Updated: 8 Jan, 2025

Privacy Policy

JCE respects your privacy and is committed to protecting your personal data. Processing of personal data is done in accordance with the EU General Data Protection Regulation (GDPR), which took effect on 25 May 2018, and other applicable data protection laws. This Privacy Policy will inform you as to how JCE collect and use your personal data. The information below also describes your rights and how you can enforce them.

About JCE

JCE is the common denomination for the group of companies comprised of JCE Group Aktiebolag and JCE Asset Management AB.

Information which is collected by JCE will be the responsibility of JCE Group Aktiebolag, reg.no. 556240-1553, with address P.O. Box 53230, 400 16 Göteborg, Sweden, who will act as a data controller in relation to your personal data. If necessary, we will provide you with further information about the applicable data controller.

This Privacy Policy is issued by JCE Group Aktiebolag for and on behalf of JCE.

What personal data does JCE process?

Personal data means any information about an individual from which that person can be identified. It does not include anonymous information, namely information which does not relate to an identified person.

JCE may collect, use, store and transfer different kinds of personal data about you, including:

  • Identity data, which can include name, gender, nationality and date of birth (for example, passport, national ID card, driver’s license);
  • Contact data, which can include address, email address, telephone numbers and copies of proof of address documentation.
  • Transaction data, which can include details about payments, transaction history, investment activity, including ownership percentage.

Sensitive personal data is afforded special protection and may not be processed by JCE except under special circumstances. For example, sensitive personal data may be processed in order for JCE to fulfil its obligations under employment law, to assess the working capacity of an employee, or where the data subject has given explicit consent for their sensitive personal data to be used for one or more specific purposes.

How does JCE process personal data?

JCE process personal data to conduct its business and maintain contacts with its business contacts, partners and suppliers. Certain personal data is processed to manage JCE’s investments in other companies, for corporate governance, nomination and other appointment purposes, and to enable statistics, review and archiving. Personal data may also be used to distribute press releases, financial reports, invitations to events etc.

JCE process personal data in a number of different situations in connection to its business operations, including:

  • Portfolio company management: JCE can process personal data in its daily operations of managing portfolio companies. This can include portfolio company executives, key personnel and employees. In this regard, daily operations can include setting up management incentive programs, salary management, containing personal data on employees’ salaries, etc.
  • Target company due diligence: JCE can process personal data when conducting due diligence on potential target companies. This includes, foremost, personal data regarding target company executives and key personnel and target company employees. Additionally, JCE can process personal data when targeting add-on acquisitions to preexisting portfolio companies.
  • JCE HR: JCE processes personal data concerning relevant persons and recruitment candidates.

JCE does not engage in direct marketing, profiling or automated decision-making.

How does JCE collect personal data?

JCE uses different methods to collect personal data, including:

Personal data that is provided directly to JCE
JCE may collect personal data from professional contacts with prospective investors, intermediaries and other business partners for the purposes of establishing a business relationship in respect of entering into contractional relationships, and/or to otherwise satisfy our legal or regulatory obligations.

Personal data obtained from third parties
Personal data may also be obtained from other sources, such as publicly available registers, among other things, in relation to JCE’s investments in companies or corporate governance, nomination or other appointment processes. In addition, JCE may receive personal data in connection with legal requirements that are applicable to JCE, or from third parties in connection with JCE’s operations.

When visiting JCE’s website, no personal data is collected via cookies.

Who has access to your personal data?

We have taken suitable technical and organisational security measures to protect your personal data from loss and unauthorised access, among other things. The number of persons who have access to your personal data is limited. Only persons within JCE who need to process your personal data in accordance with this policy have access to personal data.

However, JCE may share personal data with our third-party partners who perform services on our behalf. More information is found under Data Transfers.

On what legal basis is your personal data processed?

JCE may only process personal data when a specific legal ground permits such processing. JCE only processes personal data if one of the following legal grounds applies:

  • Legal obligation
  • Performance of contract
  • Legitimate interest
  • Consent
  • Vital interest
  • Public interest

When sensitive personal data is processed for any reason, higher levels of data protection should be afforded and, in some cases, a data protection impact assessment must be conducted.

JCE must not process any criminal offence data except when permitted or required by applicable laws and regulations. Even if there is a valid legal ground to process personal data, JCE must first conduct a data protection impact assessment if it is about to engage in data processing activities that are likely to result in a high risk to the rights of freedoms of individuals.

Legal basis for JCE’s processing
Typically, JCE will use your personal data in the following circumstances, for the following purposes and pursuant to the following legal bases:

where it is necessary for the performance of a contract to which you are party, or to comply with a request you have made prior to entering into a contract, and for compliance with legal obligations

  • to facilitate hiring processes, manage employment, and ensure compliance with legal obligations;
  • to manage and administer investor’s commitments and/or interests and any related accounts, and ensure compliance with legal obligations;
  • in daily operations of managing portfolio companies.

where it is necessary for the performance of a contract to which you are party, or comply with a request you have made prior to entering into a contract, and for JCE’s legitimate interests (or those of a third party) and your interests and fundamental rights do not override those interests:

  • to conduct due diligence on potential target companies;
  • to engage and manage external consultants and advisors.

If JCE requires your personal data due to a legal requirement or obligation, or in order to perform a contract with you, the company or organization that you represent, then failure to provide this information might mean that JCE cannot provide its services. In this case, JCE may have to cancel a service you have with us, but we will notify you if this is the case at the time.

Data transfers

JCE do not sell any personal data to third parties. JCE may exchange or transfer personal data to a third party that will have the role of a processor. Processors include JCE’s third-party service providers as well as group and portfolio companies. Whenever JCE exchanges or transfers personal data to such third party, this must be subject to a data processing agreement containing necessary terms and conditions. The processor may only process personal data on behalf of JCE according to the instructions laid out in the data processing agreement.

In addition, JCE may exchange or transfer personal data to a country outside the EU/EEA. JCE uses safeguards to ensure that personal data is treated appropriately where it is transferred to countries outside the EU/EEA. Such safeguards may include the use of standard contractual clauses approved by the European Commission.

For information on the safeguards applied to such transfers, please contact us.

Data security

JCE have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. JCE has established internal guidelines for IT security, data protection and information security, as well as non-disclosure agreements when necessary.

How long do JCE save your data

JCE save and process your personal data as long as it is necessary to initiate, maintain or manage a professional relationship with you, the company or organization that you represent. JCE save personal data in accordance with our regulatory obligations or as long as it is necessary to fulfil the purpose of the processing.

JCE may also store that data for as long as necessary in order to comply with our legal compliance, contractual or other regulatory obligations or in connection with the establishment, enforcement or defense of any legal claims.

Your rights

The right you have, as a data subject, are described below.

  • You have the right to request information about what personal data we process or have access to (right to access). In order to ensure we provide the data to the correct person you must identify yourself when requesting an extract from our register.
  • JCE is obliged to have correct and updated personal data about you. If your personal data is incorrect, you can request rectification or supplementation thereof (right to rectification). You also have the right to request that we limit the processing of your personal data e.g., if you contest the accuracy or legitimate interest of the processing of certain personal data (right to restriction).
  • Under certain conditions, you may request that data about you is erased when it is no longer necessary for the purpose for which it was collected (right to erasure). JCE removes information about you when it is no longer needed but you may be required by other legislation to store data about you in order to comply with statutory requirements.
  • You have the right to object to the processing of personal data based on legitimate interest. You also have the right to object to direct marketing (right to object).
  • If you have given your consent or if we base the processing on performance of a contract with you, you have the right, under certain circumstances, to obtain the personal data that you have provided us. This will be provided to you in a structured, widely used, and machine-readable format and you have the right to transfer it to another controller or to have our help to transfer the data to another controller when technically possible (right to data portability).

You may exercise your rights by contacting us.

Complaints

You have the right to make a complaint at any time to the Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten), which is the competent authority in Sweden, further instructions for this can be found on their website.

Contact details

Our contact details can be found here.

This policy is subject to regular review and JCE reserves the right to amend the notice from time to time. Should any part of the notice prove to be in violation of applicable regulations, non-applicable or impossible to implement for any other reason, the remaining parts should not be affected thereby.

JCE Group Aktiebolag,
December 2024

 

@JCE Alla rättigheter förbehållna