AST Access
open navigation close navigation Menu
Home Privacy Policy

Privacy Policy

Last updated: October 2024

We understand how important your personal data is and are committed to protecting and respecting your privacy.

Equiniti.com is the main website for the Equiniti Group of companies. This Privacy Policy explains how the companies of the Equiniti Group collect, use and protect your personal information across our brands. References to "we", "us" or "our" are to the relevant Equiniti Data Controller processing your personal information.

Equiniti is structured into four business divisions: UK Shareholder Services, US Shareholder Services, Retirement Solutions and Customer Resolutions. Usually when we interact with you it will be through one of these brands. The Equiniti Group legal entity that is responsible for your personal data (the data controller) will be the entity shown on the website, form or portal. Different Equiniti legal entities are responsible for different services and products.

By using this site you consent to this Policy, including your consent to our use and disclosure of information about you in the manner as described in this Policy.

  1. Who we collect data from;
  2. Why we collect your personal data;
  3. How long we hold your personal data for;
  4. The conditions under which we may share your personal data with others;
  5. Overseas Processing;
  6. How we keep your personal data secure;
  7. Your personal data rights and how to exercise them;
  8. Useful information;

1. How we collect your personal data

We may collect and process the following personal data about you:

Information you provide to us

  • By filling in forms on our website(s) so that we may contact you;
  • By corresponding with us by phone, e-mail, live-chat, social media channels or otherwise;
  • Application/registration forms/identification documentation;
  • Entering competitions, promotions or surveys; and
  • When you report any problem or complaints with our website, products and services.

Information we collect about you

  • Information about when you logged onto our website(s), including your IP address, information about your visit, your browsing history, and how you use our website.– please see our Cookie Policy for further information on this;
  • Information on what you view, click on and access in and through our marketing emails. This may include the geographic location of the device you have used.
  • If you contact us via social media, we may collect details from your social media account.

Information we receive from third parties

  • As part of our identity and financial crime checking procedures with credit reference agencies, fraud detection agencies and registration or stockbroking industry exchanges;
  • From third parties when you have instructed or agreed for them to pass information to us, such as:
    • From online advertising networks (for example Google) through whom we place advertisements. The information we obtain varies from network to network.  It often summarises the actions of lots of people and so does not enable us to identify you individually.  It relates to what you view, click on, and access through websites in their network, including the subject matter of the website you started at and where you subsequently go.  It might also include their analysis of your behaviour across the wider internet and a profile of you. 
    • From social networks (for example Linkedin) where your account privacy settings allow us to validate and complete our records, as well as track information such as displaying and click on advertisements based on previous browsing history on this website.

You can block or delete cookies using settings options in your browser (the software you use to access websites). If you do this some features on this website may not work correctly. This website, like many others, does not respond to Do Not Track ('DNT') requests made through browser settings.

We will only collect and use special category information if the law allows us to do so. 

Keeping your personal data up to date

The personal data we hold may include your name, postal address, email address and phone number, date of birth, financial information and employment details to enable us to contact you and respond to your enquiries as well as provide you with information about our products and services.  

It is important to us that the personal data we hold about you remains accurate and up to date at all times, but we need your help in doing this.  Please let us know as soon as anything needs updating or correcting.

Other people’s personal data  

The information you give us, or that we collect through your use of our services, may contain your or another person’s personal data.  If you provide us with information about another person, you confirm that they have appointed you to act for them, they consent to you providing their personal data to us and any processing of their personal data and that you have informed them of our identity and the purpose for which their personal data will be processed – as set out in this Privacy Notice.

2. Why we collect your personal data

In the table below we demonstrate why and how we use your personal data as well as providing the legal reasons which we rely upon.

Type of processing

Purpose of the processing

Lawful basis for the processing of personal data

Provision of services, including the administration and management of customer records

To manage and operate your account with us to facilitate the provision of services, this includes retaining records of your instructions and telephone calls and keeping your account records up to date.

To respond to any data rights that you invoke.

To complete any transaction that you instruct us to undertake, and any legal obligations we have in relation to the transactions.

To keep our websites and portals secure and permit you safe access to our services.

With your consent.

The performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.

To comply with legal requirement placed upon us, such as Data Protection legislation.

Our legitimate interests, such as the proper administration of our service and business, for example:

  • Keeping our records up to date.
  • Defining types of customers for new products and services.
  • Seeking your consent when we need it to contact you.
  • Operating efficiently.
  • Enabling and monitoring your use of our website and services.
  • To meet our regulatory requirements.

Marketing our products and services

 To allow you to participate in interactive features of our website, when you choose to do so.

  • Identifying if any of our other products or services may be of interest to you and making suggestions and recommendations to you about them.
  • To provide you with the information, products and services that you request from us.
  • To administer any prize draws that you are offered and elect to enter as an incentive.
  • To ask you if you wish to hear from other entities within the Equiniti Group of Companies that offer complementary services.
  • We can ask you from time to time to confirm or update your choices, such as when there is a change in the law or the structure of our business.

 

IMPORTANT
You can withdraw from marketing at any time, please use the unsubscribe button in our emails or contact us.

 With your consent.

When we have collected your personal data when applying for, or enquiring about, a product or service or as part of a transaction with us.

  • Our legitimate interests, such as the proper administration of our service and business, for example:
  • Keeping our records up to date.
  • Defining types of customers for new products and services.
  • Seeking your consent when we need it to contact you.
  • Operating efficiently.
  • Enabling and monitoring your use of our website and services.

To meet our regulatory requirements.

Improving our products and services

To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you, which may be based on your activity on our website(s) or the website of another Equiniti Company or third parties’ websites.  We may do this ourselves or appoint an agency to do this on our behalf.

To identify service improvements such as when troubleshooting, undertaking data analysis, testing new products, using your personal data for research, statistical and survey purposes.

  • To ensure that content from our websites are presented in the most effective manner for you and for your device.
  • How we manage and work with other companies in the delivery of our products and services.
  • To study how you and our other customers use our products and services.
  • To measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you, which can be based on your activity on our website(s) or the website of another Equiniti Company or third parties’ websites.  We can do this ourselves or appoint an agency to do this on our behalf.

 With your consent.

To comply with legal requirements placed upon us, such as the Data Protection legislation.

Our legitimate interests, such as the proper administration of our service and business, for example:

  • Keeping our records up to date.
  • Defining types of customers for new products and services.
  • Seeking your consent when we need it to contact you.
  • Operating efficiently.
  • Enabling and monitoring your use of our website and services.

Some of this information will be gathered by cookies that you have consented can access your computer.  Please see our cookie policy for further information on how to manage cookies.

If you choose not to give personal information

We need to collect personal information required by law or under the terms of service you have elected to use.  If you choose not to give us the personal data we need, it can mean that we must cancel or decline a service that you request or have with us.

3. How long we hold your personal data for

Personal data will not be retained for longer than necessary for us to achieve the purpose for which we obtained your personal data.  We will then either securely delete it or anonymise it so that it cannot be linked back to you. We review our retention periods for personal data on a regular basis.

For full details of our retention policies, please contact us.

4. The conditions under which we may share your personal data with others

The personal data we hold about you is confidential, and we will only share your personal data to enable us to deliver our product(s) or service(s), examples are as follows:

  • At your request, or with your consent;
  • Other Equiniti Group companies who help us deliver our products and services,
  • Non-Equiniti entities, in connection with running accounts and services for you, including:
  • Service suppliers to facilitate website, email, IT and administration services;
  • Our professional advisors, for example, our lawyers and technology consultants, when they need it to provide advice to us;
  • Your employer or agent(s), in accordance with any specific instructions you provide to us;
  • Market Research Agencies to measure or understand the effectiveness of advertising we serve to you and others.  We may do this ourselves or appoint an agency to do this on our behalf.  This will include your use of social media sites.
  • Credit reference agencies and fraud detection agencies as part of our identification procedures.
  • Fraud prevention agencies who will use it to prevent fraud and money-laundering and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment.
  • Your Official Receiver or appointed insolvency practitioner if we receive notice of your insolvency, bankruptcy or insolvency proceedings/arrangement.

We will only transfer your personal information to trusted third parties who provide sufficient security guarantees and who demonstrate a commitment to compliance with applicable law and this policy.  Where third parties are processing personal information on our behalf, they will be required to agree, by contractual means, to process the personal information in accordance with the applicable law. This contract will stipulate, amongst other things, that the third party and its representatives shall act only on our instructions, or as permitted by law.

We are also required to share your personal data with external third parties as follows (but not limited to):

  • Regulators and supervisory authorities as part of our legal obligations;
  • Where the law requires or permits disclosure, or there is a duty to the public to reveal it;
  • When we need to defend or exercise our legal rights or those of a third party;
  • Debt collecting, debt chasing or another agent for enforcing payment of monies owed to us;
  • Efforts to trace you if we lose contact with you;
  • Police and other law enforcement agencies for the prevention and detection of crime and where a valid permission is applicable;
  • As a result of a court order or other regulatory instruction; and
  • Our insurers and insurance brokers where required for underwriting our risks and as part of ongoing risk assessments.

We may transfer your personal data to a third party as part of a sale of some or all of our business and assets to any third party or as part of any business restructuring or reorganisation. At all times, we will take steps to ensure your privacy rights continue to be protected as per this Privacy Notice.

5. Overseas Processing

Equiniti use data processors who are third parties providing services to us.  We have contracts in place with our data processors which means they cannot do anything with your personal data unless we have instructed them to deliver that service for us, and if applicable, to you.  Some third parties are outside of the UK or EEA which may mean that personal data is transferred or accessed where those third parties (processors) operate, such as:

  • Personal data will be shared with members of the Equiniti Group outside of the UK including Equiniti India Private Limited which is based in India, for the purposes described in this Privacy Notice.
  • When we contact you via email or you use our microsites to contact us, one of our service providers has operations outside of the UK.

Whenever Equiniti transfers personal data outside of the UK or EEA, it relies on:

  • Adequacy Decisions – as adopted by the European Commission (Art. 45 of EU GDPR) or as adopted by UK Secretary of State (Art. 45 of UK GDPR / Section 17A of the Data Protection Act 2018)
  • The European Commission’s Standard Contractual Clauses (‘SCCs’) and the UK Information Commissioner’s Office’s International Data Transfer Addendum (‘IDTA’)
  • As required under UK GDPR and EU GDPR, Equiniti performs Transfer Risk Assessments (‘TRAs’) / Transfer Impact Assessments (‘TIAs’) for any transfers made outside of the UK and EEA which are continually monitored and subject to periodic review to ensure personal data is protected.

If you would like any further details about transfers of your personal data, then please contact our Data Protection Officer using the details provided at the end of this Privacy Notice.

By using our Service, you agree to this international transfer, storing and processing.

6. How we keep your personal data secure

We understand how important your personal data is to you and we take its security very seriously.

We safeguard your personal data across all our computer systems, networks, websites and offices as much as possible through appropriate procedures and technical security measures.

We also use secure ways of communicating with you such as when collecting your personal data or providing your account information:

  • online through the use of security and encryption protocols.
  • before we discuss matters relating to your account(s) by telephone we will always ask you security questions to confirm your identity.

Where we have given you (or where you have chosen) a password or unique identifier (PIN) which enables you to access certain parts of online services, you are responsible for keeping this password/ PIN confidential, along with any username. We will never ask for your full password or PIN, and you must not divulge your full password to us or anyone else.  We recommend that any password or PIN you set is not easy to guess and is changed frequently.

Because we cannot guarantee the confidentiality of personal data sent on the internet you should never send your login details via email.

Security concerns

If you ever receive a communication from us by post, email or by phone that you are concerned it is not genuine, please contact us using the contact details below.

You must immediately inform us if you become aware, or suspect, that someone else has knowledge of your account details.

7. Your personal data rights and how to exercise them

You have rights in respect of the personal data that we hold about you.  They include the right to request a copy of the information that we hold about you, or in certain circumstances your data to be deleted from our systems. If you would like to exercise any of your rights under relevant data protection legislation then please contact our Data Protection Officer using the details provided at the end of this Privacy Notice.

If you wish to raise a complaint on how we have handled your personal data, please contact our Data Protection Office.

If you remain unsatisfied with our response or believe we are not processing your personal data in accordance with the law, you are able to contact the data protection authority in your country.

In the US, it is the Federal Trade Commission (FTC) who regulates Data Controllers compliance with data protection legislation. They can be contacted by email: ReportFraud.ftc.gov, post: Federal Trade Commission, 600 Pennsylvania Avenue, NW, Washington, DC 2058 or by calling: 1-877-FTC-HELP (382-4357).  

8. Useful information

8.1 - Children (16 years and under) and Vulnerable Adults

We are committed to the privacy protection of children and vulnerable adults. If you are aged 16 or under‚ and we need to process your personal data, you must obtain the permission of your parent/guardian before you share your personal data with us.  If we are notified that you are a vulnerable adult we will liaise with your authorised representative, once we are in receipt of the appropriate permissions.

8.2 - Use of ‘cookies’

For full details of how we use cookies, please refer to this our Cookies Policy.

8.3 - Changes to this Privacy Notice

We review our use of your personal data regularly.  In doing so, we can change what personal data we collect, how we keep it and what we do with it.  As a result, we can change this Privacy Notice from time to time to keep it relevant and up to date.

By continuing to use our products and services, you will be bound by this Privacy Notice.

Contact Details

If you have any questions that remain unanswered, please contact our Data Protection Officer:

  • By email at DPO@equiniti.com,
  • By post at Data Protection Officer, 48 Wall Street, 22nd Floor, New York, NY 10005
share-xx