Purpose
First Sentier Investors (“FSI”) is committed to protecting the identity of individuals and safeguarding their Personal data.
Personal data can be lawfully processed in most cases where the following (most relevant legal bases) are met:
- the individual has provided valid consent to the processing for identified purposes;
- the processing is necessary to perform a contract;
- the processing is necessary for compliance with a legal obligation; or
- the processing is necessary for FSI’s legitimate interests, unless those interests are overridden by the fundamental interests and rights of the individuals.
This Privacy Notice (“Notice”) describes how FSI will handle Personal data to fulfil FSI’s obligations under applicable data protection laws, which includes:
- what Personal data FSI collects;
- how FSI collects and stores Personal data;
- how FSI uses Personal data;
- how Personal data can be disclosed or transferred to others; and
- how an individual can access, correct or have their Personal data deleted.
It also describes how to complain if an individual has concerns about how FSI has managed their Personal data.
Scope
This Notice applies to the subsidiaries and affiliates of FSI. FSI is the corporate group comprising the following direct and indirect subsidiaries, excluding Albacore Capital:
- First Sentier Investors Holdings Pty Limited; and
- First Sentier Investors (US) LLC.
FSI group functions and the entity that handles your Personal data are the controllers of your Personal data.
What is Personal data?
Personal data is any information identifying an individual or information relating to an individual that FSI can identify (directly or indirectly) from that data alone or in combination with other identifiers FSI possesses or can reasonably access.
What Personal data does FSI collect?
The Personal data FSI may collect will depend on the circumstances of collection, including whether FSI collects the information from individuals as an investor or client, a supplier, contractor, stakeholder, job applicant, employee or in some other capacity. For example in some locations business contact details of a company representative with whom FSI deal are considered to be Personal data.
FSI collects Personal data so that FSI can provide products and services and engage suppliers and comply with FSI’s legal obligations such as those under taxation and anti-money laundering and counter-terrorism financing laws. If FSI does not collect Personal data, FSI may not be able to provide a product or service or enter into a supplier arrangement.
The product or service that FSI are providing or receiving will also determine what information FSI will collect. This information may include a name; address (including proof of name and address); photo identification; contact details both personal and work (for example, email and phone numbers); hobbies and interests; job title and company; nationality; citizenship; tax residency; date of birth; passport details; government issued identifying numbers (eg. tax numbers and national identity); adviser details; investment details; banking details; signed contracts; business cards, contact sheets and biographies; financial dealings; family connections; details of company’s directors, secretaries, authorised signatories and identification documents; details of any complaints made; data required to conduct due diligence activities (such as anti-money laundering, politically exposed persons and sanctions checks); responses to surveys and competitions; fraud enquiries (for example, information from police reports); images captured by CCTV cameras on FSI’s premises (in locations where there are cameras present); recordings of telephone conversations and electronic communications with FSI’s employees.
FSI may also collect Personal data using “cookies” on this site. The collection is managed in accordance with FSI’s Cookies Policy.
FSI may collect Personal data from third parties, depending on the nature of the business relationship, in particular the following:
- Third party service providers to FSI’s funds (for example, transfer agents, registrars, administrators, distributors, custodians and paying agents) – information received includes personal details of investors obtained from fund application forms such as: name; address; contact details; nationality; government issued identity numbers (eg. national insurance number); date of birth; tax residency; adviser details; investment details; bank account details.
- Advisers (including independent financial advisers) – information received may include an investor’s or client’s name; address; gender; date of birth; bank details.
- Suppliers – information received includes the results of “Know Your Client”, anti-money laundering, politically exposed persons and sanctions checks.
- Publicly available sources – information available includes contact details of institutional investors and details of job title, company, former employers and roles, and connections.
In the context of FSI’s recruitment process for employees and contractors, FSI may collect (including through a recruitment agency), and hold, the following kinds of Personal data: applicant’s or employee’s name, contact details, date of birth, citizenship, employment references, background checks, regulatory accreditation, media (including social media), directorships, driver’s licence information, education, employment history and credential validation. Applicants for job vacancies in the United Kingdom and Europe will receive a separate Privacy Notice as part of the application process.
In the employment context, FSI may also collect and hold the Personal data listed above, as well as tax numbers, financial information, banking details, and other Personal data that may be collected in the use of FSI systems or assets. This information may be collected to assist FSI in monitoring compliance with FSI’s internal policies and perform other necessary functions and activities. All employees and contractors receive a separate Privacy Notice in relation to their employment.
How does FSI collect and store Personal data?
Collecting information
FSI collect from time to time, Personal data on investors, clients, suppliers, contractors, stakeholders, job applicants, employees and other business contacts from a number of sources, including from: investor application forms; other FSI forms (including website forms); client investment management agreements; various forms of correspondence; conversations; advisers; intermediaries; business cards; third party service providers to FSI’s funds (for example, transfer agents, administrators, distributors, custodians, paying agents); client advisers; other third parties; and from public sources. This information may be collected directly from investors, clients, intermediaries and business contacts, or indirectly from third parties.
Collecting information from visits to FSI’s website
FSI may collect information based on FSI’s website usage. FSI uses “cookies” and other data collection methods such as pixel tags to collect information on website activity such as the number of visitors, the number of pages viewed and the internet advertisements which bring visitors to FSI’s site. This information is collected to analyse and improve FSI’s website, FSI’s marketing campaigns and to record statistics on web traffic.
If account information is accessed online through one of the secure areas of FSI’s website, FSI will collect information about the visit using “cookies” to track the use of FSI’s website and to allow visitors to effectively access their account information. This information is collected for security purposes and to protect the integrity of visitor’s account details. For more information, please see FSI’s Cookies Policy.
How is Personal data protected?
Personal data held by FSI will be kept confidential unless FSI is required by law to disclose it or have your consent to disclose it.
FSI holds Personal data in secure computer storage facilities (whether in-house, at FSI’s service providers, or on cloud based systems), on paper-based files and in other formats. FSI take reasonable steps to protect information from loss and unauthorised access, destruction, use, modification or disclosure and where necessary, require FSI’s third party data processors to implement appropriate security measures.
Access to Personal data held by FSI is controlled to prevent misuse or unauthorised disclosure of the information. FSI utilise a range of technical security measures such as secure authentication, password controls, encryption, firewalls and anti-virus technology to prevent unauthorised access to information. Physical access to FSI’s buildings is controlled by security pass.
How long FSI hold Personal data for will vary and will be determined by various criteria including:
- the purpose for which FSI are using it – FSI will need to keep the Personal data for as long as is necessary for that purpose, and
- legal obligations – laws or regulation may set a minimum or maximum period for which FSI have to keep Personal data.
Where required by local laws and regulations, Personal data which is no longer required for the purpose will be erased and de-identified through appropriate and secure measures.
How does FSI use Personal data?
The information FSI uses will depend on the nature of the business relationship, as follows:
- In relation to prospective investors and clients, FSI may process Personal data for identification purposes (prior to becoming an investor in FSI’s funds or a client of ours under an investment management agreement), for the purposes of anti-money laundering, counter terrorist financing, suitability and appropriateness assessments, “Know Your Client” and credit-worthiness checks, and for any other applicable legal or regulatory reasons. Failure to provide relevant information will mean that FSI will not be able to on-board a potential investor or client.
- In relation to investors in FSI’s funds, FSI may process information collected for the purpose of account administration and other general business purposes (for example, for processing subscriptions and investments; maintaining the register of investors, carrying out investor instructions; handling any complaints and enquiries; sending investor communications, including financial reports, valuations, corporate actions). In addition, in order to comply with regulatory obligations, FSI may collect and disclose certain information about FSI’s investors and certain related persons and their investments to the local tax authority and and/or other relevant tax authorities overseas.
- In relation to FSI’s investment management clients, FSI may process Personal data for the purpose of managing and administering clients’ accounts, including providing valuations and periodic reports and informing clients of relevant information as required by the investment management agreement.
- FSI may from time to time process Personal data of investors and clients to comply with legal and regulatory requirements impacting FSI’s business. In particular, FSI may need in the context of FSI’s business: to obtain legal advice on legal and regulatory requirements; to report to relevant regulators; to comply with market opening and registration requirements in the conduct of FSI’s business; prevent or investigate any actual or suspected fraud, unlawful activity or misconduct; consider any concern or complaint raised against FSI and/or to manage any legal action against FSI.
- In relation to intermediaries who introduce investors into FSI’s funds (such as distributors, platforms and independent financial advisers), FSI may process Personal data to conduct market research, gauge product sales or product performance or assess the creditworthiness of intermediaries. In addition, FSI may process the Personal data of investors introduced to FSI’s funds, as outlined above.
- In relation to FSI’s general business contacts (including consultants and intermediaries who act for FSI’s mutual clients), FSI may process Personal data for general business purposes such as: for public relations and corporate communications purposes; providing thought leadership articles; networking/relationship building; conducting market research and gathering industry statistics; evaluating products and services; when visiting FSI offices; and assisting with any queries.
- FSI may process Personal data to analyse the performance of IT systems, monitor usage of resources and systems and to improve products, services and usability of FSI’s technology platform, including telephone calls and electronic communications with FSI’s employees which may be recorded for the purposes of retaining a record of communications; in the interests of security; for training and compliance monitoring purposes and/or to comply with legal or regulatory obligations.
- In relation to job applicants, to consider an application for employment.
- In relation to employees and contractors, FSI may process Personal data for the purpose of complying with tax, employment/labour and workplace health and safety regulations (including management of working hours, sick leave and the health and safety of personnel, talent management including promotions and position assignments/reassignments and the administration and payment of wages and benefits). Personal data of employees may also be used for the purposes of managing or ending the employment or other contractual relationship and disputes with employees, including defending claims brought by employees. FSI may also use information for other purposes required or authorised by or under law (including purposes for which consent has been provided).
FSI are entitled to use Personal data in these ways because:
- FSI has legal and regulatory obligations that FSI have to discharge;
- FSI may need to in order to establish, exercise or defend FSI’s legal rights or for the purpose of legal proceedings;
- The use of Personal data as described is necessary for FSI’s legitimate business interests (or the legitimate interests of one or more of FSI’s affiliates);
- The use of Personal data is necessary for the performance of a contract;
- Consent to FSI processing Personal data has been provided (other than for marketing purposes);
- Consent has been provided for FSI to process Personal data for the purposes of informing (for example, by telephone, mail or email) individuals about other products and services available from the other companies within FSI and about marketing campaigns and event invitations.
How is Personal data disclosed to others?
FSI may disclose Personal data to other companies within FSI, for internal business and administrative purposes (including to administer FSI’s products and services and for prudential and risk management purposes) and, where consent has been given, to provide individuals with information on related products and services.
FSI may also disclose Personal data relating to FSI’s clients to other companies within FSI to whom FSI sub-delegate FSI’s services (for example, trade order execution and portfolio management). When FSI discloses Personal data to other companies within FSI, FSI will take appropriate measures to ensure that such Personal data is shared and treated securely and in accordance with this Notice.
FSI related companies and third party service providers are located in jurisdictions including, but not limited to, Australia, Canada, Cayman Islands, France, Germany, Hong Kong, India, Ireland, Japan, Luxembourg, New Zealand, Singapore, United Kingdom and the United States.
FSI may disclose Personal data to third parties that are specifically engaged by FSI to provide services to FSI, in which case FSI will require those parties to keep that information confidential and secure and to use it solely for the purpose of providing the specified services to FSI.
The following is a list of the types of third parties who process Personal data on FSI’s behalf:
- third party service providers to FSI’s funds (for example, transfer agents, administrators, distributors, platform providers, custodians, paying agents and researchers). These third party service providers may also disclose and transfer your Personal data to their subsidiaries or affiliates or other third party contractors;
- credit reference agencies, debt collection agencies and other companies for fraud prevention, and for the verification of identity;
- Auditors;
- document execution vendors in relation to the execution of contracts with FSI’s clients;
- mailing houses or printing companies;
- recruitment agencies and payroll administrators;
- information technology providers; and
- brokers.
Where a financial adviser (as indicated on the investor application forms) or other professional adviser is used, then details of an individual’s investments and valuations may also be provided to their adviser and their respective service providers.
FSI may disclose to relevant tax authorities, regulators, government departments, competent authorities, or other government or law enforcement agencies (without limitation) any Personal data (including tax status, identity or residency or other personal and payment information, documents or self-certifications) in order to comply with a court order or to meet legal and regulatory requirements arising in the conduct of FSI’s business. Such disclosure may be made directly to such regulators or competent authorities etc. or made indirectly to FSI’s advisers or providers who will make such filings or disclosures on FSI’s behalf.
With your consent, FSI may also disclose Personal data to other third parties and for other purposes. That consent may be written, verbal or implied from conduct.
For those located in the United Kingdom or Europe
In relation to data transfers outside of the European Economic Area (“EEA”) or UK, FSI may transfer Personal data of individuals located in the UK or Europe to FSI’s affiliates (including outside the EEA or UK) and/or allow the information to be accessed by FSI’s affiliates and their employees outside the EEA or UK as well as within it. It may also be processed by personnel operating outside the EEA or UK who work for FSI or for one of FSI’s third party service providers.
Where FSI transfer such Personal data outside the EEA or UK, FSI will ensure that it is protected in a manner that is consistent with how Personal data is protected by FSI in the EEA or UK or that the transfer is otherwise compliant with data protection laws. This can be done in a number of ways, for example:
- the country to which FSI send the data might be approved by the European Commission or the UK Information Commissioner’s Office (“UK ICO”);
- the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission or UK ICO, obliging them to protect your Personal data; or
- where data protection laws permit FSI to transfer Personal data outside the EEA or UK
If FSI are relying on the “model contractual clauses” above (or similar mechanisms such as Binding Corporate Rules), FSI will also assess the risks associated with the transfers. At a high level, this involves assessing both the laws applicable in the recipient country and the details of the transfer (for example, the nature and volume of the data, the security measures applied, any historic access which the recipient has been required to grant to governmental authorities).
Individuals can obtain more details of the protection given to Personal data when it is transferred outside the EEA or UK (including a sample copy of the “model contractual clauses”) by contacting FSI.
An individual’s rights in relation to their data
Individuals have a right to access the Personal data that FSI hold about them and if they wish to make an application to access or obtain this Personal data, they can contact FSI. In some circumstances, individuals have the right to receive some Personal data in a structured, commonly used and machine-readable format and/or request that FSI transmit that Personal data to a third party where this is technically feasible.
Generally, FSI do not charge a fee to request access to Personal data. However, if FSI do propose to charge a fee, FSI will advise beforehand so that the applicant can decide whether to proceed. Any fee charged would be to cover the cost of obtaining the information. For example, searching, retrieving and despatching the information.
FSI must verify the applicant’s identity before giving access to, or correcting, the Personal data.
FSI take reasonable steps to ensure that the Personal data FSI collect, use or disclose is accurate, complete and up-to-date. Individuals are encouraged to contact FSI if any of the details they have provided change or if they believe that the Personal data FSI have about them is not accurate, complete or up-to-date.
In certain circumstances, FSI may not be able to correct or provide applicants with access to their Personal data. In these circumstances, FSI will write to the applicant to explain and provide the reasons why. In the United Kingdom and the EU a full response must be sent to the individual within one month of receipt of the request.
If an individual wishes FSI to erase or restrict using their Personal data, they are encouraged to contact FSI. FSI may need to discuss the basis of the request with the applicant as there may be circumstances where FSI is legally entitled to continue processing the Personal data or refuse the request.
If individuals have previously provided their consent to FSI’s use of their Personal data (other than for marketing purposes) and they wish to withdraw such consent, they are encouraged to contact FSI. FSI may need to discuss with the individual whether FSI’s use of their Personal data needs to continue for lawful purposes (i.e. because FSI have another legitimate reason for doing so).
If an individual has previously consented to being sent information about other products and services available from the First Sentier Investors group of companies, they may withdraw such consent by contacting FSI.
Under GDPR, individuals have the right to request that their Personal data is transmitted directly to a third party where technically feasible.
Expressing concerns or complaints about the management of Personal data
If an individual has a complaint related to how FSI has managed their Personal data, they are encouraged to contact FSI. FSI may ask the complainant to place their concerns in writing in order to fully understand and investigate the issues they have raised.
FSI will endeavour to acknowledge and resolve the issue within a reasonable time of FSI receiving your complaint, unless local laws or regulations specify timeframes.
If an individual suspects misconduct, they are encouraged to Speak Up. Please refer to the Global Whistleblower Policy for more information on reporting misconduct.
For the external parties to contact for complaints that remain unresolved, please see External contact details for complaints.
Notifiable data breaches
FSI have put in place procedures to deal with any suspected Personal data breach and will notify potentially impacted individuals and any applicable regulator of a breach where FSI are legally required to do so.
This Privacy Notice was updated in November 2023.
How to contact First Sentier Investors
For any other Personal data related queries, access or Personal data correction requests, individuals may contact their FSI relationship manager or should they not have a relationship manager contact the Data Protection or Privacy Officer, as relevant, at the following:
Contact details in your location
Australia
Privacy Officer
Level 5, 300 Barangaroo Avenue
Barangaroo NSW 2000
Phone: +61 2 9010 5200
[email protected]
Hong Kong
Data Protection Officer
First Sentier Investors (Hong Kong) Limited
Level 25, One Exchange Square
8 Connaught Place
Central, Hong Kong
[email protected]
Japan
Data Protection Officer
First Sentier Investors (Japan) Limited
6F, Cross Office Uchisaiwaicho
1-18-6 Nishishinbashi Minato-ku Tokyo
105-0003 Japan
[email protected]
Singapore
Data Protection Officer
First Sentier Investors (Singapore)
79 Robinson Road
#17-01, Singapore 068897
[email protected]
United Kingdom, and EEA
Designated Representative for Data Protection
7th Floor, Finsbury Circus House
15 Finsbury Circus
London EC2M 7EB
[email protected]
External contact details for complaints
Contact details in your location
Australia
If the individual’s complaint remains unresolved, they may access an external dispute resolution service or apply to the Office of the Australian Information Commissioner (“OAIC”) to have the complaint heard and determined. The OAIC may be contacted on the privacy hotline: 1300 363 992.
When FSI writes to the individual about FSI’s decision, FSI will explain how to access an external dispute resolution scheme or make a complaint to the OAIC.
Hong Kong
An individual can lodge a complaint with the Office of the Privacy Commissioner for Personal data. For more information and instructions visit: www.pcpd.org.hk/english/complaints/introduction/introduction.html
Please send the individual’s complaint to:
- Address: Room 1303, 13/F, Dah Sing Financial Centre, 248 Queen's Road East, Wanchai, Hong Kong;
- Fax: 852 2877 7026; or
- Email: [email protected]
Ireland
If an individual has a complaint in relation to the way FSI has used the individual’s information, they should contact FSI in the first instance. They also have the right to lodge a complaint with the Irish Data Protection Commission at 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland (Tel: +353 578 684 800) if they think that any of the individual’s rights have been infringed by FSI.
Japan
If an individual has a complaint in relation to the way FSI has used the individual’s information, they should contact FSI in the first instance. Contact can also be made with a local consumer center or the Personal Information Protection Commission (“PPC”). Contact details for the PPC are:
- Address: Kasumigaseki Common Gate West Tower 32nd Floor, 3-2-1, Kasumigaseki, Chiyoda-ku, Tokyo, 100-0013, Japan
- Inquiry Line for Act on Protection of Personal Information: 03 6457 9849 (in Japanese only)
- www.ppc.go.jp/en/contactus/piinquiry/
The PPC mediates the complaints with regard to the handling personal information.
Singapore
The Personal Data Protection Commission (“PDPC”) encourages individuals who have concerns about the ways in which an organisation has handled their Personal data to first approach the organisation to clarify the reasons for the organisation's actions and seek an amicable resolution of the matter. Nonetheless, should the individual want to report the complaint to the PDPC, they can contact www.pdpc.gov.sg/Complaints-and-Reviews.
United Kingdom
If an individual has a complaint in relation to the way FSI has used the individual’s information, they should contact FSI in the first instance. Contact can also be made with a local consumer center or the Personal Information Protection Commission (“PPC”). Contact details for the PPC are:
- Address: Kasumigaseki Common Gate West Tower 32nd Floor, 3-2-1, Kasumigaseki, Chiyoda-ku, Tokyo, 100-0013, Japan
- Inquiry Line for Act on Protection of Personal Information: 03 6457 9849 (in Japanese only)
- www.ppc.go.jp/en/contactus/piinquiry/
The PPC mediates the complaints with regard to the handling personal information.