This privacy information notice (“Privacy Information Notice”) describes how SharesPro Limited Liability Company will collect, use and protect your personal information. It applies to any services and website applications offered by SharesPro Limited Liability Company and referred to in this Privacy Information Notice.
1. Who we are
SharesPro Limited Liability Company (SharesPro, we, us) is a Data Controller (as defined below). This means that we are responsible for deciding how we hold and use Personal Data about you. We are required under Data Protection Legislation to provide you with this Privacy Information Notice.
SharesPro is committed to protecting the privacy and security of your Personal Data. This Privacy Information Notice describes how we collect and use Personal Data about you during and after your working relationship with us, in accordance with Data Protection Legislation.
What it means in this document
any affiliated company of SharesPro;
the person (or business) who determines the purposes and means of processing Personal Data;
the person (or business) responsible for processing Personal Data on behalf of a Data Controller;
Data Protection Legislation:
the RDPR, the GDPR, the DPA and any other applicable legislation or regulation, regulatory codes of practice and guidance issued or updated from time to time;
Data Protection Act 2018;
European Economic Area which is made up of EU countries plus Norway, Iceland and Liechtenstein;
EU General Data Protection Regulation (EU) 2016/679;
Personal data as defined in the Data Protection Legislation; and
152-FZ on Personal Data dated 27 July 2006.
2. Why we need to collect, use and process your Personal Data
We collect Personal Data from you when you enter into a contract with us and/or complete an application form for any of our services and we process that Personal Data in order to administer and operate your account, perform our contractual obligations and to comply with our legal obligations or regulatory requirements, including those laid down in tax and company law (including for the purposes of complying with the Foreign Account Tax Compliance Act and the OECD Common Reporting Standard for Automatic Exchange of Financial Account Information) as well as anti-money laundering and counter-terrorist financing laws and regulations and screening against sanctions lists.
When you enter into a contract with us and/or complete a client application form to enable us to provide you with any of our services, you understand that we will be processing your Personal Data for the purposes set out above.
3. The information we collect, hold and process about you
We may collect the following types of Personal Data from you, your directors, officers or employees, your beneficial owners (if applicable) and any person or organisation you have appointed to act on your behalf in relation to our services, for example an investment manager or an attorney under a power of attorney (if applicable):
1. Full name;
2. Permanent residential address;
3. e-mail addresses;
4. Telephone and facsimile contact numbers;
5. Nationality and citizenship;
6. Date of birth;
7. Passport information such as passport number and date of expiry;
8. Profession or occupational information;
9. Educational information;
10. Utility bills;
11. Tax information such as tax identification numbers and country of residency or domicile for tax purposes; and
12. Financial information such as your net worth, income sources, broker- and bank account details.
It is important that the Personal Data we hold about you is accurate and current. Please keep
us informed if your Personal Data changes during your working relationship with us.
4. How we use and process your Personal Data
We will only use your Personal Data when the law allows us to. For the most part we do not rely on individual consent to allow us to process Personal Data. Our processing is permitted by the Data Protection Legislation because it is: (i) necessary in order to administer and operate your account and perform our contractual obligations, (ii) necessary to comply with our legal obligations and regulatory requirements, and (iii) for our legitimate interests in providing its services to you as our client (including for the purposes of the prevention of fraud). We will use your Personal Data in the following circumstances:
1. To process your application for the requested services;
2. To perform the services under the contract we have entered into with you;
3. To comply with any legal obligation or regulatory requirement;
4. For the detection, prevention and investigation of illegal or prohibited criminal activities and in the protection of our legal rights (including liaison with regulators and law enforcement agencies);
5. To provide you with access to our web-based services and applications in relation to the services you have requested;
6. To notify you about changes to our services; and
7. To send you details by post, email, telephone or any other electronic means, of services we supply which we believe may be of interest to you, but only if you have given us prior consent (this may include sending your details to third parties who may provide some services on our behalf).
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
5. The consequences of not providing some types of Personal Data
If you fail to provide certain information when requested, we may not be able to perform the contract we have entered into with you, or we may be prevented from complying with our legal obligations and regulatory requirements.
6. How we collect information
You may give us Personal Data when you apply to us to perform our services, by entering into a contract with us and/or filling in a client application form (in paper or on our website) or by corresponding with us by:
c. Post; or
d. By any other electronic means.
We may also receive Personal Data (e.g. financial or tax information) from third parties with whom we work closely and who are entitled to share that information (e.g. credit agencies, search information providers, business partners, banking and related service providers, analytics providers, public sources or any other service providers), but in each case, as permitted by applicable law.
7. Disclosure of your information
Once you have entered into a contract with us and/or completed a client application form to enable us to provide you with any of our services, we may share your Personal Data (including storage and transfer of data) with:
1. Any Affiliates or branches in the same corporate group as SharesPro for the purposes set out in this Privacy Information Notice;
2. Agents selected by you (such as your investment manager or attorney) and for whom you have given prior consent for us to share Personal Data;
3. Any third party in order to meet our legal and regulatory obligations, including statutory or regulatory bodies, law enforcement agencies, credit reference agencies and company auditors;
4. Our service providers and agents (including their sub-contractors) or third parties who process information on our behalf solely for the purposes of providing their services to us, complying with their own legal obligations or pursuing their legitimate interests as described in this Privacy Information Notice; and
5. Any third party such as courts, government agencies, tax and other regulatory authorities in the context of actual or threatened legal proceedings provided we can do so lawfully or in our reasonable opinion such disclosure is necessary to comply with applicable laws and legal processes, support an investigation or to protect our rights and interests.
8. Data retention
We may retain information about you:
1. At the end of your legal contract with us;
2. Where your application to become our client is declined by us; or
3. Where you decide not to proceed with entering into a legal contract with us.
This information will only be held for as long as is necessary to meet any contractual, legal, regulatory obligations or fraud prevention requirements and for our lawful business processing. We regularly review our records to ensure that we only retain your Personal Data for as long as is necessary for the purposes set out in this Privacy Information Notice.
Please note that where we no longer need your Personal Data, we will dispose of it in a secure manner (without further notice to you).
9. Automated decisions
We may use your Personal Data to undertake automated online identity and background checks for our know-your-customer (KYC) purposes and for the purposes of relevant checks in the detection, prevention and investigation of illegal or prohibited criminal activities such as anti-money laundering (AML) and counter-terrorist financing (CTF).
10. Transfers outside of the European Economic Area
The Personal Data that we collect from you may be transferred to, and stored at a destination in any country, including countries outside the EEA, which may not have data protection laws as strict as within the EEA, and may not have been determined to ensure an adequate level of data protection by the European Commission. It may also be processed by our service providers (and their employees) operating outside the EEA. Where this is the case, such Personal Data will be held in accordance with local applicable law and we will seek to put appropriate safeguards in place to protect the transferred Personal Data including the use of data transfer agreements in the European Commission’s standard form where appropriate.
11. Security and storage of information
To protect the security of your Personal Data, we implement appropriate technical and organisational security measures which include physical and technical security safeguards and a governance model that ensures that adequate policies, procedures and controls are in place.
12. Your information and your rights
You have the following rights which can be exercised by contacting us via the contact details set out below:
a. To be informed about how we obtain and use your information;
b. To ask for a copy of the information that we hold about you;
c. To have your information rectified or completed if it is inaccurate or incomplete;
d. To request us to restrict processing of your Personal Data;
e. To request to have your information erased (right to be forgotten);
f. To object to the processing of your information (e.g. for direct marketing purposes);
g. To have information you provided to us, returned to you or sent directly to another company, in a structured, commonly used and machine readable format where technically feasible (Data Portability);
h. Where the processing of your information is based on your consent, the right at any time to withdraw that consent;
i. To object to any decisions based on the automated processing of your Personal Data, including profiling; and
You cannot opt out of receiving regulatory or legal information or updates (e.g. information about a change to the terms and conditions of our services). If you would like to use any of your rights, please contact us and we shall be available to assist you.
13. Electronic mail containing Personal Data
You and your agents may, from time to time, send Personal Data to us electronically. We are not responsible for the way in which you or your agent handles Personal Data. Where possible, we insist that you or your agent communicate using either secure/encrypted email, through a secure portal on our website or using encrypted files.
When we communicate Personal Data with you or your agent through electronic means we will ensure that it is done so securely using either encrypted files or secure messaging.
To access our secure portal for any of our web-based services, you are required to be a registered authorised user with a username and password in order for us to verify you as an authorised user.
14. Changes to our Privacy Information Notice
We may change, modify or adjust this Privacy Information Notice from time to time. However we will not reduce your rights under this Privacy Information Notice.
Any changes we may make to our Privacy Information Notice in the future will be found on our website. Copies are also available from us by post. Please contact us if you require a copy.
15. Contact us
We take your privacy and protection of your Personal Data very seriously. If you have any questions, comments or queries about the way we are collecting or using your Personal Data, please email us at firstname.lastname@example.org or email@example.com.