Privacy Policy of F & P Vermögensmanagement GmbH

F & P Vermögensmanagement GmbH, located in Munich, Germany, takes the protection of your personal data very seriously. This privacy policy explains how we collect, use, disclose, and protect your information when you interact with our online platform and financial services. We operate in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. Our BaFin-ID is 10160117.

1. Information We Collect

We collect various types of information to provide and improve our services to you.

1.1 Personal Data You Provide Directly to Us

When you engage with our services, such as applying for asset management, trading operations, or contacting us through our online forms, you may provide us with personal information. This can include:

• Identification data (e.g., name, date of birth, nationality).
• Contact information (e.g., postal address, email address).
• Financial information (e.g., bank account details, investment preferences, income, assets for financial suitability assessments).
• Details from identification documents (e.g., passport or ID card numbers for legal compliance).
• Information provided in communications with us (e.g., content of messages, inquiries, feedback).

1.2 Automatically Collected Data

When you visit our online platform, certain information is automatically collected, primarily for functional and analytical purposes. This data typically does not directly identify you but can be aggregated to improve user experience.

• Technical data (e.g., IP address, browser type and version, operating system, device type, referrer URL).
• Usage data (e.g., pages visited on our site, time spent on those pages, search queries, clickstream data).
• Cookie data and similar technologies (see Section 5 for more details).

2. Legal Basis and Purposes of Processing

We process your personal data based on specific legal grounds as outlined in the GDPR.

• Performance of a contract or for pre-contractual steps: To provide our asset management, trading, and other financial services, to manage your account, and to fulfill our contractual obligations.
• Fulfillment of legal obligations: To comply with regulatory requirements, such as anti-money laundering (AML) laws, Know Your Customer (KYC) regulations, and reporting obligations to financial authorities (e.g., BaFin).
• Legitimate interests: To operate, maintain, and improve our online platform, to enhance security, to prevent fraud, for analytical purposes, and to personalize your experience, where our interests are not overridden by your data protection rights.
• Consent: In specific cases where we require your explicit consent for processing, such as for certain marketing activities or non-essential cookies. You have the right to withdraw your consent at any time.

3. How We Use Your Information

We use the collected information for various purposes, including:

• Providing and managing our financial services.
• Processing your transactions and managing your accounts.
• Communicating with you regarding your services, inquiries, and updates.
• Complying with legal and regulatory obligations.
• Improving our online platform, services, and user experience.
• Detecting, preventing, and addressing fraud, security, or technical issues.
• Conducting analysis and research to understand market trends and client needs.
• Personalizing content and offers (where consent is given or legitimate interest applies).

4. Disclosure of Your Information

We may share your personal data with third parties only in specific circumstances and with appropriate safeguards.

• Service Providers: We engage trusted third-party service providers who assist us in operating our business, such as IT hosting, email delivery, data analytics, and customer support. These providers are contractually bound to protect your data and only process it according to our instructions.
• Regulatory Bodies and Law Enforcement: We may disclose information if required by law or in response to valid requests by public authorities (e.g., BaFin, courts, government agencies) to comply with legal obligations or to protect our rights, property, or safety.
• Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your personal data may be transferred as part of that transaction, subject to appropriate confidentiality agreements.
• Professional Advisors: We may share data with our auditors, lawyers, and other professional advisors for legal, accounting, or audit purposes.

We do not sell, rent, or trade your personal data to third parties for their marketing purposes.

5. Cookies and Similar Technologies

Our online platform uses cookies and similar tracking technologies to enhance your browsing experience, analyze site usage, and improve our services.

• Strictly necessary cookies: Essential for the operation of our online platform (e.g., enabling secure login, processing account transactions).
• Analytical/performance cookies: Allow us to recognize and count the number of visitors and see how visitors move around our online platform. This helps us to improve the way our online platform works.
• Functionality cookies: Used to recognize you when you return to our online platform, enabling us to personalize content for you.

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our online platform.

6. International Data Transfers

In some instances, your personal data may be transferred to and processed in countries outside of the European Economic Area (EEA). When this occurs, we ensure that appropriate safeguards are in place, such as EU Standard Contractual Clauses or ensuring the recipient country has been deemed to provide an adequate level of data protection by the European Commission.

7. Data Security

We implement robust technical and organizational measures to protect your personal data from unauthorized access, disclosure, alteration, and destruction. These measures include encryption, access controls, secure networks, and regular security assessments. We continuously review and update our security practices to ensure the highest level of protection.

8. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for legal, accounting, or reporting requirements. The retention period is determined by factors such as the nature of the data, the purpose of processing, and any legal obligations.

9. Your Data Protection Rights

Under the GDPR, you have the following rights regarding your personal data:

• Right of Access: You have the right to request access to the personal data we hold about you.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data under certain circumstances (e.g., if the data is no longer necessary for the purposes for which it was collected).
• Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data under certain conditions.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transmit that data to another controller.
• Right to Object: You have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground.
• Right to Withdraw Consent: Where we rely on your consent to process your personal data, you have the right to withdraw that consent at any time.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority, particularly in the Member State of your habitual residence, place of work, or place of the alleged infringement, if you believe your data protection rights have been violated.

To exercise any of these rights, please contact us using the details provided below.

10. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will notify you of any material changes by posting the updated policy on our online platform. We encourage you to review this Privacy Policy periodically.

11. Contact Us

If you have any questions about this Privacy Policy or our data protection practices, please contact us:

F & P Vermögensmanagement GmbH