Privacy notice

Protecting your privacy

Purpose

The First Sentier Group (“Group”) is committed to protecting the identity of individuals and safeguarding their Personal data.

Personal data can be lawfully processed in most cases where the following (most relevant legal bases) are met:

• the individual has provided valid consent to the processing for identified purposes;
• the processing is necessary to perform a contract;
• the processing is necessary for compliance with a legal obligation; or
• the processing is necessary for the Group’s legitimate interests, unless those interests are overridden by the fundamental interests and rights of the individuals.

This Privacy Notice (“Notice”) describes how Group will handle Personal data to fulfil the Group’s obligations under applicable data protection laws, which includes:

• what Personal data the Group collects;
• how the Group collects and stores Personal data;
• how the Group uses Personal data;
• how Personal data can be disclosed or transferred to others; and
• how an individual can access, correct or have their Personal data deleted.

It also describes how to complain if an individual has concerns about how the Group has managed their Personal data.

Scope

This Notice applies to the subsidiaries and affiliates of the Group. The Group is the corporate group comprising the following direct and indirect subsidiaries, excluding AlbaCore Capital:

• First Sentier Investors Holdings Pty Limited; and
• First Sentier Investors (US) LLC.

The Group functions and the entity that handles your Personal data are the controllers of your Personal data.

What is Personal data?

Personal data is any information identifying an individual or information relating to an individual that the Group can identify (directly or indirectly) from that data alone or in combination with other identifiers the Group possesses or can reasonably access.

What Personal data does the Group collect?

The Personal data the Group may collect will depend on the circumstances of collection, including whether the Group collects the information from individuals as an investor or client, a supplier, contractor, stakeholder, job applicant, employee or in some other capacity. For example in some locations business contact details of a company representative with whom the Group deals are considered to be Personal data.

The Group collects Personal data so that the Group can provide products and services and engage suppliers and comply with the Group’s legal obligations such as those under taxation and anti-money laundering and counter-terrorism financing laws. If the Group does not collect Personal data, the Group may not be able to provide a product or service or enter into a supplier arrangement.

The product or service that the Group is providing or receiving will also determine what information the Group will collect. This information may include a name; address (including proof of name and address); photo identification; contact details both personal and work (for example, email and phone numbers); hobbies and interests; job title and company; nationality; citizenship; tax residency; date of birth; passport details; government issued identifying numbers (eg. tax numbers and national identity); adviser details; investment details; banking details; signed contracts; business cards, contact sheets and biographies; financial dealings; family connections; details of company’s directors, secretaries, authorised signatories and identification documents; details of any complaints made; data required to conduct due diligence activities (such as anti-money laundering, politically exposed persons and sanctions checks); responses to surveys and competitions; fraud enquiries (for example, information from police reports); images captured by CCTV cameras on the Group’s premises (in locations where there are cameras present); recordings of telephone conversations and electronic communications with the Group’s employees.

The Group may also collect Personal data using “cookies” on this site. The collection is managed in accordance with the Group’s Cookies Policy.

The Group may collect Personal data from third parties, depending on the nature of the business relationship, in particular the following:

• Third party service providers to the Group’s funds (for example, transfer agents, registrars, administrators, distributors, custodians and paying agents) – information received includes personal details of investors obtained from fund application forms such as: name; address; contact details; nationality; government issued identity numbers (eg. national insurance number); date of birth; tax residency; adviser details; investment details; bank account details.
• Advisers (including independent financial advisers) – information received may include an investor’s or client’s name; address; gender; date of birth; bank details.
• Suppliers  – information received includes the results of “Know Your Client”, anti-money laundering, politically exposed persons and sanctions checks.
• Publicly available sources – information available includes contact details of institutional investors and details of job title, company, former employers and roles, and connections.

In the context of the Group’s recruitment process for employees and contractors, the Group may collect (including through a recruitment agency), and hold, the following kinds of Personal data: applicant’s or employee’s name, contact details, date of birth, citizenship, employment references, background checks, regulatory accreditation, media (including social media), directorships, driver’s licence information, education, employment history and credential validation. Applicants for job vacancies in the United Kingdom and Europe will receive a separate Privacy Notice as part of the application process.

In the employment context, the Group may also collect and hold the Personal data listed above, as well as tax numbers, financial information, banking details, and other Personal data that may be collected in the use of the Group systems or assets. This information may be collected to assist the Group in monitoring compliance with the Group’s internal policies and perform other necessary functions and activities. All employees and contractors receive a separate Privacy Notice in relation to their employment.

How does the Group collect and store Personal data?

Collecting information

The Group collects from time to time, Personal data on investors, clients, suppliers, contractors, stakeholders, job applicants, employees and other business contacts from a number of sources, including from: investor application forms; other Group forms (including website forms); client investment management agreements; various forms of correspondence; conversations; advisers; intermediaries; business cards; third party service providers to the Group’s funds (for example, transfer agents, administrators, distributors, custodians, paying agents); client advisers; other third parties; and from public sources. This information may be collected directly from investors, clients, intermediaries and business contacts, or indirectly from third parties.

Collecting information from visits to the Group’s website

The Group may collect information based on the Group’s website usage. The Group uses “cookies” and other data collection methods such as pixel tags to collect information on website activity such as the number of visitors, the number of pages viewed and the internet advertisements which bring visitors to the Group’s site. This information is collected to analyse and improve the Group’s website, the Group’s marketing campaigns and to record statistics on web traffic.

If account information is accessed online through one of the secure areas of the Group’s website, the Group will collect information about the visit using “cookies” to track the use of the Group’s website and to allow visitors to effectively access their account information. This information is collected for security purposes and to protect the integrity of visitor’s account details. For more information, please see the Group’s Cookies Policy.

How is Personal data protected?

Personal data held by the Group will be kept confidential unless the Group is required by law to disclose it or have your consent to disclose it.

The Group holds Personal data in secure computer storage facilities (whether in-house, at the Group’s service providers, or on cloud based systems), on paper-based files and in other formats. The Group takes reasonable steps to protect information from loss and unauthorised access, destruction, use, modification or disclosure and where necessary, requires the Group’s third party data processors to implement appropriate security measures.

Access to Personal data held by the Group is controlled to prevent misuse or unauthorised disclosure of the information. The Group utilise a range of technical security measures such as secure authentication, password controls, encryption, firewalls and anti-virus technology to prevent unauthorised access to information. Physical access to the Group’s buildings is controlled by security pass.

How long the Group holds Personal data for will vary and will be determined by various criteria including:

• the purpose for which the Group is using it – the Group will need to keep the Personal data for as long as is necessary for that purpose, and
• legal obligations – laws or regulation may set a minimum or maximum period for which the Group must keep Personal data.

Where required by local laws and regulations, Personal data which is no longer required for the purpose will be erased and de-identified through appropriate and secure measures.

How does the Group use Personal data?

The information the Group uses will depend on the nature of the business relationship, as follows:

• In relation to prospective investors and clients, the Group may process Personal data for identification purposes (prior to becoming an investor in the Group’s funds or a client of ours under an investment management agreement), for the purposes of anti-money laundering, counter terrorist financing, suitability and appropriateness assessments, “Know Your Client” and credit-worthiness checks, and for any other applicable legal or regulatory reasons. Failure to provide relevant information will mean that the Group will not be able to on-board a potential investor or client.
• In relation to investors in the Group’s funds, the Group may process information collected for the purpose of account administration and other general business purposes (for example, for processing subscriptions and investments; maintaining the register of investors, carrying out investor instructions; handling any complaints and enquiries; sending investor communications, including financial reports, valuations, corporate actions). In addition, in order to comply with regulatory obligations, the Group may collect and disclose certain information about the Group’s investors and certain related persons and their investments to the local tax authority and and/or other relevant tax authorities overseas.
• In relation to the Group’s investment management clients, the Group may process Personal data for the purpose of managing and administering clients’ accounts, including providing valuations and periodic reports and informing clients of relevant information as required by the investment management agreement.
• The Group may from time to time process Personal data of investors and clients to comply with legal and regulatory requirements impacting the Group’s business. In particular, the Group may need in the context of the Group’s business: to obtain legal advice on legal and regulatory requirements; to report to relevant regulators; to comply with market opening and registration requirements in the conduct of the Group’s business; prevent or investigate any actual or suspected fraud, unlawful activity or misconduct; consider any concern or complaint raised against the Group and/or to manage any legal action against the Group.
• In relation to intermediaries who introduce investors into the Group’s funds (such as distributors, platforms and independent financial advisers), the Group may process Personal data to conduct market research, gauge product sales or product performance or assess the creditworthiness of intermediaries. In addition, the Group may process the Personal data of investors introduced to the Group’s funds, as outlined above.
• In relation to the Group’s general business contacts (including consultants and intermediaries who act for the Group’s mutual clients), the Group may process Personal data for general business purposes such as: for public relations and corporate communications purposes; providing thought leadership articles; networking/relationship building; conducting market research and gathering industry statistics; evaluating products and services; when visiting Group offices; and assisting with any queries.
• The Group may process Personal data to analyse the performance of IT systems, monitor usage of resources and systems and to improve products, services and usability of the Group’s technology platform, including telephone calls and electronic communications with the Group’s employees which may be recorded for the purposes of retaining a record of communications; in the interests of security; for training and compliance monitoring purposes and/or to comply with legal or regulatory obligations.
• In relation to job applicants, to consider an application for employment.
• In relation to employees and contractors, the Group may process Personal data for the purpose of complying with tax, employment/labour and workplace health and safety regulations (including management of working hours, sick leave and the health and safety of personnel, talent management including promotions and position assignments/reassignments and the administration and payment of wages and benefits). Personal data of employees may also be used for the purposes of managing or ending the employment or other contractual relationship and disputes with employees, including defending claims brought by employees. The Group may also use information for other purposes required or authorised by or under law (including purposes for which consent has been provided).

The Group is entitled to use Personal data in these ways because:

• The Group has legal and regulatory obligations that the Group has to discharge;
• The Group may need to in order to establish, exercise or defend the Group’s legal rights or for the purpose of legal proceedings;
• The use of Personal data as described is necessary for the Group’s legitimate business interests (or the legitimate interests of one or more of the Group’s affiliates);
• The use of Personal data is necessary for the performance of a contract;
• Consent to the Group processing Personal data has been provided (other than for marketing purposes);
• Consent has been provided for the Group to process Personal data for the purposes of informing (for example, by telephone, mail or email) individuals about other products and services available from the other companies within the Group and about marketing campaigns and event invitations.

How is Personal data disclosed to others?

The Group may disclose Personal data to other companies within the Group, for internal business and administrative purposes (including to administer the Group’s products and services and for prudential and risk management purposes) and, where consent has been given, to provide individuals with information on related products and services.

The Group may also disclose Personal data relating to the Group’s clients to other companies within the Group to whom the Group sub-delegate the Group’s services (for example, trade order execution and portfolio management). When the Group discloses Personal data to other companies within the Group, the Group will take appropriate measures to ensure that such Personal data is shared and treated securely and in accordance with this Notice.

The Group related companies and third party service providers are located in jurisdictions including, but not limited to, Australia, Canada, Cayman Islands, France, Germany, Hong Kong, India, Ireland, Japan, Luxembourg, New Zealand, Singapore, United Kingdom and the United States.

The Group may disclose Personal data to third parties that are specifically engaged by the Group to provide services to the Group, in which case the Group will require those parties to keep that information confidential and secure and to use it solely for the purpose of providing the specified services to the Group.

The following is a list of the types of third parties who process Personal data on the Group’s behalf:

• third party service providers to the Group’s funds (for example, transfer agents, administrators, distributors, platform providers, custodians, paying agents and researchers). These third party service providers may also disclose and transfer your Personal data to their subsidiaries or affiliates or other third party contractors;
• credit reference agencies, debt collection agencies and other companies  for fraud prevention, and for the verification of identity;
• Auditors;
• document execution vendors in relation to the execution of contracts with the Group’s clients;
• mailing houses or printing companies;
• recruitment agencies and payroll administrators;
• information technology providers; and
• brokers.

Where a financial adviser (as indicated on the investor application forms) or other professional adviser is used, then details of an individual’s investments and valuations may also be provided to their adviser and their respective service providers.

The Group may disclose to relevant tax authorities, regulators, government departments, competent authorities, or other government or law enforcement agencies (without limitation) any Personal data (including tax status, identity or residency or other personal and payment information, documents or self-certifications) in order to comply with a court order or to meet legal and regulatory requirements arising in the conduct of the Group’s business. Such disclosure may be made directly to such regulators or competent authorities etc. or made indirectly to the Group’s advisers or providers who will make such filings or disclosures on the Group’s behalf.

With your consent, the Group may also disclose Personal data to other third parties and for other purposes. That consent may be written, verbal or implied from conduct.

For those located in the United Kingdom or Europe

In relation to data transfers outside of the European Economic Area (“EEA”) or UK, the Group may transfer Personal data of individuals located in the UK or Europe to the Group’s affiliates (including outside the EEA or UK) and/or allow the information to be accessed by the Group’s affiliates and their employees outside the EEA or UK as well as within it. It may also be processed by personnel operating outside the EEA or UK who work for the Group or for one of the Group’s third party service providers.

Where the Group transfers such Personal data outside the EEA or UK, the Group will ensure that it is protected in a manner that is consistent with how Personal data is protected by the Group in the EEA or UK or that the transfer is otherwise compliant with data protection laws. This can be done in a number of ways, for example:

• the country to which the Group sends the data might be approved by the European Commission or the UK Information Commissioner’s Office (“UK ICO”);
• the recipient might have signed up to a contract based on “model contractual clauses” approved by the European Commission or UK ICO, obliging them to protect your Personal data; or
• where data protection laws permit the Group to transfer Personal data outside the EEA or UK.

If the Group is relying on the “model contractual clauses” above (or similar mechanisms such as Binding Corporate Rules), the Group will also assess the risks associated with the transfers. At a high level, this involves assessing both the laws applicable in the recipient country and the details of the transfer (for example, the nature and volume of the data, the security measures applied, any historic access which the recipient has been required to grant to governmental authorities).

Individuals can obtain more details of the protection given to Personal data when it is transferred outside the EEA or UK (including a sample copy of the “model contractual clauses”) by contacting the Group.

An individual’s rights in relation to their data

Individuals have a right to access the Personal data that the Group holds about them and if they wish to make an application to access or obtain this Personal data, they can contact the Group. In some circumstances, individuals have the right to receive some Personal data in a structured, commonly used and machine-readable format and/or request that the Group transmits that Personal data to a third party where this is technically feasible.

Generally, the Group does not charge a fee to request access to Personal data. However, if the Group does propose to charge a fee, the Group will advise beforehand so that the applicant can decide whether to proceed. Any fee charged would be to cover the cost of obtaining the information. For example, searching, retrieving and despatching the information.

The Group must verify the applicant’s identity before giving access to, or correcting, the Personal data.

The Group takes reasonable steps to ensure that the Personal data the Group collects, uses or discloses is accurate, complete and up-to-date. Individuals are encouraged to contact the Group if any of the details they have provided change or if they believe that the Personal data the Group has about them is not accurate, complete or up-to-date.

In certain circumstances, the Group may not be able to correct or provide applicants with access to their Personal data. In these circumstances, the Group will write to the applicant to explain and provide the reasons why. In the United Kingdom and the EU a full response must be sent to the individual within one month of receipt of the request.

If an individual wishes the Group to erase or restrict using their Personal data, they are encouraged to contact the Group. The Group may need to discuss the basis of the request with the applicant as there may be circumstances where the Group is legally entitled to continue processing the Personal data or refuse the request.

If individuals have previously provided their consent to the Group’s use of their Personal data (other than for marketing purposes) and they wish to withdraw such consent, they are encouraged to contact the Group. The Group may need to discuss with the individual whether the Group’s use of their Personal data needs to continue for lawful purposes (i.e. because the Group has another legitimate reason for doing so).

If an individual has previously consented to being sent information about other products and services available from the First Sentier Investors group of companies, they may withdraw such consent by contacting the Group.

Under GDPR, individuals have the right to request that their Personal data is transmitted directly to a third party where technically feasible.

In France you have the right under the French law to set guidelines for the retention, erasure and communication of your personal data after your death.

Expressing concerns or complaints about the management of Personal data

If an individual has a complaint related to how the Group has managed their Personal data, they are encouraged to contact the Group. The Group may ask the complainant to place their concerns in writing in order to fully understand and investigate the issues they have raised.

The Group will endeavour to acknowledge and resolve the issue within a reasonable time of the Group receiving your complaint, unless local laws or regulations specify timeframes.

If an individual suspects misconduct, they are encouraged to Speak Up. Please refer to the Global Whistleblower Policy for more information on reporting misconduct.

For the external parties to contact for complaints that remain unresolved, please see External contact details for complaints.

Notifiable data breaches

The Group has put in place procedures to deal with any suspected Personal data breach and will notify potentially impacted individuals and any applicable regulator of a breach where the Group is legally required to do so.

How to contact the First Sentier Group

For any other Personal data related queries, access or Personal data correction requests, individuals may contact their Group relationship manager or should they not have a relationship manager contact the Data Protection or Privacy Officer, as relevant, at the following:

External contact details for complaints

This Privacy Notice was updated in April 2025.