Cohen & Steers endeavors to maintain the highest standards of protection for our clients, our employees and other individuals whose personal information we collect and process. Cohen & Steers has robust security measures in place to meet appropriate data protection requirements, with a global information governance policy for all business lines and subsidiaries.
While Cohen & Steers has very limited exposure to personal information and does not sell sensitive information or act as a data broker, Cohen & Steers takes its responsibility to protect the information it holds seriously. This responsibility is overseen by Cohen & Steers senior management with direct responsibility for the information security governance policy managed by the Chief Information Security Officer (CISO) and the Chief Compliance Officer (CCO), as well as responsibility for privacy queries and the vision, strategy and program regarding use of personal information in EEA managed by the Chief Privacy Officer (CPO).
Cohen & Steers regularly monitors security to ensure that Cohen & Steers systems and controls are operating in a manner reasonably calculated to prevent unauthorized access to or unauthorized use of sensitive information. The company assesses on an ongoing basis reasonably foreseeable internal and external threats to security, confidentiality, integrity and availability of sensitive information and updates information safeguards as necessary to identify and limit such threats, engaging third-parties to conduct an annual risk assessment or other reviews as needed. Cohen & Steers’ information security program is based on the controls defined in the ISO 27001:2013 information security framework to further ensure the robust nature of our information governance policies and procedures. We also employ a vigorous global incident response/data breach plan that is assessed on a regular basis as part of our information governance.
Cohen & Steers’ commitment to the awareness of security in information is exercised globally in our staff as all employees receive ongoing training regarding the proper use of systems and the importance of security of sensitive information.
Please click here to be directed to the EU and UK-resident specific privacy notice which articulates the rights of control of individual data under the General Data Protection Regulation.
Please click here to be directed to the California-resident specific privacy notice which articulates the rights of control of individual data under the California Consumer Protection Act.
Please click here to view the Cohen & Steers global privacy notice.
If you have any questions about privacy at Cohen & Steers, you can email us at [email protected].