T. Rowe Price Privacy Notice (EMEA)

References to “our”, “us”, “we” or “T. Rowe Price” within this Privacy Notice are to the T. Rowe Price entities identified as Controllers at the end of this Notice. This Privacy Notice addresses the collection and use of personal data by T. Rowe Price in relation to individuals outside T. Rowe Price (referred to as “you” or “your” in this Privacy Notice), unless you are interacting with us in relation to a product, service, subsidiary, affiliate, or digital property for which a separate privacy policy or privacy notice applies.¹

We may obtain your personal data in a variety of ways, both online and offline. Examples include interactions involving a product or service you obtain from us; when you visit our websites; or when you are a representative of or are associated with another person or entity, such as when you are an employee of a company that is our client, a service provider, a counterparty, or other financial services firm.

This Privacy Notice explains the types of personal data we collect, how we use it, who we disclose it to, how we protect it, and your legal rights. Please read the following carefully as it explains our views and practices regarding your personal data and how it is handled. “Personal data” means information that (either in isolation or in combination with other available information) enables you to be identified as an individual directly or indirectly. It would not include aggregated or anonymised information or various types of publicly available information.

In the section below, we summarise the categories of personal data we may collect and examples of data within each category. We may collect personal data directly from you, or it may be supplied to us by another party, such as your employer. We may also collect personal data from other publicly or commercially available sources. We may create personal data about you, such as notes of interactions with you or records of your transactions. We may use cookies and other technologies to collect personal data through our digital content, such as our websites, mobile applications, or emails. To learn more about how we use cookies and how you can control your digital experiences, please see our Cookie Policy. The data that we obtain from you or from other sources or that we create in accordance with this Privacy Notice.

In some cases, you may provide personal data to us about another person. In such cases, you should only do so if you have the authorisation of such person to provide us with such personal data and for us to use it as explained in this Privacy Notice. You should also provide a copy of this Privacy Notice to that other person.

_{¹For example, certain of our affiliated companies, such as those whose names include “Oak Hill Advisors” or “OHA”, have their own privacy notice or policy that may apply to you.}

Categories of personal data

The categories of personal data we may collect and use include: 

• personal information, such as full name, nickname and previous names (such as maiden names), gender, date of birth, age, passport details, government-issued numbers and identification documents, photos, signature, nationality, and professional credentials or background; 
• contact information, such as postal address, email address, telephone number, mobile and fax; 
• visitor logs; 
• employment/business information, such as the name of the company you work for and your title, location, and responsibilities; 
• any communications with us whether on a recorded line, by electronic communications such as email or any other electronic instant messaging channels; 
• information regarding our interactions with you, including notes of calls and meetings held or planned; 
• market research and survey data as well as your views about our service, if you choose to share those with us; 
• transaction-related information, such as transaction details, instructions, transaction history and related records, account numbers for an investment fund we provide or other account, such as a bank or custodial account;
• financial and screening information, as needed, such as source of wealth and source of funds and the expected activity to be conducted with us, information obtained in relation to anti-money laundering and counterterrorist financing due diligence, know your customer activities, screenings against governmental lists, and similar background and screening checks, which in some cases we may be required or authorised to collect under applicable local laws; 
• information relating to compliance matters, such as data subject requests and supporting documentation, complaints, investigations, incident details, and resolutions of such matters; 
• special categories of personal data, such as information about your race, ethnicity, political opinions, religious or philosophical beliefs, trade union membership, biometric data, health-related information, (e.g., information needed to accommodate disabilities, information about workplace accidents and occupational safety), sexual life or orientation, or criminal convictions and offences; 
• technical information when you interact with our digital content, including your IP address, your login information, browser type and version, device identifier, data from cookies, web beacons, clickstream data, device “fingerprinting” records, server log records (including page requests), location and time zone settings, browser plug-in types and versions, operating system and platform, page response times and download errors; 
• information about your interactions with our digital content, including the websites you visit before our websites, number of visits, length of visits to certain pages, pages viewed, page interaction information (such as scrolling, clicks and mouseovers) and methods used to browse away from the page, and similar information for additional content that can be accessed from our digital content, such as opening or printing documents or which videos are played and for how long; 
• preferences and views, such as marketing preferences, preferred language, and views shared with us; and 
• audio-visual information, such as closed-circuit television (CCTV) footage, which we may record in and around our premises and other locations, photographs, video images, audio recordings (such as call monitoring), and voicemails. 

How we use personal data

We use the personal data we collect from and about you for a variety of purposes and based on one or more legal justifications, as set out below:

When relying on the legitimate interests basis for processing your personal data, we will balance the legitimate interest(s) pursued by us and any relevant other party with your interest(s) and fundamental rights and freedoms in relation to the protection of your personal data to ensure it is appropriate for us to rely on legitimate interests and to identify any additional steps we need to take to achieve the right balance. When we process special categories of personal data, we do so in accordance with applicable law and will obtain your consent when we are required to do so.

The provision of your personal data is necessary when data is needed for the purposes of entering into or servicing a contract or to receive the products or services or information requested, or to comply with applicable laws and regulations. Refusal to provide your information would make it impossible for us to provide the products, services or information requested or to fulfil our contract or other legal obligations. The provision of your personal data for voluntary reasons, such as for marketing purposes, is not required.

To whom do we disclose personal data

Your personal data is intended for T. Rowe Price and may be disclosed to T. Rowe Price affiliates and subsidiaries and, in certain circumstances, to third parties, including to other parties as directed by you.

We may disclose your personal data to: 

• T. Rowe Price’s family of companies. We may disclose your personal data among our family of companies, including our subsidiaries and affiliates, in order to administer our services and products, to provide you with client support, understand your preferences, send you information about products and services that may be of interest to you (with your consent when required) and conduct the other activities described in this Privacy Notice. Our family of companies includes subsidiaries and affiliates whose names include “T. Rowe Price”, “Oak Hill Advisors” and “OHA”.

We may also disclose your personal data to the following types of other organisations:

• External auditors, accountants, and legal and other professional advisors
• Our service providers.  We use other companies or contractors (service providers) to perform services on our behalf or to assist us with the provision of T. Rowe Price products or services. While we may use a service provider to assist in relation to any of the purposes for which we may collect personal data, they generally fit within one or more of the following categories of service providers: 
  
  -     Infrastructure and technology service providers;
  -     Marketing, advertising, analysis, research, event and communications providers;
  -     Fraud detection and prevention agencies; or
  -     Providers of administrative services for T. Rowe Price products or services, such as transfer agencies, custodians,
        and securities pricing providers
  
  In the course of providing such services, these service providers may have access to your personal data. However, we will only provide our service providers with the information that is necessary for them to perform the services. They will act under our instructions, and we instruct them not to use your personal data for any other purpose. We will always use our best efforts to ensure that all the service providers we work with will keep your personal data secure.

• Other parties permitted by law. In certain circumstances, we may be required to disclose your personal data in order to comply with a legal or regulatory obligation (for example, we may be required to disclose personal data to the police, regulators, government agencies or judicial or administrative authorities) or to perform transactions (for example, we may disclose personal data to a custodian or other party in connection with the purchase or sale of securities you have requested). We may also disclose your personal data to other parties where disclosure is both legally permissible and necessary to protect or defend our rights, matters of national security, for law enforcement purposes, to enforce our agreements, or to protect your rights or those of the public. 

• Your company or agents and other parties. We may disclose your personal data to your company or other agents, such as when you are included on an email with others or to confirm your details or role. We also may disclose your information to other parties connected with your company or an account or in relation to business transactions we have with you or your company. 

• Other parties connected with business transfers. We may transfer your personal data to other parties (including existing or newly formed companies in the T. Rowe Price family of companies) in connection with a reorganisation, restructuring, merger, acquisition or transfer of assets, provided that the receiving party agrees to treat your personal data in a manner consistent with this Privacy Notice.

Where we store your personal data 

The personal data that we collect from you may be transferred to, and stored at, a destination outside the jurisdiction in which you are located.

If you are located in the European Economic Area (EEA) or United Kingdom (UK), this means the personal data may be transferred to, stored at, and accessed from a destination outside the EEA or UK, including to T. Rowe Price Associates, Inc. in the United States. It may also be processed by staff operating outside the EEA or UK and who work for us, for an affiliate, or for one of our service providers. If you are located outside the EEA or UK, then in addition to the above, this means that personal data may be transferred to, and stored at, a destination in the EEA or UK.

For transfers to T. Rowe Price entities that are not in the EEA or UK,T. Rowe Price will be bound by the EU Standard Data Protection Clauses (pursuant to Article 46(2)(c) General Data Protection Regulation) or the UK’s International Data Transfer Addendum to such Clauses (as applicable) or other appropriate safeguards, to ensure that your data is protected adequately. You can ask for a copy of such appropriate safeguards by contacting us as set out in the “Contact us” section below. 

Your choices/your privacy rights

You have various rights in connection with our processing of your personal data, each of which is explained below. If you wish to exercise one or more of the below rights, please contact us with your request at Global.Privacy@troweprice.com and include your name, email and postal address, the name of your usual T. Rowe Price contact person (as applicable), as well as your specific request and any other information you think would be useful in order for us to process your request. 

• Access. You have the right to confirm with us whether your personal data is processed, and if it is, to request access to that personal data, including the categories of personal data processed, the purpose of the processing, and the recipients or categories of recipients. We do have to take into account the interests of others though, so this is not an absolute right, and if you want to request more than one copy we may charge a fee. 
• Rectification/Correction. You have the right to request that we rectify/correct inaccurate or incomplete personal data concerning you. 
• Deletion. You have the right to ask us to erase personal data concerning you, except we are not obligated to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims. 
• Restriction. You have the right to request that we restrict the processing of your personal data. This may apply where you believe such data to be inaccurate, our processing is unlawful or that we no longer need to process such data for a particular purpose; however, this right is not absolute. Where we are not able to delete the data due to a legal or other obligation or because you do not wish for us to delete it, we would mark stored personal data with the aim of limiting particular processing for particular purposes in accordance with your request or otherwise restrict its processing. 
• Portability. You have the right to request to receive personal data concerning you, which you have provided to us, in a structured, commonly used and machine-readable format and you may have the right to transmit that data to another entity. 
• Objection. You have the right to object, on grounds relating to your particular situation, at any time to the processing of your personal data, including profiling, by us and we can be required to no longer process your personal data. This may include requesting human intervention in relation to an automated decision (when applicable) so that you can express your view and to contest the decision. This right is not absolute and may not apply in certain circumstances. 
• Make a Complaint. You also have the right to lodge a complaint with the competent data protection supervisory authority, which in Luxembourg is the Commission Nationale pour la Protection des Données (the CNPD) or in the UK is the Information Commissioner’s Office (the ICO). If you are based in, or the issue you would like to complain about took place elsewhere in the EEA, a list of other local data protection authorities in these locations can be found here and for Switzerland can be found here. If you are based in, or the issue you would like to complain about relates to any other location, please contact us as stated in the “Contact us” section below.

If we need additional information to verify your identity, we will let you know. We will endeavour to respond to a verified request no later than a month after receipt, unless there are grounds for extending our response time frame by up to two further months. In the event of an extension, we will explain to you why the extension is necessary. In some cases, your ability to exercise a right will be limited, as required or permitted by applicable law. If we cannot fulfil your request because we cannot verify your identity or due to exceptions under applicable law, we’ll let you know in our response.

If we are processing your personal data on the basis of your consent, such as to provide marketing communications, you have the right to withdraw your consent at any time. If you would like to opt out of receiving marketing communications from us, please follow the opt-out instructions located in the email or the unsubscribe instructions on the website you used to subscribe to specific content (as relevant). Please understand that if you opt out of or unsubscribe from receiving marketing communications from us, we may still contact you in connection with an account, relationship, activities, and other communications with us. 

For how long do we keep your personal data

We will only retain your personal data for as long as it is necessary for the purpose for which the data was collected and to the extent permitted by applicable laws. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of that data. When we no longer need to use your information, we will remove it from our systems and records and/or take steps to promptly anonymise it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject).

Security

We have implemented technical and organisational security measures in an effort to safeguard personal data in our custody and control. Such measures we have implemented include limiting access to personal data only to employees, contractors, and authorised service providers who need to know such information for the purposes described in this Privacy Notice; training for our employees and contractors; and other technical, administrative, and physical safeguards. While we endeavour to always protect our systems, sites, operations, and information against unauthorised access, use, modification, and disclosure, due to the inherent nature of the internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers.

Language

This Privacy Notice is written in English and may be translated into other languages. In the event of any inconsistency between the English version and the translated version, the English version shall prevail.

Controllers

Contact us

If you have any questions about this Privacy Notice and/or about the privacy policies and practices of our service providers, please let us know.

Contact the T. Rowe Price company that you do business with

The company that you correspond with or do business with usually will be the data controller in respect of your personal data and can answer questions you may have about our Privacy Notice or our use of your personal data. The contact details of these companies can be found at the “Controllers” section above.

Contact our Global Privacy Office

If your question or complaint remains unresolved after liaising with a representative of the T. Rowe Price company that you deal with, please contact us via email at Global.Privacy@troweprice.com.
The details of our Global Privacy Office are as follows:

Global Privacy Office
T. Rowe Price
Warwick Court, 5 Paternoster Square, London EC4M 7DX, United Kingdom
Global.Privacy@troweprice.com

The Global Privacy Office will liaise with appropriate individuals at our local offices regarding your question or complaint. We will deal with your request by investigating it and providing a response to you within a reasonable time, provided that we have all the necessary information and have completed any investigation required. In some cases, we may need to ask you to put your request in writing so that we are sure that we understand it and may also need to ask you for further information or to verify your identity. We will attempt to confirm with you as appropriate your understanding of the conduct relevant to the request and what you expect as an outcome. We will treat your request confidentially and respond to you within a reasonable time, usually in writing. 

Date and changes to this Privacy Notice  

This Privacy Notice is the most recent version and the date it was last updated is located below. We reserve the right to change our Privacy Notice from time to time, and you are advised to visit our website regularly to check for any amendments. If we make a change that we are required by law to inform you of in other ways (such as by email), we will do so.

_{Last updated: 16 September 2024}