1. Who we are & what we do?
STONE2CAP is an Alternative Investment Fund in the real estate market in the Grand-Duchy of Luxembourg. In order to provide these services as per the conditions outlined in each contract, STONE2CAP requires certain personal data. The following policy pertains to STONE2CAP, within the meaning of the General Data Protection Regulation (“GDPR”) and other national data protection laws, as data controller for processing of your personal data.
2. Whose personal data do we collect?
This privacy policy applies to:
- Visitors to our website.
- Investors.
- Eligible investors.
- Potential investors.
- Individuals registering on behalf of a company or investment fund.
3. Why do we need your personal data?
- To provide our service.
- Customer support.
- To monitor suspicious or fraudulent activity of your account.
- To perform the contract or pre-contractual steps at your request.
- Marketing purposes (Newsletters).
- Fund management and administration related purposes.
4. What kind of personal data do we collect?
- Basic identification and contract details such as but not limited to first and last name, email address, telephone number.
- Account information.
- Information derived the use of our services.
- Information required to carry out necessary AML/KYC/CTF compliance and to confirm your status as an eligible investor in order to perform our services.
- Onboarding identification and investor suitability.
5. When and how do we collect your personal data?
- When you enter into a contract with STONE2CAP.
- When you engage in communication with STONE2CAP via telephone, fax, email or the web portal.
- When you visit our website or fill out any forms on our website/web portal.
- When you request a quote/offer from us.
6. When do you give your consent for us to collect your personal data?
As soon as you get in touch with us, for example for requests for a quote or service requests. By contacting STONE2CAP, you are giving your consent to process your personal data by default. By accepting cookies on our website, you also consent to our processing of your personal data.
7. Where do we keep your personal data?
Your personal data is stored on paper and/or in digital format on our high availability systems and servers. Our systems and servers are owned by us and are located exclusively in Luxembourg.
8. How long do we keep your personal data?
As part of doing business in Luxembourg we comply with the data retention guidelines as retained in the Luxembourg Commercial Code. This is applicable to data used for accounting, financial and contracts etc.
Stone2Cap will retain your Personal data for as long as necessary for the above mentioned purposes for which it is processed. Personal data falling within the scope of providing services expires at contract termination unless required by law.
Data expires at contract termination and is either returned or deleted as per the contract. All data outside of the above listed conditions expires by default after 2 years.
9. Who is in contact with your personal data?
We share your data only with the applicable staff necessary to provide or support the requested services. In order to provide the services you requested and agreed to, it is necessary to perform AML/KYC and CFT checks for which Stone2Cap shares your personal data with the following third-party providers:
- Antwort Capital S.A.
- Edmond de Rothschild Asset Management S.A. (Luxembourg)
The data generated by your use is shared with the only necessary internal staff to provide security and support for the contracted services. STONE2CAP does not share any personal data to any other third parties unless legally obliged to do so. If legally obliged, STONE2CAP will notify all affected parties.
10. How do we protect your personal data?
Your data is protected through modern IT security measures in a secure building along with an information security code of conduct. Our information security measures are state of art and conform to the CNIL guidelines and ISO27002 controls.
11. What do we do in case of a data breach?
Without undue delay STONE2CAP will analyze the breach and notify any applicable parties such as the CNPD and those who are affected. All actions notification details will be in compliance with GDPR articles 33 & 34.
12. What are your rights?
Any person whose personal data has been collected and stored by STONE2CAP possesses the rights as indicated in the GDPR articles 15 to 22.
Please note that in the case of requests from persons whose personal data has been given to us by their employer, customer, supplier or business partner etc., we will communicate the request to whom has provided us the personal data.
13. How do you contact us about your personal data?
Any general questions on our policies, our security measures or general data protection inquiries please email dpo@wagnergroup.lu
Official requests stemming directly from a GDPR article such as 15 to 22 are to be made via written registered letter with a copy of your ID to and will be processed within one month of receipt.
ATTN: Data Protection Officer
STONE2CAP
5, rue Christophe Plantin
L-2339 Luxembourg