International Privacy Notice

This Privacy Notice (the “Notice”) documents and explains how we collect and process personal data in connection with our website and online communication and provides a general overview of how we process client personal data in the absence of any specific privacy language in a particular client agreement. Your client agreement may modify the terms of this Notice with respect to the servicing of your account.

For the purposes of applicable data protection law, we are the “data controller,” or, in circumstances where we partner with one or more other firms to process data, a “joint controller” of your personal data. Where we act as a joint controller, we will provide you with relevant information about our partner joint controllers.

We have appointed:

Candriam Group S.a.R.L. with registered address at 19-21 Route d’Arlon, L-8009 Strassen Luxembourg; registered no. R.C.S. Luxembourg : B 180524, acts as our European representative for GDPR matters. as our EU representative for GDPR matters.

Candriam Luxembourg, – UK establishment (United Kingdom): registered under Fiscal Identification Code BR015843, located at 200 Aldersgate Street, 13th Floor, EC1A 4HD London acts as our UK representative for UK Data Protection Act matters.

We may collect and process the following personal data:

Information you give us:

• If you inquire about our capabilities or services for yourself or your employee, we will process personal data to facilitate our responses. Personal data processed may include: your name, gender, address, personal or professional e-mail address and personal or professional phone number, financial information, personal description, photograph, ID documentation (including your passport or ID card), professional activity, marital status, and information about your dependents or beneficiaries.
• You and/or your employer may give us information about you during our due diligence of your employer, when you complete a form on our site or by corresponding with us by phone, e-mail or other electronic means, or in writing. This includes information you provide when you make enquiries, submit information or content to our site, when you report a problem with our site or ask information via our site – including your name, email address, gender, professional activity postal address, telephone and fax.
• If you are interested in participating in events organized by us to support our commercial activities, then we may process your personal data – including but not limited to your name, gender, address, personal or professional e-mail address.
• When you are a client, your client agreement may contain additional provisions with respect to our use of your Personal Data.
   

Information we collect about you: With regard to each of your visits to our site we may automatically collect the following information:

• technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
• information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); products, services or issues you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call us.
• Note that even where a client agreement restricts processing of your personal data, your us of our website is governed by the terms of this Notice.
   

Information we receive from other sources:

We may also receive information about you if you use any of the other websites we operate or the other services we provide.

We are part of a global group of companies which manage funds and provide other financial services. Where you have requested services or information about products which are offered by one or more of our subsidiaries and/or affiliates, we will tell you, and we may receive relevant information from our subsidiaries and/ or affiliates for the purposes of those services.

We work closely with third parties (for example, banks and other financial institutions, business partners, legal or other consultants, sub-contractors in technical, analytics providers, search information providers,) and may receive information about you from them.

Information about other people: If you provide information to us about any person other than yourself, such as other employees of your employer, or persons accompanying you to any events organized by us to support our commercial activities, you must ensure that they understand how their information will be used, and that they have given their permission for you to disclose it to us and for you to allow us, and our outsourced service providers, to use it.

Purposes and Legal Basis for processing

We may ask you for consent to collect or process your personal data on certain occasions, for example, and as stated below, where necessary in order to contact you with information about products and services or events that might be of interest to you or your employer.

We process your personal data when we need to do this to fulfil a contract with you, including processing your personal data to give effect to your investment in one of our or our affiliates’ funds or products, to verify your identity, or to otherwise provide services to you.

We process your personal data when required by law to do so, such as if we receive a request from law enforcement or other government officials.

Where necessary, we process your personal data when it is in our legitimate interests to do this and when these interests are not overridden by your data protection rights. We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on any of our balancing tests by contacting us using the details set forth above.

In particular:

• We use your personal data in order to effectively administer our funds, products, services, and our business;
• We use your personal data to undertake commercial and legal due diligence on our clients and investors, in order to assess their activities and condition in relation to their investments and the provision of our services;
• We monitor use of our websites, and use your personal data to help us monitor, improve and protect our services and websites, both online and offline;
• We monitor investor accounts to prevent, investigate and/or report fraud, terrorism, misrepresentation, security incidents or crime, in accordance with applicable law; and
• We will use personal data in connection with legal claims, compliance, regulatory and investigative purposes as necessary (including disclosure of such information in connection with legal process or litigation).
• We use your personal data or the personal data of the persons accompanying you in connection with the organization of social and entertainment physical or digital event to support our commercial activities.
   

Disclosure of Your Personal Data

We may share your personal data within the NYL enterprise and trusted third-party processors in accordance with applicable data protection law. A full list of NYL enterprise companies can be reviewed here.

Personal data will also be shared between us, as manager of certain funds, and the fund legal entities which are normally special purpose legal entities created in particular jurisdictions.

Depending upon the nature of your enquiry, we may share your personal data with affiliates in other countries if your enquiry relates to specific products or services offered by affiliates outside our country. All transfers are in accordance with the cross-border transfer information discussed below.

Aggregated data may also be shared within the NYL Enterprise for business purposes, including risk management and statistical purposes.

We may also share your personal data with trusted third parties including:

• Legal or other advisers, consultants and other professional experts, complainants, correspondents and enquirers, and suppliers and service providers of any of the above, and each of their associated businesses.
• Business partners, suppliers, and sub-contractors were these third parties process your personal data on our behalf. We take reasonable steps, including contractual obligations, to ensure that these third parties protect your personal data in accordance with our standards and in compliance with applicable data protection laws; and
• Analytics and search engine providers that assist us in the improvement and optimization of our site.
   

We may disclose your personal data to third parties:

• If we sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets;
• If we, our business, or our assets are acquired by a third party, in which case personal data held by it about its users, suppliers, or customers will be one of the transferred assets;
• If we are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce agreements; or if we reasonably consider this necessary; or to protect the rights, property, or safety of ourselves, our users, our customers, or others; and
• For the purposes of crime prevention and fraud protection.
   

We use many different vendors for processing data, including Personal Data. These include:

• Cloud Providers
• Customer Relationship Management Software
• Data Storage
• Trustees and Administrators
• Security and Networking Vendors
• Accounting and Legal Services
   

These vendors may be located in multiple countries, including but not limited to:

• The United States
• Canada
• Mexico
• United Kingdom
• The European Union
• Japan
• Korea
• Australia
• Canada
• India

Marketing Communications

We, or trusted third parties on our behalf, may contact you by email or other electronic means or post with information about products, services and events that might be of interest to you. Where necessary, at the time that you provide your personal data to us, you will be given the opportunity to indicate whether or not you are happy for us to use your personal data in order to tell you about such products or services or events.

You can unsubscribe from this at any time by emailing us using the contact details provided below or in any marketing communications.

Where We Store Your Personal Data and How We Protect it

Certain affiliates and third-party service providers with whom we share personal data (as described above) may be located in countries different from ours and the country in which the data was collected (i.e., your country).

When we transfer personal data outside the country in which it was collected, we comply with all applicable data protection requirements, include the use of consent, contractual provisions, and/or data sharing arrangements that comply with local law. In order to provide adequate protection for these transfers (where applicable), the New York Life enterprise utilizes transfer mechanisms recognized by your home country, which may include executing appropriate contractual clauses based on and conforming to the EU/UK model clauses. To obtain a copy of the transfer mechanism, please contact us using the details provided below.

While we take reasonable steps to protect your personal data from loss or destruction, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your personal data transmitted to our site; any transmission is at your own risk. Once we have received your personal data, we will use strict procedures and security features to try to prevent unauthorized access.

Your Rights

You have various rights with respect to our use of your personal data:

• Access: You have the right to request a copy of the personal data that we hold about you. Please note that there are exceptions to this right, so that access may be denied if, for example, making the information available to you would reveal personal data about another person, or if we are legally prevented from disclosing such information. You are entitled to see the personal data held about you. If you wish to do this, please contact us using the contact details provided below.
• Accuracy: We aim to keep your personal data accurate, current, and complete. We encourage you to contact us using the contact details provided below to let us know if any of your personal data is not accurate or changes, so that we can keep your personal data up-to-date. [If applicable: You can also review and correct/update some of your personal data by logging-in to your account on our site.]
• Objecting: In certain circumstances, you also have the right to object to processing of your personal data and to ask us to block, erase and restrict your personal data. If you would like us to stop using your personal data, please contact us using the contact details provided below.
• Porting: You have the right to request that some of your personal data is provided to you, or to another data controller, in a commonly used, machine-readable format.
• Complaints: If you believe that your data protection rights may have been breached, you have the right to lodge a complaint with the applicable supervisory authority or to seek a remedy through the courts.
   

Please note that there are exceptions to these rights, if, for example, we are under a legal obligation to continue to process your personal data.

When we ask you to supply us with personal data we will attempt to make it clear whether the personal data we are asking for must be supplied so that we can provide the products and services to you or your employer, or whether the supply of any personal data we ask for is optional.

How Long We Keep Your Personal Data

We will retain your personal data for as long as we believe it necessary or desirable to fulfil our business purposes or to comply with applicable law, audit requirements, regulatory requests or orders from competent courts.

Personal data collected will be retained pursuant to our record retention policy, and in most instances will not be retained longer than ten (10) years from the date of last use.

Changes to our Privacy Notice

Any changes we may make to our Notice in the future will be posted on this page and, where appropriate, notified to you by e-mail. Please check back frequently to see any updates or changes to our Policy.

Contact Details

If you wish to exercise any of your legal rights, write to Kevin Bopp at kbopp@nylim.com.

Data Protection Authorities

After contacting us about Data Processing issues, you have the right to appeal to your local Data Protection Authority. Depending on your location, your local Data Protection Authority will respond to issues or complaints about the Processing of your Personal Data. These may include:

United Kingdom

The United Kingdom’s Information Commissioner’s Office

France

Commission Nationale de l’Informatique et des Libertés

Republic of Korea

개인정보보호위원회

Japan

Personal Information Protection Commission