1.1 First Sentier Investors (“FSI”) is committed to protecting the identity of individuals and safeguarding their Personal data.
- what Personal data FSI collects
- how FSI collects and stores Personal data
- how FSI uses Personal data
- how Personal data can be disclosed to others
- how an individual can access or correct their Personal data
- how to complain if an individual has concerns about how FSI has managed their Personal data
2.1 This Policy applies to all subsidiaries and affiliates within FSI. FSI is the corporate group comprising the following and all of their direct and indirect subsidiaries:
- First Sentier Investors Holdings Pty Limited; and
- First Sentier Investors (US) LLC.
2.2 Please refer to Appendix A for the list of companies and investment funds in Europe and the United Kingdom to which this Policy applies.
3. What is Personal data?
3.1 Personal data is information or an opinion about an individual from which the individual can be reasonably identified.
4. What Personal data does FSI collect?
4.1 The Personal data FSI may collect will depend on the circumstances of collection, including whether we collect the information from individuals as an investor or client, a supplier, contractor, stakeholder, job applicant, employee or in some other capacity. For example in some locations business contact details of a company representative with whom we deal are considered to be Personal data.
4.2 FSI collects Personal data so that we can provide products and services and engage suppliers and comply with our legal obligations such as those under taxation and anti-money laundering and counter-terrorism financing laws. If FSI does not collect Personal data, we may not be able to provide a product or service or enter into a supplier arrangement.
4.3 The product or service that we are providing or receiving will also determine what information we will collect. This information may include a name; address (including proof of name and address); photo identification; contact details both personal and work (for example, email and phone numbers); hobbies and interests; job title and company; nationality; citizenship; tax residency; date of birth; passport details; government issued identifying numbers (eg. tax numbers and national identity); adviser details; investment details; banking details; signed contracts ; business cards, contact sheets and biographies; financial dealings; family connections; details of company’s directors, secretaries, authorised signatories and identification documents; details of any complaints made; data required to conduct due diligence activities (such as anti-money laundering, politically exposed persons and sanctions checks); responses to surveys and competitions; fraud enquiries (for example, information from police reports); images captured by CCTV cameras on our premises(in locations where there are cameras present); recordings of telephone conversations and electronic communications with our staff.
4.4 We may also collect Personal data using cookies on this site. The collection is managed in accordance with our Cookies Policy.
4.5 We may collect Personal data from third parties, depending on the nature of the business relationship, in particular the following:
- Third party service providers to our funds (for example, transfer agents, registrars, administrators, distributors, custodians and paying agents) – information received includes personal details of investors obtained from fund application forms such as: name; address; contact details; nationality; government issued identity numbers (eg. national insurance number); date of birth; tax residency; adviser details; investment details; bank account details.
- Advisers (including independent financial advisers) – information received may include an investor’s or client’s name; address; gender; date of birth; bank details.
- Suppliers such as Experian and Refinitiv – information received includes the results of “Know Your Client”, anti-money laundering, politically exposed persons and sanctions checks.
- Publically available sources such as MandateWire and LinkedIn – information available includes contact details of institutional investors (MandateWire) and details of job title, company, former employers and roles, and connections (LinkedIn).
4.6 In the context of FSI’s recruitment process for employees and contractors, we may collect (including through a recruitment agency), and hold, the following kinds of Personal data: applicant’s or employee’s name, contact details, date of birth, citizenship, employment references, background checks, regulatory accreditation, media (including social media), directorships, driver’s licence information, education, employment history and credential validation. Applicants for job vacancies in the United Kingdom and Europe will receive a separate Privacy Notice as part of the application process.
4.7 In the employment context, we may also collect and hold the Personal data listed above, as well as tax number, financial information, banking details, and other Personal data that may be collected in the use of FSI systems or assets. This information may be collected to assist us in monitoring compliance with our internal policies and perform other necessary functions and activities. All employees and contractors receive a separate Privacy Notice in relation to their employment.
5. How does FSI collect and store Personal data?
5.1 We collect from time to time, Personal data on investors, clients, suppliers, contractors, stakeholders, job applicants, employees and other business contacts from a number of sources, including from: investor application forms; other FSI forms (including website forms); client investment management agreements; various forms of correspondence; conversations; advisers; intermediaries; business cards; third party service providers to our funds (for example, transfer agents, administrators, distributors, custodians, paying agents); client advisers; other third parties; and from public sources. This information may be collected directly from investors, clients, intermediaries and business contacts, or indirectly from third parties.
Collecting information from visits to FSI’s website
5.2 We may collect information based on FSI’s website usage. FSI uses “cookies” and other data collection methods such as pixel tags to collect information on website activity such as the number of visitors, the number of pages viewed and the internet advertisements which bring visitors to our site. This information is collected to analyse and improve our website, our marketing campaigns and to record statistics on web traffic.
5.3 If account information is accessed online through one of the secure areas of FSI’s website, we will collect information about the visit using “cookies” to track the use of our website and to allow visitors to effectively access their account information. This information is collected for security purposes and to protect the integrity of visitor’s account details. For more information, please see our Cookies Policy.
6. How is Personal data protected?
6.1 Personal data held by us will be kept confidential.
6.2 We hold Personal data in secure computer storage facilities (whether in-house, at our service providers, or on cloud based systems), on paper-based files and in other formats. We take reasonable steps to protect information from loss and unauthorised access, destruction, use, modification or disclosure.
6.3 Access to Personal data held by FSI is controlled to prevent misuse or unauthorised disclosure of the information. We utilise a range of technical security measures such as secure authentication, password controls, encryption, firewalls and anti-virus technology to prevent unauthorised access to information. Physical access to our buildings is controlled by security pass.
6.4 How long we hold Personal data for will vary and will be determined by various criteria including:
- the purpose for which we are using it – we will need to keep the Personal data for as long as is necessary for that purpose, and
- legal obligations – laws or regulation may set a minimum period for which we have to keep Personal data.
7. How does FSI use Personal data
7.1 The information we use will depend on the nature of the business relationship, as follows:
- In relation to prospective investors and clients, we may process Personal data for identification purposes (prior to becoming an investor in our funds or a client of ours under an investment management agreement), for the purposes of anti-money laundering, counter terrorist financing, suitability and appropriateness assessments, “Know Your Client” and credit-worthiness checks, and for any other applicable legal or regulatory reasons. Failure to provide relevant information will mean that we will not be able to on-board a potential investor or client.
- In relation to investors in our funds, we may process information collected for the purpose of account administration and other general business purposes (for example, for processing subscriptions and investments; maintaining the share register of investors, carrying out investor instructions; handling any complaints and enquiries; sending investor communications, including financial reports, valuations, corporate actions). In addition, in order to comply with regulatory obligations, we may collect and disclose certain information about our investors and certain related persons and their investments to the local tax authority and and/or other relevant tax authorities overseas.
- In relation to our investment management clients, we may process Personal data for the purpose of managing and administering clients’ accounts, including providing valuations and periodic reports and informing clients of relevant information as required by the investment management agreement.
- We may from time to time process Personal data of investors and clients to comply with legal and regulatory requirements impacting our business. In particular, we may need in the context of our business: to obtain legal advice on legal and regulatory requirements; to report to relevant regulators; to comply with market opening and registration requirements in the conduct of our business; prevent or investigate any actual or suspected fraud; unlawful activity or misconduct; consider any concern or complain raised against FSI and/or to manage any legal action against FSI.
- In relation to intermediaries who introduce investors into our funds (such as distributors, platforms and independent financial advisers), we may process Personal data to conduct market research, gauge product sales or product performance or assess the creditworthiness of intermediaries. In addition, we may process the Personal data of investors introduced to our funds, as outlined above.
- In relation to our general business contacts (including consultants and intermediaries who act for our mutual clients), we may process Personal data for general business purposes such as: for public relations and corporate communications purposes; providing thought leadership articles; networking/relationship building; conducting market research and gathering industry statistics; evaluating products and services; when visiting our offices; and assisting with any queries.
- We may process Personal data to analyse the performance of IT systems, monitor usage of resources and systems and to improve products, services and usability of our technology platform, including telephone calls and electronic communications with our staff which may be recorded for the purposes of retaining a record of communications; in the interests of security; for training and compliance monitoring purposes and/or to comply with legal or regulatory obligations.
- In relation to job applicants, to consider an application for employment.
- In relation to employees and contractors, we may process Personal data for the purpose of complying with tax, employment/labour and workplace health and safety regulations (including management of working hours, sick leave and the health and safety of personnel, talent management including promotions and position assignments/reassignments and the administration and payment of wages and benefits). Personal data of employees may also be used for the purposes of managing or ending the employment or other contractual relationship and disputes with employees, including defending claims brought by employees. We may also use information for other purposes required or authorised by or under law (including purposes for which consent has been provided).
7.2 We are entitled to use Personal data in these ways because:
- We have legal and regulatory obligations that we have to discharge;
- We may need to in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
- The use of Personal data as described is necessary for our legitimate business interests (or the legitimate interests of one or more of our affiliates);
- The use of Personal data is necessary for the performance of a contract;
- Consent to us processing Personal data has been provided (other than for marketing purposes);
- Consent has been provided for us to process Personal data for the purposes of informing (for example, by telephone, mail or email) individuals about other products and services available from the other companies within FSI and about marketing campaigns and event invitations.
8. How is Personal data disclosed to others
8.1 We may disclose Personal data to other companies within FSI, for internal business and administrative purposes (including to administer our products and services and for prudential and risk management purposes) and, where consent has been given, to provide individuals with information on related products and services.
8.2 We may also disclose Personal data relating to our clients to other companies within FSI to whom we sub-delegate our services (for example, trade order execution and portfolio management). When we disclose Personal data to other companies within FSI, we will take appropriate measures to ensure that such Personal data is shared and treated securely and in accordance with this Policy.
8.3 FSI related companies and third parties are located in jurisdictions including, but not limited to, Australia, Canada, Cayman Islands, France, Germany, Hong Kong, India, Ireland, Japan, Luxembourg, New Zealand, Singapore, United Kingdom, and the United States.
8.4 We may disclose Personal data to third parties that are specifically engaged by us to provide services to us, in which case we will require those parties to keep that information confidential and secure and to use it solely for the purpose of providing the specified services to us.
8.5 The following is a list of the types of third parties who process Personal data on our behalf:
- third party service providers to our funds (for example, transfer agents, administrators, distributors, platform providers, custodians, paying agents and researchers). These third party service providers may also disclose and transfer your Personal data to their subsidiaries or affiliates or other third party contractors;
- credit reference agencies, debt collection agencies and other companies for use in credit decisions, for fraud prevention, to pursue debtors and for the verification of identity;
- document execution vendors in relation to the execution of contracts with our clients;
- mailing houses or printing companies;
- recruitment agencies and payroll administrators;
- information technology providers; and
8.6 Where a financial adviser (as indicated on the investor application forms) or other professional adviser is used, then details of an individual’s investments and valuations may also be provided to their adviser and their respective service providers.
8.7 We may disclose to relevant tax authorities, regulators, government departments, competent authorities of the UK or of other countries, or other government or law enforcement agencies (without limitation) any Personal data (including tax status, identity or residency or other personal and payment information, documents or self-certifications) in order to comply with a court order or to meet legal and regulatory requirements arising in the conduct of our business. Such disclosure may be made directly to such regulators or competent authorities etc. or made indirectly to our advisers or providers who will make such filings or disclosures on our behalf.
8.8 With your consent, we may also disclose Personal data to other third parties and for other purposes. That consent may be written, verbal or implied from conduct.
For those located in the United Kingdom or Europe,
8.9 In relation to data transfers outside of the European Economic Area (“EEA”) or UK, we may transfer Personal data of individuals located in the UK or Europe to our affiliates (including outside the EEA or UK) and/or allow the information to be accessed by our affiliates and their employees outside the EEA or UK as well as within it. It may also be processed by personnel operating outside the EEA or UK who work for us or for one of our third party service providers.
8.10 Where we transfer such Personal data outside the EEA or UK, we will ensure that it is protected in a manner that is consistent with how Personal data is protected by us in the EEA or UK or that the transfer is otherwise compliant with data protection laws. This can be done in a number of ways, for example:
the country that we send the data to might be approved by the European Commission or the UK Information Commissioner’s Office (“UK ICO”);
the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission or UK ICO, obliging them to protect your Personal data; or
where data protection laws permit us to transfer Personal data outside the EEA or UK
8.11 Individuals can obtain more details of the protection given to Personal data when it is transferred outside the EEA or UK (including a sample copy of the model contractual clauses) by contacting [email protected].
9. An individual’s rights in relation to their data
9.1 Individuals have a right to access the Personal data that we hold about them and if they wish to make an application to access or obtain this Personal data, they can contact us using the details in section 12 below. In some circumstances, individuals have the right to receive some Personal data in a structured, commonly used and machine-readable format and/or request that we transmit that Personal data to a third party where this is technically feasible. Please note that this right only applies to Personal data which individuals have provided to us.
9.2 Generally we do not charge a fee to request access to Personal data. However, if we do propose to charge a fee we will advise beforehand, so that the applicant can decide whether to proceed. Any fee charged would be to cover the cost of obtaining the information. For example, searching, retrieving and despatching the information.
9.3 We must verify the applicant’s identity before giving access to, or correcting the Personal data.
9.4 We take reasonable steps to ensure that the Personal data we collect, use or disclose is accurate, complete and up to date. Individuals are encouraged to contact us if any of the details they have provided change or if they believe that the Personal data we have about them is not accurate, complete or up to date.
9.5 In certain circumstances, FSI may not be able to correct or provide applicants with access to their Personal data. In these circumstances, we will write to the applicant to explain and provide the reasons why.
9.6 If an individual wishes us to erase or restrict using their Personal data, they are encouraged to contact us. We may need to discuss the basis of the request with the applicant as there may be circumstances where we are legally entitled to continue processing the Personal data or refuse the request.
9.7 If individuals have previously provided their consent to our use of their Personal data (other than for marketing purposes) and they wish to withdraw such consent, they are encouraged to contact us. We may need to discuss with the individual whether our use of their Personal data needs to continue for lawful purposes (i.e. because we have another legitimate reason for doing so).
9.8 If an individual has previously consented to being sent information about other products and services available from the First Sentier Investors group of companies, they may withdraw such consent by contacting us.
10. Expressing concerns or complaints about the management of Personal data
10.1 If an individual has a complaint related to how FSI has managed their Personal data, they are encouraged to contact us using the contact information in section 12 below. We may ask the complainant to place their concerns in writing in order for us to fully understand and investigate the issues they have raised.
10.2 We will acknowledge any complaint within five business days of it being received and make every effort to resolve the issue within a reasonable time of us being notified.
10.3 If an individual suspects misconduct, they are encouraged to Speak Up. Please refer to the Global Whistleblower Policy for more information on reporting misconduct.
10.4 Please refer to Appendix B for details of the external parties to contact for complaints that remain unresolved.
11. Notifiable data breaches
11.1 We have put in place procedures to deal with any suspected Personal data breach and will notify potentially impacted individuals and any applicable regulator of a breach where we are legally required to do so.
12. How to contact us
12.1 For any other Personal data related queries, access or Personal data correction requests, individuals may contact their FSI relationship manager or should they not have a relationship manager contact the Data Protection or Privacy Officer, as relevant, at the following:
Contact details in your location
First Sentier Investors
Level 5, International Tower 3
300 Barangaroo Avenue,
Barangaroo NSW 2000
Data Protection Officer
First Sentier Investors (Hong Kong) Limited
Level 25, One Exchange Square
8 Connaught Place
Central, Hong Kong
Data Protection Officer
First Sentier Investors (Japan) Limited
6F, Cross Office Uchisaiwaicho
1-18-6 Nishishinbashi Minato-ku Tokyo
Data Protection Officer
First Sentier Investors (Singapore)
79 Robinson Road
United Kingdom & EEA
Data Protection Officer
First Sentier Investors
7th Floor, Finsbury Circus House
15 Finsbury Circus
London EC2M 7EB
Chief Compliance Officer
First Sentier Investors
10 E. 53rd St.
21st Fl NY
Appendix A – Relevant companies and investment funds in Europe and the United Kingdom
First Sentier Investors (UK) Funds Limited*
First Sentier Investors (UK) IM Limited*
First Sentier Investors (UK) Services Limited
First Sentier Investors Europe Holdings Limited
First Sentier Investors International IM Limited*
First Sentier Investors (Ireland) Limited**
*Authorised and regulated by the Financial Conduct Authority of the United Kingdom
**Authorised by the Central Bank of Ireland Investment funds
Appendix B – External contact details for complaints
If the individual’s complaint remains unresolved, they may access an external dispute resolution service or apply to the Office of the Australian Information Commissioner (“OAIC”) to have the complaint heard and determined. The OAIC may be contacted on the privacy hotline: 1300 363 992.
When we write to the individual about our decision, we will explain how to access an external dispute resolution scheme or make a complaint to the OAIC.
An individual can lodge a complaint with the Office of the Privacy Commissioner for Personal data. For more information and instructions visit: https://www.pcpd.org.hk/english/complaints/introduction/introduction.html
Please send the individual’s complaint to:
- Address: Room 1303, 13/F, Dah Sing Financial Centre, 248 Queen's Road East, Wanchai, Hong Kong;
- Fax: 852 2877 7026; or
- Email to [email protected]
If an individual has a complaint in relation to the way we have used the individual’s information, they should contact us in the first instance. Contact can also be made with a local consumer center or the Personal Information Protection Commission (“PPC”). Contact details for the PPC are:
- Address: Kasumigaseki Common Gate West Tower 32nd Floor, 3-2-1, Kasumigaseki, Chiyoda-ku, Tokyo, 100-0013, Japan
- Inquiry Line for Act on Protection of Personal Information: 03 6457 9849 (in Japanese only)
The PPC mediates the complaints with regard to the handling personal information.
The Personal data Protection Commission (“PDPC”) encourages individuals who have concerns about the ways in which an organisation has handled their Personal data to first approach the organisation to clarify the reasons for the organisation's actions and seek an amicable resolution of the matter. Nonetheless, should the individual want to report the complaint to the PDPC, they can contact https://www.pdpc.gov.sg/Complaints-and-Reviews.
If an individual has a complaint in relation to the way we have used the individual’s information, they should contact us in the first instance. They also have the right to lodge a complaint with the Information Commissioner’s Office at Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF (Tel: 0303 123 1113).
If an individual has a complaint in relation to the way we have used the individual’s information, they should contact us in the first instance. They also have the right to lodge a complaint with the Irish Data Protection Commission at 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland (Tel: +353 578 684 800) if they think that any of the individual’s rights have been infringed by us.