Capital Four is fully committed to protecting any personal data related to applicants. In this Privacy Policy we describe how we use your personal data, i.e. our collection, usage, processing, storage or sharing of personal data in accordance with the EU General Data Protection Regulation (GDPR) when you apply for a job with Capital Four.

‍

1. Capital Four is the data controller

Capital Four Management Fondsmæglerselskab A/S (CVR no. 30593065) and Capital Four AIFM A/S (CVR no. 35670637) jointly referred to as “Capital Four”, “us” or “we” is each joint controller for the personal data you share with us in connection with your employment relationship.

‍

In accordance with GDPR article 26, the two companies have entered into an arrangement for joint controllership. The essence of this arrangement is that:

• Capital Four Management Fondsmæglerselskab A/S acts as the primary point of contact for applicants and manages the daily IT and HR systems used for processing applications.
• Both companies are responsible for ensuring your rights are upheld. You may exercise your rights in respect of and against each of the controllers.

‍

Our contact information is:

Capital Four Management

Per Henrik Lings Allé 2, 8th floor

2100 Copenhagen Ø

Phone: +45 3525 6100

E-mail: legal@capital-four.com

www.capital-four.com

‍

2. The purposes and the legal basis for the processing of personal data

The purpose of our processing is to assess your suitability and qualifications for the vacant position, and to contact you throughout the recruitment process. The processing is necessary to take steps at your request when assessing whether we should enter into an employment contract with you (GDPR article 6, 1, b) or if processing is necessary for the purposes of Capital Four’s legitimate interest (GDPR article 6, 1, f) in identifying and selecting the most qualified candidate for the position and to document the recruitment process. Processing may also be made with your specific consent, e.g. when obtaining references from your former employer prior to an employment offer (GDPR article 6, 1, a).

‍

3. Categories of personal data

The personal data we process may include the following categories:

• Identification and contact information, such as name, address, phone number, email address, etc.
• Cover letters, CV's, education, grades, recommendations, pictures
• Any information you provide to us during a job interview
• Information obtained during background and reference checks

We urge you not to send your CPR-number/similar personal identification number or any other sensitive personal data as we do not use this as part of the application process. Further, we urge you not to include your picture in your application package.

‍

4. From where we receive the information

Usually, we will receive the information from you, e.g. through the application process. However, we might also receive it from your former employer or recruitment companies with your consent, or from publicly available sources.

‍

5. Who we share your personal data with

We make use of various external service providers who and process personal data on behalf of Capital Four, known as data processors. These processors store and handle your personal data only in accordance with this Privacy Policy, applicable law, and a signed data processing agreement. However, the data processor may only legally access your personal data on our behalf to fulfil the specific purposes set by us.

• Data Processors: This includes our primary HR-system provider (for application storage and management) and may include IT hosting providers or other software providers necessary for the recruitment process.
• Other Recipients: We may also share your personal data with other external recipients where necessary, such as:
  1. External recruitment agencies (if you applied through one).
  2. Professional advisors (e.g., lawyers or accountants) in connection with legal matters or compliance.
  3. Reference providers (with your explicit consent).

If your personal data is transferred to recipients or processors located outside the EU/EEA ("third countries"), we ensure that the transfer complies with GDPR Chapter V:

• We only transfer data to a third country that has been deemed to provide an adequate level of data protection by the European Commission, or
• The transfer is based on appropriate safeguards, such as the EU Commission's Standard Contractual Clauses (SCCs), which ensure the transferred data receives a level of protection essentially equivalent to that guaranteed within the EU.

‍

6. How long we keep your personal data

We process your personal data for as long as necessary to fulfil the purposes mentioned above. If your application does not lead to employment with us, we will keep your personal data for 6 months after the end of the recruitment process, unless you consent to an additional storage period. If your application leads to employment with us, your personal data gathered during the recruitment process will be kept during your employment.

‍

7. Your privacy rights

You have certain rights under the General Data Protection Regulation.

‍

You have certain rights under the GDPR. These include the following:

• Access to your personal data: You have the right to obtain a copy of the personal data that we hold about you.
• Correction of incorrect or incomplete data: You have the right to rectification of inaccurate personal data concerning you and to have incomplete personal data completed.
• Erasure: Under certain conditions you have the right to obtain the erasure of personal data concerning you where we do no longer have a legal basis for the processing of such data.
• Limitation of processing: You have the right to ask us to suspend processing of personal data in special cases.
• Object to processing: In certain specific cases you have the right to object to processing of personal data concerning you.
• Data portability: You have in certain cases the right to receive the personal data concerning you which you have provided to us.
• Withdrawal of Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time.

‍

You can find further and more detailed information about these rights in our general Capital Four Privacy Policy: https://capital-four.com/privacy-policy/

‍

You also have the right to file a complaint with the Danish Supervisory Authority (Datatilsynet) if you believe our processing of your personal data infringes the GDPR:

‍

Datatilsynet

Carl Jacobsens Vej 35

2500 Valby

Email: dt@datatilsynet.dk

Website: www.datatilsynet.dk

‍

This Privacy Policy is dated 3 November 2025

‍