Please read this privacy statement carefully to understand Our use of Your Personal Data.


Controlleris a natural or legal person, Public Authority, Agency or other body which, alone or jointly with others, determines the purposes and means of the Processing of Personal Data.
Data Subjectmeans the person to which the Personal Data relates. Data Subjects in this notice includes customers, intermediaries and suppliers. Where the customer, intermediary or supplier is a legal entity, the Data Subject shall mean their officers, employees, beneficial owners or associates of that entity.
Data Protection Legislationmeans the EU Data Protection Directive 95/46/EC and the EU Privacy & Electronic Communications Directive 2002/58/EC, any amendments and replacement legislation including the EU General Data Protection Regulation (EU) 2016/679 (GDPR), European Commission decisions, binding EU and national guidance and all national implementing legislation.
Joint Data Controllersis where two or more Controllers jointly determine the purposes and means of processing of Personal Data
Personal Datameans any data relating to a living individual who can be identified directly from that data or indirectly in conjunction with other information.

This privacy notice (“Privacy Notice”) applies to the processing activities of all Personal Data performed by Nedgroup Investments (IOM) Limited, First Floor, St Mary's Court, 20 Hill Street, Douglas, Isle of Man, IM1 1EU (“Nedgroup”), Nedgroup Investment Funds Plc 2nd Floor Block E, Iveagh Court, Harcourt Road, Dublin 2 and/or Nedgroup Investment MultiFunds Plc, 2nd Floor Block E, Iveagh Court, Harcourt Road, Dublin 2 (“your Fund”).

Scope: The relationship between Nedgroup and your Fund is considered to that of joint Data Controllers within the meaning of Data Protection Legislation and each party may hold Personal Data provided by or in respect any Data Subject. The parties in this arrangement shall collectively be referred to throughout this document as “We”, “Us” or “Our”.

In the course of business, We will collect, record, store, adapt, transfer and otherwise process Personal Data in relation to Data Subjects and their officers, employees and beneficial owners (referred to collectively in this document as ’Data Subjects’, ‘You’ or ‘Your’).

How We collect your Personal Data:
We may collect Your Personal Data in various ways, principally:

  • from information You provided when You made initial contact with Us;
  • on completion of Our application forms;
  • from third parties and publicly available sources, for example where We perform due diligence checks on You in order to finalise the arrangements between us;
  • from third party intermediaries, introducers, brokers, agents and representatives where they are interacting with Us on Your behalf; and
  • in the other ways You interact with Us, for example when You meet with Us or We have formal correspondence and other communications with You in connection with the services provided to You.

Categories of Personal Data:

We will hold some or all of the following types of Personal Data in relation to Data Subjects;

  • Biographical and contact information such as Your names, addresses, telephone numbers, email addresses, date of birth, place of birth, gender and occupation;
  • Identification and due diligence information such as photographic identification, verification of address, source of funds and source of wealth documents. We are obliged to verify the Personal Data and carry out ongoing monitoring so We may also obtain enhanced Personal Data on individuals by way of Politically Exposed Person checks, sanctions checks, negative news checks and screening checks; and
  • Financial and Wealth related information such as Your bank account details, and/or Tax Identification Numbers.

Where Personal Data has been provided in respect of Your officers, employees and beneficial owners, You must furnish
them with a copy of this Data Privacy Notice.

Purposes and Legal Bases for Personal Data Processing:

We, or any of Our delegates or service providers (the Administrator and Depositary) may process Your Personal Data for
any one or more of the following purposes and on the following legal bases: 

  1. Purpose: to operate the Funds, including managing and administering an Your holdings in the relevant Fund on an on-going basis. Legal basis: this processing purposes is necessary to allow Us to satisfy Our contractual duties and obligations to You and any processing necessary for the preparation of the contract with the Shareholder or prospective Investors);
  2. Purpose: to make payment for services performed for Us. Legal basis: this processing purpose is necessary to allow Us to satisfy Our contractual duties to You as a Supplier or Intermediary and processing necessary to administer our relationship.
  3. Purpose: to comply with all relevant legal, tax or regulatory obligations including laundering and counter-terrorism and tax legislation and fraud prevention in the Isle of Man, Ireland and elsewhere. Legal basis: this processing is necessary for complying with Our legal obligations, not least under the Companies Acts, UCITS, Financial Services and prevention of Financial Crime Regulations.
  4. Purpose: in order to carry out statistical analysis and to perform financial and/or regulatory reporting. Legal basis: this processing is necessary for the legitimate interest We have in managing and delivering Our business. We have performed the appropriate balancing test to ensure that Your interests do not override this legitimate business interest. For more information on this balancing test, please email You should note that You have the right, at any time, to object to the processing of Your personal information in this way.
  5. Purpose: specific purposes which may arise in future, for example where We undertake to market Our Funds ranges to you. Legal Basis: this processing will only be carried out where You have given their specific consent prior to the processing of their Personal Data. Where processing of Personal Data is based on consent, You will have the right to withdraw it at any time.

Monitoring of Communications:

We will record and monitor the use of the Our communications channels and equipment by Our employees. We will keep a record of these recordings and electronic communications for at least six years. This means that when You speak to Us by telephone, Your calls may be recorded and/or monitored. In the same way, the content of email communications may be monitored for the following purposes:

  • training purposes, allowing Us to improve the quality of Our communications with You;
  • as evidence of Your instructions and to ensure that We are providing a high quality service to You;
  • in order to comply with Our legal obligations and with regulatory rules or requirements;
  • for the establishment, exercise or defence of disputes or legal claims (where relevant); and
  • for preventing or detecting crime (including fraud).

Recipients of Personal Data:
We and/or any of Our delegates or service providers may disclose or transfer Personal Data, whether in the Isle of Man, Ireland or elsewhere (including entities situated in countries outside of the European Economic Area (“EEA”)) to other delegates, duly appointed agents and service providers of Ours (and any of their respective related, associated or affiliated companies or sub-delegates) and to third parties including Nedgroup Investments divisional Companies, Your advisers, due diligence screening systems, regulatory bodies, taxation authorities, auditors, client relationship management system support, mailing solution providers and IT service providers for the purposes specified above. Where processing is carried out on Our behalf, We shall engage the third parties as a data processor, within the meaning of Data Protection Legislation, which implements appropriate technical and organisational security measures in a manner that such processing meets the requirements of Data Protection Legislation, and ensures the protection of the rights of Our Data Subjects. Where appropriate, We will enter into a written contract with the data processor which will set out the data processor's specific mandatory obligations laid down in Data Protection Legislation, including the processing of Personal Data only in accordance with the documented instructions from Us.

Transfers of Personal Data Overseas:
Neither We nor any of Our delegates and service providers will transfer Personal Data to a country outside of the EEA unless that country ensures an adequate level of data protection or appropriate safeguards are in place. The European Commission has prepared a list of countries that are deemed to provide an adequate level of data protection to those within the EEA. To date these include United Kingdom, Switzerland, Guernsey, Argentina, the Isle of Man, Faroe Islands, Jersey, Andorra, Israel, New Zealand and Uruguay. The USA is also deemed to provide an adequate level of protection where the recipient of the data is privacy shield-certified. Further countries may be added to this list by the European Commission at any time and Our Data Privacy Notices will be updated to reflect these changes and will be refreshed on Where Your Personal Data is transferred to and processed in a country outside of the EEA and that country does not provide the same level of protection for Personal Data as those within the EEA, We will put appropriate measures in place to ensure the appropriate protection of Your Personal Data. In any event, Your Personal Data will only be transferred on one of the following grounds:

  • the recipient is within the EEA;
  • the country to which the transfer is made is considered to have an adequate level of protection for Personal Data;
  • We and the recipient are engaged under Binding Corporate Rules. This is appropriate to entities within the Nedbank Group as the Binding Corporate Rules provide legally binding, enforceable rights for the Investor in relation to the Processing of their Personal Data and must be upheld by each of the Group Entities and their Employees; and
  • We and the recipient of the Personal Data outside the EEA have signed a form of model data protection clauses (standard contractual clauses) approved by the European Commission.

As at the date of this Data Privacy Notice such countries outside of the EEA (that are not deemed to provide an adequate level of Investor protection) to which data may be transferred are South Africa, Canada and India.

Automated Decision-Making:
Your Personal Data is not currently processed using automated decisions or profiling methods. We will inform you if this position changes in the future as you would have the right to object to any automated decision-making where the outcome has a significant effect on you.

Personal Data Retention:
We will only retain Your Personal Data for as long as We need it, given the purpose for which it was collected, or as required by law and any other statutory obligations, including anti-money laundering, counter-terrorism, tax legislation. Your Personal Data may be retained for a maximum of 6 years from the end of our relationship; however some of your data will be retained for less than this. We will take all reasonable steps to destroy or erase the data from its systems when it is no longer required.

Failure to Provide Personal Data:
In relation to Data Subjects that are investors, We require Your Personal Data for statutory and contractual purposes. Failure to provide the required Personal Data will result in Us being unable to permit, process, or release Your investment in the Funds and this may result in Us terminating Our relationship with You.

Your Rights:
Data Subjects are afforded certain statutory rights under the Data Protection Legislation and We have an obligation to ensure they are upheld where valid.

  • where specific processing is based on Your consent, You have the right to withdraw it at any time;
  • You have the right to request access to Your Personal Data kept by Us;
  • the right to rectification of Your data if it is inaccurate or incomplete;
  • the right to request erasure of Your Personal Data in certain circumstances;
  • the right to restrict or object to processing of their data in certain circumstances;
  • the right to data portability; and
  • the right not to be subject to a decision based on automated processing, including profiling which has legal or similar significant effects.

These rights are subject to certain restrictions and/or exemptions imposed by Data Protection Legislation and any statutory obligations to retain information including anti-money laundering, counter-terrorism, tax legislation. If you are not satisfied with how We are processing Your Personal Data You have a right to lodge a complaint with the an applicable Data Protection Authority.

If You have any comments or questions about how We process Your Personal Data, You can contact Nedgroup Investments Data Protection Officer by writing to First Floor, St Mary's Court, 20 Hill Street, Douglas, Isle of Man, IM1 1EU. Alternatively, You can contact Us by email or by telephone South Africa: 0800 999 160 or Internationally: +44 1624 645150.