Data Protection and Privacy Statement

As an asset manager, we take the protection and privacy of your personal information very seriously and understand the importance of the personal data that has been entrusted to us. We believe that it is one of our fundamental responsibilities to maintain the confidentiality of information entrusted to Nomura Asset Management Europe KVG mbH by current or prospective clients, business partners, our employees and website visitors (hereinafter collectively referred to as the “Data Subjects”). We have been safeguarding personal data (including name, address, phone number, email address, gender, job title, occupation, date/place of birth, pictures, etc.) of Data Subjects for decades by maintaining strict standards of security and procedures which are specially designed to prevent misuse of this information. The following documentation explains to what extent and for what reasons we process personal data. Moreover, we would like to explain some of our procedures which are intended to protect your privacy.

1) Who is responsible for data processing and whom can I contact?

The responsibility for data processing and for the content on this website rests with Nomura Asset Management Europe KVG mbH, Gräfstraße 109, 60487 Frankfurt am Main, phone number: +49 (0)69 1530 93 020. Do not hesitate to contact us if you have any questions or comments about data privacy. You can contact our data protection officer Ms. Nicole Voltz at the above address or by emailing datenschutz@nomura-asset.eu.

2) Why does Nomura Asset Management Europe KVG mbH process personal data and on what legal basis does it do so?

We process personal data in conformity with the legal requirements of the Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG”), the General Data Protection Regulation (the “GDPR”) and the Telemedia Act (“Telemediengesetz”):

a) For the performance of a contract or to take steps prior to entering into a contract (Art. 6(1b) GDPR)

Personal data is processed to fulfil our obligations under contracts with our clients, investors, service providers and other business partners, employees and forthe implementation of pre-contractual measures as well as for the processing of billing.

b) Based on the Data Subject’s consent (Art. 6(1a) GDPR)

The processing of personal data is lawful wherever the Data Subjects have consented to the processing for one or more specific purposes.

By subscribing to our newsletter, you consent to the electronic processing and storage of the contact data you have provided and allow us to inform you regularly about our products and services, as well as current developments and events.

By registering for one of our events (including digital events), you give us consent to use your data (e.g. registration data) for the organization and execution of the event.

Consent may be revoked at any time. This also applies to declarations of consent issued to us before the GDPR took effect, i.e. before May 25, 2018. Please note that the revocation only applies to future processing. It does not affect any processing performed prior to the revocation.

c) For legitimate interests that are not overridden by the Data Subject’s other interests (Art. 6(1f) GDPR)

We also process personal data where needed to pursue our legitimate interests or those of a third party. These legitimate interests include, but are not limited to, our ambition and efforts to improve our products and services in our clients’ best interests and to better align our business processes with our clients’ interests.

We process personal data to respond to inquiries and supply these individuals with other relevant information about products/services and their changes, and to inform and actively support interested parties, customers and distribution partners via the internet, e-mail and telephone.

If you participate in one of our events (incl. digital events), we process your data in connection with the organization and execution of this event additionally for communication in connection with this and similar events and for statistical evaluation.

Furthermore, we process data for the purpose of customer care, for the organization and execution of events and data exchange in the Nomura-Group – if needed.

If necessary, we process data to assert legal claims, for the defense in legal disputes and for crime prevention and detection.

We process data to ensure our e-mail communication, our IT security and our IT system.

We collect on the basis of our legitimate interests, any access to the server on which this service is located (so-called server log files). The access data include, among other referrer URL (the previously visited page), IP address and the requesting provider. IP addresses are stored anonymously. The last part of the IP address is replaced. The IP addresses stored anonymously can be used by us for statistical purposes.

d) Due to legal requirements (Art. 6(1c) GDPR)

As an investment management company, we are subject to various legal obligations and legal requirements (e.g. Capital Investment Code, Money Laundering Act, etc.) as well as supervisory requirements (e.g. the Federal Financial Supervisory Authority). To fulfill the legal requirements we process personal data for purposes including, but not limited to, the verification of identity and reliability, prevention of fraud and money laundering, the fulfilment of tax compliance and reporting obligations, the assessment and management of risks and the provision of IT security and of the IT system. Furthermore, we are obligated to record the content of telephone conversations in securities trading.

3) What is the source of the personal data that we process?

We process personal data shared with us through our website or provided to us in connection with (current or prospective) business or working relationships (e.g. when registering for and attending our events, in connection with current or imminent contractual relationships, for business meetings, phone calls, written communications, email correspondence, job applications, the provision of business cards, etc.). We also process personal data that we have lawfully procured from public sources (e.g. commercial register, news media) and are allowed to process. Personal data is processed in accordance with data protection laws.

4) How long is personal data stored?

Personal data is only stored for as long as it takes to fulfil the purpose for which it was entrusted to us. Data no longer needed to fulfil the purpose is erased on a regular basis unless there are other requirements to retain the data for a longer (limited) period of time. Legal retention periods are defined in the German Commercial Code (“Handelsgesetzbuch”) and German Tax Code (“Abgabenordnung”). The data retention and documentation periods set out in these laws range from two to ten years. Limitation periods under civil law may be as long as 30 years, but generally amount to three years.

5) What data protection rights do you have?

Every data subject has a right:

• of access under Article 15 GDPR,
  • to rectification under Article 16 GDPR,
  • to erasure under Article 17 GDPR,
  • to restriction of processing under Article 18 GDPR,
  • to object under Article 21 GDPR and
  • to data portability under Article 20 GDPR.

The right of access and right to erasure are subject to the qualifications defined in §§ 34 and 35 BDSG. You may also lodge a complaint with the data protection regulator in Hesse (Article 77 GDPR in conjunction with § 19 BDSG).

6) Am I under an obligation to provide data?

Clients, business partners and service providers who have a valid contract with us, as well as their employees and corporate representatives, should only provide the personal data needed for the commencement and execution of a business relationship and the data required to perform the relevant contractual obligations as well as the personal data we are legally obligated to collect. If you decide not to supply required data to us, we may be unable to respond to your request in a timely fashion or might have to refuse to conclude a contract, if it requires the processing of certain pieces of data.

7) To what extent does Nomura Asset Management Europe KVG mbH engage in automated decision-making?

We generally do not engage in automated decision-making as defined in Art. 22 GDPR.

8) Who receives your data?

At Nomura Asset Management Europe KVG mbH your data is received by those bodies who need it to fulfil the purpose of data processing. Employees are bound by non-disclosure agreements that adequately safeguard your interests with respect to data processing. Data is not shared with third parties except where permitted by law and where it serves the fulfillment of one of the purposes mentioned in section 2. Thus, your personal data may be transferred to service providers, insofar as this is necessary. Our service providers are companies in the categories of IT services, telecommunications, auditors, and consulting and advisory services. We have contractual arrangements with all service providers and processors to protect the data to be processed.

In addition, we may transfer data to other companies within the Nomura Group to the extent that this is necessary for customer service or the fulfillment of obligations arising from contracts with our customers, investors and other business partners and service providers, as well as for the implementation of pre-contractual measures, the organization and execution of events and the processing of invoices.

Furthermore, data is transferred to third parties if this is necessary to fulfill a legal obligation. Under this condition, recipients of personal data may be, for example, public bodies and institutions (e.g. Federal Financial Supervisory Authority, financial authorities, law enforcement authorities) if a legal or official obligation exists.

Other data recipients may be those entities for which you have given us your consent to transfer data

9) Is data transmitted to a third country or to an international organisation?

The data recipients mentioned in section 8 are located both inside and outside the European Union. A transfer of data to bodies in countries outside the European Union takes place as required by law, if consent has been given or if justified by a legitimate interest under data protection law and not opposed by any higher interest worthy of protection of the data subject. A transfer to third countries is permissible if the bodies have provided suitable guarantees within the meaning of GDPR, (e.g. through the agreement of EU standard contractual clauses) for compliance with the level of data protection in the European Union and enforceable rights and effective remedies are available. For third countries for which there is an adequate level of protection of personal data in Europe by order of the EU Commission (Article 45 GDPR) or if the data subject has given express consent, additional written agreements are not necessary.

You can request a list of the recipients of your data as well as information on the protective measures in place in individual cases that we have taken with regard to the transfer of your personal data to third countries via: datenschutz@nomura-asset.eu

10) Other information:

Information about your right to object under Article 21 of the General Data Protection Regulation (GDPR)

You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (processing to pursue legitimate interests not overridden by the Data Subjects’ interests).

If you object, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.

Objections do not have to follow any particular form and should ideally be sent via e-mail to: datenschutz@nomura-asset.eu

Cookies

Our websites sometimes use “cookies”. Cookies do not cause any damage on your computer and contain no viruses. The purpose of cookies is to make our service more user friendly, effective and secure. A cookie is a small text file placed on your computer and saved by your browser.

The majority of the cookies we use are “session cookies”, which are automatically deleted at the end of your website visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit our site.

You can configure your browser so you can decide to accept cookies on a case-by-case basis. You can also block cookies in certain cases or generally, as well as activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, this may restrict the functionality of this website.

Google Analytics

This website uses functions of web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses “cookies”, which are text files stored on your computer and which allow an analysis of your usage of the website. The information generated by the cookie about your usage of this website will as a rule be passed on to a Google server in the US and saved there.

IP anonymisation

We have activated the IP anonymisation function on this website. This means that your IP address will first be truncated by Google within the Member States of the European Union or other states that are contracting parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be passed on to a Google server in the US and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your usage of the website, compile reports on website activity and provide the website operator other services relating to the use of the website and the Internet. The IP address transmitted by your browser through Google Analytics will not be combined with other Google data.

Browser plug-in

You can prevent cookies from being saved by configuring your browser accordingly. However, we would point out that if you do this it is possible that you will not have full functionality of this website. In addition, you can prevent Google from collecting and processing the cookie data relating to your usage of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en

Objection to data collection

You can prevent Google Analytics from collecting your information by clicking on the following link. An opt-out cookie will be set that prevents your data from being collected when you visit this website in the future: Disable Google Analytics

For further information on how Google Analytics handles user data, see Google’s data privacy and security policy: https://support.google.com/analytics/answer/6004245?hl=en

Demographic features in Google Analytics

This website uses the “demographic features” function of Google Analytics. It allows reports to be created that contain information about the age, gender and interests of the visitors to the site. This data originates from Google’s interest-based advertising and visitor data from third-party providers. This data cannot be assigned to a specific person. You can disable this function at any time through your Google account’s ad settings, or generally disallow collection of your data by Google Analytics, as presented in the “Objection to data collection” section.

LinkedIn

Our website uses functions of the LinkedIn networking site. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you access one of our web pages containing LinkedIn functions, a connection to LinkedIn’s servers will be established. LinkedIn will be informed that you have visited our website from your IP address. If you click LinkedIn’s “Recommend Button” while you are logged into your LinkedIn account, LinkedIn will be able to link your visit to our website with your user account. Please note that as the provider of the web pages we have no knowledge of the content of the data transmitted to LinkedIn or of its use by LinkedIn.

For further information, please refer to LinkedIn’s privacy policy at:

https://www.linkedin.com/legal/privacy-policy

AWStats

Our website uses the open source program AWStats by Laurent Destailleur for the statistical evaluation of visitor behavior as a web analysis program. The analysis of visitor behavior is necessary for the fulfillment of the function of this website. For this purpose, log files are created and evaluated on the basis of visitor requests (log data analysis). The log files contain, for example, information about the length of stay, page views as well as the IP address. The IP address is immediately anonymized during this process, so that you as a user remain anonymous to us. This data is also not merged with other data from other sources. A deletion of the data evaluated by AWStats takes place automatically after its evaluation. For more information on AWStats, please visit: http://awstats.sourceforge.net.

Changes and updates to the privacy policy

We encourage you to visit our Privacy Policy regularly to see if there have been any changes. You will recognize this, among other things, on the date of the last change, which is stated at the end of this document. We will adjust the privacy policy as soon as the changes to the data processing we make require it. If the changes require your participation (for example, consent) or other individual notification, we will inform you.

As per 08th of February 2024

© Nomura Asset Management Europe KVG mbH, Frankfurt am Main. All rights reserved.