Privacy Policy

 

1. INTRODUCTION

M4Markets is the brand name of Harindale Ltd (the ‘Company’). The Company is authorized and regulated by the Cyprus Securities and Exchange Commission (‘CySEC’) as a Cyprus Investment Firm (CIF) to offer certain investment and ancillary services subject to the provisions of the Investment and Ancillary Services and Activities under the Provision of Investment Services, the Exercise of Investment Activities, the Operation of Regulated Markets and Other Related Matters Law of 2017, Law 87(I)/2017, as subsequently amended or replaced from time to time (‘the Law’) implementing the EU Directive 2014/65/EU into national law (hereinafter referred to as “MiFID II”), with CIF license number 301/16. The Company is registered in Cyprus under the Companies Law, with registration number HE 346662, and registered office located at 78 Spyrou Kyprianou Avenue, 3076, Limassol, Cyprus.

 

2. COMPANY’S COMMITMENT TO CLIENT’S

This Privacy Policy (hereinafter the “Privacy Policy”) sets out the way Harindale Ltd (hereinafter “the Company” and/or “we” and/or “our”) collects, uses and manages the personal information received from its visitors, active and/or potential clients who have terminated their business relationship with the Company (hereinafter referred as “the Client” and/or “you”, “your”) who are accessing or using the Company’s website(s) and mobile applications.

The Company is committed to safeguard the confidentiality of your personal information or data it collects, uses and/or holds in accordance with the applicable data protection laws and regulations and particularly, the provisions of the European General Data Protection Regulation (GDPR) EU 2016/679 and any subsequent regulations or laws adopted by the Republic of Cyprus with reference to the GDPR (hereinafter ‘Data Protection Laws’).

Pursuant to the Data Protection Laws, the Company with whom you have registered an account or have a business relationship with is the “Controller” of personal data collected through e-mails, http://m4markets.eu/, mobile applications and other platforms and is the Company you should contact if you have questions about the use of your Personal Data.

The Company has established technical and other organizational measures and procedures as appropriate in order to safeguard and protect your information and privacy. For this purpose, the Company has also appointed a Data Protection Officer to ensure that the Company manages or processes all Personal Data in compliance with the applicable Data Protection Laws and regulations and in accordance with this Privacy Policy.

By accessing Company’s website and by providing personal data and/or confidential information as per the Data Protection Laws and as per the provisions of this Privacy Policy, the Client accepts to be bound by the Company’s Privacy Policy.

 

3‌. HOW AND WHY WE COLLECT YOUR PERSONAL DATA

During the account opening process for a demo or a trading account, you are requested to complete and submit an application form by providing your personal information (hereinafter “Personal Data”). The provision of the information submitted by you will enable us to evaluate the application and your eligibility to our services pursuant to the applicable laws and regulations governing the provision of our services. The same information will be used by the Company to contact you regarding the offered services.

The Personal Data collected by the Company might include, but are not limited, to the following:

    • Identity Data: Name, surname, address, date and place of birth, gender, country of residence and citizenship, identity documents such as passport, ID, driving license, information which may be publicly available or contained in background check database;
    • Contact Data: addresses and proof of residency documents, telephone numbers, e-mail addresses;
    • Tax and Financial Data: FATCA & CRS declarations, information in relation to previous trading experience, source of wealth and source of funds, annual salary and respective pay slips and/or employment contracts, expected trading volumes, types of transactions, tax residence information and numbers, copy of the credit card used to fund the account, all and any other financial information which is required to establish and maintain a client account and/or process client’s orders in accordance with the applicable laws and regulations;
    • Technical Data: Client internet protocol address, browser information;
    • Marketing and Communication Data: Client communication preferences and preference for receiving marketing materials from the Company.In cases where the Client is legal entity, the Company shall have the right to request all the statutory/incorporation documents and all the relevant documents for all related individuals (directors, shareholders, beneficial owners).Furthermore, it is to be noted that, periodically and subject to the characteristics of each client, we may also require provision of other information to improve the services performed and satisfy the regulatory requirements. Most information will be requested directly from the client and/or any other authorized person by means of application forms or other forms as well as by maintaining registers of information provided to us during ongoing performance of services in favour of the clients.

      Other than the information collected directly by you, the Company may also process information about your transactions with the Company like the products you trade with the Company and historical data of your transactions including, trading history or investments.

4. DATA RETENTION

Subject to the applicable laws and regulations of Cyprus Securities and Exchange Commission (hereinafter “CySEC”), the Company will keep records containing your Personal Data for a period of five years from the termination of the business relationship and for an additional period of two years if it is requested by CySEC, totalling seven years.

 

5. WHO HAS ACCESS TO YOUR PERSONAL DATA

The Company shall not disclose to a third party, any of your confidential information unless it is required to do so by a regulatory authority of a competent jurisdiction, the provisions of applicable laws and regulations, there is a legitimate interest for such disclosure or duty to do so or you have requested from us to proceed with a disclosure and/or you have consented to; such disclosure shall occur on a ‘need-to know’ basis, unless otherwise instructed by a regulatory authority. Provided that such disclosure takes place, the Company shall expressly inform the third party regarding the confidential nature of the information.

The Personal Data are treated as confidential and may be shared within the Company only to those employees and/or partners who need to know the specific information in order to operate, develop or improve our services. These individuals are bound by confidentiality and will be subject to penalties if they fail to meet these obligations.

The Client by accepting this Privacy Policy authorizes the Company to share and/or disclose personal information, which is submitted by the Client to the Company, with other entities of the M4Markets Group of companies for marketing purposes.

 

6‌. LAWFUL BASIS FOR THE USAGE AND/OR DISCLOSE OF PERSONAL DATA

The Company collects and process Personal Data which are required for the evaluation, establishment and maintenance of the contractual relationship between the Company and the Client and in order to comply with the applicable aforementioned data protection legislation and regulations governing the provision of investment services. In some cases, the Company may also process the Client’s Personal Data to pursue its legitimate interests or those of third parties, provided that the Clients’ interests and fundamental rights are not overridden by those of the Company or the third party.

In view of the above, the Company may use and/or disclose your personal information for one or more of the following purposes:

 

    • In cases where it is required by law or a court;
    • In cases where it is requested by CySEC and/or any other regulatory authority;
    • In cases where it is requested by fraud prevention agencies, third party authentication service providers, verification/screening service provider’s and/or any relevant authorities who investigate or prevent fraud, money laundering and/or other illegal activities;
    • In cases where it is necessary in order for the Company to defend or exercise its legal rights to any court and/or tribunal and/or arbitrator and/or financial ombudsman and/or governmental authority;
    • To Company’s professional advisors provide that in each and every case these professional advisors shall be informed about the confidential nature of such information and commit to the confidentiality obligations as set in this Privacy Policy;
    • to confirm/verify your identity;
    • to assess your appropriateness and/or suitability to the products and services we provide;
    • to process your transactions;
    • to manage the account, you hold with the Company;
    • to provide you with transaction and post transaction related services;
    • to inform you of products and/or services that may be of interest to you;
    • to inform you of amendments of the law affecting our services to you and products as and when required;
    • for internal business as well as record keeping purposes;
    • to keep you updated on the issues that are relevant to your business relationship with us;
    • to analyse statistical data to enable us to provide you with better products and/or services;
    • to enhance the security controls of the Company’s networks and systems;
    • to identify, assess, mitigate, prevent and investigate fraudulent activity of any kind that is forbidden by the relevant legislation;
    • technological experts who are appointed by the Company to support the smooth operation of our systems platform providers;
    • payment service provider’s/credit institutions for facilitating the incoming and outgoing payments of the Clients;
    • governmental authorities and regulatory bodies;
    • data reporting service providers to meet our regulatory obligations;
    • other companies belonging to the M4Markets Group of companies for marketing purposes.
    • at Client’s request.

 

The Company needs to comply with the Anti-Money Laundering regulations, therefore hard copies and/or in electronic format copies shall be retained as evidence. Also the measures that are taken by the Company in regards to your identity verification, source of income and wealth, monitoring of your transactions, telephone/text/e-mail communication, and transaction history must be kept to be able for the Company to demonstrate to the regulator that has acted in accordance with the legislation.

If there is no lawful basis, for the usage of your personal data as indicated above, your consent will be required. The Company will ask for your consent in regards to the provision of marketing information in relation to the products and services offered in accordance with the Client agreement between the contractual parties and/or any other mean of communication the Company may use from time to time. Note that you may withdraw such consent at any given time by sending an email to [email protected]

 

7. Transfer Personal Data outside the European Union (“EU”)

The Company’s aim is to safeguard Personal Data when these are to be transferred outside the EU. According to Data Protection Laws, Personal Data can be transferred outside the EU if adequate protective measures are established, appropriate to the safeguards dictated by Data Protection Laws.

The Company takes appropriate protective measures when Personal Data are disclosed to a third party. The third parties that the Company may transmit Personal Data shall comply with the Data Protection Laws or the legislation of their jurisdiction which has equivalent arrangements.

In particular, you agree to the transfer and/or processing of your Personal Data outside the EU, as described in this section, by providing us with your Personal Data during the account opening process and the submission of the information required to open and maintain an account with the Company.

 

8. COOKIES

Cookies are small text files, given ID tags that are stored on your computer’s browser directory or program data sub folders. Cookies are created when you use your browser to visit a website that uses cookies to keep track of your movements within the site, help you resume where you left off, remember your registered login, theme selection, preferences, and other customization functions. The website stores a corresponding file (with same ID tag) to the one they set in your browser and in this file they can track and keep information on your movements within the site and any information you may have voluntarily given while visiting the website, such as email address. Cookies are often indispensable for websites that have huge databases, need logins, have customizable themes, other advanced features.

Cookies usually don’t contain much information except for the URL of the website that created the cookie, the duration of the cookie’s abilities and effects, and a random number. Due to the little amount of information a cookie contains, it usually cannot be used to reveal your identity or personally identifying information.

There are two types of cookies: session cookies and persistent cookies. Session cookies are created temporarily in your browser’s sub folder while you are visiting a website. Once you leave the site, the session cookie is deleted. On the other hand, persistent cookie files remain in your browser’s sub folder and are activated again once you visit the website that created that particular cookie. A persistent cookie remains in the browser’s sub folder for the duration period set within the cookie’s file.

The http://m4markets.eu/ website uses cookies to provide the functionality you need to browse our site correctly. The http://m4markets.eu/ website issues cookies upon landing on our website, unless the user has changed their cookie settings in their browser to refuse cookies. Please note that with cookies switched off, some areas of our website and services might not be made available to you.

The Company does not use cookies to personally collect information about you – the cookies that we use only collect anonymous information to optimize our services and do not collect personal information. If you require additional information about how the Company uses Cookies on its website, you may refer to the Company’s Cookies policy uploaded on the Company’s website here.

 

9‌. SECURITY

The privacy and confidentiality of your personal information is of fundamental importance to us. We take all appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data and personal information.

The Personal Data that you provide in connection with opening an account (appropriateness / suitability test) with the Company are highly protected. This information can be accessed only by you using your own selected password and logins. The Company strongly recommends that your password is carefully kept and not to be shared with any third party. In addition, this information is safely stored in the Company’s servers that only authorized personnel have access to it through access rights. The Company encrypts all this information to prevent unauthorized parties from viewing or access such information.

 

10. YOUR RIGHTS

You have the following rights in respect of your Personal Data in accordance with the Data Protection Laws:

    • Right of Access: You have the right to be informed whether and under which circumstances the Company is processing your Personal Data and the Company is required to provide you with a copy of your Personal Data if and when you request so.
    • Rectification Right: You can request to amend your Personal Data in order to correct or complete the provided Personal Data (up to date information).
    • Erasure Right: You can request to delete/remove your Personal Data under certain circumstances, for instance if your consent has been withdrawn. The effect of such request is always subject to any other requirements imposed by applicable laws and regulations.
    • Right to Restrict Processing: You may request from the Company to restrict the processing of your Personal Data if it is not accurate, it has been used unlawfully or it is not relevant anymore. The said right is not an absolute right and only applies in certain circumstances. In addition, when processing is restricted, the Company is still permitted to store the Personal Data, but not use it.
    • Right to Data Portability: You may request to obtain your Personal Data in a readable format for your own purposes.
    • Right to Object: You may request from the Company to stop processing your Personal Data, and the Company will do so if: a) the Company cannot demonstrate compelling legitimate grounds for the processing or b) the Company is processing Client’s Personal Data for marketing purposes.
    • Right to Withdraw Consent: You can withdraw any consent given to the Company at any time where the Company relies on consent to process your Personal Data.

 

11. CLIENT OBLIGATIONS

The Company is required to obtain and maintain Client’s personal Data under the applicable laws and regulations. As such, the Client is always obliged to provide the Company with accurate and complete information and to update the Company immediately regarding any changes to such information.

In case the Client fails to provide the requested Personal Data, the Company shall have the right to stop providing any services to the Client.

 

12. Communication with the Company

You may exercise any of the above rights by contacting the Company’s Data Protection Officer as follows:

  • By sending an email to: [email protected] or
  • by post at postal address: Spyrou Kyprianou Avenue 78, Magnum Business Center, 2nd Floor, 3076, Limassol, Cyprus.

 

13. Complaints in regards to the use of Personal Data

If you have any grounds to believe that the Company does not appropriately use your Personal Data, you can further submit a complaint to the Office of the Commissioner for Personal Data Protection. Further details are available at the Website link: http://www.dataprotection.gov.cy .

 

14. Changes to the Privacy Policy

The Company reserves the right to change or amend the Privacy policy without further notice to you, provided that the changes do not significantly reduce your rights under this Policy. If we make material changes to this policy, we will notify you by email or by means of a notice on our home page or by changing the version of the document including the date of the update which will be visible to the first page of this document. The latest and prevailing version of this Policy will at all times be available at https://d2t3t83hvekb.cloudfront.net/legal_documents/eu/m4markets_privacy-policy.pdf

Any revised Policy will be effective immediately upon posting on our website.

 

15. LEGAL DISCLAIMER

The Company reserves the right to disclose your personally identifiable information as required by rules and regulations and when the Company believes that disclosure is necessary to protect the Company’s rights and/or to comply with a judicial proceeding, court order, or legal process served. The Company will not be liable for misuse or loss of personal information resulting from cookies on the Company’s site(s) that the Company does not have access to or control over. The Company will not be liable for unlawful or unauthorized use of your personal information due to misuse or misplacement of your passwords, negligent or malicious.

 

The Company’s contact details are:

Tel: (+357) 25 690500

Fax: (+357) 25 690501 OR

Email: [email protected]

Address: Spyrou Kyprianou Avenue 78, Magnum Business Center, 2nd Floor, 3076, Limassol, Cyprus