December 19, 2018
BY USING OUR WEBSITES, PRODUCTS AND SERVICES, YOU CONSENT TO THE COLLECTION, USE AND TRANSFER OF YOUR PERSONAL DATA FOR PROCESSING AS DESCRIBED IN THIS PRIVACY NOTICE.
WHO IS RESPONSIBLE FOR YOUR PERSONAL INFORMATION?
AMP is responsible for the Personal Information that we may collect in the manner discussed below. In some instances, your Personal Information will be controlled by more than one AMP Entity [AMP Global Clearing LLC, (USA) 221 N. LaSalle Street, 25th Floor, Chicago, IL 60601, and AMP Global LTD [“AMP Global (Europe)], a Private Limited Company with registered office address, Modestou Panteli 4; 4003, Limassol; (together, the “AMP Global Entities”)].
AMP is committed to protecting your personal information and respects its’ clients’ expectations on privacy and confidentiality.
This Privacy Notice is issued on behalf of AMP which is responsible for protecting your Personal Data. This Privacy Notice aims to give you information on how AMP collects and processes your Personal Data through your use of this website or through the AMP Client Portal, including any data you may provide when you use and/or purchase a product or service. We will not share nonpublic information about you (“information”) with third parties outside of AMP, if any, without your consent, except for the specific purposes described below. This Privacy Notice describes the information we may gather and the circumstances under which we may share it. AMP respects your privacy and is committed to protecting your Personal Data. This Privacy Notice will inform you of how we use your Personal Data; and tell you about your privacy rights and how the law protects you.
A Glossary has been provided to help you understand the meaning of some of the terms used in this Privacy Notice.
Third-party links– This website may include links to unaffiliated third-party websites and applications. In addition, you may be able to communicate with us using chatbots that are hosted by third-party service providers and which may be offered as part of third-party software applications (such as social media platforms). Clicking on those links or enabling or using those connections and services may allow unaffiliated third parties to collect or share data about you. We do not control these third-party websites or services and are not responsible for their privacy statements. When you leave our website, we encourage you to read the Privacy Notice of every website or platform you visit or use and manage the privacy settings in your web browser or mobile device as you deem appropriate.
As part of our day-to-day business we need to collect personal information from our customers and potential customers to ensure that we can meet their needs and provide them with information about our services. By entrusting us with Your Information, we would like to assure you of our commitment to keep such information private. We have taken measurable steps to protect the confidentiality, security and integrity of Your Information.
This policy outlines how we manage your personal information supplied to us by you or a third party in connection with our provision of services to you or which we collect from your use of our services and/or website(s). It also states your rights in respect of our processing of your personal information and tell you about your privacy rights and how the law protects you.
If you are a natural person, AMP is the personal data controller of your personal data in relation to the processing activities which your personal data undergo as stated further below.
WHAT IS THE PURPOSE OF THIS PRIVACY NOTICE?
This policy statement aims to give you information on how AMP collects and processes your personal data through your use of this website, including any data you may provide through this website when you purchase a product or service as per the Client Agreement.
This website is not intended for children and we do not knowingly collect data relating to children.
It is important that you read this policy statement together with any other policy statement or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This policy statement supplements the other notices and is not intended to override them.
If you have any questions about this policy statement, including any requests to exercise your legal rights, please contact AMP Compliance using the details set out below.
Full name of legal entity: AMP Global Clearing LLC
Email address: email@example.com
Postal address: 221 N. LaSalle Street, 25th Floor, Chicago, IL 60601, United States
Telephone number: +1 312-893-6400
We may modify or amend this policy statement from time to time. We will notify you appropriately when we make changes to this privacy statement. We do however encourage you to review this statement periodically so as to be always informed about how we are processing and protecting your personal information.
It is important that the personal data we hold about you is accurate and current. Please keep us informed if your personal data changes during your relationship with us.
WHAT KIND OF PERSONAL DATA IS COLLECTED BY AMP?
When You Visit our Websites – You are free to explore the Websites without providing any Personal Information about yourself. When you visit the Websites or register for either Free Demo Account or Live Trading Account, we request that you provide Personal Information about yourself, and we collect Navigational Information.
“Personal Information” – This refers to any information that you voluntarily submit to us and that identifies you personally, including contact information, such as your name, e-mail address, company name, address, phone number, and other information about yourself or your business. Personal Information can also include information about any transactions, both free and paid, that you enter into on the Websites, and information about you that is available on the internet, such as from Facebook, LinkedIn, Twitter and Google, or publicly available information that we acquire from service providers.
Personal Information also includes Navigational Information or Payment Information where such information can directly or indirectly identify an individual. Navigational information refers to information about your computer and your visits to this website such as your IP address, geographical location, browser type, referral source, length of visit and pages viewed. Payment information includes We collect and process payment information from you when you transfer and withdrawal funds using the Client Portal.
Log Files – When you use our services or view content provided by us, we automatically collect information about your computer hardware and software. This information can include your IP address, browser type, domain names, internet service provider (ISP), the files viewed on our site (e.g., HTML pages, graphics, etc.), operating system, clickstream data, access times and referring website addresses. This information is used by AMP for business intelligence. For these purposes, we do link this automatically-collected data to Personal Information such as name, email address, address, and phone number.
Information we collect from third parties – From time to time, we may receive Personal Information about you from third party sources including trading platforms or other industry participants with which we offer co-branded services or engage in joint marketing activities, and publicly available sources such as social media websites.
Information About Children – The AMP Website and Services are not intended for or targeted at children under 18, and we do not knowingly or intentionally collect information about children under 18 If you believe that we have collected information about a child under 18, please contact us, so that we may delete the information.
If you decide to apply to open an account with us and hence become our Client there is certain information that we will require from you in order to do so. We may collect Your Information directly from you (in your completed Account Opening Application Form or other way, whether this is done in writing or electronically) before you become our Client or from other persons including, for example, credit reference agencies, fraud prevention agencies, banks, other financial institutions, third authentication service providers and the providers of public registers. This information includes but is not limited to personal details such as name, address, date of birth, tax identification details, contact details, payment details, including credit card, debit card and bank account details, and other necessary financial information such as information about your income, wealth, assets and personal investment preferences and targets which we are required to obtain by law.
During the normal conduct of the business with a client AMP may also collect information regarding transactions with and through AMP including a customer’s trading and margin call history, information received by AMP from key partner organizations such as exchanges, regulatory agencies, trading software, and consumer reporting agencies, and/or a customer’s use of the various services and products provided by or through AMP.
From time to time we may also request further information to help us improve our Service to you (if you are our Client) or our activities (if you are our Provider for Trading Data) under our relevant Agreement, as the case may be, or comply with Applicable Regulations.
When you access our Website, we collect information that your browser sends whenever you visit the Website or an online service (“Log Data”). This Log Data may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to the Site and information you search for on the Site. In addition, if you access the Website via a mobile device, we may collect a PushID, subject to your consent as indicated by you in the mobile application, and a Mobile IP.
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data).
We may collect, use, store and transfer different kinds of personal data about you which we have grouped together follows:
- Identity Dataincludes first name, maiden name, last name, proof of identity, username or similar identifier, marital status, title, date and place of birth and gender, country of residence and citizenship.
- Contact Dataincludes billing address, delivery address, email address and telephone numbers proof of address.
- Professional Dataincludes level of education, profession, employer name, work experience in Futures/Forex/CFD’s, information on Client’s experience, knowledge in financial industry and risks.
- Tax Datainclude country of tax residence and tax identification number.
- Financial Dataincludes annual income, net worth, source of funds, anticipated account turnover, bank account, bank statements, payment card details and copies, E-wallet information.
- Transaction Dataincludes details about payments to and from you and other details of products and services you have purchased from us, deposit methods, purpose of transactions with us.
- Technical Dataincludes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access this website.
- Profile Dataincludes your username and password, purchases or orders made by you, your interests, preferences, feedback and survey responses.
- Usage Dataincludes information about how you use our website, products and services.
- Geo-location Dataincludes information about your geographic location based on internet protocol address
- Marketing and Communications Dataincludes your preferences in receiving marketing from us and our third parties and your communication preferences.
- Background Information Data includes information derived from third-party due diligence screening services using Personal Data provided by you with the intent of combating money laundering and fraud
We also collect, use and share Aggregated Data such as statistical or demographic data for business purposes. Aggregated Data is not protected under the law as this data does not personally identify you in any manner. As an example, we may aggregate your Usage Data for marketing purposes to calculate the percentage of users accessing a specific feature. However, if we combine or connect Aggregated Data with your Personal Data so that it can directly or indirectly identify you, we treat the combined data as Personal Data, which will be used in accordance with this Privacy Notice.
We may also collect, store and use the following more sensitive types of personal information:
- Information about criminal convictions and offences.
We need to collect your personal data as part of statutory obligations or as part of the contractual arrangements we have with you. If you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. In this case, we may have to cancel the agreement you have with AMP. If this is required, we will notify you.
HOW DOES AMP COLLECT YOUR PERSONAL DATA?
We use different methods to collect data from and about you, including through:
- Direct interactions. You may give us your Identity, Contact and Financial Data by filling in the required registration forms in our Website or by corresponding with us by phone, email or otherwise. This includes personal data you provide when you:
- apply for Live or Demo trading account;
- make a request under the Agreement,
- create an account on our website;
- subscribe to any our free offers, services or publications;
- request marketing to be sent to you;
- enter a competition, promotion or survey; or
- give us some feedback.
- Third parties or publicly available sources. We may receive Personal Data about you from various third parties and public sources to help us provide and/or improve products and services as well as for marketing. We may verify information provided by you or obtain additional information from consumer or investigative reporting agencies or public sources. For example, we may use your Identity Data in order to confirm that you are not included on any blocked persons lists in order to comply with Know Your Customer (“KYC”), economic sanctions, anti-terrorist financing and anti-money laundering laws. We use third-party due diligence screening services for such confirmations, which screen Identity Data against publicly available sources. We may combine your Personal Data with data we obtain from our services, other users or third parties to enhance your experience and improve the services. These sources may include analytical providers, advertising networks and search information providers, such as:
- Technical Data from analytics providers such as [Google] based outside of EU;
- Identity and Contact Data from individual and publicly availably sources, such as Experian and Regulatory Data Corp based in the US.
WHEN DOES AMP DISCLOSE YOUR DATA?
Under the Agreement between us, we have the right to disclose Your Information (including recordings and documents of a confidential nature, card details) in certain circumstances. According to the Agreement between us, Your Information may be disclosed:
- where required by law or a court order by a competent Court;
- where requested by our regulators (the National Futures Association, and the Commodity Futures Trading Commission) or any other regulatory authority having control or jurisdiction over us or you or our associates or in whose territory we have Clients or Providers, as applicable;
- to relevant authorities to investigate or prevent fraud, money laundering or other illegal activity;
- a Broker or Execution Venue so as to execute your Instructions or Orders and for purposes ancillary to the provision of our Services to you as our Client;
- to credit reference and fraud prevention agencies, third authentication service providers, banks and other financial institutions for credit checking, fraud prevention, anti-money laundering purposes, identification or due diligence checks of you. To do so they may check the details you supplied against any particulars on any database (public or otherwise) to which they have access. They may also use your details in the future to assist other companies for verification purposes. A record of the search will be retained by us;
- to our professional advisors provided that in each case the relevant professional shall be informed about the confidential nature of such information and commit to the confidentiality herein obligations as well;
- to other service providers who create, maintain or process databases (whether electronic or not), offer record keeping services, email transmission services, messaging services or similar services which aim to assist us collect, storage, process and use Your Information or get in touch with you or improve the provision of our Services or activities under the Agreement between us;
- to a Trade Repository or similar;
- to other service providers for statistical purposes in order to improve our marketing, in such a case, the data will be provided in an aggregate form;
- to market research call centers that provide telephone or email surveys with the purpose to improve our Services or activities, but only contact details;
- where necessary in order for us to defend or exercise our legal rights to any court or tribunal or arbitrator or Ombudsman or governmental authority, as the case may be;
- at your request or with your consent;
- to our employees so as to exercise their duties to further the Agreement between us, or to assure the efficient functioning of our service functions.
- information to third parties for the purposes of collecting debts, enforce AMP’s legal rights and/or otherwise protect AMP’s interests and property.
In addition, we may disclose Personal Data to affiliated and non-affiliated third-party service providers:
- to enable them to provide business services for us, if any, such as performing computer-related or data maintenance or processing services,
- to facilitate the processing of transactions requested by you,
- to assist us in offering products and services to you or to assist AMP firm(s), if any, in offering products and services to you, or
- for credit or other background review and reporting purposes.
Where you are a natural person and our use of your personal information requires your consent, we will request you to provide your consent freely, specifically, after being informed and unambiguously by a statement or by a clear affirmative action, signifying your agreement to the processing of personal data relating to you. we will require you to provide your consent in an intelligible and easily accessible form, using clear and plain language In such a case, we will maintain records of you having provided your consent.
AMP does not sell customers’ personal information to third parties. Further, AMP does not share customers’ personal information with third parties outside of the normal course of its business without first providing notification to customers, providing an opportunity to opt out. Entities that AMP may share customer information with include but are not limited to:
- Intermediaries and service providers such as exchanges, clearinghouses, futures commission merchants, law firms, accounting firms, compliance firms;
- Government agencies, self-regulatory organizations, regulatory bodies and/or law enforcement.
We may have to share your personal data with the parties set out below for the purposes set out in the table below.
- External Third Parties as set out in the Glossary of Specific Terms.
- Specific third parties listed in the Glossary of Specific Terms.
- Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use your personal data in the same way as set out in this policy statement.
In the event that AMP elects to share customer information with third parties, AMP requests and obligates such third parties to keep customer information confidential and to limit use of such information to the sole purpose of providing the services requested by AMP. AMP has prudent procedures in place to ensure that all customer information is kept confidential and treated respectfully. AMP is committed to protecting the privacy of its customers at all times.
HOW DOES AMP USE YOUR PERSONAL DATA?
- where we need to perform the contract, we are about to enter into or have entered into with you or where we require to improve your browsing experience by personalizing the Websites and to improve the customer experience;
- where it is necessary for our Legitimate Interests (or those of a third party) and your interests and fundamental rights do not override those interests.
- where we need to comply with a legal or regulatory obligation.
- where you have given your consent (including by your agreement to this Privacy Notice).
- send information or content to you which we think may be of interest to you by post, email, or other means and send you marketing communications relating to our business;
- promote use of our services to you and share promotional and information content with you in accordance with your communication preferences;
We may, from time to time, contact you on behalf of external trading services about a particular offering that may be of interest to you. In those cases, we do not transfer your Personal Information to the third party.
Public Forums – We offer publicly accessible message boards, blogs, and community forums. Please keep in mind that if you directly disclose any information through our public message boards, blogs, or forums, this information may be collected and used by others. We will correct or delete any information you have posted on the Websites if you so request, as described in “Opting Out and Unsubscribing” below.
We will use, store, process and handle Your Personal Information (in case you are a natural person) in connection with the furthering of the Agreement between us, in accordance to the Processing of Personal Data (Protection of the Individual) Law of 2001, as amended or replaced from time to time.
We also use Your Information generate by your use of our website in order to (i) monitor and analyze use of the website and for the technical administration of the website, (ii) improve the website, (iii) generate and derive useful data and information concerning the interests, characteristics, use and behavior of our visitors.
We may use personal information for the following purposes:
- To verify your identity
As part of the Know Your Customer regulatory obligations, in order to open an account with AMP and benefit from our services, and/ or receive information about our services, you will need to verify you identify. Such information shall also be used by us for the purpose of effectively managing your account as to ensure that you are getting the best possible service from us. This may include third parties carrying out credit or identity or checks on our behalf.
- To provide you with products and services, or information about our products and services, and to review your ongoing needs
We will need to use your personal information to perform our services and comply with our obligations to you (such shall be done following the account opening, or once you subscribe to our website or webinars). We shall also ensure that we are providing the most appropriate products and services by periodically reviewing your needs.
- To help us improve our products and services
As to ensure that we provide you with the best products and services we can we may from time to time use personal information provided by you through your use of the services and/or through customer surveys to help us improve our products and services.
- To investigate or settle enquiries or disputes
As to ensure that issues and/or disputes get investigated and resolved as quickly and efficiently as possible we may need to use personal information collected from you.
- To comply with applicable law, court order, other judicial process, or the requirements of any applicable regulatory authorities
We cooperate with government and law enforcement officials and private parties to enforce and comply with the law. We may need to use your personal information to comply with applicable law, court order or other judicial process, or the requirements of any applicable regulatory authority.
- Data analysis
Our web pages and e-mails may contain web beacons or pixel tags or any other similar type of data analysis tools which allow us to track receipt of correspondence and to count the number of users that have visited our webpage or opened our correspondence. Where your personal information is completely anonymized, we do not require a legal basis as the information will no longer constitute personal information. However, where your personal information is not in an anonymized form, we shall continually evaluate that personal information to ensure that the products and services we provide are relevant to the market.
- Marketing by us
We may use your personal information to send you marketing communications by email or phone or other agreed forms (including social media campaigns) to ensure that you are always kept up to date with our latest products and services.
- Internal business purposes and record keeping
We may need to process your personal information for internal business and record keeping purposes. Such processing is required in order to comply with our legal obligations. This may include any communications that we have with you in relation to the services we provide to you and our relationship with you. We will also keep records to ensure that you comply with your obligations under any contract you have entered into with us.
- Corporate restructuring
We may sell, transfer or otherwise share some or all of our assets, including among others your Personal Information and Log Data, in connection with a merger, acquisition, reorganization or sale of all or substantially all of our shares or assets, or in the event of our bankruptcy.
If you enter any of our premises we may record your image on our CCTV for security reasons. We may also take your details to keep a record of who has entered our premises on any given day.
We have set out below, in a table format, a description of all the ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact AMP Compliance if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To register you as a new customer||(a) Identity Data
(b) Contact Data
c) Financial Data
d) Professional Data
e) Tax Data
|Performance of a contract with you
Compliance with legal obligations
|To process and deliver your order including:
(a) Manage payments, fees and charges
(b) Collect and recover money owed to us
|(a) Identity Data
(b) Contact Data
(c) Financial Data
(d) Transaction Data
(e) Marketing and Communications Data
(f) Geo-location Data
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests (to recover debts due to us)
|To manage our relationship with you which will include:
(b) Asking you to leave a review or take a survey
|(a) Identity Data
(b) Contact Data
(c) Profile Data
(d) Marketing and Communications Data
|(a) Performance of a contract with you
(b) Necessary to comply with a legal obligation
(c) Necessary for our legitimate interests (to keep our records updated and business intelligence)
|To enable you to participate in a prize draw, competition or complete a survey||(a) Identity Data
(b) Contact Data
(c) Profile Data
(d) Usage Data
(e) Marketing and Communications Data
|(a) Performance of a contract with you
(b) Necessary for our legitimate interests (business intelligence)
|To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data)||
(a) Identity Data
(c) Technical Data
(d) Geo-location Data
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud)
(b) Necessary to comply with a legal obligation
|To deliver relevant website content and advertisements to you and measure or understand the effectiveness of the advertising we serve to you||(a) Identity Data
(b) Contact Data
(c) Profile Data
(d) Usage Data
(e) Marketing and Communications Data
(f) Technical Data
|Necessary for our legitimate interests (business intelligence)|
|To use data analytics to improve our website, products/services, marketing, customer relationships and experiences||(a) Technical Data
(b) Usage Data
|Necessary for our legitimate interests (business intelligence)|
|To perform automated decision in order to identify your knowledge and experience in Forex industry and to identify your risk profile (Appropriateness and Suitability Test)||(a) Identity Data
(b) Financial Data
(c) Professional Data
|Necessary to comply with a legal obligation|
|To make suggestions and recommendations to you about goods or services that may be of interest to you||(a) Identity Data
(b) Contact Data
(c) Technical Data
(d) Usage Data
(e) Profile Data
|Necessary for our legitimate interests (business intelligence)|
|Why can’t I limit all sharing||Federal Law gives you the right to limit only
· sharing for affiliates everyday business purposes – information about your creditworthiness
· affiliates from using your information to market to you
· sharing for nonaffiliates to market to you
State laws and individual companies may give you additional rights to limit sharing
Disclosure of the data and limiting rights
|Reasons||Does AMP share?||Can customer limit the sharing?|
|Process transactions, maintain customer’s account(s), respond to court orders, subpoenas, legal investigations, or report to credit bureaus.||Yes||No|
|To offer our products and services to customer||Yes||No|
|For joint marketing with other companies||No||Not applicable|
|For affiliates’ everyday business||Yes||No|
|For non-affiliates to market to customer||No||Not applicable|
Your Information (not in the public domain or already possessed by us without a duty of confidentiality) which we hold is to be treated by us as confidential and will not be used for any purpose other than in connection with the provision, administration and improvement of our Services to you or the furthering of our Agreement between us, establishing and managing your account or a relationship between us, reviewing your ongoing needs, enhancing customer service and products, giving ongoing information or opportunities that we believe may be relevant to you, improving our relationship, anti-money laundering and due diligence checks, for research and statistical purposes and for marketing purposes (according to the Agreement between us), as applicable.
We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising.
We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you.
Promotional (sometimes referred to as “Marketing”) offers from us - You will receive marketing communications from us if you have requested information from us or used one of our Free Demo Accounts or Open Live Account or if you provided us with your details when you entered a competition or registered for a promotion and, in each case, you have not opted out of receiving that marketing.
Can you Opt-Out of AMP Marketing?
Yes. You can ask us to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on the bottom of any marketing message sent to you or by contacting AMP Compliance at any time.
Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of submitting a Live Trading Account Application, providing us a product/service experience feedback or other transactions.
What Cookies and Similar Technologies are used by AMP?
Flash Cookies and Other Third Party Tracking Technologies – The Adobe Flash Player (and similar applications) use technology to remember settings, preferences and usage similar to browser cookies but these are managed through a different interface than the one provided by your Web browser. This technology creates locally stored objects that are often referred to as “Flash cookies.”
RISK AND IMPACT ASSESMENT
The following table describes the risk and impact assessment of confidential information in AMP’s possession:
|Risk and Nature of Impact||Likelihood of harm||Severity of harm||Overall risk|
|Data breach by hacking||Low||High||Medium|
|Data breach by AMP’s employee negligence||Low||High||Medium|
The following table describes the steps taken to reduce or eliminate risks
|Risk||Steps taken to reduce the risk||Effect of the steps taken||Residual Risk|
|Data breach by hacking||AMP’s data is secured by various techniques including encryption. AMP tests its security by means of penetration tests, and follows up with recommended steps to enhance its cybersecurity||These steps have significantly reduced the likelihood of a hacking incident at AMP||Medium|
|Data breach by AMP’s employee negligence||AMP’s workforce is made up of industry experienced veterans.
Even when a new employee is hired, AMP’s trains its new employee expediently in Cybersecurity.
AMP retains the services of well reputed educators and professionals to train all of its employees every year in matters of Cybersecurity.
Supervision by managers and senior officers.
|These steps have significantly reduced the likelihood of a negligent incident at AMP||Medium|
CAN THE DATA BE USED FOR ANOTHER PURPOSE?
Yes. We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact AMP Compliance.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
ARE THERE INTERNATIONAL TRANSFERS OF DATA?
We may transfer your personal information outside the European Economic Area. If we will make such a transfer, we will ensure that the transfer is lawful and that there are appropriate security arrangements in place to safeguard your personal data as provided by Applicable Regulations. Some of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Please contact AMP Compliance if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.
ARE THERE SECURITY MEASURES IN PLACE?
Yes. AMP has put in place appropriate security measures to protect the security of its’ Client’s personal data and prevent any unauthorized or unlawful processing, accidental loss, destruction, alteration, disclosure or damage on Client’s personal data. AMP implements appropriate technical and organizational measures such as network traffic encryption (SSL), data encryption, two-factor authentication, access management procedure, business continuity and disaster recovery, IT systems risk assessment, physical and logical access segregation, process in case of personal data breach policy etc.
AMP limits access to the Client’s personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process the Client’s personal data on AMP instructions and they are subject to a duty of confidentiality.
Details of these measures are available upon request. In addition, AMP, has put in place procedures to deal with any suspected data security breach and will notify the Client and any applicable regulator of a suspected breach where AMP is legally required to do so.
While we will use all reasonable efforts to safeguard your information, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data transferred from you, or to you via the internet.
IS AMP REQUIRED TO PERFORM APPROPRIATENESS TEST?
Yes. In order to perform the contract between us and to assess your knowledge and experience, your financial situation and investment objectives and your risk profile.
We fulfil the above requirements through the following tools:
Appropriateness Test: it takes place when you apply to register as client of AMP. Hence, we need to check and ensure that you are suitable for the provision of AMP’s services and products by taking an appropriateness test in regard to your knowledge, financial background and experience in regard to financial services. Based on the scoring you receive, you will be informed whether you are eligible to become our client and the maximum level of leverage you are eligible for. The reason for assessing your appropriateness is to enable AMP to offer to you services suitable to you and act in the client’s best interest.
The scorings above are monitored by AMP Compliance and you may see your results and an explanation of the scoring or to challenge the decision by contacting AMP Compliance. During these processes, AMP takes all the technical and operational measures to correct inaccuracies and minimize the risk of errors, to prevent any discrimination and to secure personal data of the client.
DOES AMP RECORD AND MONITOR ALL TYPES OF OUR CUSTOMER COMMUNICATION CHANNELS?
Yes. AMP internally records and monitors phone, e-mail, and instant messaging lines. AMP additionally monitors and records its social media accounts as well as the social media accounts of its associated persons.
Please be reminded that internal supervisory monitoring and recordkeeping plays an important role in ensuring effective consumer protection. Information obtained as a result of AMP’s phone, e-mail, instant messaging, and social media recording and monitoring program is kept strictly confidential and not shared with any third parties, unless otherwise required by law. Please also be reminded that by contacting AMP by phone, e-mail, instant messaging, or social media, you consent to AMP’s ability to record and monitor your correspondence with AMP internally.
HOW LONG WILL YOU USE MY PERSONAL DATA FOR?
In many cases, information must be kept for considerable periods of time. Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information. Under applicable regulations, we will keep records containing Client personal data, trading information, account opening documents, communications and anything else which relates to the Client for at least five years after termination of the Agreement between us. In any event, we will keep your information for the duration of applicable period as required by law at a minimum. If you are our client, we will store recordings of our telephone conversations and communication with you as well as internal communications which relate to your affairs and/or transactions with us and/or your orders to us, for at least a period of up to five years as required by applicable regulations.
To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us by contacting AMP Compliance.
DO YOU HAVE LEGAL RIGHTS TO YOUR DATA?
- Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you.
- Rectification of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected. If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If you ask us, where possible and lawful to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.
- Objection to the use of your personal data where we rely on a legitimate interest (or that of a third party) but a particular situation, specific to you, makes you object to the processing of your data on the ground that it impacts on your fundamental rights and freedoms. You can ask us to stop processing your personal information, and we will do so, except if we can demonstrate compelling legal grounds for the processing.
- Processing Restrictions of your personal data. You can ask us to ‘block’ or suppress the processing of your personal information in certain circumstances such as where you contest the accuracy of that personal information. However, it will not prevent the storing of your personal information .We will tell you before we lift any restriction. If we have shared your personal information with others, we will let them know about the restriction where possible. If you ask us, where possible and lawful to do so, we will also tell you who we have shared your personal information with so that you can contact them directly.
- Right to withdraw consent where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent. Withdrawal of consent will not require us to delete your personal information for the reasons discussed above.
In addition to the enumerated rights above, you have the right to lodge a complaint with a regulatory authority, you consider that the processing of Personal Data relating to you infringes upon your right to data protection and privacy.
We would, however, appreciate the chance to deal with your concerns before you approach a supervisory authority, so please contact AMP Compliance in the first instance, regard to all issues related to our processing of Personal Data.
No fee usually required - You will usually not have to pay a fee to access your Personal Data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under these circumstances.
IS THERE AN EXPECTED TIME PERIOD TO RECEIVE RESPONSE?
We try to respond to all legitimate requests within one month. Occasionally it may take us longer, if your request is particularly complex or you have made a multiple number of requests. In this case, we will notify you and keep you updated.
IS THERE PERSONAL DATA BREACH PROTECTION?
We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so. If you require further information on how we deal with a Data Breach, please contact AMP Compliance.
HOW WILL AMP CONTACT YOU?
We may, for the purpose of administering the terms of our Agreement between us or for marketing purposes to bring to your attention products or services that may be of interest to you or to conduct market research., from time to time, make direct contact with you by telephone, email, SMS or post.
GLOSSARY OF SPECIFIC TERMS
“Comply with a legal or regulatory obligation”: means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.
“Legitimate Interest”: shall mean the interest of our business in conducting and managing our business to enable us to give you the best service/product and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting AMP Compliance.
“Performance of Contract”: means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
“Personal data breach”: means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to, personal data transmitted, stored or otherwise processed;
“Profiling”: means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to a natural person, in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health, personal preferences, interests, reliability, behavior, location or movements;
Non-Affiliate (or similar terminology) means an entity that is not related by direct ownership or control to AMP and its subsidiaries. Such companies can engage in financial services or other areas of business. Current law allows you to limit the sharing of information with nonaffiliated third parties under certain circumstances. Since we do not currently share your information with nonaffiliated third parties, other than as described in this policy, there is no need for you to opt out. Non-affiliates may include service providers who provide IT system and administrative, Anti-Money Laundering, Fraud Prevention and Compliance services. Non-affiliates also include professional advisers that may act as processors or joint controllers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services. Additionally, non-affiliates include regulators and other authorities who require reporting of processing activities in certain circumstances.
Affiliate (or similar terminology) means an entity that is directly related by ownership or control to AMP and its subsidiaries. Such companies can engage in financial services or other areas of business. Current law allows you to limit the sharing of certain information among our affiliates, including creditworthiness information and, under some circumstances, information for marketing products and services to you. We currently do not share creditworthiness information with our affiliates, so it is not necessary for you to opt out in that regard. Sometimes we do share your information between and among our affiliates for marketing offers that relate to products and services we believe could enhance or improve your experience as our customer. You may ask us not to share your information, for marketing purposes, with any AMP affiliate with whom you do not do business by following the opt-out procedure described in the Privacy Notice
“Third Parties”: shall mean external third parties and specific third parties.
As External Third Parties we shall mean:
- Service providers [acting as processors] based in EU such as IT and system administration services.
- Professional advisers [acting as processors or joint controllers] including lawyers, bankers, auditors and insurers based in EU and in the European Union in general who provide consultancy, banking, legal, insurance and accounting services.
- Regulators and other authorities [acting as processors or controllers] based in the EU and other authorities and regulators in the European Union who require reporting of processing activities in certain circumstances.
Maintenance of confidentiality
Paper documents: AMP stores all paper documents in a secure location
Electronic information: AMP uses secure, password protected computers to store data. AMP’s customer portal and emails are encrypted.
Who has access: Customer information is only accessible on a need to know basis to AMP employees
Protection against unauthorized access: AMP has a secure office, password protected computers and encrypted portal to protect against unauthorized access.
WHAT TO DO IF YOU HAVE QUESTIONS?
If you have any questions which have not been covered in this Policy Statement, or any further concerns regarding the use of Personal Data, please do not hesitate to contact AMP Compliance at firstname.lastname@example.org or call 312 893 6400.