abrdn plc and its subsidiaries take privacy seriously and is committed to safeguarding any personal information shared. As a consumer of one or more of abrdn plc’s products or services you can be assured that personal information will only be collected and used where it is necessary, fair and lawful to do so to provide you with the agreed product or service and in line with applicable privacy & data protection laws.
FAO Data Protection Officer
1 George Street
Email - DPOffice@abrdn.com
Information about you that we collect and use includes:
Information classified as ‘sensitive’ personal information e.g. relating to your health. Where we collect and use sensitive personal information, this information will only be collected and used where it’s needed to provide the product or service you have requested or to comply with our legal obligations, and where we have also obtained your explicit consent to process such information.
We may collect your personal information directly from you, from a variety of sources, including:
Our online services such as client portals, websites, social media. We may also collect personal information about you from places such as business directories and other commercially or publicly available sources e.g. to check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly
We take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only if we are able to satisfy one of the lawful processing conditions set out in the data protection laws. This will be the case where:
We sometimes use systems to make automated decisions based on personal information we have - or are allowed to collect and use from others – about you. These automated decisions can affect the products, services or features we offer you now or in the future. We use automated decisions in the following ways:
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with some of our products or services.
We may share your information internally, and with third parties for the reasons outlined in ‘Why we collect and use your information’.
We will share your information with:
Whenever we share your personal information, we will do so in line with our obligations to keep your information safe and secure.
The majority of your information is processed in the UK or European Economic Area (EEA).
However, some of your information may be processed by us or the third parties we work with in locations outside of the UK or the EEA, including the United States, Hong Kong, Singapore, and India.
Where your information is being processed outside of the UK or the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK or EEA Data Protection Laws e.g. we will put in place legal agreements with third parties and abrdn affiliates with ongoing oversight to ensure they meet these obligations.
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information whether it is being processed by us or a third party acting on our behalf.
Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.
We also use internal and external audit and specialist third party consultants to conduct regular, independent assurance and benchmarking exercises across our business to ascertain the effectiveness of our security control environment and our security strategy.
To provide you with the service or product agreed, and to fulfil our legal and regulatory obligations, we will keep your personal information and copies of records we create (e.g. calls with us) while you are a [prospective] client or customer of ours.
Even when you no longer have a relationship with us, we are required to keep information for different legal and regulatory reasons. The length of time will vary and we regularly review our retention periods to make sure they comply with all laws and regulations.
You have a number of rights under data protection laws which may be exercised in certain circumstances. These are:
You have the right of access to your personal information. If you wish to receive a copy of the personal information we hold on you, you may make a data subject access request. If you would like to submit a data subject access request, please contact your Client Portfolio Manager or Business Development Manager or the Data Protection Officer [see the How to Contact Us section for the DPO’s contact details]
If your personal information is inaccurate or incomplete, you can request that it is corrected.
You can ask for your information to be deleted or removed if there is not a compelling reason for Aberdeen Standard Capital to continue to have it.
You can ask that we block or suppress the processing of your personal information for certain reasons. This means that we are still permitted to keep your information – but only to ensure we don’t use it in the future for those reasons you have restricted.
You can ask for a copy of your personal information for your own purposes to use across different services. In certain circumstances, you may move, copy or transfer the personal information we hold to another company in a safe and secure way. For example, if you were moving your assets to another discretionary investment manager or ISA manager.
You have the right to ask abrdn to:
More information can be found on your rights here https://ico.org.uk/for-the-public If you would like to exercise any of these rights please contact your Client Relationship Manager or the Data Protection Officer [see the How to Contact us section].
While we hope that we can resolve any complaints for you, you do have the option complain to your local data protection authority (e.g. the ICO in the UK). This is available to you whether or not you have exhausted our complaints procedure.
The UK data protection authority’s details are:
The Information Commissioner’s Office
Phone helpline (UK): 0303 123 1113
Phone helpline (outside UK): +44 1625 545 700