Altis Investment Management BV (hereinafter referred to as Altis) does everything it can to ensure that the processing of your personal data takes place in such a manner that your privacy is protected and safeguarded. We comply with the applicable legislation and regulations, including the provisions of the General Data Protection Regulation (GDPR). Information on how we process your personal data can be found below.

Who is responsible for your data?

Altis is responsible for processing your personal data. Altis has its registered office in The Netherlands, at Schenkkade 65, 2595 AS The Hague. Tel. no +31 70 513 03 03 , Email:, website: Altis is a subsidiary of NN Investment Partners Holdings N.V.

What is personal data?

Personal data concerns all direct and indirect information about a person. Examples of such information are your name and email address. Information that you provide to us when you enter into an agreement or use our website.


Altis processes your personal data for the following purposes:

  • For the performance of our contractual obligations
    This includes taking steps to enter into a contract and provide you access to our online services. For this purpose we use personal data such as your name, address, place of residence, phone number(s), e-mail addresses, login credentials, and technical data needed for the functioning of the portal.
  • To comply with legal requirements
    We process personal data such as your name, address, place of residence, place of birth, and other data required for identification purposes.


We may provide your personal data to the persons, companies and institutions named below. We do that only if:

  • It is necessary for performing the contract;
  • We have a ‘legitimate interest’ in it, and the provision of your data is necessary for this reason. This is explained in ‘For what purposes do we process personal data’;
  • It is required by law to provide your data;
  • You have given us permission.
Only if we have at least one of the reasons mentioned above will we provide your data to one or more of the parties below:
  • Our staff, as far as they need this data for their work; this includes NN IP, as far as necessary for operations and for fulfilling statutory obligations;
  • Business partners, suppliers and companies to whom we outsource activities (‘processors’).These companies then work under our responsibility. Examples are IT, survey and marketing companies;
  • Public services such as regulatory authorities when we are required by law to do so.


  • We ensure proper security
    We spend a lot of time and effort on the security of our systems and the personal data stored within them. Our mother company NN IP also has a special team that monitors security and the use of personal data. We keep a constant eye on the security of our data traffic. We take immediate action should something ever go wrong. We resolve and register data breaches. That is also our legal duty. We also report them to the supervisory authority and to you, if necessary.
  • There are checks on how we process your personal data
    • The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) checks whether we comply with the GDPR;
    • The Dutch Authority for Consumers & Markets (ACM) monitors our use of cookies, direct marketing via email and the National Do Not Call Registry;
    • The Dutch central bank (DNB), European Central Bank (ECB) and Dutch Authority for the Financial Markets (AFM) monitor the financial sector in general and, therefore, also Altis;
    • Internally, the Data Protection Officer monitors how we handle your personal data. The Data Protection Officer can be reached via


We keep your data as long as we are required by law to do so and as long as necessary for the purpose for which we use the data. This may vary by product. This is based on the following rules:

  • Personal data collected when we enter into a contractual agreement
    We keep your data as long as you are our client, and for a maximum period of 7 years after termination of the agreement. We do so to comply with international legal requirements.
  • Data collected by our client portal
    We process your personal data as long as you use our client portal. We remove your data within 30 days after termination of use of the portal.


Your personal data is generally processed within the European Union (EU). In some cases personal data is processed outside the EU. Some of our suppliers and business partners are also located outside the EU or provide these services outside the EU. The regulations in those countries do not always provide the same level of personal data protection as European regulations. To ensure that your personal data is safe nevertheless, we take measures in such cases by entering into contracts where we make similar arrangements about the security of personal data, just like we do within the EU. We call these EU model contracts.


The General Data Protection Regulation (GDPR) gives you certain rights with respect to the personal data processed by Altis. These rights are explained below.

  • Right of access
    This means that you may request what personal data Altis has registered and for what purpose this personal data is used.
  • Right to rectification, erasure and restriction
    Altis does its best to keep your personal data accurate and up to date. You are entitled to have your personal data changed if it is not correct. You are also entitled to have your personal data deleted if your personal data is unlawfully processed, no longer necessary for the purpose for which it is collected or processed or because you have withdrawn your permission and Altis has no other legal grounds for processing your data.
    You are also entitled to restrict the processing of your personal data. This right means that you may tell us temporarily not to use your data. You may exercise this right if your personal data is incorrect, unlawfully processed, no longer necessary for the purpose for which it has been collected or processed, or if you object to the processing of your data and your objection is still being handled by us.
  • Right to data portability
    In some situations you also have the right to receive your personal data from Altis in a structured, commonly used and machine-readable format. In addition, you have the right to instruct Altis to transmit those data to another (specified) company or organization.
  • You have the Right to object
    You may lodge an objection to the processing of your personal data, if we use your personal data for purposes other than necessary for performing a contract or necessary for fulfilling a legal obligation. We will carefully assess your objection and stop processing your personal details, if necessary.

Questions or complaints?

If you are not satisfied with the processing of your personal data or have other questions in relation to this privacy policy or how we process data, please contact us via and we will work with you to find a suitable solution.

You can also contact our data protection officer via You are also entitled to file a complaint with your local Data Protection Authority.

Our privacy policy may be changed from time to time. We recommend referring to this privacy policy regularly to stay informed about the latest changes. This privacy statement was last modified on June 11, 2021.