Carestone Property Fund is een subfonds van Bluestone Real Estate Fund S.C.A - Sicav - SIF met een vergunning van de Luxemburgse toezichthouder op de financiële sector (CSSF). Bluestone Real Estate Fund S.C.A. streeft ernaar om alle informatie op deze website zo juist, volledig, actueel en nauwkeurig mogelijk te houden. De website wordt op regelmatige tijdstippen bijgewerkt. Bluestone Real Estate Fund S.C.A. kan echter in geen geval aansprakelijkheid aanvaarden voor enige directe of indirecte schade die volgt uit het gebruik van de informatie op deze internetsite.

Deze website is louter informatief en kan niet gezien worden als financieel advies. De informatie verstrekt door deze website is geen uitnodiging om te investeren in Bluestone Real Estate Fund S.C.A. en investeringsbeslissingen kunnen niet genomen worden op basis van deze informatie.

Aandeelhouders kunnen aan de inhoud en genoemde rendementen op deze website geen rechten ontlenen. Een uitgebreid investeringsmemorandum is op aanvraag verkrijgbaar. Investeringsbeslissingen over dit product dient men uitsluitend te nemen op basis van het investeringsmemorandum. De waarde van uw investering kan fluctueren. In het verleden behaalde rendementen bieden geen garantie voor de toekomst.

Gebruikers dienen zich bewust te zijn van het feit dat op deze website cookies gebruikt worden. Bluestone Real Estate Fund S.C.A. gebruikt cookies om het surfen op de website vlotter te laten verlopen. Daarnaast zijn er cookies om anonieme, globale informatie in te zamelen voor statistische doeleinden. Er wordt in onze cookies geen persoonlijke informatie opgeslagen. De meeste browsers zijn standaard ingesteld om cookies te aanvaarden. U kan het gebruik van cookies echter uitschakelen als u dat wil, via de instellingen van de browser. Als de cookies uitgeschakeld zijn, kan dat betekenen dat niet alle diensten op deze website beschikbaar zijn.

Deze website wordt beheerd vanuit het kantoor in Luxemburg en voldoet aan de Luxemburgse wetgeving. Elk geschil met betrekking tot het gebruik van de website is onderworpen aan de bevoegdheid van de Luxemburgse rechtbanken.


Privacy policy



  1. General Provisions

Bluestone Real Estate Fund S.C.A., SICAV-SIF, represented by its general partner Bluestone Real Estate Management S.à r.l. (the “Fund”), acts as data controller (the “Data Controller”). The Fund is committed to maintain the privacy and the security of any Personal Data, as defined below, by controlling the collection, the storage, the processing by the Data Processors, as defined below, of such Personal Data of the clients, investors, prospective investors, or other third parties related to them (each a “Data Subject”, all together, the “Data Subjects”).

The purpose of this Data Protection Statement is to explain how the DPC, as defined below, use the Data Subjects’ Personal Data.

By continuing to engage in the provision of services with the Fund, the Data Subjects authorize the Data Controller and the Data Processors (all together the “DPC”) to use and transfer the Personal Data about themselves, their employees, directors, managers, officers or representatives in accordance with this Data Protection Statement, as amended from time to time (the “DPS”). The Data Controller commits to observe confidentiality concerning information it possesses within the conditions as indicated below.

The Data Subjects should be aware that by subscribing for shares of the Fund, they give their consent to processing of their Personal Data by the DPC and any other duly authorized person to which their Personal Data are disclosed, as indicated in this DPS.

Where these DPS uses terms defined in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC, as amended from time to time (the “GPDR”), those terms shall have the meaning as in the GDPR.

The DPS shall be read and interpreted in the light of the provisions of the GPDR. Such DPS shall not be interpreted in a way that runs counter to the rights and obligations provided for in the GPDR or in a way that prejudices the fundamental rights or freedoms of the Data Subjects. The DPC shall apply respectively (i) Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries or (ii) Decision (EU) 2021/915 of 4 June 2021 on standard contractual clauses between controllers and processors under Article 28 (7) of GPDR and Article 29 (7) of Regulation (EU) 2018/1725, as applicable and as amended from time to time (the “Clauses”). In the event of a contradiction between the Clauses and the provision of this DPS, the Clauses shall prevail.

  1. Personal Data definition

In accordance with the GDPR, the Personal Data means any information relating to the Data Subjects, such as a name, an identification number, location data, email address, bank account information, source of funds and wealth, personal net worth, driver’s license number, social security or national insurance number, an online identifier or to one or more factors specific to the physical, economic, cultural or social identity that the Data Subjects provide. The Data Processors may also, in appropriate cases and to the extent permitted by the GDPR, control, process and use certain data inter alia regarding anti-money laundering (AML) and “Know Your Customer” (KYC).

Where the processing involves Personal Data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data or biometric data for the purpose of uniquely identifying a natural person, data concerning health or a person’s sex life or sexual orientation, or data relating to criminal convictions and offences (sensitive data), the Data Processors apply specific restrictions and/or additional safeguards.

  1. Data Processors

In the course of business relationships between the Data Subjects and the Fund (the “Business Relationship”), the following Data Processors may collect, record, organize, store, consult and process, only on documented instruction from the Data Controller, unless required to do so by relevant applicable laws, Personal Data:

  • The employees, board members, partners, managers, officers, advisors, lawyers or representatives of the Data Controller;
  • The service providers of the Fund, as disclosed in the Fund’s offering documents (g. the depositary bank, the administrative, registrar, transfer and paying agent, the investment advisor, if any, the investment manager, if any, the auditor) including their employees, directors, affiliates, officers, advisors, lawyers and representatives;

The Data Processors shall immediately inform the Data Controller if, in the Data Processors’ opinion, instructions given by the Data Controller infringe the GDPR or the applicable data protection laws provisions. The Data Processors are responsible for the processing of the Personal Data with any applicable law.

The DPC may, during the course of the Business Relationship, transfer the Personal Data, to the extent permitted by the GDPR, to:

  • domestic and foreign authorities, tax authorities, governments, tribunals, and any other authorities or official bodies and their representatives (the “Authorities”);
  • any service providers as indicated in the Fund’s offering documents or in the relevant agreements entered into by the Fund (as mentioned in the Fund’s offering documents), their employees, directors, affiliates, officers, advisors, lawyers and representatives;
  • any person that the Data Subjects request or permit the Data Controller to keep informed. If the Data Subjects no longer wish to share their Personal Data with such person(s) or wish to change their preferences in this respect, please inform:

The Personal Data of the Data Subjects may be transferred to any Data Processors identified in this section 3 in connection with the Business Relationship or authorized by the Data Controller, some of which may be outside the European Economic Area (EEA). In such case, please refer to the section 5 of this DPS.

  1. Ways of processing the Personal Data of the Data Subjects

The Data Processors may process, use or transfer the Personal Data of the Data Subjects for the following purposes connected to the Business Relationship which are inter alia:

  • administering the provision of services provided by the DPC g. billing, internal reporting, analysis, and other ancillary matters;
  • processing subscriptions, redemptions and conversions of shares of the Fund and payments of dividends or interests to the shareholders of the Fund;
  • complying with any present or future law, rule, regulation, guidance, decision or directive (including those concerning antiterrorism, fraud, AML and anti-corruption) and, in appropriate cases, carrying out KYC checks and other procedures that the DPC undertake prior the Data Subject becoming a shareholder of the Fund;
  • establishing, exercising or defending rights;
  • complying with demands and requests made by, or making voluntary disclosures to Authorities;
  • obtaining advice, receiving services or providing a third party with information about matters that may impact the Fund;
  • providing the Data Subjects with marketing information relating to the Fund’s products or services; and
  • any other purposes that are incidental to or directly connected with the foregoing purposes or otherwise in the course of the Business Relationship.

The provision of the Personal Data of the Data Subjects is necessary for DPC to:

  • fulfil legal obligations;
  • perform obligations under contract with the Data Subjects; or
  • fulfill legitimate interests of the DPC for the performance of the services.

When users surf to this website, the Data Processor stores certain information from the user in statistics (Google Analytics). This information includes inter alia the browser type, IP address, the operating system the user uses and the domain name of the website that guided the user to such website. The Data Processor uses these statistics to analyze the surfing behavior of the visitors. Based on this, the Fund can optimize such website for its users. The statistics are completely anonymous. In addition, when users subscribe to the newsletter of the website, the relevant Data Processor stores the e-mail address of the user. Such storage is needed for the Fund to have the ability to send to the users the subscribed newsletter. The e-mail address is stored securely at Mailchimp. Mailchimp secures the data of the user and is part of a certified EU-US Privacy Shield Framework and respects its privacy.

Personal Data are processed for various purposes. However, the DPC ensure that they only collect and process the data that is adequate, relevant and limited to what is necessary for the purposes for which it is processed.

If Data Subjects do not wish to provide their Personal Data, in whole or in part, for any of the purposes listed immediately above, the DPC may not be able to provide their financial services to the Data Subjects.

  1. Transfer of the Personal Data of the Data Subject abroad

The Personal Data of the Data Subjects may be transferred to any Data Processors identified in section 3 in connection with the Business Relationship or authorized by the Data Controller, some of which may be outside the European Economic Area (EEA). The countries to which the Personal Data of the Data Subject are transferred may not offer an equivalent level of protection for Personal Data to the laws applicable in Luxembourg. However, such transfer will be carried out in accordance with the Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries. For such transfer, the relevant DCP implements measures to ensure an adequate level of protection and security of the Personal Data. This includes protecting the Personal Data against a breach of security leading to accidental or unlawful destruction, loss, alteration, unauthorized disclosure or access to the Personal Data.

  1. Updating and retaining Personal Data

It is important for DPC to maintain accurate records of the Personal Data. The Data Subjects should inform as soon as possible the Data Controller of any changes to or errors in their Personal Data and the DPC will update their records accordingly. The DPC will only retain the Personal Data for as long as, in their reasonable opinion and in line with their data retention policy, is necessary to comply with applicable laws or for the purposes for which the DPC process the Personal Data (as set out in this statement). The Personal Data shall never be used for marketing purposes, unless the Data Subject has accepted otherwise.

  1. Security of the Personal Data of the Data Subjects

The Data Controller will take steps to protect the Personal Data of the Data Subjects against loss or theft, as well as from unauthorized access, disclosure, copying, use or modification, regardless of the format in which it is held.

  1. The rights of the Data Subjects

The Data Subjects have certain rights under data protection laws and GDPR. The Data Subjects have a right to:

(i) request access to and rectification, modification, correction or erasure of their Personal Data;

(ii) obtain restriction of processing or to object to processing of their Personal Data;

(iii) obtain a copy of their Personal Data being processed;

(iv) request the cessation of data processing, under certain circumstances;

(v) data portability; and

(vi) withdraw any consent given at any time.

The Data Subjects also have the right to lodge a complaint about the processing of their Personal Data with their local data protection regulator. Please note that these rights are not absolute: they do not always apply and exemptions may be engaged. The Data Controller may, in response to a request, ask the Data Subjects to verify and to provide information that helps the Data Controller to understand its request better. If the Data Controller does not comply with the request of the Data Subject, the Data Controller must explain why. If the Data Subjects require further information in relation to their rights under data protection laws and GDPR, the Data Controller invites the Data Subjects to visit the website of the relevant data protection regulators (a list is available under or contact the Data Controller via the contact details below.

  1. Contacting the Data Controller

If the Data Subjects have any questions or comments on this DPS, the Data Controller invites to contact it by email:

  1. Frederik Denys

Email address:

  1. Notification of changes


This DPS is dated July 2022. From time to time, the Data Controller may amend this DPS without notice and an amended DPS will be available by contacting M. Frederik Denys at This may be for a number of reasons, including changes in law, market practice or the DPC’s treatment of the Personal Data of the Data Subject.

  1. Applicable laws / data protection regulator


This DPS is regulated by the GDPR, the Clauses and any other applicable Luxembourg laws. The data protection regulator of the Luxembourg is the National Commission for Data Protection (Commission Nationale pour la Protection des Données – CNPD).

Rachel Beljulji

Mark Norman