Fisher Investments UK and Fisher Investments
Privacy & Cookie Policy
LAST UPDATED: JANUARY 2025

1. General

   This Privacy & Cookie Policy (this “Policy”) is in accordance with the UK Data Protection Act 2018 and the UK General Data Protection Regulation, as incorporated into UK law under the European Union (Withdrawal) Act 2018 and sets out how Fisher Investments Europe Limited, trading as Fisher Investments UK (“FI UK”), and Fisher Asset Management, LLC, trading as Fisher Investments (“FI,” together with FI UK, the “Companies”), use Personal Data relating to the following natural people (“Individuals”):

   • prospective clients, clients, and their representatives;
   • website users;
   • business contacts at service providers and vendors; and
   • individuals who agree to participate in market research.

   In this Policy, “Personal Data” means any information about identified or identifiable Individuals. As the controllers responsible for the processing of Individuals’ Personal Data, the Companies are committed to privacy and will use Individuals’ Personal Data only in accordance with this Policy.

   The Companies can be contacted about this Policy using the following details:

   Fisher Investments Europe Limited
   trading as Fisher Investments UK
   Attn: Data Protection Officer
   Level 18, One Canada Square
   Canary Wharf, London, E14 5AX
   United Kingdom
   privacy@fisherinvestments.co.uk
   +44 0800 144 4731

   Fisher Asset Management, LLC
   trading as Fisher Investments
   Attn: Data Protection Officer
   6500 International Parkway
   Plano, Texas 75093
   United States of America
   privacy@fi.com
   +1 (650) 851 3334

2. Types of Personal Data

   Depending on the processing purpose, the Companies may process the following types of Personal Data relating to the following categories of Individuals:

   1. Prospective clients, clients, and their representatives:
      • FI UK uses the name, address and email address of Individuals provided by third party list vendors to provide offers for FI UK’s informational materials. Such Personal Data may come from public sources and/or such vendors’ private databases.
      • FI UK uses the name, address, telephone numbers, email address, and asset level category of Individuals who provide such information at the time that they request FI UK’s informational materials, and at the time that they express an interest in services offered by FI UK.
      • When Individuals request that FI UK provide a suitability assessment and investment strategy recommendation and/or engage FI as discretionary investment manager, the Companies uses the Personal Data Individuals provide directly, including:
        • Information provided in the client profile document;
        • Information provided in the client agreement, account statements, account opening documents for FI, account opening documents for the custodian, and any instruction or mandate form with respect to FI’s discretionary investment management service;
        • Information provided to employee representatives of the Companies in-person and by telephone, including information the Companies may request from time to time to assist in providing services to the Individual.
      • To conduct a suitability assessment and design a recommended investment strategy for Individuals, as well as conduct ongoing suitability assessments for clients, the Companies uses information provided by Individuals about their mental and physical health (“Health Data”), including in the context of conducting a proprietary assessment of an Individual’s life expectancy and any impact on the investment time horizon for the Individual’s assets.
      • FI UK is required under applicable UK anti-money laundering laws and regulations (collectively “AML Laws”), and FI is contractually required to support the custodians’ obligations under AML Laws, to carry out identity verification, sanctions checks, and anti-money laundering and anti-terrorist financing screens. Accordingly, the Companies use the name, date of birth and address provided by Individuals seeking to become clients of FI to perform a sanctions and anti-money laundering check using the services of a third party service provider, which may reveal information relating to criminal convictions or offences.
      • FI UK is required under the conduct of business rules promulgated by the UK Financial Conduct Authority and other applicable financial services laws and regulations (“UK Financial Services Laws”) to record telephone conversations that relate to activities in financial instruments. Accordingly, certain telephone calls between the Individual and FI UK will be recorded.
      • Where an organisation or some other legal entity seeks to become or becomes a client, the Companies use business contact information and other identifying information about the Individuals representing the organisation or legal entity in its dealing with the Companies.
   2. Website users:
      • FI UK places ads on publishers’ websites or within email content, either directly through the publisher or via a third party. As a result of Individuals interacting with the advertising content, ad server companies will collect Individuals’ domain types, IP address, and clickstream data.
      • The Companies use cookies and other online tracking technologies, such as pixels, embedded scripts, session replay tools, SDKs, tags and web beacons that collect information about Individuals’ internet browsing habits and history (collectively referred to in this Policy as “cookies”). For more information, please see Section 8
      For more information, please see Section 8 below.
   3. Business contacts at service providers and vendors:
   • In dealing with service providers and vendors, the Companies obtain information about the Individual representing the service provider or vendor, including name, title, name, address, telephone and fax numbers and email address.
   4. Individuals who agree to participate in market research:
   • When Individuals agree to participate in market research, the Companies use information about Individuals’ marketing and investment preferences. Such data is provided directly by Individuals to the Companies or to a third party service provider engaged by the Companies to conduct such market research.

3. Use of Personal Data

   1. Purposes and Lawful Bases

      The Companies processes Individuals’ Personal Data for the following purposes, and upon the legal bases set out in the table below.

      Purpose for which the Companies collect and use Personal Data		Legal Basis upon which the Companies rely
      Main Purpose	Sub-Purposes
      A. Prospective Client Management	To carry out direct marketing This includes sending mail and emails to Individuals on lists rented from third party list vendors. It also includes following up and sending promotional material by email, phone or mail to Individuals who requested informational materials and ongoing insights on financial matters and investment management services. To facilitate pre-client onboarding This includes receiving and sending information needed for client onboarding and log-in access for secure content and document delivery	FI UK can use Personal Data for marketing to Individuals where Individuals have consented to it. In addition, given FI UK’s legitimate interest in promoting its business, FI UK can use Personal Data for marketing to: (i) Individuals who previously requested informational materials from FI UK or its affiliates (collectively, the “Fisher Group”); and (ii) Individuals representing organisational prospective clients. FI UK can use Personal Data for client onboarding, content and document delivery to Individuals where they have consented to it.
      	To optimise marketing This includes analysing website visits to FI UK’s websites and the number of clicks through the pages to request informational materials. It also includes using cookies to display FI UK’s online advertisements to Individuals who may be more likely to be interested. It also includes using AI-powered tools and solutions to customise informational materials.	FI UK can use Personal Data for this purpose where Individuals have consented to them. In addition, given FI UK’s legitimate interest in promoting its business, FI UK can use Personal Data to market to people with interests similar to the Individuals.
      	To conduct market research This includes conducting market research to ask Individuals about their marketing and investment preferences.	The Companies can use Personal Data for this purpose where Individuals have consented to it. In addition, the Companies can also use some Personal Data for this purpose because it is in the Companies’ legitimate interests to invite Individuals to participate in market research.
      	To contact Individuals referred to the Companies	FI UK can use Personal Data for this purpose because it is in FI UK’s legitimate interest to contact Individuals who permitted the referring party to provide their Personal Data to FI UK.
      	To suppress Individuals from being contacted	FI UK can use limited Personal Data for this purpose because it is in FI UK’s legitimate interest to refrain from contacting Individuals who have requested not to be contacted or who FI UK believes should not be contacted.
      B. Client Management	To provide discretionary investment management services	FI can use Personal Data for this purpose because it is necessary to perform a contract to which the Individual is a party. In some cases, FI has a legitimate interest in using an Individual’s Personal Data for this purpose, such as when communicating with representatives of an organisational client.
      	To offer and coordinate third party products or services that supplement the Companies’ services	The Companies can use Personal Data for this purpose because it is necessary to perform a contract to which the Individual is a party or to take steps at the request of the Individual prior to entering into a contract.
      	To calculate portfolio performance	The Companies can use Personal Data for this purpose because it is in the Companies’ legitimate interests to calculate portfolio performance.
      C. Legal Compliance, Assessment& Defence	To meet the Companies’ obligations under Applicable Law and conduct due diligence This includes monitoring the advice process, keeping records of telephone calls, verifying identity of individuals, conducting sanctions and anti-money laundering checks, which may reveal data concerning criminal convictions or offences, and carrying out searches of public information related to Individuals and their family members and associates. This also includes using AI-powered tools and solutions to optimise the Company’s investigation activities.	The Companies can use Personal Data for this purpose to comply with applicable financial services laws and regulations (including, without limitation, the UK Financial Services Laws, and the Investment Advisers Act of 1940 and laws and regulations of the Securities and Exchange Commission for FI (“Financial Services Laws”)), AML Laws, and other applicable laws and regulations (collectively, “Applicable Law”). The Company can also use Personal Data for this purpose because it is in the Company’s legitimate interest to refrain from doing business with Individuals where the Company believes doing so may result in a potential conflict of interest or may not be in the best interests of the Company or the Individual. In addition, the Companies can use Personal Data for this purpose beyond the legally mandated record retention period because it is in the Companies’ legitimate interests to keep data for as long as the statute of limitations so that the Companies can enforce and defend its legal rights.
      	To share data with regulators and law enforcement officials This includes sharing information with the Financial Conduct Authority, the Securities and Exchange Commission, the Information Commissioner’s Office, the Financial Ombudsman Service, the Financial Intelligence Unit, other regulatory, law enforcement, and similar authorities applicable to the Fisher Group, as required.	The Companies can use Personal Data for this purpose where required to comply with Applicable Law.
      	To share data with courts and tribunals This includes using AI-powered tools and solutions to optimise the Company’s e-discovery activities prior to such data sharing.	The Companies can use Personal Data for this purpose because it is in the Companies’ legitimate interests to enforce and defend their legal rights.
      D. Training	To train, monitor, and supervise internal staff This includes training and surveying employees, recording and monitoring certain telephone calls, voicemails, and other computer or telecommunication activities.	The Companies can use Personal Data for this purpose because it is in the Companies legitimate interests to train and supervise their workforces to offer the best possible service.
      E. Vendor Management	To engage with service providers and vendors This includes making payments and contacting business contacts at service providers and vendors using their business contact information.	The Companies can use Personal Data for this purpose for their legitimate interests in engaging with their service providers and vendors.
      F. Security	To enhance security of FI UK’s facilities This includes the use of video surveillance equipment, subject to applicable legal restrictions.	FI UK can use limited Personal Data for this purpose because it is in FI UK’s legitimate interest to secure its facilities.

      Where one of the Companies has relied upon its ‘legitimate interest’ as a legal basis for a particular purpose, it has performed a ‘balancing test’ to ensure that Individuals’ rights and interests are taken into account when their Personal Data is used. Further information on the balancing test can be obtained by contacting the Companies’ Data Protection Officer.

   2. If Individuals fail to provide Personal Data

      Where the Companies need to collect Personal Data to comply with a legal obligation, or under the terms of a contract or upon request prior to entering a contract, and the Individual does not provide such data, the Companies may not be able to provide services and may need to cancel the contract. Similarly, if an Individual does not consent to providing Health Data for the purpose described above, the Companies may not be able to provide services and may need to cancel the contract. The Companies will notify the Individual if this is the case at the time. If an Individual requesting informational materials and ongoing insights does not consent to receiving the same, FI UK will not be able to provide such materials and insights.

4. Sharing of Personal Data

   1. Who will the Companies share Personal Data with?

      For the purposes listed in Section 3 above, the Companies may share Individuals’ Personal Data with:

      • Fisher Group companies, including:
        • FI, FI UK’s parent company in the United States;
        • Fisher Investments Ireland Limited (“FII”), a wholly-owned subsidiary of FI in the EU; and
        • Fisher Investments Luxembourg, Sàrl (“FIL”), a wholly-owned subsidiary of FI in the EU.
      • FI, FII and/or FIL (the “Outsourced Fisher Companies”) act as service providers of marketing, human resources, finance, information technology, legal support services, and trading functions to FI UK. FI also serves as a discretionary investment manager to Individuals in the UK after being introduced by FI UK. In these capacities, the Outsourced Fisher Companies may have access to Personal Data collected and used by FI UK.
      • Authorised vendors, service providers, contractors and representatives. These organisations are as follows:
        • Custodians that hold custody of clients’ assets managed by FI, as well as custodians, brokers and dealers that execute trade order instructions for clients of FI. The custodians holding clients’ assets will also have a direct contractual relationship with each client. Such custodians are generally located in the UK and are subject to the Financial Services Laws. If an Individual requests an account held by a custodian located in the United States, FI will transfer Personal Data in connection with such account only with the explicit consent of the Individual.
        • Self Invested Pension Plan (“SIPP”) providers in the UK that provide SIPPs to clients of Fisher Investments and that are subject to applicable Financial Services Laws.
        • LexisNexis Risk Solutions UK Limited who carry out the sanctions and anti-money laundering checks on behalf of FI UK as described above in Section 3.
        • Information technology and security providers, such as communications, internet firewall and malware detection providers.
        • Marketing service providers, including website host companies that collect Personal Data on behalf of FI UK from Individuals interested in FI UK’s informational materials, social media platforms, merge-purge service providers that ensure mailing lists are accurate, and mailing service providers that send mail to Individuals on behalf of FI UK.
        • Providers of third party professional advice, such as lawyers and auditors.
      • Courts and tribunals, as described above in Section 3.
      • Regulators (including the relevant financial regulators), tax authorities, other government agencies, and law enforcement organisations, as described above in Section 3.
      • If one of the Companies sells, transfers or merges part or all of its business, or attempts to do so, then third parties may receive Personal Data.
   2. What safeguards are in place where Personal Data is transferred outside of the UK?

      Where the Companies transfer Personal Data to a data recipient in a jurisdiction outside of the UK where the laws do not provide an equivalent level of data protection as the UK, the Companies and the data recipient will make the transfer in accordance with standard contractual clauses adopted pursuant to Article 46(2)(c) or (d) of the UK GDPR including the standard contractual clauses issued by the Information Commissioner under s119A(1) of the UK DPA 2018 as revised from time to time (“UK Addendum“).

      Please contact the Companies using the contact details in Section 1 above with any questions about the legal safeguards in place to protect Personal Data when transferred outside the UK (including how to obtain a copy or consult these safeguards).

5. Consent

   In accordance with applicable data protection laws, Individuals who consent to one of the Companies using their Personal Data may withdraw that consent at any time. Individuals may do so via the Companies’ online form. If you are a private client, click here. If you are an institutional investor, click here. You can also unsubscribe using the details set out in Section 1 above.

   When doing so, Individuals should:

   • ensure that a full name and address and/or email address is provided in exactly the form in which it was originally provided to the Companies to avoid any possible confusion with a different Individual; and
   • ensure that the particular uses for which consent is being withdrawn are specified. The uses for which the Companies rely on consent are set out in Section 3 above.

   Individuals may also unsubscribe from direct email marketing via an online form . If you are a private client click here. If you are an institutional investor, click here.

6. Individual Rights

   In accordance with applicable data protection laws, Individuals may exercise the following rights in relation to the Personal Data that one of the Companies holds about them:

   • Individuals have the right to obtain confirmation as to whether or not their Personal Data is being processed and, where this is the case, have access to the Personal Data.
   • Individuals have the right to ask the Companies to rectify Personal Data about them that they think is inaccurate. They also have the right to ask the Companies to complete data they think is incomplete.
   • Individuals have the right to request the erasure of their Personal Data where there is no compelling reason for the Companies to keep using the data. This is not a general right to erasure; there are exceptions, g., if the Companies have a legal obligation to keep the data.
   • Individuals have the right to ask the Companies to restrict processing of their Personal Data in certain circumstances.
   • The right to data portability applies only to Personal Data Individuals have given to the Companies. Individuals have the right to ask that the Companies transfer the data to another organisation or give the data back to the Individual.
   • Where Individuals have provided one of the Companies with consent to process their Personal Data, they have the right to withdraw consent at any time. This will not affect the lawfulness of the processing that has been carried out based on Individuals’ consent prior to the withdrawal.
   • When the Companies process Personal Data for purposes of pursuing legitimate interests, Individuals have the right to object to such processing at any time. If an Individual objects, the Companies will stop the processing unless it has strong and legitimate reasons to continue using the data.

   To exercise these rights, Individuals should contact the Companies using the details set out in Section 1 above. In such case, Individuals should ensure that the full name and address and/or email address are provided in exactly the form in which they were originally provided to the Companies to avoid any possible confusion with a different Individual. If Individuals are not satisfied with the way the Companies handle the request, they may lodge a complaint with the UK Information Commissioner’s Office.

7. Security

   The Companies are committed to ensuring that Personal Data is secure. In order to prevent unauthorised access or disclosure, the Companies have put in place appropriate physical, electronic and managerial procedures to safeguard and secure Personal Data collected. The Companies also use encryption when collecting or transferring sensitive data.

8. Cookies

   A cookie is a small text file downloaded to an individual’s computer (or other device) when accessing webpages that use them. A tracking pixel (also called a pixel tag or web beacon) may be a tiny, invisible image embedded in a webpage or email, which loads when you view the content, or a small piece of code that performs a similar function. Cookies and other online tracking technologies, such as pixels, tags, web beacons, embedded scripts, session replay tools, and SDKs (collectively referred to in this policy as “cookies”) allow a website to store and retrieve information about visitors’ online activity. Cookies are, for example, how a website remembers what display language you chose or what items you put into your online shopping cart. Depending on the information they contain and user behaviour, cookies may be used to identify the user.

   Third parties may place cookies, pixel tags, and similar tracking technologies on our websites to collect, store, and analyze information about your interactions, including pages you view, links you click, and your purchase or browsing history. Some of this information may be combined with other data they obtain and may be personally identifiable. These third parties may use this information to deliver targeted advertising and content, to build consumer profiles, and for their own commercial purposes, including improving their products, services, and advertising networks.

   The Companies disclose email addresses and electronic network activity information (such as pages viewed, links clicked, and other browsing or purchase history) to certain advertising and analytics partners, including social media platforms. These third parties may combine this information with other data they collect to deliver ads tailored to your interests, to build profiles about you, and for their own commercial purposes, such as improving their advertising networks and services. This type of disclosure may be considered a “sale,” “sharing,” or “targeted advertising”.

   Cookies can be categorised by who places them:

   • First-party cookies: These cookies are downloaded to a user’s computer (or other device) by the publisher of the website whose service the user is requesting.
   • Third-party cookies: These cookies are downloaded to a user’s computer (or other device) by another entity that may be seeking data obtained through cookies.

   Cookies can also be categorised by their duration:

   • Session cookies: These cookies are designed to collect and store data while the user accesses a website. They are often used to store information for the duration of a visit to the website (e.g. what account user is logged into). Once a user leaves the website, the session cookie is deleted.
   • Persistent cookies: These cookies store data on the user’s computer (or other device) for the duration period set within the cookie’s file, which is determined by the entity controlling the cookie and can range from a few minutes to several years, or until the user manually deletes them.

   Lastly, cookies can be categorised by the function they serve. FI UK uses the following types of first- and third-party cookies:

   • Required: Required cookies are necessary to enable the basic features of this site to function. They keep track of whether or not a user has consented to have other types of cookies placed on their computer (or other device). Required cookies do not collect Personal Data. Required cookies may also include authentication cookies.
   • Statistical: Statistical cookies analyse pseudonymized site statistics. They enable measuring the number of visitors and analysing how users interact with the website. This information is used to improve the website and the products or services offered.
   • Marketing: Marketing cookies are used to understand user interests, provide relevant ads, and make a user’s online experience more enjoyable. They can be used to build a user profile to provide users with content more relevant to their interests. They adapt advertising and the content users see on other websites based on their website browsing habits, as well as how users interact with internet advertising.
   • Preferences: Preferences cookies allow the website to personalise website content, such as the language selected for viewing the page. These also save a user’s cookie preference settings.

   FI UK uses first- and third-party required, statistical, marketing and preferences cookies. The following vendors load cookies on this website:

   • Adform
   • Dianomi
   • DoubleClick
   • Drawbridge
   • Facebook
   • Google Ads
   • Google Analytics
   • Hotjar
   • LinkedIn
   • LiveIntent
   • Lunio
   • MediaGo(Baidu)
   • Microsoft Bing
   • NextDoor
   • Outbrain
   • Passendo
   • Pingdom
   • Sitecore
   • Taboola
   • Tag Inspector
   • Tealium
   • Vidyard
   • Vimeo
   • X
   • Xander(AppNexus)
   • Yahoo(Verizon)
   • YouTube
   • Zemanta
   • mPulse

   For further information on cookies and to manage them, please click here.

   Some browsers have a “Do Not Track” setting that allows users to send a signal to the websites they visit that the user does not wish to be tracked. FI UK’s website does not respond to these signals.

9. How Long Data Will Be Kept

   Personal Data relating to Individuals who are clients of the Companies (meaning any Individual who has received an investment strategy recommendation or has retained FI as discretionary investment manager) will be kept for the duration of the client relationship plus ten years in order for the Companies to satisfy their recordkeeping obligations under applicable Financial Services Laws, as well as to enforce or defend their legal rights. Information on identity verification and sanctions and anti-money laundering checks will be kept for the duration of the client relationship plus five years in order for FI UK to satisfy its recordkeeping obligations under applicable AML Laws. Recordings of telephone calls will be retained for a period of five years in order for FI UK to satisfy its recordkeeping obligations under MiFID, while all other recordings will be retained for 10 days. Information of prospective clients that are Individuals will be kept for a period of five years from the date the Individual consented to direct marketing or until the Individual requests earlier erasure of their information. However, where an Individual consents to have their information retained by FI UK to receive ongoing information and insights (subscription) from FI UK, their information will be kept until they opt out unless they did not receive a regular opportunity to opt out in which case such information will be retained for five years from consent. In some cases, such general retention periods may be extended for up to ten years for some Individuals who are in more advanced discussions with FI UK or have had regular interactions or meetings with FI UK about its services or FI’s discretionary investment management services, unless the Individual requests earlier erasure of their information. Information collected for the purposes of conducting market research will be kept for up to two years following such research, unless the Individual requests earlier erasure of their information. Contact information for vendors/service providers and contact information for Individuals on suppression lists (i.e., name, address, email address and/or phone number) will be retained indefinitely.

10. Social Media

    FI UK maintains a presence on various social media platforms. The terms and conditions set by the operators of the various platforms apply to FI UK and any Individuals who interact with FI UK through the platforms. These platforms collect and analyse interests expressed by their users and combine it with information provided by FI UK to optimise marketing. More information about the privacy practices of these social media platforms is available below, including information about interest-based advertising.

    • Facebook: FI UK is subject to an agreement with Facebook Ireland Limited, which determines their respective responsibilities with respect to Personal Data. Facebook Ireland Limited is responsible for enabling Individuals’ rights with respect to Personal Data it stores. Information about how Facebook processes Personal Data is available at https://www.facebook.com/about/privacy. The terms applicable to the various Facebook products set out the purposes for which Personal Data is collected and transmitted. More information on interest-based advertising is available at https://www.facebook.com/settings/ads.
    • LinkedIn: Information about how LinkedIn processes Personal Data is available at https://www.linkedin.com/legal/privacy-policy. More information on interest-based advertising is available at https://www.linkedin.com/help/linkedin/answer/a1342443.
    • Instagram: Information about how Instagram processes Personal Data is available at https://www.instagram.com/legal/privacy.
    • YouTube: Information about how YouTube processes Personal Data is available at https://policies.google.com/privacy. More information on interest-based advertising is available at https://www.youtube.com/intl/ALL_uk/howyoutubeworks/user-settings/ad-settings/.
    • X: Information about how Twitter processes Personal Data is available athttps://x.com/privacy.
    • Google: Information about how Google processes Personal Data is available at https://policies.google.com/privacy. More information on interest-based advertising is available at https://adssettings.google.com/anonymous?hl=en.

11. Changes to Privacy & Cookie Policy

    From time to time, the Companies may use Personal Data for new, unanticipated uses not previously disclosed in this Policy to the extent permitted by law. If its practices regarding Personal Data change at some time in the future, the Companies will post the policy changes to https://www.fisherinvestments.com/en-gb/privacy.