Employee and Personnel Data Protection Policy and Privacy Notice

1. INTRODUCTION

Brookfield is committed to compliance with applicable legal and regulatory requirements relating to data protection, privacy and cybersecurity as further set out in our Code of Business Conduct and Ethics. At Brookfield, we respect your privacy and this employee and personnel data protection policy and privacy notice (“Notice”) governs how Brookfield collects, processes and uses your Personal Data. 

This Notice applies to employees, directors, officers, independent contractors and other temporary staff and personnel of Brookfield.

For the purposes of applicable laws and regulations relating to data protection and privacy (“Data Protection Legislation”), the Brookfield entity you are employed or contracted by acts as a controller in respect of your Personal Data (as defined below). This Notice should be read in conjunction with your terms of employment or contract and other Brookfield policies and notices.

This Notice was last updated in October 2022.

2. DEFINITIONS

The following definitions shall apply to this Notice:

Brookfield”, “we”, “us”, “our” means Brookfield Asset Management Inc. and its wholly-owned subsidiaries, (“Brookfield Asset Management”) and certain publicly-traded controlled affiliates (Brookfield Business Partners LP, Brookfield Infrastructure Partners LP, Brookfield Property Partners LP and Brookfield Renewable Partners LP) and certain client accounts and funds managed by Brookfield where Brookfield is the investment adviser and/or general partner (“Controlled Affiliates”, and collectively with Brookfield Asset Management, “we”, “us”, “our”, “Brookfield” or the “company”), unless such Controlled Affiliates have adopted their own employee and personnel data protection policy and privacy notice that is consistent with the provisions of this Notice.

Personal Data” has the meaning given to it or any similar term (e.g., “personal information”, “nonpublic personal information”, “PII”, “personally referable information”) in applicable Data Protection Legislation and for the avoidance of doubt means any information which directly or indirectly identifies or otherwise relates to a living individual, which is in the possession or under the control of Brookfield (or its representatives or service providers). Such Personal Data may include, without limitation, the name, age, identification number, email address, address, telephone number, location data, financial data, or online identifier of that individual. In addition to factual information, such Personal Data includes any expression of opinion about a living individual and any indication of the intentions of Brookfield or any other person in respect of a living individual.

Process” or “processing” means any operation that is carried out in respect of Personal Data, including but not limited to collecting, storing, using, disclosing, transferring or deleting Personal Data.

Sensitive Personal Data” has the meaning ascribed to this or any similar term provided by applicable Data Protection Legislation (e.g., “sensitive personal information”, “sensitive data”, “special categories of personal data”) and includes the Personal Data mentioned in Section 5 below.

3. THE TYPES OF PERSONAL DATA WE COLLECT

Brookfield will collect Personal Data about you:

a) directly from you;

b) from a third party acting on your behalf, for example an intermediary, lawyer or service provider;

c) from other Brookfield entities;

d) from publicly available sources;

e) from other organizations; and

f) when we generate it ourselves.

Such Personal Data may include:

a) details of your name, age, date of birth, e-mail address, address, telephone number, identification number, online identifier, location, gender, nationality, citizenship, other contact information, right to work status (including passport, driving license, birth or adoption certificate), marital status, emergency contact details, qualifications, skills and work experience, details of previous compensation, benefits and terms of employment, signature;

b) pension and superannuation details;

c) the shares and options that you hold;

d) if you are a US citizen or a lawfully permitted permanent US resident, details of any US political donations made by you;

e) payroll and tax documentation;

f) your social insurance or Medicare or social security number or other tax identification number and details of tax residency;

g) details provided for the purposes of relocation assistance and the provision of certain benefits (including benefit membership numbers and visa details of you and your family);

h) if you are a regulated individual, details of your regulated status and role (including your fitness and propriety for the role);

i) data collected during the course of carrying out anti-money laundering checks, know your client checks and company secretarial functions on behalf of Brookfield;

j) work-related details such as your job position, contact details, performance at work, absences, pay and benefits information, service history, a copy of your employment agreement, appraisals (including annual and interim reviews), disciplinary and training records;

k) details of maternity/paternity/adoption/shared parental leave;

l) information about your health, including sickness absences and details regarding Covid-19 vaccinations;

m) data that we collect through various monitoring activities as discussed in greater detail under Section 12, including monitoring your use of our IT and email systems, access to our premises and other location monitoring, monitoring of personal account dealing, expenses, gifts and compliance;

n) corporate headshots and biographies;

o) to the extent you have been subject to a TUPE transfer, details of your terms and conditions with your previous employer;

p) data collected during the course of carrying out business activities (such as arranging travel bookings);

q) details of your suitability to work with us, your past performance at work, regulatory references, your character, details of your fitness to work verification of the information that you provide to us as part of your application, and if legally permitted, any history concerning criminal convictions and/or health checks, from third party references that you provide to us, from your previous and/or current employers, opinions expressed by Brookfield and/or others about you and from third party background checking services or a previous employer or other referee; and

r) information required as a result of legal, tax and regulatory requirements or internal policies.

Please note that if you do not provide certain Personal Data to Brookfield when requested (and where relevant, provide your consent), we may not be able to continue to provide certain services to you. For more information on how Brookfield electronically monitors employee activity and collects Personal Data electronically, see Section 12.

4. HOW WE USE YOUR PERSONAL DATA

Your Personal Data may be collected, stored, disclosed and processed by Brookfield for the following purposes:

a) to carry out pre-employment/pre-contractual, background and related checks and to conduct due diligence (such as to verify the details that you provide and to ensure that you are suitable for the role for which you have applied) as determined by applicable laws. This may involve the use of a credit reference agency or other third parties acting as our agents to conduct these verifications and searches. We will also screen against publicly available government and/or law enforcement agency sanctions lists;

b) for equal opportunity and diversity monitoring purposes;

c) to respond to your enquiries;

d) for the management and administration of our business;

e) to comply with and in order to assess compliance with applicable laws, rules and regulations (including tax reporting purposes pursuant to tax legislation), industry codes, voluntary codes we decide to adopt, or good practice, anywhere in the world and internal policies and procedures;

f) to detect, investigate and prevent fraud and other crimes or malpractice;

g) for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings);

h) to obtain legal advice or to establish, exercise or defend legal rights;

i) the administration and maintenance of databases storing Personal Data;

j) to meet Brookfield’s legal obligations as an employer (where applicable) and perform its obligations and exercise its rights under your contract of employment or other contract with Brookfield. For example, Brookfield will use your Personal Data to identify you, pay you, and to evaluate your individual performance, provide benefits in connection with your employment or contract, and, where applicable, administer your pension;

k) in order to facilitate your career development and assess your performance;

l) to contact you or your family in the event of an emergency and for business continuity purposes;

m) to provide references to third parties upon request;

n) in order to assist you and your family with relocation (e.g. in relation to visa applications); and

o) for purposes otherwise set out in this Notice or as notified to you at the specific time of collection.

Brookfield is entitled to use your Personal Data for the purposes listed above because one or more of the following legal bases applies:

a) Brookfield needs to do so in order to perform its contractual obligations to you;

b) Brookfield has obtained your specific and informed consent (which may include written consent and, in the case of Sensitive Personal Data, explicit consent) (except where certain exemptions provided under applicable laws which permit the use and disclosure of your Personal Data without your consent apply);

c) Brookfield has legal or regulatory obligations that must be discharged (such as complying with the obligations of Brookfield as your employer by ensuring employees and personnel are compliant with vaccine related guidelines);

d) Brookfield needs to do so for reasons of public interest in the area of public health (such as curtailing the Covid-19 pandemic or to ensure compliance with national or international travel guidelines);

e) Brookfield may need to do so in order to establish, exercise or defend its legal rights or for the purpose of legal proceedings; or

f) the use of your Personal Data as described is necessary for our legitimate business interests or the legitimate interests of a third party provided such interest are not overridden by your rights or interest, including (i) allowing Brookfield to effectively and efficiently administer and manage the operation of its business; (ii) maintaining compliance with internal policies and procedures; or (iii) for internal research purposes.

If you are located in a jurisdiction which requires us to obtain your consent to collect, use, store, process and disclose your Personal Data, you understand that by accepting the terms of this Notice you expressly provide your consent to Brookfield collecting, using, storing, processing and disclosing your Personal Data as set out in this Notice.

5. SENSITIVE PERSONAL DATA

Certain forms of Personal Data are subject to specific protection or restriction by law in certain territories or regions, including the EU, the UK and the state of California. Depending on the jurisdiction, Sensitive Personal Data can include:

       a)    data relating to racial or ethnic origin; 

       b)    political opinions; 

       c)    religious or philosophical beliefs; 

       d)    trade union membership information; 

       e)    genetic data; 

        f)    biometric data;

       g)    data concerning health (including details regarding Covid-19 vaccinations);


       h)    data concerning health or sex life or sexual orientation; 

       i)    data relating to criminal activity or proceedings; 


       j)    password and financial information such as bank account details, credit card         and debit card details;

       k)    citizenship or immigration status;

       l)    government-issued identifiers; 

       m)    precise geolocation data; and


       n)    in certain circumstances, the contents of an individual’s mail, email or text             messages.

We will not process your Sensitive Personal Data unless such processing is compliant with applicable Data Protection Legislation. 

To the extent that we need to obtain your explicit consent to process your Personal Data, to the fullest extent permitted by law, when you provide your Personal Data to us you are deemed to have consented to us processing your Personal Data (including your Sensitive Personal Data) which includes disclosing your Personal Data (including your Sensitive Personal Data) to third parties as set out in Section 6 below.

6. DISCLOSURE OF YOUR PERSONAL DATA TO THIRD PARTIES

Brookfield does not sell Personal Data to third parties or target advertising to individuals based on their Personal Data obtained from their online activity on non-affiliated websites or applications (“cross-context behavioral advertising”). Brookfield may share or provide access to your Personal Data among its affiliates and business units and third party agents, service providers and contractors outside of Brookfield:

a) for the purpose of the management and administration of Brookfield's business;

b) in order to verify the information you have provided;

c) complying with the functions that Brookfield may perform relating to HR decisions;

d) for the purpose of the administration and maintenance of the databases storing Personal Data;

e) for the purposes of providing you with and enhancing certain services, including by way of a third party, for example, travel tools which track your location or tax jurisdiction;

f) for the purposes of Brookfield receiving services (for example, Brookfield's accountants, administrators, auditors, service providers, custodians, depositories, third party managers, paying agents, professional advisors, IT and communications providers or any entity we reasonably consider necessary for the purposes outlined above). These third parties are expected to be subject to confidentiality requirements (either by contract, professional obligation, duty or otherwise) that require them to only use your Personal Data as described above;

g) to the extent required by law (for example, if Brookfield is compelled by an obligation or a duty to disclose your Personal Data where we believe it is necessary or appropriate to comply with any legal obligation, rule, regulations or internal Brookfield policies and procedures, including (without limitation) in order to comply with tax reporting requirements and other statutory reporting and disclosures to regulatory authorities), or to establish, exercise or defend its legal rights. This may include disclosure to regulatory bodies or government agencies;

h) where your Personal Data is held as part of an internal directory, enabling adequate communication with you by the employees or contractors of Brookfield, for the performance of employment or contractual duties or for emergency reasons;

i) as part of a transaction, financing, or for other business needs (for example, if Brookfield sells any of its businesses or assets, applies for a loan, or opens bank accounts, in which case Brookfield may need to disclose your Personal Data to the prospective buyer, lender or bank, as the case may be, as part of certain due diligence processes); or

j) if Brookfield or any of its affiliates, divisions or business units is acquired by a third party, including in the unlikely event of a bankruptcy, in which case the Personal Data held by Brookfield about you will be accessible to, and may be acquired by, the third party buyer.

Brookfield may share anonymous or aggregated data with third parties such as service providers in order to facilitate our business operations.

7. TRANSFERS OF PERSONAL DATA

Brookfield operates globally. This means Personal Data may be processed and disclosed as described above, in any country in which we conduct business or have a service provider. Accordingly, when you provide your Personal Data to Brookfield, you acknowledge and agree that we may disclose your Personal Data to recipients (including, but not limited to service providers, Brookfield affiliates or agents, and Brookfield IT servers) located in jurisdictions other than your own, including but not limited to the following countries: Australia, Brazil, Canada, China, Hong Kong, India, Japan, Singapore, South Korea, UAE, UK, USA, Spain, Germany, Colombia, the Cayman Islands, Bermuda and Luxembourg.

To the extent that applicable Data Protection Legislation does not allow or permit us to obtain your valid consent by virtue of providing this Notice to you, or otherwise rely on the other grounds set out in this Notice for disclosing your Personal Data outside of your jurisdiction, we will obtain your explicit consent through other means (if applicable) or, where relevant, ensure that the recipient is required to provide a standard of protection to your Personal Data that is equivalent to that under the Data Protection Legislation of your jurisdiction (e.g., by using standard contractual clauses for such international transfers). 

In other circumstances, Data Protection Legislation may permit Brookfield to otherwise transfer your Personal Data outside your jurisdiction provided it is in compliance with such Data Protection Legislation.

8. HOW WE SAFEGUARD YOUR PERSONAL DATA

Brookfield has implemented commercially reasonable controls and appropriate technical and organizational measures to protect Personal Data, as well as to maintain the security of our information and information systems in respect of Personal Data. Files containing Personal Data are protected with safeguards according to the sensitivity of the information contained therein. Appropriate controls (such as restricted access) are placed on our computer systems and used where appropriate. Reasonable measures are taken to ensure physical access to Personal Data is limited to authorized employees.

As a condition of employment or contract, Brookfield employees, contractors and other temporary staff members and personnel are required to follow applicable laws and regulations, including in relation to Data Protection Legislation. Unauthorized use or disclosure of confidential information by a Brookfield employee, contractor or other temporary staff member/personnel is prohibited and may result in disciplinary measures.

When you contact a Brookfield employee about your file, you may be asked to provide evidence of your identity (e.g., driver’s license or passport) and/or to confirm some details relating to the Personal Data Brookfield holds about you. These types of safeguards are designed to ensure that only you, or someone authorized by you, has access to your file.

9. RETENTION AND DESTRUCTION OF PERSONAL DATA

The period for which Brookfield will hold your Personal Data will vary and will be determined by the following criteria:

a) The purpose for which Brookfield is using it. Brookfield is required to retain the Personal Data for as long as is necessary to satisfy or meet the purposes for which it was obtained including applicable legal or regulatory requirements; and

b) Legal Obligations. Laws or regulations may set a minimum period for which Brookfield must retain your Personal Data.

Depending on the requirements of the Data Protection Legislation of your jurisdiction, Brookfield will take reasonable steps in the circumstances to destroy your Personal Data when we no longer have a legal basis to retain it or to ensure that the information is anonymized.

10. YOUR RIGHTS

To the extent provided by the law of your jurisdiction, you may have legal rights in relation to the Personal Data about you that Brookfield holds. These rights may include:

a) the right to refuse to provide any Personal Data and the right to object at any time to the processing of your Personal Data. Please note that such refusal or objection may prevent us from providing services to you;

b) the right to confirm whether we process your Personal Data and to obtain information regarding the processing of your Personal Data and access to the Personal Data about you that Brookfield holds (including any available information as to the source of the Personal Data and any safeguards that may have been used to transfer Personal Data outside of your jurisdiction, as referred to in Section 7 above);

c) where consent was provided for certain processing activities, the right to withdraw your consent to the collection, processing, use and/or disclosure of your Personal Data at any time. Please note, however, that this will not affect the lawfulness of any collection, processing, use or disclosure undertaken before your withdrawal and that Brookfield may still be entitled to process your Personal Data if it has another legitimate reason (other than consent) or a consent exception for doing so. In some cases, withdrawing your consent to the collection, use, process or disclosure of some or all of your Personal Data may prevent us from providing services to you;

d) in some circumstances, the right to receive a copy of some Personal Data in a structured, commonly used and machine- readable format and/or request that Brookfield transmit that data to a third party where this is technically feasible. Please note that this right may, depending on the jurisdiction, only apply to Personal Data that you have provided to Brookfield;

e) the right to request that Brookfield rectify or correct your Personal Data if it is inaccurate or incomplete;

f) in some circumstances, the right to request that Brookfield erase or delete your Personal Data. Please note that there may be circumstances where Brookfield is legally entitled to retain Personal Data regardless of any such request;

g) in some circumstances, the right to request that Brookfield restrict, anonymize or block its processing of your Personal Data. Please note that there may be circumstances where Brookfield is legally entitled to refuse that request;

h) in some circumstances, the right to obtain information about the public and private entities with which Brookfield made shared use of the Personal Data as a joint controller;

i) in some circumstances, the right to receive information on the possibility of not providing consent and on the consequences of the refusal;

j) in some circumstances, the right to non-discrimination against you for exercising your legal rights in relation to your Personal Data; and

k) where applicable, the right to lodge a complaint with the data protection regulator in your jurisdiction if you think that any of your rights have been infringed by Brookfield.

In some jurisdictions you may be entitled to access a copy of this Notice in another language.

You can enquire about your rights, which are applicable to you, by contacting Brookfield using the details listed below in Section 14. If you wish to exercise any of the rights, which are applicable to you, when you contact Brookfield using the details listed below, you will be asked to complete a ‘Subject Access Request Form’.

11.    CALIFORNIA PRIVACY RIGHTS

If you are a California resident, this section of the Notice is intended to provide you with information concerning our collection and use of your Personal Data in accordance with the California Consumer Privacy Act of 2018, as amended by the California Privacy Rights Act of 2020 (“CCPA”).

We have collected, and disclosed for a business purpose, the following categories of Personal Data within the last twelve (12) months:

       a)    identifiers and other personal information, such as name, address, online             identifiers;

       b)    internet or other electronic network activity information, such as browsing             history, search history, and interactions with advertisements;

       c)    audio, electronic, visual, thermal, olfactory or similar information;

       d)    professional or employment-related information;

       e)    education information;

       f)    inferences drawn from any of the foregoing categories of information to                 create a consumer profile; and

       g)    Sensitive Personal Data, including:

  • personal information that reveals a consumer’s social security, driver’s license, state identification card, or passport number;
  • personal information that reveals a consumer’s precise geolocation;
  • personal information that reveals a consumer’s racial or ethnic origin, religious or philosophical beliefs, or union membership;
  • personal information that reveals the contents of a consumer’s mail, email and text messages where we are not the intended recipient of the communication;
  • biometric information processed for the purpose of uniquely identifying a consumer; and
  • personal information collected and analyzed concerning a consumer’s health.

The third parties to whom we may disclose Personal Data, including Sensitive Personal Data, are set forth in Section 6 and the sources from which we receive Personal Data, including Sensitive Personal Data, are set forth in Section 3. Our business or commercial purposes for collecting and using Personal Data, including Sensitive Personal Data, are set forth in Section 4.

12. ELECTRONIC MONITORING POLICY

We collect information through electronic monitoring of employees from time to time, for a variety of reasons. In addition to the applicable reasons set out in Sections 4 and 6 above, these reasons include:  

  • protecting the integrity of our network and communications equipment against computer viruses, damage to software or hardware, loss of documents or information, and protecting against excessive telephone or computer usage; 
     
  • protecting against unauthorized access or disclosure of our information, systems, data, proprietary information, or employee and third-party personal information in our control; 
     
  • protecting employees against discriminatory, harassing or violent behavior from co-workers or third parties; 
     
  • monitoring employee compliance with our policies and procedures, and applicable law;
     
  • finding lost messages or data, or to retrieve messages lost due to technological failures; and
     
  • investigating or assisting in investigation of alleged or potential wrongdoing or violations of our policies (including in connection with litigation).

To achieve these and related purposes, we may, at any time access, intercept or review any information created on, transmitted to, received, printed from, stored or recorded on or in our communications and other technological equipment and systems (including computers and mobile devices). Electronic monitoring may include, without limitation, the review or tracking of:

  • transactions, messages, communications, postings, log-ins, recordings and other uses of our communications systems and equipment; 
     
  • system access using our communication and other equipment; 
     
  • websites visited on our systems or phone calls made using our communications equipment; 
     
  • any creation, modification, transmission or deletion of files using our communications or other equipment;
     
  • any installation, removal or alteration of software or hardware on our communications or other equipment; and
     
  • employee access to our offices and networks, including through video surveillance, key card swipe logs and system/VPN logins.
13. QUESTIONS AND CONCERNS

If you have any questions or concerns about Brookfield's handling of your Personal Data, or about this Notice, please contact our Privacy Officer using the contact information set out below.

We are typically able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our Privacy Officer, depending on your jurisdiction, you may have the option to escalate concerns to the applicable privacy regulator in your jurisdiction, the details of which can be obtained from the Privacy Officer.

14. BROOKFIELD PRIVACY OFFICE CONTACT INFORMATION

Department: Legal & Regulatory
Email: PrivacyOfficer@Brookfield.com

If you are a resident in Dubai, you can also contact us by post:

Attention: Privacy Officer
Brookfield Asset Management
Level 16
Al Mustaqbal Street, DIFC
P.O. Box 507234
Dubai

United States Europe Asia Pacific India & Middle East Brazil Canada