Privacy notice

Federated Hermes, Inc. and its affiliated entities¹ (“we,” “us,” or “our”) are committed to maintaining the confidentiality, security, and integrity of customer, client, investor, and shareholder information. This Privacy Notice governs the collection of personal data from our website, https://www.federatedhermes.com (“Website”). Our contact details can be found at the bottom of this Privacy Notice.

Please read this Privacy Notice carefully, as it contains important information about what personal data we hold about you, how it is collected and used, and how we keep it secure. We also set out your personal data rights and how to contact us if you have questions about this Privacy Notice. We reserve the right to revise or supplement this Privacy Notice at any time to address, including, but not limited to, any changes in our business, law, regulation, markets, or new technology.

Personal Data We Collect

Personal data means any information relating to a natural person that can be used to, directly or indirectly, identify that person, which includes specific identifiers such as a name, an identification number, location data, or an online identifier, as well as more sensitive information (“Personal Data”).

We may collect the following Personal Data about you:

• Contact details (name, address, telephone number, email address);
• Job title, level, function, or role;
• Information relating to events, such as dietary restrictions, hotel and flight information, or registration/participation status; or
• Information on how you use our Website, including information on the device(s) you use to visit our Website.

How We Collect Your Personal Data

Directly

We may collect Personal Data directly from you. This may be when you use our Website, complete marketing or application forms provided directly while doing business or investing with us, participating in surveys, or registering for our events.

We provide restricted sections of our Website for investment professionals and certain customers, clients, or shareholders. Personal Data entered here is only accessible to limited individuals, such as clients or shareholders and persons with whom they share access information and our authorized service providers that maintain website functionality.

Indirectly

We may also collect your Personal Data indirectly, including when:

• You provide to us information electronically through our Website;

• Our Website maintain statistics about the number of visitors and the information viewed most frequently. These statistics are used to improve the content and level of service we provide to our clients, customers, and shareholders.

• We receive Cookies information (please refer to our Cookie Notice for further information);
• We receive information from a third-party (e.g., recruitment agencies or background-check providers); or
• We receive information from publicly available sources (e.g., social media platforms).

How We Use Your Personal Data

California Privacy Rights

In compliance with applicable California law enumerated in the California Consumer Privacy Act (“CCPA”), in the past twelve months, we may have collected the following categories of your Personal Data:

We will not process or transfer your “sensitive” Personal Data without your consent, which includes Personal Data revealing racial or ethnic origin, religious beliefs, mental or physical health diagnosis, sexual orientation, citizenship or immigration status, genetic or biometric data, labor union membership for the purpose of uniquely identifying a natural person, a known child, or precise geolocation data.

We may disclose your Personal Data to a third party for a business purpose subject to confidentiality and non-use restrictions. We do not sell or share Personal Data for cross-context behavioral advertising.

Your Data Privacy Rights

You may have certain data privacy rights under applicable law. Should you exercise any of your applicable rights under the CCPA, you have the right not to receive discriminatory treatment by us.

• Right to delete: You have the right to request that we delete your Personal Data that we have collected from you. You may call us at 1-(800)-341-7400or email us at Contact Us with “CCPA Right to Delete” in the body of your message to exercise this right. There are circumstances where we are not required to comply with your request, and we will let you know if such situation arises.
• Right to know: In some circumstances, you may have the right to request from us the categories of Personal Data that we have collected about you in the preceding twelve months, the categories of sources from which we collected your Personal Data, the business or commercial purpose that we collected your Personal Data, the categories of third parties with whom we shared your Personal Data with in the preceding twelve months, or the specific pieces of your Personal Data that we have collected. You may call us at 1-(800)-341-7400 or email us at Contact Us with “CCPA Right to Know” in the body of your message to exercise this right.
• Right to opt-out: You have the right to request to opt-out of the sale of your Personal Data; however, please note that we do not sell your Personal Data.

We reserve the right to verify your identity before processing any request relating to your Personal Data. You may use an authorized agent to submit a request to know or a request to delete. To use an authorized agent, you must provide your agent with written authorization, and we may require you to provide us with proof of your identity. We may deny a request from your agent if they do not submit proof that you have authorized them to act on your behalf. Such requirements will not apply where you have provided your authorized agent with power of attorney pursuant to Cal. Prob. Code Sections 4000 to 4465.

Shine the Light

Under California’s “Shine the Light” law, California residents who provide certain Personal Data in connection with obtaining products or services for personal, family, or household use are entitled to request and obtain from us, once per calendar year, information about the Personal Data that we shared with other businesses for their own direct marketing uses. If applicable, this information would include the categories of Personal Data and the names and addresses of those businesses with whom we shared your Personal Data for the immediate, prior calendar year. To obtain this information, please Contact Us with “Request for California Privacy Information” in the body of your message. We may ask for additional information to verify your identity. Please note that not all information sharing is covered by the “Shine the Light” law, and only legally required information will be provided.

EU, UK, Singapore & Japan Privacy Rights

In compliance with applicable EU, UK and Singapore law, we may collect and process your Personal Data pursuant to one or more of the following legal bases, a more detailed in the table below:

• Performance of a contract with you: Where we need to perform the contract we are about to enter into or have entered into with you.
• Legitimate interests: We may process your Personal Data where it is necessary to conduct our business and pursue our legitimate interests; for example, to enable us to give you the best customer experience. We make sure we consider and balance any potential impact on you and your rights before we process your Personal Data for our legitimate interests.
• Legal obligation: We may use your Personal Data where it is necessary for compliance with our legal obligations, for example to prevent fraud. We will identify the relevant legal obligation when we rely on this legal basis.
• Consent: We rely on consent only where we have obtained your active agreement to use your Personal Data for a specified purpose; for example, if you subscribe to an email newsletter. For documentation purposes, statements of consent shall generally be obtained either in written or electronic form. The statement of consent should indicate that the individual has been notified of the purpose for which the personal data will be collected, used, or disclosed.

In compliance with applicable law, we may collect, use and retain your Personal Data for purposes identified in the table below:

We may share your Personal Data with others that have a legitimate business need to process your Personal Data for the purposes set out in this Privacy Notice. We may disclose your Personal Data to:

• Our affiliated entities, third-party suppliers, contractors, and service providers as described in this Privacy Notice and Cookie Policy. This includes third parties that provide services to our funds, which may include a distributor, investment manager, or companies within their group of companies, and the administrator and its sub-contractors, and such third parties may be located outside of your home jurisdiction.
• Select third parties to contact you with details of the services they provide only where you have expressly opted-in or consented to the disclosure of your Personal Data for this purpose.
• Prospective sellers or buyers of our business or assets, including when a third party acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or a part of its business, whether by merger, acquisition, reorganization, or otherwise.
• Regulatory authorities, government agencies (g., HMRC), law enforcement agencies, credit reference agencies, data verification and tracing agencies, and fraud prevention agencies. Personal Data may be shared with fraud prevention agencies who will use it to prevent fraud, money laundering, and other financial crimes and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:
  • CIFAS: cifas.org.uk/fpn
  • National Hunter: nhunter.co.uk/privacypolicy

Your Data Privacy Rights

You may have certain data privacy rights under applicable law, including:

The right of access: This is commonly known as a “Data Subject Access Request” (“DSAR”). This enables you to request, at any time, a copy of your Personal Data that we process and other information that can help you understand how and why we are processing your Personal Data. An individual also has the right to access records of transfers of its Personal Data to third parties.

The right to rectification: This allows you to ask us to have any of your Personal Data that is inaccurate or incomplete to be corrected. We may need to verify the accuracy of the corrected Personal Data you provide to us. For incomplete Personal Data, this may involve providing us with further information regarding the incomplete Personal Data.

The right to erasure/to be forgotten: This allows you to ask us to delete or remove your Personal Data in certain circumstances under one of the following grounds: (a) the Personal Data is no longer necessary for the purposes for which it was collected or otherwise processed; (b) you withdraw your consent on which the processing of your Personal Data is based and there is no other legal ground for the processing; (c) you object to the processing of your Personal Data and there is no overriding legitimate grounds for the processing; (d) your Personal Data has been unlawfully processed; (e) your Personal Data needs to be erased due to a legal obligation; or (f) your Personal Data has been collected in relation to the offer of information society services to a child. We may not always be able to comply with your request of erasure of your Personal Data for certain legal reasons that we will inform you of at the time of your request.

The right to restrict processing: This allows you to ask us to restrict the processing of your Personal Data in certain circumstances. When processing is restricted, we are permitted to store your Personal Data, but not use it.

The right to object: You have the right to object to the processing of your Personal Data in certain circumstances. You have an absolute right to stop your Personal Data being used for direct marketing; however, in other cases where the right to object applies, we may be able to continue processing your Personal Data if we have a compelling, legitimate reason to do so.

The right to data portability: You can request the transfer of your Personal Data that you have provided to us. We will provide your Personal Data in a structured, commonly used, and machine-readable format.

The right to object to automated decision making, including profiling: You have the right not to be subject to a decision regarding your Personal Data based solely on automated processing, including profiling. We may carry out this type of processing if this type of processing of your Personal Data is: (a) necessary to enter into or perform a contract with you; (b) authorized by applicable law and which includes adequate safeguards of your rights, freedoms, and legitimate interests; or (c) based on your explicit consent.

The right to withdraw your consent

If the processing of your Personal Data is based on your prior consent, you can withdraw your consent to the processing of your Personal Data at any time by contacting us and without giving any reason. Please note that the withdrawal of consent is only effective for the future. It does not affect the processing that took place before the withdrawal.

The right to the Do-Not-Call Provisions: To the extent that any of the communication means which you have provided us with (which may include your telephone number and fax number) is listed on the Singapore Do Not Call Registry, by agreeing to this Policy, by any means of indication, you hereby grant to us your clear and unambiguous consent to contact you using all of your communication means you have provided to us including using voice calls, SMS, Whatsapp, fax or other similar communications for the purposes stated herein.

The right to lodge a complaint

If you wish to make a request or make a complaint, you may file such a complaint with a competent supervisory authority. However, we encourage you to contact us in advance using the details in the last section of this Privacy Notice in order to allow us to allay any concerns you have with regards to the processing of your Personal Data.

You are not required to pay a charge for exercising your rights. However, we may charge a reasonable fee in some circumstances. Alternatively, we may refuse to comply with your request in these circumstances, where we will provide you with our reason for our refusal if required by law. We may need to request information from you to help us confirm your identity, ensure your right to exercise your privacy right, or to assist us in our response. We have one calendar month to respond to you.

Australian Privacy Rights

This section of the Privacy Policy applies to individuals located in Australia. This section should be read in conjunction with the other general (non location-specific) sections of this Privacy Policy.

Personal Data under this Australian section of the Privacy Policy has the same meaning as personal information in the Privacy Act 1988 (Cth).

Any section of the Privacy Policy that is not specifically added to or expressly altered in this section applies to Australian residents in the same way as it does to all individuals subject to this Privacy Policy.

Personal Data We Collect

• Identifiers – Real name or alias, postal address, unique personal identifier, online identifier, Internet Protocol (IP) address, email address, account name, driver’s license or state identification number, passport number, or other similar identifiers;
• Personal Information Categories (as defined under certain laws) – Name, signature, physical characteristics or description, address, telephone number, insurance policy number, education information, employment information and history, bank account number, credit card number, debit card number, other financial information, medical information, or health insurance information;
• Protected Classification Characteristics (under applicable law) – Age (40 years or older), race or color, ancestry or national origin, citizenship, religion or creed, marital status, medical condition, physical or mental disability, sex (including gender, gender identity or expression), pregnancy or childbirth and related medical conditions, sexual orientation, veteran or military status, and genetic information (including familial genetic data) – and unless otherwise permitted or required by law we will only collect this type of information with your consent;
• Commercial Information – Records of personal property, products or services purchased, obtained, or considered, and other purchasing or consuming histories or tendencies;
• Internet or Other Electronic Network Activity Information – Browsing history, search history, and information regarding a consumer’s interaction with a website, application, or advertisement;
• Professional or Employment-Related Information – Current or past job history and performance evaluations; and
• Inferences Drawn from Other Personal Information – Preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes.

How and Why We Use Your Personal Information

We may collect and use your personal information for the following reasons:

• To perform a contract with you: For example, to process your payments, deliver products or services, communicate with you about your order, and manage your account;

• To send you information about products and services, including: promotions, exclusive offers, discounts, vouchers, and free gifts, product information and upcoming events;

• For our legitimate business interests: We may use your personal information to:
  • Improve your experience on our website;
  • Tailor marketing communications and offers;
  • Understand customer behaviour and preferences;
  • Develop and improve our products and services; and
  • Monitoring the effectiveness of our marketing campaigns and initiatives;

• To investigate and respond to queries, for example using call recordings (if available and relevant) to help resolve your query and retaining the recording until the query is resolved;

• To provide, enhance, and personalise your experience on our digital platforms;

• To comply with Australian legal obligations: We may use or disclose your information where we are required to do so under Australian law. For example, to verify your age for age-restricted products or to comply with financial reporting obligations;

• To carry out security and identity checks, including: protecting against fraudulent transactions, detecting criminal activity (e.g., money laundering), ensuring age-restricted products are sold only to eligible individuals;

• To address any claims made against us, for example: sharing accident logs and CCTV footage with third-party claim handlers or insurers; and

• With your consent: We may send you marketing communications (e.g., newsletters, offers) if you have actively opted in. You can withdraw your consent at any time.

When We May Share Your Personal Information

We may disclose your personal information to:

• Our related entities, service providers, and third-party partners who help us operate our business;
• Third parties you have consented to hear from (e.g., marketing partners);
• Prospective buyers or investors if our business is sold or restructured;
• Australian government authorities, regulators, or law enforcement, where required by law; and
• Fraud prevention and identity verification services to help prevent financial crime

Your Australian Data Privacy Rights

You can access and update your Personal Data
You are generally entitled to access Personal Data that we hold about you. If you request access to your Personal Data, in ordinary circumstances we will give you full access to your Personal Data. Depending on the nature of the request, we may charge for providing access to this information, however such charge will not be excessive. However, there may be some legal or administrative reasons to deny access. If we refuse your request to access your Personal Data, we will provide you with reasons for the refusal where we are required by law to give those reasons. A request for access can be made by contacting us through our Contact Us section.

We take all reasonable steps to ensure that any Personal Data we collect and use is accurate, complete and up-to-date. To assist us in this, you need to provide true, accurate, current and complete information about yourself as requested, and properly update the information provided to us to keep it true, accurate, current and complete. Please contact us through our Contact Us section if you believe that the Personal Data is inaccurate, incomplete or out of date, and we will use all reasonable efforts to correct the information.

It would assist us to ensure we properly understand your request, and allow us to respond more promptly, if requests are made in writing and include as much detail as possible.

Complaints about privacy
If you feel that we have not respected your privacy or that we have conducted ourselves inconsistently with this Privacy Policy, please contact us through our Contact Us section and advise us as soon as possible.  We will investigate your queries and privacy complaints within a reasonable period of time depending on the complexity of the complaint.

It would assist us to respond to your complaint promptly if it is made in writing. Please detail information relevant to your complaint.

We will notify you of the outcome of our investigation.

International Transfer of Personal Data

We are an international organization and from time to time we may transfer or disclose your Personal Data overseas for the purposes set out in this Privacy Policy, outside of the country in which you are located, including to our related entities and service providers who may be located in the US, Australia, EU, UK, Japan, Switzerland, Singapore, and other countries from time to time. The Personal Data that we collect may be transferred for processing or storage at a destination outside the UK, the EU or Japan. We will take all reasonably necessary steps to make sure that your Personal Data is handled with care and in accordance with applicable law. Where the UK or EU GDPR applies, we will only transfer your Personal Data to a recipient outside the UK, EU or Japan where:

• We use Standard Contractual Clauses adopted or approved by the UK Information Commissioner’s Office or the EU Data Protection Commission (not applicable to Personal Data collected in Japan);
• The transfer is to a territory that is deemed “adequate” by the UK, EU or Japan, as applicable; or;
• The recipient is subject to an approved certification mechanism and the Personal Data is subject to appropriate safeguards to ensure that the standard of data protection in the recipient country is comparable to that of the transferring country.

If you want to receive more information about our measures implemented for international data transfers, you may contact us using the contact details specified below.

Notwithstanding any other provision of this Privacy Notice, for the avoidance of doubt, nothing herein prevents reporting possible violations of federal law or regulation to any governmental agency or entity or making other disclosures protected under the whistleblower provisions of federal law or regulation. However, reporting individuals should be mindful of existing state, federal, and international data privacy requirements, laws, and regulations.

Swiss Privacy Rights

In this section of our privacy notice, we will inform you about what personal data we collect, how we use it and for what purposes, and what rights you have as a data subject specifically under the Swiss Federal Data Protection Act (SR 235.1) (FADP) and the Data Protection Ordinance (SR 235.11) (DPO). We have appointed Hermes Investment Management Limited, Office Number 322, Zurich, Signature Bahnhofplatz, Bahnhofquai 11, Zurich, 8001, Switzerland as our representative in accordance with Art. 14 FADP. We process your Personal Data only if this is lawful, reasonably necessary, and in good faith, for pre-defined specific purposes, and only to the extent that it is compatible with the purpose.

Accessing our Website

When you access our website, information of a general nature is automatically collected, regardless of whether you are a registered user or actively provide your Personal Data. This information is stored in so-called server log files and includes the following technical data:

• the type of web browser, version and language
• the operating system,
• the domain name of your internet service provider,
• your IP address,
• referrer URL,
• date and time of access.

They are processed in particular for the following purposes:

• to ensure a smooth connection to and use of our website,
• to ensure and evaluate system security and stability, in particular to detect misuse and to detect and prevent fraud, and
• to ensure a technically error-free presentation and optimization of our website

We use service providers, including our host provider, for operating and maintaining our website. All service providers are contractually obliged to treat your data confidentially.

Contacting us

Through our website, you have the option to contact us and send us queries and questions about our services and products. Should you make use of this option, we process the Personal Data you provide to us for the purpose of responding to your questions and queries. In this context, we process, in particular, your name, your contact data (e.g. email addresses, phone numbers), and the details and information you provide us with your query as well as the date when you contacted us.

If you raise a query while we still hold a recording of a telephone call with you, and we can answer your questions by referring to this phone call, we may do so. This may mean that the recording of your phone call will be retained until your query has been resolved.

Performance of a Contract

When you enter into a contract with us or prior to entering into a contract with us, we may process your personal data for the purpose of performing and executing the contract concluded with you or for the purpose of pre-contractual measures that are based on your request. For this purpose, we may process the following personal data:

• Identity and contact data (e.g., name, address, username, cookies, digital fingerprints and IP address)
• Transaction data (e.g. purchase history, payment details, invoices, receipts, subscription information)
• Profile data (e.g. company name, username, password, preferences, website usage patterns, account settings)

In order to perform a contract concluded with you, we may also use your payment details and home address to process and fulfil your order. We may also contact you using your contact data to inform and communicate with you about your order or the service you have ordered. This includes contacting and notifying you about changes to the ordered products or services or when you have any questions regarding your order or the contract.

Use of Cookies

We use cookies on our website. Cookies are small files that are stored on your device and saved by your browser. Some of the cookies we use are automatically deleted when you leave our website. Other cookies remain stored on your device until you delete them or until they expire. These cookies make it possible to recognize your browser the next time you visit our website. You can configure your browser to notify you when cookies are set and to allow you to decide on a case-by-case basis whether you want to accept cookies for specific cases or generally reject them, or to prevent cookies altogether. Please note that rejecting or preventing all cookies may limit the functionality of our website.

For more information on the cookies we use for which purposes please refer to our Cookie Notice.

Use of Tracking Technologies for Personalized and Cross-Website Marketing (Re-Targeting or Re-Marketing).

We also use personal data to address visitors to our website specifically and individually with advertising on our and other websites or platforms (so-called re-targeting or re-marketing) and to analyze and improve the effectiveness of our advertising and marketing measures (tailored to your needs) and to improve our products and services tailored to our customers’ needs.

In this context, we may use and process the following personal data of our customers:

• Identity and contact data (e.g., name, address, username, cookies, digital fingerprints and IP address)

• Transaction data (e.g. purchase history, payment details, invoices, receipts, subscription information Profile data (e.g. username, password, preferences, account settings)

• Marketing and communications data (e.g. consent to receive communications, preferences, survey responses, digital engagement information)
• Technical data (g. system and device metadata, IP address, network provider, connection type, referrer URL, VPN usage)

In order to achieve these purposes, we may analyze your behavior on our website (e.g. collect information on products or services viewed) and assign your visits to a profile on an anonymous or pseudonymous basis. Furthermore, we may review your past orders and viewing history on our website to provide you with special offers or tailor your online experience to your needs and interests and we may also collect and process information on your interactions when you receive our newsletter and other marketing communication.

For this purpose, cookies, pixels, web beacons or similar tracking technologies may be used. These tracking technologies may collect and share information about your use of our website with third parties – in particular with advertising partners or platforms such as Google, Meta (Facebook/Instagram), LinkedIn or other networks. These providers may also combine the data with information from other sources and thus draw conclusions about your interests in order to display suitable advertising.

We use the following tracking technologies on our website and in our email newsletters:

Cookies, pixel tags, tracking URLs and UTM parameters, device and app tracking, third-party analytics, third-party ad networks. For more details see our Cookie Policy.  

Newsletter

We offer a Newsletter for which you can sign up. When you sign up for our newsletter we may send you information about our products and services (including promotions, exclusive offers, discounts, vouchers, free gifts information about products and events).

For the purposes of providing you with our newsletter and latest information regarding our products and services, we use your personal data such as your name and contact details, marketing and communications data and profile data. .

Improvement of our Products and Services

For the purpose of improving our products and services and for quality control and customer service training purposes, we may – with your consent – record and monitor calls to our customer services. We may also send you market research requests via email (with your consent).

For achieving these purposes, we may use the following of your personal data

• Identity and contact data (e.g., name, address, username, cookies, digital fingerprints and IP address)
• Transaction data (e.g. purchase history, payment details, invoices, receipts, subscription information
• Profile data (e.g. username, password, preferences, account settings)
• Marketing and communications data (e.g. consent to receive communications, preferences, survey responses, digital engagement information)

Security and Identity Checks

For the purposes of protecting us and our customers from fraudulent transactions and to prevent and detect criminal activity such as money laundering and to ensure that age restricted products or services are only sold and provided to customers of appropriate age, we may carry out security and identity checks. We carry out these security and identity checks to comply with our legal obligations or based on our legitimate interest to protect us and our customers from fraudulent transactions.

We use the following personal data to achieve these purposes:

• Identity and contact data (e.g., name, address, username, cookies, digital fingerprints and IP address)

Claims Management

In order to defend any claims against us or to make any claims against our customers, we may collect, use and share with claim handlers and insurers personal data collected in our accident logs, collected through our CCTV footage (if any).

The personal data we collect, use and process for these purposes may include the following data:

• Identity and contact data (e.g., name, address, username, cookies, digital fingerprints and IP address)Transaction data (e.g. purchase history, payment details, invoices, receipts, subscription information
• Profile data (e.g. username, password, preferences, account settings)
• Technical data (g. system and device metadata, IP address, network provider, connection type, referrer URL, VPN usage)

Recipients of Your Personal Data

To the extent permitted by law or with your consent, we may share your Personal Data with third parties, who may provide services to us, and our affiliates in order to provide you with our products and services and in order to achieve the above purposes. These third parties and our affiliates process your Personal Data either on our behalf or for own purposes. These recipients of your personal include:

• Our affiliates, third-party suppliers, contractors, and service providers for the purposes described in this Privacy Notice. This includes third parties that provide services to our funds, which may include a distributor, investment manager, or companies within their group of companies, and the administrator and its sub-contractors, as well as our IT service providers.
• Selected third parties to contact you with details of the services they provide only where you have expressly opted-in or consented to the disclosure of your Personal Data for this purpose.
• Prospective sellers or buyers of our business or assets, including when a third party acquires, or is interested in acquiring, all or part of our assets or shares, or that succeeds us in carrying on all or a part of its business, whether by merger, acquisition, reorganization, or otherwise.
• Regulatory authorities, government agencies (g., HMRC), law enforcement agencies, credit reference agencies, data verification and tracing agencies, and fraud prevention agencies. Personal Data may be shared with fraud prevention agencies who will use it to prevent fraud, money laundering, and other financial crimes and to verify your identity. If fraud is detected, you could be refused certain services, finance, or employment. Further details of how your information will be used by us and these fraud prevention agencies can be found by accessing these links:
  • CIFAS: cifas.org.uk/fpn
  • National Hunter: nhunter.co.uk/privacypolicy

International Data Transfers

Some of the aforementioned categories of recipients are located in Switzerland, but others may be located outside Switzerland, for example in the European Union or the United States. This applies in particular to our affiliated entities which are located in the countries identified in Footnote 1.

If a recipient of your personal data is located outside Switzerland, we will only transfer your data if this is legally permissible. For some countries, such as the European Union, the Swiss Federal Data Protection and Information Commissioner (FDPIC) has assessed the adequacy of the level of data protection, so that the transfer to these countries is permitted without additional guarantees for the protection of personal data or other additional safeguards. A complete list of the countries for which the FDPIC has established an adequate level of data protection can be found in Appendix 1 of the DPO. For organizations in the USA, the FDPIC has confirmed an adequate level of data protection for organizations that are certified under the Swiss-US Privacy Framework.

If and to the extent that a recipient of your Personal Data is located in a country that does not have, or is not deemed to have, an adequate level of data protection, we will contractually require the recipient to comply with applicable data protection requirements (e.g., by entering into standard data protection clauses previously approved, issued or recognized by the FDPIC).

Furthermore, we may also transfer your personal data to an unsafe third country without additional safeguards in exceptional cases, provided that we can base the transfer on an exception. Such an exception may apply in the case of legal proceedings abroad, but also in cases of an overriding public interests or if the performance of a contract requires such disclosure, if you have consented to the data transfer or if the data concerned has been made generally accessible by you and you have not objected to its processing (see Art. 17 FADP).

Your Data Subject Rights under Swiss Privacy Laws

If Swiss privacy laws apply to you, you have the following rights with respect to your Personal Data:

• the right to request access to the Personal Data we hold about you and information about how we process it;
• the right to request and obtain a copy of your Personal Data in a common format;
• the right to request correction of your Personal Data;
• the right to request deletion of your Personal Data;
• the right to object to the processing of your personal data.

Please note that these rights are subject to exceptions. To the extent permitted by law, we may refuse your request to exercise these rights. In the event of such a case, which entitles us to restrict your rights (in particular in the case of your right to information), we will inform you accordingly about the reasons.

Furthermore, you can withdraw your consent to the processing of your Personal Data at any time by contacting us. Please note that the withdrawal of consent is only effective for the future. It does not affect the processing that took place before the withdrawal.

You also have the right to file a complaint with the relevant data protection supervisory authority, e.g. the Federal Data Protection and Information Commissioner (FDPIC).

Data Retention

Our policy is to retain Personal Data only for as long as it is needed for the purposes of which it was collected. We are obliged to retain certain Personal Data to ensure accuracy, to help maintain our quality of service, and for legal, regulatory, fraud prevention, and legitimate business purposes. The standard retention period for records relating to investment business is six years. Legal requirements may sometimes impose a longer retention period for specific types of records.

Data Security

We maintain physical, electronic, and procedural safeguards to protect your Personal Data, and we have procedures in place for appropriate disposal and protection against unauthorized access or use when we are no longer required to maintain Personal Data. If we share Personal Data, it is made available for limited purposes and under controlled circumstances. We require third parties to comply with our standards for security, confidentiality, and integrity that are included in our third-party service provider agreements.

Email Marketing

We may contact you to inform you of products and services we provide, but only if you have provided us with explicit consent to use your Personal Data for this purpose. If you have opted to receive marketing information from us via email, we require that all messages include instructions for unsubscribing from further marketing emails. Alternatively, you can contact us at [email protected] (US) to unsubscribe from our marketing emails.

Some products or services from us are intended to be delivered and serviced electronically. Email communication may be utilized in such cases. Please do not provide any account or Personal Data, such as Social Security number, account number, or account balance, within your email correspondence to us.

Surveys & Aggregate Data

Periodically, we may conduct surveys about financial products and services or review elements of information to forecast future business needs. We then generate reports that are used for our own planning, analytical, and other related purposes.

Children’s Personal Data

Our Website are intended to be used by adults interested in and/or using our products and services. Our Website are not intended for children, and we do not knowingly collect or store Personal Data about individuals under the age of eighteen.

Changes to this Privacy Notice

We reserve the right to modify this Privacy Notice at any time to reflect changes in our privacy practices. We will notify you of any changes that may affect your rights under this Privacy Notice.

Comments & Questions

Client Service Representatives are available to answer questions about this Privacy Notice by visiting our Contact Us section.

If you have any inquiries, requests, or complaints about our processing of your Personal Data, please contact us using any of the following:

• Phone number: +44 (0) 207 702 0888.

• Address: The Data Privacy Team, Federated Hermes Limited, 150 Cheapside, London EC2V 6ET; or
• Email: [email protected].
• For Singapore, our DPO is Judith Benson.

If you are not satisfied with our response, you can raise a complaint with the relevant supervisory authority. However, we would appreciate the chance to deal with your concerns before you approach a supervisory authority.

¹ Affiliated entities include:

Federated MDTA LLC

Federated Investment Management Company

Federated Equity Management Company of Pennsylvania

Federated Global Investment Management Corp.

Federated Investment Counseling

Federated Securities Corp.

Federated Shareholder Services Company

Federated Investors Trust Company

Federated Administrative Services, Inc.

Federated Hermes Ltd

Hermes Investment Management Ltd

Federated Hermes (UK) LLP

Hermes GPE LLP

Hermes GPE (Singapore) Pte. Ltd

Herms Fund Managers Ireland Ltd

Federated Investors Australia Services Ltd

Federated Hermes Japan K.K.

Hermes Equity Ownership Services Ltd

Hermes Real Estate Investment Management Ltd

MEPC Ltd

Rivington Energy (Management) Ltd