The protection of privacy and the safeguarding of the Company’s Clients’ personal and financial information is of great importance to the Company.
Data Protection Law states that the personal information the Company holds about the Client must be:
The Company is responsible for the protection of the privacy and the safeguarding of Clients’ personal and financial information. By opening an account or establishing a business relationship with the Company, the Client gives his/her consent to such collection, processing, storage and use of personal information by the Company.
The Company respects the privacy of its Clients, understands its importance and maintains Personal Data, trusted and confidential information provided by its Clients as one of its highest priorities. The Company is committed to maintain the confidentiality, integrity and security of personal information in relation to current and prospective Clients by respecting their right to keep their personal information confidential. In order to prevent unauthorised access and/or disclosure, the Company has in place suitable physical, electronic and/or managerial procedures and controls to ensure and/or safeguard and/or secure the security and confidentiality of the information provided by its Clients and protect against unauthorised access and/or use of clients’ records and/or information.
References in this document to “Personal Data” means any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier.
An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
As a rule, the Company refrains from any type of disclosure of personal and/or non-public information when such disclosure is not directly linked to service its Clients. The Company collects the necessary information required to open a Client’s account, establish a business relationship and to provide Clients with the services they require.
The purpose of this Policy is to explain to the Clients:
When collecting, processing and storing Personal Data provided by the Client, the Company is subject to the provisions of the GDPR and the relevant Personal Data protection Laws and Regulations of the EU.
‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
‘filing system’ means any structured set of personal data which are accessible according to specific criteria, whether centralised, decentralised or dispersed on a functional or geographical basis;
‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data are disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with, the applicable data protection rules according to the purposes of the processing;
‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process Personal Data;
‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he/she, by a statement or by a clear affirmative action, signifies agreement to the processing of Personal Data relating to him/her;
‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed.
The Company collects Personal Data from the Client when he/she applies for a trading account with the Company and throughout the time of doing business with the Client including when the Client visits the Company’s website or communicate with the Company. When completing the Company’s live or demo account opening application form at the Company’s website, www.trailblast.com (the “Website”), the Company collects Personal Data including but not limited to:
The Company requests certain ‘Know Your Customer’ (KYC) documentation in accordance with the Fourth (4th) and Firth (5th) Anti-Money Laundering (AML) Directive (EU), as adopted by the Republic of Cyprus through the AML Legislation (Law No. 188(I)/2007), as in force and/or as this may be amended from time to time, which amongst other information they also include personal information. Further, the Company adheres to the regulations of the Office of the Commissioner of Personal Data Protection of the Republic of Cyprus & the General Data Protection Regulation (GDPR) as in force and/or as this may be amended from time to time.
This is used in order for the Company to facilitate the evaluation of the Company’s application and complete the relevant KYC, AML and appropriateness assessments that we are required to under the laws and regulations applicable to the Company. The Company also uses this information for the purposes of communicating with its Clients. The Company may collect details of the Client’s e-mail at the moment when the Client fills them in on the Website’s landing page to create an account but before the Client fully complete the registration process.
The Company requests and acquires information on personal and financial details to be provided by a current/prospective clients, either on, but not limited to, relevant agreements and questionnaires in order to identify the Client, create the economic profile of the Client, verify the Clients’ identity provide, deliver and develop products and services, assess the Clients’ appropriateness for the services and/or products offered by the Company, in order to service and maintain a Clients’ account process Clients’ transactions, respond to relative and/or additional inquiries and/or clarifications to either the Clients and/or their authorised representatives and to keep the Client updated on any Client business relationship relative matter and information on the Company’s services and/or products.
The Company may also collect information from the Client if the Client requires technical assistance or customer support.
As part of the Company’s verification procedure which the Company performs in accordance with the requirements of the applicable laws and regulations, the Company also collect information necessary to verify the Client’s identity, such as an identification card or passport. This information can also be obtained or verified by matching it with personal background information the Company receives about the Client from public records or from other entities not affiliated with The Company.
Additional information the Company may collect:
The Company may (but not necessary shall) also collect the following information:
The Company collects the necessary information required to open, transact and safeguard Clients’ money and the Client’s privacy and to provide the Client with the services the Client requires. To this end, The Company gathers information from the Client and may, in certain circumstances, gather information from relevant banks and/or credit agencies, and/or other sources (such compliance verification databases and similar service providers) as legally and regulatory obliged.
For the purposes of GDPR, The Company acts as data controller in respect of the Personal Data that the Company collects from the Client.
The legal basis that the Company relies on for processing the Client’s data will depend upon the circumstances in which it is being collected and used, but will in most cases fall into one of the following categories:
The Company uses Personal Data only as required to comply with regulatory requirements and/or provide quality service to the Client. This information assists the Company to improve its services, customise browsing experience and enables it to inform its Clients of additional products, services or promotions relevant to Clients and in this respect the Client needs to provide his/her consent to the usage of this data for such purposes (See Appendix 1).
The Company processes the Client’s Personal Data for the following purposes:
Client important information about the Client’s account with the Company and the Company’s services. This information is required for the purposes of complying with the laws and regulations applicable to the Company.
To verify the Client’s identity, age and accuracy of the Client’s registration details provided, the Company may disclose such information to third parties e.g. financial institutions and third-party reference agencies and data verification service providers. This is required for the purpose of the Company complying with its legal obligations.
If the Company sends to the Client a marketing email or other marketing communication, it will include instructions on how to opt out of receiving these marketing communications in the future. The Client can also manage his/her information and update his/her marketing preferences by emailing [email protected]
The Company shall require up to seventy-two (72) hours to process any changes the Client makes to his/hers marketing preferences. The Company notes that even if the Client opts out of receiving marketing communications, the Company may still send to the Client important information related to his/her account(s) with the Company and its services.
The Company uses Personal Data only as required to comply with regulatory requirements and/or provide quality service to its Clients. The Company will not rent, swap or sell the Client’s personal information to other organisations for them to use in their own marketing activities without the Client’s consent.
The Company may market additional products, services and promotions relevant to the Client and the products and services the Client requires if he/she has given consent to the Company to use data for such purposes. The processing of personal data may involve its transfer outside of the European Economic Area (EEA) to third countries where the level of protection of personal data is not as adequate as within the EEA.
The Company will ensure that the transfer of personal data to such third countries will only take place following the implementation of a transfer mechanism as prescribed in applicable legislation.
If the Client does not wish to receive marketing and/or promotional information of this nature for any reason, please contact the Company at the following address: [email protected] The Company will still send important information to the Client about his/her account and the Company’s service information.
Any personal information the Client provides to the Company will, subject to the Company’s Terms of Service as this can be found to the Company’s website, be treated as confidential and shared only within the Company and will not be disclosed to any third party except under any regulatory requirement, legal obligation or legitimate interests as described elsewhere within this Policy.
The personal information that the Client provides in connection with registering himself/herself as a Client of The Company is protected in many ways. The Client can access his/her trading account and profile through a password selected by him/her. This password is encrypted and known only to the Client and shall not be revealed to anyone else.
The Company has in place reasonable commercial standards of technology and operational security to provide protection for all information provided by users from loss, misuse, alteration or destruction. Further, the Company maintains physical, electronic and procedural safeguards that comply with applicable legal requirements and regulations to guard the Company’s Clients’ personal information and any other information, to ensure to the Company’s Clients that their privacy is a major part of the Company’s commitment to provide the finest services possible.
Registration information is safely stored on secure servers that only authorised personnel have access to via password. The Company encrypts all personal information and makes all necessary effort to prevent unauthorised parties from viewing any such information.
The Client has certain rights under GDPR which are detailed below. Some only apply under specific circumstances and are qualified in several respects by exemptions in Data Protection Bill. The Company will advise the Client in response to his/her request if is relying on any such exemption. For any request, please contact the Company at [email protected]. The Company will require the Client to prove his/her identity with two (2) pieces of approved identification to progress the request.
The Company will request such other relevant information that will reasonably assist it in fulfilling the Client’s request. Information will be provided within one (1) calendar month of the request, unless the request is complex, in which case the Company may notify the Client that an extension of up to two (2) calendar months is necessary. A fee will not be charged for the first request but a reasonable fee to cover administrative cost of providing further copies will be charged. If the request is unfounded or excessive, The Company has the right to refuse the request or charge a reasonable fee to deal with the request.
Having acquired the Client’s consent, The Company may share information with Third Parties in the event such information is reasonably required or for legally or regulatory purposes in order to offer products and services that meet the Client’s needs, and which are delivered in a manner that is useful and relevant.
Other Third Parties the Client’s Personal Data may be shared with, may include, but are not limited to:
The Company will not disclose the Client’s personal information to third parties outside of the EEA without ensuring:
The Company reserves the right to disclose information as necessary to credit reporting or collection agencies as reasonably required in order to provide the services to its Clients.
To help the Company improve its services, The Company may engage third parties to help carry out certain internal functions. Use of shared information may also be used to provide professional, legal, or accounting advice to The Company.
All third parties with which The Company shares personal information are required to protect such personal information in accordance with all relevant legislation and in a manner similar to the way The Company protects the same. The Company will not share personal information with third parties which it considers will not afford its Clients the required level of protection.
The Company shall not, share, disclose, engage and/or provide, from time to time, some and/or all of clients’ personal information and/or data provided by its client(s) on an anonymous and/or aggregated basis only except where disclosure is made necessary, but not limited to, pursuant to a court decision or when disclosure of certain types of such information is required under the current applicable legislation, Regulatory and/or Supervisory Authorities within the Republic of Cyprus and/or for statistical purposes and/or for improving the Company’s marketing requirements, including submission for Regulatory inspection(s) purposes to the Company’s Regulator (CySEC). The Company will only use information of a confidential nature and/or disclose the same to any person and/or organisation in the following circumstances:
The Company’s Clients agree and consent for the use of the initial information/data provided by the Client, for the initial account opening and/or establishment of a business relationship with the Company and when the Client wishes and/or files an additional request and/or amendment(s), alteration(s) and/or service(s) in relation to account and/or services and products provided by the Company, provided that the initial KYC (Know Your Customer) documentation supplied initially by the Client is still up to date and/or comply with all legal requirements of the KYC documentation, policies, procedures and Manuals of the Company.
The Company reserves the right to disclose Personal Data to third parties where required by law, regulatory, law enforcement or other government authority of a competent jurisdiction in order to protect its rights and / or comply with such legal proceedings. Such disclosure shall occur on a ‘need-to-know’ basis, unless otherwise instructed by a regulatory or other government authority. Under such circumstances, The Company shall expressly inform the third part regarding the confidential nature of the information.
The Company, as a regulated firm, is required to comply with certain obligations under the Intergovernmental Agreement with the United States and has taken all reasonable steps to be considered in compliance with the Foreign Account Tax Compliance Act (“FATCA”) and the Common Reporting Standard (“CRS”), approved by the Organisation for Economic Co-operation and Development (“OECD”) for the exchange of information for tax purposes.
The Company is legally obligated to keep the Client’s Personal Data provided, including but not limited to his/her name, address, email, phone number, his/her trading and transaction history, deposits and withdrawals history, for at least 5 (five) years after the business relationship has terminated.
The Company will hold the Client’s Personal Data for the longest of the following periods:
Kindly note that data protection terms will be included in the Client Agreement as this can be found to the Company’s website, for the establishment of a business relationship between the Company and its Clients. Any Personal Data collected will be retained for carrying out the establishment of the business relationship.
If the Company holds any personal information in the form of a recorded communication, by telephone, electronic, in person or otherwise, this information will be held in line with local regulatory requirements which will either be five (5) or ten (10) years after the business relationship has terminated.
Restriction & Limitation of Liability
The Company and/or its employees shall not be held liable for any loss(es) and/or damage(s) including without limitation, indirect and/or consequential loss (es) and/or damage (s) arising from loss (es) of data and/or profit(s) arising out of and/or in connection with, the use of this website. The material and/or information contained on this website is solely for information purposes only. Material and/or information on the Company’s website, including, but not limited to, images, texts, policies, forms, agreements is owned and/or otherwise provided by the Company; should not be reproduced, and/or distributed and/or published in whole and/or in part for any purpose without the explicit written consent and/or permission of the Company. The material and/or information within the Company’s website should not be interpreted and/or comprehended as an offer and/or a solicitation of an offer, to investment services/activities and/or any financial instruments.
The Company’s website may be accessed within the European Union, however the financial products mentioned on the Company’s website may not be allowed by law to all investors in all European countries. The access to the Company’s website may be restricted to certain jurisdictions due to domestic legal restrictions. For such visitors and were users of the Company’s website subject to such legal restrictions are not allowed to access it, the Company bears no responsibility as well as to visitors or users or towards any individual who may access the Company’s website illegally.
The Company’s website is not intended to constitute legal, investment, consulting, or other professional advice or services. The Client, before making any decision or taking any action that might affect his/her personal situation and/or business, should consult a qualified professional advisor.
Use of “Cookies”
The Company utilizes “cookies” to identify users when they connect to the website and to enhance the performance of the website. A cookie is a small piece of data that the Company stores on the Client’s browser or the hard drive of his/her computer if the Client has enabled the relevant functionality from his/her browser to accept cookies. Cookies contain information that is transferred to the Client’s computer’s hard drive. Cookies used by the Company do not contain personal information or other sensitive information. When a current or prospective Client accesses the Company’s website a cookie is created and placed on the user’s machine. In addition to information related to authentication, information may be stored in the cookie in order to direct a user to the correct site location.
The Company uses the following cookies:
For more information about Google Analytics please visit the following page: https://support.google.com/analytics/answer/6004245?hl=en
Enable and/or Disable Cookies
Should the Client wish to enable or disable cookies the following instructions should be adhered to. It should be noted that in the cases where the Client wishes to disable cookies, certain sections of the Company’s website might not work properly, and he/she may face difficulties logging-in or reviewing articles.
If the Client thinks that the Company is using Client’s information in a way which breaches data protection law, the Client has the right to lodge a complaint with the Company’s national data protection supervisory authority and contact the Commissioner for Personal Data Protection, at [email protected].