PRIVACY POLICY
Who We Are
ARGA Investment Management, LP (“ARGA”) is an investment adviser registered with the United States Securities and Exchange Commission. ARGA is also registered in certain Canadian jurisdictions as an investment adviser. Our office is located at 1010 Washington Boulevard, 6th Floor, Stamford, Connecticut, 06901, U.S.A. In addition to our US headquarters, we have an affiliate office in Chennai, India and a client-focused office in the UK.
Our Commitment to You
ARGA and its affiliates (collectively “ARGA”, “we”, “us” or “our”) are committed to protecting the privacy, security and confidentiality of your Personal Information (as described below) and ensuring that such information is used for legitimate business purposes. This Privacy Notice describes the types of Personal Information we collect from you, how we use your information, with whom we share it, how we protect it, and the choices available to you regarding our use of your information. We do not disclose your Personal Information except as permitted by you, required by law or as otherwise detailed herein.
We have appointed a Chief Privacy Officer (“CPO”) to oversee privacy governance at ARGA, including the development of policies, adherence to procedures, training, education and regulatory or legal reporting requirements.
What is Personal Information?
“Personal Information” is any information that identifies you as an individual and includes, but is not limited to, your name, residential address, email address, age, date of birth, financial information and numerical identifiers, such as a social insurance or social security number, passport number or driver’s license number.
You are not required to provide us with any of the Personal Information we request from you. However, if you choose not to provide us with certain information, we may not be able to open or maintain your account or provide you with the services you have requested.
We strive to keep our records as accurate and complete as possible. You can help us maintain the accuracy of your information by notifying us as soon as possible of any changes, deletions or corrections to your Personal Information.
How We Collect Your Personal Information
We typically collect Personal Information:
- Directly from you, the advisers or platforms through whom you invest, or as provided to us by your authorized representatives and other fiduciaries
- Conversations we have with you to discuss your interest in our services and products
- Information you provide through contracts, onboarding forms, applications (such as subscription documents, as applicable in your jurisdiction) or other documents you may submit
- Supplemental requests for Personal Information from time to time
- Information we receive directly from you via our website
- Other contacts and transactions you have with us
Additionally, our website automatically receives and records information from your browser (including your IP address and “cookie” information) to facilitate your use of our website, track usage of our website and to address potential security hazards. We may also, now or in the future, use cookies for certain administrative purposes; for example, to store your preferences for certain kinds of information. A cookie is a small piece of information that a website stores on your computer, which it can later retrieve. None will contain information that will enable anyone to contact you via telephone, email or any other means. If you are uncomfortable with the use of cookie technology, you can set your browser to refuse cookies.
Why We Use Your Personal Information
We collect and maintain Personal Information about you to deliver investment management services or products to you or your clients, to carry out our current or anticipated contractual obligations to you, to pursue our legitimate business interests and to comply with applicable legal or regulatory obligations. The purposes for which we collect and maintain your Personal Information include:
- To establish, administer and service your account and to otherwise perform our contractual obligations to you
- To respond to your inquiries, comments, feedback or questions
- To communicate with you about your account, such as providing you with account statements and tax receipts and provide you with other information such as periodic strategy or market updates and developments
- To send administrative information to you, for example information regarding our services and changes to our terms, conditions and policies
- To establish your identity, where required, to comply with applicable regulatory and legal requirements such as:
- Regulatory obligations to “know-your-client” and, where applicable, assess your suitability
- Anti-money laundering, anti-terrorism and other regulatory verification obligations
- Executing transactions on your behalf
- Verifying, correcting and updating your Personal Information
- If you are applying to work with us or one of our affiliates, to process your employment application
- To safeguard you and our business from errors, fraud and criminal activities
- To defend ourselves against legal or regulatory claims and to enforce legal rights attributable to us
- To comply with other applicable regulatory and legal obligations as they may come into effect from time to time
We limit the Personal Information that we collect from you to only that information that is necessary for us to provide services to you and for third-party providers to provide services to us in connection with your account.
How We Share and Disclose Your Personal Information
We do not share your Personal Information for purposes other than those for which the information was collected. We may disclose your Personal Information to our affiliates and to nonaffiliated third parties (including to those in jurisdictions other than where you reside) when necessary and without further consent, including:
- Agents and service providers who assist us in providing services to you, your clients, the organizations you represent or your organization’s clients (e.g., brokers, custodians for your accounts), assist us in administering and operating our business to meet client and regulatory expectations (e.g., disaster recovery backups, email retention systems), or assist us in communicating with and marketing to you (e.g., CRM systems, Microsoft Office 365). These providers may have access to your Personal Information when needed to perform their functions but are contractually restricted from using it for purposes other than providing services for us or on our behalf.
- Advisers such as accounting, legal and tax advisors relating to the services we provide to you, your clients, the organizations you represent or your organization’s clients, your employer or your employer’s clients.
- Regulatory, tax or other government authorities and agencies, if and when required to do so by law, regulation, or court order, or where requested by a governmental entity or regulatory authority acting within its jurisdiction.
We do not sell, lease or share your Personal Information to third parties for their marketing or other purposes.
How We Protect Your Personal Information
We maintain physical, technological and organizational controls consistent with regulatory standards and appropriate to safeguard your Personal Information from loss, misuse, unauthorized access or disclosure. These include, but are not limited to:
- Restricted physical and system access controls based on “need-to-know”
- Safeguards to detect and prevent security system failures
- Use of secure user authentication protocols for access to records with Personal Information
- Appropriate firewall protection and operating system security patches
- Appropriate system security agent software including malware protection and virus definitions
- Reviewing safeguarding controls of service providers who receive Personal Information as part of the services they provide to us
- Employee training on our privacy obligations
We remain responsible for any Personal Information disclosed to third-party service providers. Where we share your Personal Information with third-party service providers, we consider the adequacy and appropriateness of their internal controls designed to maintain and safeguard your Personal Information and of our contractual arrangements with such providers.
We reserve the right to transfer your Personal Information in the event of a potential or actual sale or transfer of all or a portion of our business or assets (including in the event of a merger, acquisition, joint venture, reorganization, divestiture, spin-off, dissolution or liquidation), subject to the requirement that the party acquiring control of our business must agree to protect the privacy of your Personal Information in a manner that is consistent with our policies and applicable regulatory or legal requirements.
How Long We Maintain Your Personal Information
We maintain your Personal Information for no longer than is necessary for the purposes it was collected or as required by law. Personal Information may be retained beyond the end of our relationship with you to the extent required by legal, governmental or regulatory obligations. However, following the expiry of those obligations and to the extent we have not identified a further need to retain your Personal Information, we will securely destroy your Personal Information in accordance with our policy, applicable laws and regulations.
Your Rights and Choices
You may submit a request regarding your Personal Information, by contacting our Chief Privacy Officer in writing or by email at:
Chief Privacy Officer
ARGA Investment Management, LP
1010 Washington Blvd.
6th Floor
Stamford, CT 06901 USA
(203) 614-0800
privacy@argainvest.com
Additionally, to the extent provided by the law of your jurisdiction, you may contact us in writing or by email to:
- Request a copy of your Personal Information
- Update and/or correct or verify the accuracy and/or completeness your Personal Information
- Request that we restrict or erase your Personal Information, though any such request is subject to the legal and regulatory mandated retention periods applicable to your Personal Information
- Object to the use of, or withdraw any consent given previously to any use and disclosure of, your Personal Information (provided, however, that a withdrawal of consent may adversely impact our ability to provide services and/or offer products to you and could result in the termination of our relationship with you)
- Exercise your right to data portability
- Better understand how we may be using and/or disclosing your Personal Information
To help protect your privacy and maintain your security, we will take all reasonable steps to verify your identity before processing your request.
Children’s Privacy
We do not knowingly solicit or collect personally identifiable information from children under the age of 13 without verifiable parental consent. If we learn that a child under the age of 13 has submitted personally identifiable information online without parental consent, we will take all reasonable measures to delete such information from our database and to not use such information for any purpose (except where necessary to protect the safety of the child or others, as required or allowed by law). If you become aware of any personally identifiable information that we may have collected from children under 13, please contact the CPO at privacy@argainvest.com.
Minors under 18 years of age may have the Personal Information that they provide to us deleted by sending an email requesting deletion to privacy@argainvest.com. Please note that while we make reasonable efforts to comply with such requests, deletion of your Personal Information does not ensure complete and comprehensive removal of that data from all systems.
Updates to this Privacy Notice
We will update this Privacy Notice periodically to reflect changes in our privacy practices or to reflect new regulatory requirements. We will not, however, revise our Privacy Notice to permit sharing of non-public Personal Information other than as described in this notice unless we first notify you and provide you with an opportunity to prevent the information sharing.
For California Residents
In accordance with the California Consumer Privacy Act (“CCPA”), this section is intended to inform California residents of (1) the Personal Information that we collect and how we disclose that information, and (2) the privacy rights California residents may have relating to their Personal Information and how those rights can be exercised.
Personal Information Collection and Disclosure
The following is intended to provide additional information about the collection and use of Personal Information. Nothing in this section limits our ability to use or disclose information as described elsewhere in this Privacy Notice.
- Categories of Personal Information Collected: In the past 12 months, we have collected the following categories of Personal Information, described in greater detail in the “What is Personal Information?” and “How We Collect Your Personal Information” sections above.
- Identification Information, such as your name, age, date of birth, email address, phone number, physical address, biographical information, social security and other identification numbers.
- Online Activity Information, such as your device identifier or IP address, the type of browser and device you are using, information about your device’s operating system and the actions you take on our website.
- Commercial and Financial Information, such as your financial history, transaction history, wire transfer instructions, banking details and account numbers.
- Sources of Personal Information: We collect and disclose the above categories of Personal Information directly from you, the advisers or platforms through whom or which you invest, as provided to us by your authorized representatives and other fiduciaries, and as otherwise described in “How We Collect Your Personal Information” above.
- Purposes of Collection and Disclosure: We collect and disclose the above categories of Personal Information for the business and commercial purposes described in “How We Share and Disclose Your Personal Information” above.
- Categories of Personal Information Disclosed for a Legitimate Business Purpose: In the past 12 months, we have disclosed for a legitimate business purpose all of the above categories of Personal Information to affiliates, service providers, custodians, fund administrator and other nonaffiliated third parties described in the “How We Share and Disclose Your Personal Information” section above.
- Categories of Personal Information Sold or Leased: We do not sell or lease Personal Information.
California Consumer Privacy Act (“CCPA’) Rights
If you are a California resident, you have rights regarding your Personal Information. Specifically, you have the right to request:
- The categories of Personal Information as well as specific pieces of Personal Information we have collected about you
- The categories of sources of the Personal Information we have collected about you
- Our business or commercial purpose for collecting that Personal Information
- The categories of third parties with whom we share that Personal Information
- Opting out of the sales of your Personal Information (note that we do not sell your Personal Information)
- If we disclosed your Personal Information to a third party for a business purpose, a list of the Personal Information types that each category of recipient received
- The right not to receive discriminatory or adverse treatment for the exercise of your privacy rights under the CCPA
We will provide you with this information for the 12-month period preceding your request.
Right to Delete Personal Information
Subject to certain exceptions described below, you have the right to request that we delete, and direct any service providers that have received your Personal Information to delete, any Personal Information that we have collected and retained about you. If you submit a valid and verifiable request and we can confirm your identity and/or authority to make the request, we will determine whether retaining your information is necessary for us or our service providers to:
- Complete your transaction(s) or provide a reasonably anticipated product or service to you
- Detect security incidents, protect against malicious, deceptive, fraudulent or illegal activity or prosecute those responsible for such activities
- Enable internal and other lawful uses compatible with reasonable consumer expectations or the context in which your Personal Information was provided
- Exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided by law
- Comply with legal obligations, exercise legal claims or rights, or defend legal claims
We will delete your Personal Information from our records and instruct our service providers to do the same if none of the above exceptions apply.
How to Exercise Your Rights
You can exercise the above privacy rights by calling us at 203.614.0800 or emailing us at privacy@argainvest.com. When you exercise these rights and submit a request to us, we will take reasonable steps to verify your identity by asking you to provide your email address or other proof of identity. We may also use a third-party verification vendor to verify your identity.
Authorized Agents
You may submit a request to know or a request to delete your Personal Information through an authorized agent. If you do so, we may require the agent to present signed written authorization to act on your behalf and you may additionally be required to independently verify your identity with us and confirm that you have provided the agent with permission to submit the request.
Changes
We may change the terms of this Privacy Notice from time to time. You may find a current version of this policy on our website at www.argainvest.com.
Questions
If you have questions regarding this Privacy Notice or to request this Privacy Notice in another form, please contact us at 203.614.0800 or email us at privacy@argainvest.com.
For Canadian Residents
Before we use Personal Information for a purpose not previously identified to you, we will identify the new purpose to you and obtain your consent, unless the purpose is otherwise required to comply with applicable legal, governmental or regulatory obligations.
You may request access to your Personal Information. However, in certain circumstances we may refuse access to your Personal Information, including for legal or regulatory reasons or where necessary to protect the confidentiality of third-party information. Our CPO will inform you in writing if we determine to refuse your request for access to Personal Information, setting out the reasons for the refusal and your right to complain to the Privacy Commissioner.
Any costs associated with your request for Personal Information shall be borne by you. We will generally provide requested Personal Information within 30 days of the date of the request. Our Privacy Officer may be contacted at the address and telephone number indicated above.
Despite the privacy controls currently in place, we acknowledge that there will always be a residual risk of a privacy breach that could result in a real risk of significant harm to a client.
We are subject to reporting and notification obligations in the event a privacy breach occurs which results in a real risk of significant harm to an individual. A privacy breach occurs following the loss or disclosure of, or unauthorized access to, Personal Information resulting from a breach of an organization’s security safeguards. A “real risk of significant harm” includes, but is not limited to, damage to reputation or relationships, financial loss, identity theft and damage to or loss of property.
In the event of a privacy breach, we will assess the implications of the breach as soon as feasible. Where we determine the breach creates a real risk of significant harm to an individual, we will investigate the breach, report the breach to the Office of the Privacy Commissioner of Canada, notify affected individuals as soon as feasible and take appropriate remedial measures to address the source of the breach.
For EU and UK Residents
This section of our Privacy Notice explains how ARGA will process your Personal Data fairly and lawfully and in accordance with the principles and requirements of the General Data Protection Regulation (Regulation 2016/679/EU), the Irish Data Protection Acts 1988 to 2018, the UK Data Protection Act 2018 and the GDPR as retained in the UK (collectively, the “GDPR”).
Personal Data means information that identifies you personally such as your name or contact details, or data that can be linked with such information in order to identify you (“Personal Data”).
Notwithstanding that we do not have an establishment within the EU and the UK, as controller of your Personal Data within the meaning of the GDPR, we are required to provide you with certain information about who we are, how we collect, use, store and process your Personal Data and for what purposes and your rights in relation to the protection of your Personal Data.
Lawful Basis for Processing Personal Data
In almost all cases, our lawful basis for processing your Personal Data will be:
- To perform the contract we have entered with you or anticipate entering with you
- To comply with a legal obligation
- If we (or a third party) have a legitimate business interest in collecting your Personal Data. Legitimate business interests include:
- Providing investment management services and fulfilling our obligations to you, your clients, the organization you represent or your organization’s clients in respect of our services or products
- To operate and improve our business and to help maintain the quality of our services
- To comply with a legal obligation not set out under the laws of EU members states and/or the UK, or under contract, including for the establishment, exercise or defense of legal claims
- Retaining your Personal Data in the event you have applied for employment with us
We will not collect or use Personal Data that is considered by the law as a special category of Personal Data without your consent, unless the law allows us to do so. If we do, it will only be when it is necessary: (1) for reasons of substantial public interest, or (2) to establish, exercise or defend legal claims.
The Personal Data We Collect from You
We may collect the following types of Personal Data about you:
- Contact information, such as your name, address, email address, telephone number and job title; and
- Personal and financial data, such as bank account details, source of wealth information and copies of passports or legal documents.
With Whom We Share Your Personal Data
We will share your Personal Data without first obtaining your consent to the following third parties for the following purpose(s) as part of our processing activities:
- Sub-processors as may be necessary to provide services for you, your clients, the organization you represent or your organization’s clients (e.g., brokers, custodian for your accounts)
- Sub-processors to assist us in administering and operating our business to meet client and regulatory expectations (e.g., disaster recovery backups, email retention systems)
- Advisers such as auditors, legal counsel and tax advisers to our firm or our funds relating to the services we provide to you, your clients, your organization or your organization’s clients
- Our affiliates, for the purposes of providing our services
How We Secure Your Personal Data
We take all reasonable steps to ensure that your Personal Data is stored and processed securely, and we also take appropriate security measures against unauthorized access to, or alterations, disclosure or destruction of your Personal Data, and against its accidental loss or destruction.
How Long We Keep Your Personal Data
We will keep your Personal Data for as long as is necessary. We may keep your data for up to seven years after you withdraw your investment from a fund that we manage. The reasons we may do this are:
- To respond to a question or complaint
- To study investor data as part of our own internal research
- To comply with rules that apply to us about keeping records
We may also keep your Personal Data for longer than seven years if we cannot delete it for legal or regulatory reasons. After this, we will securely erase your Personal Data.
We will periodically review the Personal Data we hold and if there is no longer a legal or business need for the Personal Data to be retained, we will erase it securely.
Transferring Your Personal Data Outside the European Economic Area (“EEA”) or the UK
Your Personal Data may be sent to and stored by us and third parties in countries outside the country in which you are located and outside the EEA and/or the UK. The nature of our business means it is often necessary for us to properly provide our services to you, your clients, the organization you represent, or your organization’s clients from outside the EEA and/or the UK. This occurs because our business, our affiliate and the third party we may use have operations in the US and other countries. We will only send your Personal Data outside of the EEA or the UK:
- Where the transfer is necessary for us to carry on our business.
- Where the transfer is necessary for important reasons of public interest or in the context of the establishment, exercise or defense of legal or regulatory proceedings.
- To work with our affiliates and service providers who assist us in servicing your account.
If we transfer your Personal Information outside the EEA or the UK, including to our affiliates and service providers, we will ensure that it is protected to the same extent as in the EEA or the UK, using one of these safeguards or with your explicit consent:
- We will make the transfers to a non-EEA/UK country on the basis that it is subject to an EU Commission adequacy decision (i.e., that the EU Commission has found that the legal framework of the non-EEA/UK country ensures an adequate level of data protection).
- We will make the transfer to a non-EEA/UK country on the basis of an appropriate transfer mechanism (e.g., the EU Commission’s standard contractual clauses for the cross-border transfer of Personal Data).
You may contact us using the contact details provided in this Privacy Notice if you wish you to obtain a copy of the data transfer mechanism that will be used to document the transfers of Personal Data outside the EEA and the UK, as described above.
Your Rights as a Data Subject
By law, you have a number of rights when it comes to your Personal Data:
- Right to be informed – you have the right to be provided with clear, transparent and easily understandable information about how we use your Personal Data, which is described in this Privacy Notice.
- Right of access – you have the right to request a copy of your Personal Data
- Right of rectification – you have the right to correct your Personal Data that is inaccurate or incomplete
- Right to be forgotten – you have the right to ask that we erase your Personal Data, in certain circumstances
- Right to restrict processing – you have the right to block or suppress further use of your Personal Data. When processing is restricted, we may still store your Personal Data, but may not use it further.
- Right to data portability – you have the right to have your Personal Data transferred to another organization
- Right to object – you have the right to object to certain types of processing such as direct marketing. These rights may be limited in certain circumstances, for example where we are required to process your Personal Data by law.
- Right to lodge a complaint – you have the right to lodge a complaint about the way we handle or process your Personal Data with your national data protection regulatory authority.
- Right to withdraw consent – If you have given your consent to anything we do with your Personal Data, you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your Personal Data with your consent up to that point is unlawful). This includes your right to withdraw consent to us using your Personal Data for marketing purposes.
Please contact us using the contact details provided below to exercise any of your rights. Further information and advice about your rights can be obtained from the data protection regulatory authority in your country.
We generally act on requests and provide information free of charge but may charge a reasonable fee to cover our administrative costs of providing the information for baseless or excessive/repeated requests, or further copies of the same information. Alternatively, we may be entitled to refuse to act on the request.
Please consider your request responsibly before submitting it. We will respond as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we will come back to you and let you know.
How You Can Contact Us
We have appointed a Chief Privacy Officer (“CPO”) who is responsible for our data protection. If, at any time, you have any concern about how your Personal Data is being processed by us, please contact our CPO directly by email at privacy@argainvest.com or by phone at +1.203.614.0800.
As noted above, as we are based outside the EU and the UK, we are obliged under the GDPR to appoint a representative located within the EU and the UK.
Pursuant to Article 27 of the GDPR, we have appointed European Data Protection Office (EDPO) as our GDPR representative in the EU. You can contact EDPO regarding matters pertaining to the GDPR as follows:
- By using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- By writing to EDPO at Avenue HuartHamoir 71, 1030 Brussels, Belgium
Pursuant to Article 27 of the UK GDPR, we have appointed EDPO UK Ltd as our GDPR representative in the UK. You can contact EDPO UK regarding matters pertaining to the UK GDPR as follows:
- By using EDPO’s online request form: https://edpo.com/uk-gdpr-data-request/
- By writing to EDPO UK at 8 Northumberland Avenue, London WC2N 5BY United Kingdom
If you are unhappy about any aspect of the way we collect, share or use your Personal Information, please let us know, directly or by contacting our Representative.
You also have the right to lodge a complaint with the relevant data protection authority in the jurisdiction where you live.
In Ireland, the relevant data protection authority is the Data Protection Commission (“DPC”). The DPC’s contact details are as follows:
Address: 21 Fitzwilliam Square South Dublin 2, D02 RD28, Ireland
Telephone: +353 (0)761 104 800
Website: www.dataprotection.ie
In the UK, the relevant data protection authority is the Information Commissioner’s Office (“ICO”). The ICO’s contact details are as follows:
Address: Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, United Kingdom
Telephone: +44 (0) 303 123 1113
Website: www.ico.org.uk
©2021, ARGA Investment Management, LP