Nomura Group Privacy Statement EMEA

Nomura values the personal data entrusted to it by clients and visitors to its corporate Nomura websites.

Nomura Europe Holdings plc (NEHS), or any of its subsidiaries or branches in EMEA, is the data controller (the organisation that determines why and how personal data is used) in relation to this personal data. As used throughout this Privacy Statement, the terms "Nomura" or "we" or "our" refer to Nomura Europe Holdings plc and its subsidiaries and branches in EMEA.

This Privacy Statement sets out the basis on which we will process any personal data collected from you or that you provide to us when visiting our websites. This Statement provides information on what personal data we collect and use and for what purpose, with whom we share personal data, and your rights in relation to this data.

To find out further information about how we will process your personal data, please click on one of the links listed below:

Purposes for collection and use of your personal data

When you visit our websites, we may collect personal data from you in order to allow us to provide certain services to you such as responding to your questions or to provide general marketing information to you. We will use this data in connection with your visit to our websites. You may, for example, provide us with your personal data when you: communicate with us through the "Feedback" link on our websites; apply for a job or internship; sign up for news release subscription services; request copies of our annual report(s); request to access a Nomura research report; and apply to attend a Nomura hosted or sponsored event. If we use your personal data for any other purposes, we will provide you with a separate notice.

The personal data that we collect from you include: your name; email address; the company for whom you work; company address; telephone number; the country where you live; and dietary requirements for registrations to attend a Nomura hosted or sponsored event.

We may also automatically collect data about you, such as technical information about your computer or internet browser (see Collection of information by automated means for more detail). Data may also be collected about you indirectly through monitoring activities which will be conducted by or on our behalf in accordance with relevant legislation or regulatory requirements (for example, monitoring e-mails that we receive from you or recording telephone calls when you contact us). We will only access your personal data in connection with these activities when it is in compliance with relevant laws and necessary for compliance with our internal policies or to protect our business.

We will process your personal data for the purposes listed above on the basis of one or more of the following:

  • the processing is necessary for the performance of a contract or for entering into a contract with you. Please note that where this is the case, we may not be able to perform or enter into a contract with you unless you provide your personal data;
  • the processing is necessary to comply with a legal obligation;
  • the processing is necessary for our or a third party's legitimate interests provided such interests are not overridden by your interests, or fundamental rights and freedoms. For further information, please refer to the 'Legitimate Interests' section below; or
  • you have given your consent (where we rely on this legal basis, we will always seek to obtain your consent separately as and when necessary).

Legitimate Interests

We will, from time to time, process your personal data in order to meet our legitimate interests. Such processing may include:

  • Responding to feedback;
  • Providing news subscription services and other email marketing (unless you inform us otherwise);
  • Providing copies of annual reports, research and other materials;
  • Managing event invitations and responses;
  • Recording and monitoring emails, telephone calls and electronic communications; and
  • Improving website and video content provision via the automated collection of technical data.

For more information on the different purposes for which we may collect and use your personal data, please see the sections below.

When leaving feedback

If you communicate with us through the "Feedback" link on our websites, we may ask you for data such as your name, the company for whom you work and your email address, so we can respond to your questions and comments. Our Research Department may also use the data you provide to communicate with you about topics that we believe may be of interest to you.

When applying for news release subscription services

On our websites, you may sign up to receive news release subscription services from Nomura. To sign up, the Nomura Group Investor Relations department may ask you for personal data such as your name and email address. We use the personal data you provide to send you the communications you request. We also may use the personal data you provide to communicate with you about other topics that we believe may be of interest to you.

When requesting annual reports

You may request copies of Nomura's annual reports. To enable us to fulfil this request, the Nomura Group Investor Relations department may ask you to provide your name, the name and address of the organisation for whom you work and your email address.

When accessing Nomura video content

Our websites allow you to view video content prepared by Nomura. When you view any of the video content on our websites, personal data will automatically be collected from you by the Nomura Group Investor Relations, Human Resources and Corporate Events departments, such as technical information about your computer or internet browser (see Collection of information by automated means for more detail) to enable us to optimise the provision of these services.

When applying to attend a Nomura sponsored or hosted event

Our websites allow you to register for Nomura hosted or sponsored events. For that purpose, our Corporate Events department may ask you to provide us with personal data such as your name, the company for whom you work, your telephone number, email address and dietary requirements (for which your consent will be sought when required by law). We use this personal data to register you for the event and contact you with information relating to the event. We also may use the personal data to communicate with you about other Nomura events and topics that we believe may be of interest to you.

Collection of personal data by automated means

Cookies

When providing services through our websites, we strive to make our websites as easy and user-friendly as possible. To assist us in doing this, we use cookies. Cookies are text files containing small amounts of information, which your computer or mobile device downloads when you visit a website. When you return to websites - or visit other websites that use the same cookies - they recognise these cookies and therefore your browsing device. We do not use cookies in connection with your name, address or other personal data we have received from you via our websites.

Our use of cookies lets your browser navigate through our websites efficiently and helps us understand how our websites are being used and assists us in ensuring that we are providing an optimum service to you by allowing us to:

  • recognise your device so you don't have to give the same information several times during one visit;
  • recognise that you may already have given a username and password so you don't need to do it for every web page requested; and
  • measure how many people are using our online services, so that we can make them faster and easier to use.
For further information on the cookies set by our websites (and other similar tools that we use such as web beacons), and the options available to you to control their use, please click on the link below.

IP addresses

When you visit our websites our servers will record your IP address (without matching it to your name, address or similar personal data) together with the date and time of your visit. An IP address is an assigned number, similar to a telephone number, which allows your computer to communicate over the internet. We will use your personal data for demographic and statistical purposes, including to determine the number of visitors to our websites in any given period and analyse patterns of use of our websites. We do not match or combine such demographic or statistical information with other personal data.

How we use your personal data

We will use the personal data that you provide to us in connection with the administration of any features or services of our websites for the purposes of that feature or service. We may also use your personal data to communicate with you about topics that we believe may be of interest to you. You are entitled to tell us if you do not wish to receive such communications (see "Your rights" below).

We may share your personal data with other entities within the Nomura Group in order to operate corporate, back office functions and IT and in order to meet the purposes for which we collect and use your personal data. We will also share your personal data with our service providers which support us technically in the provision of our websites. Any service providers that receive your personal data may only use or disclose your personal data to the extent necessary to perform services on our behalf or to comply with legal requirements. We also require such service providers to put in place appropriate technical and organisational security measures in respect of any of this personal data.

We may also disclose your personal data to governmental agencies or entities, regulatory authorities, or other persons to the extent necessary for us to comply with any laws, rules, orders, subpoenas, official requests, or similar processes which apply to Nomura anywhere in the world, in accordance with applicable data protection laws. We may also share your personal data with potential purchasers of, or investors in, some or all of our business, and with their advisors and financiers where we have a legitimate interest to do so.

Links to third party websites

Our websites provide links to other third party websites that operate independently from us and are not under our control. These third party websites may have their own privacy notices or terms of use, which we strongly recommend you review if you visit any linked websites. We are not responsible for the content of these linked websites or any products or services that may be offered through these linked websites, or any other use of the linked websites.

How we protect your personal data

We have implemented administrative, technical and physical safeguards for our websites to protect your personal data from loss, misuse, unauthorised access, disclosure, unauthorised alteration or unlawful destruction.

Personal Data we transfer

We operate globally and, like many businesses, we operate back office IT functions and data centres in major locations within and outside of the European Economic Area (EEA). As a result, your personal data might be stored in any one of these locations. From time to time, we may also need to transfer your personal data to Nomura companies or third parties in other countries where we do business or have a service provider. Such countries may not have the same data protection laws as the European Union, the EEA or the country in which you reside.

When transferring your personal data, we will take all appropriate steps to provide an adequate level of protection for your personal data in accordance with relevant legislation. These steps may include, where appropriate, use of suppliers that adhere to the EU-US Privacy Shield principles, use of European Commission approved standard contractual clauses, and exercising audit and inspection activities in respect of the actions of those third parties in connection with the use of your personal data. If you wish to receive further details regarding the safeguards applied, contact the Data Protection Officer (please see below for contact details).

Your rights

You have the following rights regarding the use of your personal data by us (subject to applicable exemptions):

  • right to access the personal data held about you and receive additional information about how it is processed;
  • right to correct any inaccurate and complete any incomplete personal data;
  • right to delete your personal data from our systems, e.g. where the personal data is no longer necessary in relation to the specified purposes;
  • right to restrict the processing of your personal data in certain circumstances, e.g. where you contest it's accuracy or object to processing;
  • right to receive your personal data in an interoperable format, or have it directly transmitted to another organisation;
  • right to withdraw your consent at any time where you have provided us with your consent to the processing of personal data; and
  • right to lodge a complaint with the relevant supervisory authority.

If you wish to make a request in relation to any of the rights listed above or if you would like to raise any other questions relating to privacy, please contact the Data Protection Officer (please see below for contact details).

Right to object

You have the right to object to the processing of your personal data, in certain circumstances and considering other regulatory requirements, in particular where we rely on legitimate interests, including for profiling. For further information, please refer to the 'Legitimate Interests' section above.

If you wish to exercise your right to object, contact the Data Protection Officer (please see below for contact details).

Data Retention

We will retain your personal data only for as long as necessary for the relevant processing activity and/or for as long as is necessary to comply with all relevant statutory and regulatory requirements. Where we are unable to delete the personal data for other legal, regulatory or technical reasons, we will ensure that the security and confidentiality of the personal data is protected and only used for the specified purposes for which it was provided.

Privacy complaints

You have the right to lodge a complaint with European Data Protection Supervisory Authorities regarding the processing of your personal data by Nomura. If you wish to lodge a complaint with a European Union Member State Data Protection Supervisory Authority, you can find the relevant contact details here [http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm].

Data Protection Officer

If you would like to contact the relevant Data Protection Officer or contact to make a request in relation to any of the rights listed above or if you would like to raise any other questions relating to privacy, please submit a written request to privacy@nomura.com.

Changes to our Privacy Statement

From time to time, we may change this Privacy Statement. Any changes that we may make to our Privacy Statement will be posted on this page.

The revised Nomura Privacy Statement for EMEA will be effective immediately upon posting to our websites for first time visitors and one month after posting for repeat visitors. Please check back frequently to see any updates or changes to our Privacy Statement. This version of the Privacy Statement is effective May 2018.