This Policy is in line with Article 24 GDPR (EU) 2016/679, taking into account the nature, scope, context and purposes of processing as well as the risks to the rights and freedoms of natural persons, CortanaWorldBroker has implemented appropriate technical and organisational measures to ensure pursuance to the General Data Protection Regulation (GDPR). This policy stands the cornerstone to CortanaWorldBroker compliance with GDPR and is reviewed and updated accordingly. This Policy that provides data subjects with information on how CortanaWorldBroker collects personal data, what they do with it and with whom it may be shared. This privacy notice has been drafted in compliance with the requirements of the General Protection Regulation, Regulation (EU) 2016/679, (the “GDPR”) and on the basis of the information Commissioner’s Code of Practice on “Privacy notices, transparency and control” and the Article 29 European Commission Guidelines on transparency under theGDPR. We ask that you read this privacy notice carefully as we would like to inform you that your privacy on the internet is of crucial importance to us and it also contains important information on who we are, how and why we collect, store, use and share personal information, your rights in relation to your personal information and on how to contact us and supervisory authorities in the event you have acomplaint. Who we are? CortanaWorldBroker (“us”, “our” or “we”) collects, uses and is responsible for certain personal information about you. When we do so we are regulated under the General Data Protection Regulation which applies across the European Union and we are responsible as “controller” of that personal information for the purposes of those laws. Data Controllers and Contracting Parties Regardless of whether you reside inside or outside the “Designated Countries”, CortanaWorldBroker will be the controller of your personal data provided to, or collected by or for, or processed in connection with our services and regulated activities. Whether information has to be provided by you, and if so why The provision of “Your Data” is required from you to enable us to provide our services. We will inform you at the point of collecting information from you, whether you are required to provide the information to us. Information collected by us In the course of your registration as a client, signing up for a demo or a live account with CortanaWorldBroker or filling in any form on our Website, subscribing to our services, news or offers, marketing communications or posting material, the following information about you (“Your Data”) will be collected and stored for administrative, service related and/or legal purposes.
We will limit the collection of personal information to what is necessary to administer our business and carry out our regulated activities in an effort to provide you with superior service, Information that you provide to us directly: • Personal information, such as names, addresses, personal registration number, national identification number, passport number and email addresses etc (“Personal Information”), and • Financial Information, trading experience and employment information for appropriateness assessment will also be collected. However, the meaning of data “provided to” CortanaWorldBroker is not limited to this. It is also personal data resulting from observation of your activities (i.e where using a device or service). This may include: • History of website usage or search activities, details of your visits to our Website including, communication data; • Traffic and location data; • Website traffic pattern information, including IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This kind of information is only used in masked or aggregated form, which means that the individual user will not be recognisable. These data do not identify any individual. • Communications between you and CortanaWorldBroker via Live Chat, email, or telephone call. Your e-mail address may be used by CortanaWorldBroker in relation to its products and services (including any marketing campaigns related to these products or services). If you do not wish to receive such marketing material and marketing communications, you can opt-out at any time by clicking on “unsubscribe” or by sending an email stating so to email@example.com. The type of data collected and purpose of collection The type of data we collect along with the purpose for collection is listed below: Personal data type: Purpose: Personal information such as gender, name, date of birth and address To meet our anti money laundering (AML) and other regulatory AML) and other regulatory obligations in relation to Know Your Client (KYC) and client due diligence. To verify your identity using our verification processes.
Contact information (email address and phone number) In order to send you correspondence in relation to the services provided and to fulfil our regulatory and compliance obligations. Employment information, financial information In order to comply with KYC obligations and in order to meet our regulatory obligations relating to assessing the appropriateness of our products and services. Ethnicity, citizenship and social security numbers or national identity and passport In orderto comply with KYC and regulatory trade reporting and other AML obligations. Proof of photo ID, address verification In order to comply with KYC and regulatory trade reporting and other AML obligations. Unique device number (IP address) and device information including versionof web browser you use When you visit our website, navigate through the pages or fill in any forms, we may collect your unique device number or IP address in order to set up your profile. Financial sanctions and credit header information In order to perform our electronic AML screening checks and to comply with other fraud detection policies. This may generate further information on your credit history, criminal convictions or political interests leading to us making decisions based on the results of these checks. How we use your personal information We use information held about you in the following ways: • To ensure that the content in our website is presented to you in the most effective manner and to improve the content of our website; • To communicate with you and contact you and to provide you with products and services that you request from us or, where you have considered to be contacted, for products and services that we feel may be of interest to you; • Managing and administering the products and services provided to you; • Keeping you updated as a Client in relation to changes to our services and relevantmatters; • Provide, improve, test and monitor the effectiveness of our Services. • Develop and test new products and features. • Monitor metrics such as total number of visitors, traffic and demographic patterns. • Diagnose or fix technology problems. • To carry out our obligations arising from any contracts entered between you and us.
How do we respond to legal requests or prevent harm? We access, preserve and share your information with regulators, law enforcement or others by request: • We can respond to legal requests when we have a good-faith belief that the response is required by law in that jurisdiction, affects users in that jurisdiction, and is consistent with internationally recognised standards. • When we have a good-faith belief it is necessary to: detect, prevent and address fraud, unauthorised use of the services or products, violations of our terms or policies, or other harmful or illegal activity; to protect ourselves (including our rights, property or Products), you or others, including as part of investigations or regulatory inquiries; or to prevent death or imminent bodily harm. For example, if relevant, we provide information to and receive information from third-parties about the reliability of your account to prevent fraud, abuse and other harmful activity on and off our Products. Information we receive about you (including financial transaction as data related to deposits and withdrawals) can be accessed and preserved for an extended period when it is the subject of a legal request or obligation, governmental investigation, or investigations of possible violations of our terms or policies, or otherwise to prevent harm. We also retain information from accounts disabled for terms violations for at least a year to prevent repeat abuse or other term violations. Your rights Under the General Data Protection Regulation you have a number of important rights if you are resident within the European Union. In summary, those include rights to: • Fair processing of information and transparency over how we use your use personal information, • The right to access personal data: via a Subject Access Request. Your request should be made in writing to firstname.lastname@example.org. • We may ask you for proof of identity before providing you with the data. There is usually no charge for such requests, however in limited circumstances we may be able to charge an administrative fee (and we will inform you in response to your request if that is the case). • The right to request that your personal data is corrected if it is found to be inaccurate: require us to correct any mistakes in your information which we hold. • The right to request that your personal data is erased where it is no longer necessary. In some circumstances this right may not apply e.g. if there is some other compelling reason for us to keep or process your data (and we will inform you in response to your request if that is thecase). • Right to data portability: to receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party (another controller) in certain situations. • The right to withdraw consent to processing at any time, where relevant i.e. where we are relying on your consent to process the data and not another legal reason for processing.
The right to object at any time to processing of personal information concerning you for direct marketing. • The right not to be subject to a decision which is based solely on automated processing, including profiling which produces legal effects concerning them or significantly affectsthem. • The right to object in certain other situations to our continued processing of your personal information. • Otherwise restrict our processing of your personal information in certain circumstances If you would like to exercise any of those rights, please: • email to us at email@example.com • let us have enough information to identify you (eg account number, username, registrationdetails), • let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill), and • let us know the information to which your request relates, including any account or reference numbers, if you have them. If you would like to unsubscribe from any emailing or any marketing communications you can also click on the ‘unsubscribe’ button at the bottom of the email or by sending an email at firstname.lastname@example.org stating so. Legal basis for processing personal data Reasons we can collect and use your personal information: Lawful basis for processing under EU data protection law, there must be a lawful basis for all processing of personal data (unless an exemption or derogation applies). We rely on: • Contractual necessity Processing is necessary for the performance of a contract with the data subject or to take stepsto enter into a contract to conduct regulated activities, when processing is necessary for the entry into, or performance of contract with the data subject or in order to take steps at this or her request prior to the entry into a contract. • Compliance with legal obligations Processing is necessary for compliance with our legal obligation. CortanaWorldBroker has the necessity for compliance with a legal obligation. • Legitimate interest Data will only be processed where it is necessary for the purposes of the legitimate interests pursued by CortanaWorldBroker, and these interests or fundamental rights are not overridden by the interests, rights and freedoms of the data subject and that the processing would not cause unwarranted harm. For instance, it is a legitimate interest of CortanaWorldBroker to process personal data on data subjects in order to expand the business, develop new business relations prevention of fraud, maintaining the security of our systems if/when necessary, enhancing, modifying or improving our services. The data subject must be given information on the specific legitimate interest if a processing is based on this provision.