image-illustration

Privacy and Policy

Privacy Policy Valid as of 25.09.2020

At VESTFURT, we fully understand how important it is to protect our clients’ personal information. This document sets out our Privacy Policy commitment in respect to the information that we hold about our clients and what we do with such information. We recognise that any personal information we collect about the client will only be used for the purposes we have collected it for, or as allowed under the applicable acts of legislation. This Privacy Policy is a unified policy for the investment firms providing services under the VESTFURT trademark, belonging to the VESTFURTGroup AS consolidation group. The investment firms within the VESTFURTGroup consist of the following: VESTFURTAS, VESTFURT Ltd., VESTFURT Cyprus Ltd. and VESTFURT PTY Ltd. (jointly referred to here as “VESTFURT”).

VESTFURT respects the privacy of any user that accesses its websites, therefore, we are committed to taking all reasonable steps in order to safeguard information related to any existing or prospective clients, applicants or visitors. Before submitting any personal data, a person should examine the given terms and should only continue by agreeing with the Terms in the given Privacy Policy with principles set for data transfer, storage and processing.

VESTFURT is entitled to unilaterally amend the given principles at any time by notifying the clients no later than 14 days prior to any significant amendments via the VESTFURT website, emails or through the Trader`s Room. In issues not regulated by the given Privacy Policy, the parties shall be guided by the General Terms and Conditions of a respective investment firm.

1. Definitions

1.1 Client - means any natural or legal person who has entered into a client relationship with VESTFURT and is actively using, or has used, the services of VESTFURT until the termination of the client relationship. A prospective client is a natural or legal person who intends to use the services of VESTFURT and has made the initial registration for such use of services via the Trader’s Room (without concluding the client relationship).

1.2 Client Data - means information that is known to VESTFURT about the client and that is processed by VESTFURT. When this document refers to ‘personal information’, it means information from which the client`s identity is reasonably apparent. The various categories of client data are specified in point 5 of this document.

1.3 Processing of Client Data - means any action that is performed with the client data, including gathering, recording, structuring, safe keeping, changing, forwarding, deleting, archiving, etc.

1.4 Data Processor - Legal entities within VESTFURT Group AS. VESTFURT provides investment services and is the data processor of client’s personal information in relation to those services. In case a client holds trading accounts under multiple VESTFURT investment firms, there will be more than one Data Processor within the Group.

1.5 Authorised Processor - VESTFURT may also use authorised external processors for client data processing, based on concluded service agreements, which are governed by instructions from VESTFURT for the protection of client related data.

2. Consent to Process Data 2.1 Initial registration - In order to a Live trading account with VESTFURT, a person must make an initial registration via an VESTFURT website’s registration form, or directly through their Trader`s Room and agree with the terms listed in the given Privacy Policy. The Client confirms acceptance of these terms by ticking the corresponding box on the registration form. If such consent is not given, VESTFURT cannot process a persons’ data, nor provide any services to the person in question.

2.2 Attending courses and participating in campaigns - The client’s data will be processed when registering for the offered webinars or seminars, or when landing on any of VESTFURT’ campaign pages that require registration – as VESTFURT will need to use a client’s personal information to perform its services and comply with its obligations. In all such cases, a client’s consent for data processing will be gathered through the registration form that they use to sign up, which subsequently creates login credentials for access to the Trader`s Room.

2.3 Cancellation of the initial registration - When a person cancels the registration process and does not complete it, that person ‘s data will not be retrieved by VESTFURT and will, therefore, not be saved for further processing in the future.

2.4 Declining the option to be contacted via phone - A person always has the right torequest not to be contacted via telephone by an VESTFURT representative. This request will be saved within VESTFURT’ internal systems and acts as a separate restriction which VESTFURT will, of course, be respected. The request to not to be contacted via telephone does not affect a client from using Admiral Market’s services. Additionally, this does not restrict said person to contact VESTFURT by their own initiative.

3. Subscription to Marketing Related Emails 3.1 During the initial registration to the Trader’s Room, a person has the right to choose whether or not to receive marketing related emails (such as company news, information about campaigns and other similar updates to enhance client knowledge related to the financial markets, etc.) to their submitted email address. Such a preference can also be changed at any time through the Trader`s Room, under the ‘Subscriptions’ panel. It’s also possible to unsubscribe from these marketing emails by clicking the link within the emails that have already been received

4. The Purposes of the Collection of Client Data VESTFURT needs to collect various data in order to set a person up as a client, as well as provide various aspects of its services. This data is collected for the below mentioned reasons.

4.1 Verification of identify. VESTFURT is obligated to verify a person`s identity before entering into a client relationship and creating a trading account for the person. For this, VESTFURT can use third parties which carry out identity checks on its behalf.

4.2 To assess the level of a Client’s investment knowledge. VESTFURT must assess clients’ investment knowledge, experience and expertise to deem the suitability and relevance of the offered service for the client.

4.4 Internal business purposes and record keeping. VESTFURT needs to process clients’ personal information for internal business and record keeping purposes. Such processing is in VESTFURT’ own legitimate interests to comply with its legal obligations. This may include any communications that VESTFURT has with a client in relation to the services it provides. VESTFURT will also keep records that ensure that a client complies with its obligations, defined in the Terms of Business of a relevant Admiral Markets investment firm.

4.5 Transaction reporting. VESTFURT is obligated to regularly report to the respective authorities on the market share products and the services held by client groups, as well as other financial figures.

4.6 Marketing. VESTFURT may use client data, such as location or trading history to deliver tailored content, such as news, analysis, research, reports, campaigns and training opportunities that may interest the client, to their registered email address. A client always retains the ability to change their preference if they wish or no longer wish to receive such communications.

4.7 Improvement of Admiral Markets products and services. VESTFURT may, from time to time, use client data to help it analyse and improve its products and services.

4.8 To investigate or settle enquiries or disputes. VESTFURT may need to use collected client data in order to comply with applicable laws, court orders, or other judicial process or requirements of any applicable regulatory authorities. Personal data can also be processed to settle disputes with the client.

4.9 To send client surveys. VESTFURT may send client surveys as part of its customer feedback process as it is in its legitimate interest to ask for feedback to ensure that it provide the best service to its clients.

4.10 Website data analysis. Please find detailed review about website data analysis from VESTFURT Cookie Disclosure.

5. Categories of Client Data Client data may be collected from the client, from the client’s use of the services and from external sources, such as public and private registers. VESTFURT has the right and the duty by virtue of its area of activity to check the accuracy of the client data contained in the databases by periodically asking the client to review and/or correct or confirm the accuracy of the client data pertaining to the client. VESTFURT does not collect sensitive information about the client. Client data categories which are primarily collected and processed by VESTFURT consist of the following:

5.1 Identification data – such as name, date of birth, personal identification code and data regarding the identification document (such as copy of the passport or ID card).

5.2 Contact data – such as physical address, email address, telephone number and language of communication.

5.3 Family data – such as information about the client’s family, heirs and other related person’s (only in cases if a client is related to a politically exposed person or the client has passed away).

5.4 Professional data – such as educational and employment details.

5.5 Financial data – such as income, assets and liabilities, collected in order to understand the client’s resources and trading activity (for the prevention of any illegal activity).

5.6 Data about the origin of assets or wealth – such as data regarding the client`s transaction partners and business activities (for the prevention of, for example, money laundering or the financing of terrorism).

5.7 Data that enables VESTFURT to perform its due diligence measures regarding the prevention of money laundering and terrorist financing and to ensure compliance with international sanctions, including the purpose of the business relationship, true beneficiaries and whether the client is a politically exposed person.

5.8 Data about the client’s tax residency – such as country of residence, tax identification number and citizenship.

5.9 Communication and activity data – such as visual and/or audio communication data recordings collected when the client visits any VESTFURT branches, including data related to the client’s visit to VESTFURT websites and the Trader’s Room.

5.10 Data related to VESTFURT’ services – such as the performance data related to the services of the agreements or the failure thereof, executed transactions, submitted applications, requests, complaints and applied service fees.

5.11 Data about habits, preferences and satisfaction – such as data about preferences, satisfaction and activeness of using the services, services used, personal settings, survey responses, etc.

5.12 Data about participation in campaigns – such as the points gained and prizes won in games or campaigns.

5.13 Data about client’s classification category, level of expertise and previous exposure to the financial market – including the client’s investment knowledge and experience, investment objectives, etc.

6. Contacting VESTFURT by Email or Via Live Chat When you email VESTFURT (via the ‘Contact Us’ page), or using the Live Chat feature, a person may be requested to provide some additional personal data, like their name or email address. Such data will be used to respond to their query and verify their identity. Emails are stored on Admiral Markets’ standard internal contact systems which are secure and cannot be accessed by unauthorised external parties.

7. Recipients of Client Data If necessary, client data is shared with other recipients, such as:

7.1 Authorities, such as law enforcement authorities, bailiffs, notary offices, tax authorities, supervision authorities and financial intelligence units.

7.2 Legal entities within VESTFURT Group AS. VESTFURT businesses are supported by a variety of the VESTFURT Group’s teams and functions. VESTFURT may make personal data available to them, if necessary, for the provision of services, trading platform administration, sales and marketing, customer and technical support. All VESTFURT employees are required to follow data privacy and security policies when handling personal data. VESTFURT may process personal data in respect of the website and the Trader`s Room in the following locations: Estonia, United Kingdom, Cyprus and Australia.

7.3 Institutions providing financial services, for example banks, payment systems, institutions participating in the trade execution, settlement and reporting cycle (for example regulated markets as execution venues, multilateral trading facilities, organised trading facilities, trade repositories, local and foreign brokers).

7.4 Auditors, legal and financial consultants, or any other processor authorised by VESTFURT.

7.5 Third parties maintaining registers (such as to credit registers, population registers,commercial registers, securities registers or other registers holding or intermediating client data).

7.6 Debt collectors upon assignment of claims, courts and bankruptcy or insolvency administrators.

7.7 Other persons related to the provision of services of Admiral Markets, such as service providers of archiving and postal services.

7.8 VESTFURT may use other external authorised processors for processing client data. In such cases, VESTFURT takes the needed steps to ensure that such data processors process client data under the instructions of VESTFURT with adequate security measures.

7.9 VESTFURT may share client data in the event of a merge, sale, restructure, acquisition, joint venture, assignment, transfer or other disposition of all or any portion of VESTFURT’ business, assets or stock (including in connection with any bankruptcy or similar proceedings).

8. Client Rights VESTFURT respects clients’ rights to access and control their personal data. Admiral Markets will respond to requests concerning personal data processing and, when applicable, VESTFURT will give access to, correct or delete such personal data.

8.1 Review of client data processing. Upon request by the client, VESTFURT shall provide a review of the gathered client data which is available in its client database. Before providing such a review, VESTFURT will ask the individual to prove their identity in order to reduce the risks of identity fraud. The client will also have the possibility to examine the submitted client data in the Trader`s Room and on the trading platform.

8.2 Correction of data. If the personal information VESTFURT holds concerning the client is inaccurate or incomplete, the client is entitled to have it corrected by VESTFURT. VESTFURT may request additional information and documentation required to validate the need for the requested change of data.

8.3 Restrict processing. A client may ask VESTFURT to restrict the use of client data for marketing purposes. The client can change its preferences for receiving such notifications in the Trader`s Room, when choosing ‘Subscriptions’.

8.4 Deletion. A client may ask VESTFURT to delete the personal data that it holds. The request to delete an individual’s personal data will result in the closure of their account(s), removal of their data from active processing and a termination of the client relationship. However, VESTFURT is required to maintain the client’s personal data to comply with its legal and regulatory requirements, as well as in accordance with internal compliance requirements in relation to the maintenance of records. VESTFURT shall preserve data for at least five years following the termination of the client relationship, unless other terms for the preservation of data or documents are prescribed by law. Unnecessary client data shall be deleted or destroyed.

10. Organisational, Physical and IT Security Measures VESTFURT, within the framework of applicable laws, that client data is safeguarded with the appropriate technical and organisational measures to prevent unauthorised access, unlawful processing or disclosure, accidental loss, modification or destruction. VESTFURT shall implement the organisational, physical, IT and other necessary security measures to ensure the protection of Client Data and to monitor the processing of Client Data. Among other things, such security measures shall include the following activities:

10.1 implementation by VESTFURT through its internal rules of the requirements for processing, registering and recording client data as well as procedures for checking the compliance with those requirements.

10.2 authorisation of VESTFURT employees to access only necessary client data in a client database, which is strictly in accordance with the job duties performed.

10.3 imposing an obligation of confidentiality on VESTFURT employees responsible for handling client data.

10.4 unauthorised processing of data (including recording, alteration, deletion, reading, copying, (transmission), unauthorised transportation of records and any other unauthorised use of data (not prescribed by official duties) shall be prohibited.

10.5 Adequate security measures, including encryption of data where necessary, shall be implemented upon transmission of data by means of data communication equipment or in the transport of records.

10.6 Every user of the client database shall be issued a personal means of authentication, enabling them to use the database.

10.7 VESTFURT shall implement adequate and sufficient measures to ensure that every data processing operation leaves a trace, which would afterwards enable identification of the person who performed the operation, the nature and time of the operation and any other relevant facts, including when, by whom and which data were recorded, altered or deleted, or when, by whom and which data in the data processing system were accessed, as well as information on any transmission of data. A possibility for restoring the content of the data before modifications shall be available when any modifications are made to the data or documents.

10.8 The personal information that the client provides in connection with registering itself as a user in the Trader`s Room is classified as registered Information. Registered Information is protected in many ways. Clients can access the Trader`s Room with their username (client email) and password selected by the client. It is the clients’ responsibility to ensure that the login and password is known only to the client itself.

10.9 Transmission of information via regular email exchange is not always completely secure. VESTFURT however exercises all endeavors to protect clients’ personal data, yet it cannot guarantee the security of client data that is transmitted via email; any transmission is at the clients’ own risk. Once VESTFURT has received the client information it will use procedures and security features in an attempt to prevent unauthorised access.

11. The Geographical Area of Processing 11.1 As a general rule, the client data is processed within the European Union/European Economic Area (EU/EEA), but in some cases it is transferred to and processed in countries outside the EU/EEA. This exception applies with client data held under VESTFURT PTY Ltd. (the investment firm operating in Australia), which is processed by an authorised processor of another entity in the VESTFURT Group, namely VESTFURT AS in Estonia.

11.2 The transfer and processing of client data outside the EU/EEA can take place provided there are appropriate safeguards in place and the actions are made based on a legal basis only.

11.3 Upon request, the client may receive further details on client data transfers to countries outside the EU/EEA.

12. Data Portability The client has the right to obtain personal information held by Admiral Markets, provided that VESTFURT has this in a structured, commonly used and machine-readable format, and to reuse it elsewhere or ask VESTFURT to transfer this to a third party of the client’s choice. In case of the forwarding of data to a third party, a clear written consent from the client must be received and verified.

13. Contact Details 13.1 In case of questions about the content of this Privacy Policy, if an individual would like a copy of the data VESTFURT has collected on them, or would like to raise a complaint or other comment with regards to data processing, please contact VESTFURT’ appointed Data Protection Officer by post: Ahtri 6A, Tallinn 10151; or email: [email protected], clearly marking “FAO: Data Protection Officer”.

13.2 The general contact details of VESTFURT investment firms are available on VESTFURT website: https://vestfurt.com, selecting the ‘Contact Us’ page.

13.3 The client has the right go to court or to escalate their complaint to the data protection regulator in their jurisdiction for the protection of rights, unless the applicable laws prescribe a different procedure for handling such claims.