Morgan Investments LTD and/or any of its affiliates (together and/or separately, as the context may require, “Morgan Stern” or “we” or “us”) may collect and process certain personal data about you (i.e. information that identifies you).
This privacy notice sets out the basis on which personal data about you will be processed by Morgan Stern. If you are dealing with Morgan Stern (i) in a capacity of an officer, employee, director, contractor, agent or principal of (a) a past or prospective client of Morgan Stern or investor in a fund managed by Morgan Stern, (b) a counterparty of Morgan Stern or a fund managed by Morgan Stern; or (c) a service provider; (ii) as a director of any of Morgan Stern fund; or (iii) as an individual interested in a career at Morgan Stern, please take the time to read and understand this privacy notice
Morgan Stern is (i) a data controller in respect of your personal data for the purposes of data protection laws, such as the Gramm-Leach-Bliley Act, the California Consumer Privacy Act, the European Union General Data Protection Regulation, the General Data Protection Regulation as it forms part of the domestic law of the United Kingdom, the Data Protection Act 2018, the Data Protection Act (As Revised) of the Cayman Islands, the Act on Protection of Personal Information in Japan, the Personal Data Protection Act 2012 of Singapore and (ii) a data user for the purposes of the Personal Data (Privacy) Ordinance of Hong Kong. As a data controller, Morgan Stern determine the means for, and the manner in which, we process your personal data; and we are responsible for ensuring that we use your personal data in compliance with data protection law.
Personal Data that We Collect About You
Morgan Stern may collect and process some or all of the following categories of personal data about you which you provide to us by filling in forms or by communicating with us, whether face-to-face, by phone, in writing or by e-mail or which we otherwise collect in the course of our interactions.
Information that you may provide to us:
- Your personal details - your full name, gender, date of birth, nationality, occupation and your signature;
- Your contact details - email address, place of work, telephone number, current and/ or previous work and/or home address;
- Identification documents - passport, national identity card, driving licence, copy of your visa, photograph and government-issued personal identifiers such as National insurance Number or social security number;
- Education and qualification details - your current and past job positions, employment history, previous employer references, conduct history (civil and criminal), education and certifications;
- Financial information - bank account details, personal account dealing information, utility bills, bank statements or mortgage statements;
- Investment information - source of funds, investment experience and objectives, risk tolerance, representation required under the applicable law or regulations;
- Other personal information that you provide to us, including health information, marital status, personal details relating to your immediate family members;
Uses of Your Personal Data
The categories of your personal data described above may be stored and processed by us for the following purposes:
- To meet our legal obligations owed to you and to perform our obligations and exercise our rights under our contract with you, or the relevant counterparty, if different;
- To conduct KYC and background screening checks to verify information provided by you for due diligence purposes or in order to confirm your suitability for any future recruitment, appointment as a service provider or admission as a preferred counterparty;
- To comply with legal, regulatory or self-regulatory practices and industry standards or procedures which relate to our business;
- To contact you about services and products we offer;
- To allow you secure access to our web-site and to prevent any potential disruption or cyberattack;
- For statistical monitoring of our web-site trafficking, intended to understand your needs and interest; or
- For the management and administration of our business.
Morgan Stern is entitled to process your personal data in these ways for the following reasons:
- To discharge our legal and regulatory obligations;
- To perform our obligations and exercise our rights in connection with a contract between us, or with a relevant counterparty;
For the legitimate business interests of Morgan Stern, such as:
- a. allowing us to effectively and efficiently administer and manage the operation of our business;
- b. to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
- c. maintaining compliance with all legal and regulatory obligations, industry standards, internal policies and procedures and preventing fraud; or in respect of any processing of sensitive personal data falling within special categories, if there is a legislative justification for its processing.
Disclosure of Your Information to Third Parties
We may share the categories of your personal data described above within the Morgan Stern group for the purposes of: (i) management and administration of our business, (ii) complying with the functions that each of the entities may perform, (iii) regional or global investor relations or HR activities (iv) assessing compliance with applicable laws, rules and regulations, internal policies and procedures across our business and (v) enabling adequate communication with you.
Morgan Stern may from time to time, in connection with the purposes described in the previous section, disclose the categories of your personal data described above to third parties outside of the Morgan Stern group, including (i) third parties that process your personal data on our behalf; (ii) professional advisers such as law firms, auditors, and accountancy firms, (iii) recruitment consultants, travel agents, payments, technology and communication service providers, (iv) counterparties and (v) courts and regulatory, tax and governmental authorities. These persons may be permitted to disclose further your personal data to other parties, but only to the extent necessary to perform the services or functions for which they have contracted with Morgan Stern to provide.
Morgan Stern will ensure that your personal data is accessed by the Morgan Stern group’s staff and third parties on a need-to-know basis and subject to general legal requirements, general confidentiality and/or other arrangements.
You may request that we not disclose your personal data to parties that are not affiliated with Morgan Stern or that are not providing services on behalf of Morgan Stern. To exercise this right, please contact Morgan Stern using the contact information below.
Transfers of Personal Data
Where personal data is transferred outside of the EEA, Morgan Stern will ensure that the transfer is subject to appropriate safeguards or is otherwise permitted under applicable law. For example, the country to which the personal data is transferred may be approved by the European Commission or the recipient may have agreed to the approved model contractual clauses that oblige them to protect the personal data. Similarly, where personal data is transferred outside the United Kingdom, Morgan Stern will ensure that the transfer is subject to appropriate safeguards or is otherwise permitted under applicable law. For example, in the context of personal data transferred outside the UK, the country to which the personal data is transferred may be approved by the UK Government or the recipient may have agreed to the approved model contractual clauses that oblige them to protect the personal data.
Protecting Your Personal Data
We are committed to safeguarding and protecting your personal data and we maintain appropriate security measures to protect your personal data from improper, unauthorised, unlawful or accidental disclosure, destruction, alteration, use, access, loss or damage.
These measures include:
- Designating employees responsible for the security program;
- Identifying and assessing security risks;
- Developing policies for the storage, access, and transportation of personal data;
- Imposing disciplinary measures for violations of the security program, as appropriate;
- Limiting access by terminated employees;
- Overseeing the practices of third-party vendors;
- Restricting physical access to records;
- Monitoring and reviewing the scope and effectiveness of the security program; and
- Documenting steps taken in response to data security incidents.
Our computer system security standards include:
- Securing user credentials;
- Restricting access to personal data on a need-to-know basis;
- Encrypting the transmission and storage of personal data;
- Monitoring of security systems; updating firewalls, security patches, anti-virus, and anti-malware software; and
- Training employees on the proper use of the computer security systems.
To protect your personal data, we permit access only by authorised employees who need access to that information in order to perform their jobs. Such staff members primarily include investor relations, legal, compliance, operations, product control, finance and administrative staff.
Retention of Personal Data
How long Morgan Stern holds personal data for will vary. The retention period will be determined by various criteria, including the purposes for which Morgan Stern is using it and legal obligations (as laws or regulations may set a minimum period for which Morgan Stern has to keep your personal data).
You have a number of legal rights in relation to the personal data that we hold about you. These rights include:
- The right to obtain information regarding the processing of your personal data and access to the personal data which we hold about you;
- Where you have actively provided your consent for us to process your personal data, the right to withdraw your consent at any time. Please note, however, that we may still be entitled to process your personal data if we have another legitimate reason (other than consent) for doing so;
- In some circumstances, the right to receive some personal data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to personal data which you have provided to us;
- The right to request that we rectify your personal data if it is inaccurate or incomplete;
- The right to request that we erase, or restrict our processing of, your personal data in certain circumstances. Please note that there may be circumstances where you ask us to erase, or restrict our processing of, your personal data but we are legally entitled to retain it or to refuse that request. Any such request could also result in us being unable to provide any services to you; and
- The right to lodge a complaint with the data protection regulator (details of which are provided below) if you think that any of your rights have been infringed by us.
If you would like further information on the collection, use, disclosure, transfer (including the protection given to your personal data when it is transferred) or processing of your personal data or the exercise of any of the rights listed above, please address questions, comments and requests to Morgan Stern at [email protected].
Updates to this Privacy Notice
We may change or update portions of this privacy notice to reflect changes in our practices and or applicable law and regulation. Please check this privacy notice from time to time so you are aware of any changes or updates. Where required under applicable data protection and privacy laws, we will notify you of any change or update portions of this privacy notice by individual message or by disclosing the changes to the data processing on a publicly available medium.
This notice was last updated in June 2023.