XYQ Luxco S.à r.l

Privacy Notice

XYQ Luxco S.à r.l – Privacy Notice
XYQ Luxco S.à r.l – Privacy Notice

This privacy notice informs you about the processing of your personal data (i.e. data by which you may be directly or indirectly identified) in relation to loans that the Company (as defined below) acquired by the company under the corporate name Frontier Issuer DAC in accordance with the provisions of Greek law 5072/2023 as well as of your rights in accordance with applicable data protection law (the Privacy Notice). It applies to borrowers (being individuals) and individuals related to borrowers (such as beneficial owners, shareholders, representatives, contact persons, etc.). Borrowers are defined as individuals or corporates who have subscribed to mortgage loans and or ancillary security with the Company (as defined below).

 

  1. Data controller

The data controller is XYQ Luxco S.à r.l., a limited liability company incorporated and operating under the laws of Luxembourg, with registration number B213945 whose registered office is at 47, avenue John F. Kennedy L-1855, Luxembourg (the Company).

If borrowers or individuals have any questions or comments or want to exercise their rights, they may contact via email at [email protected] or send a letter at 27 Kyprou and Archimidous Streets, 18346, Moschato, Greece

In addition, other entities involved in the management of residential mortgage loans secured on real property and other ancillary security may process Personal Data in their capacity as independent data controllers (for instance the servicer who manages the relationship with you on a daily basis). These processing activities are done under the sole responsibility of these independent data controllers and are governed by separate privacy notices.

 

  1. Personal data being processed

Information provided to us:

  • Identification data such as first name, last name, business telephone, e-mail address;
  • Personal characteristics such as nationality, date and place of birth and information on identification documents;
  • Government issued identifiers such as passport, identification card, tax identification number, national insurance number;
  • Financial information such as bank details;
  • Tax information such as tax domicile and other tax-related documents and information;
  • Information on the origin of funds and assets and securities; and
  • Financial situation information, including past history of their loans, creditworthiness and solvency data; and
  • Medical history (in the event the Borrower wants to evoke a hardship or similar clause).

    • (the ”Personal Data”).

 

  1. Purposes for which Personal Data is being processed

To process your Personal Data we need to rely on a lawful basis. For each lawful basis listed below, we describe the purposes of our processes as well as the categories of Personal Data used.

Why and how we process your personal data Categories of personal data used

If you are an individual being a Borrower, for the purposes of entering into or performing a contract with you.

We process your data:

  • for the purpose of the provision of Borrower-related services including mortgage administration,
  • for administering and managing the loan, including where necessary to take steps to recover the debts ;
  • to establish with you the necessary communications for the management of recovery actions.
  1. Identification data
  2. Financial information
  3. Information on the origin of funds and assets and securities
  4. Financial situation information
  5. Personal characteristics
  6. Government issued identities
  7. Tax information
  8. Medical history

For compliance with legal and regulatory obligations.

We process your data for compliance with:

  • the applicable legislation on Know-Your-Customer (KYC) ;
  • Anti-Money Laundering and Combating the Financing of Terrorism (AML/CFT) ;
  • accounting obligations ;
  • requests from, and requirements of, local or foreign regulatory or law enforcement authorities, tax identification and, as the case may be, reporting, notably the automatic exchange of financial account information (commonly referred to as the “Common Reporting Standard” or CRS), the act of 24 July 2015 approving the Agreement between the Grand Duchy of Luxembourg and the Government of US in view to improve international tax compliance and relating to the dispositions of the United States of America concerning the exchange of information commonly called the FATCA, and any other automatic exchange of information (AEI) regimes to which we may be subject from time to time.
  1. Identification data
  2. Personal characteristics
  3. Government issued identifiers
  4. Financial information
  5. Tax information

Based on consent:

We process your data:

  • for the purpose of receiving marketing materials (about products and services of the group of companies to which the Company belongs or those of its commercial partners) ;
  • for processing relating to sensitive data (notably medical history in the event the Borrower wants to evoke a hardship or similar clause).
  1. Identification data
  2. Personal characteristics
  3. Medical history

We may also process your Personal Data for the Company’s legitimate interests, which are further specified below:

Why and how we process your personal data Legitimate interests relied on Categories of personal data used

We may share your personal data with others including law enforcement authorities and to respond to legal requests.

We may also notice and/or report any illegal behaviour.

 It is in our interest to prevent and address fraud or any illegal activity and to manage our risks.
  1. Identification data
  2. Personal characteristics
  3. Financial information
  4. Information on the origin of funds and assets and securities
  5. Financial situation information
For the evaluation of the Borrower’s financial needs and the monitoring of the Borrower’s financial situation including assessing its creditworthiness and solvency. It is in our interest and in the interest of the Borrower to provide personalised / tailored services.
  1. Identification data
  2. Financial information
  3. Tax information
  4. Information on the origin of funds and assets and securities
  5. Financial situation information
To manage litigation and to the extent required for the exercise or defence of legal claims or for the protection of the rights of another natural or legal person, as long as your interests, fundamental rights and freedoms are not overridden.

It is in our interest to prevent and address fraud or any illegal activity.

It is in our interest to seek legal advice and to protect ourselves including as part of investigations, litigation or other disputes.
  1. Identification data
  2. Personal characteristics
  3. Government issued identifiers
  4. Financial information
  5. Information on the origin of funds and assets and securities
  6. Financial situation information

If Personal Data was provided to the Company by the Borrower (especially where the Borrower is a legal entity), the Company may also process Personal Data relating to Borrower-related individuals in its legitimate interest for the purpose of the provision of Borrower-related services including mortgage administration, purpose of management and claim of payment of debts, as well as to establish with you the necessary communications for the management of recovery actions of the same, by any means.

 It is in our interest and in the interest of Borrowers to provide the requested services and improve them.
  1. Identification data
  2. Personal characteristics
  3. Government issued identification
  4. Financial information
  5. Tax information
  6. Information on the origin of funds and assets and securities
  7. Financial situation information
  8. Medical history
In the context of corporate reorganisation, transfer, divestment, merger or acquisition. It is in our interest to manage transactions related to any corporate reorganisation.
  1. Identification data
  2. Personal characteristics
  3. Government issued identifiers
  4. Financial information
  5. Information on the origin of funds and assets and securities
  6. Financial situation information

 

  1. Obligation to provide the Personal Data

The Personal Data that is required for the performance of the contract with the Borrower and that required for the Company to comply with legal obligations is mandatory information to be provided by the Borrower. Without the provision of this Personal Data, the Company will not be able to enter into or continue the execution of the contract with the Borrower.

 

  1. Data Recipients

Personal Data may be shared with selected third parties as set out above.

In some circumstances, the Company may also disclose Personal Data to the recipients such as:

  • any third parties as may be required or authorized by law (including but not limited to public administrative bodies and local or foreign public and judicial authorities, including any competent regulators).
  • any third parties acting on the Company’s behalf (such as servicers, including their respective advisers, auditors, delegates, agents and service providers and any other subsidiary or affiliated companies (the Service Providers) or on the basis of a prior authorization provided by Borrowers.
  • any of the Company’s respective shareholders, representatives, employees, advisers, agents, delegates, auditors, service providers, any subsidiary or affiliate of the Company (and their respective representatives, employees, advisers, agents, delegates).
  • persons acting on behalf of Borrowers, (such as beneficiaries, intermediaries, banks); and
  • other third parties and their advisors, auditors, delegates, agents, and service providers, in each case, in connection with the Company’s transfer of the Borrower’s shared equity mortgage to another entity or in connection with any business reorganization, transfer, disposal, merger or acquisition on the level of the Company or any larger group to which the Company belongs in connection with any business reorganization, transfer, disposal, merger or acquisition on the level of the Company or the Bracebridge group to which the Company belongs.

 

  1. Transfer of Personal Data

For the purposes listed above, Personal Data will be transferred to any of the aforementioned recipients and Service Providers which are located within or outside of the European Economic Area (the EEA).

Personal Data will be transferred to the following countries outside the EEA: the United States of America and the United Kingdom.

Certain jurisdictions in which recipients (including data processors) are located and to which Personal Data are transferred do not have the same level of protection as that afforded in your home country. Where that is the case Personal Data will be transferred to such countries subject to appropriate safeguards.

We rely on the following safeguards:

- standard contractual clauses approved by the European Commission

- adequacy decision for transfers to UK.

You may obtain a copy of such safeguards by contacting us at the above contact details.

 

  1. Individual’s rights

The following rights apply to the Borrower who is an individual and to individuals related to the Borrower whose Personal Data has been provided to the Company by such Borrower:

  • the right to access Personal Data, free of charge, within reasonable intervals and in a timely manner, as well as all information on the origin of such Personal Data;
  • the right to have inaccurate or redundant data rectified or erased;
  • the right to request the erasure of Personal Data without undue delay when the use or other processing of such data is no longer necessary for the purposes described above, and notably when consent relating to a specific processing has been withdrawn or where the processing is not or no longer lawful for other reasons;
  • in cases where the accuracy of the data is contested, the processing is unlawful, or where the Borrowers or the individuals related to the Borrowers have objected to the processing of their Personal Data, they may ask for the restriction of the processing of such Personal Data. This means that Personal Data will, with the exception of storage, only be processed with or for the establishment, exercise or defence of legal claims of the Company, for the protection of the rights of another natural or legal person or for reasons of important public interest of the European Union or of a Member State. In cases where processing is restricted, the Borrowers or the individuals related to the Borrowers will be informed before the restriction of processing is lifted;
  • the right to data portability where the processing is based on the execution of a contract or consent, is performed by automated means and where the data has been provided by the Borrower or the individual related to the Borrower.
  • The right to withdraw consent, at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

    • In addition to the rights listed above, should a Borrower or an individual relating to a Borrower consider that the Company does not comply with the applicable privacy rules, or has concerns with regard to the protection of their Personal Data, they may file a complaint with the Luxembourg data protection authority (the Commission Nationale pour la Protection des Données – CNPD) or any other data protection authority (for instance the authority in the EU member state in which the individual resides) In Greece, you may contact or file a complaint with the Hellenic Data Protection Authority (https://www.dpa.gr/) .

     

  1. Data retention period

The Company is subject to various retention and documentation obligations, which inter alia follow from the Luxembourg commercial code (Code de Commerce) and from anti-money laundering laws. The retention periods provided by those laws vary from five to ten years.

The retention period will also be determined by the legal limitation periods that can for example be set forth by the commercial code and amount to up to ten years after the end of the contractual relationship with the Borrower.

 

  1. Amendment of this Privacy Notice

This Privacy Notice may be amended from time to time to ensure that full information about all processing activities is provided. Changes to the Privacy Notice will be notified by appropriate means.

Follow us on
YouTube
linkedin
lifegate

© 2023 doValue Greece