INVESTOR DATA PROTECTION AND PRIVACY NOTICES
Brookfield is committed to compliance with applicable legal and regulatory requirements relating to data protection, privacy and cybersecurity as further set out in our Code of Business Conduct and Ethics. At Brookfield, we respect your privacy and these investor data protection policy and privacy notices govern how Brookfield collects, processes and uses your Personal Data (as defined below) in your capacity as an individual investor (see Section A - Individual Investor Notice) or in your capacity as an employee or representatives of institutional investors (see Section B – Institutional Investor Notice) in Brookfield managed investment vehicles.
A. INDIVIDUAL INVESTOR NOTICE
1. INTRODUCTION
This Policy applies to Individual Investors (as defined below).
For the purposes of applicable laws and regulations relating to data protection and privacy (“Data Protection Legislation”) the Brookfield entity, which is party to your subscription agreement, acts as a controller in respect of your Personal Data.
This Policy may change from time to time. The most up to date version of this Policy can be found within the ‘Legal, Regulatory & Compliance – Other’ section within the Documents page within the Brookfield Investor Portal. We will take reasonable steps to notify you through the Brookfield Investor Portal if this Policy substantially changes, but we encourage you to check this Policy periodically to review any changes that we make to this Policy.
This Policy was last updated on April 28, 2025.
2. DEFINITIONS
The following definitions shall apply to this Policy:
“Brookfield”, “we”, “us”, “our” means the Brookfield entities and Brookfield affiliated entities set out in the ‘Who we are’ section of Annex A.
“Brookfield Investor Portal” means the data site located at https://services.sungarddx.com/LogOn/2622938 or any similar data site provided by or on behalf of Brookfield to Individual Investors from time to time.
“Individual Investor” means an individual investor in a Brookfield managed investment vehicle.
“Personal Data” has the meaning given to it or any similar term (e.g., “personal information”, “nonpublic personal information”, “PII”, “personally referable information”) in applicable Data Protection Legislation and for the avoidance of doubt includes any information which directly or indirectly identifies or otherwise relates to an individual, which is in the possession or under the control of Brookfield (or its representatives or service providers).
3. THE TYPES OF PERSONAL DATA WE COLLECT
We obtain Personal Data about you in order to perform the services we have been engaged to provide, and to comply with applicable law or policies (for example, Know Your Client and Anti-Money Laundering). That Personal Data includes:
a) Identity and Contact Data. We collect details of your name, age, date of birth, e-mail address, address, telephone number, identification number, online identifier, location, gender, nationality, citizenship and other contact information and contact history;
b) Reputation & Background Check Data. We collect data provided by you in the context of us carrying out background checks, anti-money laundering, regulatory, tax and know your client checks (such as data included in identification documents, details of criminal records and sanctions);
c) Financial, Tax & Regulatory Data. We collect (i) financial information or other information obtained as a result of your investment in any of our funds (such as advisor details, investment details, banking details, and financial details); (ii) information for any tax implications related to your financial activities, your social insurance or Medicare or social security number or other tax identification number and details of tax residency; or (iii) information required as a result of legal, tax and regulatory requirements or internal policies;
d) Services Data. We collect information relating to the services we provide to our Investors or prospective Investors.
Please note that if you do not provide certain Personal Data to Brookfield when requested (and where relevant, provide your consent), we may not be able to provide you with some or all of our services and products (including those set out in this Policy or in other agreements we enter into with you).
4. HOW WE COLLECT YOUR PERSONAL DATA
Brookfield may collect the types of Personal Data described above in Section 3:
a) Directly from you, including, for example, through your use of the Brookfield Investor Portal, when you send us an email, visit our premises, or otherwise contact or communicate with us;
b) From within Brookfield and from our affiliates;
c) From a third party acting on your behalf, for example, an intermediary, lawyer or service provider;
d) From publicly available sources; and
e) From other organizations, for example media sources, fund administrators, the institution you are employed by, and other service providers.
5. HOW WE USE YOUR PERSONAL DATA
Your Personal Data will be collected, stored, disclosed and processed by Brookfield for the following purposes, and with the following legal bases:
| Purpose | Data Categories (as defined above) | Legal Basis |
|---|---|---|
| To provide you with marketing communications and inform you about news and information relating to our business and services, including new product launches, product updates and general business news (see Section 12 below for further information); | Identity and Contact Data. | Our legitimate interests in providing marketing communications to our customers and prospective customers. |
| To assess your application for Brookfield’s products and services, where applicable; |
| Our legitimate interests in ensuring that you are an appropriate person to receive our products and services. |
| To understand your needs and interests and to respond to your enquiries; |
| Our legitimate interests in responding to queries from you. |
| To analyze and improve our services; | Services Data. | Our legitimate interests in improving our products and services. |
| For the management and administration of our business; |
| Our legitimate interests in managing our business. |
| To provide you with the products and services for which you subscribe; |
| Our legitimate interests in providing to you the products and services that you have requested. |
| To comply with and in order to assess compliance with applicable laws, rules and regulations (including tax reporting purposes pursuant to tax legislation), industry codes, voluntary codes we decide to adopt, or good practice, anywhere in the world and internal policies and procedures; |
|
|
| To confirm and verify your identity and to conduct due diligence, background and related checks (this may involve the use of a credit reference agencies and/or other third parties acting as our agents to conduct these verifications and related reviews including screens against publicly available government and/or law enforcement agency sanctions lists); |
| Our legal obligations under applicable laws, including those relating to preventing money-laundering and terrorism financing. |
| To detect, investigate and prevent fraud and other crimes or malpractice; |
| Our legitimate interests in detecting and preventing fraud and other crimes or malpractice. |
| For the purpose of, or in connection with, any legal proceedings or internal or external investigation (including in respect of prospective legal proceedings); |
|
|
| To obtain legal advice or to establish, exercise or defend legal rights; |
| Our legitimate interests in obtaining legal advice in relation to, and establish, exercise or defend, our legal rights and obligations. |
If you are located in a jurisdiction which requires us to obtain your consent to collect, use, store, process and disclose your Personal Data, you understand that, to the extent permitted by applicable law, by accepting the terms of this Policy you expressly provide your consent to Brookfield collecting, using, storing, processing and disclosing your Personal Data as set out in this Policy.
To the extent permitted by applicable law, we may record and/or monitor electronic communications (including email and telephone) to ensure compliance with our legal and regulatory obligations and internal policies and for the purposes outlined in this Policy.
6. SENSITIVE PERSONAL DATA
Certain forms of Personal Data, known as “sensitive” or “special category” personal data, are subject to specific protection or restriction by law in certain territories or regions. Depending on the jurisdiction, this data can include:
a) data relating to racial or ethnic origin;
b) political opinions;
c) religious or philosophical beliefs;
d) trade union membership information;
e) genetic data;
f) biometric data;
g) data concerning health or sex life or sexual orientation;
h) data relating to criminal activity or proceedings;
i) data relating to social aid;
j) passwords and financial information such as bank account details, credit card and debit card details;
k) citizenship or immigration status;
l) government-issued identifiers;
m) precise geolocation data; and
n) in certain circumstances, the contents of an individual’s mail, email or text messages.
We will not process this Personal Data unless such processing is compliant with applicable Data Protection Legislation.
7. DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES
For the purposes described in the table above, Brookfield shares or provides access to your Personal Data among its affiliates, related entities, and business units and third party agents, service providers and contractors outside of Brookfield:
a) Business Management. For the purpose of the management, administration, and marketing of Brookfield’s business (for example, Brookfield’s insurers);
b) Provision of Services. In order to facilitate the provision and enhancement of services to you (including the management of your investments), such as (without limitation) to background check or identity verification service providers;
c) Database Management. For the purpose of the administration and maintenance of the databases storing Personal Data (for example, Brookfield’s cloud hosting providers and system development and support providers);
d) Vendor Services. For the purposes of Brookfield receiving services (for example, Brookfield’s accountants, administrators, auditors, service providers, custodians, depositories, third party managers, paying agents, professional advisors such as consultants and legal advisors, IT and communications providers or any entity we reasonably consider necessary for the purposes outlined above). These third parties are expected to be subject to confidentiality requirements (either by contract, professional obligation, duty or otherwise) that require them to only use your Personal Data as described above;
e) System Protection. For the purpose of detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible; debugging to identify and repair errors that impair intended functionality;
f) Compliance with Law. To the extent required by law (for example, if Brookfield is compelled by an obligation or a duty to disclose your Personal Data where we believe it is necessary or appropriate to comply with any legal obligation, rule, regulations or internal Brookfield policies and procedures, including (without limitation) in order to comply with tax reporting requirements and other statutory reporting and disclosures to regulatory authorities), or to establish, exercise or defend its legal rights. This may include disclosure to regulatory bodies or government agencies, law enforcement or courts);
g) Business Transactions. As part of a transaction, financing, or for other business needs (for example, if Brookfield sells any of its businesses or assets, applies for a loan, or opens bank accounts, in which case Brookfield may need to disclose your Personal Data to the prospective buyer, lender or bank, as the case may be, as part of certain due diligence processes); or
h) Change of Control. If Brookfield or any of its affiliates, divisions or business units is acquired by a third party, including in the unlikely event of a bankruptcy, in which case the Personal Data held by Brookfield about you will be accessible to, and may be acquired by, the third party buyer.
Brookfield may share anonymous or aggregated data with third parties such as service providers in order to facilitate our business operations. We may process some of your Personal Data automatically, but we do not use computer algorithms to make automated decisions based on your Personal Data.
8. TRANSFERS OF PERSONAL DATA
Brookfield operates globally. This means Personal Data may be processed and disclosed as described above, in any country in which we conduct business or have a service provider. Accordingly, when you provide your Personal Data to Brookfield, you acknowledge and agree that we may disclose your Personal Data to recipients (including, but not limited to service providers, Brookfield affiliates or agents, and Brookfield IT servers) located in jurisdictions other than your own, including but not limited to the following countries: Australia, Brazil, Canada, China, Hong Kong, India, Japan, Singapore, South Korea, UAE, UK, USA, Spain, Germany, Colombia, the Cayman Islands, Bermuda and Luxembourg.
To the extent that applicable Data Protection Legislation does not allow or permit us to obtain your valid consent by virtue of providing this Policy to you, or otherwise rely on the other grounds set out in this Policy for disclosing your Personal Data outside of your jurisdiction, we will obtain your explicit consent through other means (if applicable) or, where relevant, ensure that the recipient is required to provide a standard of protection to your Personal Data that is equivalent to that under the Data Protection Legislation of your jurisdiction (e.g., by using standard contractual clauses for such international transfers).
In other circumstances, Data Protection Legislation may permit Brookfield to otherwise transfer your Personal Data outside your jurisdiction provided it is in compliance with such Data Protection Legislation.
9. HOW WE SAFEGUARD YOUR PERSONAL DATA
Brookfield has implemented commercially reasonable controls and appropriate technical and organizational measures to protect Personal Data, as well as to maintain the security of our information and information systems in respect of Personal Data. Individual Investor files are protected with safeguards according to the sensitivity of the information contained therein. Appropriate controls (such as restricted access) are placed on our computer systems and used where appropriate. Reasonable measures are taken to ensure physical access to Personal Data is limited to authorized employees.
10. RETENTION AND DESTRUCTION OF PERSONAL DATA
The period for which Brookfield will hold your Personal Data will vary and will be determined by the following criteria:
a) The purpose for which Brookfield is using it. Brookfield is required to retain the Personal Data for as long as is necessary to satisfy or meet the purposes for which it was obtained including applicable legal or regulatory requirements; and
b) Legal Obligations. Laws or regulations may set a minimum period for which Brookfield must retain your Personal Data.
In general, this means that we will hold your data for the duration of your investment and ten (10) years after. Depending on the requirements of the Data Protection Legislation of your jurisdiction, Brookfield will take reasonable steps in the circumstances to destroy your Personal Data when we no longer have a legal basis to retain it or to ensure that the information is anonymized.
11. YOUR RIGHTS
To the extent provided by the law of your jurisdiction, you may have legal rights in relation to the Personal Data about you that Brookfield holds. These rights may include:
a) the right to refuse to provide any Personal Data and the right to object at any time to the processing of your Personal Data. Please note that such refusal or objection may prevent us from providing services to you;
b) the right to confirm whether we process your Personal Data and to obtain information regarding the processing of your Personal Data and access to the Personal Data about you that Brookfield holds (including any available information as to the source of the Personal Data and any safeguards that may have been used to transfer Personal Data outside of your jurisdiction, as referred to in Section 8 above (including, in Switzerland, to which countries Personal Data has been transferred));
c) where consent was provided for certain processing activities, the right to withdraw your consent to the collection, processing, use and/or disclosure of your Personal Data at any time. Please note, however, that this will not affect the lawfulness of any collection, processing, use or disclosure undertaken before your withdrawal and that Brookfield may still be entitled to process your Personal Data if it has another legitimate reason (other than consent) or a consent exception for doing so. In some cases, withdrawing your consent to the collection, use, process or disclosure of some or all of your Personal Data may prevent us from providing services to you;
d) in some circumstances, the right to receive a copy of some Personal Data in a structured, commonly used and machine-readable format and/or request that Brookfield transmit that data to a third party where this is technically feasible. Please note that this right may, depending on the jurisdiction, only apply to Personal Data that you have provided to Brookfield;
e) the right to request that Brookfield rectify or correct your Personal Data if it is inaccurate or incomplete;
f) in some circumstances, the right to request that Brookfield erase your Personal Data. Please note that such a request may prevent us from providing services to you and that there may be circumstances where Brookfield is legally entitled to retain Personal Data regardless of any such request;
g) in some circumstances, the right to request that Brookfield restrict, anonymize or block its processing of your Personal Data. Please note that such a request may prevent us from providing services to you and that there may be circumstances where Brookfield is legally entitled to retain Personal Data regardless of any such request;
h) in some circumstances, the right to obtain information about the public and private entities with which Brookfield made shared use of the Personal Data as a joint controller;
i) in some circumstances, the right to receive information on the possibility of not providing consent and on the consequences of the refusal;
j) in some circumstances, the right to non-discrimination against you for exercising your legal rights in relation to your Personal Data;
k) where applicable, the right to lodge a complaint with the data protection regulator in your jurisdiction if you think that any of your rights have been infringed by Brookfield; and
l) to request information concerning the measures that the overseas recipient of your Personal Data is taking to protect your Personal Data and its details, countries to which the relevant personal data is transferred, and the existence or non-existence of data protection legislation in the countries and the details thereof.
When you contact a Brookfield employee about your file, you may be asked to provide evidence of your identity (e.g., driver’s license or passport) and/or to confirm some details relating to the Personal Data Brookfield holds about you. These types of safeguards are designed to ensure that only you, or someone authorized by you, has access to your file.
You can enquire about your rights, which are applicable to you, by contacting Brookfield using the details listed below in Section 17. If you wish to exercise any of the rights, which are applicable to you, when you contact Brookfield using the details listed below, you will be asked to complete a ‘Subject Access Request Form’.
12. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES
To the extent permitted by applicable law, we may contact you by mail, e-mail, SMS/text, telephone and other electronic means to provide information on products and services that we believe will be of interest, unless you object to receiving such information. If you do not want to receive such communications from us please contact the Privacy Officer on the details set out below in Section 17 or by using the opt-out facilities provided within the relevant marketing material. In jurisdictions where your opt-in consent is required, we will obtain your opt-in consent before using your personal data for marketing purposes.
Your option not to receive promotional and marketing material: (a) shall not preclude us from corresponding with you, by email or otherwise, regarding your relationship with us (e.g., your account status and activity or our responses to questions or inquiries you pose to us); (b) shall not preclude us, including our employees, contractors, agents and other representatives, from using your Personal Data for our internal business purposes as described above; and (c) shall not preclude us from disclosing your Personal Data as described in this Policy for purposes other than sending you promotional and marketing materials.
13. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES IN CANADA AND AUSTRALIA
Canadian Anti-Spam Legislation requires that commercial electronic messages (“CEMs”) sent within Canada or into Canada from another jurisdiction may only be sent to individuals who opt into receiving them, subject to certain exceptions. Such consent may be implicit, such as by engaging in a prior business relationship, or by virtue of having one’s email address listed in a public directory. These anti-spam laws also require senders to include an opt-out function such as an “unsubscribe” mechanism within a CEM. You may opt-out of the collection or use of your information by Brookfield. In some cases, withdrawing your consent to the collection, use or disclosure of some or all of your personal information will prevent us from providing services to you. To opt-out, please contact Brookfield’s Privacy Officer using the details set out below or use the opt-out facility provided in the CEM. Please note that in some cases Brookfield is permitted to send you certain CEMs after you opt out, such as where required to enforce legal rights.
14. ADDITIONAL PRIVACY NOTICE INFORMATION REQUIRED FOR US INDIVIDUALS
Please see Annex A.
15. ADDITIONAL PRIVACY NOTICE INFORMATION REQUIRED FOR CHINA RESIDENTS
For individuals who are residents in China, we will deal with your Personal Data (which has the same meaning as “Personal Information” under the Personal Information Protection Law, the China Cybersecurity Law and the Information Security Technology – Personal Information Security Specification) in accordance with all applicable laws and regulations.
If Brookfield allows individuals to register an account online in China, individuals also have the right to request Brookfield to deregister the account unless: (i) there are recent suspicious activities relating to the account such as change of password or identity verification information; (ii) the individuals wish to retain the assets, rights or benefits in the account; (iii) there are unfinished orders or services; or (iv) there are outstanding disputes with the individuals, including complaints.
16. QUESTIONS AND CONCERNS
If you have any questions or concerns about Brookfield’s handling of your Personal Data, or about this Policy, please contact our Privacy Officer using the contact information set out below.
We are typically able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our Privacy Officer, depending on your jurisdiction, you may have the option to escalate concerns to the applicable privacy regulator in your jurisdiction, the details of which can be obtained from the Privacy Officer.
17. BROOKFIELD PRIVACY OFFICE CONTACT INFORMATION
Department: Legal & Regulatory
Email: PrivacyOfficer@Brookfield.com
If you are a resident in Dubai, you can also contact us by post:
Attention: Privacy Officer
Brookfield
ICD Brookfield Place
Level 24
Al Mustaqbal Street, DIFC
P.O. Box 507234
Dubai
Annex A
Privacy Notice
| Facts | What does Brookfield do with your personal information? |
|---|---|
| Why? | Financial companies choose how they share your personal information. U.S. federal law gives consumers the right to limit some but not all sharing. U.S. federal law also requires us to tell you how we collect, share, and protect your personal information. Please read this notice carefully to understand what we do. |
| What? | The types of personal information we collect and share depend on the product or service you have with us. This information can include:
|
| How? | All financial companies need to share customers’ personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers’ personal information; the reasons Brookfield chooses to share; and whether you can limit this sharing. |
| Reasons we can share your personal information | Does Brookfield share? | Can you limit this sharing? |
|---|---|---|
| For our everyday business purposes — such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureaus | Yes | No |
| For our marketing purposes — to offer our products and services to you | Yes | No |
| For joint marketing with other financial companies | No | We don't share |
| For our affiliates’ everyday business purposes — information about your transactions and experiences | No | We don't share |
| For our affiliates’ everyday business purposes — information about your creditworthiness | No | We don't share |
| For our affiliates to market to you | No | We don't share |
| For nonaffiliates to market to you | No | We don't share |
Questions?
Contact Ronald Fisher-Dayn by phone at (212) 978-1763 or via email at ronald.fisher-dayn@brookfield.com.
| Who we are | |
|---|---|
| Who is providing this notice? | The Brookfield affiliated entities set forth below |
| What we do | |
|---|---|
| How does Brookfield protect my personal information? | To protect your personal information from unauthorized access and use, we use security measures that comply with federal law. These measures include computer safeguards and secured files and buildings. |
| How does Brookfield collect my personal information? | We collect your personal information, for example, when you:
|
| Why can’t I limit all sharing? | U.S. federal law gives you the right to limit only:
State laws and individual companies may give you additional rights to limit sharing. |
| Definitions | |
|---|---|
| Affiliates | Companies related by common ownership or control. They can be financial and nonfinancial companies. Our affiliates include entities that are wholly owned Brookfield Asset Management Ltd. Brookfield Asset Management Ltd. does not share with our affiliates information about your transactions, experiences, or creditworthiness or information they may use to market to you. |
| Nonaffiliates | Companies not related by common ownership or control. They can be financial and nonfinancial companies. Brookfield does not share with nonaffiliates so they can market to you. |
| Joint marketing | A formal agreement between nonaffiliated financial companies that together market financial products or services to you. Brookfield does not jointly market. |
| Other important information |
|---|
| N/A |
B. INSTITUTIONAL INVESTOR NOTICE
1. INTRODUCTION
This Policy applies to Institutional Investors (as defined below). California residents, please click here to go directly to Section 14 (California Privacy Rights).
For the purposes of applicable laws and regulations relating to data protection and privacy (“Data Protection Legislation”) the Brookfield entity, which is party to your (or, where you act on behalf of an institution, your institution’s) subscription agreement, acts as a controller in respect of your Personal Data.
This Policy may change from time to time. The most up to date version of this Policy can be found within the ‘Legal, Regulatory & Compliance – Other’ section within the Documents page within the Brookfield Investor Portal. We will take reasonable steps to notify you through the Brookfield Investor Portal if this Policy substantially changes, but we encourage you to check this Policy periodically to review any changes that we make to this Policy.
This Policy was last updated on April 28, 2025.
2. DEFINITIONS
The following definitions shall apply to this Policy:
“Brookfield”, “we”, “us”, “our” means the Brookfield entities and Brookfield affiliated entities set out in the ‘Who we are’ section of Annex A.
“Brookfield Investor Portal” means the data site located at https://services.sungarddx.com/LogOn/2622938 or any similar data site provided by or on behalf of Brookfield to Institutional Investors from time to time.
“Institutional Investor” means employees or representatives of institutional investors (direct or intermediary) in a Brookfield managed investment vehicle.
“Personal Data” has the meaning given to it or any similar term (e.g., “personal information”, “nonpublic personal information”, “PII”, “personally referable information”) in applicable Data Protection Legislation and for the avoidance of doubt includes any information which directly or indirectly identifies or otherwise relates to an individual, which is in the possession or under the control of Brookfield (or its representatives or service providers).
3. THE TYPES OF PERSONAL DATA WE COLLECT
We obtain Personal Data about you in order to perform the services we have been engaged to provide, and to comply with applicable law or policies (for example, Know Your Client and Anti-Money Laundering). That Personal Data includes:
a) Identity and Contact Data. We collect details of your name, age, date of birth, e-mail address, address, telephone number, identification number, online identifier, location, gender, nationality, citizenship and other contact information and contact history;
Please note that if you do not provide certain Personal Data to Brookfield when requested (and where relevant, provide your consent), we may not be able to provide you with some or all of our services and products (including those set out in this Policy or in other agreements we enter into with you).
4. HOW WE COLLECT YOUR PERSONAL DATA
Brookfield may collect the types of Personal Data described above in Section 3:
a) Directly from you, including, for example, through your use of the Brookfield Investor Portal, when you send us an email, visit our premises, or otherwise contact or communicate with us;
b) From within Brookfield and from our affiliates;
c) From a third party acting on your behalf, for example, an intermediary, lawyer or service provider;
d) From publicly available sources; and
e) From other organizations, for example media sources, fund administrators, the institution you represent or are employed by, and other service providers.
5. HOW WE USE YOUR PERSONAL DATA
Your Personal Data will be collected, stored, disclosed and processed by Brookfield for the following purposes, and with the following legal bases:
| Purpose | Data Categories (as defined above) | Legal Basis |
|---|---|---|
| To provide you with marketing communications and inform you about news and information relating to our business and services, including new product launches, product updates and general business news (see Section 12 below for further information); | Identity and Contact Data. | Our legitimate interests in providing marketing communications to our customers and prospective customers. |
| To understand your needs and interests and to respond to your enquiries; | Identity and Contact Data. | Our legitimate interests in responding to queries from you. |
| To analyze and improve our services; | Identity and Contact Data. | Our legitimate interests in improving our products and services. |
| For the management and administration of our business; | Identity and Contact Data. | Our legitimate interests in managing our business. |
| To provide you with the products and services for which you subscribe; | Identity and Contact Data. | Our legitimate interests in providing to you the products and services that you have requested. |
| To comply with and in order to assess compliance with applicable laws, rules and regulations (including tax reporting purposes pursuant to tax legislation), industry codes, voluntary codes we decide to adopt, or good practice, anywhere in the world and internal policies and procedures; | Identity and Contact Data. |
|
| To confirm and verify your identity and to conduct due diligence, background and related checks (this may involve the use of credit reference agencies and/or other third parties acting as our agents to conduct these verifications and related reviews including screens against publicly available government and/or law enforcement agency sanctions lists); | Identity and Contact Data. | Our legal obligations under applicable laws, including those relating to preventing money-laundering and terrorism financing. |
| To detect, investigate and prevent fraud and other crimes or malpractice; | Identity and Contact Data. | Our legitimate interests in detecting and preventing fraud and other crimes or malpractice. |
| For the purpose of, or in connection with, any legal proceedings or internal or external investigation (including in respect of prospective legal proceedings); | Identity and Contact Data. |
|
| To obtain legal advice or to establish, exercise or defend legal rights. | Identity and Contact Data. | Our legitimate interests in obtaining legal advice in relation to, and establish, exercise or defend, our legal rights and obligations. |
If you are located in a jurisdiction which requires us to obtain your consent to collect, use, store, process and disclose your Personal Data, you understand that, to the extent permitted by applicable law, by accepting the terms of this Policy you expressly provide your consent to Brookfield collecting, using, storing, processing and disclosing your Personal Data as set out in this Policy.
To the extent permitted by applicable law, we may record and/or monitor electronic communications (including email and telephone) to ensure compliance with our legal and regulatory obligations and internal policies and for the purposes outlined in this Policy.
6. SENSITIVE PERSONAL DATA
Certain forms of Personal Data, known as “sensitive” or “special category” personal data, are subject to specific protection or restriction by law in certain territories or regions. Depending on the jurisdiction, this data can include:
a) citizenship or immigration status;
b) government-issued identifiers;
c) precise geolocation data; and;
d) in certain circumstances, the contents of an individual’s mail, email or text messages.
We will not process this Personal Data unless such processing is compliant with applicable Data Protection Legislation.
7. DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES
For the purposes described in the table above, Brookfield shares or provides access to your Personal Data among its affiliates, related entities, and business units and third-party agents, service providers and contractors outside of Brookfield:
a) Business Management. For the purpose of the management, administration, and marketing of Brookfield’s business (for example, Brookfield’s insurers);
b) Provision of Services. In order to facilitate the provision and enhancement of services to you (including the management of your investments), such as (without limitation) to background check or identity verification service providers;
c) Database Management. For the purpose of the administration and maintenance of the databases storing Personal Data (for example, Brookfield’s cloud hosting providers and system development and support providers);
d) Vendor Services. For the purposes of Brookfield receiving services (for example, Brookfield’s accountants, administrators, auditors, service providers, custodians, depositories, third party managers, paying agents, professional advisors such as consultants and legal advisors, IT and communications providers or any entity we reasonably consider necessary for the purposes outlined above). These third parties are expected to be subject to confidentiality requirements (either by contract, professional obligation, duty or otherwise) that require them to only use your Personal Data as described above;
e) System Protection. For the purpose of detecting security incidents, protecting against malicious, deceptive, fraudulent, or illegal activity, and prosecuting those responsible; debugging to identify and repair errors that impair intended functionality;
f) Compliance with Law. To the extent required by law (for example, if Brookfield is compelled by an obligation or a duty to disclose your Personal Data where we believe it is necessary or appropriate to comply with any legal obligation, rule, regulations or internal Brookfield policies and procedures, including (without limitation) in order to comply with tax reporting requirements and other statutory reporting and disclosures to regulatory authorities), or to establish, exercise or defend its legal rights. This may include disclosure to regulatory bodies or government agencies, law enforcement or courts);
g) Business Transactions. As part of a transaction, financing, or for other business needs (for example, if Brookfield sells any of its businesses or assets, applies for a loan, or opens bank accounts, in which case Brookfield may need to disclose your Personal Data to the prospective buyer, lender or bank, as the case may be, as part of certain due diligence processes); or
h) Change of Control. If Brookfield or any of its affiliates, divisions or business units is acquired by a third party, including in the unlikely event of a bankruptcy, in which case the Personal Data held by Brookfield about you will be accessible to, and may be acquired by, the third-party buyer.
Brookfield may share anonymous or aggregated data with third parties such as service providers in order to facilitate our business operations. To the extent such data constitutes de-identified data under the California Consumer Privacy Act ("CCPA"), Brookfield will maintain the de-identified data in a form and will not attempt to re-identify the data. We may process some of your Personal Data automatically, but we do not use computer algorithms to make automated decisions based on your Personal Data.
8. TRANSFERS OF PERSONAL DATA
Brookfield operates globally. This means Personal Data may be processed and disclosed as described above, in any country in which we conduct business or have a service provider. Accordingly, when you provide your Personal Data to Brookfield, you acknowledge and agree that we may disclose your Personal Data to recipients (including, but not limited to service providers, Brookfield affiliates or agents, and Brookfield IT servers) located in jurisdictions other than your own, including but not limited to the following countries: Australia, Brazil, Canada, China, Hong Kong, India, Japan, Singapore, South Korea, UAE, UK, USA, Spain, Germany, Colombia, the Cayman Islands, Bermuda and Luxembourg.
To the extent that applicable Data Protection Legislation does not allow or permit us to obtain your valid consent by virtue of providing this Policy to you, or otherwise rely on the other grounds set out in this Policy for disclosing your Personal Data outside of your jurisdiction, we will obtain your explicit consent through other means (if applicable) or, where relevant, ensure that the recipient is required to provide a standard of protection to your Personal Data that is equivalent to that under the Data Protection Legislation of your jurisdiction (e.g., by using standard contractual clauses for such international transfers).
In other circumstances, Data Protection Legislation may permit Brookfield to otherwise transfer your Personal Data outside your jurisdiction provided it is in compliance with such Data Protection Legislation.
9. HOW WE SAFEGUARD YOUR PERSONAL DATA
Brookfield has implemented commercially reasonable controls and appropriate technical and organizational measures to protect Personal Data, as well as to maintain the security of our information and information systems in respect of Personal Data. Institutional Investor files are protected with safeguards according to the sensitivity of the information contained therein. Appropriate controls (such as restricted access) are placed on our computer systems and used where appropriate. Reasonable measures are taken to ensure physical access to Personal Data is limited to authorized employees.
10. RETENTION AND DESTRUCTION OF PERSONAL DATA
The period for which Brookfield will hold your Personal Data will vary and will be determined by the following criteria:
a) The purpose for which Brookfield is using it. Brookfield is required to retain the Personal Data for as long as is necessary to satisfy or meet the purposes for which it was obtained including applicable legal or regulatory requirements; and
b) Legal Obligations. Laws or regulations may set a minimum period for which Brookfield must retain your Personal Data.
In general, this means that we will hold your data for the duration of your investment and 7 years after. Depending on the requirements of the Data Protection Legislation of your jurisdiction, Brookfield will take reasonable steps in the circumstances to destroy your Personal Data when we no longer have a legal basis to retain it or to ensure that the information is anonymized.
11. YOUR RIGHTS
To the extent provided by the law of your jurisdiction, you may have legal rights in relation to the Personal Data about you that Brookfield holds. These rights may include:
a) the right to refuse to provide any Personal Data and the right to object at any time to the processing of your Personal Data. Please note that such refusal or objection may prevent us from providing services to you;
b) the right to confirm whether we process your Personal Data and to obtain information regarding the processing of your Personal Data and access to the Personal Data about you that Brookfield holds (including any available information as to the source of the Personal Data and any safeguards that may have been used to transfer Personal Data outside of your jurisdiction, as referred to in Section 8 above (including, in Switzerland, to which countries Personal Data has been transferred));
c) where consent was provided for certain processing activities, the right to withdraw your consent to the collection, processing, use and/or disclosure of your Personal Data at any time. Please note, however, that this will not affect the lawfulness of any collection, processing, use or disclosure undertaken before your withdrawal and that Brookfield may still be entitled to process your Personal Data if it has another legitimate reason (other than consent) or a consent exception for doing so. In some cases, withdrawing your consent to the collection, use, process or disclosure of some or all of your Personal Data may prevent us from providing services to you;
d) in some circumstances, the right to receive a copy of some Personal Data in a structured, commonly used and machine-readable format and/or request that Brookfield transmit that data to a third party where this is technically feasible. Please note that this right may, depending on the jurisdiction, only apply to Personal Data that you have provided to Brookfield;
e) the right to request that Brookfield rectify or correct your Personal Data if it is inaccurate or incomplete;
f) in some circumstances, the right to request that Brookfield erase your Personal Data. Please note that such a request may prevent us from providing services to you and that there may be circumstances where Brookfield is legally entitled to retain Personal Data regardless of any such request;
g) in some circumstances, the right to request that Brookfield restrict, anonymize or block its processing of your Personal Data. Please note that such a request may prevent us from providing services to you and that there may be circumstances where Brookfield is legally entitled to retain Personal Data regardless of any such request;
h) in some circumstances, the right to obtain information about the public and private entities with which Brookfield made shared use of the Personal Data as a joint controller;
i) in some circumstances, the right to receive information on the possibility of not providing consent and on the consequences of the refusal;
j) in some circumstances, the right to non-discrimination against you for exercising your legal rights in relation to your Personal Data;
k) where applicable, the right to lodge a complaint with the data protection regulator in your jurisdiction if you think that any of your rights have been infringed by Brookfield;
l) to request information concerning the measures that the overseas recipient of your Personal Data is taking to protect your Personal Data and its details, countries to which the relevant personal data is transferred, and the existence or non-existence of data protection legislation in the countries and the details thereof;
m) to request, twice in a 12-month period, that we provide (a) certain information about: (i) the categories of Personal Information we have collected about you; (ii) the categories of sources from which the Personal Information is collected; (iii) the business or commercial purpose for collecting your Personal Information; and (iv) the categories of third parties to whom we have disclosed your Personal Information; and/or (b) the specific pieces of Personal Information we have collected, used, and disclosed about you during the past 12 months;
n) to not experience discriminatory treatment because you have exercised any rights.
When you contact a Brookfield employee about your file, you may be asked to provide evidence of your identity (e.g., driver’s license or passport) and/or to confirm some details relating to the Personal Data Brookfield holds about you. These types of safeguards are designed to ensure that only you, or someone authorized by you, has access to your file.
You can enquire about your rights, which are applicable to you, by contacting Brookfield using the details listed below in Section 17. If you wish to exercise any of the rights, which are applicable to you, when you contact Brookfield using the details listed below, you will be asked to complete a ‘Subject Access Request Form’.
12. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES
To the extent permitted by applicable law, we may contact you by mail, e-mail, SMS/text, telephone and other electronic means to provide information on products and services that we believe will be of interest, unless you object to receiving such information. If you do not want to receive such communications from us please contact the Privacy Officer on the details set out below in Section 17 or by using the opt-out facilities provided within the relevant marketing material. In jurisdictions where your opt-in consent is required, we will obtain your opt-in consent before using your personal data for marketing purposes.
Your option not to receive promotional and marketing material: (a) shall not preclude us from corresponding with you, by email or otherwise, regarding your relationship with us (e.g., your account status and activity or our responses to questions or inquiries you pose to us); (b) shall not preclude us, including our employees, contractors, agents and other representatives, from using your Personal Data for our internal business purposes as described above; and (c) shall not preclude us from disclosing your Personal Data as described in this Policy for purposes other than sending you promotional and marketing materials.
13. PROCESSING OF PERSONAL DATA FOR MARKETING PURPOSES IN CANADA AND AUSTRALIA
Canadian Anti-Spam Legislation requires that commercial electronic messages (“CEMs”) sent within Canada or into Canada from another jurisdiction may only be sent to individuals who opt into receiving them, subject to certain exceptions. Such consent may be implicit, such as by engaging in a prior business relationship, or by virtue of having one’s email address listed in a public directory. These anti-spam laws also require senders to include an opt-out function such as an “unsubscribe” mechanism within a CEM. You may opt-out of the collection or use of your information by Brookfield. In some cases, withdrawing your consent to the collection, use or disclosure of some or all of your personal information will prevent us from providing services to you. To opt-out, please contact Brookfield’s Privacy Officer using the details set out below or use the opt-out facility provided in the CEM. Please note that in some cases Brookfield is permitted to send you certain CEMs after you opt out, such as where required to enforce legal rights.
14. ADDITIONAL INFORMATION FOR CALIFORNIA RESIDENTS
NOTICE AT COLLECTION
If you are a California resident, this section of the Policy is intended to provide you with supplemental information concerning your rights under the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”) regarding Personal Data (referred to as “Personal Information” under the CCPA and throughout this Section).
Our collection, use, retention and disclosure of Personal Information.
- Sales and Sharing of Personal Information. We do not, and have not, sold any categories of Personal Information, including Sensitive Personal Information, to third parties or shared any categories of Personal Information for the purpose of cross-context behavioral advertising.
- Collection and Sources of Personal Information. We have collected and used the following categories of Personal Information from the sources outlined in Section 4. and disclosed such categories of Personal Information to the following categories of recipients:
| Categories of Personal Information | Categories of Recipients |
|---|---|
| Identity and Contact Data, as described in Section 3(a) of the Policy. |
|
We do not knowingly collect or solicit any categories of Personal Information from any individual under the age of eighteen (18).
- Use of Personal Information. In the preceding twelve (12) months, we used the Personal Information described above for our business and commercial purposes as described in Section 5, (How We Use Your Personal Data), Section 7 (Disclosure of Your Personal Data to Third Parties), and Section 12 (Processing of Personal Data for Marketing Purposes) of the Policy.
- Sensitive Personal Information. Sensitive Personal Information under the CCPA may include driver’s license numbers, or passport numbers; account credentials; precise geolocation; as well as contents of a consumer’s mail, email and text messages. To the extent we collect your Sensitive Personal Information, we will not use or disclose such information for purposes other than (A) to perform services that you reasonably expect from us; (B) to prevent, detect and investigate security incidents; (C) to resist illegal actions directed at the business and to prosecute and defend our rights; (D) to ensure the physical safety of others; (E) for short-term, transient use; (F) to perform services necessary for the business; (G) to verify and maintain the quality and safety of our product or services; and (H) generally for purposes that do not infer characteristics about you. We do use your Sensitive Personal Information for purposes beyond those described here or otherwise allowed by applicable law.
Retention of Personal Information. We retain Personal Information for as long as is reasonably necessary in connection with the purposes for which the Personal Information was collected. For additional information on how we store your Personal Information, please refer to Section 10 (Retention and Destruction of Personal Data) of the Policy.
Your California Privacy Rights.
Your CCPA Privacy Rights. You may, subject to applicable law, make requests as described in Section 11 in the main part of the Policy. have certain choices regarding our use and disclosure of your Personal Information.
- How to Submit a Request. You may submit a request by using one of the following methods.
Call: 1-833-681-0340
Email us: PrivacyOfficer@Brookfield.com
- Verifying Your Requests. To help protect your privacy and maintain security, we will take steps to verify your identity before granting you access to your Personal Information or complying with your request. If we are successful in validating your identity, we will respond to your request within the time and in the manner required by the CCPA. If we are unable to verify your identity, we will need to deny your request. We reserve the right to deny requests in certain circumstances, such as where we have a reasonable belief that the request is fraudulent.
- Individual Verification. If you request to know, access, delete, and/or correct your Personal Information, we may require you to provide any of the following information: address, date of birth, state or country of residence, telephone number, email address, or details of a transaction. We will use the information you submit and the Personal Information we have in our systems to try to verify your identity and to match the Personal Information we have collected about you, if any, to your identity.
- Authorized Agent. If you designate an authorized agent to make an access or deletion request on your behalf, we may require you to (1) provide the authorized agent written permission (e.g., via a notarized letter) to do so, and (2) verify your own identity directly with us (as described above), and confirm with us that you provided the authorized agent permission to submit the request.
- Individual Verification. If you request to know, access, delete, and/or correct your Personal Information, we may require you to provide any of the following information: address, date of birth, state or country of residence, telephone number, email address, or details of a transaction. We will use the information you submit and the Personal Information we have in our systems to try to verify your identity and to match the Personal Information we have collected about you, if any, to your identity.
Additional California Privacy Disclosures.
Do Not Track Signals. Your browser and other mechanisms may permit you to send do-not-track signals or other similar signals via your browser settings to express your preferences regarding online tracking. Due to the lack of any standard for how do-not-track signals should work on commercial websites, we do not currently respond to such signals.
15. ADDITIONAL PRIVACY NOTICE INFORMATION REQUIRED FOR CHINA RESIDENTS
For individuals who are residents in China, we will deal with your Personal Data (which has the same meaning as “Personal Information” under the Personal Information Protection Law, the China Cybersecurity Law and the Information Security Technology – Personal Information Security Specification) in accordance with all applicable laws and regulations.
If Brookfield allows individuals to register an account online in China, individuals also have the right to request Brookfield to deregister the account unless: (i) there are recent suspicious activities relating to the account such as change of password or identity verification information; (ii) the individuals wish to retain the assets, rights or benefits in the account; (iii) there are unfinished orders or services; or (iv) there are outstanding disputes with the individuals, including complaints.
16. QUESTIONS AND CONCERNS
If you have any questions or concerns about Brookfield’s handling of your Personal Data, or about this Policy, please contact our Privacy Officer using the contact information set out below.
We are typically able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our Privacy Officer, depending on your jurisdiction, you may have the option to escalate concerns to the applicable privacy regulator in your jurisdiction, the details of which can be obtained from the Privacy Officer.
17. BROOKFIELD PRIVACY OFFICE CONTACT INFORMATION
Department: Legal & Regulatory
Email: PrivacyOfficer@Brookfield.com
If you are a resident in Dubai, you can also contact us by post:
Attention: Privacy Officer
Brookfield
ICD Brookfield Place
Level 24
Al Mustaqbal Street, DIFC
P.O. Box 507234
Dubai
