We will not request and you should not send personal identification information such as a social security or passport number, bank or other investment account numbers, or any other specific personal financial information through our website.
However, Acadian may collect information about you when you access the website if you voluntarily choose to send Acadian electronic mail, request information, or ask to be contacted. Acadian may use this information to provide you with updated information about the products and services we offer. Certain employees of Acadian and our wholly owned affiliates may be given the information you provide to respond to your requests. Employees of Acadian and its affiliates are instructed to handle any information you provide confidentially.
Our website also uses "cookies" and "web beacons" that are able to collect, store, and aggregate personally identifiable information about usage and browsing patterns relating to users that have opted into our email marketing program. These specific "cookies" and "web beacons" will not collect any data if you are not part of our email marketing activities.
SINGAPORE PERSONAL DATA PROTECTION ACT 2012
The Personal Data Protection Act 2012 (PDPA) governs the collection, use, and disclosure of personal data by Singapore organizations. It consists of two sets of requirements, covering personal data protection and the Do Not Call (DNC) registry
Acadian aims to comply with the requirements set forth in the Act, and respects your personal data held or controlled by us. Should you have any feedback or inquiries pertaining to your personal data, please contact the Data Protection Officer via email at email@example.com or in writing to the Singapore office address.
DATA PROTECTION NOTICE UNDER THE GLOBAL DATA PROTECTION REGULATIONS
Acadian Asset Management (“Acadian”) takes data privacy seriously and we are committed to protecting it. We take the appropriate steps to ensure any personal information or data collected from any of our clients or prospective clients is protected in compliance with applicable data protection laws in the jurisdictions in which we operate or where our clients or prospective clients are located.
This Data Protection Notice (“Notice”) is intended to comply with our notice requirements related to the Personal Data1 of citizens of the United Kingdom and Europe under the Global Data Protection Regulations (“GDPR”). It explains what we collect, how this information is used, the conditions under which it may be disclosed to others, and how it is kept secure.
The content of this Notice may change from time to time. Please check the Notice posted on our website at acadian-asset.com periodically to ensure that you have access to the current version and contact us should you have any questions.
This Notice is effective as of May 15, 2018.
Acadian is the data controller in relation to the processing activities described below. This means that Acadian decides why and how Personal Data is utilized.
HOW WE COLLECT PERSONAL DATA
Acadian only provides investment management services to institutional clients. As a result, the vast majority of the information which Acadian receives from and about our clients is not deemed to be Personal Data as it does not relate to individuals. Any Personal Data that we obtain from employees of our clients is collected as follows:
1. Voluntarily via correspondence by phone, email or otherwise (e.g. the employee’s company telephone number or email address). This includes information provided at the time the account is being established, as well as information provided during our subsequent relationship with you (including where you engage in correspondence with us by phone, email or otherwise).
2. As part of due diligence documentation received during the initial account set up process. This process includes information required as part of the “Know Your Customer” process including the prevention of money laundering.
The information includes employee identity information (i.e passport details and/or date of birth in accordance with applicable law) that may be collected.
HOW WE USE PERSONAL DATA
Personal Data may be collected, used, disclosed and/or processed by Acadian for the following purposes (the “Purposes”):
Where it is necessary to perform the contract
• Considering whether to provide the services, products, or facilities that you are interested in receiving (hereafter “Services”);
• Opening, processing, administering, managing, providing and/or maintaining the Services.
Where there is a LEGAL REQUIREMENT
We will use Personal Data to comply with our legal obligations such as:
• to carry out due diligence or other screening activities on employees or directors of our clients that are involved in administering the relationship with Acadian (including background checks and those designed to “Know Your Client” or to combat financial crime);
• to create and maintain books and records required by applicable law and regulation related to our business activities in any relevant jurisdiction;
• to respond to requests for information from the Financial Conduct Authority or other regulators;
• to identify the person contacting us; and
• to verify the accuracy of the Personal Data we hold.
Where there is a LEGITIMATE INTEREST
We may use and process Personal Data (i.e. email address) where it is necessary for us to pursue our legitimate interests as a business for the following purposes:
• for marketing activities;
• for prevention of fraud and other criminal activities (including financial crime); and
• to correspond or communicate with our clients.
OTHERS WHO MAY RECEIVE OR HAVE ACCESS TO PERSONAL DATA
We may share your Personal Data with other companies within our group. They may use Personal Data in the ways set out in How we use your Personal Data.
Our suppliers and service providers
We may disclose Personal Data to our third-party service providers, agents, subcontractors and other organisations in order to enable them to provide services to us, or directly to you, on our behalf in satisfaction of the requirement of our agreement with you. Such third parties may include cloud service providers (such as hosting and email management), and providers of operational and administrative services.
When we use third party service providers, we only disclose to them such Personal Data as is necessary for them to provide the services necessary for us to meet our contractual requirements with you. We ensure that any agreement in place between us and such service provider ensures that your information is maintained confidential and not used for any other purposes other than as instructed.
Other ways we may share Personal Data
We may transfer Personal Data if we are under a duty to disclose or share it in order to comply with any legal obligation, to detect or report a crime, to enforce or apply the terms of our contracts, or to protect the rights, property or safety of our visitors and clients. We will always take steps with the aim of ensuring that privacy rights continue to be protected.
WHERE WE STORE PERSONAL DATA
All Personal Data provided to us by clients or prospective clients located within the European Economic Area (EEA) may be retained in the United States and may be transferred to other countries outside the EEA. Not all countries have similar data protection laws to those of the EEA.
We take appropriate security measures with the aim of ensuring that privacy rights continue to be protected as outlined in this Notice each time Personal Data is transferred. These steps include imposing contractual obligations on the recipients of Personal Data or ensuring that the recipients are subscribed to ‘international frameworks’ that aim to ensure adequate protection. Please contact us as instructed below should you require further information.
HOW LONG WE KEEP PERSONAL DATA
The length of time we retain Personal Data is determined by a number of factors including the reasons why we collected the information, its use, and our obligations under relevant laws. We will only retain Personal Data in an identifiable format for as long as is necessary.
For example, we may need Personal Data to provide ongoing services, to meet book and recordkeeping obligations imposed upon us by relevant law and regulation, or to establish, bring or defend legal claims. As such, we retain Personal Data for a period of seven (7) years after the date a client terminates their agreement with us. The only exceptions to this are where:
• contractual requirements with our client, or where the relevant laws or regulations, require us to hold Personal Data for a longer period, or delete it sooner;
• we receive a request from you to have the Personal Data related to you erased (where it applies) and we are not legally, or for other business reasons, required to retain it for a longer period (see further Erasing your Personal Data or restricting its processing below); or
• in limited cases, we are permitted by law to retain Personal Data indefinitely provided certain protections are in place.
SECURITY AND LINKS TO OTHER SITES
We have put in place reasonable and appropriate controls to ensure that Personal Data we receive remains secure against accidental or unlawful destruction, loss, alteration, or unauthorised access. Unfortunately, the transmission of Personal Data via the internet is not completely secure. Although we will do our best to protect it, we cannot guarantee its security.
Should any sensitive Personal Data be obtained, such as that related to ethnic background, personal circumstance, political opinion, religion, trade union membership, or criminal record, we will apply additional security controls to protect that data.
This Notice only applies to Acadian. We assume no responsibility for the data protection policies and practices of other companies or third parties including those to whom we may link on our website or to whom may link to us. We recommend that you check the data protection policy of each of these parties.
Acadian identifies prospective clients in a number of ways, including but not limited to the following:
• where an investment strategy may be of interest to existing clients;
• where a prospective client attends a conference, seminar or other event organised by Acadian;
• using other publicly available means, including social media (e.g. LinkedIn).
Acadian may send marketing material to prospective clients via email or other electronic means. We will only do so if you have not objected to receiving such marketing material via the ‘OptOut’ process included with the communication.
We may also provide you with marketing material by post or with targeted advertising delivered online through social media and platforms operated by other companies.
You have the following rights as it pertains the Personal Data we may have collected.
• To tell us to cease sending marketing materials
You have the right to tell us to stop using your Personal Data for marketing purposes and to ‘OptOut’ to the receipt of future marketing materials. Please see Objecting to our use of your Personal Data below for further details along with information on how to ‘OptOut.’
• To access Personal Data
You have the right to ask for a copy of the Personal Data that we hold about you by emailing us at the address at the end of this Notice. We will evaluate your request and may reject it if the request pertains to, or would reveal, the identity of others or we have another lawful reason to withhold that information.
• To correct and update Personal Data
If you change your name or mailing/email address, or become aware that any of the other information you provided to us is inaccurate or out of date, please let us know by contacting us using the email address at the end of this Notice. We may contact you periodically to confirm the Personal Data we have on file related to you is accurate.
• To object to or restrict our use of Personal Data
You may object to us using Personal Data. Please email us at the address at the end of this policy with the specific use(s) that you want us to stop and the reasons why. Unless we can confirm that we are legally required to continue to use the Personal Data for these purposes we will temporarily stop using the Personal Data while we investigate your objection. If our investigation reveals that your objection is supported by relevant data protection laws, we will stop using the Personal Data for the purposes that were underlying your objection. Otherwise we will provide you with our justification as to why we need to continue using the Personal Data.
• To request we erase Personal Data or restrict its processing
In certain circumstances, you may ask for Personal Data to be removed from our systems by emailing us at the address at the end of this policy. As noted above, we may not adhere to it if we are legally, or for other business reasons, required to retain it for a longer period.
• To transfer Personal Data to you in a structured data file
Where we need to process Personal Data in connection with a contract, as set out under How we use Personal Data, you may ask us to provide you with a copy of that information in a structured data file. We will provide this to you electronically in a structured, commonly used and machine readable form, such as a CSV file.
You can ask us to send Personal Data directly to another service provider, and we will do so if this is technically possible. We will not accommodate your request if it would reveal the identity of others or we have another lawful reason to withhold that information.
• To complain to the UK data protection regulator
You have the right to complain to the Information Commissioners Office (ICO) if you are concerned about the way we have processed Personal Data. Please visit the ICO’s website for further details.
Prior to responding to any request to access, cease using, change or erase your Personal Data we may ask you for information to confirm your identity and/or to help us to help us identify the Personal Data we retain that is specific to you. Except in rare cases, we will respond to a request within one (1) month from either (i) the date that we have confirmed your identity or (ii) should your identity be known, from the date we received your request.
CHANGES TO THIS NOTICE
We will review the content of this Notice from time to time and will post any amended versions to our website. Any changes will take effect seven (7) days after the date we post. We recommend that you regularly check for amendments and review this Notice whenever you visit our website. If you do not agree with any aspect of an updated Notice you should notify us of your specific concerns immediately or cease using our services.
Please direct any queries about this Notice or requests for, or updates to, your Personal Data to Paul Martindale at firstname.lastname@example.org. Should you no longer wish to receive marketing related materials from Acadian please email OptOut@acadian-asset.com.