As a shareholder in Kinnevik AB (publ) (”Kinnevik”) we process personal data which relates to you. Therefore, we would like to inform you on how we process your personal data and your rights under the Data Protection legislation.1
Euroclear Sweden AB (”Euroclear”) is responsible for keeping the share register of Kinnevik and is the controller of the processing of personal data relating to the assignment. If you would like to know more about how Euroclear processes your personal data, we kindly ask you to contact Euroclear.
What personal data is processed and for what purposes?
The types of personal data processed by Kinnevik are:
- your name, personal identity number and contact details
- information regarding your shareholding (number of shares and any notes according to law to be linked to that shareholding, e.g. class of shares)
- data in any communication between you and Kinnevik, including information in minutes of board meetings and general meetings.
The personal data is processed mainly to fulfil Kinnevik’s obligations under law. The personal data is also used in connection to the annual general meeting for registration, drawing up of voting list and, where applicable, minutes of the general meeting.
On what legal basis do we process your personal data?
The personal data is processed by Kinnevik to comply with its obligations under law, including company, securities and tax legislation. If Kinnevik has a legitimate interest of a certain process, the personal data may be processed on the basis of a balance of interests.
For how long do we store your personal data?
Your personal data is erased when you cease to be a shareholder in Kinnevik. However, certain data is stored for a longer period of time when required by law, including company, securities and tax legislation.
To whom do we disclose your personal data?
Your personal data may be transferred or disclosed to other companies within the Kinnevik group or to a third party, if required by law, other regulation or decision by a relevant authority. Certain personal data, such as names and other data in minutes of board meetings and general meetings, may be published on Kinnevik’s website.
Kinnevik is the controller for the processing of your personal data. You have the following rights in relation to us:
- Right of access (register transcript) – a right to obtain confirmation of and information about the processing of your personal data.
- Right to rectification – a right to have erroneous data rectified.
- Right to erasure – a right to have data removed. This right is limited to data which, by law, can only be processed with your consent, if you withdraw consent and oppose the processing.
- Right to restricted processing – a right to request that personal data processing is restricted, for example, if you oppose the accuracy of the data. Kinnevik’s access to the data is restricted while the accuracy of the data is investigated.
- Right to data portability – a right to request that personal data are moved from one data controller to another. This right is restricted to data you have supplied to us yourself.
If you consider that our processing does not comply with data protection legislation, you are also entitled to lodge a complaint with the Swedish Data Protection Board (the competent supervisory authority).
If you would like further information about how your personal data are processed, or wish to exercise any of the rights listed above, please contact us:
Data controller Kinnevik
P.O. Box 2094
SE-103 13 Stockholm, Sweden
1 As of 25 May 2018 the regulation, (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC is in force as well as national legislation which is introduced on the basis of the regulation.