NOTICE OF FIRM PRIVACY PRACTICES AND YOUR RIGHTS UNDER APPLICABLE PRIVACY LAWS
This notice (“Privacy Notice”) outlines the data protection obligations of The Corporation for Interest Rate Management and its affiliates (the “Firm”), informs you as to how the Firm looks after your personal data when you visit the website (regardless of where you visit it from), and tells you about your privacy rights and how the law protects you.
It is important that you read this Privacy Notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Notice supplements the other notices and is not intended to override them.
Personal Data Collected
Personal data, or personal information, means any information about an individual from which that person can be identified. It does not include data where the identity has been removed (anonymous data). In general, this includes, but is not limited to, data such as:
- Identification data, such as name, sex, age/date of birth, place of birth, contact details including address (private and professional), phone number (private and professional), email (private and professional);
- Profession, job title and position;
- Nationality or civil status;
- Passport information or other national identification number;
- Tax identification such as National Insurance Number;
- Personal bank account and financial information such as account identification and number, income and (for professional investors) financial license;
- Information about the account holders’ or clients’ transactions;
- Account history with us;
- Financial details such as fees paid and bank account details;
- IP addresses;
- Utility bills;
- Information collected using cookies.
- How Data is Collected
The Firm collects your personal data through:
- Contact Us form;
- Emails, telephone calls and letters;
- Client agreements.
How Your Personal Data is Used
The Firm collects, stores and uses your personal data for lawful purposes, including:
- To fulfill a contract the Firm has with you (e.g. performance of advisory services under applicable client agreements);
- Where this is necessary for compliance with a legal obligation to which the Firm is subject (e.g. the anti-money laundering obligation to verify the identity of the Firm’s clients and, if applicable, their beneficial owners) and retain copies of materials for the requisite five (5) years after the relationship terminates;
- Where this is necessary for the purposes of the legitimate interests of the Firm or a third-party service provider and such legitimate interests are not overridden by your interests, fundamental rights or freedoms. Facilitating investments, dispositions, distributions and other transactions and operations, analyzing personal data for quality control, business and statistical analysis, tracking fees and costs, training and related purposes are also legitimate interests for us using your personal data; and/or
- Communications where the Firm provides you with information on its products and services that may be of interest to you.
- You consent that the Firm may use your personal data for the specific purposes outlined herein. Should the Firm use your personal data for other specific purposes that require your consent, the Firm will contact you to request your consent for such usage.
Transmission of Personal Data
In certain circumstances, the Firm and/or third-party service providers engaged by the Firm to perform certain services on behalf of the Firm may be legally obliged to share your data and other financial information with respect to your client relationship the Firm with the National Futures Association (“NFA”) and/or the U.S. Commodity Futures Commission (“CFTC”) and they, in turn, may exchange this information with foreign tax authorities including tax authorities such as the Internal Revenue Service that are located outside the European Economic Area (the “EEA”).
The Firm anticipates disclosing your personal data to third-party service providers who provide services on behalf of the Firm to you, including, as applicable, legal counsel, auditors, swap dealers for KYC/AML purposes, and their respective affiliates, which may include certain entities located outside the EEA.
Data Protection Measures
Any transmission of your personal data by the Firm and/or third-party service providers outside the EEA shall be in accordance with the conditions in the GDPR.
The Firm and/or third-party service providers shall utilize appropriate information security measures designed to protect data in the Firm’s and/or third-party service providers’ possession from unauthorized access by third parties or computer corruption. The Firm has also implemented reasonable technical and organizational measures designed to secure personal information from accidental loss and unauthorized access, use, alteration or disclosure. Additionally, the Firm’s employees are required to follow specific procedures with respect to maintaining the confidentiality of clients’ personal information. Lastly, the Firm maintains physical, electronic, and procedural safeguards to protect the personal information that it processes. This includes performing ongoing evaluations of the Firm’s systems containing client information and making changes when appropriate
The Firm shall notify you of any personal data breach affecting you that is likely to result in a high risk to your interests, fundamental rights or freedoms.
Cookies, Tags and Similar Technologies
A cookie is a small text file which includes a unique identifier that is sent by a web server to the browser on your computer, mobile phone or any other internet enabled device when you visit the Firm’s website. Cookies and similar technologies are widely used to make websites work efficiently and to collect information about your online preferences. For simplicity, the Firm refers to all these technologies as “cookies”.
EU Residents: Your Data Protection Rights
You understand that you have certain rights regarding the Firm’s use of your personal data, such as (but not limited to):
- Access to your personal data (in an easily readable form);
- Examining and correct your personal data;
- Restricting the use of your personal data;
- Requesting that your personal data be erased;
- Objecting to processing of your personal data;
- Portability (in certain specific circumstances);
- Withdrawing any consent given to the processing of your personal data (where applicable);
- Receiving information regarding any entities the Firm discloses your personal data to;
- Lodging a complaint with the relevant authority.
Please note that the right to have your personal data erased (also known as the “right to be forgotten”) applies in some contexts under the GDPR but is not likely to be applicable to most, if not all, of the personal data you provide to us, given the limited purposes for which the Firm uses the personal data, as described in herein.
Retention of Your Personal Data
The Firm is a member of the NFA and is registered with the CFTC. To comply with applicable recordkeeping requirements, the Firm may retain your personal data for a period of up to five years following the termination of your relationship with the Firm.
Getting in Touch
As the Firm does not process personal data on a large scale, the Firm is not required to designate a data protection officer. However, should you have any queries or wish to discuss your data protection rights with us or exercise your rights, please contact here.