Privacy


This webpage is comprised of the following privacy policies: (1) Privacy & Cookie Policy – General, which is the privacy policy applicable to clients, prospective clients, and website users; and (2) Privacy Policy – Employee and Contractor, which is the privacy policy applicable to our employees and contractors.

Fisher Investments Europe
Privacy & Cookie Policy

Last Updated: January 2019

1.       General

This Privacy & Cookie Policy (this “Policy”) sets out how Fisher Investments Ireland Limited, trading as Fisher Investments Europe, and its branches (“Fisher Investments Europe”), uses information about natural people (“Individuals”). This includes:

  • prospective clients, clients, and their representatives;
  • website users;
  • business contacts working with service providers and vendors; and
  • individuals who agree to participate in market research.

For more information about Fisher Investments Europe, please see the Regulatory Information section at the bottom of Fisher Investments Europe’s websites.

Fisher Investments Europe is committed to privacy, and will only use information about identified or identifiable Individuals (“Personal Data”) in accordance with this Policy. This Policy applies to Fisher Investments Europe’s websites and all interactions of Fisher Investments Europe with Individuals resident in the European Economic Area (“EEA”).

Individuals can contact Fisher Investments Europe in relation to this Policy using the following details:

Fisher Investments Ireland Limited
trading as Fisher Investments Europe
Attn: Frank Nies, Data Protection Officer
3 George’s Dock
International Financial Service Centre
Dublin 1
D01 X5X0 Ireland
privacy@fisherinvestments.ie
+1 650 851 3334

2.      What Personal Data Fisher Investments Europe Uses

Fisher Investments Europe uses the following Personal Data for the following categories of Individuals:

a.      Prospective clients, clients, and their representatives:

  • Fisher Investments Europe uses the name, address and email address of Individuals provided by third party list vendors to provide offers for Fisher Investments Europe’s informational materials. Such Personal Data may come from public sources and/or such vendors’ private databases.
  • Fisher Investments Europe uses the name, address, telephone numbers, email address, and asset level category of Individuals who provide such information at the time that they request Fisher Investments Europe informational materials, and at the time that they express an interest in services offered by Fisher Investments Europe.
  • When Individuals request that Fisher Investments Europe provide a suitability assessment and investment strategy recommendation and/or engage Fisher Investments Europe as discretionary investment manager, Fisher Investments Europe use the Personal Data which Individuals provide directly, including:
    • Information provided in the Confidential Client Profile;
    • Information provided in the Confidential Client Agreement, account statements, account opening documents for the custodian, and any instruction or mandate form with respect to Fisher Investments Europe’s discretionary investment management service;
    • Information provided to employee representatives of Fisher Investments Europe in-person and by telephone, including information Fisher Investments Europe may request from time to time to assist in providing services to the Individual.
    • To conduct a suitability assessment and design a recommended investment strategy for Individuals, as well as conduct ongoing suitability assessments for clients, Fisher Investments Europe uses information provided by Individuals about their mental and physical health (“Health Data”), including in the context of conducting a proprietary assessment of an Individual’s life expectancy and any impact on the investment time horizon for the Individual’s assets.
    • Fisher Investments Europe is required under the EU Directive 2015/849 of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (“AML Directive”) and other applicable anti-money laundering laws and regulations (collectively “AML Laws”) to carry out identity verification, sanctions checks, and anti-money laundering and anti-terrorist financing screens. Accordingly, Fisher Investments Europe uses the name, date of birth and address provided by Individuals seeking to become clients of Fisher Investments Europe to perform a sanctions and anti-money laundering check using the services of a third party service provider, which may reveal information relating to criminal convictions or offences.
    • Fisher Investments Europe is required under the Markets in Financial Instruments Directive 2014/65/EU (“MiFID II”) and Commission Delegated Regulation (EU) 2017/565 (“CDR 2017/565”) to record telephone conversations that relate to activities in financial instruments. Accordingly, certain telephone calls between the Individual and Fisher Investments Europe will be recorded.

b.      Website users:

  • Fisher Investments Europe may place ads on publishers’ websites or within email content, either directly through the publisher or via a third party. As a result of Individuals interacting with the advertising content, ad server companies will collect Individuals’ domain types, IP address, and clickstream data.
  • Fisher Investments Europe’s websites use cookies and other online tracking technologies that collect information about internet browsing habits and history (collectively referred to in this Policy as “cookies”). For more information, please see Section 9 below.

c.       Business contacts at service providers and vendors:

  • In dealing with service providers and vendors, Fisher Investments Europe obtains information about the business contact, including name, title, name, address, telephone and fax numbers and email address.

d.      Individuals who agree to participate in market research:

  • When Individuals agree to participate in market research, Fisher Investments Europe uses information about Individuals’ marketing, investment and servicing preferences. Such data is provided directly by Individuals to Fisher Investments Europe or to a third party service provider engaged by Fisher Investments Europe to conduct such market research.
3.      Fisher Investments Europe’s Use of Personal Data

a.      Purposes and Lawful Bases

Fisher Investments Europe may use Personal Data for the following purposes, and upon the legal bases set out in the table below.

Purpose for which Fisher Investments Europe uses Personal Data

Legal Basis upon which Fisher
Investments Europe relies

To assess suitability and design an investment strategy recommendation

This includes providing financial analysis.

Fisher Investments Europe can use Personal Data for this purpose because it is necessary to perform a contract to which the Individual is a party or to take steps at the request of the Individual prior to entering into a contract.

Fisher Investments Europe can also use Health Data for this purpose where Individuals have consented to it.

To provide discretionary investment management services

Fisher Investments Europe can use Personal Data for this purpose because it is necessary to perform a contract to which the Individual is a party.

To verify identity

Fisher Investments Europe can use Personal Data for this purpose where required to comply with AML Laws.

To conduct sanctions and anti-money laundering checks

Fisher Investments Europe uses name, date of birth and address to conduct sanctions checks, and anti-money laundering and anti-terrorist financing screens, which may reveal data concerning criminal convictions or offences.

Fisher Investments Europe can use Personal Data for this purpose where required to comply with AML Laws.

To offer third party products or services

Fisher Investments Europe can use Personal Data for this purpose because it is necessary to perform a contract to which the Individual is a party or to take steps at the request of the Individual prior to entering into a contract.

To record telephone calls

Fisher Investments Europe can use Personal Data for this purpose where required to comply with MiFID II and CDR 2017/565 requirements.

To carry out direct marketing

This includes sending mail and emails to Individuals on lists rented from third party list vendors. It also includes following up and sending promotional material by email, phone or mail to Individuals who requested informational materials and ongoing insights on financial matters and investment management services.

Fisher Investments Europe can use Personal Data for marketing to Individuals on lists where Individuals have consented to it.

Fisher Investments Europe can use Personal Data for marketing to Individuals who requested informational materials and ongoing insights from Fisher Investments Europe where Individuals have consented to it.

In addition, Fisher Investments Europe can use Personal Data for marketing to Individuals who previously requested informational materials from Fisher Investments Europe or its affiliates (collectively, the “Fisher Group”) because it is in Fisher Investments Europe’s legitimate interest to promote its business to such interested Individuals.

To optimise marketing

This includes analysing website visits to Fisher Investments Europe’s websites and the number of clicks through the pages to request informational materials. It also includes using cookies to display Fisher Investments Europe’s online advertisements to individuals who may be more likely to be interested.

Fisher Investments Europe does not collect or receive any Personal Data, including IP addresses, with its cookies. Fisher Investments Europe can use cookies for this purpose where Individuals have consented to them.

To conduct market research

This includes conducting market research to ask Individuals about their marketing, investment and servicing preferences.

Fisher Investments Europe can use Personal Data for this purpose where Individuals have consented to it.

To keep records

Fisher Investments Europe can use Personal Data for this purpose to comply with applicable financial services laws and regulations (including, without limitation, MiFID II, CDR 2017/565 and laws and regulations of the Central Bank of Ireland (“CIB”)) (“Financial Services Laws”), the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and local laws implementing GDPR, AML Laws, and other applicable laws and regulations (collectively, “Applicable Law”).

In addition, Fisher Investments Europe can use Personal Data for this purpose beyond the legally mandated record retention period because it is in Fisher Investments Europe’s legitimate interest to keep data for as long as the statute of limitations so that Fisher Investments Europe can enforce and defend its legal rights.

To share data with regulators and law enforcement officials

This includes sharing information with the CIB, the Data Protection Commission (“DPC”), the Office of the Revenue Commissioners, other applicable regulatory and law enforcement bodies, and similar authorities and bodies of the Fisher Group, as required.

Fisher Investments Europe can use Personal Data for this purpose where required to comply with Applicable Law.

To meet Fisher Investments Europe’s obligations under Applicable Law

This includes reviewing Personal Data as Fisher Investments Europe carries out its conduct of business obligations, including monitoring the advice process, supervising its representatives, and carrying out its compliance plan.

Fisher Investments Europe can use Personal Data for this purpose where required to comply with Applicable Law.

To share data with courts and tribunals

Fisher Investments Europe can use Personal Data for this purpose because it is in Fisher Investments Europe’s legitimate interests to enforce and defend its legal rights.

To train internal staff

Fisher Investments Europe can use Personal Data for this purpose because it is in Fisher Investments Europe’s legitimate interest to train its workforce to offer the best possible service.

To contact service providers and vendors

This includes contacting business contacts at service providers and vendors using their business contact information, including name, title, telephone number and email address.

Fisher Investments Europe can use Personal Data for this purpose for its legitimate interest in contacting its service providers and vendors.

To suppress Individuals from being contacted

Fisher Investments Europe can use Personal Data for this purpose because it is in Fisher Investments Europe’s legitimate interest to refrain from contacting Individuals who have requested not to be contacted or who Fisher Investments Europe believes should not be contacted.

Where Fisher Investments Europe has relied upon its ‘legitimate interests’ as a legal basis for a particular purpose, it has performed a ‘balancing test’ to ensure that Individuals’ rights and interests are taken into account when their Personal Data is used. Further information on the balancing test can be obtained by contacting Fisher Investments Europe’s Data Protection Officer.

b.      If Individuals fail to provide Personal Data

Where Fisher Investments Europe needs to collect Personal Data to comply with a legal obligation, or under the terms of a contract Fisher Investments Europe has with an Individual or at the request of an Individual prior to entering a contract, and the Individual does not provide such data, Fisher Investments Europe may not be able to provide services and may need to cancel the contract. Similarly, if an Individual does not consent to providing Health Data for the purpose described above, Fisher Investments Europe may not be able to provide services and may need to cancel the contract. Fisher Investments Europe will notify the Individual if this is the case at the time. If an Individual requesting informational materials and ongoing insights does not consent to receiving the same, Fisher Investments Europe will not be able to provide such materials and insights.

4.      ‘Special Category Personal Data’ and Data Relating to Criminal Convictions

“Special Category Personal Data” includes data which reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership. It also includes genetic data, biometric data for the purpose of uniquely identifying an Individual, data concerning health or data concerning an Individual’s sex life or sexual orientation.

As noted above, Fisher Investments Europe collects and uses Health Data to assess suitability with consent of the Individual. In addition, Fisher conducts sanctions and anti-money laundering checks to comply with AML Laws, which may reveal data concerning criminal convictions or offences. The collection or use of any other types of Special Category Personal Data will only be with consent of the Individual.

5.      Fisher Investments Europe’s Sharing of Personal Data

a.      Who will Fisher Investments Europe share data with?

Fisher Investments Europe will not sell or lease Individuals’ Personal Data to third parties.

For the purposes listed in Section 3 above, Fisher Investments Europe may share Personal Data with:

  • Fisher Group companies, including:
    • Fisher Investments (“FI”), Fisher Investments Europe’s parent company in the United States;
    • Fisher Investments Europe Limited, trading as Fisher Investments UK (“FI UK”), a wholly-owned subsidiary of FI in the UK; and
    • Fisher Investments Luxembourg, Sàrl (“FIL”), a wholly-owned subsidiary of FI in the EU.

FI, FI UK and/or FIL (the “Outsourced Fisher Companies”) act as service providers of marketing, human resources, finance, information technology, legal support services, and investment sub-management and trading functions to Fisher Investments Europe. In these capacities, all data collected and used by Fisher Investments Europe will be accessible by the Outsourced Fisher Companies. For clients, Fisher Investments Europe obtains their consent in order to share Personal Data with the Outsourced Fisher Companies. In addition, Fisher Investments Europe has put in place safeguards in the form of Model Clauses with Outsourced Fisher Companies located outside the EEA, as described below.

  • Fisher Investments Europe-authorised vendors, service providers, agents and representatives. These organisations are as follows:
    • Custodians that hold custody of Individuals’ assets managed by Fisher Investments Europe, as well as custodians, brokers and dealers that execute trade order instructions for Individual clients of Fisher Investments Europe. The custodians holding Individuals’ assets will also have a direct contractual relationship with the Individuals whose assets they hold. Such custodians are generally located in the EEA and are subject to applicable Financial Services Laws. If an Individual requests an account held by a custodian located in the United States, Fisher Investments Europe will transfer Personal Data in connection with such account only with consent of the Individual.
    • Regulatory DataCorp, Inc. (“RDC”) and Tracesmart Ltd. (“TraceSmart”), which carry out the sanctions and anti-money laundering checks on behalf of Fisher Investments Europe as described above in Section 3. RDC is located in the United States; accordingly, Fisher Investments Europe has put in place safeguards in the form of Model Clauses with RDC as described below. TraceSmart is based in the UK.
    • Information technology security providers, such as internet firewall and malware detection providers. Such providers are generally located in the United States; accordingly, Fisher Investments Europe has ensured such providers have safeguards in the form of Model Clauses as described below or are Privacy Shield certified.
    • Direct marketing agents and service providers, including website host companies that collect Personal Data on behalf of Fisher Investments Europe from Individuals interested in Fisher Investments Europe’s informational materials, calling service providers that follow up with Individuals who have expressed an interest in Fisher Investments Europe’s informational materials, merge-purge service providers that ensure mailing lists are accurate, and mailing service providers that send mail to Individuals on behalf of Fisher Investments Europe. Such agents and service providers may be located either within or outside the EEA; Fisher Investments Europe has put in place safeguards in the form of Model Clauses with those located outside the EEA as described below.
    • Providers of third party professional advice, such as lawyers and auditors.
    • Regulators (such as the CIB and DPC) and law enforcement organisations, as described above in Section 3.
    • If Fisher Investments Europe sells, transfers or merges part or all of its business, or attempts to do so, then third parties may receive Personal Data.

b.      What safeguards are in place where data is transferred outside of the EEA?

Where data is transferred by Fisher Investments Europe to FI, Individuals’ data will be transferred to the United States, where the laws do not provide the same level of data protection as the country in which the Individual initially provided the data. Fisher Investments Europe will therefore make the transfer in accordance with the European Commission Standard Contractual Clauses (“Model Clauses”). The European Commission has determined that the Model Clauses offer sufficient safeguards to protect Individuals’ privacy and their fundamental rights and freedoms, including the ability to exercise their rights. For more information on EU Standard Data Protection Clauses please visit https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en. Furthermore, as described above, some of the third party service providers that process Personal Data on behalf of Fisher Investments Europe are located in countries outside the EEA that have not been recognised by the European Commission as providing an adequate level of data protection. In these cases, Fisher Investments Europe has put in place measures to ensure that Individuals’ Personal Data is adequately protected, including by having the third party service provider entering into Model Clauses or by ensuring that the third party service provider is certified to the EU-US Privacy Shield. Please contact Fisher Investments Europe using the contact details in Section 1 above with any questions about the safeguards in place to protect Personal Data when transferred outside the EEA (including how to obtain a copy or consult these safeguards).

6.      Consent

In accordance with applicable data protection laws, Individuals who consent to Fisher Investments Europe using their Personal Data may contact Fisher at any time to say that they withdraw that consent, and that they do not want their Personal Data to be used for those purposes. Individuals may do so by contacting Fisher Investments Europe using the details set out in Section 1 above.

When doing so, Individuals should:

  • ensure that a full name and address and/or email address is provided in exactly the form in which it was originally provided to Fisher Investments Europe to avoid any possible confusion with a different Individual; and
  • ensure that the particular uses for which consent is being withdrawn are specified. The uses for which Fisher Investments Europe relies on consent are set out in Section 3 above.

Individuals may also unsubscribe from direct email marketing by emailing info@fisherinvestments.ie.

7.      Individuals’ Rights

In accordance with applicable data protection laws, Individuals may exercise rights in relation to the Personal Data that Fisher Investments Europe holds about them.

An Individual’s rights under applicable law may include access to the Personal Data that Fisher Investments Europe processes about the Individual, the right to have such Personal Data corrected or erased, the right to restrict the processing of the Individual’s Personal Data, as well as the right to data portability. Where Fisher Investments Europe has obtained an Individual’s consent for the processing of Personal Data, the Individual has the right to withdraw consent at any time. This will not affect the lawfulness of the processing that has happened based on consent prior to the withdrawal. An Individual also has the right to object, at any time, to the processing of Personal Data which is based on Fisher Investments Europe’s legitimate interests. Where Fisher Investments Europe processes Personal Data for direct marketing purposes, an Individual has the right to object at any time to such processing, including for profiling purposes to the extent that it is related to direct marketing. If an Individual objects to processing for direct marketing purposes, Fisher Investments Europe will no longer process the Individual’s Personal Data for such purposes.

To exercise these rights, Individuals should contact Fisher Investments Europe using the contact details set out in Section 1 above. In each case, Individuals should ensure that the full name and address and/or email address are provided in exactly the form in which they were originally provided to Fisher Investments Europe to avoid any possible confusion with a different Individual. If Individuals are not satisfied with the way Fisher Investments Europe handles the request, they may lodge a complaint with the supervisory authority in their country of residence.

8.      Security

Fisher Investments Europe is committed to ensuring that Personal Data is secure. In order to prevent unauthorised access or disclosure, Fisher Investments Europe has put in place suitable physical, electronic and managerial procedures to safeguard and secure Personal Data collected. Fisher Investments Europe uses encryption when collecting or transferring sensitive data.

9.      Cookies

For further information on cookies and how to manage them, please click here.

A cookie is a small text file with an identification tag that is created and downloaded to a user’s computer (or other device) when accessing websites that use cookies. Cookies allow a website to, among other things, store and retrieve information about a user’s online activity, browsing habits of a user or user’s computer (or other device) and, depending on the information they contain and the way a user uses a computer (or other device), may be used to recognise the user. 

Cookies can be categorised by who places them:

  • First-party cookies: These cookies are downloaded to a user’s computer (or other device) from a computer or domain managed by the publisher of the website whose service the user is requesting.
  • Third-party cookies: These cookies are downloaded to a user’s computer (or other device) from a server or domain that is not managed by the publisher of the website, but by another entity that may be seeking data obtained through cookies.

Cookies can also be categorised by their duration:

  • Session cookies: These cookies are designed to collect and store data while the user accesses a website. They are often used to store information for the duration of a visit to the website (e.g. what account user is logged into). Once a user leaves the website, the session cookie is deleted.
  • Persistent cookies: These cookies store data on the user’s computer (or other device) for the duration period set within the cookie’s file, which is determined by the entity controlling the cookie and can range from a few minutes to several years, or until the user manually deletes them.

Lastly, cookies can be categorised by the function they serve. Fisher Investments Europe uses the following types of first- and third-party cookies:

a.      Functionality Cookies

Fisher Investments Europe uses functionality cookies to keep track of whether or not a user has consented to have other types of cookies placed on their computer (or other device) and, if the user has consented, to note when consent was obtained. Functionality cookies do not collect any Personal Data. Enabling functionality cookies may be necessary to access the full content of website material.

b.      Personalisation Cookies

Personalisation cookies allow the website to remember information that changes the page’s appearance or behaviour, such as, for example, the language selected for viewing the page.

c.       Analytics Cookies

Analytics cookies analyse site statistics and how users browse the Fisher Investments Europe websites and enable Fisher Investments Europe to measure the number of visitors to the website, as well as to measure and analyse how users interact with the website. This information is used to improve Fisher Investments Europe’s websites and the products or services offered.

d.      Behavioural Cookies

Fisher Investments Europe serves advertisements on various websites using third-party companies. If a user visits a Fisher Investments Europe website or clicks on one of Fisher Investments Europe’s advertisements, behavioural cookies will be placed on the user’s computer (or other device). Behavioural cookies allow Fisher Investments Europe to manage and optimise its digital marketing (e.g. banner ads, pages offering informational brochures, email campaigns, etc.). Behavioural cookies may be used to build a user profile to provide users with content more relevant to their interests. They adapt advertising and the content users see on other websites based on their browsing habits, including how users navigate the Fisher Investments Europe websites and other websites that the user may visit, as well as how users interact with internet advertising.

Fisher Investments Europe uses the third party personalisation, analytics and behavioural cookie services provided by the companies below and these companies may have access to information collected by the cookies. More information about these cookies can be found here.

  • Adobe Analytics
  • Adobe Marketing Cloud ID Service
  • Amazon Advertising
  • DoubleClick Floodlight
  • Facebook
  • Google Adwords
  • Google Universal Analytics
  • LiveIntent
  • Outbrain
  • Pingdom
  • Selligent
  • Yahoo Advertising
  • Tealium
  1. 10.  How to Manage Cookies

A user can manage cookie preferences for the Fisher Investments Europe websites by using Fisher Investments Europe’s online cookie preference tool at .

Some browsers have a “Do Not Track” setting that allows users to send a signal to the websites they visit that the user does not wish to be tracked. Fisher Investments Europe’s website may not respond to these signals.

11.  How Long Fisher will keep Data for

Information of Individuals that are clients of Fisher Investments Europe (meaning any Individual who has received an investment strategy recommendation or has retained Fisher Investments Europe as discretionary investment manager) will be kept for the duration of the client relationship plus ten years in order for Fisher Investments Europe to satisfy its recordkeeping obligations under applicable Financial Services Laws, as well as to enforce or defend its legal rights. Information on identity verification and sanctions and anti-money laundering checks will be kept for the duration of the client relationship plus five years in order for Fisher Investments Europe to satisfy its recordkeeping obligations under applicable AML Laws. Recordings of telephone calls will be retained for a period of five years in order for Fisher Investments Europe to satisfy its recordkeeping obligations under applicable Financial Services Laws. Information of Individuals will be kept for a period of five years from the date the Individual consented to direct marketing or until the Individual requests earlier erasure of their information. However, where an Individual consents to have their information retained by the Company to receive ongoing information and insights (subscription) from the Company, their information will be kept until they opt out unless they did not receive a regular opportunity to opt out in which case such information will be retained for five years from consent. In some cases, such general retention periods may be extended for up to ten years for some Individuals who are in more advanced discussions with Fisher Investments Europe or have had regular interactions or meetings with Fisher Investments Europe about its investment management services, unless the Individual requests earlier erasure of their information. Information collected for the purposes of conducting market research will be kept for up to two years following such research, unless the Individual requests earlier erasure of their information. Contact information for vendors/service providers and contact information for Individuals on suppression lists (i.e. name, address, email address and/or phone number) will be retained indefinitely.

12.  Questions and Complaints

If Individuals have any questions or complaints in relation to Fisher Investments Europe’s data protection practices, Fisher Investments Europe encourages Individuals to get in contact using the contact details set out in Section 1 above. Individuals also have the right to lodge a complaint with a data protection authority where they believe that Fisher Investments Europe has infringed data protection rules. In particular, this complaint can be made to the data protection authority in the country in which that Individual usually lives, usually works, or the country where the Individual believes the infringement took place.

13.  Changes to Privacy & Cookie Policy

From time to time, Fisher Investments Europe may use Personal Data for new, unanticipated uses not previously disclosed in this Policy to the extent permitted by law. If its practices regarding Personal Data change at some time in the future, Fisher Investments Europe will post the policy changes to https://www.fisherinvestments.com/en-ie/privacy and notify Individuals of these changes and provide the ability to “opt out” or unsubscribe from these new uses.

 

Fisher Investments Europe
Employee and Contractor Privacy Policy

Last Updated: January 2019


1.      General

This Employee and Contractor Privacy Policy (“Policy”) describes how Fisher Investments Ireland Limited, trading as Fisher Investments Europe, and its branches (collectively, the “Company”), uses information about employees (“Employees”) and contractors including tied agents (collectively, “Contractors”). Employees and Contractors together include current, former, prospective/candidate, permanent or temporary employees and contractors of the Company.

In this Policy, “Personal Data” means any information about Employees or Contractors who are identified or identifiable. The Company is committed to fulfilling its obligations under the applicable data protection laws in respect of all processing of Personal Data in connection with its business. This Policy does not distinguish between manual and electronic Personal Data.

This Policy may be updated from time to time, should it become necessary to do so.

The Company can be contacted about this Policy using the following details:

Fisher Investments Ireland Limited
trading as Fisher Investments Europe
Attn: Frank Nies, Data Protection Officer
3 George’s Dock
International Financial Service Centre
Dublin 1
D01 X5X0 Ireland
privacy@fisherinvestments.ie
+1 650 851 3334

2.      Types of Employee and Contractor Personal Data

The Company processes the following types of Employee and Contractor Personal Data for the purposes set out in this Policy:

  • records of work history (including internal and external work history and references), education and qualifications (including information provided on an application or CV);
  • identification data (e.g. name, photograph, address, identification numbers);
  • contact details (e.g. name, address, email address, telephone number)
  • contact information of spouse / partner / dependent(s) and emergency contact details;
  • date and place of birth and nationality;   
  • marital status;
  • background check information, which may reveal data concerning criminal convictions or offences;
  • bank details and account numbers;
  • compensation, fees, bonus or incentive information, tax rates and withholding information (including invoices, amounts paid or withheld, the frequency and currency of payments);
  • expense reimbursements (including receipts and amounts paid)
  • Employee benefits information (e.g. health insurance, pension contributions) (including amounts paid, the frequency and currency of payments);
  • records of performance (including evaluations of competence, ongoing supervision and monitoring under financial services regulations, economic viability and ratings, complaints, grievances, and disciplinary records);
  • information relating to Employee absences from work;
  • information relating to Employees’ mental and physical health and mental or physical disabilities (collectively, “Health Data”);
  • information relating to Employees’ religious beliefs and trade union membership;
  • general organisational data (such as department, work location, job title and seniority);
  • information technology data (e.g., passwords, access rights and usage data);
  • recordings of telephone calls made by certain representatives of the Company;
  • photographic and video images; and
  • other data that the Employee or Contractor provides to the Company or its affiliates (collectively, the “Fisher Group”).

Personal Data are collected from a variety of sources, but mainly from Employees and Contractors themselves. In addition, the Company collects reference check information from previous employers of (or companies to which services were provided by) Employees and Contractors. Background check information, which may reveal data concerning criminal convictions or offences, is collected from Sterling Talent Solutions UK Limited (“Sterling”), a background checking firm located in the UK that collects Personal Data from both public and private sources with consent of the Employee or Contractor.

3.      The Company’s Use of Employee and Contractor Personal Data

a.      Purposes and Lawful Bases

Employee and Contractor Personal Data may be processed by the Company for the following purposes:

Purpose for which the Company uses Personal Data

Legal Basis upon which the Company relies

To manage the recruitment process

This includes making decisions about hiring Employees or engaging Contractors.

The Company can use Personal Data for this purpose because it is necessary to take steps at the request of the Employee or Contractor prior to entering into a contract.

To perform background checks on Employee or Contractor candidates

The Company uses name, date of birth and address to conduct background checks on Employees or Contractors, which may reveal data concerning criminal convictions or offences.

The Company can use Personal Data for this purpose where required to comply with the Markets in Financial Instruments Directive 2014/65/EU (“MiFID II”), other applicable financial services laws and regulations, and local rules of the Central Bank of Ireland (“CIB”) and other applicable financial services regulators (collectively, “Financial Services Laws”).

To verify identity and work authorisation

The Company can use Personal Data for this purpose where required to comply with employment and immigration laws.

To market employment opportunities at the Company

This includes contacting Employee or Contractor candidates by email, phone or mail who have consented to be considered for future employment/engagement opportunities.

The Company can use Personal Data for this purpose with the consent of the Employee or Contractor.

To make decisions about Employees’ or Contractors’ fitness for work

This includes making decisions about Employees’ or Contractors’ competence and qualifications to carry out regulated roles.

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws.

To administer the Company’s relationship with Employees and Contractors

This includes administering payroll, processing invoices and reimbursements

The Company can use Personal Data for this purpose because it is necessary to perform a contract to which the Employee or Contractor is a party.

To fulfilling social security and tax obligations

The Company can use Personal Data for this purpose where required to comply with social security and tax laws.

To provide and administer benefits

This includes, if relevant, pension, medical insurance and similar benefits.

The Company can use Personal Data for this purpose because it is necessary to perform the employment contract to which the Employee is a party.

To obtain work authorisation/visas for Employees

The Company can use Personal Data for this purpose because it is necessary to take steps at the request of the Employee.

To evaluate performance

This includes monitoring performance for management purposes, carrying out performance reviews, and making decisions about discipline and termination of Employees and Contractors.

The Company can use Personal Data for this purpose because it is in the Company’s legitimate interest to evaluate its workforce, and to give Employees or Contractors opportunities to improve performance.

To administer Employees’ sick leave and absence

The Company may ask for, and Employees may need to provide, Health Data where such information impacts the Employee’s ability to perform his or her role.

The Company can use Personal Data for this purpose where required to comply with employment laws.

To accommodate religious requests

The Company does not ask for this type of Personal Data, but it may be provided by an Employee as part of a request for religious accommodation.

The Company can use Personal Data for this purpose because it is necessary to take steps at the request of the Employee.

To record telephone calls

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws.

To monitor systems and Employees and Contractors

This includes monitoring the advice process, supervising its representatives, including monitoring Employees’ and Contractors’ activities as recorded on computer, telecommunications and security systems (including emails and voicemail.), and carrying out the Company’s compliance plan.

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws.

To provide references to future employers and other third parties

This includes providing employment/earnings confirmation letters to banks, mortgage lenders and landlords at the request of the Employee or Contractor.

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws or at the request of the Employee or Contractor.

To providing information to governmental and quasi-governmental bodies and law enforcement agencies for regulatory, social security, taxation and other purposes

This includes providing information to applicable financial services regulators and investigating alleged fraud, money laundering and similar offences.

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws, anti-money laundering laws, social security or tax laws, or other applicable laws or regulations.

To keep records

The Company can use Personal Data for this purpose where required to comply with Financial Services Laws, anti-money laundering laws, social security or tax laws, or other applicable laws or regulations.

In addition, the Company can use Personal Data for this purpose beyond the legally mandated record retention period because it is in the Company’s legitimate interest to keep data for as long as the statute of limitations so that the Company can enforce and defend its legal rights.

To share data with courts and tribunals

The Company can use Personal Data for this purpose because it is in the Company’s legitimate interests to enforce and defend its legal rights.

To use photos and contact information to enable effective communication across the Fisher Group

The Company can use Personal Data for this purpose because it is in the Company’s legitimate interests to ensure effective communication across the Fisher Group.

To train, survey, analyse, recognise and reward Employees and Contractors

The Company can use Personal Data for this purpose because it is in the Company’s legitimate interests.

To use images and recordings to promote the Company in internal and external materials and advertising

The Company can use Personal Data for this purpose with the consent of the Employee or Contractor.

 

Where the Company has relied upon its ‘legitimate interests’ as a legal basis for a particular purpose, it has performed a ‘balancing test’ to ensure that Employees’ and Contractors’ rights and interests are taken into account when their Personal Data is used. Further information on the balancing test can be obtained by contacting the Company’s Data Protection Officer.

b.      If Employees/Contractors fail to provide Personal Data

Failure of an Employee or Contractor to provide Personal Data to the Company, in whole or in part, could make it impossible for the Company to fulfil some or all of its obligations towards the Employee or Contractor, such as payment of compensation or fees, calculation of withholdings, or consideration of an employment application.

4.      The Company’s Sharing of Personal Data

a.      Who will the Company share Personal Data with?

Employee and Contractor Personal Data may be disclosed to the extent necessary for the purposes in Section 3 to the following recipients:

  • Fisher Group companies, including:
    • Fisher Investments (“FI”), the Company’s parent company in the United States;
    • Fisher Investments Europe Limited, trading as Fisher Investments UK (“FIUK”), a wholly-owned subsidiary of FI in the UK; and
    • Fisher Investments Luxemborg, Sàrl (“FIL”), a wholly-owned subsidiary of FI in the EU.

FI, FI UK and/or FIL (the “Outsourced Fisher Companies”) act as service providers of marketing, human resources, finance, information technology, legal support services, and investment sub-management and trading functions to the Company. In these capacities, all data collected and used by the Company will be accessible by the Outsourced Fisher Companies. The Company ensures adequate safeguards in the form of Model Clauses with Outsourced Fisher Companies located outside the EEA, as described below.

  • Company-authorised vendors, service providers, agents and representatives. These are as follows:
  • Future employers requesting reference checks and third parties (including banks, mortgage lenders and landlords) to which the Employee or Contractor has requested the Company provide an employment/earnings confirmation letter.
  • Courts and tribunals, as described above in Section 3.
  • Regulators (including the relevant financial regulators), tax authorities, other government agencies and law enforcement organisations, as described above in Section 3.
  • If the Company sells, transfers or merges part or all of its business, or attempts to do so, then third parties may receive Personal Data.
    • Other Contractors of the Fisher Group who have access to Company systems, including email, and receive emails that may include Personal Data of Employees or Contractors. All Contractors who may access such Personal Data are located in the EEA and are registered with the financial service regulators in the countries where they interact with individuals on behalf of the Fisher Group.
    • Workday, Inc. (“Workday”), which provides the Company’s cloud-based human resources administration system. Workday is located in the United States; accordingly, the Company ensures adequate safeguards in the form of Workday’s Privacy Shield certification, as described below.
    • iCIMS, Inc. (“iCIMS”), which provides the Company’s cloud-based candidate administration system. iCIMS is located in the United States; accordingly, the Company ensures adequate safeguards in the form of Model Clauses with iCIMS, as described below.
    • ADP International Services B.V. (“ADP”) and ADP partners, which process payroll and payments on the Company’s behalf. ADP and its partners are located in the EEA.
    • Providers of the Company’s employee benefit programmes. Such service providers are located in the EEA, UK and/or United States. For those providers located outside the EEA, the Company ensures an Adequacy Decision or adequate safeguards in the form of Model Clauses or Privacy Shield certification, as described below.
    • Service providers that carry out checks and assessments at the request of the Company, including Sterling, a background check firm located in the UK. In some cases Sterling may use the services of its affiliates located outside the EEA. For Sterling and its affiliates located outside the EEA, the Company ensures an Adequacy Decision or adequate safeguards in the form of Model Clauses or Privacy Shield certification, as described below.
    • Service providers that assist Employees with work authorisation/visas and/or relocation, including Newland Chase Limited, a global immigration consultant headquartered in the UK, and Crown Worldwide Limited, a global relocation specialist located in the United States. The Company ensures an Adequacy Decision or adequate safeguards in the form of Model Clauses or Crown’s Privacy Shield certification, as described below.
    • Vendors providing training or firm events, which may receive names and/or Company email addresses of Employees or Contractors. Such vendors are generally located in the EEA. For any such vendors located outside the EEA, ensures an Adequacy Decision or adequate safeguards in the form of Model Clauses or Privacy Shield certification, as described below.
    • Photographers and videographers capturing images of Employees or Contractors. Such photographers and videographers are generally located in the EEA. To the extent they are located outside the EEA, the Company ensures an Adequacy Decision or adequate safeguards in the form of Model Clauses or Privacy Shield certification, as described below.
    • Providers of third party professional advice, such as lawyers and auditors.
  • Future employers requesting reference checks and third parties (including banks, mortgage lenders and landlords) to which the Employee or Contractor has requested the Company provide an employment/earnings confirmation letter.
  • Courts and tribunals, as described above in Section 3.
  • Regulators (including the relevant financial regulators), tax authorities, other government agencies and law enforcement organisations, as described above in Section 3.
  • If the Company sells, transfers or merges part or all of its business, or attempts to do so, then third parties may receive Personal Data.

b.      What safeguards are in place where data is transferred outside of the EEA?

Where data is transferred to FI, the Company’s parent, Employee and Contractor Personal Data will be transferred to the United States, where the laws do not provide the same level of data protection as the country in which the Employee or Contractor initially provided the data. The Company will therefore make the transfer in accordance with the European Commission Standard Contractual Clauses (“Model Clauses”). The European Commission has determined that the Model Clauses offer sufficient safeguards to protect individuals’ privacy and their fundamental rights and freedoms, including the ability to exercise their rights. For more information on EU Standard Data Protection Clauses please visit https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

Where data is transferred to FIUK, the Company’s affiliate, Employee and Contractor Personal Data will be transferred to the United Kingdom, where the European Commission may have issued a decision that the laws of the jurisdiction provide an adequate level of data protection (an “Adequacy Decision”). In the event the European Commission does not issue an Adequacy Decision for the UK, the Company will make the transfer in accordance with Model Clauses.

As described above, some of the third party service providers that process Personal Data on behalf of the Company are located in countries outside the EEA that do not have an Adequacy Decision. In these cases, the Company has put in place or ensured there are measures to ensure that Personal Data is adequately protected, including by having the third party service provider enter into Model Clauses or by ensuring that the third party service provider is certified to the EU-US Privacy Shield. Please contact the Company using the contact details in Section 1 with any questions about the safeguards in place to protect Personal Data when transferred outside the EEA (including how to obtain a copy or consult these safeguards).

5.     Consent

In accordance with applicable data protection laws, Employees and Contractors who consent to the Company using their Personal Data may withdraw that consent at any time. Employees and Contractors may do so by contacting the Company using the details set out in Section 1 above.

6.      Rights of Employees and Contractors

In accordance with applicable data protection laws, Employees and Contractors may exercise rights in relation to the Personal Data that the Company holds about them.

An Employee’s or Contractor’s rights under applicable law may include access to the Personal Data the Company processes about them, the right to have such Personal Data corrected or erased, the right to restrict the processing of their Personal Data, as well as the right to data portability. Where the Company has obtained the Employee’s or Contractor’s consent for the processing of Personal Data, the Employee or Contractor has the right to withdraw consent at any time. This will not affect the lawfulness of the processing that has happened based on consent prior to the withdrawal. An Employee or Contractor also has the right to object, at any time, to the processing of Personal Data which is based on the Company’s legitimate interests. Where the Company processes an Employee’s or Contractor’s personal data for direct marketing purposes, the Employee or Contractor has the right to object at any time to such processing, including for profiling purposes to the extent that it is related to direct marketing. If an Employee or Contractor objects to processing for direct marketing purposes, the Company will no longer process their Personal Data for such purposes.

To exercise these rights, Employees and Contractors should contact the Company using the contact details set out in Section 1 above.

It is every Employee’s and Contractor’s responsibility to provide the Company with accurate Personal Data and to inform the Company of any changes (e.g. new home address or change of name).

7.      Security

The Company and the Fisher Group have put in place adequate security measures to ensure (a) there is no unauthorised access to, or amendment or deletion of, personal data, and (b) access is only be granted to appropriate persons when and to the extent necessary (this entails the use of appropriate password protection for computer held databases and appropriately secured areas, or locked cabinets for manual files).

8.      Cookies

The website used by the Company for Employee and Contractor positions (i.e. hosted by iCIMS) uses only first- and third-party functional session cookies, as described below. The Company’s main websites for clients, prospective clients and general website users uses additional cookies. By visiting such other websites, Employees and Contractors will be subject to the Privacy & Cookie Policy disclosed on such websites.

A cookie is a small text file with an identification tag that is created and downloaded to a user’s computer (or other device) when accessing websites that use cookies. Cookies allow a website to, among other things, store and retrieve information about a user’s online activity, browsing habits of a user or user’s computer (or other device) and, depending on the information they contain and the way a user uses a computer (or other device), may be used to recognise the user. 

Cookies can be categorised by who places them:

  • First-party cookies: These cookies are downloaded to a user’s computer (or other device) from a computer or domain managed by the publisher of the website whose service the user is requesting.
  • Third-party cookies: These cookies are downloaded to a user’s computer (or other device) from a server or domain that is not managed by the publisher of the website, but by another entity that may be seeking data obtained through cookies.
  • Session cookies: These cookies are designed to collect and store data while the user accesses a website. They are often used to store information for the duration of a visit to the website (e.g. what account user is logged into). Once a user leaves the website, the session cookie is deleted.
  • Persistent cookies: These cookies store data on the user’s computer (or other device) for the duration period set within the cookie’s file, which is determined by the entity controlling the cookie and can range from a few minutes to several years, or until the user manually deletes them.

Cookies can also be categorised by their duration:

Lastly, cookies can be categorised by the function they serve. The Company uses the following types of first- and third-party cookies:

a.      Functionality Cookies

Functionality cookies can keep track of whether or not a user has consented to have other types of cookies placed on their computer (or other device) and, if the user has consented, to note when consent was obtained. Functionality cookies do not collect Personal Data. Enabling functionality cookies may be necessary to access the full content of website material. Functionality cookies may also include authentication cookies.

b.      Personalisation Cookies

  • Personalisation cookies allow the website to remember information that changes the page’s appearance or behaviour, such as, for example, the language selected for viewing the page.

c.       Analytics Cookies

Analytics cookies analyse site statistics and how users browse the website and enable measuring the number of visitors to the website, as well as to measure and analyse how users interact with the website. This information can be used to improve the website and the products or services offered.

d.      Behavioural Cookies

Behavioural cookies can include behavioural advertising cookies, allowing advertisements on various websites using third-party companies. If a user visits a website or clicks on one an advertisement that uses behavioural cookies, a behavioural cookie will be placed on the user’s computer (or other device). Behavioural cookies allow a company to optimise its advertising. Behavioural cookies may also be used to build a user profile to provide users with content more relevant to their interests. They adapt advertising and the content users see on other websites based on their browsing habits, including how users navigate the website and other websites that the user may visit, as well as how users interact with internet advertising.

9.      How Long the Company will Keep Data for

Information of Employees and Contractors who have entered into an employment or Contractor agreement with the Company will be kept for the duration of the employee/contractor relationship plus seven years in order for the Company to satisfy its recordkeeping obligations under applicable tax laws and Financial Services Laws, as well as to enforce or defend its legal rights. However, information of Employees or Contractors that forms part of the records of clients may need to be kept for a longer period to satisfy the Company’s recordkeeping obligations under Financial Services Laws with respect to such client records as set out in the Company’s Privacy & Cookie Policy. Recordings of telephone calls will be retained for a period of five years in order for the Company to satisfy its recordkeeping obligations under applicable Financial Services Laws. Information of Employee and Contractor candidates will be kept for a period of one year from the date the open position is closed. However, where an Employee or Contractor candidate consents to have their information retained by the Company for consideration for future positions with the Company, their information will be kept for five years unless the Employee or Contractor requests earlier erasure of their information.

10.  Questions and Complaints

If Employees or Contractors have any questions or complaints in relation to the Company’s data protection practices, the Company encourages them to get in contact using the contact details set out in Section 1 above. Employees and Contractors also have the right to lodge a complaint with a data protection authority where they believe that the Company has infringed data protection rules. In particular, this complaint can be made to the data protection authority in the country in which that Employee or Contractor usually lives, usually works, or the country where the Employee or Contractor believes the infringement took place.

Investing in financial markets involves the risk of loss and there is no guarantee that all or any capital invested will be repaid. Past performance neither guarantees nor reliably indicates future performance. The value of investments and the income from them will fluctuate with world financial markets and international currency exchange rates.