Privacy Notice
Privacy Shield Notice
Privacy Notice for California Residents
Privacy Notice
Effective Date: 1 June 2018 Associated Foreign Exchange, Inc. and its affiliates and subsidiaries in the European Economic Area (EEA) and Switzerland are hereby collectively referred to as “AFEX” or the “Company.” This Privacy Policy applies to AFEX websites, as well as your use or access of any of our online services, content and other online programs that we offer with our partners and link to this Policy. This Privacy Policy describes how AFEX collects, uses, shares and secures the personal information you provide. It also describes your choices regarding use, access and correction of your personal information. Glossary
Notice of Information: We Collect, How We Use It and How You Control It Safeguarding customer’s personal information and using it in a lawful manner, consistent with customer‘s expectations is a cornerstone of AFEX’s customer relationships. To do so, AFEX has put in place a privacy policy that sets forth principles and requirements governing the collection, usage, retention, disclosure and disposal of customer’s information (the "Policy"). This Policy is based on current laws and regulations. AFEX will comply with any obligations or standards that may be imposed by any new laws and regulations. At AFEX, we are committed to safeguarding your privacy. We want you to know how we may collect, use, share, secure, and keep information about you, and the choices that are available to you regarding use, access and correction of your personal information. When we provide AFEX products or services to you, we may also give you specific additional details about how we will use your personal information. Since we may change this online privacy statement, we recommend that you check the current version available from time to time. If we make changes to this statement, we will update the “Effective Date” at the top of this page. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective. Our websites are not intended for children under 18 years of age. We do not knowingly solicit data online from, or market online to, children under 18 years of age. What information does this online privacy policy cover? This online Privacy Policy describes how AFEX may collect, use, share, secure, and keep information that we get about you online. We gather Online Information if you:
In this Policy, we also explain how we may combine Online Information with Other Information and how we then use the combined information. AFEX may use the information provided by customers for one or more of the following purposes:
What information do we collect online and how do we collect it? The types of information we collect depends on which product or service you use. Sometimes you give information directly to us (or to our Service Providers). For example, you might give us your name, email, mailing address, phone number, national insurance number or social security number, driver license number or date of birth when you:
We may also collect from you the following personal information about your contacts:
When you provide us with personal information about your contacts, you are responsible for informing your contact about it. If you provide us personal information about others, or if others give us your information, we will only use that information for the specific reason for which it was provided to us. If you believe that one of your contacts has provided us with your personal information and you would like to request that it be removed from our database, please contact us at compliance.us@afex.com. As is true of most websites, we gather certain information automatically. We (and our Service Providers or Third-Party Ad-Servers) collect information through Cookies and Similar Technologies. Most Cookies and Similar Technologies will only collect De-Identified Information such as how you arrive at our website or your general location. However, certain Cookies and Similar Technologies do collect Personal Information. For example, if you click Remember Me when you log in to our website, a cookie will store your username. We (and our Service Providers or Third-Party Ad-Servers) use these cookies or similar technologies to analyze trends, administer the website, track users’ movements around the website, and to gather demographic information about our user base as a whole. AFEX (and our Service Providers or Third-Party Ad-Servers) may collect information using Cookies and Similar Technologies about:
We (and our Service Providers or Third-Party Ad-Servers) may also collect information made publicly available through third-party platforms (such as online social media platforms), through online databases or directories, or that is otherwise legitimately obtained. This helps us to confirm your identity when you open an account, determine credit worthiness, update, expand and analyse our records, identify new customers, and provide products and services that may be of interest to you. . Examples of the types of personal information that may be obtained from public sources or purchased from third parties and combined with information we already have about you, may include:
How do we use the information we collect about you? We may use Online Information we collect about you on its own or combine it with Other Information to:
What is Personal Information? Personal Information is any information relating to an identified or identifiable individual*. Personal Data is any information relating to an identified or identifiable natural person. *An identifiable person is one who can be identified, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity. Personal Information includes, but is not limited to: Individual names, Tax Identification numbers, credit or debit card numbers, driver license numbers, health records when the disclosure of the information in question would reasonably be considered to be harmful or an invasion of privacy. Non-public Personal Information is any data or information considered to be personal in nature and not subject to public availability, such as: salary, national insurance number or social security numbers, bank account numbers, account balances, financial products purchased, etc. Note: Some Online Information is Personal Information. How do we treat your Personal Information? We do not share Personal Information with anyone except as described below. We may share Personal Information as required or as permitted by law, such as:
We may transfer Personal Information to Service Providers or companies within the AFEX Group of Companies throughout the world, for example, to process transactions and provide you with our products or services. Regardless of where we process your information, we still protect it in the manner described in this online privacy policy and according to the applicable laws. How we handle Aggregated Information and De-Identified Information Aggregated Information or De-Identified Information does not identify you individually; it helps us to analyze patterns among groups of people. We may share Aggregated Information or De-Identified Information in several ways, for example:
How do we keep and safeguard your information? Your information may be stored locally in a country within the EEA, Switzerland or in one of AFEX’s Data Centers located in the United States. AFEX continuously reviews and enhances AFEX's security policies and security measures to consistently maintain a high level of security. We use administrative technical and physical security measures to protect your Personal Information against loss, misuse, damage and unauthorized access, modifications or disclosures. These measures include computer safeguards and secured files and facilities, use of firewalls, encryption, and other specialized technology. If you have any questions about the security of your personal information, you can contact us at dpo@afex.com. We will keep your Personal Information only as long as we must to deliver our products and services, unless we are required by law or regulation or for litigation and regulatory investigations to keep it. What are your rights and choices? Clients You will always have a right to access, update, change, correct or delete your Personal Information, or to ask whether we hold any of your Personal Information. If you want to do so, or if you have any questions about how we process your Personal Information, you may do so by logging into your account or contacting us at dpo@afex.com. We aim to acknowledge your request as soon as possible and will address your query within one month from your request. Non-Clients AFEX acknowledges that you have the right to access your personal information. AFEX has no direct relationship with the individuals whose personal data it processes. An individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to AFEX’s Client (the data controller). If requested to remove data, we will respond within a reasonable timeframe. What are your choices about how we market to you? You can choose how you would like to receive marketing communications, including direct marketing - whether we send them to you through postal mail, email and/or telephone. If you do not consent to receive marketing communications from us, we will honor your choice. Please, be aware however, that if you choose not to receive such communications, certain offers attached to the products or services you have chosen may be affected. We will still communicate with you in connection with servicing your account, fulfilling your requests, or administering any promotion or any program in which you have elected to participate. Tell us your AFEX marketing preferences by updating your account information. You may do so by contacting your Account Executive or Account Manager. You can also tell us to stop sending you marketing emails by clicking the ‘unsubscribe’ link included at the bottom of AFEX's marketing emails. You may also send us an email to dpo@afex.com to update your marketing preference. Cookies When you use our site we may store Cookies on your computer in order to facilitate and customize your use of our site. A Cookie is a small data text file, which a website stores on your computer's hard drive (if your Web browser permits) that can later be retrieved to identify you to us. Our Cookies may store information about you, your computer, or your preferences so that you may more easily use our site. The Cookies make the site run more smoothly and help us to maintain a more secure site. You have the choice to opt out of this functionality and are always free to decline our Cookies if your browser permits, but our site may not work as effectively. Registration In order to service our customers, portions of our site may require you to submit information that is typically business related, but may be personal in certain circumstances. We will use the information you provide in the ways you would reasonably expect. You have a right to access this data and correct or remove it. The specific registration site or additional communication information provided to you will supply directions on how to correct or remove your data at your request. In all cases, you can always contact the Privacy Officer for assistance using the information below. Security We take all reasonable procedures to protect personal and identifiable information from loss, misuse and unauthorized access, disclosure, alteration and destruction. We have taken and will continue to take appropriate measures to assure the security of sensitive personal data. Any personal data transmitted to or from our website is protected by a secure socket layer (SSL) key which encrypts the data transmitted over the Internet. Password protection protocols are used on all computers. Access to servers containing private information and data is strictly limited to only our authorized personnel who have been trained to protect against loss, misuse, unauthorized access, disclosure, alteration or destruction of personal data under our control. The servers that are used to store sensitive personal information are kept in a secure, state-of-the-art environment, with security measures. Data Integrity and Purpose Limitation Personal information is limited to the information that is relevant for the purposes of processing. As previously mentioned, the information collected is only utilized for the purpose described above in the section on “Notice of Information.” Personal information is not processed in a way that is incompatible with the purpose for which it has been collected. To the extent necessary and possible, reasonable steps are taken to ensure that data and information is reliable for its intended use, accurate, complete, and current. Information Retention AFEX retains information about customers for as long as necessary to fulfill the purpose for which such information was collected or as is otherwise required under any other law for the time being in force. However, this is subject to AFEX's rights and obligations under applicable laws to ensure retention of records which may contain sensitive personal data or information. We will keep your Personal Information only as long as we must to deliver our products and services, unless we are required by law or regulation or for litigation and regulatory investigations to keep it. Onward Transfer and Liability AFEX does not sell, trade, share or rent your personal information to unaffiliated third parties. Affiliated third parties may receive your data in fulfillment of our service. We maintain specific contract agreements with these companies to ensure that they use the data only for intended purposes and protect the data as we would. If this practice were to change, we would specifically provide you with the opportunity to choose to “opt in” or “opt out” of the sharing of your data. We may be required to release personal information to third parties in response to a lawful request by public authorities, including to meet national security or law enforcement requirements. Recourse and Enforcement AFEX commits to resolve complaints about your privacy and our collection or use of your personal information. Individuals and/or citizens of a country in the EEA or Switzerland with inquiries or complaints regarding this privacy policy should first contact AFEX Compliance Department at: Associated Foreign Exchange, Inc. Compliance Department 21045 Califa Street Woodland Hills, CA 91367 Email: compliance.am@afex.com Associated Foreign Exchange Limited & AFEX Markets Plc 4th Floor, 40 Strand London, WC2N 5RW, United Kingdom Email: compliance.eu@afex.com Telephone: +44 (0)207 004 3939 Associated Foreign Exchange Ireland Limited Ground Floor Unit, 4044 Kingswood Avenue Citywest, 24 Dublin, Ireland Email: compliance.eu@afex.com Telephone: +353 1 245 7300 Associated Foreign Exchange Limited, (Spanish Branch) Sucursal en España Calle de Génova nº27, 6º 28004 Madrid, Spain Email: compliance.eu@afex.com Telephone: +34 91 794 26 00 Associated Foreign Exchange Limited, sede secondaria italiana Piazza Pio XI, 1 20123 Milano, Italy Email: compliance.eu@afex.com Telephone: +39 06 4520 7904 Associated Foreign Exchange (Schweiz) AG Stampfenbachstrasse 5 8001 Zürich, Switzerland Email: compliance.eu@afex.com Telephone: +41 (0)848 233 924 |
Privacy Shield Notice
Associated Foreign Exchange, Inc. (“AFEX”) Privacy Notice: EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (“Privacy Shield Notice”) Effective as of May 25, 2018 Privacy Shield Principles: AFEX complies with the EU-U.S. Privacy Shield Framework and Swiss-U.S. Privacy Shield Framework (collectively the “Privacy Shield Principles”) as set forth by the United States Department of Commerce regarding the collection, use, and retention of personal data transferred from the European Union and Switzerland to the United States. AFEX has certified to the United States Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms of the Privacy Shield Notice and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield Principles, and to view our certification, please visit https://www.privacyshield.gov/. Data Processed: AFEX may act as a data processor for certain data controllers residing in the European Union. AFEX adheres to the Privacy Shield Principles with respect to personal data submitted by AFEX’s customers, affiliate entities, customers of affiliate entities, or business partners for services in connection with the offering of foreign exchange and international payment solutions. AFEX may process the following types of personal data.
Purposes of Data Processing: AFEX processes personal data in order to lawfully provide foreign exchange and international payment solutions. AFEX may access the personal data to provide its services, to correct and address technical or service problems, to follow instructions of the AFEX customer who submitted the data, or in response to contractual or legal requirements. Complaints: In compliance with the Privacy Shield Principles, AFEX commits to resolve complaints about its collection or use of your personal data. Natural persons residing within the European Union or Switzerland with inquiries or complaints regarding the Privacy Shield Notice should first contact AFEX at: Attn: AFEX Data Protection Officer 21045 Califa Street Woodland Hills, California 91367 United States Telephone: +1 888 428-2339 Email: DPO@afex.com AFEX has further committed to cooperate with the panel established by the European Union data protection authorities and the Swiss Federal Data Protection and Information Commissioner with regard to unresolved Privacy Shield complaints concerning data transferred from the European Union and Switzerland. If neither AFEX nor the aforementioned panel resolves your complaint, you may have the possibility to engage in binding arbitration through the International Centre for Dispute Resolution-American Arbitration Association. Third Parties: AFEX uses third-party service providers to assist us in providing our services. These third-party providers perform database monitoring and other technical operations, assist with the transmission of data, ensure compliance with applicable anti-money laundering requirements, and provide data storage services. These third-parties may access, process, or store personal data in the course of providing their services. AFEX maintains contracts with all third-parties that restrict their access, use, and disclosure of personal data in compliance with the Privacy Shield Principles, including the onward transfer provisions, and AFEX may be liable if they fail to meet those obligations and we are responsible for the event giving rise to damage. Your Rights: Natural persons residing in the European Union and Switzerland have rights to access their personal data, and to limit use and disclosure of their personal data. With our Privacy Shield self-certification, AFEX committed to respect such rights. Enforcement: AFEX’s commitments under the Privacy Shield Principles are subject to the investigatory and enforcement powers of the United States Federal Trade Commission. Compelled Disclosure: AFEX may be required to disclose personal data in response to lawful requests by public authorities, including to meet national security or law enforcement requirements. |
Privacy Notice for California Residents
Effective Date: January 1, 2020 This Privacy Notice for California Residents supplements the information contained in the Privacy Notice of Associated Foreign Exchange, Inc. and its affiliates and subsidiaries (collectively, “AFEX” or the “Company”) and applies solely to users, clients, and others who reside in the State of California (“You”). AFEX adopts this notice to comply with the California Consumer Privacy Act of 2018 (“CCPA”). Any terms defined in the CCPA have the same meaning when used in this notice. Information AFEX Collects The Company collects information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer (“personal information”). Specifically, AFEX has collected the following categories of personal information from consumers within the last twelve (12) months:
Personal information does not include:
The Company obtains the categories of personal information listed above from the following categories of sources:
Use of Personal Information AFEX may use or disclose the personal information it collects for one or more of the following business purposes:
Sharing Personal Information The Company may disclose personal information to a third party for a business purpose. When AFEX discloses personal information for a business purpose, it enters a contract that describes the purpose and requires the recipient to both keep that personal information confidential and not use it for any purpose except performing the contract. In the preceding twelve (12) months, AFEX has disclosed the following categories of personal information for a business purpose: Category A: Identifiers. Category B: California Customer Records personal information categories. Category C: Protected classification characteristics under California or federal law. AFEX discloses your personal information for a business purpose to the following categories of third parties:
In the preceding twelve (12) months, AFEX has not sold any personal information. Your Rights and Choices The CCPA provides California consumers with specific rights regarding their personal information. This section describes rights available under the CCPA and explains how to exercise those rights. Access to Specific Information and Data Portability Rights You have the right to request that AFEX disclose certain information to You about its collection and use of your personal information over the past 12 months. Once the Company receives and confirms your verifiable request, it will disclose to You:
Deletion Request Rights You have the right to request that the Company deletes any of your personal information that it collected from you and retained, subject to certain exceptions. Once AFEX receives and confirms your verifiable consumer request, it will delete, and direct its service providers to delete, your personal information from its records, unless an exception applies. AFEX may deny your deletion request if retaining the information is necessary for AFEX or its service providers to:
Exercising Access, Data Portability, and Deletion Rights To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to AFEX by either: Calling +1 888 307 2339, or Emailing DPO@afex.com Only You or a person registered with the California Secretary of State that You authorize to act on your behalf, may make a verifiable consumer request related to your personal information. You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must:
The Company cannot respond to your request or provide You with personal information if it cannot verify your identity or authority to make the request and confirm the personal information relates to You. Making a verifiable consumer request does not require You to establish an account with AFEX. The Company will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request. Response Timing and Format The Company makes reasonable efforts to respond to a verifiable consumer request within forty-five (45) days of its receipt. If AFEX requires more time, but in no event more than ninety (90) days, it will inform You of the reason and extension period in writing. AFEX will deliver its written response by mail or electronically, at your option. Any disclosures the Company provides will only cover the twelve (12) month period preceding the verifiable consumer request's receipt. The response AFEX provides will also explain the reason(s) it cannot comply with a request, if applicable. For data portability requests, the Company will select a format to provide your personal information that is readily useable and should allow You to transmit the information from one entity to another entity without hindrance. AFEX does not charge a fee to process or respond to a verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If the Company determines that the request warrants a fee, it will tell You why it made that decision and provide You with a cost estimate before completing your request. Non-Discrimination AFEX will not discriminate against You for exercising any of your rights under the CCPA. Unless permitted by the CCPA, the Company will not:
Changes to the Privacy Notice for California Residents AFEX reserves the right to amend this notice at its discretion and at any time. When the Company makes changes to this notice, it will notify You by email or through a notice on its website, www.afex.com. Contact Information If You have any questions or comments about this notice, the Privacy Notice, the ways in which AFEX collects and uses your personal information, your choices and rights regarding such use, or wish to exercise your rights under the CCPA, please do not hesitate to contact AFEX at: Phone: +1 888 307 2339 Email: DPO@afex.com Mail: Associated Foreign Exchange, Inc. Attn: Data Protection Office 21045 Califa Street Woodland Hills, California 91367 |