time. However, if you do withdraw your consent, we will no longer be able to accommodate any requests you may have regarding your attendance or related to health data.
SOURCES OF PERSONAL DATA
We collect data directly from you, from other companies such as your employer, and from other external providers.
PURPOSE OF THE PROCESSING
Events
We process personal data such as your contact details in order to prepare guest lists and to provide information about events we are planning and/or events you have registered to attend. We process health data such as allergies and dietary preferences if you choose to provide this information and specifically consent to our processing.
Mailshots and newsletters
We process personal information such as your name and email address in order to send you advertisements and/or newsletters. We send you advertisements and newsletters if you have chosen to subscribe via our website or if you are already a client and have not objected to us doing so.
Telemarketing
We process personal data concerning you to conduct telemarketing, so that we can contact you to market our services and products.
Contact form
We process personal data such as your name and email address in order to contact you when you have completed a contact form on our website. The purpose of the processing is to ensure that the appropriate person or department can help you with the matter in question.
Cookies
We use cookies on our website to improve your experience as a user of our website. This is achieved by following up statistics to improve the appearance, content and functionality of the website. Another purpose is to ensure that the website works as intended. Cookies are also used to analyse web traffic and to market and offer you relevant products and services through online advertising. In order to personalise marketing and offers when you visit our website, we sometimes make selections based on your previous visits to the website. This is called profiling. It means that certain visitors will see some offers that others do not.
To learn more about the use of specific cookies, please refer to our cookie information.
TRANSFER TO THIRD PARTIES
Personal data concerning you is disclosed to companies that assist us with marketing and events. Personal data may also be shared with selected partners for marketing purposes, provided that you have given your consent.
STORAGE OF PERSONAL DATA
We store personal data concerning you for as long as necessary depending on the type of marketing in question. In the case of telemarketing and contact forms, we store your personal data for no longer than six months, or until you decline further contact. In the case of events, your data will be deleted once the event has ended. When you choose to subscribe to our newsletter or other advertisements, we will retain personal data concerning you for as long as you continue to subscribe.
Please refer to our cookie policy for information on how long we store cookies.
In order to enter into an agreement with the company or organisation you represent, we need to process your personal data. We do so to take the necessary measures prior to entering into the agreement and to simplify communication with the company or organisation you represent.
CATEGORIES OF PERSONAL DATA
Employment and personal information, such as your job title, name and contact details.
LEGAL BASIS FOR PROCESSING
We process the personal data that you voluntarily supply us with.
We have a legitimate interest in processing your personal data in order to administer and fulfil our contractual obligations to the client company or organisation.
SOURCES OF PERSONAL DATA
The personal data are collected directly from you or the company or organisation you represent.
PURPOSE OF THE PROCESSING
Entering into a contract
We process employment and personal information such as your contact details and job title in order to take measures to prepare and enter into a contract with the company or organisation you represent.
Performance of contract and ongoing contact
We process employment and personal information such as your contact details and job title because processing is necessary for the performance of a contract to which the company or organisation you represent is a party. This includes maintaining regular contact with you and informing you of any news about our services and products.
TRANSFER TO THIRD PARTIES
In order to administer contracts with our clients, we disclose personal data to the companies that provide us with contract management services. Your contact details may also be shared with selected partners for marketing purposes, unless you object to us doing so. For further information, please refer to the sections on marketing and the right to object.
STORAGE OF PERSONAL DATA
We process personal data concerning you for as long as necessary with regard to the purpose of processing. If the company you represent has entered into a contract with us, we will save personal data related to the entering into and performance of the contract for at least 10 years after the contractual relationship has ceased, so that we can defend ourselves against any claims arising from the contract.
Your employer is the controller of processing of personal data. Please contact your employer for more information.
We may process personal data concerning you if you lodge a complaint with us. We may also process personal data concerning you within the scope of legal proceedings to which we are a party. The legal basis for such processing is that it is necessary for the establishment, exercise or defence of legal claims.
CATEGORIES OF PERSONAL DATA
We process the following categories of personal data:
– Employment information
– Business information
– Family relationships
– Financial information
– Insurance information
– Personal information
– PEP and anti-money-laundering checks
– Call recordings
– Tax-related data
In these categories of personal data, we only process the necessary data to deal with your complaint or for the establishment, exercise or defence of legal claims in each individual case.
LEGAL BASIS FOR THE PROCESSING
The data are required so that we can deal with your complaints or for the establishment, exercise or defence of our legal claims. We have a legal obligation to process personal data concerning you when dealing with any complaints you may make. When we process personal data concerning you in the context of legal proceedings, it is because we have a legitimate interest in doing so in order to establish, exercise or defend our legal claims.
SOURCES OF PERSONAL DATA
We collect personal data directly from you or, depending on your relationship with us, from other sources. These sources are stated under each category above.
PURPOSE OF THE PROCESSING
Complaints
We process personal data concerning you in order to deal with any complaints you might make.
Legal proceedings
We process personal data concerning you in order to establish, exercise or defend a legal claims in the event of disputes or other legal proceedings.
TRANSFER TO THIRD PARTIES
Within the scope of legal proceedings, we may disclose personal data concerning you to those involved on our behalf, such as a law firm, and to our providers of storage solutions for documents related to the case in question.
STORAGE OF PERSONAL DATA
Pursuant to the statutory requirements to which we are subject, we may store personal data for up to ten years after we receive the complaint. In the event of legal proceedings, we will store personal data for as long as necessary with regard to the circumstances of the case in question, which will usually be until a verdict has gained legal effect.
Most of the processing of personal data under our control takes place in Sweden or elsewhere within the EU/EEA. In individual cases, we may employ suppliers or subcontractors to process personal data on our behalf who are in so-called third countries (countries outside the EU/EEA), such as the United States. In such cases, we ensure that personal data concerning you is processed in accordance with the General Data Protection Regulation (GDPR), for example by ensuring that the recipient country offers an adequate level of protection or by using the EU Commission’s Standard Contractual Clauses (SCCs).
If you have given your consent, or where necessary to fulfil our legal or contractual obligations, we may use automated individual decision-making. When we make automated decisions, we will always inform you of the factors on which the decision is based and the implications of the decision for you. You always have the right to state an opinion on an automated decision, including profiling, that has legal ramifications for you or otherwise significantly affects you.
As the data subject, you have a number of rights pursuant to the GDPR that you may exercise when we process personal data concerning you. You have the right to know whether or not we are processing personal data concerning you and, if so, access to the personal data.
Your rights as the data subject are described below, along with information on how to exercise your rights.
Right to access (including the right to receive a register extract)
You have the right to obtain from us confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data being processed. This will be in the form of a register extract showing which personal data concerning you we have registered, the purposes of processing and the categories of personal data being processed. You are entitled to receive a register extract completely free of charge.
If you wish to request a register extract, please contact our data protection officer at dataskyddsombud@coeli.se.
Right to rectification
You have the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you and the right to the restriction of processing for a period enabling us to verify the accuracy of the personal data. You also have the right to have incomplete personal data completed, including by means of providing a supplementary statement.
If you believe that we are processing inaccurate personal data concerning you, you can request rectification through your contact person at Coeli or by contacting our data protection officer at dataskyddsombud@coeli.se.
Right to erasure (‘Right to be forgotten’)
Under certain circumstances, you have the right to obtain from us the erasure of personal data concerning you. You can do so if:
– the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
– you withdraw your consent on which the processing is based and there is no other legal ground for the processing;
– you object to processing based on a balance of interests and there are no overriding legitimate grounds for the processing;
– you object to processing for direct marketing purposes;
– the personal data have been unlawfully processed; or
– the personal data have to be erased for compliance with a legal obligation to which we are subject.
We are not always able to comply with a request to erase personal data. For example, we may need to retain personal data to fulfil legal requirements or contractual obligations to you.
If you would like us to erase personal data concerning you, please contact our data protection officer at dataskyddsombud@coeli.se.
Right to restriction of processing
You have the right to obtain from us the restriction of processing for a number of reasons, including if:
– you contest the accuracy of the personal data and then for a period enabling us to verify the accuracy of the personal data;
– the processing is unlawful and you oppose the erasure of the personal data and request the restriction of their use instead; or
– as the controller we no longer need the personal data for the purposes of the processing, but they are required by you for the establishment, exercise or defence of legal claims.
Where processing has been restricted, with the exception of storage, such personal data shall only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. If you are granted a restriction of the processing of personal data concerning you, we will inform you when the restriction ceases to apply.
You can request restriction of processing through your contact person at Coeli or by contacting our data protection officer at dataskyddsombud@coeli.se.
Right to object
As the data subject, you have the right to object at any time to processing of personal data the legal basis of which is a weighing up of our legitimate interests against your interests or fundamental rights and freedoms, including profiling. Only when we can demonstrate that our legitimate interests outweigh your interests may we continue processing. Otherwise, we are only permitted to process the data for the establishment, exercise or defence of legal claims. You also have the right to object at any time to processing for direct marketing purposes, including profiling in conjunction with direct marketing. If you object to processing for direct marketing purposes, we are no longer permitted to process personal data concerning you for such purposes. To object to our processing of personal data concerning you, please contact our data protection officer at dataskyddsombud@coeli.se.
Right to data portability
Under certain circumstances, you have the right to receive the personal data concerning you in a structured, commonly used and machine-readable format and the right to transmit those data to another controller without hindrance from us. This is called data portability. This right is contingent on the transfer being technically feasible and the processing being carried out by automated means. The right to data portability applies to data that you have provided to us that is being processed on the legal basis of your consent or the performance of a contract.
If you wish to exercise your right to data portability, please contact our data protection officer at dataskyddsombud@coeli.se.
The Coeli Group takes data security extremely seriously. Among other things, this means that we use robust technical solutions to protect all of our data, including firewalls and intrusion protection systems. Furthermore, we have a permissions structure that strictly limits access to personal data to staff who require the data for the performance of their duties. We also demand a high level of security from the providers who process personal data on our behalf.
If you have any questions or concerns about how the Coeli Group processes personal data that are not answered on this page, your contact person will be happy to answer them. Alternatively, you can call us on +46 (0)8 506 223 00 or email us at info@coeli.se.
The Coeli Group has appointed a data protection officer to monitor compliance with data protection regulations. You can reach the Coeli Group’s data protection officer at dataskyddsombud@coeli.se.
If you believe that our processing of personal data is in contravention of the GDPR, we ask that you first contact us through the aforementioned channels. Naturally, you also have the right to complain to the supervisory authority in your country of residence or the country in which you suspect that a data breach may have occurred.
The supervisory authority in Sweden is the Swedish Authority for Privacy Protection (IMY), which can be contacted by calling +46 (0)8 657 61 00 or emailing imy@imy.se.
This Privacy Notice applies to the services and products provided by all controllers and processes named in the first paragraph.