- “We”, “us” or “our” is a reference to the following:
o Dimensional Fund Advisors Ltd. (“Dimensional UK”), a company registered in England and Wales under company number 02569601 and whose registered office is at 20 Triton Street, Regent’s Place, London NW1 3BF, England; or
o Dimensional Ireland Limited (“Dimensional Ireland”), an affiliate of Dimensional UK and a company registered in Ireland under registration number C185067 and located at Fitzwilliam Hall, Fitzwilliam Place, Dublin 2, Ireland;
- “Dimensional Entities” means us and our Affiliates;
- “Personal Data” means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, or an online identifier or by one or more factors (e.g., physical) specific to that person;
- “Regulatory Body” means any regulatory body by which we or the other Dimensional Entities are or become regulated; and
- “Affiliate” means an entity that controls, is controlled by, or is under common control with any Dimensional Entity, including Dimensional Fund Advisors LP, DFA Australia Limited, Dimensional Fund Advisors Canada ULC, Dimensional Japan Ltd., Dimensional Fund Advisors Pte. Ltd., and DFA Securities LLC.
- basic Personal Data (such as name; age; address; gender; nationality; occupation; citizenship; telephone number; email address; date of birth);
- financial or tax information, in connection with our investment management operations (such as details about a financial adviser or other representative or investment professional; investment details; banking or other financial details; employment history; social and/or national insurance number; tax identification number(s) and details of tax residency);
- identification documents, in connection with our investment management operations, such as a passport, national identity card or driver’s license;
- information regarding transactions, including those made on a person’s behalf, such as amounts and dates of trades, the amount of assets in an account, or communications with us;
- business contact information, and a file with a person’s contact history to be used for enquiry purposes, including so that we may check that you are satisfied with the services which we have provided to you;
- certain data collected when visiting our website(s) or those of our service providers, and information from attending and participating in online meetings, events or presentations such as that collected via “cookies”, user IDs, IP addresses and other device details, location, log-ins and other activity. We may record certain meetings, events or presentations; and
- information we are legally obligated to generate or collect, such as information for compliance or record-keeping obligations.
- to assess an application for services or to invest in funds, as a pre-contractual step;
- to manage and track investment, and to analyze and improve services in our legitimate interests;
- to provide services, such as pertinent communications, including account statements, or related information per our contractual obligations, or the results of our surveys in which you participate;
- to provide services such as pertinent communications, including account statements, or related information per our contractual obligations, or the results of our surveys in which you participate;
- for the management and administration of our business in our legitimate interests;
- to comply with and assess compliance with applicable laws, rules and regulations, and internal policies and procedures (including but not limited to tax or other business reporting purposes);
- for the administration and maintenance of databases storing Personal Data in our legitimate interests;
- for marketing purposes (including to contact you for marketing purposes as further described in “Marketing” at paragraph 6 below); or
- to provide you with general information about DFAL and/or the Dimensional Entities’ services.
- we need to do so in order to perform our contractual obligations to you, or otherwise provide you with appropriate client service;
- you have granted your consent to such use;
- we have legal and/or regulatory obligations that we must discharge;
- we may need to do so in order to establish, exercise or defend our legal rights or for the purposes of legal proceedings; or
- the use of your Personal Data as described is necessary for our legitimate business interests or those of the Dimensional Entities (except where such interests are overridden by your interests or fundamental rights and freedoms), such as:
- allowing us to effectively and efficiently manage and administer the operation of our business or an investment (or the investment of your clients); or
- maintaining compliance with internal policies and procedures implemented as needed in connection with the Dimensional Entities’ business.
- as required in connection with the management and administration of our business, including the management of an investment (or the investment of your client);
- to facilitate the provision of services;
- to assess an application for services or to invest in funds;
- to assess compliance with applicable laws, rules and regulations as well as internal policies and procedures across the Dimensional Entities; and
- as required in connection with the administration and maintenance of the databases storing Personal Data.
- with third-party agents, service providers and contractors that provide services to us or facilitate the services we provide. This includes, for example, accountants; professional, financial or legal advisors; and certain financial institutions, such as fund administrators, depositaries or custodians. Other service providers include IT and communications providers and those providing marketing services when we are permitted to disclose your Personal Data to them;
- to the extent required by law (for example, if we are under a duty to disclose Personal Data to comply with any legal obligation, including, without limitation, to comply with tax reporting requirements) or as may be needed to establish, exercise or defend legal rights. This may include disclosure to relevant Regulatory Bodies or tax authorities; and
- to the extent required to transact on a person’s behalf, including portfolio management and other transactions.
- the recipient might have signed “model contractual clauses” approved by the European Commission or the UK Government (as applicable), obliging the recipient to protect Personal Data; or
- the country that we send the data to might be approved by the European Commission or the UK Government (as applicable) as offering an adequate level of protection for Personal Data, or there is another approved scheme in place for the transfer.
- the purpose for which we obtained the Personal Data – we will need to keep the data for as long as is necessary for that purpose subject to and in accordance with our legal and regulatory obligations; and
- legal or regulatory obligations – for instance, laws or regulation may set a minimum period for which we have to keep your Personal Data, or we may have to keep such Personal Data in the event needed to demonstrate regulatory or legal compliance.
- the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you;
- the right to withdraw your consent to the processing of your Personal Data at any time;
- in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit such data to a third party where this is technically feasible (otherwise known as data portability). Please note that this right only applies to Personal Data which you have provided to us;
- the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
- the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data but we are legally entitled to retain it;
- in certain circumstances, such as when the processing is carried out on the basis of legitimate interests, the right to request that we restrict the processing of your Personal Data or to object to our processing of your Personal Data. Again, there may be circumstances where you object, or ask us to restrict processing, but we are legally entitled to refuse that request; and
- the right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that we have infringed any of your rights.
2. The Types of Personal Data We Collect
2.1 Due to our business relationships and/or the services we provide, we must obtain certain Personal Data. For such business reasons, we may collect, receive and otherwise process the following Personal Data. The extent of such processing is generally determined by the scope of the relevant services or relationship, and if we are unable to process such Personal Data, we may not be able to maintain a relationship or provide services. The lists provided below are non-exhaustive and may not be applicable to you; the lists, however, represent the types of Personal Data we typically receive in the course of ordinary business.
3. How We Use Your Information
3.1 We may store and process Personal Data in the following ways and for the following purposes, where applicable:
3.2 We are entitled to use your Personal Data in these ways because:
4. Disclosure of Your Information to Third Parties
4.1 We may disclose Personal Data to a member of the Dimensional Entities in the circumstances outlined below:
4.2 We may share Personal Data outside of the Dimensional Entities for the following purposes:
We seek to put in place, with third parties processing Personal Data on our behalf, confidentiality restrictions and requirements so that their use of Personal Data received from us is permitted only on our instructions and is limited to those purposes described in paragraph 3, “How We Use Your Information”.
5. Transfers of Personal Data Outside the European Economic Area or the United Kingdom
5.1 We may transfer Personal Data to other offices of the Dimensional Entities or to the Dimensional Entities’ agents, service-providers and/or contractors outside the European Economic Area (“EEA”) (in the case of Dimensional Ireland) or the United Kingdom (“UK”) (in the case of Dimensional UK) including to the United States. Dimensional Ireland and Dimensional UK share Personal Data with each other as part of their operations.
5.2 For any transfers of your Personal Data outside the EEA or the UK (as applicable), we are required to provide appropriate safeguards to protect such information. This may be done in a number of ways, for instance:
We may also make such a transfer outside the EEA or the UK (as applicable) where we have a person’s consent to do so or where another legal exception from the requirement to provide appropriate safeguards to protect such information applies. In all cases, we will endeavour that any transfer of your Personal Data is compliant with relevant data protection law.
5.3 You can obtain more details of the protection given to your Personal Data when it is transferred outside the EEA or the UK (as applicable) (including a copy of any standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in paragraph 10 below.
6.1 We may use your Personal Data for marketing services of the Dimensional Entities that may interest you. We provide the option to unsubscribe or opt-out of further communication on each electronic marketing communication sent to you, which you can exercise by following the unsubscribe instructions provided in the communication. You can also opt-out of further communications by contacting us directly using the details provided in paragraph 10 below.
7. How We Safeguard Your Information
7.1 We seek to implement controls to maintain the security of information and information systems and to protect client files with appropriate safeguards, according to the sensitivity of the information contained therein. Appropriate controls (such as restricted access) may also be placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees.
7.2 As a condition of employment, employees of all Dimensional Entities are required to follow all applicable laws and regulations, including in relation to data protection law. Unauthorised use or disclosure of confidential client information by an employee of a Dimensional Entity is prohibited and may result in disciplinary measures.
8. Retention of Personal Data
8.1 How long we will process Personal Data varies and is generally determined by the following:
9. Your Rights
9.1 You have a number of legal rights in relation to the Personal Data that we hold about you. These rights include:
9.2 You may exercise your rights by contacting us using the details listed in paragraph 10 below.
9.3 You may also find out more information about your rights by contacting the relevant data protection and privacy regulator (see “Questions and Concerns” at paragraph 10 below), or by visiting, for the UK Information Commissioner’s Office, https://ico.org.uk/, or for the Irish Data Protection Commission, https://dataprotection.ie/.
10. Questions and Concerns
10.1 If you have questions or concerns about our handling of your Personal Data, or about this Policy and Notice, please contact us at EMEADataPrivacy@dimensional.com or:
• Dimensional UK - Attn: Privacy Officer, 20 Triton Street, Regent's Place, London, NW1 3BF, United Kingdom. Dimensional UK's phone number is +44 (0) 3033 3300.
• Dimensional Ireland - Attn: Privacy Officer, Fitzwilliam Hall, Fitzwilliam Place, Dublin 2, Ireland. Dimensional Ireland's phone number is +353 1 669 8500.
10.2 As Dimensional UK does not have an establishment in the European Union, it has appointed Dimensional Ireland as its representative. You may contact Dimensional Ireland if you are in the European Union to raise any issues or queries you may have relating to Dimensional UK's processing of your Personal Data and/or this Policy and Notice more generally.
10.3 We aim to address any privacy-related questions promptly. If you are unhappy with how we are handling your Personal Data, you may lodge a complaint with a privacy regulator, including the privacy regulator of your habitual residence, your place of work or the place where the alleged infringement of your rights has occurred. You may complain, regarding Dimensional UK, to the UK Information Commissioner’s Office, the contact details of which are available on their website (https://ico.org.uk/). For complaints with respect to Dimensional Ireland, you may contact the Irish Data Protection Commission (see https://dataprotection.ie/).