Privacy Policy

California Privacy Rights Act Policy and Notice of Collection of Personal Information for California Employees, Applicants and Contractors

AXA Investment Managers US Inc. (“Company”) provides this Privacy Notice and Policy for California employees, job applicants and individual contractors (the “CPRA Privacy Notice”) to supplement the information contained in the “Privacy Notice for Employment & Workplace-Related Purposes AXA Investment Managers SA (Paris La Défense, France) and AXA Investment Managers UK Ltd (London, England) – hereafter “AXA IM”. This disclosure describes categories of personal information that the Company collects and the purposes for which the Company processes, uses and discloses that information, in accordance with the California Consumer Privacy Act/California Privacy Rights Act (collectively, the “CPRA”). For purposes of this CPRA Privacy Notice, the term “personal information” shall have the meaning ascribed by the following definition given in the CPRA: “personal information” means information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with you or your household. Personal information does not include publicly available information, information that is de-identified or aggregated information, or other information that is outside the scope of the CPRA, including but not limited to information protected under other laws such as the Fair Credit Reporting Act. This CPRA Privacy Notice applies only to individuals residing in the State of California who are considered “consumers” under the CPRA ¹

VGhpcyBQcml2YWN5IE5vdGljZSBhcHBsaWVzIG9ubHkgdGhlIGNvbGxlY3Rpb24gb2YgcGVyc29uYWwgaW5mb3JtYXRpb24gZnJvbSBDYWxpZm9ybmlhIHJlc2lkZW50cyBvbiBvciBhZnRlciBKYW51YXJ5IDEsIDIwMjMu

Categories of Personal Information Collected from Employees

We collect the following categories of personal information, and may have collected the following categories within the last twelve (12) months:

Categories	Examples
A. Identifiers	Identifiers such as name, mailing addresses, email addresses, telephone/fax numbers, government identifiers (e.g., social security numbers, passport numbers), dates of birth, insurance member numbers, dependent information, and emergency contact information.
B. Protected Characteristics Under Applicable Law	Demographic data and other similar characteristics, such as gender, race, ethnic origin, marital status, disability, medical condition, and veteran or military status. We only collect this information when required by law to do so, or when you voluntarily provide it to us.
C. Biometric Information	Such as fingerprints or imagery of the face or iris.
D. Internet or Other Electronic Network Activity	Information systems information, such as your browsing history, search history, login information, and IP addresses connecting to Company’s information systems, devices, accounts and networks.
E. Geolocation Data	Approximate physical location of the computer or mobile device connecting to the Company’s systems based on IP address. For example, personal information related to files and documents stored in AXA IM -issued locations and drives, such as OneDrive.
F. Audio, Electronic, Visual, Thermal, Olfactory or Similar Information	Information collected during workplace monitoring to secure our workplace. For example, name, business contact details, function and conversation via Recorded Voice Lines and Chats for targeted population.
G. Professional or Employment Related Information	Such as your work history, positions held, resumes, references, background checks (to the extent covered under the CPRA), qualifications, licenses, certifications, professional memberships, and financial and banking information. This may include other employment related information, such as investigation records, reports of potential compliance violations, and investigation records.
H. Educational Information	Such as your academic credentials, degrees, licenses, training and institutions attended.
I. Personal Profile	We may accumulate your personal information to make decisions concerning your employment related qualifications consistent with applicable law.

We generally retain personal information for as long as reasonably needed for the specific business purpose or purposes for which it was collected and the duration of your employment, use of AXA IM systems, apps and other relevant information assets. In some cases, we may be required to retain information for a longer period of time based on laws or regulations that apply to our business, such as applicable rules on statute of limitations or for other necessary business purposes. We may retain employment records for your length of employment, plus six [6] years from employment termination or for as long as required for the documents upon which this category is collected pursuant to AXA IM retention policy or applicable law. For applicants that are not hired, we will retain your personal information for at least four [4] years. Where possible, we aim to anonymize the information or remove unnecessary identifiers from records that we may need to keep for periods beyond the original retention period. Details about retentions can be found in our Global Sharepoint Personal Data Protection available on One / Standards / Personal Data Protection.

Purposes for Collecting and Using Personal Information

We collect and use your personal information for the following purposes:

To enter into an employment relationship with you;
To administer to the employment relationship, including administering and managing employee recruitment, hiring, qualifications, performance, promotions, payroll, timekeeping, discipline, training, taxes, leave, vacation and termination;
To communicate with you and reach your emergency contacts when necessary;
To administer to benefits, such as health insurance;
To manage and administer to development or coaching, performance appraisals, promotions, talent management and succession planning;
To ensure business continuity and health and safety of employees and our workplace;
To provide and monitor access to Company facilities, equipment, accounts and systems and to maintain the security of our information systems;
To manage and allocate Company assets and human resources, strategic planning and project management, budgeting, and financial management and reporting;
To comply with legal, regulatory and other requirements;
To maintain records required by law;
To prosecute or defend legal claims, and respond to court orders, subpoenas or governmental information requests; and
To monitor activities as permitted or required by applicable law or regulation; conduct internal investigations; and monitor compliance with employment obligations during employment and post-employment.

We do not collect, use or disclose “sensitive personal information” for the purposes of inferring characteristics.

Sources of Collection of Personal Information

The Company collects personal information from the following categories of sources:

Directly from employees and applicants;
Service providers and contractors providing services on our behalf, such as benefits administrators. We require our service providers and contractors who we provide your personal information to in order to provide services to maintain the privacy and security of your personal information;
Government agencies;
The Company’s internet and intranet networks and internal communications systems (e.g., the Company’s telephonic systems, electronic mail and messaging platforms); and
Third-parties as necessary (e.g., recruiters, among other third-parties).

Release Of Personal Information To Third Parties For Business Or Legal Reasons

We only disclose your personal information to other organizations who are not our service providers or contractors (i.e., third parties) when we have a legitimate business or legal reason to do so or with your prior permission. We may also disclose your personal information to affiliates within the AXA IM family of companies globally for everyday business purposes as described in this notice. Affiliates are companies related by common ownership or control.

We do not (i) “share” your personal information with third parties for cross-contextual behavioral advertising purposes; or (ii) “sell” your personal information to third parties. We have not “shared” with or “sold” any categories of your personal information (A-I) to third parties in the last twelve (12) months.

In the last twelve (12) months, the Company has, or may, disclose the information collected in Categories A-I above to outside organizations or entities who are not service providers or contractors providing services on our behalf including to: state or federal governmental agencies or entities, self-regulatory organizations, among other third-parties, including but not limited to where required by law.

Please see our Cookies Policy

Notice of Rights

Under the CPRA, you have the following rights in the personal information held by the Company:

You have the right to request that the Company disclose the personal information that the Company collects, uses and discloses about you. You may “request to know”: (i) the categories of personal information that the Company has collected about you; (ii) the categories of sources from which the personal information is collected; (iii) the business or commercial purpose for collecting your personal information; (iv) whether any categories of personal information were disclosed for a business purpose to third parties and the categories of third parties with whom the Company discloses your personal information; and (v) the specific pieces of personal information that the Company has collected about you. Your request may pertain to the personal information collected about you on or after January 1, 2022. If your request covers a time period beyond 12 months from the date of your request, the Company may deny your request as to that time period where it would be impossible for the Company to provide you with the information or involve disproportionate effort. The Company may deny your request to search for certain information under certain circumstances (e.g., where the Company retains the information solely for legal and compliance purposes and satisfies other statutory exemptions).
You have the right under certain circumstances to receive specific pieces of your personal information in a format that is understandable, and to the extent technically feasible, in a structured, commonly used, machine readable format that allows you to transmit the information to another entity.
You have the right to correct inaccurate personal information.
You have the right to request deletion of personal information under certain circumstances. For example, the Company may not be required to delete personal information if the Company needs to retain the information to comply with a legal obligation or where the information is stored on an archived or backup system (in which case your request may be delayed until such time (if any) as the information is restored to an active system).
You have the right to know what information is sold or shared to third parties, and to whom and to opt out of sale or sharing (as noted above we do not sell or share your personal information).
You have the right not to receive discriminatory or retaliatory treatment for the exercise of any of these rights. The Company will not discriminate or retaliate against you because you have exercised your rights.

You may submit requests concerning any of your rights by contacting the Company by email dataprivacy@axa-im.com or by telephone the Company at 888-743-5489. The Company will use reasonable methods for verifying that the person making a request to know, data portability, request to correct or a request to delete is the individual about whom the Company has collected personal information.

This may involve, depending on the nature of the request, confirming that the email address provided corresponds with the Company’s records concerning the individual. Additional reasonable measures may also be required to verify the identity of the person making the request depending on the circumstances and whether the information is stored in a password protected account. For requests to delete made electronically, you may be required to submit the request to delete, and then separately confirm that you want your personal information deleted. The Company will maintain a record of your request to delete. To the extent that you wish to use an authorized agent to make requests concerning the rights set forth above, you will need to provide the Company either with a power of attorney or, alternatively, with signed authorization to communicate with your authorized agent, and directly confirm that you provided the authorized agent with permission to submit the request.

The Company will (i) confirm receipt of requests to know, data portability, to correct inaccurate information or to delete within 10 business days of receiving the request and provide information concerning how the Company will process the request; and (ii) generally respond to requests to know, data portability, to correct inaccurate information or to delete within 45 calendar days of receiving the request. If the Company needs additional time to respond to your request beyond the 45 calendar days, the Company will provide you with notice explaining the reasons the Company needs more time, and will then take up to an additional 45 calendar days to respond to your request.

Alternative Access to this CPRA Privacy Notice

Persons with a disability may contact the Company to receive this CPRA Privacy Notice in an alternative format by emailing the Company at dataprivacy@axa-im.com.

Changes to this CPRA Privacy Notice

The Company may remove, modify or add to this Privacy Notice at any time in order to address the Company’s business needs or changes in applicable laws and regulations.

If you have any questions concerning this CPRA Privacy Notice, please contact us at dataprivacy@axa-im.com.

Last Updated: October 2023