You have provided or may need to provide Personal Data to us by virtue of using the Moonfare platform available at https://www.moonfare.com or any of its subdomains (the “Site”), including by simply viewing content on it. The Site is part of your agreement with Moonfare GmbH and, as applicable, Moonfare Asia Ltd. (collectively, “Moonfare”) as well as any fund vehicle (each, a “Fund”) you may choose to invest in via the Site.
We want you to understand how and why we use, store and otherwise process your Personal Data when you interact with us or our relevant affiliates.
This Data Privacy Notice applies to you to the extent that EU and/or Hong Kong data protection legislation applies to our processing of your Personal Data or to the extent you are a resident of the EEA. If this Data Privacy Notice applies to you, you have certain rights with respect to your Personal Data which are contained in this Data Privacy Notice.
“Personal Data” has the meaning given in the EU and/or Hong Kong data protection legislation, as the context may require, and includes any information relating to an identifiable individual (such as name, address, date of birth or economic information).
This privacy statement is made on behalf of Moonfare. Moonfare is committed to protecting and respecting your privacy.
Where we use the terms “we“, “us” and “our” in this Data Privacy Notice, we are referring to Moonfare.
When you provide (or have provided) us with your Personal Data, Moonfare acts as:
In simple terms, this means that:
The types of Personal Data we process, hold and share depends on the product or service you have with us and the nature of your investment. This can include or be related to:
The Personal Data collected about you will help us provide you with a better service and facilitate our business relationship.
We collect, and have collected, Personal Data about you from a number of sources, including from you directly:
Personal Data that you give us:
Personal Data we obtain from others:
We may process or use your Personal Data for the following reasons or purposes:
It is necessary to take steps at your request prior to entering into a contract and to perform our contractual obligations with you to:
2. Compliance with law
It is necessary for compliance with an applicable legal or regulatory obligation to which we are subject to:
3. Our legitimate interest
For our legitimate interests or those of a third party to:
In any case, our legitimate interest remains proportionate and we verify according to a balancing test that your interests or fundamental rights are preserved. Should you wish to obtain more information about such balancing test, please contact us using the contact details provided in paragraph 17 below.
4. Your consent
We rely on explicit consent to enhance your user experience on the Site to:
Monitoring as described at (3) above
We monitor communications where the law requires us to do so. We will also monitor where we are required to do so to comply with our regulatory rules and practices and, where we are permitted to do so, to protect our business and the security of our systems.
Your Personal Data will be shared with:
1. Moonfare fund operations, legal & compliance, finance, and account services teams
We share your Personal Data with certain Moonfare team members and related parties. This is for:
2. Administrator, Fund Manager, Investment Advisor, Professional partners such as private banks or family offices of whom you may be a client
3. Tax authorities and local regulators
4. Service providers
5. Our lawyers, auditors and other professional advisors
In exceptional circumstances, we will share some or all of your Personal Data with:
Where we collect Personal Data from you, we will indicate if:
Unless otherwise indicated, you should assume that we require the Personal Data for business and/or compliance purposes.
Some of the Personal Data we request, or have requested, is necessary for us to perform our contract with you and if you do not wish to provide us with this Personal Data, it will affect our ability to provide our services to you and manage your investment.
We intend to use your Personal Data in direct marketing, however we may not do so unless we have received your consent (which includes an indication of no objection) for such purposes. In this respect, please note that:
(i) your name, contact details, product information, financial background, and demographic data held by us may be used by us in direct marketing from time to time;
(ii) the following classes of services, products and subjects may be marketed: financial, investment, and related services and products;
(iii) the above services, products, and subjects may be provided by or solicited by Moonfare and/or third party financial institutions with whom Moonfare contracts such as banks, securities contractors, and investment contractors;
(iv) in addition to marketing the above services, products and subjects itself, we also intend to provide the data described in (i) above to all or any of the persons described in paragraph (iii) above for use by them in marketing those services, products and subjects, and we require your written consent (which includes an indication of no objection) for that purpose;
(v) in connection with (iv) above, we may receive money or other property in return for providing the data to the persons described in (iii) above for use by them in direct marketing (including revenue / benefit sharing arrangements between us and such persons).
If you do not wish Moonfare to use or provide to other persons your Personal Data for use in direct marketing as described above, you may exercise your right to opt-out, without charge, by notifying us through the contact information provided in paragraph 17 below.
We will transfer your Personal Data to our group members, members of Moonfare’s partnership and related parties, and to third party service providers outside of the EEA or outside of Hong Kong, which may not have similarly strict data protection and privacy laws.
Where we transfer Personal Data to other members of our group, or our service providers, we have put in place data transfer agreements and safeguards using European Commission approved terms.
Please contact us if you would like to know more about these agreements or receive a copy of them. Please see below for our contact details.
With the exception of the limited instances described above, we do not generally rely on obtaining your consent to process your Personal Data.
If we do, you have the right to withdraw this consent at any time.
Please contact us or send us an email at [email protected] at any time if you wish to do so.
We keep your Personal Data for as long as it is required by us for our legitimate business purposes, to perform our contractual obligations, or where such longer period as is required by law or regulatory obligations which apply to us.
As a general principle, we do not retain your Personal Data for longer than we need it.
We will usually delete your Personal Data (at the latest) after you cease to be an investor in any Fund and there is no longer any legal or regulatory requirement or business purpose for retaining your Personal Data.
We will not take decisions producing legal effects concerning you, or otherwise significantly affecting you, based solely on automated processing of Personal Data, unless we have considered the proposed processing in a particular case and concluded in writing that it meets the requirements of EU data protection legislation and other applicable laws.
You have certain data protection rights, including:
If you have a relationship with Moonfare GmbH, from 25 May 2018, you also have the right in some circumstances to request for us to “port” your Personal Data in respect of such relationship in a portable, re-usable format to other organisations (where this is possible).
You furthermore have the right to lodge a complaint with a supervisory authority.
If you are located in the EU we would also like to explicitly note your right to object to processing of your Personal Data, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on Article 6 para 1e GDPR (data processing in the public interest) and Art. 6 para 1f GDPR (data processing based on balancing of interests) according to Art 21 GDPR.
Please contact us through the methods outlined in “16. Contact us” below in relation to the requests above.
By using the website, you’re agreeing to our data collection policy as described below. If you want to update your preferences, you can do so by clicking “Website Data Collection Preferences” at the bottom of this page.
How do we collect data on our website?
Cookies are small text files that store Internet settings from the websites you visit. They are widely used to make website features work, operate more efficiently, or improve your experience on the site. Cookies are also used to remember your preferences or personalize the content so that it is more relevant to you.
The table below outlines how we use this data by category.
Personal Data is collected for the following purposes and using the following services:
Analytics services enable the Owner to monitor and analyze web traffic and can be used to keep track of User behavior. These services include:
Heat Mapping and Session Recording:
Heat mapping services are used to display the areas of a page where Users most frequently move the mouse or click. This shows where the points of interest are. These services make it possible to monitor and analyze web traffic and keep track of User behavior. These services may record sessions and make them available for later visual playback. These services include:
Interaction with Online Survey Platforms:
This type of service allows Users to interact with third-party online survey platforms directly from the pages of moonfare.com. If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service. These services include:
Platform Services and Hosting:
These services have the purpose of hosting and running key components of moonfare.com, therefore allowing the provision of moonfare.com from within a unified platform. Such platforms provide a wide range of tools to the Owner – e.g. analytics, user registration, commenting, database management, e-commerce, payment processing – that imply the collection and handling of Personal Data. Some of these services work through geographically distributed servers, making it difficult to determine the actual location where the Personal Data are stored. These services include:
This type of service helps the Owner to manage the tags or scripts needed on moonfare.com in a centralized fashion. This results in the Users’ Data flowing through these services, potentially resulting in the retention of this Data. These services include:
Displaying Content from External Platforms:
This type of service allows you to view content hosted on external platforms directly from the pages of moonfare.com and interact with them. This type of service might still collect web traffic data for the pages where the service is installed, even when Users do not use it. These services include:
Interaction with Data Collection Platforms and Other Third Parties:
This type of service allows Users to interact with data collection platforms or other services directly from the pages of moonfare.com for the purpose of saving and reusing data. If one of these services is installed, it may collect browsing and Usage Data in the pages where it is installed, even if the Users do not actively use the service. These services include:
Managing Data Collection and Online Surveys:
This type of service allows moonfare.com to manage the creation, deployment, administration, distribution and analysis of online forms and surveys in order to collect, save and reuse Data from any responding Users. The Personal Data collected depend on the information asked and provided by the Users in the corresponding online form. These services may be integrated with a wide range of third-party services to enable the Owner to take subsequent steps with the Data processed – e.g. managing contacts, sending messages, analytics, advertising and payment processing. These services include:
Registration and Authentication:
By registering or authenticating, Users allow moonfare.com to identify them and give them access to dedicated services. Depending on what is described below, third parties may provide registration and authentication services. In this case, moonfare.com will be able to access some Data, stored by these third-party services, for registration or identification purposes. Some of the services listed below may also collect Personal Data for targeting and profiling purposes; to find out more, please refer to the description of each service. These services include:
User Database Management:
This type of service allows the Owner to build user profiles by starting from an email address, a personal name, or other information that the User provides to moonfare.com, as well as to track User activities through analytics features. This Personal Data may also be matched with publicly available information about the User (such as social networks’ profiles) and used to build private profiles that the Owner can display and use for improving moonfare.com. Some of these services may also enable the sending of timed messages to the User, such as emails based on specific actions performed on moonfare.com. These services include:
Communication with Users:
These types of services allow the Owner to schedule online meetings with Users and conduct audio/video conferences for customer interviews, which may be recorded. These services include:
Prevention of Spam:
We use Google reCAPTCHA from Google Inc. (1600 Amphitheater Parkway Mountain View, CA 94043, USA) to prevent spam. The legal basis for use is Article 6 (1) f (lawfulness of processing), as there is a legitimate interest in protecting this website from bots and spam. reCAPTCHA is a free service that protects websites against spam and abuse. It uses advanced risk analysis techniques to keep people and bots apart. By using reCAPTCHA, data will be transmitted to Google using Google to determine whether the visitor is human or spam. To see what data Google collects and what this data is used for, visit https://policies.google.com/privacy?hl=en.
Google’s Terms of Service and Products can be found at https://policies.google.com/?hl=en.
Okta Multi-factor Authentication:
We take your concerns very seriously. We encourage you to bring it to our attention if you have any concerns about our processing your Personal Data.
This Data Privacy Notice was drafted with simplicity and clarity in mind. We are, of course, happy to provide any further information or explanation needed. Our contact details are below.
If you want to make a complaint, you can also contact the body regulating data protection in your country, where you live or work, or the location where the data protection issue arose. A list of the EU data protection authorities is available by clicking this link: http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.
Please contact us if you have any questions about this Data Privacy Notice or the Personal Data we hold about you.
Contact us by email at [email protected]
Contact us in writing using this address:
℅ Asmus Eggert, Data Protection Officer
We keep this Data Privacy Notice under regular review.
THIS DATA PRIVACY NOTICE WAS LAST UPDATED ON 11 AUGUST 2020.