For convenience, in this privacy notice we refer to you or the organisation you represent, or the organisation with whom you are otherwise associated, as the “Company". This privacy notice is relevant to you if you are an individual associated with a Company that has a past, existing, or prospective relationship with MUFG Securities; or an individual whose personal data is given to MUFG Securities by the Company or which we otherwise receive, in the course of our dealings with the Company. This privacy notice provides important information about how we process your personal data and your data protection rights. This privacy notice was last updated on 15 October 2024.

1. PERSONAL DATA WE COLLECT ABOUT YOU

We may collect and process the following personal data about you:

Personal data that you give us:

  • This is personal data about you that you or the Company give to us when filling in forms that we (or the Company on our behalf) ask you to complete or corresponding with us by email, telephone, post or otherwise. It may include, for example, your name, address, email address and telephone number; information about your business relationships; information about your professional role and background; limited details of your personal life; and identification documentation for verification and authorization purposes.
  • If you or the Company (as the case may be) do not provide personal data that we request, we may not be able to provide (or continue providing) or (or to continue to receive) (as applicable) relevant services to or otherwise do business with you or the Company.
  • If you or the Company (as the case may be) are providing us with personal data about other individuals, such as other employees, officers or other personnel within the Company, please inform them of the purpose for which you are providing us the personal data and ensure they are aware of this privacy notice.

Personal data that our systems collect about you:

  • If you exchange emails, telephone conversations or other electronic communications with us and our employees, our information technology systems may record details of those communications, including their content.
  • If you visit our websites they will collect some information about you and your visit, including the internet protocol (IP) address used to connect your device to the internet and some other information such as your browser type and the pages on our site that you visit. Our websites may also download "cookies" to your device as described in our separate cookie statements on our websites if applicable.
  • Our premises have closed circuit TV systems and building access controls for security and safety purposes which may record you if you visit our premises.

Other personal data:

We may also collect some personal data from other sources such as (a) your colleagues or other business contacts who may give us personal data about you, such as your contact details or details of your role in the Company. If we need to conduct anti-money-laundering or similar background checks involving you, this may require more extensive personal data about you – for example, a copy of your passport, and (b) we sometimes collect personal data from third party data providers, international sanctions lists, the internet or other publicly available sources for anti-money-laundering, background checking and similar purposes, and to protect our business and comply with our legal and regulatory obligations.

2. WHY WE PROCESS YOUR PERSONAL DATA:

We process your personal data, as necessary to pursue our legitimate business and other interests, for the following purposes:

  • providing our products and services to the Company, including to ensure that agreements with, and instructions from, the Company are authorized and validly executed;
  • receiving goods or services from the Company, including to ensure that agreements with the Company provide a “relationship manager" point of contact, and ensuring that such agreement with the Company is authorized and validly executed;
  • business development (including marketing of our products and services to the Company – we will not send marketing communications to you in your personal capacity) and managing our relationship with the Company;
  • assessing and managing the risks facing our businesses, including detecting and preventing fraud and other financial crimes;
  • managing and improving our systems and processes, including through monitoring and managing their usage;
  • complying with, or directly or indirectly facilitating compliance with, the requirements in any jurisdiction of any exchange, trading facility, trading system, organized market, clearing house, settlement system, exchange or other infrastructure provider to facilitate clearing and settlement (a “Market");
  • protecting the security and integrity of our premises, information technology systems and information;
  • investigating and responding to complaints and other incidents affecting our or the Company's businesses; and
  • enforcing and defending our legal rights and those of the Company, its employees, officers and affiliates, including potential legal claims or disputes.

We also process your personal data to comply with law and regulation and as necessary to pursue our legitimate interests in directly or indirectly facilitating compliance with the requirements of the law, co-operating with our regulators and other authorities, complying with applicable foreign laws, preventing or detecting financial and other crimes and regulatory breaches, and protecting our business and the integrity of the financial markets. This involves processing your personal data for the following purposes:

  • carrying out know-your-client (“KYC"), anti-money laundering, anti-terrorism, anti-market-abuse, anti-bribery and corruption, anti-fraud / other financial crime and sanctions compliance activities, including identity checks and background screening;
  • monitoring transactions and reporting on them to competent authorities;
  • keeping records of communications with the Company, including recording telephone, emails and instant messaging; and
  • responding to enquires from, and otherwise co-operating with, regulatory, tax, law enforcement and other governmental agencies or authorities, Markets, brokers or other intermediaries or counterparties and courts.

Personal data collected by us for the sole purpose of preventing money laundering and terrorist financing may not be processed in a manner incompatible with these purposes unless we have obtained the individual's express consent or we are otherwise permitted by law.

3. TO WHOM DO WE DISCLOSE YOUR PERSONAL DATA?

We will disclose personal data about you, where reasonably necessary for the various purposes set out above, to:

  • other members of the worldwide MUFG group of companies. Details of the MUFG group may be found at http://www.mufg.jp/english/profile/globalnetwork/;
  • your colleagues representing the Company;
  • counterparty financial institutions, Markets and other persons from whom we receive, or to whom we make payments, or with whom we conduct other transactions;
  • our legal, accounting and other professional advisors such as insurers and auditors, so that they can advise us;
  • service providers who hold or process your personal data on our behalf, under strict conditions of confidentiality and security;
  • persons who take over our business and assets, or relevant parts of them;
  • regulatory, tax, law enforcement or other governmental agencies or authorities, courts or litigation counterparties, in any country or territory; and
  • other persons where we are required by law or regulation to disclose.

These disclosures may involve transferring your personal data abroad. You should be aware that this may include transfers to countries outside of the jurisdiction in which you and or we are located, which do not have similarly strict data privacy laws. In those cases, we will put in place appropriate safeguards in accordance with applicable data protection laws.

4. FOR HOW LONG DO WE KEEP YOUR PERSONAL DATA?

We retain personal data only for as long as reasonably necessary for the purposes described above or as long as required by law or regulation or to resolve potential legal claims or disputes.

5. ARTIFICIAL INTELLIGENCE

This section describes how autonomous or semi-autonomous systems (collectively referred to as "AI Systems") employed by us may process your personal data in compliance with the Dubai International Financial Centre (DIFC) Data Protection Regulations (particularly Regulation 10) supplementing DIFC Data Protection Law No. 5 of 2020.

Article 10 of the DIFC Data Protection Regulations (Regulation 10) regulates the processing of personal data that is conducted through AI Systems. The term “Systems” refer to “any machine based system operating in an autonomous or semi- autonomous manner” which can process personal data for the purposes that are human defined (i.e. determined by human involvement) or by the System itself and that “generate an output as a result of, or on the basis of such “processing”.

  • Data Collected

Our AI Systems may collect personal data. This includes any information that relates to an identified or identifiable natural person, including but not limited to, your name, email address, any information you provide directly through our AI Systems, including but not limited to, text inputs, uploaded files etc.

  • Purpose of Processing

Our AI Systems may process your data for the following purposes:

Service Delivery and Operational efficiency: to provide services to users and improve the functionality of the system or product provided, including, without limitation, personalized recommendations, productivity tools, and chatbot responses.

Security and Fraud Prevention: To protect our systems and network from, amongst others, unauthorized access, use, or disclosure.

  • Principles and Safeguards

We require that the rules and principles on the basis of which the AI Systems have been developed, and designed to operate in, are in accordance with the principles outlined in Regulation 10

We confirm the following:

  • -We do not carry out automated decision-making or profiling in relation to your personal data . We use AI technology as a tool to supplement, enhance, and make suggestions to our content, and not as a replacement for human judgement and expertise
  • -We implement appropriate technical and organizational measures to protect your personal data from unauthorized access, use, or disclosure. Such measures include, amongst others, encryption, access controls, and security assessments.

6. YOUR DATA PROTECTION RIGHTS

Under data protection law, you have the right to:

  • access the personal data that we hold about you, and to some related information;.
  • upon request and in certain circumstances, receive your personal data, in a structured, commonly used and machine-readable format (data portability).
  • require any inaccurate personal data to be corrected or deleted;
  • object to our use of your personal data for direct marketing purposes at any time;
  • object to our processing of some or all of your personal data (and, in some circumstances, require them to be blocked or deleted);
  • restrict our processing of your information to the bare minimum, in some other circumstances,
  • withdraw consent to the processing of your personal data you may have granted to us;
  • know the recipients of your personal data;
  • not be subject to solely automated decision making, including profiling, and not be discriminated for exercising any of your data protection rights.

Please contact us if you wish to discuss or exercise any of these rights. You can also lodge complaints with any relevant local data protection authority, either where you live or work or where MUFG Securities is located.

6. HOW TO CONTACT US

If you have any questions about this privacy notice or our processing of your personal data, or if you wish to exercise your data protection rights, our contact details are

MUFG Securities (DIFC Branch) EMEA plc,
25 Ropemaker Street,
London,
EC2Y 9AJ,
United Kingdom

Our email is: dpo@uk.mufg.jp. We are committed to working with you to obtain a fair resolution of any complaint or concerns about privacy.