Baillie Gifford Privacy Notice
Baillie Gifford is committed to protecting the privacy and security of personal information entrusted to us.
This privacy notice is intended for individuals who:
- invest directly with us through our Investments Trusts, ISAs, Share Plans, or Unit Trusts; and/or
- request information from us, in a personal capacity, in relation to our products, services, events, promotions or other marketing materials and initiatives.
This notice describes how we as a "Data Controller", collect and use personal information about you during and after your relationship with us, in accordance with the General Data Protection Regulation (GDPR). It applies to all processing of personal data of our individual investors or marketing recipients that we undertake, and supplements any other similar notices or information provided to you at the time you supplied your personal data.
This privacy notice is not intended for individuals who invest directly in our range of OEICs, or for our business contacts. If you invest in an OEIC, please see the privacy notice for you found here. If you are a business contact of Baillie Gifford, please see the privacy notice for you found here. If you are a candidate for recruitment, please see the privacy notice for you found here.
The kind of information we hold about you
We may collect, store, and use the following categories of personal information about you:
- personal details such as name, title, date of birth, addresses, telephone numbers and email addresses;
- identification and verification information and documents, such as signatures, passports, driving licences, birth/marriage certificates and tax/credit references;
- financial and transactional information relating to your investments and your instructions regarding these.
We may also in some circumstances record telephone conversations with you. If you provide us with additional information about you, in particular by telephone or email, we may for regulatory reasons be required to collect and store the record as a whole. This might include:
- information about your race or ethnicity, religious beliefs, sexual orientation, marital status, and political opinions; or
- information about your health, including any medical condition.
We ask that you do not disclose any such information to us if you are uncomfortable for it to be stored on our systems to comply with our regulatory obligations.
How is your personal information collected?
We typically collect personal information about our individual investors, or those who request our marketing, directly from them. We will collect other information about you from third parties in the course of carrying out our anti-money laundering/anti-fraud obligations; or with your consent in order to ensure we only send you marketing that meets your needs. We may collect additional personal information in the course of our relationship as a necessity of the services being provided.
How we will use information about you
We will only use your personal information when the law allows us to; this is known as a “legal basis” for processing.
Situations in which we will use your personal information
We may use your personal information to:
- administer your investment in accordance with your instructions; the legal basis for this will be in performing a contract we have entered into with you or an associated individual, such as a joint holder, donor or trustee;
- communicate with you to provide you with information about Baillie Gifford products, services, events, promotions or other insights; we will only do so where you indicated to us that you wish to receive such information;
- process your identification details in order to comply with our anti-financial crime obligations;
- check your identification details against databases of individuals who are subject to sanctions, classified as “politically exposed persons” or have committed crimes and following up any suspicions, in order to ensure that we comply with our anti-money laundering and terrorism obligations and to avoid fraud itself; and
- meet our other compliance and regulatory duties, for example to retain certain records.
We may also use your personal information in the following situations, which are likely to be rare: where we need to protect your interests or someone else's interests (such as a minor who is the beneficiary of a share plan with us); or where it is needed in the public interest or for official purposes.
There may be overlap in the circumstances in which we use the same information about you.
Change of purpose
We will only use your personal information for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law or regulation..
Data sharing and third party processors
We may need to share your personal data with third parties, including other entities within the Baillie Gifford group and our auditors. Our Investment Trusts will also share your personal data with the registrars and printers appointed by each of them from time to time. Where we share your personal data with another party performing services for us (not for you), we require those third parties to respect the security of your personal data and to treat it in accordance with the law.
Which type of third-party service providers appointed by Baillie Gifford will process my personal information?
We may share your personal information with:
- a regulator or other authority (such as HMRC) in order to comply with the law;
- the administrator of our Investment Trust Share Plans/ISAs and Children’s Savings Plans (currently DST) where you invest in these products;
- a screening or identity checking service as required by law in order to carry out your instructions in relation to the products or services we provide to you;
- our preferred marketing partners who help us ensure we only send you marketing material that meets your needs/requirements. We will only do so where you have indicated to us that you wish to receive such material and you may at any time amend or cancel your instructions in this regard.
A list of our current third party service providers is provided at the end of this notice.
When might you share my personal information with other entities in the group?
We will share your personal information with other entities in our group only in so far as necessary to provide the products, services and/or marketing materials you have requested or contracted from us.
We have put in place measures to protect the security of your information. Details of these measures are included in group-wide policies which cover the following:
- management and organisation of information security;
- classification of data which includes data handling rules;
- staff training on responsibilities connected to information security and data protection, and the reporting of any information security incidents;
- physical and environmental security; and
- systems security, including backups, virus protection and access controls.
Our policies and controls are based on the international standard for information security, ISO27001, to which we have been certified since 2010. We are committed to implementing, maintaining and continually improving an information security management system in accordance with that standard. Our approach supports the enhancement of information security controls and our information governance framework is overseen by our joint Chief Information Security Officers. That framework includes a cross functional senior management group supported by expert external advice to oversee an effective information security strategy. We also have a rigorous third party oversight programme designed to maintain the confidentiality, integrity and availability of your data when it is processed by other organisations on our behalf.
How long will you use my information for?
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal or regulatory requirements.
You will appreciate that as a regulated business, there are record retention obligations on us. As a result, where necessary, we will retain your personal data in order to comply with these obligations.
Rights of access, correction, erasure, and restriction
Your rights in connection with personal information
Under certain circumstances, by law you have the right to:
- Request access to your personal information. This enables you to receive a copy of the personal information we hold about you and to check that we are processing it lawfully.
- Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
- Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it. You also have the right to ask us to stop processing personal information where we are relying on a legitimate interest and there is something about your particular situation which makes you want to object to processing on this ground.
- Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
- Request the transfer of your personal information to another party.
You can exercise these rights by contacting firstname.lastname@example.org
What we may need from you
We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights).
Right to Withdraw Consent
Where you may have provided your consent to the collection, processing or transfer of your personal information in order to receive marketing material from us, you have the right to withdraw that consent at any time. To do so, please contact us using the details above, or where it relates to email marketing only, using the unsubscribe link provided in all Baillie Gifford marketing emails. Once we have received notification that you have withdrawn your consent, we will no longer send you the relevant marketing materials. If you have notified us that you no longer wish to receive any marketing materials from Baillie Gifford, we will delete your details after 6 months.
Data Protection Officer
If you have any questions about this privacy notice, please contact email@example.com. If you are unhappy with how we handle your personal information, please contact the Data Protection Officer at DataProtection@bailliegifford.com. If we do not resolve your concerns to your satisfaction, you have the right to make a complaint to the Information Commissioner's Office (ICO), the UK supervisory authority for data protection issues.
Changes to this Privacy Notice
We may update this privacy notice from time to time, and will communicate such updates through our website. We will not do so where we believe this would materially impact your rights and freedoms: in those circumstances we will expressly notify you. We may also notify you in other ways from time to time about the processing of your personal information.
Third party providers who may currently process your personal data on behalf of Baillie Gifford
Corporate Mailing Solutions (CMS) - a mailing house used to send postal mailings on Baillie Gifford’s behalf. Only personal details necessary to fulfil any postal communication will be sent to CMS.
CommuniGator - A service that Baillie Gifford use to distribute marketing emails. Name, email address and postcode will be passed to CommuniGator.
Strategic Insight - Baillie Gifford uses a data analytics tool, called Faststats, provided by Strategic Insight to enable us to ensure we are marketing our Investment Trust products to the relevant audience. Names and address details will be provided to Strategic Insight. These details will also be sent to Experian for profiling purposes.
Equinet/Cobalt Sky – services used to ensure that our email marketing campaigns do not target individuals who have previously opted out of receiving electronic marketing.
DST - DST Financial Services Europe Limited and DST Financial Services International Limited are appointed by Baillie Gifford to perform the administration function for our Investment Trust Share Plans/ISAs and Children’s Savings Plans.
Experian - the firm used by Baillie Gifford to perform identity verification checks on clients for Anti Money Laundering purposes
GBG Group - the firm used by Baillie Gifford to establish client's current address where that client has changed address and not informed Baillie Gifford.
MessagePad - a firm appointed by Baillie Gifford to take messages from clients when calls volumes are high and outwith office hours.
Thomson Reuters - a screening service used to ensure we meet our anti-financial crime obligations.
Please note that the above list is subject to change.