Effective Date: May 25, 2018
WHO WE ARE
Regulation (EU) 2016/679 the (European Union) General Data Protection Regulation (GDPR)
The GDPR is effective as of 25 May 2018.
LEGAL BASIS FOR COLLECTING AND PROCESSING DATA
We collect and process personal data as we are required to undertake due diligence checks on you and your business.
We are required to comply with the following:
4th Anti-Money Laundering Directive (EU) No. 2015/849 (4th AMLD) European Union
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017 (England and Wales)
Anti-Money Laundering and the Counter-Terrorism Financing Act 2006 (Australia)
- WHAT INFORMATION DO WE COLLECT
We collect several types of information and data. Unless otherwise stated all the personal data we obtain, has been supplied by you having given your consent. We use this information to provide you with information, updates, services and for business administrative purposes. We do not sell your information or data to third parties (other than in the course of a business sale, purchase or similar event).
1.1 Personal Information
1.2 Newsletters and Updates
Through our websites, you have the option of receiving updates, newsletters and occasional marketing material from us and relevant third-parties. You can also sign up to receive information by contacting us, or on occasion, passing on your business card or details at events. You will be notified via email of your preferences, and you able to unsubscribe immediately if you choose to do so.
1.3 Cookies and Tracking
1.4 Membership sign up
When signing up for a CTX Trading Account we are required by law to collect personal data on you and your business including but not limited to you, your business partners, directors. This information supplied to us by you can include full legal name, DOB, address, email, contact details, business name and registered address, identification documents, bank account details, IP Address and any other Know Your Client (KYC) information that we are required to collect for the purpose of processing your application.
1.5 Disclosure of your Personal Information
We only disclose your personal information to third-parties only where necessary to run our business, to our service providers eg. Financial institutions, financial software, IT service providers, Telephone providers (when you call us). We will comply with Government agencies and Law enforcement officials and private parties to comply with the law. We will comply with other agencies and governing bodies when we are required by law or to enforce our legal rights.
1.6 Third Party Information supplied to us
Occasionally we must obtain information about you from third-parties. This is only done when we are required by law to complete due diligence checks on you and your business when signing up for a CTX Trading Account. For further information see the CTX Rules supplied to you when activating your account. Occasionally, to verify information we hold about you or obtain missing information, we will obtain information about you from certain publically accessible sources both in the EU and non-EU.
1.7 Transfer and Storage of your Information
- YOUR RIGHTS REGARDING YOUR INFORMATION
You have the right to:
– Access your information and receive information on how it is used
– Have your information corrected and/or completed
– To have your information deleted (within reason)
– To restrict and object to the use and processing of your information
– To receive your information in a portable format (within reason)
– To withdraw your consent to the use of your information
Verifying your identity where you request access to your information
Where you request access to your information, we are required by law to use all reasonable measures to verify your identity before doing so. We will use any measure necessary to protect your information, reduce the risk of identity theft and any general unauthorised access to your information.
We will endeavour to fulfil your request to access your data, but under certain circumstances we will be unable to process those requests. These may include nuisance requests, unauthorised requests or if releasing your information may expose another individual’s information.
Sensitive Personal Information
We do not knowingly or intentionally collect ‘sensitive personal information’ which includes information that may identify your racial or ethnic origin, political opinions, religious or philosophical beliefs, genetic information, biometric information, information about sex life, sexual orientation or health. Please do not submit your personal information to us. We will use all reasonable efforts to delete any data that we may have erroneously collected.
- DATA SECURITY AND RETENTION
We use multiple security measures to protect your personal data. These include but are not limited to: physical, electronic, internal and external policies and procedures. All personal data is collected and stored on a secure server. Transfer of personal data eg. Using a credit card or Paypal uses Secure Sockets Layer (SSL) technology.
We retain personal data only for as long as necessary to provide the services you have requested. Due to our legal obligations, we may retain your personal data for a longer period. These reasons may include but are not limited to:
– Mandated by law
– For resolving, defending or enforcing our legal/contractual rights
– Needed to maintain financial records
- AGE RESTRICTIONS
Our services and the interactions with our websites are not intended to be to be used, nor have they been designed to entice individuals under 18 years old. If you know of or have reason to believe anyone under the age of 18 has provided us with personal data, please contact us. We will use all reasonable efforts to delete any data that we may have erroneously collected on behalf of anyone under 18.
- CONTACT US
If you have any questions or concerns, you can contact us as below
Carbon Trade Exchange (CTX) London Office
phone: +44 203 598 5890
post: Level 4, 83 Baker Street, London W1U 6AG, UK
We will respond to your request or concerns within thirty (30) days
Data Protection Authority
If you are a resident of the European Economic Area (EEA) and you have any concerns on how we collect and process your data, you have the right to contact the lead supervisory authority in the EEA