+34 915 190 906 info@lift-am.com

Privacy Policy

08.02. SECOND-LEVEL PRIVACY POLICY

LIFT ASSET MANAGEMENT

 

Index

  1. Purpose of the policy
  2. Definition of personal data
  3. Identity of the data controller
    1. Who collects and processes your data?
    2. How can you contact us?
    3. Who can assist you with our Data Protection Policy?
  4. Applicable laws and regulations
  5. Principles applicable to the processing of personal data
  6. Security measures
  7. Purposes of the processing
    1. Why do we want to process your data?
    2. How long will we retain your data?
  8. Lawful basis for processing
    1. Why do we process your data?
  9. Recipients of your data
    1. To whom do we disclose your data within the European Union?
    2. Do we carry out international data transfers outside the European Union?
  10. Data processing activities
    1. Processing activities
  11. Data relating to minors
    1. How do we handle data relating to minors?
  12. Source and types of data processed
    1. Where have we obtained your data from?
    2. What types of your data have we collected and process?
  13. Rights of data subjects
    1. What rights do you have in relation to your data?
    2. How can you exercise your rights in relation to your data?
    3. How can you lodge a complaint if you believe your rights are not being respected?
  14. Amendment and principle of information

 

1. PURPOSE OF THE POLICY

At LIFT ASSET MANAGEMENT SL (hereinafter, “Lift Asset Management”), we respect your privacy and protect your personal data. This policy details how we collect, use, and share your information in accordance with applicable data protection regulations, including the General Data Protection Regulation (GDPR).

This Privacy Policy applies to the website https://lift-am.com. If you do not provide us with your personal data, no processing of your information will be carried out.

We will inform you about the purposes of the processing, the entities that may have access to your data, and your rights as the data subject. Some processing activities may be based on legal obligations, contractual relationships, or legitimate interests, without requiring your express consent.

If the website uses cookies, you will be clearly informed in our Cookie Policy, where you can find further information about the use of cookies and how to manage your preferences.

This policy ensures transparency and is designed to enable you to clearly understand and exercise your rights.

 

2. DEFINITION OF PERSONAL DATA

  • Personal data: Personal data means any information relating to an identified or identifiable natural person (“Website user”). An identifiable natural person is one whose identity can be determined, directly or indirectly, in particular by reference to identifiers such as a name, an identification number, location data, an online identifier, or to one or more factors specific to their physical, physiological, genetic, mental, economic, cultural, or social identity.

 

3. IDENTITY OF THE DATA CONTROLLER

Who collects and processes your data?

The Data Controller is: LIFT ASSET MANAGEMENT SL – Tax ID (CIF) B42874982

How can you contact us?
  • Postal and office address: Paseo de Recoletos 16, 7th Floor, 28001, Madrid (Madrid), Spain
  • Registered office: Paseo de Recoletos 16, 7th Floor, 28001, Madrid (Madrid), Spain
  • Email: info@lift-am.com
  • Telephone: +34 915 190 906
Who can assist you with our Data Protection Policy?

At Lift Asset Management, we have appointed a Data Protection Officer (DPO), whose role is to ensure compliance with applicable data protection regulations within our organization. If you have any questions or require assistance regarding the processing of your personal data, you may contact our DPO through the following means:

 

4. APPLICABLE LAWS AND REGULATIONS

This Privacy and Data Protection Policy has been developed on the basis of the following data protection laws and regulations:

  • Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (hereinafter, GDPR).
  • Organic Law 3/2018 , of 5 December, on the Protection of Personal Data and the Guarantee of Digital Rights (hereinafter, LOPD/GDD).
  • Law 34/2002 , of 11 July, on Information Society Services and Electronic Commerce (hereinafter, LSSICE).

 

5. PRINCIPLES APPLICABLE TO THE PROCESSING OF PERSONAL DATA

At Lift Asset Management, we process personal data in accordance with the principles established in applicable regulations, ensuring that processing is:

  • Lawful, fair, and transparent: We clearly and accessibly inform users about how data is collected and used.
  • Limited to specific purposes: Data is collected for legitimate purposes and not used for other incompatible purposes.
  • Data minimization: We only request data that is strictly necessary.
  • Accuracy: We keep data up to date and correct inaccurate data.
  • Storage limitation: Data is retained only for the period necessary for the stated purposes.
  • Integrity and confidentiality: We apply appropriate security measures to protect personal data.
  • Accountability: We assume responsibility for complying with and demonstrating compliance with these principles.

 

6. SECURITY MEASURES

What do we do to ensure the privacy of your data?

At Lift Asset Management, we have implemented the necessary technical and organizational measures to ensure the security of the personal data we process. These measures are designed to prevent alteration, loss, unauthorized access, or improper processing of data, taking into account the state of the art and potential risks.

Among the measures adopted, we highlight:

  • Confidentiality: Only authorized persons may access the information.
  • Integrity: Information is kept accurate and protected against unauthorized modification.
  • Availability: We ensure that data is accessible to authorized persons at all times.
  • Continuous assessment: We regularly review and improve our security measures to adapt to new threats and technological advances.
  • Pseudonymization and encryption: We apply these techniques to strengthen data protection, especially for sensitive data.

 

7. PURPOSES OF THE PROCESSING

Why do we want to process your data?

Below, we detail the intended uses and purposes:

Management of Enquiries and Contacts via the Website

Facilitating ongoing contact with users interested in investment funds, financial advisory services, and opportunities managed by Lift Asset Management.
Managing information of potential clients and contacts interested in Lift’s investment products and services, including funds of related entities.
Management of potential clients and contacts.
Management and communication with users.
Responding to requests and enquiries received through the contact forms on the Lift Asset Management website.

Management of Social Media and Followers

Increase the visibility of Lift Asset Management and its related funds, strengthening its market presence and brand.
Create, manage, and publish content on social media to inform and promote Lift Asset Management’s services.
Interact with followers and respond to enquiries regarding investment products and services.
Monitor social media activity to analyze impact and follower response, optimizing communication strategies.

Newsletter Subscription

Periodically send informative, promotional, and current content about Lift Asset Management’s services, products, and investment funds.
Manage user subscriptions to the corporate newsletter of Lift Asset Management.
Keep users informed about events, articles, and relevant news of the organization and the investment sector.

Cookies, Pixels, and Tracking

Web Analytics: Perform statistical analysis of user navigation to optimize website content and usability.
Issue Identification: Detect technical and navigation issues on the website to ensure optimal performance.
Personalization: Retain user preferences (such as language) to improve the browsing experience.
How long do we retain your data?

We use your data for the period strictly necessary to fulfill the purposes indicated above. Unless there is a legal obligation or requirement, the envisaged retention periods are as follows:

Management of Enquiries and Contacts via the Website:

For a period of 5 years from the last confirmation of interest. The personal data provided will be retained as long as the data subject does not request their erasure and such erasure is applicable, and as long as they are necessary—including the need to retain them during the applicable limitation periods—or relevant for the purpose for which they were collected or recorded.

Management of Social Media and Followers:

Until the data subject requests their erasure. The personal data provided will be retained as long as they are necessary or relevant for the purpose for which they were collected or recorded. We are required to block the data when erasure is applicable. Data blocking consists of identifying and reserving the data, adopting technical and organizational measures to prevent their processing, including their display, except for making the data available to judges and courts, the Public Prosecutor’s Office, or the competent Public Administrations, in particular data protection authorities, for the establishment of potential liabilities arising from the processing, and for a period of three years, which is the applicable limitation period. Blocked data may not be processed for any purpose other than the one indicated.

Newsletter Subscription:

Until the data subject requests their erasure. The data will be retained as long as the user maintains an interest in receiving the newsletter. Upon unsubscribing, the data will be blocked for a period of three years in order to comply with the limitation periods for potential liabilities, allowing access only to the competent authorities if required.

Cookies, pixels, and tracking

You should consult our Cookie Policy to find out the retention period of each cookie as well as the information collected.

 

8. LAWFUL BASIS FOR PROCESSING

Why do we process your data?

The collection and processing of your data is always based on one or more lawful bases, which we detail below:

Management of Enquiries and Contacts via the Website
  • Explicit consent of the data subject

    • GDPR 6.1.a) Consent of the data subject.
      The legal basis for sending information related to professional activities or professional interest and for the provision of voluntary services is the consent you provide, which you may withdraw at any time.
Management of Social Media and Followers
  • Explicit consent of the data subject

    • GDPR: Article 6.1.a) – Consent of the data subject.
      The legal basis for sending information related to professional activities or professional interest and for the provision of voluntary services is the consent you provide, which you may withdraw at any time.
Newsletter Subscription
  • (GDPR Article 6.1.a) Consent of the data subject

    Cookies, pixels, and tracking
    • (GDPR Article 6.1.a) Consent of the data subject

       

      9. RECIPIENTS OF YOUR DATA

      To whom do we disclose your data within the European Union?

      On certain occasions, in order to comply with our legal obligations and our contractual commitments to you, we are required to disclose some of your data to certain categories of recipients, which are detailed below:

      • Management of Enquiries and Contacts via the Website: Entities within the corporate group. The recipient entities include:

        • LIFT Investment Advisors EAFI S.L (Lift, Tax ID CIF B87425187) for the management of enquiries regarding financial advisory services.
        • Almagro Capital Gestión SL (Almagro Capital Gestión, Tax ID CIF B87858916) for information on real estate investment opportunities.
        • Inversa Prime SOCIMI, S.A (Inversa Prime, Tax ID CIF A87858908) to respond to enquiries regarding investments in reverse housing assets.
        • Ac Residencial SA (Ac Residencial, Tax ID CIF A72517410) for enquiries regarding residential investment projects.
        • Smart Kitchen Property SOCIMI (Smart Kitchens, Tax ID CIF A10962686) to address interest in real estate investments focused on delivery operators.

        These disclosures enable group entities to directly manage user enquiries, ensuring appropriate attention based on their specific interests and aligned with the services and products of each entity.

      • Management of Social Media and Followers: Social media service providers

        • Newsletter Subscription: Entities within the corporate group
        • Cookies, pixels, and tracking: Companies engaged in advertising or direct marketing activities
      Do we carry out International Data Transfers outside the European Union?

      No international transfers of your data are carried out.

       

      10. DATA PROCESSING ACTIVITIES

      The data processing activities carried out through https://lift-am.com are described below, specifying:

      • Activity: Name of the data processing activity.
      • Purposes: Uses and processing operations carried out on the collected data.
      • Legal basis: Legal grounds that legitimize the processing.
      • Data processed: Types of data processed.
      • Source: Origin of the data.
      • Retention: Data retention period.
      • Recipients: Third parties to whom data is disclosed.
      • International transfers: Transfers of data outside the European Union.

       

      Processing activities

      These are data processing activities whose purposes are necessary for the provision of services.

      Management of Enquiries and Contacts via the Website
      Legal basis Explicit consent of the data subject (GDPR: Article 6(1)(a) – Consent of the data subject).
      Purposes Facilitating ongoing contact with users interested in investment funds, financial advisory services, and opportunities managed by Lift Asset Management; Managing information of potential clients and contacts interested in Lift’s investment products and services, including funds of related entities; Management of potential clients and contacts; Management and communication with users; Responding to requests and enquiries received through the contact forms on the Lift Asset Management website.
      Categories of data and data subjects Website contacts
      (Identifying data)
      Source of data The data subject themselves or their legal representative
      Categories of recipients

      Entities within the corporate group. The recipient entities include:

      • LIFT Investment Advisors EAFI S.L (Lift, Tax ID CIF B87425187) for the management of enquiries regarding financial advisory services.
      • Almagro Capital Gestión SL (Almagro Capital Gestión, Tax ID CIF B87858916) for information on real estate investment opportunities.
      • Inversa Prime SOCIMI, S.A (Inversa Prime, Tax ID CIF A87858908) to respond to enquiries regarding investments in reverse housing assets.
      • Ac Residencial SA (Ac Residencial, Tax ID CIF A72517410) for enquiries regarding residential investment projects.
      • Smart Kitchen Property SOCIMI (Smart Kitchens, Tax ID CIF A10962686) to address interest in real estate investments focused on delivery operators.

       

      These disclosures allow group entities to directly manage user enquiries, ensuring appropriate attention based on their specific interests and aligned with the services and products of each entity.

      International transfers None envisaged
      Retention period For a period of 5 years from the last confirmation of interest. The personal data provided will be retained as long as the data subject does not request their erasure and such erasure is applicable, and as long as they are necessary—including the need to retain them during the applicable limitation periods—or relevant for the purpose for which they were collected or recorded.

       

      Management of Social Media and Followers
      Legal basis Explicit consent of the data subject (GDPR: Article 6(1)(a) – Consent of the data subject).
      Purposes Increase the visibility of Lift Asset Management and its related funds, strengthening its market presence and brand; Create, manage, and publish content on social media to inform and promote Lift Asset Management’s services; Interact with followers and respond to enquiries regarding investment products and services; Monitor social media activity to analyze impact and follower response, optimizing communication strategies.
      Categories of data and data subjects Followers
      (Identifying data)
      Source of data The data subject themselves or their legal representative
      Categories of recipients Social media service providers
      International transfers None envisaged
      Retention period Until the data subject requests their erasure. The personal data provided will be retained as long as they are necessary or relevant for the purpose for which they were collected or recorded. We are required to block the data when erasure is applicable. Data blocking consists of identifying and reserving the data, adopting technical and organizational measures to prevent their processing, including their display, except for making the data available to judges and courts, the Public Prosecutor’s Office, or the competent Public Administrations, in particular data protection authorities, for the establishment of potential liabilities arising from the processing, and for a period of three years, which is the applicable limitation period. Blocked data may not be processed for any purpose other than the one indicated.
      Security measures
      • Access control and authentication: Restricting access to social media accounts to authorized personnel only, with two-factor authentication to protect the accounts.
      • Monitoring of published content and comments: Continuous monitoring of posts and comments to prevent improper processing of personal data and to detect inappropriate content.
      • Privacy Impact Assessments: Periodic assessments to analyze risks associated with data processing on social media and to optimize information security.
      • Backup of published data: Backing up content and comments on social media to ensure availability in the event of incidents.
      • Training in social media best practices: Ongoing training for staff responsible for managing social media on data protection regulations and secure user interaction practices.

       

      Newsletter Subscription
      Legal basis (GDPR Article 6(1)(a)) Consent of the data subject
      Purposes Periodically sending informative, promotional, and up-to-date content about Lift Asset Management’s services, products, and investment funds; Managing user subscriptions to Lift Asset Management’s corporate newsletter; Keeping users informed about events, articles, and relevant news of the organization and the investment sector.
      Categories of data and data subjects Subscribers
      (Identifying data)
      Source of data The data subject themselves or their legal representative
      Categories of recipients Entities within the corporate group
      International transfers None envisaged
      Retention period Until the data subject requests their erasure. The data will be retained as long as the user maintains an interest in receiving the newsletter. Upon unsubscribing, the data will be blocked for a period of three years in order to comply with the limitation periods for potential liabilities, allowing access only to competent authorities if required.
      Security measures
      • Access control to the subscriber database: Limiting access exclusively to authorized personnel responsible for communication and marketing.
      • Data encryption: Implementation of encryption during transmission of subscription data and storage of email addresses, ensuring information confidentiality.
      • Unsubscribe mechanism in each mailing: Inclusion of an automatic unsubscribe link in each newsletter, allowing users to easily withdraw their consent.
      • Audit and control of consent records: Maintaining an up-to-date consent register, allowing verification of user consent at any time.
      • Impact assessments and security audits: Periodic privacy impact assessments and security audits to ensure regulatory compliance.

       

      Cookies, Pixels, and Tracking
      Legal basis (GDPR Article 6(1)(a)) Consent of the data subject
      Purposes Web Analytics: Perform statistical analysis of user navigation to optimize website content and usability.
      Issue Identification: Detect technical and navigation issues on the website to ensure optimal performance.
      Personalization: Retain user preferences (such as language) to improve the browsing experience.
      Categories of data and data subjects Website users
      (Identifying data; Other categories)
      Source of data The data subject themselves or their legal representative
      Categories of recipients Companies engaged in advertising or direct marketing
      International transfers None envisaged
      Retention period You should consult our Cookie Policy to find out the retention period of each cookie as well as the information collected.
      Security measures
      • Access control: Limiting access to analytics and tracking data exclusively to authorized Lift Asset Management personnel and providers acting as data processors.
      • Consent management: Implementation of a cookie banner to transparently collect and manage user consent, allowing preference customization.
      • IP and navigation data anonymization: Use of anonymization and pseudonymization techniques on navigation data whenever possible to minimize risk.
      • Encryption of data in transit: Protection of navigation and tracking data through encryption during transmission.
      • Privacy Impact Assessment: Periodic assessments to verify risks and ensure compliance with applicable regulations.
      • Third-party auditing and monitoring: Regular supervision of tracking providers and platforms to ensure data protection and compliance with privacy policies.

       

      11. DATA RELATING TO MINORS

      How do we handle data relating to minors?

      Minors under the age of 14 may not use the services offered through our website without the prior authorization of their parents, guardians, or legal representatives. Such persons shall be solely responsible for all actions carried out through the website by the minors under their care, including the completion of online forms containing the minors’ personal data and, where applicable, the selection of the corresponding consent checkboxes.

      In accordance with Article 8 of the GDPR and Article 7 of the LOPD/GDD, only individuals over the age of 14 may give valid consent for the lawful processing of their personal data by Lift Asset Management.

       

      12. SOURCE AND TYPES OF DATA PROCESSED

      Where have we obtained your data from?
      Management of Enquiries and Contacts via the Website
      • Website contacts: The data subject themselves or their legal representative.
      Management of Social Media and Followers
      • Followers: The data subject themselves or their legal representative.
      Newsletter Subscription
      • Subscribers: The data subject themselves or their legal representative.
      Cookies, pixels, and tracking
      • Website users: The data subject themselves or their legal representative.
      What types of your data have we collected and process?
      Management of Enquiries and Contacts via the Website

      Website contacts

      • Identifying data
        (Email address; First and last name; Telephone number)
      Management of Social Media and Followers

      Followers

      • Identifying data
        (First and last name; Email address)
      Newsletter Subscription

      Subscribers

      • Identifying data
        (Email address)
      Cookies, pixels, and tracking

      Website users

      • Identifying data
        (IP address)
      • Other categories
        (ID generated by the pixel or cookie)

       

      13. RIGHTS OF DATA SUBJECTS

      What rights do you have in relation to your data?

      Data protection regulations grant you specific rights that you may exercise in relation to the processing of your data. These rights are personal and non-transferable, meaning that only you, as the data subject, may exercise them after verification of your identity.

      The following rights are available to you:

      • Right of access: You may request confirmation as to whether Lift Asset Management is processing your data and access information related to such processing.
      • Right to rectification: If your personal data is inaccurate or incomplete, you may request its correction.
      • Right to erasure (“right to be forgotten”): You may request the deletion of your data when it is no longer necessary for the purposes for which it was collected, or if you withdraw your consent.
      • Right to restriction of processing: You may request the restriction of the processing of your data, for example while its accuracy is being verified or in other cases provided by law.
      • Right to data portability: You have the right to receive your data in a structured, commonly used, and machine-readable format and to transmit it to another data controller.
      • Right to object: You may object to the processing of your data on grounds relating to your particular situation, or where the processing is based on legitimate interest.
      • Right not to be subject to automated decision-making: You may request not to be subject to decisions based solely on automated processing of your data, including profiling.
      • Right to withdraw consent: You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent prior to its withdrawal.
      • Right to lodge a complaint: If you believe your rights have not been respected, you may lodge a complaint with the competent supervisory authority: Spanish Data Protection Agency | Email: info@aepd.es – Website: https://www.aepd.es
      • To exercise any of these rights, you may contact Lift Asset Management using the following contact details:

      You may also exercise your rights through the Data Protection Officer:

      How can you exercise your rights in relation to your data?

      To exercise your rights of access, rectification, erasure, restriction, objection, data portability, and withdrawal of consent, you may do so by sending an email to rgpd@auratechlegal.es or info@lift-am.com, or by sending postal mail to Paseo de Recoletos 16, 7th Floor, 28001, Madrid (Madrid), Spain.

      How can you lodge a complaint if you believe your rights are not being respected?

      If you believe that the processing of your personal data does not comply with data protection regulations, you have the right to lodge a complaint with the relevant Supervisory Authority in your country of residence or place of activity.

      Depending on your location, you may contact the competent authority in your country. For example:

      • In Germany, you may contact the Berliner Beauftragte für Datenschutz und Informationsfreiheit.
      • In France, the competent authority is the Commission Nationale de l’Informatique et des Libertés (CNIL).

      The specific contact details for Spain are as follows:

      If you are unsure which authority applies to you or need information about other supervisory authorities, you may consult the article on Data Protection Supervisory Authorities , where you will find contact details and links according to your location.

       

      14. AMENDMENT AND INFORMATION PRINCIPLE

      This document ensures that you understand how we process your personal data. By using our website or services, you confirm that you have been informed of the terms of our Privacy Policy, in accordance with the information principle established in Article 13 of the GDPR. The legal bases for the processing of your personal data are set out in Article 6 of the GDPR and may include, among others, the performance of a contract, compliance with legal obligations, or legitimate interest.

      This policy has been prepared with the collaboration of Auratech Legal, a law firm specialising in data protection, and will be periodically reviewed to ensure its adequacy and compliance.

      Lift Asset Management reserves the right to modify this Privacy Policy in response to legislative changes, case law developments, or guidelines issued by supervisory authorities. Any relevant modification affecting the purposes of processing, retention periods, or users’ rights will be expressly communicated.

       

      Last updated: 15 November 2024

       

      Paseo de Recoletos 16. 7ª Planta

      28001 Madrid

      About us

      Contact

      LIFT Asset Management
      Powered by  GDPR Cookie Compliance
      Privacy Overview

      This website uses cookies so that we can provide you with the best user experience possible. Cookie information is stored in your browser and performs functions such as recognising you when you return to our website and helping our team to understand which sections of the website you find most interesting and useful.