TD Cowen Non-U.S. Privacy Notice

NON-U.S. CUSTOMER PRIVACY NOTICE

This Non-U.S. Customer Privacy Notice (this “Notice”) describes how Cowen Inc., Cowen Execution Services Limited, Cowen Asia Limited (Hong Kong), Cowen and Company (Asia) Limited (SFC Hong Kong), Cowen Israel Limited and their respective subsidiaries (collectively referred to as “TD Cowen Companies”, “we”, “us”, “our” or similar pronouns), collect, use and process personal information about natural persons who are our current or former clients and other individuals based in the European Economic Area (“EEA”), or a jurisdiction with substantially similar privacy or data protection laws (including, for example, the United Kingdom and Switzerland and Cayman Islands), Hong Kong or Israel (“you”).

This Notice is provided by each of the aforementioned TD Cowen Companies only to the extent that it is regarded as a “data controller” under applicable data protection laws. In such circumstances, each entity is an independent data controller under applicable data protection laws.

Cowen Inc. was recently acquired by The Toronto-Dominion Bank. Cowen Inc. and its subsidiaries prior to the acquisition are now indirect subsidiaries of The Toronto-Dominion Bank, continue to operate legacy Cowen businesses and references herein to “TD Cowen” are references to the Cowen legacy businesses. This privacy notice and the other privacy notices and policies referenced herein only apply to Cowen Inc. legacy businesses as stated therein and do not otherwise cover operations of the Toronto- Dominion Bank and its other subsidiaries.

1. YOUR PRIVACY IS IMPORTANT TO US 

Your privacy is important to us. We recognise that you entrust your personal information to us, and we understand the importance of maintaining the confidentiality and security of your personal information. As used in this Notice, “personal information” means any information related to you as an identified or identifiable natural person.

This Notice should be read in conjunction with TD Cowen’s Online Privacy and Cookie Policy, which describes our collection of information through www.cowen.com and, after its launch, www.tdcowen.com, our client portals and/or applications, our social media accounts or any other website or online service on which that policy is posted (a “Site”).

If you are a natural person who is a current or former investor in or customer of a financial product or service of Cowen Inc. or its subsidiaries in the U.S., please refer to TD Cowen’s U.S. Customer Privacy Notice for additional information about the personal information we collect and process in connection with that relationship.

This Notice replaces all previous non-U.S. customer privacy notices and may be amended from time to time. Please read this Notice in its entirety to understand what we do with your personal information. 

2. WHAT PERSONAL INFORMATION DO WE COLLECT? 

We collect, use and process various types of personal information about you and your accounts, and activities. The types of personal information we collect and share depend on the product or service you have with us and may include:

  • Personal details, such as name, age, occupation and marital status; 
  • Contact details, such as email address and mailing address; 
  • Identification documents, such as your passport, national identity card or driver’s licence; 
  • A personal identifier or identification number, such as your taxpayer identification number; 
  • Financial information, such as source of wealth, financial resources, investment experience, risk tolerance, etc.; 
  • Account balances and account transactions; 
  • Assets and account history; and
  • Information about your device and online activities if you interact with us online or access www.cowen.com a Site, as described in TD Cowen’s Online Privacy and Cookie Policy, including information collected through cookies and other tracking technologies. 

We collect personal information about you from various sources, including but not limited to: 

  • Information we receive from you, such as on your application(s) and other forms submitted to us, in your communications with us, or if you provide information to us through a Site; 
  • Information about your transactions with us; and 
  • Information we receive from third parties, including but not limited to credit bureaus or affiliates. 

Where existing or prospective corporate clients/vendors provide us with personal information relating to their directors, employees, officers, agents, clients or any other person, such information is deemed to have been provided on the basis that: (i) those individuals have been informed and understand that their personal information is being provided to us or our affiliates; (ii) those individuals have been provided with information regarding the collection, use, processing, disclosure and cross-border transfer of their personal information; (iii) the client/vendor has a lawful basis (in accordance with applicable data protection laws and regulations) to provide such personal information to us for our use in accordance with this Notice; and (iv) those individuals are aware of their data protection rights and how to exercise them. 

While you are not required to supply any of the aforementioned personal information to us, please know that failure to do so may result in our being unable to open, maintain or provide service to you. 

3. PURPOSES FOR WHICH WE USE YOUR PERSONAL INFORMATION 

We or others authorized to act on our behalf may use your personal information for the following purpose(s):

  • To provide our products and services and to enhance the quality of the products and services we provide you;
  • In connection with your relationships and investments with or through us including:
    • to provide services requested by you;
    • to perform obligations under our agreements;
    • to conduct credit checks;
    • to confirm a person’s authority as a representative or agent of you or an organization you represent; and
    • to carry out day-to-day business functions;
  • To carry out credit, money laundering and conflict checks;
  • To contact you about products and services (including for marketing purposes);
  • For the purposes described in TD Cowen’s Online Privacy and Cookie Policy with respect to personal information collected if you access www.cowen.com a Site;
  • Conduct monitoring activities to the extent permissible under applicable law. Examples include but are not limited to:
    • monitoring to investigate or detect unauthorised or unlawful processing or misuse of our data, including data of our vendors and clients; 
    • monitoring to ascertain compliance with regulatory practices; and
    • monitoring to ascertain or demonstrate the standards which are achieved or ought to be achieved by persons using the system in the course of their duties;
  • In order to comply with legal and regulatory obligations and requests and/or to defend our legal rights; and
  • Other legitimate business purposes as deemed required and otherwise permitted by law.

If you provide us with information about third parties (e.g., relatives, beneficiaries, guardians), you agree to inform such third parties and obtain their consent to the processing in accordance with this Notice and any other applicable laws and regulations prior to providing the information to us. 

The TD Cowen Companies do not use personal information to perform automated individual decision-making or profiling. 

4. SHARING PERSONAL INFORMATION 

We may process personal information in, and transfer personal information to, our affiliates (in various ways and for various reasons), service providers and other third parties in countries that may not guarantee the same level of protection for personal information as the country in which you reside.  

SHARING WITH OUR AFFILIATES 

We share personal information with our affiliates around the world for the purposes described in this Notice. Please know that all TD Cowen Companies listed in this Notice process your personal information in accordance with this Notice, and our other affiliates have privacy policies describing their practices.

SHARING WITH SERVICE PROVIDERS 

We share personal information with service providers around the world that work for us in the countries in which we operate. We require service providers that provide support or marketing services to us to agree to adhere to appropriate security standards.

SHARING WITH OTHER THIRD PARTIES 

We share personal information with other third parties around the world which may include public, regulatory and government authorities, credit reporting agencies, intermediaries or non-affiliated third parties as requested by you or for the purposes described in this Notice.

SHARING ACROSS JURISDICTIONS

Your personal information may be stored, processed, and transferred outside of the country you reside (and outside of the EEA and UK) for the purposes described in this Notice, including in countries that may not guarantee the same level of protection for personal information as the country in which you reside. 

We will endeavor to make sure that any transfers of your personal information from one country to another comply with those data protection and privacy laws which apply to us. In particular, European data protection laws include specific rules on transferring personal information outside the EEA or UK. For example, and among other lawful bases for transfers, we may transfer personal information outside the EEA: 

  • Pursuant to standard data protection clauses approved by the European Commission for transferring personal information outside the EEA under Article 46(2) of the General Data Protection Regulation (GDPR); or 
  • to a country which is deemed to provide “adequate” protection for personal information by the European Commission under Article 45 of the GDPR. 
PROTECTING YOUR PERSONAL INFORMATION 

We have a policy to maintain physical, electronic and procedural safeguards that comply with applicable law to help protect the personal information we collect about you, prevent unlawful or unauthorized processing of personal information, and prevent unauthorised disclosure of, or accidental loss of, or damage to, such information. We endeavor to restrict access to personal information about you to those employees, agents or other parties who need to know that information to provide products and services to you or in connection with your investments with or through us. 

We use your personal information where there is an appropriate lawful basis. Specifically, we process your personal information under the following legal grounds: 

  • The processing is necessary to meet contractual obligations into which you have entered or to take preparatory steps to enter into a contract. 
  • The processing is necessary for the purposes of our legitimate interests or those of a third party, as long as such interests are not overridden by your fundamental rights and freedoms.  For example, we have a legitimate interest in using your personal information to send you marketing communications about our business, services and news. You can choose not to receive these messages when you first provide your personal information to us, or by contacting us at any time to opt out using the contact information in “The Right to Access” section below or by following the unsubscribe instructions in our communications. 
  • The processing is necessary to meet our legal and/or regulatory obligations, for example to prevent money laundering and fraud. 
  • In rare cases, we may process your personal information for the protection of your interests (or someone else’s interests) or where it is needed in the public interest. 
  • We will only process personal information within the “special categories” of personal information under the GDPR where a further condition is also met.
HOW LONG WE KEEP OUR PERSONAL INFORMATION 

We endeavor to only keep your personal information in a form that allows you to be identified for as long as we need to in order to use it for the reasons described above. At the end of the applicable retention period, we may destroy, erase from our systems, or anonymize personal information as part of such efforts. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of the personal information, the purposes for which we process the personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.  

  • Where necessary, we shall keep your personal information for as long as required to do so by law or to establish, exercise or defend our legal rights. 
  • Customer personal details used for marketing purposes will be held for an appropriate period of time since your last interaction with us. The precise length of time will depend on the type of data, our legitimate business needs and other legal or regulatory rules that may require us to retain it for certain minimum periods. 
  • To make sure that you do not receive marketing from us after you have told us to stop sending it, we need to keep a record of that instruction with your contact details. We shall hold that information until you tell us otherwise. 

5. ADDITIONAL PROTECTIONS UNDER THE GENERAL DATA PROTECTION REGULATION (“GDPR”) AND SUBSTANTIALLY SIMILAR LAWS

You may be entitled to additional protections and to exercise additional rights under GDPR or a substantially similar law if you reside in the European Economic Area or a jurisdiction with substantially similar privacy or data protection laws (including, for example, the United Kingdom, Switzerland, Cayman Islands, Hong Kong or Israel).  Such rights include, where applicable data protection law provides for such rights and where conditions are met, the rights set forth below.

THE RIGHT TO ACCESS

You are entitled to request to access any personal information about you held by the TD Cowen Companies.  

You may exercise these rights by sending a written request completing our request form, specifying the nature of your request in reasonable detail.

You may be required to supply a valid means of identification as a security measure aimed to prevent the unauthorized disclosure of your personal information. Your request will be processed within the time proscribed by applicable law. 

You may have the right to object to further processing of your personal information in certain circumstances. 

THE RIGHT TO OPT OUT WITH RESPECT TO MARKETING MATERIALS 

In the ordinary course, the TD Cowen Companies may contact you by mail, telephone, electronic mail, etc., with details of products and services that may be of interest to you, in accordance with this Notice and applicable laws. Should you not wish to be contacted in this manner, please be sure to unsubscribe using the instructions in our communications or completing our request form, specifying the nature of your request in reasonable detail.

THE RIGHT TO BE FORGOTTEN 

You may also have the right to request that your data be erased by the TD Cowen Companies or third parties to whom your data has been disclosed. To exercise this right, please submit a request by completing our request form.

THE RIGHT TO DATA PORTABILITY 

If your personal information is available from us in a “structured and commonly used format,” you may have the right to demand a transfer of your personal information to a new service provider. To exercise this right, please submit a request by completing our request form.

THE RIGHT TO RECTIFICATION 

You also have the right to request that we rectify any inaccurate or incomplete personal information that we process or control. To exercise this right, please submit completing our request form.

This right enables you to withdraw consent at any time (where relevant) or to object to us processing your personal information where we do so for one of the following reasons: (i) our legitimate interests; or (ii) to send you relationship management materials for additional products or services. To exercise this right, please submit a request by completing our request form.

THE RIGHT TO LODGE A COMPLAINT 

In accordance with data protection laws, you also have the right to lodge a complaint with applicable data protection authorities, in particular, in the Member State of the European Union of your habitual residence, place of work or of an alleged infringement of the GDPR or with the appropriate regulator for data protection, as follows:

UNITED KINGDOM

The Information Commissioner’s Office. The contact details for the Information Commissioner’s Office are:  Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF.

CAYMAN ISLANDS

The Ombudsman Cayman Islands. The contact details are: PO Box 2252, Grand Cayman KY1-1107, Cayman Islands.

HONG KONG

The Privacy Commissioner for Personal Data – The contact details for the Privacy Commissioner’s Office are: Room 1303, 13/F, Dah Sing Financial Centre, 248 Queen’s Road East, Wanchai, Hong Kong.

ISRAEL

The Privacy Protection Authority. The contact details are: Tel Aviv Government Complex, P.O. BOX 7360, Tel-Aviv 6107202

SWITZERLAND

The Federal Data Protection and Information Commissioner. The contact details are: Feldeggweg 1, CH – 3003 Berne

Questions concerning your rights can be made by contacting us by completing our request form or using the information in the Contact Us section below.

SECURING YOUR DATA 

Under certain circumstances, and in addition to the security protection measures referenced above, we may notify you and/or the requisite legal authority of a personal information breach and document the same. We may also conduct data protection impact assessments. 

CONTACT US

If you have any questions about our privacy practices, or to exercise your rights outlined above, please contact us at privacy@cowen.com.

If you have any questions about the content of this notice please contact us at privacy@cowen.com.

This Notice was last updated on April 20, 2023.