Investing should not be a luxury
discover Think Alternative
PRIVACY NOTICE
February 2025
Version 3.0
At Altarius we
are firmly committed to safeguarding your privacy and maintaining the integrity
and confidentiality of your Personal data. You can find information about us,
our Services and our legal basis to process your Personal Data in this Privacy
Notice. Any capitalized terms not defined here shall have the meaning given to
them in our Terms of Use.
This Privacy Notice
describes our current practices governing the collection, use, storage, and
protection of Personal Data (together, the Processing of Personal Data) we
obtain from our Users, including visitors to this Website. It further explains
your rights as a Data Subject, as defined, and under, on the General Data
Protection Regulation (Regulation (EU) 2016/679), hereinafter referred to as “GDPR”,
as well as in other equivalent jurisdictions. It furthermore reflects the
obligations of the jurisdictions in which we operate, including the
jurisdictions of our Affiliated Companies.
By accessing
and using our Services, including access to, and use of, this Website, you
confirm that you have read, understood, and consented to the practices outlined
in this Privacy Policy.
1.
About Altarius
This Website
and the Services are made available by Altarius. Altarius is the name of the
joint Data Controller. Services may vary depending on the entity that is
providing them, and are provided based on the legal ability to do so. Please
see relevant terms of use for additional information.
2.
Information We Collect and How We Use It
We collect and
processes various categories of Personal Data at the start of and for the
duration of our relationship with you. Some categories of personal data are
kept beyond the termination of our relationship where so required by law. We
limit the collection and processing of information to what is necessary to
ensure compliance with our legal, regulatory and contractual obligations. When you access the Website, engage with our
services, or when you interact with us via email, social media or other means
of contact, we may ask you for the information we need to verify your identity
and support the Services provided. This can include a broad range of
information, as defined in this section.
2.1.
Personal Information
Personal
information may include full name, home address, age, signature, e-mail
address, mobile number, date of birth, nationality, passport number, driver’s
license details, national identity card details, photographs, employment
information, utility bills, and /or financial information. We may also ask you
to provide evidence of your identity such as asking for a copy of your passport
or driving license, and proof of residence and/or proof of income. We may
furthermore collect additional information from public and private sources,
including, but not limited to, available lists of Politically Exposed Persons,
Sanctions Lists, Adverse Media using international information aggregators and
other platforms for KYC and CDD purposes, as applicable.
2.2.
Device Information
We may collect
and process records of your activity on the Website, and obtain information
from third parties on activities you’ve undertaken on their platforms, as
applicable.
2.3.
Use of Cookies and tracking technologies
Cookies and web
beacons are also employed to enhance your browsing experience. Cookies are text
files stored on your device, which may be temporary (session cookies) or
persistent, remaining until manually deleted or expired. Web beacons are small,
invisible files used to track interactions with our website. Visitors retain
the ability to manage or disable cookies and web beacons through browser
settings or via our cookie consent tool.
3.
How we process your Personal Data
We process your
Personal Data based primarily on your consent. We collect Data from you based
on your interactions with our Website and/or use of our Services, and your
interactions with us via social media or via our communication channels.
3.1.
Data Collection
We may collect
Data during your interactions with us. We may also collect data from publicly
available sources, or from third parties, provided it has been lawfully
obtained and processed.
3.2.
Data Sharing
We may share
Data with third parties, namely with Data Processors, as per below, to assist
us providing the Services to you, and/or discharging our legal and contractual
obligations. In addition, we may share your Personal Data with regulators, law
enforcement agencies, government agencies, courts, tribunals and other public
entities. We may, provided we have the right safeguards in place, share your
data with auditors, consultants, whether internal or external, and, in the
event of a corporate event such as corporate acquisition, sale or merger, we
may share some or all Personal Data with third parties, for lawful purposes. In
addition, we may share your data with any novating entities and entities
affiliated with Altarius without limitation. We will not share your data for
marketing purposes without your clear and specific consent. In addition, we may
share your Data (i) with our affiliated companies and entities, (ii) with third
parties for the provision of ancillary services, or support services, such as
software providers and servers.
3.3.
Data Processors
We use Data
Processors to help us discharge certain obligations, such as (i) complying with
our due diligence and anti-money laundering legal requirements, (ii) process
your requests and support, (iii) store your Personal Data (section 7), and (iv)
comply with our contractual obligations. We take all reasonable steps to ensure
that our Data Processors comply with the Applicable Law, or, at least, with a
legal regime similar to the EU GDPR, and have effective measures and practices
in place to prevent any unlawful use or access to your Data.
3.4.
Data Transfers Outside the EEA
Should the
processing of personal data involve transfers outside the European Economic
Area (EEA), ALTARIUS ensures that appropriate safeguards are in place. These
safeguards may include Standard Contractual Clauses approved by the European
Commission or reliance on adequacy decisions confirming that the recipient
country offers an equivalent level of data protection. Detailed information on
these measures is available upon request.
4.
Why we process your Personal Data
We process your
Personal Data to:
(a)
Provide you with information on our Services;
(b)
Provide you with our Services, as the case may be;
(c)
verify your identity and carry out checks that we are required to
conduct by applicable laws and regulations, including without limitation, “know
your customer”, anti-money laundering, transactions, fraud, sanctions and
politically exposed person checks;
(d)
contact you on matters related to your queries;
(e)
provide you with notices related to the Services, general updates,
market updates and other marketing materials, including, the Services offered
by us, it being understood that we will give you the option of electing not to
receive communications and you can unsubscribe at any time by notifying us that
you wish to do so;
We may, from
time to time, process your Personal Data for reasons other than this section 4,
provided this is done with a lawful basis and does not harm your Data
Protection rights. We will notify you in the event of any material changes to
this processing and give you the option to oppose such processes, in the terms
of this Notice.
5.
Lawful basis for processing your Personal Data
In accordance
with Applicable Law, Personal Data must be processed lawfully, fairly and in a
transparent manner in relation to the Data Subject (‘lawfulness, fairness and
transparency’). It must be collected for specific and legitimate purposes, and
be processed in a manner that is consistent with those purposes.
5.1.
Consent
We will very
likely rely on your consent to process your Personal Data. Your consent must be
freely given, and the processing of your Personal Data based on consent is
limited to the matters to which you gave consent to. By accessing our Services
or interacting with us, you give consent to our process your Data for the
purposes of providing such Services, including any contractual and pre
contractual information.
5.2.
Compliance with Laws and Regulations
We may also
process your Data base on legal obligations, irrespective of your consent. We
have an obligation to identify you and comply with certain rules and
regulations related to money laundering, terrorist funding, proliferation
funding and sanctions management, as well as undertaking identify verification,
and source of funds and source of wealth confirmation, as applicable. In
addition, we may flag any suspicious activities to the relevant law enforcement
agencies, which don’t require consent and may be done based on legal
obligation.
5.3.
Performance of a Contract
In the event
you enter into an Agreement with us, we may process your Data based on a
requirement to deliver and comply with our obligations of that contract.
5.4.
Legitimate Interest
We may also
process your personal data where it is in our legitimate interest (or the
interests of a third party) to do so, provided that those interests override
your interests or fundamental rights or freedoms. There may be cases where your
interests and fundamental rights could override our legitimate interests. This
may happen in cases where personal data are processed in circumstances where
you do not reasonably expect further processing. We will always need to (1)
identify a legitimate interest (2) show that processing is necessary to achieve
it; and (2) balance it against your interests, rights, and freedoms. Some
non-exhaustive examples of situations where we may seek to pursue legitimate
interests include (4) marketing purposes, (5) defense of legal claims, (6) or
to prevent fraud.
6.
Data Retention
Personal data
is retained only for as long as necessary to fulfill the purposes for which it
was collected, in compliance with GDPR. For inquiries, data is retained for a
maximum of two years unless ongoing communication necessitates extended
retention. Data collected for marketing purposes is retained until you withdraw
your consent. Data used for statistical and analytical purposes, including IP
addresses, is retained for up to 12 months. Upon expiration of the retention
period, data is securely deleted or anonymized for non-identifiable use. To
determine the appropriate retention period for personal data, we consider the
amount, nature, and sensitivity of the personal data, the potential risk of
harm from unauthorised use or disclosure of your personal data, the purposes
for which we process your personal data and whether we can achieve those
purposes through other means, and the applicable legal requirements. At the end
of the retention period, we will securely delete or destroy data retained, and
require our Data Processors or third parties suppliers to do the same.
7.
Security Measures
Altarius
employs robust technical and organizational measures to ensure the security and
integrity of your personal data. These measures include encryption protocols,
regular system audits, and access controls. While all reasonable efforts are
made to protect your information, no method of data transmission or storage is
entirely secure, and absolute security cannot be guaranteed. Should we face a
security breach we will inform you, and take all reasonable steps to mitigate
any negative impact it may have on your Data.
8.
Links to Third-Party Websites
Our website may
contain links to external websites for your convenience. Altarius assumes no
responsibility for the privacy practices or content of these external sites. We
encourage you to review the privacy policies of any websites you visit.
9.
Your GDPR Rights
As a data
subject, you possess a range of rights under GDPR. These include the right to
access your personal data and to rectify inaccuracies or incomplete
information. You may also request the erasure of your data, exercise your right
to restrict processing under specified circumstances, or object to data
processing based on legitimate interests or for direct marketing purposes.
Furthermore, you are entitled to request the transfer of your data to another
controller in a structured, commonly used, and machine-readable format. Where
processing is based on consent, you retain the right to withdraw that consent
at any time without affecting the lawfulness of prior processing.
9.1.
Right of Access
You are
entitled to request a copy of the information we hold about you, and the third
parties with whom we are processing it.
9.2.
Right of Ratification
You are
entitled to request incomplete or incorrect information we hold about you to be
corrected and updated.
9.3.
Right to be forgotten
You are
entitled to have all data we hold about you deleted, and any processing halted,
in case you object to the processing of data.
9.4.
Right of objection
Where we are
processing your data based on legitimate interest, you are entitled to request
such processing to be halted, and data held to be removed or having its
processing restricted.
9.5.
Right of restriction
You have the
right to restrict an processing of your data.
9.6.
Right of transfer
You have the
right to request your data to be transferred to another party.
9.7.
Right of objection to automated decision making
You have the
right to contest any automated decision making and request human intervention.
10.
How to exercise your Rights
To exercise any of the rights above,
or to contact Altarius in relation to any issues related to Data protection,
please use the email address:
dataprotection@altariuscapital.com
Please note
that whilst we take all reasonable steps to ensure a fair an unimpeded exercise
of rights, we will always act within Applicable Law, meaning that you may not
be able to fully exercise all the rights on section 9, namely where such
disclosure would:
(a)
Violate Applicable Law; or
(b)
Prove to be impossible or requires disproportionate effort on our part,
provided that we, as Data Controller, take appropriate steps to protect your
rights as Data Subject.
11.
Updates to This Privacy Policy
This Privacy Notice
may be amended periodically to reflect changes in legal requirements or our
data processing practices. Any material changes will be communicated
prominently on our website, and where applicable, you may be notified directly.
You are encouraged to review this document regularly to stay informed.