Investing should not be a luxury

discover Think Alternative

Privacy Policy

PRIVACY NOTICE

 

February 2025

 

Version 3.0

 

At Altarius we are firmly committed to safeguarding your privacy and maintaining the integrity and confidentiality of your Personal data. You can find information about us, our Services and our legal basis to process your Personal Data in this Privacy Notice. Any capitalized terms not defined here shall have the meaning given to them in our Terms of Use.

 

This Privacy Notice describes our current practices governing the collection, use, storage, and protection of Personal Data (together, the Processing of Personal Data) we obtain from our Users, including visitors to this Website. It further explains your rights as a Data Subject, as defined, and under, on the General Data Protection Regulation (Regulation (EU) 2016/679), hereinafter referred to as “GDPR”, as well as in other equivalent jurisdictions. It furthermore reflects the obligations of the jurisdictions in which we operate, including the jurisdictions of our Affiliated Companies.

 

By accessing and using our Services, including access to, and use of, this Website, you confirm that you have read, understood, and consented to the practices outlined in this Privacy Policy.

 

 

1.     About Altarius

 

This Website and the Services are made available by Altarius. Altarius is the name of the joint Data Controller. Services may vary depending on the entity that is providing them, and are provided based on the legal ability to do so. Please see relevant terms of use for additional information.

 

 

2.     Information We Collect and How We Use It

 

We collect and processes various categories of Personal Data at the start of and for the duration of our relationship with you. Some categories of personal data are kept beyond the termination of our relationship where so required by law. We limit the collection and processing of information to what is necessary to ensure compliance with our legal, regulatory and contractual obligations.  When you access the Website, engage with our services, or when you interact with us via email, social media or other means of contact, we may ask you for the information we need to verify your identity and support the Services provided. This can include a broad range of information, as defined in this section.

 

2.1.         Personal Information

 

Personal information may include full name, home address, age, signature, e-mail address, mobile number, date of birth, nationality, passport number, driver’s license details, national identity card details, photographs, employment information, utility bills, and /or financial information. We may also ask you to provide evidence of your identity such as asking for a copy of your passport or driving license, and proof of residence and/or proof of income. We may furthermore collect additional information from public and private sources, including, but not limited to, available lists of Politically Exposed Persons, Sanctions Lists, Adverse Media using international information aggregators and other platforms for KYC and CDD purposes, as applicable.

 

2.2.         Device Information

 

We may collect and process records of your activity on the Website, and obtain information from third parties on activities you’ve undertaken on their platforms, as applicable.

 

 

 

2.3.         Use of Cookies and tracking technologies

 

Cookies and web beacons are also employed to enhance your browsing experience. Cookies are text files stored on your device, which may be temporary (session cookies) or persistent, remaining until manually deleted or expired. Web beacons are small, invisible files used to track interactions with our website. Visitors retain the ability to manage or disable cookies and web beacons through browser settings or via our cookie consent tool.

 

 

3.     How we process your Personal Data

 

We process your Personal Data based primarily on your consent. We collect Data from you based on your interactions with our Website and/or use of our Services, and your interactions with us via social media or via our communication channels.

 

3.1.         Data Collection

 

We may collect Data during your interactions with us. We may also collect data from publicly available sources, or from third parties, provided it has been lawfully obtained and processed.

 

3.2.         Data Sharing

 

We may share Data with third parties, namely with Data Processors, as per below, to assist us providing the Services to you, and/or discharging our legal and contractual obligations. In addition, we may share your Personal Data with regulators, law enforcement agencies, government agencies, courts, tribunals and other public entities. We may, provided we have the right safeguards in place, share your data with auditors, consultants, whether internal or external, and, in the event of a corporate event such as corporate acquisition, sale or merger, we may share some or all Personal Data with third parties, for lawful purposes. In addition, we may share your data with any novating entities and entities affiliated with Altarius without limitation. We will not share your data for marketing purposes without your clear and specific consent. In addition, we may share your Data (i) with our affiliated companies and entities, (ii) with third parties for the provision of ancillary services, or support services, such as software providers and servers.

 

3.3.         Data Processors

 

We use Data Processors to help us discharge certain obligations, such as (i) complying with our due diligence and anti-money laundering legal requirements, (ii) process your requests and support, (iii) store your Personal Data (section 7), and (iv) comply with our contractual obligations. We take all reasonable steps to ensure that our Data Processors comply with the Applicable Law, or, at least, with a legal regime similar to the EU GDPR, and have effective measures and practices in place to prevent any unlawful use or access to your Data. 

 

3.4.         Data Transfers Outside the EEA

 

Should the processing of personal data involve transfers outside the European Economic Area (EEA), ALTARIUS ensures that appropriate safeguards are in place. These safeguards may include Standard Contractual Clauses approved by the European Commission or reliance on adequacy decisions confirming that the recipient country offers an equivalent level of data protection. Detailed information on these measures is available upon request.

 

 

4.     Why we process your Personal Data

 

We process your Personal Data to:

 

(a)     Provide you with information on our Services;

(b)     Provide you with our Services, as the case may be;

(c)     verify your identity and carry out checks that we are required to conduct by applicable laws and regulations, including without limitation, “know your customer”, anti-money laundering, transactions, fraud, sanctions and politically exposed person checks;

(d)     contact you on matters related to your queries;

(e)     provide you with notices related to the Services, general updates, market updates and other marketing materials, including, the Services offered by us, it being understood that we will give you the option of electing not to receive communications and you can unsubscribe at any time by notifying us that you wish to do so; 

 

We may, from time to time, process your Personal Data for reasons other than this section 4, provided this is done with a lawful basis and does not harm your Data Protection rights. We will notify you in the event of any material changes to this processing and give you the option to oppose such processes, in the terms of this Notice.

 

 

5.     Lawful basis for processing your Personal Data

 

In accordance with Applicable Law, Personal Data must be processed lawfully, fairly and in a transparent manner in relation to the Data Subject (‘lawfulness, fairness and transparency’). It must be collected for specific and legitimate purposes, and be processed in a manner that is consistent with those purposes.

 

5.1.         Consent

 

We will very likely rely on your consent to process your Personal Data. Your consent must be freely given, and the processing of your Personal Data based on consent is limited to the matters to which you gave consent to. By accessing our Services or interacting with us, you give consent to our process your Data for the purposes of providing such Services, including any contractual and pre contractual information.

 

5.2.         Compliance with Laws and Regulations

 

We may also process your Data base on legal obligations, irrespective of your consent. We have an obligation to identify you and comply with certain rules and regulations related to money laundering, terrorist funding, proliferation funding and sanctions management, as well as undertaking identify verification, and source of funds and source of wealth confirmation, as applicable. In addition, we may flag any suspicious activities to the relevant law enforcement agencies, which don’t require consent and may be done based on legal obligation. 

 

5.3.         Performance of a Contract

 

In the event you enter into an Agreement with us, we may process your Data based on a requirement to deliver and comply with our obligations of that contract. 

 

5.4.         Legitimate Interest  

 

We may also process your personal data where it is in our legitimate interest (or the interests of a third party) to do so, provided that those interests override your interests or fundamental rights or freedoms. There may be cases where your interests and fundamental rights could override our legitimate interests. This may happen in cases where personal data are processed in circumstances where you do not reasonably expect further processing. We will always need to (1) identify a legitimate interest (2) show that processing is necessary to achieve it; and (2) balance it against your interests, rights, and freedoms. Some non-exhaustive examples of situations where we may seek to pursue legitimate interests include (4) marketing purposes, (5) defense of legal claims, (6) or to prevent fraud.

 

 

 

6.     Data Retention

 

Personal data is retained only for as long as necessary to fulfill the purposes for which it was collected, in compliance with GDPR. For inquiries, data is retained for a maximum of two years unless ongoing communication necessitates extended retention. Data collected for marketing purposes is retained until you withdraw your consent. Data used for statistical and analytical purposes, including IP addresses, is retained for up to 12 months. Upon expiration of the retention period, data is securely deleted or anonymized for non-identifiable use. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements. At the end of the retention period, we will securely delete or destroy data retained, and require our Data Processors or third parties suppliers to do the same. 

 

 

7.     Security Measures

 

Altarius employs robust technical and organizational measures to ensure the security and integrity of your personal data. These measures include encryption protocols, regular system audits, and access controls. While all reasonable efforts are made to protect your information, no method of data transmission or storage is entirely secure, and absolute security cannot be guaranteed. Should we face a security breach we will inform you, and take all reasonable steps to mitigate any negative impact it may have on your Data.

 

 

8.     Links to Third-Party Websites

 

Our website may contain links to external websites for your convenience. Altarius assumes no responsibility for the privacy practices or content of these external sites. We encourage you to review the privacy policies of any websites you visit.

 

 

9.     Your GDPR Rights

 

As a data subject, you possess a range of rights under GDPR. These include the right to access your personal data and to rectify inaccuracies or incomplete information. You may also request the erasure of your data, exercise your right to restrict processing under specified circumstances, or object to data processing based on legitimate interests or for direct marketing purposes. Furthermore, you are entitled to request the transfer of your data to another controller in a structured, commonly used, and machine-readable format. Where processing is based on consent, you retain the right to withdraw that consent at any time without affecting the lawfulness of prior processing.

 

9.1.         Right of Access

 

You are entitled to request a copy of the information we hold about you, and the third parties with whom we are processing it. 

 

9.2.         Right of Ratification

 

You are entitled to request incomplete or incorrect information we hold about you to be corrected and updated.

 

9.3.         Right to be forgotten

 

You are entitled to have all data we hold about you deleted, and any processing halted, in case you object to the processing of data. 

 

9.4.         Right of objection

 

Where we are processing your data based on legitimate interest, you are entitled to request such processing to be halted, and data held to be removed or having its processing restricted. 

 

9.5.         Right of restriction

 

You have the right to restrict an processing of your data.

 

9.6.         Right of transfer

 

You have the right to request your data to be transferred to another party.

 

9.7.         Right of objection to automated decision making

 

You have the right to contest any automated decision making and request human intervention.

 

 

10.   How to exercise your Rights

 

To exercise any of the rights above, or to contact Altarius in relation to any issues related to Data protection, please use the email address:

 

dataprotection@altariuscapital.com

 

Please note that whilst we take all reasonable steps to ensure a fair an unimpeded exercise of rights, we will always act within Applicable Law, meaning that you may not be able to fully exercise all the rights on section 9, namely where such disclosure would:  

 

(a)     Violate Applicable Law; or

(b)     Prove to be impossible or requires disproportionate effort on our part, provided that we, as Data Controller, take appropriate steps to protect your rights as Data Subject.  

 

 

11.   Updates to This Privacy Policy

 

This Privacy Notice may be amended periodically to reflect changes in legal requirements or our data processing practices. Any material changes will be communicated prominently on our website, and where applicable, you may be notified directly. You are encouraged to review this document regularly to stay informed.