Quilter plc 2025 Annual General Meeting (“AGM”)

Who this covers?

This document serves as a privacy policy and privacy notice that covers JSE Investor Services Proprietary Limited (JIS) and its subsidiary JSE Investor Services CSDP Proprietary Limited (JIS CSDP). Reference made to “JIS” refers to JSE Investor Services (Pty) Ltd and JSE Investor Services CSDP (Pty) Ltd.

JIS is a share registry and provides transfer secretarial services to companies, large asset owners and trustees. JIS CSDP is a Central Securities Depository Participant approved by Strate Pty Ltd and an authorised Financial Services Provider licensed by the FSCA (FSP no: 44210) that provides custody and settlement services to clients.

JIS has been entrusted by clients to handle sensitive data in a secure and confidential manner.

What is this Privacy Policy?

At JIS we collect personal information about you and are committed to protecting this information and your privacy.

Set out below is an explanation of how we use, collect and safeguard your personal information.

What personal information do we collect? In the valid discharge of its functions, JIS may collect and/or hold the following types of information:

• personal information; and
• sensitive/special category information,

in relation to relevant individual contacts in investor, compliance and share registration functions, client and supplier personnel, and other individuals with which JIS comes into contact.

These are explained in more detail below.

Personal Information

 This includes information that meets the following descriptions:

• name;
• mailing and/or street address;
• email address;
• telephone number;
• profession, occupation or job title;
• details of the services an individual has acquired from JIS or its clients or which an individual has enquired about, together with any information necessary to deliver those services and to respond to enquiries;
• any additional information relating to an individual, provided to JIS directly or indirectly through any JIS website or online presence or through JIS representatives; and
• information provided to JIS through its service centres, meetings with JIS representatives or customer surveys.

Sensitive / Special Category Information

Less commonly, but where necessary for the provision of a service or compliance with a lawful authority, JIS may also collect sensitive / special category information including, but not limited to:

• Immigration status;
• Details published in Politically Exposed Person (PEP) lists, criminal watch lists, United Nations Sanctions lists or EU lists of a similar nature (for Anti-Money Laundering Counter-Terrorism Financing and Autonomous Sanctions purposes).

 How do we collect personal information?

 JIS collects personal information directly from you, or your authorised representative, unless it is unreasonable or impracticable to do so. JIS may collect personal information: 
 
• from written requests, including email; 
• when you complete an application, either on line or hard copy, regarding any of the services or opportunities included in JIS’s websites; or 
• through your provision of identity documents, drivers’ licence, passport, utility bills, bank statements etc. for the purpose of verifying your identity relating to FICA (Know Your Client) legislation and other regulatory requirements

JIS will only collect special category/sensitive information about a person with the consent of the individual, except where JIS is required or permitted by law to collect such information without consent.

Why do we collect your information?

 JIS collects personal information about you to be able to provide services to you for the following purposes: 
• send you communications; 
• to update records and keep your contact (and other) details up-to-date; 
• to answer your enquiries and provide information or advice about existing and new services; 
• to process and respond to any complaints you may make; 
• to provide you with access to protected areas of our websites; 
• to meet legal obligations under the Common Reporting Standard (CRS), the Foreign Account Tax Compliance Act, Financial Intelligence Centre Act, Companies Act, Financial Markets Act etc.; and 
• to comply with any other law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or where a government authority makes recommendations that are not mandatory but which we elect to follow

JIS will not share, sell, rent or disclose your personal information other than as described in this privacy policy.

How do we use your personal information?

We will use the information we hold about you for the following purposes:

• To provide you with the services, products, and/or information you request from us
• To check your identity (where we need to comply with a legal obligation we have, or otherwise in accordance with our legitimate interest to run our business properly);
• To assess any application, you make to participate in any service we provide (where we need to comply with a legal obligation we have, or otherwise in accordance with our legitimate interest to run our business properly);
• To prevent and detect fraud and/or money laundering (where we need to comply with a legal obligation we have, or otherwise in accordance with our legitimate interest to run our business properly);
• So that we can communicate with you as necessary;
• To carry out analysis about our services and how we might improve them (in accordance with our legitimate interest to develop our business and services); and
• To notify you about changes to our services (in accordance with our legitimate interest to keep you informed).

Who do we share personal information with?

Personal information held by JIS will only be used for purposes directly related to one or more legitimate functions or activities of JIS in the provision of its services or as otherwise permitted by lawful authority. JIS does not sell personal information. 
 
JIS may disclose your personal information to: 
• our employees; 
• issuers of securities for whom we are contracted to provide registry or other services; 
• security issuers under JIS contracts to provide registry services; 
• contractors or service providers, for the purposes of the operation of JIS’s business or websites; 
• third parties, in order to fulfil requests by you, and to otherwise provide services to you  
• IT systems administrators, web hosting providers, mailing houses, couriers, payment processors; 
• professional advisors such as accountants, solicitors, business advisors and consultants; 
• regulators with statutory responsibility to regulate various areas of our business operations; 
• law enforcement agencies; and 
• any organisation for any authorised purpose with your consent. 
 
In some cases, JIS may also be required to disclose your personal information without your consent.  Specific instances include where:

• required or authorised by law. For example, where an entity is subject to a statutory requirement to report certain matters to regulator or enforcement body; or
• a warrant or notice issued by a court requires JIS to produce records or documents they hold

How do we keep your information secure?

JIS will take all reasonable steps to ensure your personal information is protected from misuse, loss and unauthorised access, modification or disclosure in accordance with statutory requirements. This includes having security measures and controls in place to protect personal information including limiting access, cryptography, physical and environmental security and audit monitoring.

JIS may hold your information in either electronic or hard copy form, and will destroy or de-identify personal information when it is no longer required or when we are no longer required by law to retain it (whichever is the later).

How can you access and correct your personal information?

You may request access to any personal information JIS holds about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with a suitable means of accessing it (for example, by mailing or emailing it to you). We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge you for simply making the request nor charge you for making any corrections to your personal information. 
 
There may be instances where JIS cannot grant you access to the personal information it holds, for example, if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality or a breach of legislation. If that happens, we will generally give you written reasons for any refusal. 
 
If you believe that personal information JIS holds about you is incorrect, incomplete or inaccurate, then you may ask us to amend that information. We will then consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.

Changes to this Privacy Policy

JIS may change this policy from time to time. Any updated versions will be published on our websites and will be effective from the date of posting.

Who can you speak to at JIS about this Privacy Policy?

• Questions, comments and the exercise of your rights regarding this Privacy Policy and your information are welcomed and should be addressed to the JIS Privacy Officer:
  Email: compliance@jseinvestorservices.co.za
  Or
  Post: Attn: Privacy Officer
  JSE Investor Services Pty Ltd
  PO Box 4844
  Johannesburg
  2000
   
  Or
  
  Telephone: + 27 11 713 0800  
  08h00 –16h30, Monday to Friday (excluding public holidays)