Privacy Policy

Dear Customer,
Below you can find necessary information regarding the data protection and the applicability of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (further referred as GDPR).

I. Data Controller
The SeCapital s.a.r.l. constitutes a Data Controller of your personal data, with its registered seat in the ZA de la Cloche d’Or 1A rue Jean Piret L-2350 Luxembourg , e-mail address 

II. Appointment of the Data Protection Officer
SeCapital s.a.r.l. have appointed a Data Protection Officer. The contact details are to be found below:

Data Protection Officer
ZA de la Cloche d’Or 1A rue Jean Piret L-2350 Luxembourg

III. Who are we and what do we do?
We are SeCapital s.a.r.l. and if you are our Client, we have informed you that we have purchased a debt you owe and we are the new claim holder.
We are part of the KRUK Group companies. We have outsourced our activities to Service companies from the KRUK Group, who pursue the claim on our behalf.
Depending on the Service company from whom you have received the Welcome Letter informing about the purchased debt, we invite you to get acquainted with the Data Protection information as available on the website of the Service company that manages the debt collection in the respective countries:
- Kruk S.A. : 
- Kruk Romania S.R.L.: 
- KRUK Česká a Slovenská republika s.r.o.: 

Respective entities of the KRUK Group are the data processors and/or data controllers of your personal data, depending on to which of them pursue the claim of the debt or/and with which of them you concluded an agreement.

IV. Why do we process your personal data and what is the basis of processing?
We may process your personal data for the following purposes and on grounds of the legitimate interests pursued by the controller (Art. 6(1)(f) GDPR):

We may also process your data for the following purposes:

In addition, we are required by law to process your data for tax and accounting purposes (Art. 6(1)(c) GDPR).

V. What data are we talking about?
Personal data is any information relating to an identified or identifiable natural person. Therefore, it includes data allowing your identification, e.g. first and last name, numeric identification data such as: Personal Identification Number, Tax Identification Number, National Official Business Register, number of ID card, address and contact details, e.g. telephone number, email address. Where we process your data in order to claim receivables due to us, this will also include information about payments made and about your financial and economic standing, which we need for that purpose, such as: income and its sources, assets, including real and personal property owned.

VI. How long do we keep your personal data?
We retain the personal data processed by us for as long as necessary for the purpose for which it was collected. The duration of the retention of your personal data by the Data Controller is subject to the following conditions:

If you have given consent to the processing of your personal data, e.g. for the marketing of products and services, your personal data will be processed until you withdraw this consent.
To whom may we disclose your personal data?
We may share your personal data within the KRUK Group companies, to which we belong.
Your data may be also made available to entities which support the debt recovery process, such as law firms, companies providing document storage and archiving services, economic information bureaus, detective agencies, directory enquiry services, telecommunications operators, entities providing postal or courier services, as well as to our consultants or auditors.

VII. Do you have to provide us with your personal data?
The provision of personal data by you is voluntary. However and insofar as your personal data is processed to conclude and perform an agreement, failure to provide your personal data will render it impossible to conclude and perform the agreement.

VIII. Data obtained from other entities
In some cases, we do not obtain your personal data directly from you. Within the scope of our receivables management business, we initially receive the information from the original credit of the claim as part of its sale and transfer to us.
Since we are obliged to make sure that your data is up-to-date, it may be updated based on information received from generally available databases as available in your jurisdiction and mortgage registers, directory enquiry services, etc – after demonstrating legitimate interest and on the basis of the arrangements made by our advisors, e.g. such as when you talk to one of our advisors during the visit or by detective agencies if we have commissioned them to do so.

In case of your debt enforcement proceedings have been instituted or completed, we may also obtain or update your data on the basis of information received from bailiffs in connection with pending enforcement proceedings.

In the above cases, we usually obtain the following categories of your personal data: first and last name, address and contact details, numeric identification data (such as: ID card number), information regarding debt (such as: the amount of debt, its components and sources), information relating to the debt collection process (including settlements made, complaints lodged, judicial and enforcement proceedings), information on payments made, information about security for debt repayment, information regarding financial and economic standing (such as: income and its sources, assets, including real and personal property owned).

IX. What rights do you have in relation to your data and how can you exercise them?
According to the GDPR, you have the right to:

You may also request that:

• Your data be rectified, if data we have is inaccurate, e.g. out-of-date or incomplete,

• Your personal data be erased (“the right to be forgotten”) where: data is no longer necessary in relation to the purposes for which it was collected or otherwise processed; data has been unlawfully processed; the erasure of data is required by law; you have objected to the processing of your data; you have withdrawn your consent to data processing,

• The processing of your personal data to be restricted, which means that personal data processing can be limited, in particular when you have contested the accuracy of personal data for the period of time enabling us to verify the accuracy of personal data, or, when processing of personal data is unlawful.

Should you wish to exercise the above rights, you may: submit your request to us

• via email at:

• by post at: Data Protection Officer, SeCapital s.a.r.l. , ZA de la Cloche d’Or 1A rue Jean Piret L-2350 Luxembourg

You also have the right to lodge a complaint with a supervisory authority who deals with personal data protection, i.e. National Commission for Data Protection


KRUK Group Companies

more +

Board of Directors

more +


more +