abrdn is committed to protecting your personal information.
Who we are
We are abrdn. We aim to empower our clients to plan, save and invest for their futures.
How to contact us
FAO Data Protection Officer
1 George Street
Information we collect and use
Information about you that we collect and use includes:
- Information about who you are e.g. your name, date of birth and contact details
- Information connected to your product or service with us e.g. your bank account details
- Information about your contact with us e.g. meetings, phone calls, emails / letters
- Information that is automatically collected e.g. via cookies when you visit one of our websites
- Information if you visit one of our offices e.g. visual images collected via closed circuit television (CCTV)
- Information classified as ‘sensitive’ personal information e.g. relating to your health
- Children are not able to buy products and services from us. However, on instruction from a parent or guardian, a child can also be named as a beneficiary on some funds and trusts. In these cases, we collect limited personal information to identify the child (such as their name, age, gender).
Where we collect and use sensitive personal information, this information will only be collected and used where it’s needed to provide the product or service you have requested or to comply with our legal obligations, and where we have also obtained your explicit consent to process such information.
Where we collect your information
We may collect your personal information directly from you, from a variety of sources, including:
- An application form for a product or service
- Phone conversations with us
- Emails or letters you send to us
- Meetings with one of our business development or relationship managers
- Registering for one of our events
- Participating in research surveys to help us understand you better and improve our products and services
- Entering competitions e.g. to win tickets to a sporting event which we sponsor
- Our online services such as websites, social media and mobile device applications (‘Apps’)
If you have a financial adviser, the information we collect and use will most likely have been provided by them on your behalf.
We may also collect personal information about you from places such as business directories and other commercially or publicly available sources e.g. to check or improve the information we hold (like your address) or to give better contact information if we are unable to contact you directly
Why we collect and use your informationWe take your privacy seriously and we will only ever collect and use information which is personal to you where it is necessary, fair and lawful to do so. We will collect and use your information only if we are able to satisfy one of the lawful processing conditions set out in the data protection laws. This will be the case where:
- it’s necessary to provide the product or service you have requested e.g. if you wish to invest in one of our funds or products we will require some personal information which may include your name, address, date of birth, and bank account details
- it’s necessary for us to meet our legal or regulatory obligations e.g. to send you Annual Statements, tell you about changes to Terms and Conditions or for the detection and prevention of fraud
- it’s in the legitimate interests of abrdn i.e. to deliver appropriate information and guidance so you are aware of the options that may help you get the best outcome from your product or investment; where we need to process your information to better understand you and your needs so we can send you more relevant communications about the products you have with us and to develop new products and services. Where the processing is in our legitimate interests, we will always conduct an assessment to ensure that this use of your personal information is not excessive or unnecessary or otherwise more intrusive than it needs to be
- you have given us your permission [consent] to use your information in this way. For example, if we are collecting and using your sensitive personal information or for certain types of direct marketing
If you do not wish us to collect and use your personal information in these ways, it may mean that we will be unable to provide you with our products or services.
We sometimes use systems to make automated decisions based on personal information we have - or are allowed to collect and use from others – about you. These automated decisions can affect the products, services or features we offer you now or in the future. We use automated decisions in the following ways:
- Tailoring products and services e.g. placing you in groups with similar customers to make decisions about the products and services we may offer you to help meet your needs
- When designing and enhancing our online services to help meet your requirements for ongoing guidance and support
Who we share your information with and why
We may share your information internally, and with third parties for the reasons outlined in ‘Why we collect and use your information’.
We will share your information with:
- Other parts of abrdn and abrdn plc who support us in the provision of the product or service you have
- Credit reference agencies for the purposes of conducting a credit check and ID verification
- Your adviser, trustee, business associate, professional advisor where this is required as part of the product or service you have agreed with us
- Companies we have chosen to support us in the delivery of the products and services we offer to you and other customers. For example, research, consultancy or technology companies who help us improve our service to you
- Companies who can help us in our contact with you, for example an internet service provider
- Our regulators; including the Financial Conduct Authority and the Information Commissioner's Office (the ICO) in the UK
- Law enforcement and other appointed agencies who support us (or where they request the information) in the prevention and detection of crime; and HM Revenue & Customs (HMRC) for the purposes of tax reporting where necessary.
Where your information is processed
The majority of your information is processed in the UK or European Economic Area (EEA).
However, some of your information may be processed by us or the third parties we work with in locations outside of the UK or the EEA, including the United States, Hong Kong, Singapore, and India.
Where your information is being processed outside of the UK or the EEA, we take additional steps to ensure that your information is protected to at least an equivalent level as would be applied by UK or EEA Data Protection Laws e.g. we will put in place legal agreements with third parties and abrdn affiliates with ongoing oversight to ensure they meet these obligations.
How we protect your information
We take information and system security very seriously and we strive to comply with our obligations at all times. Any personal information which is collected, recorded or used in any way, whether on paper, online or any other media, will have appropriate safeguards applied in line with our data protection obligations.
Your information is protected by controls designed to minimise loss or damage through accident, negligence or deliberate actions. Our employees also protect sensitive or confidential information when storing or transmitting information electronically and must undertake annual training on this.
Our security controls are aligned to industry standards and good practice; providing a control environment that effectively manages risks to the confidentiality, integrity and availability of your information.
How long we keep your information
To provide your product or investment, and meet our legal and regulatory obligations, we keep your personal information and copies of records we create (e.g. calls with us) while you are a client or customer of ours.
Even when you no longer have a relationship with us, we are required to keep information for different legal and regulatory reasons. The length of time will vary and we regularly review our retention periods to make sure they comply with all laws and regulations.
You have a number of rights under data protection laws which may be exercised in certain circumstances. These are:
- the right to be informed about how and why we are processing your personal information
- the right of access to personal information relating to you
- the right to rectification of inaccurate or incomplete personal information
- the right to request erasure of your personal information
- the right to restrict processing of your personal information
- the right to data portability
- the right to object to processing of your personal information (e.g. profiling or direct marketing)
- the right not to be subject to automated decision making (including profiling) which significantly or legally affects you
For more information on your rights and how to exercise them please contact us (see ‘How to contact us’ section).
How to make a complaint
While we hope that we can resolve any complaints for you, you do have the option complain to your local data protection authority (e.g. the ICO in the UK). This is available to you whether or not you have exhausted our complaints procedure.
The UK data protection authority’s details are:
The Information Commissioner’s Office
Phone helpline (UK): 0303 123 1113
Phone helpline (outside UK): +44 1625 545 700