Global Privacy& Security Policy

Effective as of January 2017

Privacy Pledge

Capital Asset Management Group has a commitment to safeguard the privacy of information our clients entrust to us and it is paramount to the way we conduct our business. Protecting the confidentiality and security of client information has always been an integral part of how we conduct our business worldwide.

We pledge to continue to ensure that our global business practices protect your privacy.

Where applicable, more specific privacy policies are posted on the home pages of our individual businesses.

We respect your Privacy

In the course of serving you as an individual or as someone associated with a corporation or institution, Capital Asset Management Group may collect, hold, use and disclose (‘process’) information about individuals which may constitute personal data.

Unless advised otherwise, all references to Capital Asset Management, “we”, or “our” in this Privacy Policy includes, individually and collectively, Capital Asset Management entities that process personal data in Europe, United States of America and Asia.

You may, however, in connection with specific products or services offered by Capital Asset Management Group, be provided with privacy policies or statements that supplement this Privacy Policy.
Please read this Privacy Policy carefully to understand how we process your personal data.

What personal data we collect?

If you deal with Capital Asset Management Group as a private client or otherwise in your individual capacity e.g. relating to a trust or investment vehicle established to invest on your behalf, then typically we collect the following types of personal data about you:

  • Personal details, such as name, age, occupation and marital status;
  • Contact details such as address, telephone, email, in some cases both private and work related contact details;
  • Identification documents, such as your passport, copies which may generally include a head and shoulders photograph from, as applicable, your passport, national identity card or driver’s license, as required by laws and regulations addressing due diligence and related matters;
  • A personal identifier such as, depending on your country of residence, your Social Security Number, National Insurance Number, Tax File Number, etc.; and
  • Extensive financial information, including source of wealth, investment experience and objectives, risk tolerance and, in certain jurisdictions, representations required under applicable law or regulation concerning your financial resources.
  • Data obtained during the recruitment process.

If you deal with Capital Asset Management Group in the capacity of an officer, employee, director and or principal of one of our corporate or institutional clients, the typical personal data we collect about you personally would include:

  • Your name and contact details;
  • Your role/position/title and area of responsibility; and
  • Certain identifying information (e.g. passport photo, etc.) as required by laws and regulations addressing money laundering and related matters.

Of course, you are not required to supply any of the personal data that we may request. However, failure to supply any of the personal data that we may request may result in our being unable to open or maintain your account, provide services to you or your company, discuss any other opportunities with you or deal with other matters. While we make every effort to ensure that all information we hold about you is accurate, complete and up to date, you can help us considerably in this regard by promptly notifying us if there are any changes to your personal data. We shall not be responsible for the authenticity of any personal data or sensitive personal data or any losses arising from any inaccurate or deficient personal data or sensitive personal data that you supply to us.

How do we collect your Personal Data?

The personal data we collect regarding you come primarily from information that you submit to us during the course of your relationship with us. Typically, we obtain personal data about you from the forms and documents used when you apply for an account with us, from your transactions with us, from your access to or use of our products and services or from third parties authorised to provide us with such information. We also collect personal data when we monitor or record our communications with you or through use of certain technology as detailed further below.

What are the purposes for which we use your Personal Data?

We, our associated firms and/or other persons acting on our or their behalf may process and use your personal data to:

  • Administer and operate services in accordance with the customer documents, (including authorising or confirming transactions and for billing purposes);
  • In the course of the operational support and development of our businesses;
  • To carry out credit, money laundering and conflict checks and for fraud prevention purposes, (and this may include consideration of information regarding political affiliations and criminal offences committed or alleged to have been committed);
  • To contact you about other services and products we offer;
  • To exercise and defend our legal rights;
  • In order to comply with legal and regulatory obligations and requests anywhere in the world, (including reporting to and being audited by national and international regulatory, enforcement or exchange bodies and complying with court orders);
  • For recruitment purposes, to confirm your references and educational background and to consider your suitability for any current or future recruitment requirements.
  • For any other legitimate business purposes; and
  • As otherwise permitted under any applicable law or regulation.

Monitoring

We, our associated firms and/or other persons acting on our or their behalf record or monitor communications, (including email, instant messaging, facsimile, telephone (including mobile phones issued by us) and other electronic communications), with youor your agent(s) to the extent permissible under the applicable law for legitimate business purposes or for purposes permitted by law from time to time, including without limitation:

  • to safe guard against the unauthorised and unlawful processing or misuse of our data and that of our employees, clients and vendors;
  • establishing the existence of facts (e.g., keeping records of transactions);
  • ascertaining compliance with regulatory or self-regulatory practices or procedures which relate to Capital Asset Management Group;
  • preventing or detecting crime;
  • investigating or detecting unauthorised use of our systems and other materials (e.g., monitoring to ensure compliance with our policies and procedures and to evaluate the quality of customer service);
  • ensuring the effective operation of our telecommunications (including telephones, email and internet) systems;
  • for security or health and safety purposes; or
  • support and administration purposes.

When do we Disclose Personal Data we collect about you?

You should know that:

  • Capital Asset Management Group does not sell, rent, trade your personal data; and
  • Capital Asset Management Group does not disclose your personal data, except as described in this Privacy Policy.

Our processing and use of your personal data, for the purposes specified in this Privacy Policy, may include disclosure of your personal data:

  • Between us and our associated firms;
  • To other persons processing your personal data on our or their behalf or otherwise providing us or them with professional or other services;
  • To third parties such as settlement agents, overseas banks or exchange or clearing houses to whom we disclose in the course of providing products and services to you;
  • To credit reference, fraud prevention and other similar agencies, and other financial institutions, with whom information is shared for credit and money laundering checking and fraud prevention purposes;
  • To persons to whom we assign or novate our rights or obligations; and
  • To prospective seller or buyer in the event that we sell or buy any business or assets or if all or substantially all of our assets are acquired by a third party, in which case personal data held by it about its customers will be one of the transferred assets;
  • Also to national and international regulatory, enforcement or exchange bodies or courts anywhere in the world as required by applicable law or regulations anywhere in the world or at their request.

These disclosures may involve overseas storage and other overseas transfer, processing and use of your personal data, and disclosure to these third parties, including in or to countries or territories which do not offer the same level of protection of personal data as may be enjoyed within your home country.

How do we Protect the Security and Confidentiality of your Personal Data we collect about you?

Capital Asset Management Group maintains appropriate physical, technical and procedural safeguards to protect any information that you provide to us from accidental or unauthorised loss, misuse, damage,modification, access or disclosure.

Capital Asset Management Group has partnered with a global Information Security Office, which leads efforts to:

  • Safeguard the confidentiality and privacy of information resources;
  • Properly classify information resources;
  • Meet legal and regulatory obligations concerning the protection of information resources;
  • Implement and maintain information security policies and procedures;
  • Integrate protection of information resources into the process lifecycles of the business;
  • Educate those working for or on behalf of Capital Asset Management Group on Information Security policies and responsibilities; and
  • Authenticate users and limit access to information resources based on authorization that has been granted.

Third parties who process your personal data on our behalf are required to adhere to appropriate security standards to protect such information against unauthorised access, destruction or loss.

What rights do you have?

If you wish to access a copy of your personal data or you wish to modify any personal data which we hold about you, or you want us to cease processing any of your personal data held by us, subject to applicable law, you can do so by written request to the applicable Privacy & Data Protection Counsel or other named contact at the address set out below.

In the case of a request for access to personal data, we reserve the right to charge an appropriate fee, if applicable. You may be required to supply a valid means of identification as a security precaution to assist us in preventing the unauthorised disclosure of your personal data. We will process your request within the time provided by applicable law.

How do we update this Privacy Policy?

We may change or update portions of this Privacy Policy to reflect changes in our practices and or applicable law and regulation. Please check this Privacy Policy from time to time so you are aware of any changes or updates to the Privacy Policy, which may be indicated by a change in the effective date noted at the beginning of the Privacy Policy.

How can you Contact Us?

If you would like to contact us in respect of any element of this Privacy Policy, including, without limitation and subject to applicable law, where you wish to access a copy of your personal data or where you wish to raise a complaint or grievance please contact us at the following address:

Global Privacy and Data Protection Counsel
Legal and Compliance Division
Capital Asset (Thailand) Co., Ltd.
Capital Asset Management Group Ltd
Zuellig House
Silom Road
Bangrak
Bangkok 10500
Thailand