G.D.P.R. - Information about Data Protection

Customer information in accordance with the General Data Protection Regulation / GDPR.

In accordance with Regulation 679/2016 / EU of the European Parliament valid from 25 May 2018 in all European Union States for the protection of personal data (General Data Protection Regulation or GDPR), the Company would like to inform you about its Policy pursued.

TRITON ASSET MANAGEMENT AEDAK is committed to protecting the personal data of individuals against the processing of personal data and to avoid their misuse. This Policy applies to all employees and representatives of the Company, including external partners, and creates a minimum standard for the processing of personal data.

Data Processor

The company “TRITON ASSET MANAGEMENT AEDAK” is defined as the person in charge of processing

Data subject

Data subjects are defined as all natural persons who are customers of the Company as well as any natural person who has the status of legal representative or the real beneficiary of a legal entity.

DPO Designation – Data Protection Officer

Any request, question, objection regarding the processing of personal data can be submitted in writing to the internal auditor of the Company in the following ways:

  • At the company’s offices. Customers can submit their request to the Data Protection Officer (DPO), on business days and hours daily from 9:00 to 17:00.
    • Via e- mail . Customers can send their request electronically to e- mail : data.protection@triton-am.com .
    • By post. Please send your mail to:


Valaoritou 15,

10671 Athens

Note : Data Protection Officer

Mrs. V. Dikou – Internal Auditor

Personal Data to be processed

  1. Data Types

The information we collect and process about you may come from a variety of sources. Some data comes directly from you and relates to essential data for specific investments while other\ data comes from other sources available to the public such as e.g. sanctions lists.

Data we collect from customers:

  • Contact details and identification details such as name, date of birth, nationality, occupation, home and work address, landline / mobile phone number, ID / passport number, e- mail details.
  • Financial data such as tax records, total assets, VAT number, AMKA and payment transaction data such as payment orders & IBAN accounts.
  • Other financial data required for the Company to comply with its legal regulatory obligations such as FATCA & CRS tax reporting and risk rating data to combat money laundering.
  • Investigation data – KYC such as transactional behavior, due diligence procedures, name verification for any illegal activities by public authorities.

The above data are kept by the responsible departments of the Company depending on the needs and work of each department separately.

  1. Purpose of Processing

The purpose of data processing is the provision of UCITS management services, the provision of management services of private investment portfolios and the provision of consulting services to clients in the framework of compliance with the legislation or the respective regulations governing the operation of the Company for the above services.

Indicative legislation:

Compliance with the following regulations: UCITSV, MiFIDII , regulation of automatic exchange of financial accounts between FATCA & CRS countries, regulations against money laundering and terrorism.

The processing of clients’ data is always done in a way that protects their legitimate interests and at the same time achieves the investment goals.

  1. Notification / Transmission of data

In order to fulfill the purpose, personal data of the clients may be disclosed to other companies with which we cooperate and are related to investments, to banks for payments, to other financial institutions in the framework of our cooperation for the purpose of exchange of KYC documents as well as to auditors or regulators for compliance with their requests.

  1. Data Retention Period

The period in which we keep the personal data of the customers varies depending on:

  • The purpose that corresponds to each category of data e.g. personal, transaction data, tax data.
  • The legal or tax obligations that in some cases define a minimum retention period of data such as e.g. MiFIDII compliance which requires record keeping for at least five years which can be extended to seven years.
  1. Customer Rights

All customers as subjects of the data collected have the following rights:

  • The right to information and access to the data we process.
  • The right to correct or delete the data.
  • The right to restrict processing or the right to data portability .
  • The right to object or withdraw consent to the processing of data at any time.
  • The right to complain before the Personal Data Protection Authority.

Customers have an obligation to ensure that the information provided is accurate and up to date and to inform the Company of any change.

To protect your data, the Company implements internal technical and organizational data security measures such as encryption, anonymization and physical file security. The Company’s employees comply with the obligations arising from the Company’s Policy for the protection of personal data and respect any request for customer access to the data. If necessary, seek the advice of the DPO on further processing issues.

For more information you can refer to the detailed Company Policy.