Privacy notice for abrdn shareholders

abrdn plc (‘abrdn’, ‘our’, ‘us’ or ‘we’) is committed to protecting your personal information and your privacy.

This Privacy Notice contains important information about what personal information we collect; what we do with that information; who we may share it with and why; and your choices and rights when it comes to the personal information you have given us.

Our Cookie Policy forms part of our Privacy Notice. When you browse our abrdn plc websites, we use cookies to store information about how you use these websites in order to improve the quality of service provided to you. To understand what type of cookies we use and how these work when you use our websites, as well as how to update your preferences, read our Cookie Policy.

When you connect to the abrdn plc Share Portal or other associated share portals, Equiniti Limited, as portal provider also uses cookies. To understand what type of cookies are used by Equiniti Limited, how these work as well as how to update your preferences, please read more here.  

We keep our Privacy Notice under regular review. This version was last updated on 20 February 2023. We may need to make changes to this Privacy Notice so please check our website for updates from time to time. If there are important changes such as changes to where your personal data will be processed - we will contact you to let you know. 

Diese Datenschutzerklärung auf Deutsch anzeigen

Who we are

We are abrdn plc, a global company providing market leading savings and investment solutions to meet the needs of individuals and institutions.

This Privacy Notice applies only to shareholders who have shares in a certificated form or in a personal CREST account with holdings on the abrdn plc share register. abrdn plc is the sole controller of your personal data for these shares.

If you hold shares in the abrdn Share Account (Corporate Sponsored Nominee), you can read more about how Equiniti Financial Services Limited (EFSL), provider of this nominee service, processes your personal information here

If you hold shares in another external nominee account, please refer to the appropriate Privacy Notice for that external nominee provider.

If you participate in the Dividend Reinvestment Plan (the DRIP), you can read more about how Equiniti Financial Services Limited (EFSL) processes your personal information here.

You can read more about how Equiniti Limited, provider of the portal services, processes your personal information here.

How to contact us

If you have any questions about our Privacy Notice or the personal information we collect or use, please contact:

FAO Data Protection Officer

abrdn plc
1 George Street
Edinburgh
EH2 2LL
DPOffice@abrdn.com

 

Information we collect and use

Information about you that we collect and use includes:

  • Information about who you are e.g. your name, date of birth, address, other contact details (including email address, telephone number, passport number, national insurance number or another national identifier)
  • Information connected to your service with us e.g. your bank account details, other payment or financial information
  • Information about your contact with us e.g. phone calls, emails/letters
  • Information connected to your invitation to vote e.g. your voting instructions relevant to general meetings including our annual general meeting (AGM)
  • Information collected during your participation in general meetings including our AGM e.g. your name, address, contact details, shareholder reference number, voting information as well as images and voice recordings captured via webcasts, photos, recordings, audio and video links 
  • Information that is automatically collected e.g. via cookies when you visit one of our websites we will collect certain information such as the type of browser used, Internet Protocol (‘IP’) address
  • Information which you or third parties provide to us as part of, or contained within, any supporting documentation provided to us in accordance with the terms and conditions or where reasonably requested by us, such as death certificates, marriage certificates, grants of probate and proof of identity and address
  • Information provided by you about other people associated with you e.g. name and address of a representative acting on your behalf
  • Information classified as special category data ('sensitive' personal information) e.g. relating to your health. Where we collect and use sensitive personal information, as defined by data protection laws, this information will only be collected and used where it's needed to provide the service you have requested or to comply with our legal obligations, and where we have also obtained your explicit consent to process such information.

 

Where we collect your information

We may collect your personal information directly from you or a third party acting on your behalf, from a variety of sources, including but not limited to:

  • Forms such as share application form, stock transfer form or verification form
  • When you interact with us or our share registrar, Equiniti Limited e,g, phone conversations, email and letters
  • Supporting documentation provided to us in accordance with the terms and conditions
  • Where you exercise your rights in respect of your shares, including by your attendance at general meetings and voting in person or by your casting proxy votes, whether in hard copy form or by submitting electronic instructions via the CREST system
  • Our online services such as the share portal, websites, social media
  • We may also collect your personal information from places such as credit reference agencies, business directories and other commercially or publicly available sources e.g. to check the information we hold such as your address or to obtain updated contact information if we have been unable to contact you directly. 

 

Why we collect and use your information

We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only if we are able to satisfy one of the lawful processing conditions set out in applicable privacy & data protection laws. This will be the case where:

  • It's necessary to provide you with the service, and/or information you request from us e.g.
    • to register as a user of the share portal
    • to administer and manage your shareholding and related instructions for voting, dividends and updating records, or provide instructions
    • to check your identity
    • to provide you with information about your shareholding
    • to transfer shares in line with your instructions, including transfers involving the creation or de-materialisation of certificated shares
    • to action register updates (as part of the running of the register) in respect of shares sold or transferring out via the CREST electronic settlement system
    • to communicate with you as necessary, including to answer questions or queries raised by you; and
    • to notify you about changes to our service.
  • It's necessary for us to meet our legal or regulatory obligations e.g.
    • to provide dividend confirmations, share purchase advice notes and DRIP statements
    • to maintain a share register and keep our records up to date
    • to give you notice of general meetings including our AGM
    • to process your proxy voting requirements, if exercised
    • the assessment and collection of relevant taxes such as stamp duty and dividend tax
    • To do appropriate money laundering checks, for the detection and prevention of fraud, and identity verification.
  • You have given us your permission (consent) to collect and use your information e.g. personal data which is defined as ‘special category’ (sensitive) by law

  • It’s in our legitimate interests to process your information to better understand you and your needs so we can:
    • contact you with specific information about your shareholding
    • send you tailored communications, based on what we know about you
    • develop/further improve our shareholder services and our performance (by undertaking analytics, research, development and other similar activities)
    • learn more about AGM and other general meeting voting preferences by undertaking data analytics
    • collate and analyse management information including learning more about our existing shareholder base.

Where the processing is in our legitimate interests, we will always conduct an assessment to ensure that this use of your personal information is not excessive or unnecessary or otherwise more intrusive than it needs to be.

If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with some of our services.

Who we may share your personal information with

We will only disclose your personal information in accordance with applicable laws and regulations and where necessary to provide the agreed service to you (as outlined in the ‘Why we collect and use your information’ section). Whenever we share your personal information we will do so in line with our obligations to keep your information safe and secure. 

We may disclose your information to the following third parties:

  • Equiniti Limited, our share registrar, who has been engaged by abrdn plc to provide shareholder services
  • Euroclear UK & International Limited, operator of the CREST electronic settlement system (via our share registrar and as part of their running of the share register) in respect of register updates for shares sold or transferring out
  • Credit and identity check agencies for ID verification and credit reference checks
  • Companies we have chosen to support us in the delivery of the services we offer to you and other shareholders e.g. technology companies, companies who can help us in our contact with you, for example an internet service provider, printer and mail firms (engaged by us or by our registrar to send you information about your shareholding) and companies who assist with the administration of our general meetings
  • Third parties or individuals we consider appropriate to support our efforts to trace you if we lose contact with you e.g. to reunite you with your assets including companies chosen to support any tracing exercise
  • Companies to pay dividends and for the arrangement of lost certificate insurance e.g. banks, building societies and insurance providers
  • Our professional advisors, for example, external lawyers where needed to provide advice to us
  • Our regulators including the Financial Conduct Authority (the FCA) and the Information Commissioner’s Office for the UK (the ICO)
  • Law enforcement and other appointed agencies e.g. Police, Serious Fraud Office who support us (or where they request information) in the prevention and detection of crime
  • HM Revenue & Customs (HMRC) (or other tax authorities as required) for the purposes of preventing tax avoidance
  • Other parts of abrdn plc who support us in the provision of the services provided to you
  • Third parties who request to inspect the share register or request a copy of the share register as permitted by The Companies Act 2006 and only where it has been verified that this is for a ‘proper purpose’ as defined by this Act
  • Third parties who are authorised to act on your behalf e.g. your legal representative
  • Third parties in the negotiation of a sale, restructure or re-organisation of all or part of abrdn plc e.g. professional advisers or prospective purchasers.

Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.

 

Where your information is processed

The majority of your information is processed in the UK and the European Economic Area (EEA). However, some of your information may be processed by third parties we work with such as our share registrar in countries outside of the UK or the EEA, including countries such as India.

Where your information is being processed outside of the UK or the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK or EEA Data Protection Laws, e.g. we will put in place legal agreements with third parties and abrdn affiliates with ongoing oversight to ensure they meet these obligations.

 

How we protect your information

We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our privacy & data protection obligations. 

Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information whether it is being processed by us or a third party acting on our behalf.

Our employees also protect personal and other confidential information when processing, storing or transmitting information electronically and must undertake annual training on this.

Internal and external audits are carried out on a regular basis and specialist third party consultants conduct regular, independent assurance and benchmarking exercises across our business to ascertain the effectiveness of our security control environment and our security strategy.

 

How long we keep your information

To provide this service and meet our legal and regulatory obligations, we will keep your personal information and copies of records we create (e.g. calls with us) while you are a shareholder.

Even when you no longer have a relationship with us, we are required to keep information for different legal and regulatory reasons. This means your personal data is held for no longer than 7 years from the date your account is shown at nil (on cessation of the relationship with you) as long as no further activities affecting the nil balance occurs.

We regularly review our retention periods to make sure they comply with all laws and regulations.

 

Your rights

You have a number of rights under data protection laws which may be exercised in certain circumstances. These are:

 

Right to be informed about how and why we are processing your personal information

You have a right to receive clear and easy to understand information on what personal information we have, why and who we share it with. We do this in our Privacy Notice or other privacy notices contained within application forms, voting forms and other documents.

Right of access to personal information relating to you

You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request (DSAR).

Right to request rectification of inaccurate or incomplete personal information 

If your personal information is inaccurate or incomplete, you can request that it is corrected.

Right to request erasure of your personal information

You can ask for your information to be deleted or removed if there is not a compelling reason for us to continue to have it.

Right to restrict processing of your personal information

You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.

Right to data portability

You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, if you were moving to a new nominee provider.

Right to object to processing of your personal information

You can object to us processing your personal information where: it’s based on our legitimate interests (including profiling); for direct marketing (including profiling); and if we were using it for scientific/historical research and statistics.

In some circumstances, although you may not be entitled to require us to erase your information, you may be entitled to limit the purposes for which we can use your information.

Right to not be subject to automated decision-making including profiling

You have the right to ask abrdn to:

  • Give you information about its processing of your personal information
  • Request human intervention or challenge a decision where processing is done solely by automated processes
  • Carry out regular checks to make sure that our automated decision making and profiling processes are working as they should.

More information can be found on your rights here

If you require any more information on your rights and how to exercise them, you can email: DPOffice@abrdn.com

How to make a complaint

We will always strive to collect, use and safeguard your personal information in line with applicable privacy & data protection laws. If you have any questions or concerns in relation to how we have handled your information as set out in this Privacy Notice, please let us know immediately and we will do our utmost to make things right.

Please contact us at:

FAO Data Protection Officer

abrdn plc
1 George Street
Edinburgh
EH2 2LL
Email: DPOffice@abrdn.com

While we hope that we can resolve any complaints for you, you do have the option to complain to the ICO (whether or not you have exhausted our complaints procedure). Their contact details are as follows:

Website: https://ico.org.uk/

Postal address:

Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF

Telephone: 0303 123 1113 (local rate) or 01625 545 745 if you prefer to use a national rate number