Data Protection and Privacy Statement
As an asset manager, we take the protection and privacy of your personal information very seriously and understand the importance of the personal data that has been entrusted to us. We believe that it is one of our fundamental responsibilities to maintain the confidentiality of information entrusted to Nomura Asset Management Europe KVG mbH by current or prospective clients, business partners, our employees and website visitors (hereinafter collectively referred to as the “Data Subjects”). We have been safeguarding personal data (including name, address, phone number, email address, gender, job title, occupation, date/place of birth, pictures, etc.) of Data Subjects for decades by maintaining strict standards of security and procedures which are specially designed to prevent misuse of this information. The following documentation explains to what extent and for what reasons we process personal data. Moreover, we would like to explain some of our procedures which are intended to protect your privacy.
1. Who is responsible for data processing and whom can I contact?
The responsibility for data processing and for the content on this website rests with Nomura Asset Management Europe KVG mbH, Gräfstraße 109, 60487 Frankfurt am Main, phone number: +49 (0)69 1530 93 020. Do not hesitate to contact us if you have any questions or comments about data privacy. You can contact our data protection officer Ms. Nicole Janikowski at the above address or by emailing email@example.com.
2. Why does Nomura Asset Management Europe KVG mbH process personal data and on what legal basis does it do so?
We process personal data in conformity with the legal requirements of the Federal Data Protection Act (Bundesdatenschutzgesetz, “BDSG”), the General Data Protection Regulation (the “GDPR”) and the Telemedia Act (“Telemediengesetz”):
a) For the performance of a contract or to take steps prior to entering into a contract (Art. 6(1b) GDPR)
Personal data is processed to fulfil our obligations under contracts with our clients, investors, service providers and other business partners, the implementation of pre-contractual measures as well as for the processing of billing.
b) For legitimate interests that are not overridden by the Data Subject’s other interests (Art. 6(1f) GDPR)
We also process personal data where needed to pursue our legitimate interests or those of a third party. These legitimate interests include, but are not limited to, our ambition and efforts to improve our products and services in our clients’ best interests and to better align our business processes with our clients’ interests. If, for example, we collect your contact details at one of our events (including trade shows), we will store them in order to contact you about similar events of ours in the future. Other examples:
We process personal data to respond to Data Subjects’ inquiries and supply these individuals with other relevant information about products/services and their changes, to inform and actively support interested parties, customers and distribution partners via the internet, e-mail and telephone.
Furthermore, we process data for the purpose of customer care and data exchange in the Nomura-Group – if needed.
If necessary, we process data to assert legal claims, for the defense in legal disputes and for crime prevention and detection.
We process data to ensure our e-mail communication, our IT security and our IT system.
We collect on the basis of our legitimate interests, any access to the server on which this service is located (so-called server log files). The access data include, among other referrer URL (the previously visited page), IP address and the requesting provider. IP addresses are stored anonymously. The last part of the IP address is replaced. The IP addresses stored anonymously can be used by us for statistical purposes.
c) Based on the Data Subject’s consent (Art. 6(1a) GDPR)
The processing of personal data is lawful wherever the Data Subjects have consented to the processing for one or more specific purposes (e.g. to receive information about our products, services and events via newsletter). Consent may be revoked at any time. This also applies to declarations of consent issued to us before the GDPR took effect, i.e. before May 25, 2018. Please note that the revocation only applies to future processing. It does not affect any processing performed prior to the revocation.
d) Due to legal requirements (Art. 6(1c) GDPR)
As an investment management company, we are subject to various legal obligations and legal requirements (e.g. Capital Investment Code, Money Laundering Act, etc.) as well as supervisory requirements (e.g. the Federal Financial Supervisory Authority). To fulfill the legal requirements we process personal data for purposes including, but not limited to, the verification of identity and reliability, prevention of fraud and money laundering, the fulfilment of tax compliance and reporting obligations, the assessment and management of risks and the provision of IT security and of the IT system. Furthermore, we are obligated to record the content of telephone conversations in securities trading.
3. What is the source of the personal data that we process?
We process personal data shared with us through our website or provided to us in connection with (current or prospective) business or working relationships (e.g. when registering for and attending our events, in connection with current or imminent contractual relationships, for business meetings, phone calls, written communications, email correspondence, job applications, the provision of business cards, etc.). We also process personal data that we have lawfully procured from public sources (e.g. commercial register, news media) and are allowed to process. Personal data is processed in accordance with data protection laws.
4. How long is personal data stored?
Personal data is only stored for as long as it takes to fulfil the purpose for which it was entrusted to us. Data no longer needed to fulfil the purpose is erased on a regular basis unless there are other requirements to retain the data for a longer (limited) period of time. Legal retention periods are defined in the German Commercial Code (“Handelsgesetzbuch”) and German Tax Code (“Abgabenordnung”). The data retention and documentation periods set out in these laws range from two to ten years. Limitation periods under civil law may be as long as 30 years, but generally amount to three years.
5. What data protection rights do you have?
Every data subject has a right:
• of access under Article 15 GDPR,
• to rectification under Article 16 GDPR,
• to erasure under Article 17 GDPR,
• to restriction of processing under Article 18 GDPR,
• to object under Article 21 GDPR and
• to data portability under Article 20 GDPR.
The right of access and right to erasure are subject to the qualifications defined in §§ 34 and 35 BDSG. You may also lodge a complaint with the data protection regulator in Hesse (Article 77 GDPR in conjunction with § 19 BDSG).
6. Am I under an obligation to provide data?
Clients, business partners and service providers who have a valid contract with us, as well as their employees and corporate representatives, should only provide the personal data needed for the commencement and execution of a business relationship and the data required to perform the relevant contractual obligations as well as the personal data we are legally obligated to collect. If you decide not to supply required data to us, we may be unable to respond to your request in a timely fashion or might have to refuse to conclude a contract, if it requires the processing of certain pieces of data.
7. To what extent does Nomura Asset Management Europe KVG mbH engage in automated decision-making?
We generally do not engage in automated decision-making as defined in Art. 22 GDPR.
8. Who receives your data?
At Nomura Asset Management Europe KVG mbH, your data is received by those bodies who need it to fulfil the purpose of data processing. Employees are bound by non-disclosure agreements that adequately safeguard your interests with respect to data processing. Data is not shared with third parties except where permitted by law or where the Data Subjects have given their consent. Processors may also receive data for these purposes if they safeguard banking secrecy and adhere to the EU-General Data Protection Regulation. In this context, “third parties” also include other Nomura Group companies in and outside the EU.
9. Is data transmitted to a third country or to an international organisation?
A transfer of data to bodies in countries outside the European Union takes place as required by law, if consent has been given or if justified by a legitimate interest under data protection law and not opposed by any higher interest worthy of protection of the data subject. Transmission if the bodies have provided suitable guarantees, (e.g. through the agreement of EU standard contractual clauses) for compliance with the level of data protection in the European Union and enforceable rights and effective remedies are available. For third countries for which there is an adequate level of protection of personal data in Europe by order of the EU Commission (Article 45 GDPR) or if the data subject has given express consent, additional written agreements are not necessary.
10. Other information:
Information about your right to object under Article 21 of the General Data Protection Regulation (GDPR)
You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (f) of Article 6(1) GDPR (processing to pursue legitimate interests not overridden by the Data Subjects’ interests).
If you object, we will no longer process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
Objections do not have to follow any particular form and should ideally be sent via e-mail to: firstname.lastname@example.org
Our websites sometimes use “cookies”. Cookies do not cause any damage on your computer and contain no viruses. The purpose of cookies is to make our service more user friendly, effective and secure. A cookie is a small text file placed on your computer and saved by your browser.
The majority of the cookies we use are “session cookies”, which are automatically deleted at the end of your website visit. Other cookies remain stored on your device until you delete them. These cookies enable us to recognise your browser the next time you visit our site.
You can configure your browser so that you are informed about cookies stored on your computer and you can decide to accept them on a case-by-case basis. You can also block cookies in certain cases or generally, as well as activate the automatic deletion of cookies when you close your browser. If you deactivate cookies, this may restrict the functionality of this website.
This website uses functions of web analysis service Google Analytics. The provider is Google Inc., 1600 Amphitheatre Parkway Mountain View, CA 94043, USA. Google Analytics uses “cookies”, which are text files stored on your computer and which allow an analysis of your usage of the website. The information generated by the cookie about your usage of this website will as a rule be passed on to a Google server in the US and saved there.
We have activated the IP anonymisation function on this website. This means that your IP address will first be truncated by Google within the Member States of the European Union or other states that are contracting parties to the Agreement on the European Economic Area. Only in exceptional cases will the full IP address be passed on to a Google server in the US and truncated there. On behalf of the operator of this website, Google will use this information to evaluate your usage of the website, compile reports on website activity and provide the website operator other services relating to the use of the website and the Internet. The IP address transmitted by your browser through Google Analytics will not be combined with other Google data.
You can prevent cookies from being saved by configuring your browser accordingly. However, we would point out that if you do this it is possible that you will not have full functionality of this website. In addition, you can prevent Google from collecting and processing the cookie data relating to your usage of the website (including your IP address) by downloading and installing the browser plug-in available at the following link: https://tools.google.com/dlpage/gaoptout?hl=en
Objection to data collection
You can prevent Google Analytics from collecting your information by clicking on the following link. An opt-out cookie will be set that prevents your data from being collected when you visit this website in the future: Disable Google Analytics
For further information on how Google Analytics handles user data, see Google’s data privacy and security policy: https://support.google.com/analytics/answer/6004245?hl=en
Demographic features in Google Analytics
This website uses the “demographic features” function of Google Analytics. It allows reports to be created that contain information about the age, gender and interests of the visitors to the site. This data originates from Google’s interest-based advertising and visitor data from third-party providers. This data cannot be assigned to a specific person. You can disable this function at any time through your Google account’s ad settings, or generally disallow collection of your data by Google Analytics, as presented in the “Objection to data collection” section.
Our website uses functions of the LinkedIn networking site. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time you access one of our web pages containing LinkedIn functions, a connection to LinkedIn’s servers will be established. LinkedIn will be informed that you have visited our website from your IP address. If you click LinkedIn’s “Recommend Button” while you are logged into your LinkedIn account, LinkedIn will be able to link your visit to our website with your user account. Please note that as the provider of the web pages we have no knowledge of the content of the data transmitted to LinkedIn or of its use by LinkedIn.
As per 14th of September 2020
© Nomura Asset Management Europe KVG mbH, Frankfurt am Main. All rights reserved