T. Rowe Price Privacy Notice (APAC)

References to “our”, “us”, “we” or “T. Rowe Price” within this Privacy Notice are to the T. Rowe Price entities identified as Controllers at the end of this Notice. This Privacy Notice addresses the collection and use of personal data by T. Rowe Price in relation to individuals outside T. Rowe Price (referred to as “you” or “your” in this Privacy Notice), unless you are interacting with us in relation to a product, service, subsidiary, affiliate, or digital property for which a separate privacy policy or privacy notice applies.¹

We may obtain your personal data in a variety of ways, both online and offline. Examples include interactions involving a product or service you obtain from us; when you visit our websites; or when you are a representative of or are associated with another person or entity, such as when you are an employee of a company that is our client, a service provider, a counterparty or other financial services firm.

This Privacy Notice explains the types of personal data we collect, how we use it, who we disclose it to, how we protect it, and your legal rights. Please read the following carefully as it explains our views and practices regarding your personal data and how it is handled. “Personal data” (also sometimes referred to as “personal information”) means information that (either in isolation or in combination with other available information) enables you to be identified as an individual or recognised directly or indirectly. It would not include aggregate or anonymised information or various types of publicly available information.

In the section below, we summarise the categories of personal data we may collect and examples of data within each category. We may collect personal data directly from you, or it may be supplied to us by another party, such as your employer. We may also collect personal data from other publicly or commercially available sources. We may create personal data about you, such as notes of interactions with you or records of your transactions. We may use cookies and other technologies to collect personal data through our digital content, such as our websites, mobile applications or emails. To learn more about how we use cookies and how you can control your digital experiences, please see our Cookie Policy. We process all data we obtain from you or other sources or that we create in accordance with this Privacy Notice.

In some cases, you may provide personal data to us about another person. In such cases, you should only do so if you have the authorisation of such person to provide us with such personal data and for us to use it as explained in this Privacy Notice. You should also provide a copy of this Privacy Notice to that other person.

_{¹ For example, certain of our affiliated companies, such as those whose names include “Oak Hill Advisors” or “OHA”, have their own privacy notice or policy that may apply to you.}

Categories of personal data

The categories of personal data we may collect and use include:

• personal information, such as full name, nickname and previous names (such as maiden names), gender, date of birth, age, passport details, government-issued numbers and identification documents, photos, signature, nationality, and professional credentials or background; 
• contact information, such as postal address, email address, and contact numbers for telephone, mobile and fax; 
• visitor logs; 
• employment/business information, such as the name of the company you work for and your title, location, and responsibilities; 
• any communications with us, whether on a recorded line, by electronic communications such as email or any other electronic instant messaging channels; 
• information regarding our interactions with you, including notes of calls and meetings held or planned; 
• market research and survey data as well as your views about our service, if you choose to share those with us; 
• transaction-related information, such as transaction details, instructions, transaction history and related records, account numbers for an investment fund we provide or other account, such as a bank or custodial account; 
• financial and screening information, as needed, such as source of wealth and source of funds and the expected activity to be conducted with us, information obtained in relation to anti-money laundering and counterterrorist financing due diligence, know your customer activities, screenings against governmental lists, and similar background and screening checks, which in some cases, we may be required or authorised to collect under applicable local laws; 
• information relating to compliance matters, such as data subject requests and supporting documentation, complaints, investigations, incident details, and resolutions of such matters; 
• special categories of personal data, such as information about your race, ethnicity, political opinions, religious or philosophical beliefs, trade union membership, biometric data, health-related information (e.g., information needed to accommodate disabilities, information about workplace accidents and occupational safety), sexual life or orientation, or criminal convictions and offences; 
• technical information when you interact with our digital content, including your IP address, your login information, browser type and version, device identifier, data from cookies, web beacons, clickstream data, device “fingerprinting” records, server log records (including page requests), location and time zone setting, browser plug-in types and versions, operating system and platform, page response times and download errors; 
• information about your interactions with our digital content, including the websites you visit before our websites, number of visits, length of visits to certain pages, pages viewed, page interaction information (such as scrolling, clicks and mouseovers) and methods used to browse away from the page, and similar information for additional content that can be accessed from our digital content, such as opening or printing documents or which videos are played and for how long; 
• preferences and views, such as marketing preferences, preferred language, and views shared with us; and 
• audio-visual information, such as closed-circuit television (CCTV) footage, which we may record in and around our premises and other locations, photographs, video images, audio recordings (such as call monitoring), and voicemails

How we use personal data

We use the personal data we collect from and about you for a variety of purposes and based on one or more legal justifications, as set out below:

• To provide the company you represent (or you directly) with requested products or services and subsequent client servicing and reporting, including to respond effectively to your requests, and to notify you about changes to our products or services; 
• To perform anti-money laundering and anti-terrorist financing due diligence, know your customer activities, screening against governmental lists, and similar background and screening checks; 
• To deal with your queries and requests, including to identify you when you contact us; 
• To keep internal records and manage our relationship with you, including to keep records of your personal details (and updates when necessary) and of any correspondence with you; 
• To manage our risks, legal rights, and obligations and to help identify illegal activity, including monitoring calls and transactions, security and incident response programs, intellectual property protection programs, and corporate ethics and compliance hotlines; 
• For legal and regulatory compliance, including disclosures to tax or other regulatory authorities; 
• To provide you with information about our products and services (provided you have consented to this when required). In addition, we will give you the option to withdraw your consent (opt out), such as in email or other electronic marketing messages we send; 
• To set up and manage your website registration or subscription to our digital content and electronic communication channels (e.g., instant messaging channels); 
• To ensure that our digital content is presented in the most effective manner for you and your device; 
• To enable you to participate in surveys and in interactive features of our websites or other electronic communication channels, such as instant messaging channels; 
• To process your personal data where this is necessary to keep websites and electronic systems and communication channels we host or use safe and secure, to detect and prevent fraud, other crimes, and misuse, including monitoring how our websites or other external electronic communication channels are used; 
• To allow you to register for and attend conferences and similar events that we host, both in-person events and virtual events, including to facilitate event management and administration; 
• To combine information we receive and collect to understand your interests and preferences and provide you with a more personalised experience, including by looking at your preferences that we derive from your browsing behaviour or other contact we have had with you or your company so that we can personalise our interactions with you, to better meet your needs (directly or as a representative of your company), provided this is in line with your marketing choices; 
• To keep an up-to-date suppression list where you have asked not to be contacted, in order for us to not inadvertently re-contact you. Pursuant to good marketing practice, we are obliged to process personal data to maintain an up-to-date suppression list and ensure that we do not contact you where you have asked us not to. Please note that if you opt out of marketing communications, we may still send important information relating to accounts held with us or to comply with laws or contractual obligations; 
• To design our products and services and to help us develop new services and products, including to improve our offerings as a business; 
• To effectively manage our business, such as concerning service provider management, finance, security, information technology and physical infrastructure, and corporate audit, and negotiating and implementing corporate restructuring, mergers or acquisitions; 
• To help assess, manage, and monitor our premises, such as through CCTV, visitor records, and access devices, in order to maintain the security and orderly functioning of our premises; 
• To maintain health and safety information, assessments, and related recordkeeping, to effectively manage our premises and operations consistent with health and safety practices. In some instances, we may need to process this type of information in order to comply with law; and 
• When we process sensitive personal data (such as information relating to health, beliefs, or political affiliation), we do so in accordance with applicable law and will obtain your consent when we are required to do so. However, there are some limited situations where this will not occur (e.g., if you have an accident). In such a case, we will ensure your privacy rights are protected.

The provision of your personal data is necessary when data is needed for the purposes of entering into or servicing a contract or to receive the products or services or information requested, or to comply with applicable laws and regulations. Refusal to provide your information would make it impossible for us to provide the products, services or information requested or to fulfil our contract or other legal obligations. The provision of your personal data for voluntary reasons, such as for marketing purposes, is not required.

With whom do we disclose personal data

Your personal data is intended for T. Rowe Price and may be disclosed to T. Rowe Price affiliates and subsidiaries and, in certain circumstances, to other parties, including to other parties as directed by you.

We may disclose your personal data to:

• T. Rowe Price’s family of companies. We may disclose your personal data among our family of companies, including our subsidiaries and affiliates, in order to administer our services and products, provide you with client support, understand your preferences, send you information about products and services that may be of interest to you (with your consent when required) and conduct the other activities described in this Privacy Notice. Our family of companies includes subsidiaries and affiliates whose names include “T. Rowe Price”, “Oak Hill Advisors” and “OHA”. 

We may also disclose your personal data to the following types of other organisations:

• External auditors, accountants, and legal and other professional advisors. 
• Our service providers. We use other companies or contractors (service providers) to perform services on our behalf or to assist us with the provision of T. Rowe Price products or services. While we may use a service provider to assist in relation to any of the purposes for which we may collect personal data, they generally fit within one or more of the following categories of service providers
  
  - Infrastructure and technology service providers;
  - Marketing, advertising, analysis, research, event and communications providers;
  - Fraud detection and prevention agencies; or
  - Providers of administrative services for T. Rowe Price products or services, such as transfer agencies, custodians, and securities pricing providers.
  
  In the course of providing such services, these service providers may have access to your personal data. However, we will only provide our service providers with the information that is necessary for them to perform the services, they will act under our instructions and we instruct them not to use your personal data for any other purpose. We will always use our best efforts to ensure that all the service providers we work with will keep your personal data secure.

• Other parties permitted by law. In certain circumstances, we may be required to disclose your personal data in order to comply with a legal or regulatory obligation (for example, we may be required to disclose personal data to the police, regulators, government agencies or judicial or administrative authorities) or to perform transactions (for example, we may disclose personal data to a custodian or other party in connection with the purchase or sale of securities you have requested). We may also disclose your personal data to other parties where disclosure is both legally permissible and necessary to protect or defend our rights, matters of national security, for law enforcement purposes, to enforce our agreements, or to protect your rights or those of the public. 

• Your company or agents and other parties. We may disclose your personal data to your company or other agent, such as when you are included on an email with others or to confirm your details or role. We also may disclose your information to other parties connected with your company or an account or in relation to business transactions we have with you or your company. 

• Other parties connected with business transfers. We may transfer your personal data to other parties (including existing or newly formed companies in the T. Rowe Price family of companies) in connection with a reorganisation, restructuring, merger, acquisition or transfer of assets, provided that the receiving party agrees to treat your personal data in a manner consistent with this Privacy Notice.

Where we store your personal data

Due to the nature of our global business and the technologies used, the personal data that we collect may be transferred to, stored at, and accessed from a destination outside the jurisdiction in which you are located, whose data protection laws may not be as extensive as those in your jurisdiction.

Your personal data may be transferred to, stored at and accessed from T. Rowe Price Associates, Inc. in the United States and by staff who work for us or another affiliate at offices in the United Kingdom, European Economic Area, Middle East, North America, and Asia Pacific (APAC). It may also be processed by staff of our service providers who typically are located in similar regions. Regardless of location, we will put in place appropriate protections and controls to help keep your personal data secure and treated in line with this Privacy Notice and applicable privacy/data protection laws. 

Your choices/your privacy rights

Depending on which T. Rowe Price company is providing products or services to you, and the country in which that company is located, you may have various rights in connection with our processing of your personal data, each of which is explained below. If you wish to exercise one or more of the below rights, please contact us with your request at Global.Privacy@troweprice.com and include your name, email and postal address, the name of your usual T. Rowe Price contact person (as applicable), as well as your specific request and any other information you think would be useful in order for us to process your request.

• Access. You may have the right to confirm with us whether your personal data is processed, and if it is, to request access to that personal data, including the categories of personal data processed, the purpose of the processing, and the recipients or categories of recipients. We do have to take into account the interests of others though, so this is not an absolute right, and we may be entitled to charge a fee.
• Rectification/Correction. You may have the right to rectify or correct inaccurate or incomplete personal data concerning you.
• Deletion. You may have the right to ask us to erase personal data concerning you, except we are not obligated to do so if we need to retain such data in order to comply with a legal obligation or to establish, exercise or defend legal claims.

If we need additional information to verify your identity, we will let you know. We will endeavour to respond to a verified request within a month after receipt, unless there are grounds for extending our response time frame. In the event of an extension, we will explain to you why the extension is necessary. In some cases, your ability to exercise a right will be limited, as required or permitted by applicable law. If we cannot fulfil your request because we cannot verify your identity or due to exceptions under applicable law, we’ll let you know in our response.

If we are processing your personal data on the basis of your consent, such as to provide marketing communications, you have the right to withdraw your consent at any time. If you would like to opt out of receiving marketing communications from us, please follow the opt-out instructions located in the email or the unsubscribe instructions on the website you used to subscribe to specific content (as relevant). Please understand that if you opt out of or unsubscribe from receiving marketing communications from us, we may still contact you in connection with an account, relationship, activities, and other communications with us.

For how long do we keep your personal data

We will only retain your personal data for as long as it is necessary for the purpose for which the data was collected and to the extent permitted by applicable laws. For example, we may retain certain transaction details and correspondence until the time limit for claims arising from the transaction has expired, or to comply with regulatory requirements regarding the retention of that data. When we no longer need to use your information, we will remove it from our systems and records and/or take steps to promptly anonymise it so that you can no longer be identified from it (unless we need to keep your information to comply with legal or regulatory obligations to which we are subject).

Security

We have implemented technical and organisational security measures in an effort to safeguard personal data in our custody and control. Such measures we have implemented include limiting access to personal data only to employees, contractors, and authorised service providers who need to know such information for the purposes described in this Privacy Notice; training for our employees and contractors; and other technical, administrative, and physical safeguards. While we endeavour to always protect our systems, sites, operations, and information against unauthorised access, use, modification, and disclosure, due to the inherent nature of the internet as an open global communications vehicle and other risk factors, we cannot guarantee that any information, during transmission or while stored on our systems, will be absolutely safe from intrusion by others, such as hackers. 

Language 

This Privacy Notice is written in English and may be translated into other languages. In the event of any inconsistency between the English version and the translated version, the English version shall prevail.

Controllers

Contact us

If you have any questions about this Privacy Notice and/or about the privacy policies and practices of our service providers, please let us know.

Contact the T. Rowe Price company that you do business with

The company that you correspond with or do business with usually will be the data controller in respect of your personal data and can answer questions you may have about our Privacy Notice or our use of your personal data. The contact details of these companies can be found at the “Controllers” section above.

Contact our Global Privacy Office

If your question or complaint remains unresolved after speaking to a representative of the T. Rowe Price company that you deal with, please contact us via email at Global.Privacy@troweprice.com.

The details of our Global Privacy Office, where our head of Global Privacy is based, are as follows:

Global Privacy Office
T. Rowe Price
For the attention of: Head of Global Privacy
4515 Painters Mill Road
Owings Mills, MD 21117 United States
Global.Privacy@troweprice.com

The Global Privacy Office will liaise with appropriate individuals at our local offices regarding your question or complaint. We will deal with your request by investigating it and providing a response to you within a reasonable time, provided that we have all necessary information and have completed any investigation required. In some cases, we may need to ask you to put your request in writing so that we are sure that we understand it and may also need to ask you for further information or to verify your identity. We will attempt to confirm with you as appropriate and necessary your understanding of the conduct relevant to the request and what you expect as an outcome. We will treat your request confidentially and respond to you within a reasonable time, usually in writing.

Contact a data protection regulator

If, after contacting us, you do not feel that we have adequately addressed your concerns, please contact the data protection regulator in the country where the T. Rowe Price company that you deal with is established, as set out in the “Controllers” section above.

Date and changes to this Privacy Notice  

This Privacy Notice is the most recent version and the date it was last updated is located below. We reserve the right to change our Privacy Notice from time to time, and you are advised to visit our website regularly to check for any amendments. If we make a change that we are required by law to inform you of in other ways (such as by email), we will do so. 

_{Last updated: 28 August 2023}