back

NIDDA HEALTHCARE GMBH PRIVACY POLICY

 

This Privacy Policy was last updated on October 2020.

 

OUR COMMITMENT TO PRIVACY

 

Your privacy is important to Nidda Healthcare GmbH and our affiliates (together, 'our', 'us', 'we', 'company' or 'Nidda Healthcare').


This Privacy Policy describes how we gather and use personal data from visitors and existing or potential investors on this site. Personal data is any information that can be used to identify you as an individual. Please read this Privacy Policy carefully.


Nidda Healthcare Holding GmbH and all Nidda group companies (including Nidda Healthcare GmbH, Nidda Healthcare Holding GmbH and Nidda BondCo GmbH) will each be a data controller of any personal data collected by us. If you have any questions regarding our use of your personal data, or this Privacy Policy, please contact compliance@niddahealthcare.com.

 

We rely on various legal bases under applicable data protection legislation in order to process your personal data, including our legitimate interests, contractual necessity and as required by law. See section “Why we use your personal data” below, for further information. We use the personal data we collect to operate our business and provide you with the services (including investor services) and products we offer and perform essential business operations. We do not collect any special categories of personal data about you, nor information about criminal convictions and offences.

 

If we require your personal data due to a legal requirement or obligation or in order to perform a contract with you, we will make you aware of this at the time we collect your personal data, and the possible consequences of you failing to provide this personal data (e.g., we may require your passport details to verify your identity for the purposes of anti-money laundering regulations) and failure to provide this information means that we cannot provide our services or products to you. In this case, we may have to cancel a service or investment you have with us but we will notify you if this is the case at the time.

 

You do not need to take any action as a result of this Privacy Policy, but you do have certain rights as described below in the section headed “Your rights”.

 

HOW WE OBTAIN YOUR PERSONAL DATA


Information you provide to us

 

We collect your personal data when you decide to interact with us and we only collect the information necessary to carry out our business for the purposes set out below. You can provide us with personal data via the "Contact" details on the site including by email, post and telephone, or via the "Investor Login" page ('Investor Portal'). The personal data we collect about you includes your name, name of your employer, address, title, username,job title, position, telephone number and email address, passport information, and financial information. We may also collect information about you through automated technology, such as cookies or other online identifiers.

 

Information provided by third parties or publicly available sources

 

Personal data is also obtained from placement agents that we engage to market our applicable services.

 

WHY WE USE YOUR PERSONAL DATA

 

To the extent that you provide us with, or we otherwise collect, any personal data, through or in connection with this site, we may use such information for the below purposes and may process your personal data on more than one legal basis depending on the specific purpose:

                                   

Purpose

Legal Basis

To provide you with the services or products you have requested.

Contractual necessity

To register you as a potential investor and in order to provide access to Investor Portal.

Legitimate interest (to provide information about Nidda Healthcare GmbH for potential investors to use in order to make informed investment decisions) and legal obligation (to ensure we are able to provide investors with information required under law)

To verify your status as existing or legitimate potential investor in order to provide access to the Investor Portal.

Contractual necessity (derived from our contract with you as an Investor), legal requirement and legitimate interest

To keep a record of your relationship with us.

Legitimate interest

To conduct due diligence activities in connection with an actual or prospective corporate transaction or investment with respect to which we are party to.

Legitimate interest

Fraud and abuse prevention.

Legal requirement and legitimate interest

Litigation management and conducting internal audits and investigations.

Legal requirement and legitimate interest

To administer and protect our business and this website.

Legitimate interest

To respond to your contact requests via email, post or telephone.

Legitimate interest

 

No automated decision making, including profiling, is used when processing your personal data.

 

DISCLOSURE AND TRANSFER OF PERSONAL DATA

 

Although we do our best to protect your personal data, we cannot guarantee the security of any information or data transmitted to or through our site; any transmission of information or data by you to or through this site is at your sole risk.

 

Your personal data will be shared with and processed by our affiliates and certain service providers as necessary to fulfil the purposes set out in this Privacy Policy, including consultants, agents, contractors and data hosting providers and in some instances, placements agents and other fund administrators. We make sure anyone who provides a service to, or for us, enters into an agreement with us and meets our standards for data security. We may also share your personal data with regulatory authorities. To the extent your personal data is transferred to countries outside of the European Economic Area, such transfers will only be made in accordance with applicable data privacy laws. For further information about the safeguards used, please contact compliance@niddahealthcare.com.

 

We reserve the right to disclose your personal data as required by law, or when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, request from a regulator, national security, for the purposes of public importance or any other legal or investigatory process involving us. Should we, or any of our affiliated entities, be the subject of a takeover, divestment or acquisition we may disclose your personal data to the new owner of the relevant business and their advisors.

 

SECURITY AND RETENTION OF PERSONAL DATA

 

We are committed to protecting the personal data you entrust to us. We adopt robust and appropriate technologies and policies, so the information we have about you is protected to the extent possible from unauthorized access and improper use. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and they are subject to a duty of confidentiality. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

We will keep your personal data only for as long as is reasonably necess the purposes set out in this Privacy Policy, unless a longer retention period is required by law. We will not keep more information than we need for those purposes. For further information about how long we will keep your personal data, please contact compliance@niddahealthcare.com.

 

CAPACITY

 

This site is only intended for individuals who are at least 13 years of age. We do not knowingly encourage or solicit visitors to this site who are under the age of 13 or knowingly collect personal data from anyone under the age of 13 without parental consent. If we learn we have collected or received personal data from an individual under the age of 13, we will delete that information.

 

COOKIES

 

Information regarding how you access this site (e.g., browser type, access times, and Internet Protocol (IP) address) and your hardware and software is automatically collected through the use of cookies (a small text file placed on your hard drive) or other technologies or tools. This information is used to improve website performance and for our business purposes. Where cookies are not necessary for us to provide the products or services you have requested or for the functioning of this site, we will ask you to consent to their use. You may opt-in to accept cookies automatically by changing the settings on your browser. If you opt-out of certain cookies, you may not be able to access certain parts of this site.

On the Investor Portal we use the cookies listed below.

Name

Type

Purpose

Expiry

IRPages2_Session

Necessary

Cookie used to identify a session instance for the user.

Session

EquityStory

Necessary

Cookie only collects a session ID to ensure an equal distribution of all requests via our server. Valid until the end of the browser session.

Session

 

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

You may wish to visit www.aboutcookies.org, which contains comprehensive information about types of cookies, how they are used, and how you manage your cookie preferences.

 

YOUR RIGHTS

 

You have the right to access the personal data we hold about you, and there are a number of ways you can control the way in which and what information we store and process about you. To exercise these rights and controls, please contact compliance@niddahealthcare.com.

  • Access: You have the right to ask for a copy of the personal data that we hold about you free of charge, however we may charge a 'reasonable fee', if we think that your request is excessive, to help us cover the costs of locating the information you have requested.
  • Correction: You may notify us of changes to your personal data if it is inaccurate or it needs to be updated.
  • Deletion: If you think that we shouldn't be holding or processing your personal data any more, you may request that we delete it. Please note that this may not always be possible due to legal obligations.
  • Restrictions on use: You may request that we stop processing your personal data (other than storing it), if: (i) you contest the accuracy of it (until the accuracy is verified); (ii) you believe the processing is against the law; (iii) you believe that we no longer need your data for the purposes for which it was collected, but you still need your data to establish or defend a legal claim; or (iv) you object to the processing and we are verifying whether our legitimate grounds to process your personal data override your own rights.
  • Object: You have the right to object to processing, including: (i) for direct marketing; (ii) for research or statistical purposes; or (iii) where processing is based on legitimate interests.
  • Portability: If you wish to transfer your personal data to another organization (and certain conditions are satisfied), you may ask us to do so, and we will send it directly if we have the technical means.
  • Withdrawal of consent: If you previously gave us your consent (by a clear affirmative action) to allow us to process your personal data for a particular purpose, but you no longer wish to consent to us doing so, you can contact us to let us know that you withdraw that consent.

 

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

 

NOTIFICATION OF CHANGES


We reserve the right to amend this Privacy Policy from time to time by updating this Privacy Policy. If we decide to change our Privacy Policy, we will post those changes so our users are always aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it. If at any point we decide to collect personal data or use any collected information in a manner different from that stated at the time it was collected, we will notify applicable users. We will use information only in accordance with the Privacy Policy under which the information was collected.

  

CONTACT US

 

If you have any questions or concerns about this Privacy Policy, please contact compliance@niddahealthcare.com.

 

COMPLAINTS

 

Furthermore, you have the right to complain to the data protection supervisory authority regarding our processing of your personal data. The relevant supervisory authority responsible for us is:


Der Hessische Beauftragte für Datenschutz und Informationsfreiheit
Postfach 3163
65021 Wiesbaden

Telefon: +49 611 1408–0

E-Mail: poststelle@datenschutz.hessen.de