Last updated: October 2018
The protection of privacy and personal data is an important concern to which AllianzGI pays special attention. We believe in transparency and are committed to being clear about our privacy practices, including how we process personal data.
To comply with the legal requirements under the EU General Data Protection Regulation, we have revised our Privacy Policies (see below).
If you cannot find the privacy notice applying to you or you have any other questions regarding data privacy, please reach out to email@example.com
Privacy Notice regarding the collection, processing and use of personal data of Supplier’s Workforce
In case the use of individuals acting as or on behalf of the supplier (“Supplier’s Workforce”) by Allianz Global Investors GmbH and/or its affiliates (“AllianzGI”) is agreed between AllianzGI and a legal entity providing services and/or products (“Supplier”), the Supplier shall inform such individuals about the content of the following information and – to the extent required by applicable data privacy laws – obtain their consent to ensure that data relating to them may be processed as described in this privacy notice (“Privacy Notice”).
- Who is responsible for the processing of personal data of Supplier’s Workforce?
The responsible party for the processing of personal data of Supplier’s Workforce is the AllianzGI entity that determines the means and the purposes of the processing.
Moreover, other entities of the Allianz Group could become responsible for the Processing of such personal data, for example, if the services of Supplier are performed for several Allianz Group entities. A list of the Allianz Group entities is available upon request to firstname.lastname@example.org. To the extent two or more Allianz Group entities process such personal data in a joint manner, Supplier’s Workforce is kindly requested to address any queries directly to the contact details as set out in Section 9. If necessary, the query will then be forwarded to the respective Allianz Group entities.
- Collection, processing and use of personal data
AllianzGI collects, processes and uses the following types of personal data of Supplier’s Workforce for the purposes set out in Section 3 below:
Organizational data (e.g. company, organizational unit, location, position, work schedule); master data regarding deployed individuals (e.g. first name, last name, salutation, gender, address, bank account information); contractual data (e.g. contract information, entry and end date, working hours/days); compliance data (e.g. training, personal account dealing).
- Purposes of the collection, processing and use of personal data
AllianzGI collects, processes and uses personal data of Supplier’s Workforce for the following purposes: Administration of existing contractual relationships; billing of performed / provided services; granting access to and supporting the Supplier’s Workforce in connection with the use of IT resources belonging to AllianzGI; granting access to AllianzGI premises; general corporate planning; safeguarding and defending AllianzGI‘s interests, for example where it is necessary to investigate, prevent or take action regarding (suspected) illegal activities, situations involving potential threats to the safety of any person or potential harm to AllianzGI; and fulfillment of legal obligations (for example, tax, accounting and administrative obligations as well as compliance with law enforcement requests or discovery procedures, or where required or permitted by applicable laws, court orders, government regulations, or government authorities ).
- Sharing of protected data of Supplier’s Workforce
Access to such personal data is only granted to a restricted group of selected individuals at AllianzGI bound by data secrecy, and such access is always only granted on a "need to know" basis, i.e. insofar as knowledge of the data is required to perform the tasks assigned to these individuals.
In connection with the processing of such personal data, AllianzGI may commission affiliated companies of the Allianz Group or external service providers to perform certain tasks as part of their ordinary business activities (e.g. outsourcing of accounting or commissioning of IT service providers). AllianzGI will (i) select such providers carefully and (ii) ensure that these providers take appropriate technical and organizational measures to protect such personal data, and only process this data in line with the instructions issued by AllianzGI and for no purposes other than those specified.
In connection with the Processing of such Protected Data, AllianzGI may commission affiliated companies of the Allianz Group or external service providers to perform certain tasks as part of their ordinary business activities (e.g. outsourcing of accounting or commissioning of IT service providers). AllianzGI will (i) select such providers carefully and (ii) ensure that these providers take appropriate technical and organizational measures to protect such Protected Data, and only process this data in line with the instructions issued by AllianzGI and for no purposes other than those specified.
Personal data of Supplier’s Workforce may be processed both inside and outside of the European Union (“EU”) and the European Economic Area (“EEA”) by the parties specified in this section. EU / EEA Member States and other countries all have different laws regarding the protection of such personal data, and the level of data privacy in countries outside of the EU / EEA might be lower. When transferring such personal data internationally AllianzGI makes sure to comply with applicable data privacy laws and regulations, for example, by relying on decisions of the EU Commission on the adequacy of data privacy in a certain country, or – in the absence of such decision – by entering into agreements which will ensure that the recipients of the personal data of the Supplier’s Workforce maintain an adequate level of data privacy (for example by implementing so-called Standard Contractual Clauses approved by the EU Commission), or – within the Allianz Group – on the basis of Allianz’ approved binding corporate rules known as the Allianz Privacy Standard (“Allianz’ BCRs”) which establish adequate protection for personal data within Allianz Group and are legally binding on all Allianz Group companies. Allianz’ BCRs and the list of Allianz Group companies that comply with them can be accessed here.
AllianzGI may also disclose the personal data of Supplier’s Workforce to foreign governmental agencies or entities, regulatory authorities, or other persons in line with any applicable law, regulations, court order or official request, or similar processes as either required or permitted by applicable law.
- Legal bases for the processing of personal data of Supplier’s Workforce
AllianzGI processes personal data of Supplier’s Workforce only where permitted by applicable legal bases, such as compliance with a legal obligation to which AllianzGI is subject (for example, where AllianzGI is legally obliged to retain certain personal data) or where the processing is necessary for the legitimate interests of AllianzGI. Legitimate interests of AllianzGI include – as the case may be – the administration of existing contractual relationships and performance of the respective services; protecting AllianzGI and/or its employees from harm, by preventing or detecting illegal activities, suspected fraud or situations involving potential threats to the safety of any person or potential harm to Allianz GI.
To the extent this is required by applicable data privacy laws and regulations, AllianzGI shall process personal data of Supplier’s Workforce on the basis of consent provided by the Supplier’s Workforce.
- Protection of personal data of Supplier’s Workforce
AllianzGI maintains appropriate technical and organizational security safeguards designed to protect such personal data against accidental, unlawful or unauthorized destruction, loss, alteration, access, disclosure, or use.
- Duration of data storage
In any event, AllianzGI will not retain the personal data of Supplier’s Workforce longer than necessary to fulfil the purposes for which such data was collected or to fulfil legal obligations.
- Rights of Supplier’s Workforce regarding the processing of personal data
The rights of Supplier’s Workforce under applicable data privacy laws and regulations may include access to the personal data AllianzGI processes about them, the right to have such personal data corrected, erased or blocked, the right to restrict the processing of such personal data, or the right to object to certain data processing activities (on specific grounds relating to the Supplier’s Workforce particular situation that override AllianzGI´s compelling legitimate grounds for the processing), as well as the right to data portability and the right to withdraw consent at any time where such Personal data is processed with consent (without affecting the lawfulness of processing based on consent before its withdrawal).
Such rights may be denied as set forth in applicable privacy laws.
- Contact details
Questions, complaints or requests to exercise the aforementioned rights regarding the processing of personal data can be directed to email@example.com. Supplier’s Workforce can also lodge complaints to the respective data protection authority when applicable.
- Updates to this Privacy Notice
AllianzGI regularly reviews this Privacy Notice. In case of any significant changes, AllianzGI will provide notifications on the relevant AllianzGI websites or through other appropriate communication channels.