Introduction

It is important to us in Selected Car Investment Management that you as an individual feel secure about our processing of the personal data that come into our possession when you do business with us. This Privacy Policy is a supplement to, but does not replace, other policies or terms and conditions established between us.

We take data protection very seriously, and if you have any questions about this policy or if you need answers to a particular question or topic in this connection

We are the data controller of your personal data

Selected Car Investment Management ApS (SCIM) is responsible for protecting, processing and storing the personal data that you submit to us or that are collected by us. We are responsible for your personal data in accordance with the Danish Data Protection Act and the EU’s General Data Protection Regulation (‘GDPR’).

Our contact details are

Selected Car Investment Management ApS
CVR no. 40444246
Stengårdvej 17
DK-5500 Middelfart
Email: [email protected]

We process and store your data

The data we obtain and collect about you are stored within the European Economic Area (‘EEA’), but the data may also be transferred to and processed in a country outside the EEA. Any such transfer of your personal data will be done in accordance with GDPR.

SCIM only transfers personal data to third countries (outside the EEA) if certain conditions have been met. For example, a transfer can only take place if the EU Commission has decided that the third country in question ensures adequate safeguards or has provided the necessary guarantees, for example by concluding an agreement that comprises the EU standard contractual clauses with the recipient of the personal data.

We usually store your personal data for five years after the financial year in which your agreement has expired.  In some cases, there is no legal basis for storing data for five years and, in such case, we will not store your data for longer than necessary in relation to the purposes of the processing.  If you do not enter into an agreement with us, we will not store your data unless there is an express legal basis for this in other legislation.

Processing of your personal data

SCIM collects and processes your personal data. The data we collect and process in a given situation vary, but the personal data may comprise the following:

Your personal details, including name, address, telephone number, civil registration (CPR) number and email address.
Photo and address ID in the form of, for example, health insurance card, driving licence and/or passport.
Referencing of PEP lists (are you a politically exposed person or a close relative?).
Referencing of international sanctions lists.
Personal data sent to us in chats and/or emails in which we have a legitimate interest for the purpose of maintaining our relationship with you as a customer.
Registration data in connection with customer events.
Images from customer events.
Video footage from our video surveillance of Selected Car Group’s subsidiaries’ premises and access roads, facades and outdoor areas, including lattice gates and parking areas. Selected Car Group’s subsidiaries have multiple locations, including Selected Car Leasing’s and Selected Car Investment’s addresses in Middelfart, Køge, Silkeborg and other locations.
Ownership of companies.
The data may be combined and together constitute a processing activity.

Where do your personal data come from?

In many cases, personal data are provided by yourself, but they may also be collected via various technologies, channels and platforms, such as referencing of the Danish CVR Register and other public registers as well as the data you have given us through Penneo KYC, including referencing of the Danish PEP list and international sanctions lists.

The data may be combined and together constitute a processing activity.

The data collected via cookies from our website are processed in accordance with our Cookie Policy.

Purpose

We process your personal data for the following purposes:
Conclusion and ongoing administration of agreements on pool investment agreements for classic cars, including call-up of new capital during the term of the agreement and/or the termination of pool investment agreements.
Compliance with the Danish Anti-Money Laundering Act (Hvidvaskloven).
Compliance with the Danish Bookkeeping Act (Bogføringsloven)
Compliance with the Danish AIFM Act (FAIF-loven).

Video surveillance is performed and recorded for insurance purposes, to prevent criminal acts and for investigation purposes. The surveillance is performed in compliance with the rules in the Danish CCTV Surveillance Act (TV-overvågningsloven)

Marketing purposes, if you have granted us permission

The legal basis for our processing of your personal data follows from the legitimate interests pursued by us in connection with the processing and based on the trade(s) concluded between us and/or the interests you have disclosed to us, which may form the basis of a future trade.

In addition to the explicit legal basis, see Article 6(1)(c) of GDPR, we may also process your personal data on the basis of the contract performance rule in Article 6(1)(b) of GDPR, the consent rule in Article 6(1)(a) and/or the weighing of interests rule in Article 6(1)(f) of GDPR.

Principles

The processing of personal data in SCI complies with the following principles:

Our processing of personal data is always done in a lawful, reasonable and transparent manner in relation to the data subject.
We only collect personal data for specified, explicit and legitimate purposes.
We only process sufficient and relevant personal data to the extent necessary in relation to the purposes for which the data are processed.
We make sure that the personal data are accurate and up to date. Inaccurate personal data will be erased or rectified without undue delay.
We erase personal data that are no longer necessary for the purposes for which the data were processed.
We do not store your personal data for longer than necessary for the purposes for which the data were processed.
We process personal data in a manner that ensures adequate protection thereof.

Your rights

According to the General Data Protection Regulation, you have a number of rights in relation to our processing of data about you.  You must contact us if you want to exercise your rights.

Your rights are:

Right of access (right to see data). You have a right of access to the data that we process about you as well as to a number of other data.
Right to rectification (correction). You have the right to have inaccurate data about you rectified.
Right to erasure. In special cases, you have the right to have data about you erased before the time at which our ordinary general erasure occurs.
Right to restriction of processing. In certain cases, you have the right to have the processing of your personal data restricted. If you have the right to have the processing restricted, we may in future only process such data – with the exception of storage – with your consent, or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest.
Right to object. In certain cases, you have the right to object to our otherwise lawful processing of your personal data. You may also object to the processing of your data for direct marketing purposes.
Right not to be subject to decisions based on automated processing. SCI does not use automated decisions.
Right to data portability (transmission of data). In certain cases, you have the right to receive your personal data in a structured, commonly used and machine-readable format and to have such personal data transmitted from one data controller to another without hindrance.

You can read more about your rights in the Danish Data Protection Agency’s guidance on the rights of data subjects, which you can find on www.datatilsynet.dk.

Complaint to the Danish Data Protection Agency

You have a right to lodge a complaint with the Danish Data Protection Agency if you are dissatisfied with the way in which we process your personal data. You can find information on how to lodge a complaint on www.datatilsynet.dk. You can also contact the Agency by letter or email. The Danish Data Protection Agency’s contact details are:

Datatilsynet
Carl Jakobsensvej 35
DK-2500 Valby
Email: [email protected]