The Policy is backed by a series of Procedures which provide a framework for action and reflect the operational standards required for enforcing this Policy.
The policy is owned and approved by Aberdeen’s Information Security Committee and reviewed on a regular basis by the Group Head of Risk.
Local laws and regulations notwithstanding, the policy covers all subsidiaries and all employees of the Group, permanent and temporary (including Directors, agency staff, interns, third party contractors, consultants, and external secondees), full and part time in the particular circumstances of the Group, its products, services, transactions and clients. The Group also has a responsibility to ensure its third party providers adhere to a similar policy where applicable.
Regulatory or Legal Source
Aberdeen is bound by local regulation and legislation and complies with this in every case.
Aberdeen collects personal information:
- from applications, forms, and agreements entered into with a client, or in the course of establishing or maintaining a client relationship between the Group and a client, regarding an investment product or vehicle. This includes a client’s name, postal and email address, debit card details, ongoing statements and other related information. It allows Aberdeen to complete a transaction and also to provide confirmation of the transaction to the client.
- when a user browses the website. Aberdeen stores information as to how the website is used in order to improve the quality of service provided. For example, it allows Aberdeen to decide the most appropriate site layout and navigation.
- concerning the attachments opened with electronic Newsletters sent to a client.
Information collected by Aberdeen may be used to inform a user about changes to the website and, subject to any applicable local laws, other information that Aberdeen thinks may be of interest and/or useful to a user, including its products and services.
Aberdeen does not disclose personal information to third parties, except as described in this Policy.
Third party disclosures may include sharing such information with non-affiliated companies who perform support services on Aberdeen’s behalf including those that provide professional, legal or accounting advice to the Group. These companies are required to ensure appropriate security measures are in place and maintain the confidentiality of such information to the extent they receive it, and to use personal information only in the course of providing such services and only for the purposes that Aberdeen dictates. These non-affiliated companies, however, may be based in countries where privacy laws do not exist or provide less protection than those countries in which Aberdeen has an office.
Aberdeen may also disclose personal information to fulfil a user’s instructions or pursuant to a user’s express consent.
Finally, under limited circumstances, personal information may be disclosed to third parties as permitted by, or to comply with, applicable laws and regulations, for instance, when responding to proceedings of a court of law or similar legal process, to protect against fraud, and to otherwise co-operate with law enforcement or regulatory authorities.
N.B. Aberdeen does not sell personal information.
A user has the right to access personal information at any time to check whether it is accurate and up-to-date. To access information, the user must contact their local Aberdeen office.
Aberdeen reserves the right to impose a reasonable charge for providing access to personal information.
Aberdeen retains personal information in accordance with applicable laws for as long as it is needed.
Privacy and the Internet
Aberdeen is committed to ensuring that personal information is secure. In order to prevent unauthorised access or disclosure, it has appropriate physical, electronic and managerial procedures in place to protect and secure personal information.
All forms containing sensitive personal information, such as payment or bank details, are transmitted, after a user’s details are authenticated, to the web server using a ‘secure form’ in which details are encrypted using the most secure encryption level available.
Personal information is passed immediately to Aberdeen’s customer service centre and is not stored on the web server.
However, where it is necessary to store personal information temporarily, any sensitive personal information is securely encrypted and stored away from publicly-accessible areas of the web server.
When personal information is received, the web server, located in a secure area of the network, immediately passes it through an additional firewall into an application server and onto a server which allows Aberdeen to execute the order within the customer service centre. The personal information is itself protected so that it can only be accessed by authorised staff.
Cookies are small pieces of data given to your browser by a website which may be stored as text files in the cookie directory of your computer. Cookies are not programs and cannot collect information from your computer. They do not damage your computer and are defined as “a piece of text stored on a user’s computer by their web browser. A cookie can be used for authentication, storing site preferences, shopping cart contents, the identifier for a server-based session, or anything else that can be accomplished through storing text data” (source: Wikipedia, 2011).
Each website may send cookie data to your browser which may save it if your browser’s preferences allow it to do so. To protect your privacy your browser only returns a cookie to the website that sent you the cookie and does not send it to any other website. A website cannot access your cookie directory or information on your computer, instead relevant cookies are included by your browser within each request you make to the website. A website can only obtain cookie data that your browser sends to it.
The majority of browsers allow you to control cookies through the browser’s settings. For more information about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org or to opt out of being tracked by Google Analytics across all websites, visit tools.google.com/dlpage/gaoptout.
Cookies used on this website
- _utma, _utmb, _utmc and _utmz – used for our Google Analytics for us to measure how visitors use our site, all information is completely anonymous and we cannot track who the user is. _utmc is a temporary cookie and is deleted once your browser is shut.
- PHPSESSID – a temporary cookie used by the content management system to manage browser sessions and is deleted once your browser is shut.
This policy, in line with the new legislation is currently under review and should you require further information in the way we use this data, please contact us.
The Cursitor Building website includes both internal and external web links. We select links that we feel are relevant to the content that they are linking from or are useful for our visitors.
Aberdeen is not responsible for the content on external websites that are linked to / from our site. We do not link to external sites in return for cash, services or any other payment in kind – links are selected purely based on the relevance of their content for our audience.