How we collect your Personal Data
We collect your Personal Data in a variety of ways and from various sources. For example, we may collect your Personal Data:
- Through direct interactions with you, for example, when you fill out a form, send us mail or email, when you call us or in person.
- Directly from our clients or their agents. For example, from documents that our clients provide to us related to the services for which they engage us.
- Indirectly from our clients or their agents. For example, through information we collect from our clients while providing services to them.
- Directly and indirectly from activity on our websites or our mobile applications. For example, from submissions through our website or website usage details collected automatically.
- From affiliates and third party service providers (such as our marketing partners) acting on our behalf in connection with the services we perform.
- From publicly available sources, including social media, to the extent that you manifestly choose to make your profile publicly visible.
- From automated technologies or interactions that collect technical data about your equipment, browsing actions and patterns. This information is collected by using cookies, server logs or other similar technologies.
Sensitive Personal Data and criminal records
The Personal Data that we collect from you may include sensitive Personal Data. We recognize that certain jurisdictions have enacted laws that require higher protection of certain sensitive Personal Data. Sensitive Personal Data includes categories of information identified by the applicable privacy laws as requiring special treatment or protection. This information may include, but is not limited to, racial or ethnic origin; political opinions; religious, philosophical, or other similar beliefs; membership of a trade union or profession or trade association; physical or mental health; biometric data; or sexual orientation.
We do not collect, use, share or otherwise process sensitive Personal Data or criminal records unless permitted to do so by law. For example, we may collect, use, share or otherwise process your sensitive Personal Data or criminal records to perform Know Your Customer (KYC) checks to comply with applicable Anti-Money Laundering (AML) laws.
How we use your Personal Data
We use Personal Data for the following purposes:
- To fulfill our contractual obligations. For example, if you provide us with Personal Data to open, manage and administer your account, we will use that Personal Data for such purpose.
- To comply with a legal obligation that we have, for example where we are required to report to tax authorities, to perform KYC checks to comply with applicable AML laws or to prevent and detect financial crime.
- You have provided your consent, for example for a compatible reason as is described to you at the time of collection.
- For a purpose that is compatible with the original purpose as is described to you at the time of collection.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- For our legitimate interest, as a commercial organization, provided our use is proportionate and respects your privacy rights. Such legitimate interests may, for example, include:
- To provide you with information on products or services that you request from us.
- To provide you with, email alerts, event registrations, social media activity, and other notices concerning our products or services, or events or news that may be of interest to you, including through targeted messages and advertisements on or through our websites and apps and through third-party websites and apps. For more information, see the “marketing communications and your choices” section below.
- To enforce our rights arising from any contracts entered between you or the entity you represent and us, including for billing and collections.
- To improve our website and present its contents to you in a tailored and personalized manner.
- For market analysis and product development.
- Authenticate you as an authorized user and to facilitate communications between us.
- To evaluate or conduct a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all our assets, whether as an ongoing concern or as part of bankruptcy, liquidation, or similar proceeding, in which your information held by us is among the assets transferred.
- Monitor and record calls and electronic communications for (a) processing and verification of instructions, (b) investigation and fraud prevention purposes, (c) for crime detection, prevention, investigation and prosecution, (d) to enforce or defend our company, partners or affiliates', directly or through third parties to whom they delegate such responsibilities or rights, (e) to comply with any applicable legal obligation, (f) for quality, business analysis, training and related purposes
- To operate our business in a prudent manner in accordance with industry standards and applicable laws, which may include, monitoring and recording calls and electronic communications, responding to inquiries and requests, preventing fraud, research, to obtain advice from our advisors, as well as governance and management purposes.
If you do not provide us with your Personal Data when requested, it may prevent us from being able to carry out the tasks listed above.
Marketing communications and your choices
We may use your Personal Data to market to you. Specifically, we may collect, use, or otherwise process your Personal Data and share it with our affiliates and service providers to provide you with thought leadership materials, industry information, invitations to events and webinars, and other communications or solicitations that we believe will be of interest to you. We target and tailor such communications based on your interaction with us, via mail, email, online, telephone, in-person, or through third-party partners or vendors. If you do not wish to receive this information from us, please manage your preferences by clicking on the unsubscribe link in any of our emails, letting your relationship manager know or by clicking here.
Cookies and online tracking
How we share or disclose your Personal Data
We may disclose the categories of your Personal Data described above to our affiliates, service providers, and other third parties for our business purposes. When we do so, we will make sure that your Personal Data is used in a manner consistent with this notice, or enter into a contract that describes the business purpose and requires the recipient to both keep that Personal Data confidential and not use it for any purpose except performing the contract.
We may also use or disclose your Personal Data:
- To regulators, government agencies, exchanges, self-regulatory organizations or law enforcement authorities.
- If we are required to do so by law or if we reasonably believe that such disclosure is necessary or appropriate to prevent physical harm or financial loss in connection with an investigation of suspected or actual illegal activity,
- When disclosure is necessary to protect our rights or to comply with a judicial or regulatory requirement or to pursue our legitimate interest or the vital interests of a person.
Categories of third parties to whom we may disclose your Personal Data
We may disclose your Personal Data to the following categories of third parties:
- Our affiliates
- Service providers with whom we have contracted to perform services on our behalf
- Third parties, to whom you, your agents or the company you represent authorize us to disclose your Personal Data in connection with products or services we provide to you
- Regulators or other government agencies
- Exchanges or other self-regulatory organizations
- Law enforcement authorities
- With a successor entity in the event of a merger, acquisition or similar transaction
No Sale of Personal Data
We do not sell any of your Personal Data including Personal Data of minors under the age of 16 or as defined by applicable laws or regulations.
How we transfer and store your Personal Data
We operate globally and we may share some of your Personal Data, with organizations (including our affiliates and our service providers) who are outside of the jurisdiction in which the Personal Data was collected. Because we are headquartered in the United States, Personal Data collected in other countries is routinely transferred to the United States for processing. That is, Personal Data collected in one jurisdiction may be transferred, stored, and processed outside the country of origin. For these transfers, we have the relevant legal safeguards in place, including (for example) by way of contractual arrangements based on sets of standard contractual clauses that have been pre-approved by the European Commission (or otherwise consistent with the requirements of the relevant jurisdiction) to ensure adequate protection, or in certain circumstances we may rely on one of the exceptions to the rules that allows us to perform these transfers. This reflects our commitment to protecting your personal data regardless of where your personal data resides. Personal Data stored or processed in a foreign jurisdiction may be accessed under a lawful order made in that jurisdiction.
How we protect your Personal Data
We are committed to protecting the security of your Personal Data. We use reasonable technical and organization measures, in compliance with applicable law, to protect your Personal Data from unauthorized access, unlawful processing and against accidental loss, destruction or damage.
How long we retain your Personal Data
We will retain your Personal Data for as long as necessary to fulfill the purpose for which it was collected, such as providing our services, or as required by applicable laws or regulations. This period may extend beyond the termination of our relationship with you.
Your rights and choices
Depending on the jurisdiction, and subject to certain exceptions, you may have specific rights regarding your Personal Data. This section describes such rights and how you may exercise them.
- Access to Specific Information
- You may have the right to request that we disclose certain information to you how we use your Personal Data. Once we receive and verify your request, we will disclose to you (depending on your request or unless an exception applies):
- The categories of Personal Data we have collected about you.
- The categories of sources from where the Personal Data was collected.
- Our purpose for collecting or sharing your Personal Data.
- The categories of third parties with whom we share your Personal Data.
- The specific pieces of Personal Data we have collected about you.
- Where specifically required, we will provide specific pieces of Personal Data we have collected about you in a structure, commonly used or in machine-readable format, and to have it transmitted directly to another person or entity (data portability).
- Request Deletion or erasure of your Personal Data in certain circumstances.
- Request that your Personal Data be rectified where it is inaccurate or incomplete
- Request restriction or object to the processing of your Personal Data for certain circumstances (for example for marketing purposes)
- Lodge a complaint with your local data protection authority
- Withdraw your consent
If we are relying on your consent to use or share your Personal Data, you have the right to fully or partially withdraw your consent, subject to certain exceptions defined in applicable laws and regulations. Please note however that this will not affect the lawfulness of the processing before its withdrawal.
U.S. Consumer Privacy Notice
Please click here to access the U.S. Consumer Privacy Notice.
California residents please click here for more information.
This Notice sets out how the following entities in Australia collect, hold, use, store and disclose “personal information” for the purposes of the Privacy Act 1988 (Cth):
- State Street Global Advisers, Australia Services Limited (ABN: 6 108 671 441);
- State Street Global Advisors, Australia, Limited (ABN: 42 003 914 225).
Please contact us at firstname.lastname@example.org if you have any concerns about the accuracy, handling or retention of personal information under the Privacy Act 1988 (Cth).
For other details (including authorized personal information protection organization in Japan) relating to State Street entities in Japan, please click here(English) or here (Japanese).
How to exercise your rights or contact us
The primary point of contact for all issues arising from this Notice is our Chief Privacy Officer or Data Protection Officer. If you wish to exercise your rights, or have questions or comments about this Notice or about how your Personal Data is processed, please contact our Chief Privacy Officer or Data Protection Officer by email or via our website at: