Close

The right insights, right now

Access the latest news, analysis and trends impacting your business.

Explore our insights by topic:

About Broadridge

Privacy Statement

Broadridge Financial Solutions, Inc., including its subsidiaries and affiliates (collectively, “Broadridge”), is committed to respecting privacy. Our Global Privacy Program is designed to help ensure that we handle Personal Information appropriately. If you have any additional questions about the privacy of your Personal Information, please contact the Broadridge Privacy Office via email at privacy@broadridge.com.

  1. Broadridge Privacy Statement

  2. Broadridge Cookie and Online Privacy Notice

  3. Additional Information for EEA, United Kingdom and Swiss Residents

  4. Additional Information for California Residents

  5. Additional Information for Brazilian Residents

  6. How to Contact Us and Our Chief Privacy Officer

Broadridge Privacy Statement

This Privacy Statement describes the practices that Broadridge will follow with respect to the Personal Information (defined below) it collects from our clients, service providers and from individuals who interact with us directly, including through www.broadridge.com and other Broadridge websites, mobile applications, or hosted websites that link to this Privacy Statement.

Broadridge generally operates as a service provider to our clients, including banks, brokers, mutual funds, corporations and other business entities. As a service provider, we primarily collect and use consumer personal information as authorized by our contracts with our clients. If we have collected or received your information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests. We may collect Personal Information for our own purposes primarily pertaining to financial professionals, such as investment advisors, financial planners and the professionals who work for our institutional and corporate clients.

Our Collection, Use and Disclosure of Personal Information pertaining to Professionals and Commercial Clients

“Personal Information” or “PI” is any information that can be used to identify, locate or contact you. It also includes other information that may be associated with your name or other identifiers. The chart below describes the categories of Personal Information we collect, the sources of that information, the reasons we collect it, and the types of people to whom we may disclose the information.

Please note that we may use and disclose any Personal Information for our “Everyday Business Purposes” 1 as permitted by law. We may also disclose any Personal Information to our affiliates and to the service providers and contractors that need to use the information to provide services to us. We have contracts with these companies that require them to protect our information and to comply with law. We may also disclose any information when required by law, such as to law enforcement agencies or to parties in litigation, or to the company you work for, when we are providing services to that company.

Category and Sources of PI

Purposes for Collecting this PI

Disclosures of this PI

Business Contact Information

This is the type of information that can be found on your business card, such as your name and title, company affiliation, mailing address, email address and telephone number.

We collect this type of information from you and from publicly available sources, such as financial institution sites and social media sites. We also may receive your data from third parties, such as trade associations or trade shows.

We use this type of information to identify you and communicate with you, including:

  • To send transactional messages (such as service confirmations);
  • To send marketing communications, surveys and invitations; and
  • To personalize our communications and provide customer service.

We may disclose this type of information to our service providers and contractors and to:

  • Entities that deliver our communications, such as telecommunications carriers, couriers or the postal service; and
  • Social media companies such as LinkedIn which use the data only to identify which of our clients use their platforms so that we can deliver content to you on the platform.

Business Customer Information

We collect “B2B” Personal Information about business professionals associated with our commercial clients, suppliers and partners in the context of our relationships we have with these companies. This includes:

  • Information about your authority to use our products and place orders with us;
  • Transaction records, including product usage, customer service, training and related records;
  • Professional interests and credentials;
  • Relationship information, including marketing and communication preferences; and
  • Visitor logs.

We collect this type of information from you and from your company. We also may receive your data from third parties, such as trade associations or trade shows.

We use this type of information:

  • To fulfill our business relationship with you and/or our client;
  • To develop and maintain our relationship with you and/or our client, including sending you marketing communications as permitted by law and subject to your preferences;
  • For internal business purposes, such as finance, quality control, training, reporting and analytics;
  • For risk management, fraud prevention and similar purposes; and
  • For recordkeeping and compliance, including dispute resolution.

We may disclose this type of information to:

  • our service providers and contractors; and
  • the company you work for, and other companies (such as your company’s affiliates and service providers), as needed for the commercial relationship (such as including your information on purchase documents that you authorize).

Unique Identifiers

Such as:

  • System identifiers;
  • Device identifiers; and
  • Advertising ID.

We collect this type of information from your devices and from our online partners, such as third parties, who place cookies or similar technologies containing advertising IDs on your devices for us.

We use this type of information:

  • To identify you or your device, including to associate you with different devices that you may use;
  • For record-keeping and reporting, including for data matching;
  • For metrics and analytics; and
  • For online ad delivery and personalization.

We may disclose this type of information to our service providers and contractors that fulfill orders and support our information technology and security programs, including companies that assist us with fraud prevention, detection and mitigation.

Advertising ID is shared with third party network advertising partners. You can opt-out of the sale or sharing of your information with third parties by visiting Your Privacy Choices.

Account Access Information

Such as:

  • Usernames and/or passwords; and
  • Account recovery information (such as security questions and answers).

We collect this type of information from you, when you establish an account or change your password.

We may create this information for you, such as if we assign you a username or account number or issue you a temporary password.

We use this type of information:

  • To identify and authenticate you;
  • To enable you to engage in transactions with us (such as interacting with us online); and
  • For security and similar purposes.

We may disclose this type of information to our service providers and contractors that assist with our information technology and security programs.

Online & Technical Information

Such as:

  • IP Address;
  • Device identifiers;
  • Device characteristics, including precise geolocation data;
  • Server and application logs; and
  • Data from cookies, pixel tags and other online tools.

We collect this type of information from your computer or devices when you interact with our platforms, websites and applications. For example, when you visit our websites, our server logs record your IP address and other information. We may also receive this information from third parties, including computer security services and advertising partners.

Please read our Cookie and Online Privacy Notice to learn more.

We use this type of information:

  • For system administration, technology management, including optimizing our websites and applications;
  • For information security and cybersecurity purposes, including detecting threats;
  • For other authorized purposes, such as if you consent to our use of precise geolocation data to deliver content to you based on your location;
  • For recordkeeping, including logs and records that are maintained as part of transaction information;
  • To better understand our clients and prospective clients and to enhance our relationship information, including by associating you with different devices and browsers; and
  • For online targeting and advertising purposes.

We may disclose this type of information to our service providers and contractors who support our information technology programs or host our websites and to third party network advertising partners.

You can opt-out of the sale or sharing of your information with third party advertising partners by visiting Your Privacy Choices.

Audio Visual Information

Such as:

  • Call center recordings;
  • Voicemails; and
  • CCTV recordings.

We collect this type of information from you, and automatically, such as when we record calls to our call center and use CCTV cameras in our facilities.

We use this type of information:

  • For internal business purposes, such as call recordings used for training, coaching or quality control; and
  • For premises security purposes and loss prevention.

We may disclose this type of information to our service providers and contractors that support our information technology and security programs, and our loss prevention programs.

Compliance data

Such as:

  • Records that demonstrate compliance with applicable laws, such as tax laws, occupational safety laws or privacy laws;
  • Records related to our internal compliance programs, such as data related to anti-money laundering and intellectual property programs; and
  • Records relating to complaints and internal investigations.

We collect this type of information from you and from third parties, including companies that help us conduct internal investigations.

We use this type of information:

  • To comply with and demonstrate compliance with applicable laws;
  • For legal matters, including litigation and regulatory matters, including for use in connection with civil, criminal, administrative, or arbitral proceedings, or before regulatory or self-regulatory bodies, including service of process, investigations in anticipation of litigation, execution or enforcement of judgments and orders; and

For internal business purposes, such as risk management, audit, internal investigations, reporting and analytics.

We may disclose this type of information to our service providers and contractors, including our lawyers, auditors and consultants, and to:

  • Clients, in connection with their audits of Broadridge; and

Other entities (including government agencies, courts and opposing law firms, consultants, process servers and parties to litigation) in connection with legal matters as required or permitted by law.

Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports or create products that contain de-identified, aggregated or statistical data. These reports and products do not contain any information that would enable the recipient to contact, locate or identify you.

Broadridge does not sell individual consumer or account holder Personal Information.

AdvisorTarget, a subsidiary of Broadridge, includes certain personal information about financial advisors and their practices in reports it sells to its clients. You can opt-out of AdvisorTarget’s sale of your Personal Information by visiting AdvisorTarget’s privacy portal at Your Privacy Choices.

We may share Personal Information for cross-contextual behavioral advertising or online targeted advertising. You can opt-out of our sharing of your data for these purposes by visiting our privacy rights portal at Your Privacy Choices.

Client Confidential Information

Broadridge collects and processes consumer Personal Information as a service provider to our clients. All such consumer information we process is considered Confidential Information of our clients, and we only use and disclose this information to provide services to our clients and as instructed by our clients, in accordance with our contracts. For example, our clients use our services to communicate with, manage and build relationships with their customers, investors or shareholders. We use information about the individuals as needed to provide these services and otherwise support our clients’ account management and compliance functions.

Many of our clients are financial institutions which are regulated by laws such as the Gramm-Leach-Bliley Act (“GLBA”), which, among other things, protects non-public personal financial information of individuals who obtain financial services from those financial institutions for personal, family, or household use.

GLBA addresses both financial privacy and safeguards to secure information. Broadridge acts as a service provider to these clients, as defined under GLBA.

In some cases, we operate or host websites owned by our clients. On behalf of our clients, we may collect Personal Information (including sensitive Personal Information) when users access their accounts online or conduct transactions. All information collected via these hosted sites is considered Confidential Information of our clients. We also receive Personal Information directly from our clients for processing, which is also Confidential Information of our clients.

Our contracts with our clients govern the processing of this Confidential Information, and the clients’ privacy statements provide information about their privacy practices. If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests.

Your Privacy Rights

Broadridge respects your rights to access, correct and request erasure or restriction of your Personal Information as required by law. Depending on your country or state of residence, these rights may include:

  • The right to be informed about our collection, use and disclosure of your Personal Information;
  • The right to know if we maintain your Personal Information, and if we do, to access that information (subject to the rights of others) and to request that we provide your information in a portable format;
  • The right to ask us to correct your information if it is incomplete or incorrect;
  • The right to object to our processing of your Personal Information, including the rights to object to:
    • the sale of your Personal Information;
    • the sharing or use of your Personal Information for certain types of online targeted advertising;
    • the use of profiling or automated decision-making which might significantly affect you;
    • certain secondary uses and disclosures of sensitive Personal Information;
  • The right to withdraw your consent at any time, if we are processing your Personal Information based on your consent; and
  • The right to ask that we delete your Personal Information.

Depending on where you reside, you may have additional rights under applicable law. To learn more and to exercise your rights, please visit our privacy rights portal at Your Privacy Choices or contact us via email at privacy@broadridge.com. We will need to confirm your identity before we can fulfill most requests, as we need to be sure that your Personal Information is not disclosed to an unauthorized recipient.

Please understand that these rights are subject to some limitations. For example, we may require documentation to support certain corrections to your information, and we generally cannot restrict or delete Personal Information in those situations where our retention is required for our internal business purposes or to comply with law.

We will not retaliate against you if you exercise your privacy rights.

If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests.

Cross-Border Transfers of Personal Information

Broadridge is headquartered in the United States and has offices, affiliates and service providers around the world. Your Personal Information may be transferred to other countries, which may not have similar privacy or data protection laws to those where you live. We will take steps to ensure that your Personal Information receives an adequate level of protection in the jurisdictions in which we process it, including through appropriate written data processing terms and/or data transfer agreements and/or other legally acceptable mechanisms according to applicable local laws.

Analytics, Profiling and Automated Decision-Making

We may use analytics to understand how individuals interact with us and our products, such as to assess engagement and for personalization and product development purposes. We also use analytics for security and fraud prevention purposes. However, we do not use profiling or automated decision-making tools to make decisions that produce legal or similarly significant legal effects for you. Any such decisions are made only based on human review.

Information Security

We take reasonable steps designed to help prevent the loss, misuse and alteration of the information under our control. For example, we have implemented physical, logical and administrative safeguards to protect and secure the information we process and maintain. We also use encryption and firewall technologies to protect sensitive information during online transmissions. However, no environment or security procedures or protocols are ever guaranteed to be 100% secure or error-free.

If you have registered at a Broadridge website or a hosted website, we recommend that you do not divulge your password to anyone. We will never ask you for your password in an unsolicited phone call or in an unsolicited email. Also remember to sign out of the registered site and close your browser window when you have finished your work. This is to ensure that others cannot access your Personal Information and correspondence if others have access to your computer.

Data Retention

We will retain your Personal Information for as long as the information is needed for the purposes listed above and for any additional period that may be required or permitted by law, such as for business, legal, accounting, or reporting requirements or pursuant to client contract requirements.

The length of time your Personal Information is retained depends on the purpose(s) for which it was collected, how it is used, and the requirements to comply with applicable laws or client contracts. If you would like us to delete your Personal Information collected directly by Broadridge, please contact us via email at privacy@broadridge.com. If we do not have a legal basis for retaining your information, we will delete it as required by applicable law. If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to deleting your Personal Information.

Changes to this Privacy Statement

From time to time, we may update this Privacy Statement to reflect new or different privacy practices. The updated Privacy Statement will include the date it was last updated. Additionally, if the changes will materially affect the way we use or disclose previously collected Personal Information, we will notify you about the change.

Privacy Protection Policy for Social Security Numbers

Broadridge may collect Social Security numbers in the ordinary course of certain of our businesses. Broadridge has implemented reasonable technical, physical and administrative safeguards to help protect the Social Security numbers from unlawful use and unauthorized disclosure. All Broadridge employees and service providers are required to follow these established procedures.

In particular:

  • Access to Social Security numbers is limited to those associates and service providers who have a need to access the information to perform tasks for Broadridge; and
  • Social Security numbers are only disclosed to third parties in accordance with Broadridge’s established policies. Broadridge will only disclose Social Security numbers to those service providers, auditors, advisors, and/or successors in interest who are legally or contractually obligated to protect them or as required or permitted by law.

Other sites

Broadridge sites may contain links to other sites, including those of our service providers. While we seek to link only to sites that share our high standards and respect for privacy, we are not responsible for the privacy practices employed by other sites.

Job Applicants and Human Resources (HR) Data

If you have applied for employment with Broadridge, the Personal Information submitted with your job application will be used only for recruitment and other customary human resources purposes. Prospective, current and former employees and others whose data are processed in connection with our human resources activities may contact the Broadridge Privacy Office via email at privacy@broadridge.com or our Human Resources Department to get information about Broadridge’s Human Resources privacy practices.

Broadridge Cookie and Online Privacy Notice

When you visit our website or use our mobile applications, we may collect certain information by automated means, using technologies such as cookies, pixel tags, browser tracking analysis tools, server logs and web beacons. We do not, however, use tracking or cookie technology on pages of our websites that provide “Notice and Access” hosting services to clients.

Cookies

When you visit our website, we place cookies on your computer. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. You have choices about these cookies.

To learn more about the cookies we place and to exercise your choices, please visit our privacy rights portal at Your Privacy Choices.

In the privacy rights portal, click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). However, you can opt-out of our use of Performance, Functional and Targeting Cookies.

Other Data Collection Technologies

We may also use Flash Cookies (also known as Local Stored Objects) and similar technologies to personalize and enhance your online experience. We use Flash cookies for security purposes and to help remember settings and preferences. We do not use Flash cookies or similar technologies for behavioral or interest-based advertising purposes.

These technologies also help us provide a customized experience and enable us to detect certain kinds of fraud. In many cases, you can manage cookie preferences and opt-out of having cookies and other data collection technologies used by adjusting the settings on your browser. All browsers are different, so visit the “help” section of your browser to learn about the privacy settings that may be available.

In connection with marketing efforts, we may use pixel tags and web beacons, which are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure responses to our communications and improve our websites and promotions. Information collected using these technologies in our emails may be associated with the recipient’s email address.

For example, we may collect information from the device you use to access our website, including your operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. Our server logs also record the IP address assigned to the device you use to connect to the Internet. An IP address is a unique number that devices use to identify and communicate with each other on the Internet. We may also collect information about the website you were visiting before you visited our websites.

In many cases, the information we collect using cookies and other tools is only used in a non-identifiable way, without any reference to Personal Information. For example, we use information we collect about all website users to optimize our websites and to understand website traffic patterns. In some cases, we do associate the information we collect using cookies and other technology with your Personal Information.

On some of our sites, such as www.broadridge.com, certain annual meeting websites (e.g., the Virtual Shareholder Meeting, which may be customized for our clients), and mobile applications, Broadridge directly or through third parties uses web analytics tools to provide Broadridge or its clients with information about the use of these websites.

Google Analytics

Google Analytics is a web analytics tool provided by Google, Inc. that helps website owners understand how visitors engage with their website. Broadridge may use Google Analytics to view a variety of reports about how visitors interact with our websites so that we can improve them. Google Analytics uses cookies and other tools, which generate information about your use of our website (including your IP address). This information is transmitted to and stored by Google on servers in the United States. Google uses this information to evaluate your use of our website, report on website activity and provide other services to us. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google may combine this information with other data held by Google pursuant to Google’s privacy policy available on Google’s website. You may refuse the use of cookies by opting-out of our collection of data via Performance, Functional and Targeting Cookies through our privacy rights portal at Your Privacy Choices. For more information on how Google Analytics uses the information it collects, please visit “How Google uses information from sites or apps that use our services”, located at www.google.com/policies/privacy/partners/.

Social Media Interactions and Interest-based Ads

Our websites may enable you to interact with us and others via social media platforms, such as Facebook, X, LinkedIn and Instagram. While we respect each social media platform’s privacy policies, we may collect Personal Information about you if you choose to use these tools and these platforms may collect Personal Information when you visit our site.

We may display interest-based ads to you when you are using these platforms. These platforms allow us to personalize the ads that we display to you, and they may gain insights about individuals who respond to the ads we display.

To opt-out of data sharing and online targeted advertising by Broadridge, visit our privacy rights portal at Your Privacy Choices.

Mobile Applications

We may offer mobile applications that allow you to access your account, interact with us online and receive other information via your smartphone. All personal information collected by Broadridge via our mobile applications is protected by the terms of this Privacy Statement.

When you download our mobile applications, you may choose to allow us to obtain your precise location from your mobile device. We use this information to deliver personalized content to you and for our internal analytics purposes.

We may also offer automatic (or “push”) notifications. We will provide push notifications only to those individuals who opt-in to receive such notifications from Broadridge. You do not have to provide location information to Broadridge or enable push notifications to use any of our mobile apps. If you have questions about location and notification privacy, please contact your mobile service provider or the manufacturer of your device to learn how to adjust your settings.

Other Third Party Relationships

Broadridge also uses web analytics tools provided by Adobe. These tools provide reporting and analytics functions that help us understand how visitors engage with our websites. To learn more about the Adobe analytics products, please visit http://www.adobe.com/privacy/marketing-cloud.html.

Broadridge provides a third party, Demandbase, Inc., with the IP addresses recorded by Broadridge’s server logs of visitors to Broadridge’s sites. Demandbase’s web analytics identify information about visitors to Broadridge’s sites, including, without limitation, industry, size, location and revenue, based on Demandbase’s database of company IP addresses.

You may refuse the use of these companies’ cookies by opting-out of our collection of data via Performance, Functional and Targeting Cookies through our privacy rights portal at Your Privacy Choices.

Do Not Track

Some web browsers may transmit “do-not-track” signals to the websites with which the user communicates. Because of differences in how web browsers incorporate and activate this feature, it is not always clear whether you intend for these signals to be transmitted, or whether you even are aware of them. Because there currently is no industry standard concerning what, if anything, websites should do when they receive such signals, we currently do not take action in response to these signals.

Additional Information for EEA, United Kingdom and Swiss Residents

Broadridge is providing this additional information for the benefit of individuals in the European Economic Area (“EEA”), United Kingdom and Switzerland, to explain our practices with regard to EEA, United Kingdom and Swiss Personal Information, to explain additional rights such individuals have with respect to their Personal Information, and to demonstrate our commitment to the Data Privacy Frameworks (as described below). This additional information, together with other statements in this Privacy Statement, explain our practices with regard to EEA, United Kingdom and Swiss Personal Information.

  1. The Purposes and Legal Basis for Processing, including Legitimate Interests

We only process Personal Information when we have a legal basis for the processing, such as:

  • To fulfill a contract with you or our client; and
  • With your or our client’s consent (where required and provided you have not objected, as may be applicable).

We may also process your Personal Information for our legitimate interests, provided that such processing shall not outweigh your rights and freedoms. In particular, we may process your Personal Information as needed to:

  • protect you, us or others from threats (such as security threats or fraud);
  • comply with the laws that are applicable to us around the world;
  • enable or administer our business, such as for the provision of services to our clients, quality control, consolidated reporting, and client service;
  • market our products and services to existing and prospective clients;
  • manage corporate transactions, such as mergers or acquisitions; and
  • understand and improve our business or client relationships generally.

Please be aware that we may also be required to disclose your Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

  1. The Purpose for which we Process your Personal Information

We process your Personal Information for the legitimate interests we have referred to above and for the following purposes:

  • processing of customer data in accordance with our client contracts; and
  • payment processing and financial account management, contract management, website administration, business continuity and disaster recovery, security and fraud prevention, corporate governance, reporting and legal compliance.
  1. Disclosure of Your Personal Information

Other than as set out in this Privacy Statement, your Personal Information will not be sold, shared or provided to any third party. However,

  • we may share your Personal Information with our affiliates and subsidiaries; and
  • we may share your Personal Information with our vendors and subprocessors in connection with providing contracted services and products.
  1. Your Privacy Rights

You always have the right to object to our marketing communications. To opt-out of emails, simply click the link labeled “unsubscribe” at the bottom of any email we send you. To revoke permissions that you may have given to send text messages, text STOP in response to any message.

Broadridge also respects the rights of EEA, United Kingdom and Swiss residents to access, correct and request erasure or restriction of their Personal Information as required by law. This means:

  • you generally have a right to know whether or not Broadridge maintains your Personal Information. If we do have your Personal Information, we will provide you with a copy (subject to the rights of others). If your information is incorrect or incomplete, you have the right to ask us to update it;
  • you have the right to object to our processing of your Personal Information;
  • you may also ask us to delete or restrict your Personal Information; and
  • you may also have the right to data portability in some circumstances.

If your Personal Information was provided to us by a client which is a company with whom you have an account or relationship, you should reach out to such company to learn more about its privacy practices and how to exercise your rights.

If Broadridge has collected Personal Information directly from you, to exercise these rights, please visit our privacy rights portal at Your Privacy Choices, contact us via email at privacy@broadridge.com or write us at the address above, and a member of our Privacy Office will assist you. Please understand that we may need to verify your identity before we can process your request.

If you believe that we have processed your Personal Information in violation of applicable law, you may file a complaint with the Broadridge Chief Privacy Officer at privacy@broadridge.com or with a supervisory authority.
  1. International Transfers

Your Personal Information may be transferred to, stored at or processed in the United States and other countries which may not have equivalent privacy or data protection laws. If you are located in the European Economic Area, the United Kingdom, or Switzerland, and we process your Personal Information in conditions that the European Commission has deemed to not provide an adequate level of data protection, we will implement suitable transfer safeguards, such as certifying compliance to the DPF Principles or the EU Standard Contractual Clauses (see Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 of the European Parliament and of the Council ). To obtain additional details of the mechanism under which your Personal Information is transferred outside of the EEA, United Kingdom or Switzerland, you may request such details by contacting us at privacy@broadridge.com. Where your Personal Information is transferred to Broadridge in the United States, Broadridge relies on the Data Privacy Frameworks as described below.

Data Privacy Frameworks (“DPF”) (EEA/UK/Swiss Data Transfers). Broadridge complies with the EU-U.S. DPF, the UK Extension to the DPF, and the Swiss-U.S. DPF as set forth by the U.S. Department of Commerce (collectively these are herein referred to as the “Frameworks”) and has certified to the U.S. Department of Commerce that it adheres to the EU-U.S. DPF principles regarding the processing of Personal Information received from the European Union in reliance on the EU-U.S. DPF, and from the United Kingdom and Gibraltar in reliance on the UK Extension to the EU-U.S. DPF, and it adheres to the Swiss-U.S. Principles regarding the processing of Personal Information received from Switzerland in reliance on the Swiss-U.S. DPF (collectively the “Principles”). For a list of Broadridge entities that adhere to the Principles see Exhibit A. If there is any conflict between this Privacy Statement and the Principles, the relevant Principles shall govern. The U.S. Federal Trade Commission has jurisdiction over Broadridge’s compliance with the Frameworks. To learn more about the Data Privacy Framework program, and to view our certification, please visit https://www.dataprivacyframework.gov/.

Notice and Choice. We collect the categories of Personal Information described in and process the Personal Information for the purposes stated in the “Our Collection, Use and Disclosure of Personal Information pertaining to Professionals and Commercial Clients” section above. Broadridge commits to process the Personal Information we receive under the Frameworks in accordance with the relevant Principles, as applicable. In the event that we collect and transfer any sensitive Personal Information about you (i.e., Personal Information specifying medical or health conditions, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership or information specifying the sex life of the individual), we will obtain prior affirmative, express consent from you if such data will be (i) disclosed to a third party or (ii) used for a purpose other than those for which it was originally collected or subsequently authorized by you.

Access Rights and Privacy Choices. Pursuant to the Frameworks, EEA, UK, and Swiss individuals (“you”) have the right to obtain confirmation of whether we maintain your Personal Information in the United States. Upon request, we will provide you with access to the Personal Information that we hold about you. You may also request that we correct, amend, or delete the Personal Information we hold about you. To request access to, or correction, amendment, or deletion of your Personal Information that we have transferred to the United States under the Frameworks, please contact us as set forth below under “Contact Us”. You may also opt out of our disclosure of your Personal Information to a third-party (other than our agents), or opt-in for sensitive data before the use of your Personal Information for a purpose that is materially different from the purpose(s) for which the Personal Information was originally collected or subsequently authorized by you. To do so, please see the “Contact Us” section below.

Transfers to Third Parties / Onward Transfers. As described in more detail in the “Our Collection, Use and Disclosure of Personal Information pertaining to Professionals and Commercial Clients” section of this Privacy Statement, we transfer Personal Information to our third party service providers and contractors (e.g., to investigate suspected fraud, verifying identity, potential threats to safety of third parties) who process Personal Information on our behalf and as directed by us (collectively, “agents”). To the extent we transfer your Personal Information to our agents, Broadridge recognizes its responsibility and potential liability for onward transfers to such agents, and remains liable under the Frameworks for actions or omissions of its agents in violation of the Principles, unless it is not responsible for the event giving rise to the damage. Please note that in accordance with our legal obligations, we may be obligated to disclose certain Personal Information in response to lawful requests by public authorities, including to meet national security or law enforcement requirements.

Contacting Us, Complaints, and Dispute Resolution. In compliance with the respective Frameworks, Broadridge commits to resolve complaints about our collection and use of your Personal Information that we receive pursuant to the Frameworks. EU, UK, and Swiss individuals with inquiries or complaints relating to our handling of Personal Information received in reliance on the Frameworks should first contact us as set forth below. We will work to resolve your issue as quickly as possible and in accordance with applicable laws.

Broadridge further commits to refer unresolved complaints concerning our handling of Personal Information received in reliance on the Frameworks to the BBB National Programs Data Privacy Framework Services, operated by the BBB National Programs, an alternative dispute resolution provider based in the United States. If you do not receive timely acknowledgment of your complaint from us, or if we have not addressed your complaint to your satisfaction, please visit www.bbbprograms.org/dpf-complaints for more information or to file a complaint. This service is provided free of charge to you.

With respect to Personal Information about Broadridge employees, Broadridge commits to cooperate and comply, respectively, with the advice of the panel established by the EU data protection authorities (DPAs), the UK Information Commissioner’s Office (ICO) and the Gibraltar Regulatory Authority (GRA), and the Swiss Federal Data Protection and Information Commissioner (FDPIC) with regard to unresolved complaints concerning our handling of such Personal Information received in reliance on the Frameworks.

Binding Arbitration. If your complaint cannot be resolved through the above channels, under certain conditions, you may invoke binding arbitration for some residual claims not resolved by other redress mechanisms. For additional information, please review the DPF Principles Annex 1 at https://www.dataprivacyframework.gov/framework-article/ANNEX-I-introduction.

Contact Us. You may contact us with any inquiries or complaints regarding our Data Privacy Framework compliance via email at privacy@broadridge.com  or via mail at Broadridge Financial Solutions, Inc., Attn:  General Counsel, 5 Dakota Drive, Suite 300, Lake Success, New York 11042, USA. We will respond within 45 days.

Additional Information for California Residents

This Broadridge Privacy Statement provides most of the information required by the California Consumer Privacy Act and the California Privacy Rights Act (collectively, the “CCPA”). This supplemental privacy notice gives California residents the additional information required by the CCPA. Please note, if we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and to exercise your rights. These companies can authenticate you and provide information about the rights that you may have under CCPA or other applicable laws.

  1. Your California Privacy Rights

The CCPA provides California residents with specific privacy rights:

  • The right to know what Personal Information and sensitive Personal Information we collect;
  • The right to access your Personal Information;
  • The right to correct inaccurate Personal Information;
  • The right to request that we delete your Personal Information;
  • The right to know what categories of Personal Information are sold to third parties and to opt-out of that sale;
  • The right to know what categories of Personal Information are shared with third parties for cross-contextual behavioral targeting and to opt-out that sharing;
  • The right to limit the use and disclosure of sensitive Personal Information; and
  • The right not to be retaliated against for exercising your privacy rights.

Personal Information of children under 16 cannot be sold or shared without affirmative consent. We do not knowingly sell or share any Personal Information pertaining to children.

If you are a California resident, you may exercise your rights by:

Broadridge Financial Solutions, Inc.
Attn: Chief Privacy Officer
5 Dakota Drive
Suite 300
Lake Success, New York 11042 USA

If you would like to designate an agent, please send an email from your own email address to privacy@broadridge.com indicating the name and email address of your agent. We will respond to that person’s requests using both your email address and the agent’s email address.

If you are exercising CCPA access or deletion rights on behalf of another person, please understand that we will need to verify your authority with the person you seek to represent. 

We will not retaliate against you if you exercise your rights under CCPA.

  1. Additional CCPA Right to Know Disclosures

Broadridge uses and discloses the following categories of sensitive Personal Information as described in more detail in this Privacy Statement. We do not process any sensitive Personal Information for the purpose of informing characteristics about you.

Category of Sensitive Personal Information

Purposes for Use and Disclosure

Can you limit this Use and Disclosure?

Government-issued Identification Numbers

We use and disclose Government-issued Identification Numbers in connection with processing of transactions or to perform our client contracts.

No

Account log-in credentials

We use and disclose account access information as needed to allow you to access your account, for account security purposes.

No

Financial account or payment card numbers

We use and disclose financial account and payment card numbers as needed to process transactions.

No

Precise Geolocation Data

If you authorize our use of precise geolocation data in our mobile apps, we will use it to deliver content to you based on your location.

Yes, you can disable sharing location data with us by changing the setting on your mobile device

Other than in connection with an individual’s employment with Broadridge, we do not collect other categories of sensitive Personal Information, such as biometric identifiers, the contents of mail, email or texts, or non -public information about your race, ethnicity, health, sex life or sexual orientation.

  1. Sale of Personal Information and Sharing of Personal Information for Cross-Contextual Behavioral Targeting; Collection of Personal Information by Third Parties

Broadridge does not sell individual consumer or account holder Personal Information. However, AdvisorTarget, a subsidiary of Broadridge, includes certain personal information about financial advisors and their practices in reports it sells to its clients. You can opt-out of AdvisorTarget’s sale of your Personal Information by visiting AdvisorTarget’s privacy portal at Your Privacy Choices.

Some Broadridge websites allow third party advertising partners to utilize cookies, web beacons or other technologies to deliver ads to you on our sites and to deliver our advertisements to you on other sites. These third parties may collect information about your online activities on our websites, and they may use persistent identifiers to track you over time and across different websites and other online services. You can opt-out of our sharing of your data for cross contextual behavior advertising by visiting our privacy rights portal at Your Privacy ChoicesOur websites also recognize Global Privacy Control signals and will respect your opt-out request if it is provided by your browser.

  1. Financial Incentives

Broadridge does not offer financial incentives for the collection or sale of Personal Information. We may offer individuals the opportunity to receive free content (such as white papers or reports) if they register with their email. If you ask us to delete your information, you will not be able to receive new content, but you can continue to use content that was sent to you previously.

Additional Information for Brazilian Residents

Broadridge is providing this supplemental privacy notice to give individuals in Brazil the additional information required by Federal Law No. 13,709/2018 - General Data Protection Law of Brazil (“LGPD”). These provisions, together with the statements in this Broadridge Privacy Statement, explain our practices for personal data subject to LGPD (“Brazilian Data”).

1. Information about Broadridge

This notice is being provided by Broadridge Financial Solutions, Inc.

Broadridge Financial Solutions, Inc.
Attn: General Counsel
5 Dakota Drive
Suite 300
Lake Success, New York 11042 USA

Our Brazilian affiliate is:

Broadridge Trading and Connectivity Solutions do Brazil LTDA

You may also contact the Broadridge Privacy Office by email at privacy@broadridge.com.

2. The Purposes and Legal Basis for Processing, including Legitimate Interests

This Broadridge Privacy Statement explains the reasons why we process Brazilian Data. We only process Brazilian Data when we have a legal basis for the processing, such as for the following types of processing activities:

  • To fulfill a contract with you or with your company (including providing support and service);
  • For closely related purposes, such as payment processing, account management, contract management, website administration, business continuity and disaster recovery, security and fraud prevention, corporate governance, reporting and legal compliance; and
  • With your consent (or provided you have not objected, as may be applicable), to respond to requests for information and to provide you with marketing communications.

We may also process your personal data for the purposes of our legitimate interests (or for the legitimate interests of your company), provided that such processing shall not outweigh your rights and freedoms. In particular, we may process Brazilian Data as needed to:

  • Provided you have not objected, send you our own marketing materials;
  • Protect you, Broadridge or others from threats (such as security threats or fraud);
  • Comply with the laws that are applicable to us around the world;
  • Enable or administer our business, such as for quality control, analytics, consolidated reporting, and product development;
  • Manage corporate transactions, such as mergers or acquisitions; and
  • Understand and improve our business or customer relationships generally.

3. Automated Decision-Making and Profiling

We may use analytics for product development purposes, such as to understand product usage, or for security purposes, such as to identify unauthorized login attempts. We will not make automated decisions about you that may significantly affect you, unless: (1) the decision is necessary as part of a contract that we have with you; (2) we have your explicit consent; or (3) we are required by law to use the technology.

4. When You are Required to Provide Personal Data to Broadridge

In most cases, you are not required by law to provide any personal data to Broadridge. You are required to provide certain personal data to enable us to enter into a contract with you, so that you can use our products and services, or to receive marketing materials or communications, including name and business contact information. Our registration forms indicate which data elements are required.

5. Your Rights

As noted in this Broadridge Privacy Statement, you always have the right to object to our marketing communications. To opt-out of emails, simply click the link labeled “unsubscribe” at the bottom of any email we send you. To revoke permissions that you may have given to send text messages, text STOP in response to any message.

Broadridge also respects the rights of Brazilian residents to access, correct and request erasure or restriction of their personal data as required by LGPD. This means:

  • You have a right to know if Broadridge maintains your personal data;
  • If we do have your personal data, you have the right to have access to the data;
  • You have the right ask us to correct or update incomplete, inaccurate or outdated information;
  • You have the right to ask us to anonymize, block or eliminate any unnecessary or excessive personal data, or any personal data processed in non-compliance with LGPD;
  • You have the right to data portability, in accordance with national authority regulations;
  • You have the right to receive information about the public and private entities with which we have shared your personal data; and
  • If we are processing your personal data on the basis of your consent, you also have the right to: (1) be informed about the possibility of not providing consent and consequences of not providing consent; (2) revoke your consent; and (3) ask us to delete your personal data, subject to our rights to retain data as provided by LGPD.

To exercise these rights, please contact the Broadridge Privacy Office, and a member of our privacy team will assist you. Please understand that we may need to verify your identity before we can process your request. Additionally, your rights may be subject to some limitations as provided by LGPD. If we deny your request, we will explain the reasons for the denial.

If Broadridge is processing your personal data as a data processor, we will refer you to our client for assistance with these requests. Broadridge supports its clients in responding to requests as required by law.

If you believe that we have processed your personal data inappropriately, you may also contact the Broadridge Privacy Office or other supervisory authority. You may reach our Privacy Office by writing to privacy@broadridge.com.

6. Data Sharing

As noted in this Broadridge Privacy Statement, we only share Brazilian Data:

  • With our affiliates, who use the personal data for the purposes set forth above;
  • With our service providers (data processors) or others as needed to provide the services to you;
  • If you are affiliated with one of our clients, we may share your personal data with that client;
  • With your consent; or
  • As permitted by LGPD (such as in connection with the sale of business assets) or required by law.

7. International Transfers

As noted in this Privacy Statement, your personal data may be transferred to, stored at, or processed in the United States and other countries which may not have equivalent privacy or data protection laws. However, Broadridge provides that Brazilian Data are always processed in compliance with LGPD. Please contact the Broadridge Privacy Office if you would like more information about our cross-border transfers.

8. Data Retention

We will retain your personal data for as long as the information is needed for the purposes set forth in Section 2 above and for any additional period that may be required or permitted by law. You may request that we delete your personal data by contacting the Broadridge Privacy Office. If we do not have a legal basis for retaining your information, we will delete it in accordance with applicable law.

How to Contact Us and Our Chief Privacy Officer

Please contact us if you have any questions or comments about our privacy practices or this Privacy Statement. You can always reach us via email at privacy@broadridge.com. You can also reach us via mail at the postal address provided below.

Broadridge Financial Solutions, Inc.
Attn: Chief Privacy Officer
5 Dakota Drive
Suite 300
Lake Success, New York 11042
USA

This Privacy Statement was last updated June 6, 2024.

Exhibit A

Name:

Access Data Corp.

BFILS US Credit LLC

Bonaire Software Solutions, LLC

Broadridge Business Process Outsourcing, LLC

Broadridge Corporate Issuer Solutions, LLC

Broadridge Fixed Income Liquidity Solutions, LLC

Broadridge Fluent Solutions, LLC

Broadridge FX and Liquidity Solutions, LLC

Broadridge Investor Communication Solutions, Inc.

Broadridge Mail, LLC

Broadridge Managed Solutions, Inc.

Broadridge Output Solutions, LLC

Broadridge Securities Processing Solutions, LLC

Broadridge SPS, LLC

Broadridge Trading and Connectivity Solutions, Inc.

Fi360, Inc.

Broadridge Wealth Aggregation and Insights, Inc.

LiquidX, Inc.

Matrix Trust Company

Matrix Settlement & Clearance Services, LLC

QED Financial Systems, Inc.

605 Studios, LLC

 


1 Everyday Business Purposes encompasses the Business Purposes (as defined by California law) and following related purposes for which any Personal Information may be processed:

  • To provide the information, product or service requested by the individual or as reasonably expected given the context in which with the Personal Information was collected (such as customer credentialing, providing customer service and preference management, providing product updates, bug fixes or recalls, and dispute resolution);
  • For identity and credential management, including identity verification and authentication, system and technology administration;
  • To protect the security and integrity of systems, networks, applications and data, including detecting, analyzing and resolving security threats, and collaborating with cybersecurity centers, consortia and law enforcement about imminent threats;
  • For fraud detection and prevention;
  • For legal and regulatory compliance, including all uses and disclosures of Personal Information that are required by law or as reasonably needed for compliance with company policies and procedures, such as: anti-money laundering programs, security and incident response programs, intellectual property protection and anti-piracy programs, and corporate ethics and compliance hotlines;
  • For corporate audit, analysis and reporting;
  • To enforce our contracts and to protect against injury, theft, legal liability, fraud or abuse;
  • To protect people or property, including physical security programs;
  • To de-identify the data or create aggregated datasets, such as for consolidating reporting, research or analytics;
  • To make back-up copies for business continuity and disaster recovery purposes; and
  • For corporate governance, including mergers, acquisitions and divestitures.

back