Close

The right insights, right now

Access the latest news, analysis and trends impacting your business.

Explore our insights by topic:

About Broadridge

Privacy Statement

Broadridge Financial Solutions, Inc., including its subsidiaries and affiliates (collectively, “Broadridge”), is committed to respecting privacy. Our Global Privacy Program is designed to help ensure that we handle Personal Information appropriately. The statements below provide information about how we collect and use Personal Information from our clients, service providers, and from individuals who interact with us directly, including through www.broadridge.com and other Broadridge websites, mobile applications, or hosted websites that link to this Privacy Statement. If you have any additional questions about the privacy of your Personal Information, please contact the Broadridge Privacy Office via email at privacy@broadridge.com.

  1. Broadridge Privacy Statement

  2. Broadridge Cookie and Online Privacy Notice

  3. Important Information for EEA, United Kingdom and Swiss Residents

  4. Important Information for California Residents

  5. Important Information for Brazilian Residents

  6. How to Contact Us and Our Chief Privacy Officer

Broadridge Privacy Statement

This Privacy Statement describes the practices that Broadridge will follow with respect to the Personal Information (defined below) it collects from our clients, service providers and from individuals who interact with us directly, including through www.broadridge.com and other Broadridge websites, mobile applications, or hosted websites that link to this Privacy Statement. Broadridge provides services to financial institutions and corporations, The Personal Information we collect for our own purposes generally pertains to financial professionals, such as investment advisors, financial planners and the professionals who work for our institutional and corporate clients.

Broadridge also operates as a service provider to our clients, including banks, brokers, mutual funds, corporations and other business entities. As a service provider, we collect and use consumer personal information as authorized by our contracts with our clients. If we have collected or received your information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and make requests to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests.

Our Collection, Use and Disclosure of Personal Information pertaining to Professionals and Commercial Clients

Personal Information” or “PI” is any information that can be used to identify, locate or contact you. It also includes other information that may be associated with your name or other identifiers. The chart below describes the categories of Personal Information we collect, the sources of that information, the reasons we collect it, and the types of people to whom we may disclose the information.

Please note that we may use and disclose any Personal Information for our “Everyday Business Purposes”1 as permitted by law. We may also disclose any Personal Information to our affiliates and to the service providers and contractors that need to use the information to provide services to us. We have contracts with these companies that require them to protect our information and to comply with law. We may also disclose any information when required by law, such as to law enforcement agencies or to parties in litigation, or to the company you work for, when we are providing services to that company.

Category and Sources of PI

Purposes for Collecting this PI

Disclosures of this PI

Business Contact Information 

This is the type of information that can be found on your business card, such as your name and title, company affiliation, mailing address, email address and telephone number.

We collect this type of information from you and from publicly available sources, such as financial institution sites and social media sites. We also may receive your data from third parties, such as trade associations or trade shows.

We use this type of information to identify you and communicate with you, including:

  • To send transactional messages (such as service confirmations);
  • To send marketing communications, surveys and invitations; and
  • To personalize our communications and provide customer service.

We may disclose this type of information to our service providers and contractors and to:

  • Entities that deliver our communications, such as telecommunications carriers, couriers or the postal service; and
  • Social media companies such as LinkedIn which use the data only to identify which of our clients use their platforms so that we can deliver ads to you on the platform.

Business Customer Information

We collect “B2B” Personal Information about business professionals associated with our commercial clients, suppliers and partners in the context of our relationships we have with these companies. This includes:

  • Information about your authority to use our products and place orders with us;
  • Transaction records, including product usage, customer service, training and related records;

We use this type of information:

  • To fulfill our business relationship with you and/or our client;
  • To develop and maintain our relationship with you and our client, including sending you marketing communications as permitted by law and subject to your preferences;
  • For internal business purposes, such as finance, quality control, training, reporting and analytics;
  • For risk management, fraud prevention and similar purposes; and

We may disclose this type of information to:

  • our service providers and contractors; and
  • the company you work for, and other companies (such as your company’s affiliates and service providers), as needed for the commercial relationship (such as including your information on purchase documents that you authorize).
  • To provide the information, product or service requested by the individual or as reasonably expected given the context in which with the Personal Information was collected (such customer credentialing, providing customer service and preference management, providing product updates, bug fixes or recalls, and dispute resolution)
  • For identity and credential management, including identity verification and authentication, system and technology administration
  • To protect the security and integrity of systems, networks, applications and data, including detecting, analyzing and resolving security threats, and collaborating with cybersecurity centers, consortia and law enforcement about imminent threats
  • For fraud detection and prevention,
  • For legal and regulatory compliance, including all uses and disclosures of Personal Information that are required by law or for reasonably needed for compliance with company policies and procedures, such as: anti-money laundering programs, security and incident response programs, intellectual property protection and anti-piracy programs, and corporate ethics and compliance hotlines,
  • For corporate audit, analysis and reporting,
  • To enforce our contracts and to protect against injury, theft, legal liability, fraud or abuse, to protect people or property, including physical security programs
  • To de-identify the data or create aggregated datasets, such as for consolidating reporting, research or analytics,
  • To make back-up copies for business continuity and disaster recovery purposes, and
  • For corporate governance, including mergers, acquisitions and divestitures.

Category and Sources of PI

Purposes for Collecting this PI

Disclosures of this PI

  • Professional interests and credentials;
  • Relationship information, including marketing and communication preferences; and
  • Visitor logs.

    We collect this type of information from you and from your company. We also may receive your data from third parties, such as trade associations or trade shows.

  • For recordkeeping and compliance, including dispute resolution.

    Unique Identifiers

    Such as:

    • System identifiers;
    • Device identifiers; and
    • Advertising ID

    We collect this type of information from your devices and from our online partners, such as third parties, who place cookies containing advertising IDs on your devices for us.

    We use this type of information:

    • To identify you or your device, including to associate you with different devices that you may use;
    • For record-keeping and reporting, including for data matching;
    • For metrics and analytics; and
    • For online ad delivery and personalization.

    We may disclose this type of information to our service providers and contractors that fulfill orders and support our information technology and security programs, including companies that assist us with fraud prevention, detection and mitigation.

    Advertising ID is shared with third party network advertising partners.

    You can opt-out of the sale or sharing of your information with third parties by visiting Your Privacy Choices.

    Account Access Information

    Such as:

    • Usernames and/or passwords; and
    • Account recovery information (such as security questions and answers).

    We collect this type of information from you, when you establish an account or change your password. We may create this information for you, such as if we assign you a username or account number or issue you a temporary password.

    We use this type of information:

    • To identify and authenticate you;
    • To enable you to engage in transactions with us (such as interacting with us online); and
    • For security and similar purposes.

    We may disclose this type of information to our service providers and contractors that assist with our information technology and security programs.

    Online & Technical Information

    Such as:

    • IP Address;
    • Device identifiers;
    • Device characteristics, including precise geolocation data;
    • Server and application logs; and
    • Data from cookies, pixel tags and other online tools.

    We collect this type of information from your computer or devices when you interact with our platforms, websites and applications. For example, when you visit our websites, our server logs record your IP address and other information. We may also receive this information from third parties, including computer security services and advertising partners.

    Please read our Cookie and Online Privacy Notice to learn more.

    We use this type of information:

    • For system administration, technology management, including optimizing our websites and applications;
    • For information security and cybersecurity purposes, including detecting threats;
    • For other authorized purposes, such as if you consent to our use of precise geolocation data to deliver content to you based on your location;
    • For recordkeeping, including logs and records that are maintained as part of transaction information;
    • To better understand our clients and prospective clients and to enhance our relationship information, including by associating you with different devices and browsers; and
    • For online targeting and advertising purposes.

    We may disclose this type of information to our service providers and contractors who support our information technology programs or host our websites and to third party network advertising partners.

    You can opt-out of the sale or sharing of your information with third party advertising partners by visiting Your Privacy Choices.

    Audio Visual Information

    Such as:

    • Call center recordings;
    • Voicemails; and
    • CCTV recordings.

    We collect this type of information from you, and automatically, such as when we record calls to our call center and use CCTV cameras in our facilities.

    We use this type of information:

    • For internal business purposes, such as call recordings used for training, coaching or quality control; and
    • For premises security purposes and loss prevention.

    We may disclose this type of information to our service providers and contractors that support our information technology and security programs, and our loss prevention programs.

    Compliance data

    Such as:

    • Records that demonstrate compliance with applicable laws, such as tax laws, occupational safety laws or privacy laws;
    • Records related to our internal compliance programs, such as data related to anti-money laundering and intellectual property programs; and
    • Records relating to complaints and internal investigations.

    We collect this type of information from you and from third parties, including companies that help us conduct internal investigations.

    We use this type of information:

    • To comply with and demonstrate compliance with applicable laws;
    • For legal matters, including litigation and regulatory matters, including for use in connection with civil, criminal, administrative, or arbitral proceedings, or before regulatory or self-regulatory bodies, including service of process, investigations in anticipation of litigation, execution or enforcement of judgments and orders; and
    • For internal business purposes, such as risk management, audit, internal investigations, reporting and analytics.

    We may disclose this type of information to our service providers and contractors, including our lawyers, auditors and consultants, and to:

    • Clients, in connection with their audits of Broadridge; and
    • Other entities (including government agencies, courts and opposing law firms, consultants, process servers and parties to litigation) in connection with legal matters as required or permitted by law.

    Please note that we may also use and disclose information about you that is not personally identifiable. For example, we may publish reports or create products that contain de-identified, aggregated or statistical data. These reports and products do not contain any information that would enable the recipient to contact, locate or identify you.

    Broadridge does not sell any Personal Information for monetary consideration. We may share Personal Information for cross-contextual behavioral advertising or online targeted advertising. You can opt-out of our sharing of your data for these purposes by visiting our privacy rights portal at Your Privacy Choices.

    Client Confidential Information

    Broadridge collects and processes consumer Personal Information as a service provider to our clients. All such consumer information we process is considered Confidential Information of our clients, and we only use and disclose this information to provide services to our clients and as instructed by our clients. Many of our clients are financial institutions which are regulated by laws such as the Gramm-Leach-Bliley Act (“GLBA”), which, among other things, protects non-public personal financial information of individuals who obtain financial services from those financial institutions for personal, family, or household use. GLBA addresses both financial privacy and safeguards to secure information. Broadridge acts as a service provider to these clients, as defined under GLBA.

    In some cases, we operate or host websites owned by our clients. On behalf of our clients, we may collect Personal Information (including sensitive Personal Information) when users access their accounts online or conduct transactions. All information collected via these hosted sites is considered Confidential Information of our clients. We also receive Personal Information directly from our clients for processing, which is also Confidential Information of our clients.

    Our contracts with our clients govern the processing of this Confidential Information, and the clients’ privacy statements provide information about their privacy practices. If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and make requests to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests.

    Your Privacy Rights

    Broadridge respects your rights to access, correct and request erasure or restriction of your Personal Information as required by law. Depending on your country or state of residence, these rights may include:

    • The right to be informed about our collection, use and disclosure of your Personal Information;
    • The right to know if we maintain your Personal Information, and if we do, to access that information (subject to the rights of others) and to request that we provide your information in a portable format;
    • The right to ask us to correct your information if it is incomplete or incorrect;
    • The right to object to our processing of your Personal Information, including the rights to object to:
      • the sale of your Personal Information;
      • the sharing or use of your Personal Information for certain types of online targeted advertising;
      • the use of profiling or automated decision-making which might significantly affect you;
      • certain secondary uses and disclosures of sensitive Personal Information;
    • The right to withdraw your consent at any time, if we are processing your Personal Information based on your consent; and
    • The right to ask that we delete your Personal Information.

    Depending on where you reside, you may have additional rights under applicable law. To learn more and to exercise your rights, please visit our privacy rights portal at Your Privacy Choices or contact us via email at privacy@broadridge.com. We will need to confirm your identity before we can fulfill most requests, as we need to be sure that your Personal Information is not disclosed to an unauthorized recipient.

    Please understand that these rights are subject to some limitations. For example, we may require documentation to support certain corrections to your information, and we generally cannot restrict or delete Personal Information in those situations where our retention is required for our internal business purposes or to comply with law.

    We will not retaliate against you if you exercise your privacy rights.  

    If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and make requests to exercise your rights. Broadridge supports our clients as needed to help them respond to such requests.

    Cross-Border Transfers of Personal Information

    Broadridge is headquartered in the United States and has offices, affiliates and service providers around the world. Your Personal Information may be transferred to other countries, which may not have similar privacy or data protection laws to those where you live. However, Broadridge will always protect your Personal Information, no matter where it may be stored. 

    If you are located outside the United States, we generally use approved Standard Contractual Clauses to authorize the transfers for Personal Information and to demonstrate that the information remains adequately protected. Please contact us via email at privacy@broadridge.com if you would like to learn more about our cross-border transfers.

    Analytics, Profiling and Automated Decision-Making

    We may use analytics to understand how individuals interact with us and our products, such as to assess engagement and for personalization and product development purposes. We also use analytics for security and fraud prevention purposes. However, we do not use profiling or automated decision-making tools to make decisions that produce legal or similarly significant legal effects for you. Any such decisions are made only based on human review.

    Information Security

    We take reasonable steps to help prevent the loss, misuse and alteration of the information under our control. For example, we have implemented physical, logical and administrative safeguards to protect and secure the information we process and maintain. We also use encryption and firewall technologies to protect sensitive information during online transmissions.

    If you have registered at a Broadridge website or a hosted website, we recommend that you do not divulge your password to anyone. We will never ask you for your password in an unsolicited phone call or in an unsolicited e-mail. Also remember to sign out of the registered site and close your browser window when you have finished your work. This is to ensure that others cannot access your Personal Information and correspondence if others have access to your computer.

    Data Retention

    We will retain your Personal Information for as long as the information is needed for the purposes listed above and for any additional period that may be required or permitted by law, such as for business, legal, accounting, or reporting requirements or pursuant to client contract requirements.

    The length of time your Personal Information is retained depends on the purpose(s) for which it was collected, how it is used, and the requirements to comply with applicable laws or client contracts. If you would like us to delete your Personal Information collected directly by Broadridge, please contact us via email at privacy@broadridge.com. If we do not have a legal basis for retaining your information, we will delete it as required by applicable law. If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to deleting your Personal Information.

    Changes to this Privacy Statement

    From time to time, we may update this Privacy Statement to reflect new or different privacy practices. The updated Privacy Statement will include the date it was last updated. Additionally, if the changes will materially affect the way we use or disclose previously collected Personal Information, we will notify you about the change.

    Privacy Protection Policy for Social Security Numbers

    Broadridge may collect Social Security numbers in the ordinary course of certain of our businesses. Broadridge has implemented reasonable technical, physical and administrative safeguards to help protect the Social Security numbers from unlawful use and unauthorized disclosure. All Broadridge employees and service providers are required to follow these established procedures. 

    In particular:

    • Access to Social Security numbers is limited to those associates and service providers who have a need to access the information to perform tasks for Broadridge; and
    • Social Security numbers are only disclosed to third parties in accordance with Broadridge’s established policies. Broadridge will only disclose Social Security numbers to those service providers, auditors, advisors, and/or successors in interest who are legally or contractually obligated to protect them or as required or permitted by law.

    Other sites

    Broadridge sites may contain links to other sites, including those of our service providers. While we seek to link only to sites that share our high standards and respect for privacy, we are not responsible for the privacy practices employed by other sites.

    Job Applicants and Human Resources (HR) Data

    If you have applied for employment with Broadridge, the Personal Information submitted with your job application will be used only for recruitment and other customary human resources purposes. Prospective, current and former employees and others whose data are processed in connection with our human resources activities may contact the Broadridge Privacy Office via email at privacy@broadridge.com or our Human Resources Department to get information about Broadridge’s Human Resources privacy practices.

    Broadridge Cookie and Online Privacy Notice

    When you visit our website or use our mobile applications, we may collect certain information by automated means, using technologies such as cookies, pixel tags, browser tracking analysis tools, server logs and web beacons. We do not, however, use tracking or cookie technology on pages of our websites that provide “Notice and Access” hosting services to clients.

    Cookies

    When you visit our website, we place cookies on your computer. Cookies are small text files that websites send to your computer or other Internet-connected device to uniquely identify your browser or to store information or settings in your browser. Cookies allow us to recognize you when you return. You have choices about these cookies.

    To learn more about the cookies we place and to exercise your choices, please visit our privacy rights portal at Your Privacy Choices.

    Click on the different category headings to find out more and change our default settings according to your preference. You cannot opt-out of our Strictly Necessary Cookies as they are deployed in order to ensure the proper functioning of our website (such as prompting the cookie banner and remembering your settings, to log into your account, to redirect you when you log out, etc.). However, you can opt-out of our use of Performance, Functional and Targeting Cookies.

    Other Data Collection Technologies

    We may also use Flash Cookies (also known as Local Stored Objects) and similar technologies to personalize and enhance your online experience. We use Flash cookies for security purposes and to help remember settings and preferences. We do not use Flash cookies or similar technologies for behavioral or interest-based advertising purposes. The Adobe Flash Player is an application that allows rapid development of dynamic content, such as video clips and animation. To manage Adobe Flash cookies, please visit Adobe’s website at www.adobe.com.

    These technologies also help us provide a customized experience and enable us to detect certain kinds of fraud. In many cases, you can manage cookie preferences and opt-out of having cookies and other data collection technologies used by adjusting the settings on your browser. All browsers are different, so visit the “help” section of your browser to learn about the privacy settings that may be available. We do not use Flash Cookies to deliver targeted advertising.

    In connection with marketing efforts, we may use pixel tags and web beacons, which are tiny graphic images placed on website pages or in our emails that allow us to determine whether you have performed a specific action. When you access these pages or open or click an email, the pixel tags and web beacons generate a notice of that action. These tools allow us to measure responses to our communications and improve our websites and promotions. Information collected using these technologies in our e-mails may be associated with the recipient’s e-mail address.

    For example, we may collect information from the device you use to access our website, including your operating system type, browser type, domain, and other system settings, as well as the language your system uses and the country and time zone where your device is located. Our server logs also record the IP address assigned to the device you use to connect to the Internet. An IP address is a unique number that devices use to identify and communicate with each other on the Internet. We may also collect information about the website you were visiting before you visited our websites.

    In many cases, the information we collect using cookies and other tools is only used in a non-identifiable way, without any reference to Personal Information. For example, we use information we collect about all website users to optimize our websites and to understand website traffic patterns. In some cases, we do associate the information we collect using cookies and other technology with your Personal Information.

    On some of our sites, such as www.broadridge.com and certain annual meeting websites (e.g., the Virtual Shareholder Meeting, which may be customized for our client), and mobile applications, Broadridge directly or through third parties uses web analytics tools to provide Broadridge or its clients with information about the use of these websites. 

    Google Analytics

    Google Analytics is a web analytics tool provided by Google, Inc. that helps website owners understand how visitors engage with their website. Broadridge may use Google Analytics to view a variety of reports about how visitors interact with our websites so that we can improve them. Google Analytics uses cookies and other tools, which generate information about your use of our website (including your IP address). This information is transmitted to and stored by Google on servers in the United States. Google uses this information to evaluate your use of our website, report on website activity and provide other services to us. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google may combine this information with other data held by Google pursuant to Google’s privacy policy available on Google’s website. You may refuse the use of cookies by opting-out of our collection of data via Performance, Functional and Targeting Cookies through our privacy rights portal at Your Privacy Choices. For more information on how Google Analytics uses the information it collects, please visit “How Google uses information from sites or apps that use our services”, located at www.google.com/policies/privacy/partners/.

    Social Media Interactions and Interest-based Ads

    Our websites may enable you to interact with us and others via social media platforms, such as Facebook, Google, Twitter, LinkedIn and Instagram. While we respect each social media platform’s privacy policies, we may collect Personal Information about you if you choose to use these tools.

    We may display interest-based ads to you when you are using these platforms. These platforms allow us to personalize the ads that we display to you. We do not share any of your Personal Information with these platforms, although we may convert your Personal Information collected into unique numbers which can be matched by the platform with its user to allow delivery of the advertising. Although we do not provide any Personal Information to these platforms, they may gain insights about individuals who respond to the ads we display.

    To opt out of data sharing and online targeted advertising by Broadridge, visit our privacy rights portal at Your Privacy Choices.

    Other Third Party Relationships

    Segment is an analytics tool provided by Segment.io, Inc. that helps Broadridge collect and manage information about how visitors interact with our websites and marketing communications. Some of Segment’s data collection is facilitated by cookies, JavaScript libraries or web beacons and pixels. Broadridge also uses Segment to more efficiently route data to other services, and to control how data is exchanged between these services. This data may include information about the identity of users (such as name, postal address, e-mail address, IP address and phone number), as well as information about the websites they visit, the features they use, and the actions they take.

    Broadridge also uses web analytics tools provided by Adobe. These tools also provide reporting and analytics functions that help us understand how visitors engage with our websites. To learn more about the Adobe analytics products, please visit http://www.adobe.com/privacy/marketing-cloud.html.

    Broadridge provides a third party, Demandbase, Inc., with the IP addresses recorded by Broadridge’s server logs of visitors to Broadridge’s sites. Demandbase’s web analytics identify information about visitors to Broadridge’s sites, including, without limitation, industry, size, location and revenue, based on Demandbase’s database of company IP addresses.

    You may refuse the use of these companies’ cookies by opting-out of our collection of data via Performance, Functional and Targeting Cookies through our privacy rights portal at Your Privacy Choices.

    Important Information for EEA, United Kingdom and Swiss Residents

    Broadridge is providing this additional information, as required by the EU General Data Protection Regulation, for the benefit of individuals in the European Economic Area (EEA), United Kingdom and Switzerland, to explain our practices with regard to European Economic Area (EEA), United Kingdom and Swiss personal data.

    1. Information about Broadridge

    Broadridge Financial Solutions, Inc.
    Attn: General Counsel
    5 Dakota Drive
    Suite 300
    Lake Success, New York 11042
    USA

    Email: privacy@broadridge.com

    If you have a question about our practices with respect to EEA, United Kingdom or Swiss Personal Information, please email us at privacy@broadridge.com and your request will be addressed by our European data protection officer who can assist you.

    1. The Purposes and Legal Basis for Processing, including Legitimate Interests

    We only process Personal Information when we have a legal basis for the processing, such as:

      • To fulfill a contract with you or our client; and
      • With your or our client’s consent (where required and provided you have not objected, as may be applicable).

    We may also process your Personal Information for our legitimate interests, provided that such processing shall not outweigh your rights and freedoms. In particular, we may process your Personal Information as needed to:

      • protect you, us or others from threats (such as security threats or fraud);
      • comply with the laws that are applicable to us around the world;
      • enable or administer our business, such as for the provision of services to our clients, quality control, consolidated reporting, and client service;
      • market our products and services to existing and prospective clients
      • manage corporate transactions, such as mergers or acquisitions; and
      • understand and improve our business or client relationships generally.
    1. The Purpose for which we Process your Personal Information

    We process your Personal Information for the legitimate interests we have referred to above and for the following purposes:

      • processing of customer data in accordance with our client contracts; and
      • payment processing and financial account management, contract management, website administration, business continuity and disaster recovery, security and fraud prevention, corporate governance, reporting and legal compliance.
    1. Your Rights

    You always have the right to object to our marketing communications. To opt-out of emails, simply click the link labeled “unsubscribe” at the bottom of any email we send you. To revoke permissions that you may have given to send text messages, text STOP in response to any message.  

    Broadridge also respects the rights of EEA, United Kingdom and Swiss residents to access, correct and request erasure or restriction of their Personal Information as required by law. This means:

      • you generally have a right to know whether or not Broadridge maintains your Personal Information. If we do have your Personal Information, we will provide you with a copy (subject to the rights of others). If your information is incorrect or incomplete, you have the right to ask us to update it;
      • you have the right to object to our processing of your Personal Information;
      • you may also ask us to delete or restrict your Personal Information; and
      • you may also have the right to data portability in some circumstances.

    If your Personal Information was provided to us by a client which is a company with whom you have an account or relationship, you should reach out to such company to learn more about its privacy practices and how to exercise your rights.

    If Broadridge has collected Personal Information directly from you, to exercise these rights, please contact us via email at privacy@broadridge.com or write us at the address above, and a member of our Privacy Office will assist you. Please understand that we may need to verify your identity before we can process your request.  

    If you believe that we have processed your Personal Information in violation of applicable law, you may file a complaint with the Broadridge Chief Privacy Officer at privacy@broadridge.com or with a supervisory authority.

    1. International Transfers

    Your Personal Information may be transferred to, stored at or processed in the United States and other countries which may not have equivalent privacy or data protection laws. However, we will always protect your information as described in this Privacy Statement, no matter where it is stored.

    We generally use approved Standard Contractual Clauses to assure that Personal Information is adequately protected when it is transferred out of the EEA, the United Kingdom or Switzerland to countries without an adequate level of data protection, but we may also make transfers to recipients using other approved data transfer mechanisms, including if declared adequate, an updated Privacy Shield framework.

    We process client data as needed to provide services to our clients, in accordance with our contracts. For example, our clients use our services to communicate with, manage and build relationships with their customers, investors or shareholders. We use information about the individuals as needed to provide these services and otherwise support our clients’ account management and compliance functions. 

    As permitted by our client contracts, we rely on some third parties to provide services to us, such as data hosting, that may have access to client data. Broadridge has contracts with these third parties to assure that client data is protected at all times with appropriate privacy and security controls.

    1. Data Retention

    We will retain your Personal Information for as long as the information is needed for the purposes set forth above and for any additional period that may be required or permitted by law. If we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and make requests to exercise your rights. Unless we are required by law to retain your information, where we are: (i) a data controller we will delete your Personal Information upon your request; and (ii) a data processor, we will delete Personal Information pursuant to the instruction of our client, the data controller. If Broadridge has collected Personal Information from you directly, and you want to make a request to delete such information, contact us via email at privacy@broadridge.com.

    1. Disclosure of Your Personal Information

    Other than as set out in this Privacy Statement, your Personal Information will not be sold, shared or provided to any third party:

      • we may share your Personal Information with our affiliates and subsidiaries; and
      • we may share your Personal Information with our vendors and subprocessors in connection with providing contracted services and products.

    While we don’t sell, share or provide your Personal Information other than as set forth in this Privacy Statement, our website includes a mechanism to manage data shared with third parties via cookies through our privacy rights portal at Your Privacy Choices.

    Important Information for California Residents

    This Broadridge Privacy Statement provides most of the information required by the California Consumer Privacy Act and the California Privacy Rights Act (collectively, the “CPRA”). This supplemental privacy notice gives California residents the additional information required by the CPRA. Please note, if we have collected or received your Personal Information in our capacity as a service provider to a Broadridge client with which you have a financial account or relationship, that company can assist you with requests related to exercising your privacy rights, as Broadridge cannot fulfill these requests directly. We suggest you reach out to such company to learn more about its privacy practices and make requests to exercise your rights. These companies can authenticate you and provide information about the rights that you may have under CPRA or other applicable laws.

    1. Your California Privacy Rights

    The CPRA provides California residents with specific privacy rights:

    • The right to know what Personal Information and sensitive Personal Information we collect;
    • The right to access your Personal Information;
    • The right to correct inaccurate Personal Information;
    • The right to request that we delete your Personal Information;
    • The right to know what categories of Personal Information are sold to third parties and to opt-out of that sale;
    • The right to know what categories of Personal Information are shared with third parties for cross-contextual behavioral targeting and to opt-out that sharing;
    • The right to limit the use and disclosure of sensitive Personal Information; and
    • The right not to be retaliated against for exercising your privacy rights.

    Personal information of children under 16 cannot be sold or shared without affirmative consent. We do not sell or share any Personal Information pertaining to children.

    If you are a California resident, you may exercise your rights by:

    Broadridge Financial Solutions, Inc.
    Attn: Chief Privacy Officer
    5 Dakota Drive
    Suite 300
    Lake Success, New York 11042 USA

    If you would like to designate an agent, please send an email from your own email address to privacy@broadridge.com indicating the name and email address of your agent. We will respond to that person’s requests using both your email address and the agent’s email address.

    If you are exercising CPRA access or deletion rights on behalf of another person, please understand that we will need to verify your authority with the person you seek to represent. 

    We will not retaliate against you if you exercise your rights under CPRA.   

    1. Additional CPRA Right to Know Disclosures

    Broadridge uses and discloses the following categories of Personal Information described in this Privacy Statement.

    Broadridge uses and discloses the following categories sensitive Personal Information as described in more detail in this Privacy Statement. We do not process any sensitive Personal Information for the purpose of informing characteristics about you.

    Category of Sensitive Personal Information

    Purposes for Use and Disclosure

    Can you limit this Use and Disclosure?

    Government-issued Identification Numbers

    We use and disclose Government-issued Identification Numbers in connection with payments made to professionals for tax reporting and compliance.

    No

    Account log-in credentials

    We use and disclose account access information as needed to allow you to access your account, for account security purposes.

    No

    Financial account or payment card numbers

    We use and disclose financial account and payment card numbers as needed to process transactions.

    No

    Precise Geolocation Data

    If you authorize our use of precise geolocation data in our mobile apps, we will use it to deliver content to you based on your location.

    Yes, you can disable sharing location data with us by changing the setting on your mobile device

    We do not collect other categories of sensitive Personal Information, such as biometric identifiers, the contents of mail, email or texts, or non -public information about your race, ethnicity, health, sex life or sexual orientation.

    1. Sale of Personal Information and Sharing of Personal Information for Cross-Contextual Behavioral Targeting; Collection of Personal Information by Third Parties

    Broadridge does not sell any Personal Information for monetary consideration.

    Some Broadridge websites allow third party advertising partners to utilize cookies, web beacons or other technologies to deliver ads to you on our sites and to deliver our advertisements to you on other sites. These third parties may collect information about your online activities on our websites, and they may use persistent identifiers to track you over time and across different websites and other online services. You can opt-out of our sharing of your data for cross contextual behavior advertising by visiting our privacy rights portal at Your Privacy Choices. Our websites also recognize Global Privacy Control signals and will respect your opt-out request if it is provided by your browser.

    1. Financial Incentives

    Broadridge does not offer financial incentives for the collection or sale of Personal Information. We may offer individuals the opportunity to receive free content (such as white papers or reports) if they register with their email. If you ask us to delete your information, you will not be able to receive new content, but you can continue to use content that was sent to you previously.

    Important Information for Brazilian Residents

    Broadridge is providing this supplemental privacy notice to give individuals in Brazil the additional information required by Federal Law No. 13,709/2018 - General Data Protection Law of Brazil ("LGPD"). These provisions, together with the statements in this Broadridge Privacy Statement, explain our practices for personal data subject to LGPD (“Brazilian Data”).

    1. Information about Broadridge

    This notice is being provided by Broadridge Financial Solutions, Inc.

    Broadridge Financial Solutions, Inc.
    Attn: General Counsel
    5 Dakota Drive
    Suite 300
    Lake Success, New York 11042 USA

    Our Brazilian affiliate is:

    Broadridge Trading and Connectivity Solutions do Brazil LTDA

    You may also contact the Broadridge Privacy Office by email at privacy@broadridge.com.

    1. The Purposes and Legal Basis for Processing, including Legitimate Interests

    This Broadridge Privacy Statement explains the reasons why we process Brazilian Data. We only process Brazilian Data when we have a legal basis for the processing, such as for the following types of processing activities:

    • To fulfill a contract with you or with your company (including providing support and service);
    • For closely related purposes, such as payment processing, account management, contract management, website administration, business continuity and disaster recovery, security and fraud prevention, corporate governance, reporting and legal compliance; and
    • With your consent (or provided you have not objected, as may be applicable), to respond to requests for information and to provide you with marketing communications.

    We may also process your personal data for the purposes of our legitimate interests (or for the legitimate interests of your company), provided that such processing shall not outweigh your rights and freedoms. In particular, we may process Brazilian Data as needed to:

    • Provided you have not objected, send you our own marketing materials;
    • Protect you, Broadridge or others from threats (such as security threats or fraud); 
    • Comply with the laws that are applicable to us around the world;
    • Enable or administer our business, such as for quality control, analytics, consolidated reporting, and product development;
    • Manage corporate transactions, such as mergers or acquisitions; and
    • Understand and improve our business or customer relationships generally. 
    1. Automated Decision-Making and Profiling

    We may use analytics for product development purposes, such as to understand product usage, or for security purposes, such as to identify unauthorized login attempts. We will not make automated decisions about you that may significantly affect you, unless: (1) the decision is necessary as part of a contract that we have with you; (2) we have your explicit consent; or (3) we are required by law to use the technology.

    1. When You are Required to Provide Personal Data to Broadridge

    In most cases, you are not required by law to provide any personal data to Broadridge. You are required to provide certain personal data to enable us to enter into a contract with you, so that you can use our products and services, including name and business contact information. Our “Talk to Us” and other registration forms indicate which data elements are required.

    1. Your Rights

    As noted in this Broadridge Privacy Statement, you always have the right to object to our marketing communications. To opt-out of emails, simply click the link labeled “unsubscribe” at the bottom of any email we send you. To revoke permissions that you may have given to send text messages, text STOP in response to any message.

    Broadridge also respects the rights of Brazilian residents to access, correct and request erasure or restriction of their personal data as required by LGPD. This means:

    • You have a right to know if Broadridge maintains your personal data;
    • If we do have your personal data, you have the right to have access to the data;
    • You have the right ask us to correct or update incomplete, inaccurate or outdated information;
    • You have the right to ask us to anonymize, block or eliminate any unnecessary or excessive personal data, or any personal data processed in non-compliance with LGPD;
    • You have the right to data portability, in accordance with national authority regulations;
    • You have the right to receive information about the public and private entities with which we have shared your personal data; and
    • If we are processing your personal data on the basis of your consent, you also have the right to: (1) be informed about the possibility of not providing consent and consequences of not providing consent; (2) revoke your consent; and (3) ask us to delete your personal data, subject to our rights to retain data as provided by LGPD. 

    To exercise these rights, please contact the Broadridge Privacy Office, and a member of our privacy team will assist you. Please understand that we may need to verify your identity before we can process your request. Additionally, your rights may be subject to some limitations as provided by LGPD. If we deny your request, we will explain the reasons for the denial.

    If Broadridge is processing your personal data as a data processor, we will refer you to our client for assistance with these requests. Broadridge supports its clients in responding to requests as required by law.

    If you believe that we have processed your personal data inappropriately, you may also contact the Broadridge Privacy Office or other supervisory authority. You may reach our Privacy Office by writing to privacy@broadridge.com.

    1. Data Sharing

    As noted in this Broadridge Privacy Statement, we only share Brazilian Data:

    • With our affiliates, who use the personal data for the purposes set forth above; 
    • With our service providers (data processors) or others as needed to provide the services to you;
    • If you are affiliated with one of our customers, we may share your personal data with that customer;
    • With your consent, such as when you take advantage of a partner offer; or
    • As permitted by LGPD (such as in connection with the sale of business assets) or required by law.
    1. International Transfers

    As noted in this Broadridge Privacy Statement, your personal data may be transferred to, stored at, or processed in the United States and other countries which may not have equivalent privacy or data protection laws. However, Broadridge provides that Brazilian Data are always processed in compliance with LGPD. Please contact the Broadridge Privacy Office if you would like more information about our cross-border transfers.  

    1. Data Retention

    We will retain your personal data for as long as the information is needed for the purposes set forth in Section 2 above and for any additional period that may be required or permitted by law. You may request that we delete your personal data by contacting the Broadridge Privacy Office. If we do not have a legal basis for retaining your information, we will delete it in accordance with applicable law.

    How to Contact Us and Our Chief Privacy Officer

    Please contact us if you have any questions or comments about our privacy practices or this Privacy Statement. You can always reach us via email at privacy@broadridge.com. You can also reach us via mail at the postal address provided below.

    Broadridge Financial Solutions, Inc.
    Attn: Chief Privacy Officer
    5 Dakota Drive
    Suite 300
    Lake Success, New York 11042
    USA

    This Privacy Statement was last updated December 31, 2022.


    1 Everyday Business Purposes encompasses the Business Purposes (as defined by California law) and following related purposes for which any Personal Information may processed: