Dimensional Fund Advisors Ltd.
- “DFAL” means Dimensional Fund Advisors Ltd., 20 Triton Street, Regent’s Place, London NW1 3BF, which is included on the UK Information Commissioner’s Office register as a data controller and also is authorised and regulated by the Financial Conduct Authority;
- “We”, “us” or “our” is a reference to DFAL;
- “Dimensional Entities” means DFAL and its Affiliates;
- “Personal Data” means any information relating to an identified or identifiable person; an identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier or by one or more factors (e.g., physical) specific to that person;
- “Regulatory Body” means any regulatory body by which we or the Dimensional Entities are or become regulated; and
- “Affiliate” means an entity that controls, is controlled or is under common control with any Dimensional Entity.
The Types of Personal Data We Collect
Due to the business relationships we maintain and/or the services we provide, we must obtain certain Personal Data. For such business reasons, we may collect and otherwise process the following Personal Data. The extent of such processing is generally determined by the scope of the relevant services or relationship, and if we are unable to process such personal data we may not be able to maintain a relationship or provide services. The lists provided below are non-exhaustive or may not be applicable to you; the lists, however, represent the types of Personal Data we typically receive in the course of ordinary business.
Information that you may provide to us:
- basic Personal Data (such as name; age; address; gender; nationality; citizenship; address; telephone numbers; email address; date of birth); and
- financial or tax information, as requested in connection with our investment management operations (such as advisor details; investment details; banking or other financial details; employment history; social and/or national insurance number; tax identification number(s) and details of tax residency).
Information we may collect or generate about you, or obtain from other sources:
- information regarding transactions, such as amounts and dates of trades, amount of account assets, and communications with us;
- a file with your contact history to be used for enquiry purposes, so that we may check satisfaction with services provided;
- upon your visiting our website, certain data with regard to your visit and activities on the website via “cookies”; and
- information we are legally obligated to generate or collect, such as information for compliance or record-keeping obligations.
How We Use Your Information
We may store and process Personal Data in the following ways and for the following purposes, where applicable:
- to assess an application for services or to invest in funds;
- to manage and track investments, and to analyze and improve services;
- to provide services such as pertinent communications, including account statements, or the results of our surveys in which you participate;
- for the management and administration of our business;
- to comply with and assess compliance with applicable laws, rules and regulations, and internal policies and procedures (including but not limited to tax or other business reporting purposes);
- for the administration and maintenance of databases storing Personal Data; or
- to provide you with general information about DFAL and/or the Dimensional Entities’ services.
We are entitled to use Personal Data in these ways because:
- We need to do so in order to perform our contractual obligations, or otherwise provide appropriate client service;
- You have granted your consent to such use;
- We have legal and/or regulatory obligations that we must discharge;
- We may need to do so in order to establish, exercise or defend our legal rights or for the purposes of legal proceedings; or
- The use of your Personal Data as described is necessary for our legitimate business interests or those of the Dimensional Entities (only where this does not override your rights and freedoms), such as:
- allowing us to effectively and efficiently manage and administer the operation of our business or an investment; or
- maintaining compliance with internal policies and procedures implemented as needed in connection with the Dimensional Entities’ business.
Disclosure of Your Information to Third Parties
We may disclose Personal Data to a member of the Dimensional Entities in the circumstances outlined below:
- as required in connection with the management and administration of our business, including the management of investments;
- to facilitate the provision of services;
- to assess an application for services or to invest in funds;
- to assess compliance with applicable laws, rules and regulations as well as internal policies and procedures across the Dimensional Entities; and
- as required in connection with the administration and maintenance of the databases storing Personal Data.
We may share Personal Data outside of the Dimensional Entities for the following purposes:
- with third-party agents, service-providers and contractors that provide services to us or facilitate the services we provide (for example, accountants, professional, financial or legal advisors, IT and communications providers and certain financial institutions, such as fund administrators, depositaries or custodians). These third parties will be subject to confidentiality restrictions and requirements so that the use of Personal Data is permitted only on our instructions and is limited to those purposes described in "How We Use Your Information" above;
- to the extent required by law (for example, if we are under a duty to disclose your Personal Data in order to comply with any legal obligation, including, without limitation, in order to comply with tax reporting requirements) or as may be needed to establish, exercise or defend legal rights. This may include disclosure to relevant Regulatory Bodies or tax authorities; and
- to the extent required to transact, including with respect to portfolio management and other transactions.
Transfers of Personal Data Outside the European Economic Area
We may transfer Personal Data to other offices of the Dimensional Entities or to the Dimensional Entities’ agents, service-providers and/or contractors outside the European Economic Area (“EEA”).
For any transfers of Personal Data outside the EEA, we are required to provide appropriate safeguards to protect such information. This may be done in a number of ways, for instance:
- the recipient might have signed “model contractual clauses” approved by the European Commission, obliging the recipient to protect your Personal Data;
- the country that we send the data to might be approved by the European Commission as offering an adequate level of protection for Personal Data; or
- where the recipient is located in the US, it might be a certified member of the EU-US Privacy Shield scheme (or such equivalent scheme as approved by appropriate Regulatory Bodies from time to time).
We may also make such a transfer outside the EEA where we have consent to do so. If we rely on your consent to transfer Personal Data outside the EEA, you have the right to withdraw such consent at any time. In all cases, we will endeavour that any transfer of your Personal Data is compliant with relevant data protection law.
You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA (including a copy of any standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in "Questions and Concerns"below.
How We Safeguard Your Information
We seek to implement controls to maintain the security of our information and information systems and to protect client files with appropriate safeguards, according to the sensitivity of the information contained therein. Appropriate controls (such as restricted access) may also be placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorized employees.
As a condition of employment, employees of all Dimensional Entities are required to follow all applicable laws and regulations, including in relation to data protection law. Unauthorized use or disclosure of confidential client information by an employee of a Dimensional Entity is prohibited and may result in disciplinary measures.
Retention of Personal Data
How long we will hold Personal Data for will vary and will be determined by the following criteria:
- the purpose for which we obtained the Personal Data – we will need to keep the data for as long as is necessary for that purpose subject to and in accordance with our legal and regulatory obligations; and
- legal or regulatory obligations – for instance, laws or regulation may set a minimum period for which we have to keep your Personal Data, or we may have to keep such Personal Data in the event needed to demonstrate regulatory or legal compliance.
You have a number of legal rights in relation to Personal Data that we may hold about you. These rights include:
- the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;
- the right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason (other than consent) for doing so;
- in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit such data to a third party where this is technically feasible (otherwise known as data portability). Please note that this right only applies to Personal Data which you have provided to us;
- the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
- the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;
- the right to request that we restrict the processing of your Personal Data in certain circumstances. Again, there may be circumstances where you ask us to restrict processing of your Personal Data but we are legally entitled to refuse that request; and
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that we have infringed any of your rights.
You may exercise your rights by contacting us using the details listed in "Questions and Concerns" below.
You may also find out more information about your rights by contacting the relevant data protection and privacy regulator (see "Questions and Concerns" below), or by visiting their website at: https://ico.org.uk/.
Questions and Concerns
If you have questions or concerns about our handling of your Personal Data, or about this Policy, please contact us using the following contact information:
Telephone: +44 (0)203 033 3300
We aim to address any privacy-related questions promptly. If you are unhappy with how your Personal Data is being handled, you may lodge a complaint with a privacy regulator, including the privacy regulator of your habitual residence, your place of work or the place where the alleged infringement of your rights has occurred. You may also complain to the UK Information Commissioner, the contact details of which are available on their website: https://ico.org.uk/.