Errante Securities (Seychelles) Ltd (hereinafter referred to as “We” (“Us”, “Our”), regulated by the Seychelles Financial Services Authority (FSA) under license number [SD038]. Errante Securities (Seychelles) Ltd is governed by the Consolidated Securities Act, 2007 to 20th December 2018.
We are dedicated to protecting your confidentiality and privacy of your personal data and handling your personal data in a transparent manner. When processing personal data, the Company is subject to the provisions of the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) and the Seychelles Law providing for the protection of natural persons with regard to the processing of personal data and for the free movement of such data.
For the purposes of this Policy, “personal data” means any information that could be used, on its own or in conjunction with other data, to identify an individual, directly or indirectly, such as name, identification number, location data and “processing” means any operation or set of operations which is performed on personal data, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, erasure or destruction.
PERSONAL INFORMATION WE COLLECT
Our Company may process personal data of individuals who visit our website, individuals who decide to use any service available through our Website or individuals who are current, former or prospective clients, including, without limitation:
- Individuals connected or relevant to legal entity clients, such as, directors, company secretaries or other individual office holders of our legal entity clients;
- Shareholders, nominee and ultimate beneficial owners of our legal entity clients;
- Legal representatives, agents and/or other individuals authorized to act on behalf of our clients.
The Company does not provide any services to children, i.e. individuals who are under the age of eighteen (18) and hence, does not process any personal data of children. Further information can be found below.
When you visit the Site, we automatically collect certain information about your device, including information about your web browser, IP address, time zone, and some of the cookies that are installed on your device. Additionally, as you browse the Site, we collect information about the individual web pages or products that you view, what websites or search terms referred you to the Site, and information about how you interact with the Site. We refer to this automatically-collected information as “Device Information.”
We collect Device Information using the following technologies:
– “Cookies” are data files that are placed on your device or computer and often include an anonymous unique identifier. For more information about cookies, and how to disable cookies, visit http://www.allaboutcookies.org.
– “Log files” track actions occurring on the Site, and collect data including your IP address, browser type, Internet service provider, referring/exit pages, and date/time stamps.
– “Web beacons,” “tags,” and “pixels” are electronic files used to record information about how you browse the Site.
We may process various types of personal data, which may vary according to the circumstances and nature of our relationship with you. Specifically, before we enter into an engagement with you for the provision of investment and ancillary services, we may require information for due diligence purposes, which includes, but is not limited to, the following:
- Personal details such as name, surname, place and date of birth, citizenship, nationality, residential address, email address, telephone, identification number, passport, information about any shareholdings and directorships, information on whether you hold/held a prominent public function, source of wealth, tax reference and background information such as non-bankruptcy records and clean criminal records;
- Financial details such a bank account details, credit card details, bank statements, loan agreements, credit facilities tax references, information regarding your investment objectives;
- Supporting documentation that verify your identity and residency such as passport or national ID, utility bills and bank statements.
Moreover, we may also collect or process personal data from third party sources, including without limitation, the press, social media, the Department of Registrar of Companies and Official Receiver, the World-Compliance database.
HOW DO WE USE YOUR PERSONAL INFORMATION?
We use or otherwise process your personal data to provide you with the services you request through the Site and in general to carry out our lawful business activities. We ensure that your personal data is processed lawfully, fairly and in a transparent manner for the following purposes and on the following lawful bases:
- The processing is necessary for the performance of a contract:
We use your personal data such as your personal details, including your name, surname, identification number, phone number, financial background and investment objectives that will allow us to take steps at your request prior to entering into an agreement, or where the processing of your personal data is necessary for the performance of a contract, i.e. the Client Agreement. Moreover, the processing of your personal data will allow us to open and administer your trading account and provide you with technical and customer support and training.
- The processing is necessary for compliance with legal obligation:
The processing of your personal data is necessary for compliance with our legal obligations emanating from a variety of laws to which we our subject, for the following, inter alia purposes: identification and verification procedures, anti-money laundering assessments, the retention of personal data for a specified time frame and the disclosure of personal data to the supervisory authority or other regulatory authorities.
Examples of the mentioned laws and regulations are the European Markets in Financial Instruments Directive (“MiFID II”), the corresponding Investment Services and Activities and Regulated Markets Law of the Republic of SeychellesSeychelles, the European and SeychellesSeychelles legislation regarding the prevention of money laundering and financing of terrorism, including without limitation, the Prevention and Suppression of Money Laundering and Terrorist Financing Law 188(I)/2007, as amended and the Directive of the SeychellesSeychelles Securities and Exchange Commission for the Prevention and Suppression of Money Laundering and Terrorist Financing, the Market Abuse Regulation (“MAR”) and the Foreign Account Tax Compliance Act (“FATCA”).
We kindly inform you that the provision of your personal data is a requirement necessary to enter into a business relationship with our Company and to provide you with the requested services. Moreover, we are legally and contractually required to provide and keep your personal data up to date and accurate. Therefore, please note that if you do not provide us with any personal data we request, our business relationship cannot be commenced or continued, since compliance with our legal obligations will be deemed impossible.
SHARING YOUR PERSONAL INFORMATION
We share your Personal Information with third parties to help us use and/or process your Personal Information, as described above.
For example, we use Google Analytics to help us understand how our customers use the Site–you can read more about how Google uses your Personal Information here: https://www.google.com/intl/en/policies/privacy/. You can also opt-out of Google Analytics here: https://tools.google.com/dlpage/gaoptout.
Finally, we may also share and/or disclose your Personal Information with the appropriate regulatory and/or supervisory authorities when this is required to comply with applicable laws and regulations, to respond to a subpoena, search warrant or other lawful request for information we receive, or to otherwise protect our rights. Hence, such processing of your personal data is required to either for us to comply with our legal obligations or for safeguarding our legitimate interests, where such interests do not infringe your interests, fundamental rights and freedoms (without limitation, such interests include business or commercial interests and examples and relevant processing activities may include the preparation of our defense in litigation procedures).
WHERE WE TRANSFER AND/OR STORE YOUR PERSONAL INFORMATION
We are based in SeychellesSeychelles so your data will be processed in SeychellesSeychelles and the EU. Some of the recipients we have described above and to whom we disclose your personal information, are based outside SeychellesSeychelles and the EU in places like the GCC, CIS, and North Africa. We only transfer personal data outside the European Economic Area in compliance with the GDPR and especially when there is an adequacy decision of the Commission or in the absence of such decision we use Standard Contractual Clauses or other appropriate safeguards such as binding corporate rules to ensure that the transfer will be in compliance with the requirements of the GDPR. In order to protect your information, we take care where possible to work with subcontractors, service providers, business partners, affiliates and professional advisers who we believe maintain an acceptable standard of data protection and security compliance.
We are committed to ensuring that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure your personal data..
MARKETING CHOICES REGARDING YOUR PERSONAL DATA
Where we have your consent to do so (e.g. if you have subscribed to our newsletter), we send you marketing communications by email about information that we feel may be of interest to you. You can ‘opt-out’ of such communications if you would prefer not to receive them in the future at any time by clicking the ‘unsubscribe’ link in the footer of any such email communication you receive from us, or by contacting us at email@example.com. In doing so you exercise your right to withdraw your consent without affecting the lawfulness of the processing based on consent before withdrawal.
COOKIES AND WEB ANALYTICS
When you visit our website, there is certain information that is recorded which is generally anonymous information and does not reveal your identity. If you are logged into your account, some of this information could be associated with your account. We are talking about the following kinds of details:
- Your IP address.
- The domain name you requested.
- The name of your internet service provider (ISP) is sometimes captured depending on the configuration of your ISP connection.
- The date and time of your visit to the website.
- The length of your session.
- The pages which you have accessed.
- The number of times you access our website within any month.
- The file URL you look at and information relating to it.
- The website which referred you to our website.
- The operating system which your computer uses.
We are using Google Analytics for tracking of our website traffic and the user data retention period is 26 months.
HOW LONG WE KEEP YOUR PERSONAL INFORMATION
We keep records of your personal data in both physical and electronic formats.
We shall keep your personal data for no longer than reasonably necessary for the purposes originally collected, i.e. for the purposes of processing set out in this Policy, including the requirement to provide our services to you, and to comply with our legal obligations (e.g. for Seychelles corporation tax purposes, records should be kept 6 years from the end of the accounting period), for up to [….] years. However, we may need to retain your personal data for longer if this is required for us to comply with any legal or regulatory requirements.
According to GDPR you have certain rights with respect to your personal data. Action is committed to facilitating the exercise of your rights and below we present to you your rights and how you can exercise them.
You have the right to:
- request access to, or copies of your personal data, along with details about the processing of your personal data;
- request rectification of your personal data;
- request us to erase your personal data subject to certain criteria to being fulfilled where, for instance, your personal data is no longer required in relation to the purposes for which they were originally collected or otherwise processed or where we are under a legal obligation to erase your personal data;
- request us to restrict our processing activities where certain conditions shall be satisfied, including without limitation, the case where the processing is unlawful, and you oppose the erasure of the personal data and request the restriction of their use instead;
- object to the processing activity under certain circumstances, including without limitation, the case where we are relying on our legitimate interests (or those of a third party) to process your personal data, except where we can demonstrate compelling legitimate grounds for such processing, which override your interests, rights and freedoms or for the establishment, exercise or defense of legal claims;
- data portability hence, the right to receive your personal data which you provided us in a structured, commonly used and machine-readable format and to transmit this elsewhere or ask us to transfer them to another data controller, to the extent applicable.
- withdraw consent at any time, where we process your personal data on the basis of your consent. However, kindly note that any withdrawal of consent shall not affect the lawfulness of processing based on consent before it was withdrawn by you;
- You can exercise your rights by contacting us either via email to firstname.lastname@example.org outlining your request or by calling us on +357 25 123 123
CHILDREN UNDER THE AGE OF 18
The Website is not aimed at children under 18 years of age. We do not knowingly collect personal information from children under 18. If you are under 18, please do not use our services or provide any information to us through the Website. If we learn we have collected or received personal information from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at email@example.com
LINKS TO OTHER WEBSITES.
Our website may contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website(s). Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question so as to be properly informed about the processing activities of such website(s).
In any event, you have the right to lodge a complaint with the supervisory authority in Seychelles which is Office of the Commissioner for Personal Data Protection at www.dataprotection.gov.cy.
WHEN WE NEED TO UPDATE THIS POLICY
We may need to change this policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this policy will always be available on this page.