1. SS&C and data privacy
SS&C Technologies Holdings Inc. and its affiliated companies ("SS&C") is committed to protecting personal data and respecting your privacy.
This privacy statement describes how we collect, use, share, protect, and otherwise process any personal information about you. This statement applies to personal information that you provide to us:
- as a visitor to our websites or as a user of our client portals;
- when you send us personal information directly as a customer of one of our clients;
- as a visitor to our premises;
- and as a contact at one of our customers or their customers, potential customers, suppliers or other business partners.
To the extent that any information you provide to us is healthcare information, such information is subject to a separate policy. If you have any questions about our collection, use, disclosure, protection, or processing of any healthcare information that you have provided to us, please do not hesitate to Contact us.
2. What information do we collect from you?
We may collect and process the following information (personal data) about you:
Information that you give us:
- This includes information about you that you give to us by filling in forms on our website (or other forms that we ask you to complete), giving us a business card (or similar), or corresponding with us by telephone, post, email or other means.
- It may include, for example, your name, address, email address, work telephone number, mobile telephone number, information about your business relationship with us, information about you necessary to complete anti-money laundering checks; and information about your professional role, background and interests.
- Information that our website and other systems collect about you:
- If you visit our website it will automatically collect certain information about you and your visit, including the Internet protocol (IP) address used to connect your device to the Internet and other information such as your browser type and version. We may also collect information about the pages on our site that you visit. Our website may also download "cookies" to your device – this is described in our separate cookie statement. If you email, telephone, write, or exchange other electronic communications with our employees and other staff members, our information technology systems will record details of those conversations and exchanges, sometimes including their content.
- Some of our premises have closed circuit TV systems which may record you if you visit our premises, for security and safety purposes.
- Other information: We may also collect some information from other sources. For example:
- If we have a business relationship with the organisation that you represent, your colleagues or other business contacts may give us information about you, such as your contact details or details of your role in the organisation that you represent.
- We sometimes collect information from other third parties, which can include third party data providers, or from publicly available sources for anti-money-laundering, background checking and similar purposes, to protect our business and to comply with our legal and regulatory obligations.¨
3. How will we use your information?
We may use your information for the following purposes:
- to personalize and customize your experience with us; conduct research and analysis; and fulfil orders and requests for products, services, or information from you or the organization that you represent;
- to send you marketing communications regarding our products and services;
- for ordinary business purposes, including to operate and administer the products and services that we provide to you and any agreements that we may have with you;
- to operate, administer and improve our website and premises and other aspects of the way in which we conduct our operations;
- to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes; and
- to comply with our legal and regulatory obligations, and to bring and defend legal claims where the information is pertinent (including to allow us to pursue available remedies or limit the damages that we may sustain).
We may from time to time be required to review information about you held in our systems – including the contents of and other information related to your email and other communications with us – for compliance and business-protection purposes as described above.
This may include reviews for the purposes of disclosure of information relevant to litigation and/or reviews of records relevant to internal or external regulatory or criminal investigations.
To the extent permitted by applicable law, these reviews will be conducted in a reasonable and proportionate way, and approved at an appropriate level of management. They may ultimately involve disclosure of your information to governmental agencies and litigation counterparties as set out below.
Your emails and other communications may also be accessed occasionally by persons other than the member of staff with whom they are exchanged for ordinary business management purposes (for example, where necessary when a staff member is out of the office or has left our organisation).
We will only process your personal information as necessary to pursue the purposes described above, and then only where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest in pursuing those purposes.
In exceptional circumstances, we may also be required by law to disclose or otherwise process your personal information.
We will tell you, when we ask you to provide information about yourself, if:
- provision of the requested information is necessary for compliance with a legal obligation, or
- it is purely voluntary and there will be no implications if you decline to provide the information.
If you are uncertain as to SS&C's need for information that we request from you, please contact the SS&C representative asking for the information, or Contact us, with your query.
4. Disclosure and international transfer of your information
We may disclose personal information about you, where reasonably necessary and appropriate for the various legitimate purposes set out above:
- to the other legal entities within SS&C;
- if we receive the personal information from you as a representative of one of our business partners or clients, to your colleagues within the organisation that you represent;
- to third party service providers who host our website or other information technology systems or otherwise hold or process your information on our behalf, under strict conditions of confidentiality and security;
- business partners, suppliers and sub-contractors for the performance of any contract we enter into with them or you;
- in connection with a proposed or actual sale, merger, transfer, or exchange of all or a portion of a business or operating unit; in accordance with our legal obligations, including to competent regulatory, prosecuting and other governmental agencies, or litigation counterparties, in any country or territory or where we are otherwise required by law to disclose.
These disclosures may involve transferring your personal information overseas. If you are dealing with us within the European Economic Area (or the UK, after it has left the European Economic Area), you should be aware that this may include transfers to countries outside the European Economic Area / UK, which do not have similarly strict data privacy laws and which may therefore afford a lower standard of personal data protection. In those cases, where we transfer personal data to other legal entities within SS&C or our service providers, we will ensure that our arrangements with them are governed by data transfer agreements, designed to ensure that your personal information is protected, on terms approved for this purpose by the European Commission.
5. How we keep your personal information safe?
We are committed to protecting your personal information submitted to us. We maintain an information security program including internal policies addressing the acceptable use and access to confidential business information and personal information which may be contained SS&C’s information systems. We maintain physical, electronic and procedural safeguards reasonably designed to guard personal information from loss, misuse or unauthorized access, disclosure, alteration or destruction of the information that has been provided to us through our on-line services. Please contact us for more information on our Information Security Policies.
6. How long do we keep your personal information?
We will retain your data in accordance with our Personal Data Retention Policy, which provide for a period of at least 7 years or longer as required by applicable law or our internal data protection policies. Please contact us for more information on our internal Personal Data Retention Policy.
We will delete the information that we hold about you when we no longer need it.
Note that we may retain some limited information about you even when we know that you have left the organisation that you represent, so that we can maintain a continuous relationship with you if and when we are in contact with you again, representing a different organisation.
7. What are your rights?
Rights of access, correction, restriction and deletion
You have a right of access to the personal information that we hold about you under European data protection legislation, and to some related information. You can also require any inaccurate personal information to be corrected or deleted as well as that any further data processing is restricted.
Right to object
You can object to our use of your personal information for direct marketing purposes at any time and you have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances.
If you wish to exercise any of these rights, please contact us as set out below.
Your California Privacy Rights
We do not share your personal information with third parties for their direct marketing practices.
You can also lodge a complaint about our processing of your personal information with the body regulating data protection in your country.
8. Contact us
We welcome questions, comments and requests regarding this Privacy statement and our processing of personal information. Please send them to 1 St. Martin’s Le Grand, London, EC1A 4AS or email us at firstname.lastname@example.org.
9. Changes to this policy
Any changes we make to this privacy statement in the future will be posted to our website and also available if you contact us. Please check back frequently to see any changes.
Last updated: July 2018