BNP AM

The sustainable investor for a changing world

Search for

Filter by

Asset class

Economics

Geography

Investing

Introduction

We take the protection of your personal data very seriously; accordingly, the BNP Paribas Group has adopted strong principles in its Personal Data Protection Charter available at: https://group.bnpparibas/en/data-protection.

BNP Paribas Asset Management (“We”), as a controller, are responsible for collecting and processing your personal data in relation to its activities.

BNP Paribas Asset Management is the asset management business of BNP Paribas, a leading European banking group with an international reach. Our priority is to deliver long-term, sustainable returns to our clients, based on a distinctive sustainable investment philosophy. Our direct clients are only institutional investors. In the course of our business, we may collect your personal data when you work or act on behalf of these investors. Individual investors subscribe to our products through other companies, in particular within the BNP Paribas Group, whose business is oriented towards individuals, and for the own needs of these other companies. They are therefore not concerned by this notice. However, we may process your data as an individual investor if, for example, you wish to obtain information on our website about our products. We may also collect and process your personal data if you perform services on our behalf. As a member of an integrated banking-insurance Group, in collaboration with the various entities of the Group, we are able to offer our clients, directly or through the intermediary of other Group entities, a complete range of banking, insurance and leasing products and services (LOA, LLD).

The purpose of this Privacy Notice is to explain how we process your personal data and how you can control and manage them.

1.  ARE YOU SUBJECT TO THIS NOTICE?

This Privacy Notice applies to you, as part of your professional activity, if you are:

You are concerned by this notice, individually, if you are:

This notice may have been given to you when you contacted us, or when you signed a contract with your company or employer, or it may have been brought to your attention when you visited our public website or one of our external communication platforms. It is therefore you that we are addressing in the first place, and that we are informing by this Notice of the use we will make of your personal data. When you provide us with the personal data of other natural persons (employees, managers, etc.) who are involved in a professional capacity in the relationship we have with your company, please make sure that you inform them about the disclosure of their personal data and invite them to read this Privacy Notice. We will ensure that we will do the same whenever appropriate (e.g., when we have the person’s contact details).

2.  HOW CAN YOU CONTROL THE PROCESSING ACTIVITIES WE DO ON YOUR PERSONAL DATA?

You have rights which allow you to exercise real control over your personal data and how we process them.

If you wish to exercise the rights listed below, please submit a request to the following e-mail address am.dataprotection@bnpparibas.com with a scan/copy of your identity card where required.

If you have any questions relating to our use of your personal data under this Privacy Notice, please contact our Data Protection Officer at the following e-mail address am.dataprotection@bnpparibas.com.

2.1 You can request access to your personal data

If you wish to have access to your personal data, we will provide you with a copy of the personal data you requested as well as information relating to their processing.

Your right of access may be limited in the cases foreseen by laws and regulations. This is the case with the regulation relating to anti-money laundering and countering the financing of terrorism, which prohibits us from giving you direct access to your personal data processed for this purpose. In this case, you must exercise your right of access with the French Data Protection Authority (Commission Nationale de l’Informatique et des Libertés or the “CNIL”), which will request the data from us.

2.2. You can ask for the correction of your personal data

Where you consider that your personal data are inaccurate or incomplete, you can request that such personal data be modified or completed accordingly. In some cases, supporting documentation may be required.

2.3 You can request the deletion of your personal data

If you wish, you may request the deletion of your personal data, to the extent permitted by law.

2.4 You can object to the processing of your personal data based on legitimate interests

If you do not agree with a processing activity based on a legitimate interest, you can object to it, on grounds relating to your particular situation, by informing us precisely of the processing activity involved and the reasons for the objection. We will cease processing your personal data unless there are compelling legitimate grounds for doing so or it is necessary for the establishment, exercise or defence of legal claims.

2.5 You can object to the processing of your personal data for commercial prospecting purposes

You have the right to object at any time to the processing of your personal data for commercial prospecting purposes, including profiling, insofar as it is linked to such prospecting.

2.6 You can suspend the use of your personal data

If you question the accuracy of the personal data we use or object to the processing of your personal data, we will verify or review your request. You may request that we suspend the use of your personal data while we review your request.

2.7 You have rights against an automated decision

As a matter of principle, you have the right not to be subject to a decision based solely on automated processing based on profiling or otherwise that has a legal effect or significantly affects you. However, we may automate such a decision if it is necessary for the entering into or performance of a contract with us, authorised by regulation or if you have given your consent.

In any event, you have the right to challenge the decision, express your views and request the intervention of a competent person to review the decision.

2.8 You can withdraw your consent

If you have given your consent to the processing of your personal data, you can withdraw this consent at any time.

2.9 You can request the portability of part of your personal data

You may request a copy of the personal data that you have provided to us in a structured, commonly used and machine-readable format. Where technically feasible, you may request that we transmit this copy to a third party.

2.10 How to file a complaint with the CNIL?

In addition to the rights mentioned above, you may lodge a complaint with the competent supervisory authority, which is usually the one in your place of residence, the CNIL (Commission Nationale de l’Informatique et de Libertés) – www.cnil.fr .

3.  WHY AND ON WHICH LEGAL BASIS DO WE USE YOUR PERSONAL DATA?

In this section we explain why we process your personal data and the legal basis for doing so.

3.1 Your personal data are processed to comply with our various regulatory obligations

Your personal data are processed where necessary to enable us to comply with the regulations to which we are subject, including banking and financial regulations.

3.1.1 We use your personal data to:

3.1.2. We also process your personal data for anti-money laundering and countering of the financing of terrorism purposes

As part of a banking Group, we must have a robust system of anti-money laundering and countering of terrorism financing (AML/CTF) in each of our entities managed centrally, as well as a system for applying local, European and international sanctions.

In this context, we are joint controllers with BNP Paribas SA, the parent company of the BNP Paribas Group (the term “We” in this section also includes BNP Paribas SA).

The processing activities performed to meet these legal obligations are detailed in Appendix..

3.2. Your personal data are processed to perform a contract to which your company is a party or pre-contractual measures taken at its request

Your personal data are processed when it is necessary to enter into or perform a contract to:

3.3 Your personal data are processed to fulfil our legitimate interest or that of a third party

Where we base a processing activity on legitimate interest, we balance that interest against your interests and fundamental rights and freedoms to ensure that there is a fair balance between them. If you would like more information about the legitimate interest pursued by a processing activity, please contact us using the contact details provided in section 2 “HOW CAN YOU CONTROL THE PROCESSING ACTIVITIES WE DO ON YOUR PERSONAL DATA?” above.

3.3.1. In the course of our business as an asset manager, we use your personal data to:

3.3.2. We use your personal data to send you commercial offers by electronic means, post and phone

We send you mailings (related to your profession when you are acting in your capacity as an employee of our clients or partners, or based on your request if you are acting for personal purposes) for marketing purposes and providing information, and we use your personal data for campaign analysis on client/prospect engagement.

As part of the BNP Paribas Group, we want to be able to offer you access to the full range of products and services that best meet your needs.

Once you are a client and unless you object, we may send you these offers electronically for our products and services and those of the Group if they are similar to those you have already subscribed to.

We will ensure that these commercial offers relate to products or services that are relevant to your needs and complementary to those you already have to ensure that our respective interests are balanced.

We may also send you, by phone and post, unless you object, offers concerning our products and services as well as those of the Group and our trusted partners.

3.4. Your personal data are processed if you have given your consent

For some processing of personal data, we will give you specific information and ask for your consent. Of course, you can withdraw your consent at any time.

In particular, we ask for your consent for the use of your navigation data (cookies) for commercial purposes or to enhance the knowledge of your profile.

You may be asked for further consent to process your personal data where necessary.

4.  WHAT TYPES OF PERSONAL DATA DO WE COLLECT?

We collect and use your personal data, meaning any information that identifies or allows one to identify you.

Depending among others on the types of product or service we provide to you and the interactions we have with you, we collect various types of personal data about you, including:

We may collect sensitive data such as data relating to criminal offences, subject to compliance with the strict conditions set out in data protection regulations.

5. WHO DO WE COLLECT PERSONAL DATA FROM?

We collect personal data directly from you, your company or your employer; however, we may also collect personal data from other sources.

We sometimes collect data from public sources:

We also collect personal data from third parties:

6. WHO DO WE SHARE YOUR PERSONAL DATA WITH AND WHY?

With BNP Paribas Group’s entities

As a member of the BNP Paribas Group, we work closely with the Group’s other companies worldwide. Your personal data may therefore be shared between BNP Paribas Group entities, where necessary, to:

With recipients outside the BNP Paribas Group and processors

In order to fulfil some of the purposes described in this Privacy Notice, we may, where necessary, share your personal data with:

7. INTERNATIONAL TRANSFERS OF PERSONAL DATA

In case of international transfers originating from the European Economic Area (EEA) to a non-EEA country, the transfer of your personal data may take place. Where the European Commission has recognised a non-EEA country as providing an adequate level of data protection, your personal data may be transferred on this basis.

For transfers to non-EEA countries where the level of protection has not been recognized as adequate by the European Commission, we will either rely on a derogation applicable to the specific situation (e.g., if the transfer is necessary to perform our contract with you, such as when making an international payment) or implement one of the following safeguards to ensure the protection of your personal data:

To obtain a copy of these safeguards or details on where they are available, you can send a written request to am.dataprotection@bnpparibas.com.

8. HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We retain your personal data for as long as necessary to comply with applicable laws and regulations, or for as long as necessary for operational purposes, such as bookkeeping, effective client relationship management, and enforce legal rights or respond to requests from regulators. For example, most client data is retained for the duration of the contractual relationship and for 3 years after the end of the contractual relationship, subject to applicable local regulations. For prospects, data is retained for 3 years subject to applicable local regulations.

9. HOW TO FOLLOW THE EVOLUTION OF THIS PRIVACY NOTICE

In a world where technologies are constantly evolving, we regularly review this Privacy Notice and update it as required.

We invite you to review the latest version of this document online, and we will inform you of any significant amendments through our website or through our standard communication channels.


Appendix

Processing of personal data for anti-money laundering and countering of the financing of terrorism

We belong to a banking Group that must have a strong anti-money laundering and countering of the financing of terrorism (AML/CFT) system at the entity level, managed at the central level, an anti-corruption system, as well as a system that allows compliance with international sanctions (this refers to all economic or trade sanctions, including all laws, regulations, restrictive measures, embargoes or asset freezes enacted, governed, imposed or enforced by the French Republic, the European Union, the US Department of the Treasury’s Office of Foreign Asset Control, and any competent authority in the territory where we are established).

In this context, we are joint data controllers with BNP Paribas SA, the parent company of the BNP Paribas Group (the term “we” in this section includes BNP Paribas SA).

For AML/CFT and International Sanctions compliance purposes, we carry out the processing listed below to meet our legal obligations:

In this context we may have to contact:

We carry out these checks when you enter into a relationship with us, but also on the transactions you carry out. At the end of the relationship and if you have been the subject of an alert, this information will be kept in order to identify you and to adapt our control if you enter into a new relationship with BNP Paribas Group entity, or in the context of a transaction to which you are party.

To meet our legal obligations, we share information collected for AML/CFT, anti-corruption and International Sanctions enforcement purposes between BNP Paribas Group entities. When your data is exchanged with countries outside the European Economic Area that do not provide an adequate level of protection, the transfers are governed by the European Commission’s Standard Contractual Clauses. When additional data is collected and exchanged in order to comply with the regulations of non-EU countries, this processing is necessary to enable the BNP Paribas Group and its entities to comply with their legal obligations and to avoid local sanctions, which is our responsibility.

APPENDIX: List of entities subject to this Data Protection Notice and contact details of data protection officers

Société anonyme (S.A.)
1 Boulevard Haussmann 75009 Paris – France
Délégué à la Protection des Données:
DPO – RISK Function
8, rue du Port, 92000 NANTERRE
am.dataprotection@bnpparibas.com

Société par actions simplifiée (SAS)
1 Boulevard Haussmann 75009 Paris – France
Délégué à la Protection des Données:
DPO – RISK Function
8, rue du Port, 92000 NANTERRE
am.dataprotection@bnpparibas.com

Société Anonyme
1 Boulevard Haussmann 75009 Paris – France
Délégué à la Protection des Données:
DPO – RISK Function
8, rue du Port, 92000 NANTERRE
am.dataprotection@bnpparibas.com

Société par actions simplifiée (SAS)
1 Boulevard Haussmann 75009 Paris – France
Délégué à la Protection des Données:
DPO – RISK Function
8, rue du Port, 92000 NANTERRE
am.dataprotection@bnpparibas.com