Introduction
You will hopefully be very familiar with the General Data Protection Regulation or GDPR as it is more commonly referred to. Nevertheless, we would strongly encourage you to read this privacy and cookie policy (“this Policy”) and to be familiar with its contents. It explains how Abans Global collects, uses and shares the information you provide to us and the information we collect about you in the course of operating our business (we refer to this as “Personal Data”). It also sets out how we use cookies on our website and in our communications with you.
In this Policy, references to abans global or “we”, “us”, or “our” are references to Abans Global. Our registered office is at 3rd Floor,
19 Gerrard Street, London. W1D 6JG. Abans Global is authorised and regulated by the Financial Conduct Authority with reference number: 950964. We are registered with the Information Commissioner’s Office (“ICO”).
The Types of Personal Data We Process?
Expanding on what we have said above, Personal Data is any information that can be used to identify you or that can be linked to you and which we have in our possession or control. Due to the nature of the services we provide, the types of personal data we process can be exceptionally varied. It may include:
The information you provide to us
- Personal details (e.g. your name, date of birth, gender and employment details)
- Contact details (e.g. your address, email, landline number and mobile number)
- Information about your identity (e.g. your nationality, passport information, drivers licence and National Insurance number)
- Your bank details (e.g. your account name, number and sort code)
- Details of other trades you may have with other foreign exchange providers and which you provide us with or input into our system for comparison purposes.
Information we collect about you
- Transactional information (e.g. details about your accounts, trades executed by you, payments made to and from your accounts but also information in relation to suspicious and unusual activities)
- Communication records (e.g. emails and records of telephone conversations)
- Publicly available information (e.g. information made available on websites such as Linkedin)
- Information from investigatory agencies (e.g. anti-money laundering reports, credit reports, external intelligence reports and other due diligence reports)
- Risk rating information (e.g. credit risk rating and transactional behaviour)
- Information gathered when you visit our websites. (For more information on this, please see our Cookie Policy below).
In some very limited circumstances, we may collect and/or process special categories of Personal Data. This could include information about your health, racial or ethnic origin, religious, philosophical or political beliefs, trade union membership, sex life or sexual orientation, genetic information or biometric data. In such circumstances, we take particular care to only process such data in accordance with strict legal parameters.
How We Collect Personal Data?
At various different stages in our interaction with you or in relation to our dealings with you, we may collect Personal Data. These can include:
- When you register with us online, subscribe to our services, fill in forms (whether physically or on our website), by corresponding with us (by telephone or email), or in any documents you provide us with
- From cookies on our website (please see out Cookie Policy)
- From feedback provided by you in relation to our services and/or website
- From various third parties including
- Our partners (e.g. individuals or companies who introduce you to us)
- Our clients (e.g. if you are a third party payee and we are making a payment to you)
- Credit reference agencies (e.g. Equifax and Experian)
- Fraud prevention agencies (g. Cifas)
- Identity verification agencies (g. GBGroup)
- Government and law enforcement agencies (e.g. Companies House, HMRC and NCA)
How We Use Personal Data?
We use it to:
- Provide foreign exchange and related services to you or our client
- Engage in marketing and business development activity in relation to our services
- Discharge our legal and regulatory obligations
- Establish, exercise or defend our legal rights or for the purpose of legal proceedings
- Record and monitor your use of our websites or our other online services for business purposes which may include analysis of usage, measurement of site performance and generation of marketing reports
- Share with our professional advisors
- Share with a prospective buyer or seller in the event that we buy or sell any business or assets, or substantially all of our assets are acquired by a third party
- Undertake legitimate business interests, such as business research and analysis, managing the operation of our websites and our business
- Look into any complaints or queries you may have
- Prevent and respond to actual or potential fraud or illegal activities
We should also mention that we may, at times, collate, process and share any statistics based on an aggregation of information held by us provided that neither you nor any individual is identified from the resulting analysis and the collation, processing and dissemination of such information is permitted by law.
The basis for Processing Personal Data?
Now for the legal bit. We will only process your Personal Data where we have a lawful basis for doing so. Our lawful basis will be one of more or the following:
- Consent – if we have obtained your consent to use your Personal Data. You can withdraw your consent by contacting us at any time
- Performance of a contract – we may need to collect and use your Personal Data for the performance of a contract to which you are a party or in order to take steps at your request prior to entering a contract
- Legitimate interest – we may use your Personal Data as is necessary for the purposes of pursuing our legitimate interests (this includes carrying out the business of providing foreign exchange and related services and pursuing our general business interests)
- Compliance with law or regulation – we may use your Personal Data as is necessary to comply with applicable law/regulation
Sharing Information with Third Parties
In providing services to our clients and in complying with our legal obligations, we may share your Personal Data, insofar as we are permitted by law to do so, with the following:
- Third party agents/suppliers or contractors, bound by obligations of confidentiality, in connection with the processing of your Personal Data for the purposes described in this Policy. This may include IT service providers (e.g. providers of software as a service, data room and server providers and communications service providers)
- Third parties relevant to the services we provide which may include our counterparties, other professional advisers, service providers, regulators, authorities, governmental institutions and stock exchanges; and/or
- A designated third party to the extent that we are required by law, regulation or court order to disclose your Personal Data
Third Parties we use
Google Analytics
Google Analytics is a web analytics service provided by Google, Inc (“Google”). Google uses cookies to help us analyze how users use our website. The information generated by the cookie about your use of the website will be transmitted to and stored by Google on servers in the United States. Google will truncate/anonymize the last octet of the IP address for Member States of the European Union as well as for other parties to the Agreement on the European Economic Area. Only in exceptional cases, the full IP address is sent to and shortened by Google servers in the USA. On behalf of our website, Google will use this information for the purpose of evaluating your use of our website and compiling reports. Google will not associate your IP address with any other data held by Google. You may refuse the use of these cookies by selecting the appropriate settings on your browser as discussed in this policy under section 4. However, please note that if you do this, you may not be able to use the full functionality of the website. Furthermore you can prevent Google’s collection and use of data (cookies and IP address) by downloading and installing the browser plug-in available under https://tools.google.com/dlpage/gaoptout?hl=en-GB.
Further information concerning the terms and conditions of use and data privacy can be found at http://www.google.com/analytics/terms/gb.html or at https://policies.google.com/?hl=en&gl=uk.
Google reCAPTCHA
We use “Google reCAPTCHA” (hereinafter “reCAPTCHA”) on our website. This service is provided by Google Inc., 1600 Amphitheater Parkway, Mountain View, CA 94043, USA (“Google”).reCAPTCHA is used to check whether the data submitted through our website forms has been entered by a human or by an automated program / bot. To do this, reCAPTCHA analyzes the behaviour of the website visitor based on various characteristics. For the analysis, reCAPTCHA evaluates various information (e.g. IP address, how long the visitor has been on the website, or mouse movements made by the user). The data collected during the analysis will be forwarded to Google.The reCAPTCHA analyses take place completely in the background. Website visitors are not advised that such an analysis is taking place. Data processing is based on Art. 6 (1) (f) of the GDPR. We, as website operator, have a legitimate interest in protecting our site from fraud.
For more information about Google reCAPTCHA and Google’s privacy policy, please visit the following links: https://www.google.com/intl/de/policies/privacy. https://www.google.com/recaptcha/intro/android.html
For detailed information on the cookies those services use and the purposes for which they are used, please see our Cookie Policy.
Transfers to EEA
We may be required to transfer Personal Data to other countries outside the European Economic Area (“EEA”) (e.g. when reporting to foreign authorities). In these cases, we will ensure our actions comply with the data security standards set out in GDPR. We will also take all reasonable steps to ensure that your Personal Data is stored securely and is not passed on or sold to a third party for marketing purposes.
Where the Personal Data is transferred to and stored at a destination outside the EEA, it may be processed by staff operating outside the EEA who work for one of our suppliers. Such staff may be engaged in, among other things, the provision of support services. By submitting your Personal Data you agree to this transfer, storing or processing. We will take reasonable steps to ensure that your Personal Data is treated securely and in accordance with this Policy.
Transmission and Keeping Your Information Safe
Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted to our website. Any transmission by you of your Personal Data is made at your own risk.
Once we have received your Personal Data, we will use strict procedures and security features, in line with the standards set out in the GDPR, to try to prevent unauthorised access.
How Long We Keep your Information
Whenever we collect your Personal Data, we will only keep it for as long as necessary for the purpose for which it was collected. This will vary and depend principally on:
- The purpose for which we are using your Personal Data. For example, if we collect your Personal Data so that we can provide foreign exchange services to you, we will keep your Personal Data for as long as we continue to do so; and
- Legal obligations – the laws and regulations to which we are subject, set minimum periods for which we have to keep your Personal Data. Again, by way of example, the Money Laundering Regulations 2017 and the Companies Act 2006, required us to hold your Personal Data up to a maximum of 6 years after our business relationship with you ends
In all cases, at the end of the relevant retention period, your Personal Data will either be deleted or anonymised to ensure that it can no longer identify you.
What Are Your Rights?
You have certain rights in relation to your Personal Data and we will use our best endeavours to respect any requests from you to exercise them.
Access:
You may request access to your Personal Data by sending us a Subject Access Request (SAR). Once we have confirmed your identity, we will comply with your SAR free of charge within 30 days, unless we deem the request to be unfounded or excessive. In this case, we will contact you and explain why we have decided not to action your request.
Correction:
You may request that we correct the Personal Data we hold on you when it is incorrect, out of date, or incomplete.
Erasure:
You may request that we destroy, delete or discontinue using your Personal Data when it is no longer necessary for the purpose we originally collected it (subject always to our legal or regulatory right to retain your Personal Data (explained above)).
Restriction:
You may request that we stop processing your Personal Data when you contest its accuracy or the lawfulness of the processing. Withdrawing Consent: Whenever you have given us your consent to use your Personal Data, you have the right to change your mind at any time and withdraw your consent.
Withdrawing Consent:
Whenever you have given us your consent to use your Personal Data, you have the right to change your mind at any time and withdraw your consent.
Legitimate Interests:
In cases where we are processing your information on the basis of our legitimate interest, you can ask us to stop for reasons connected to your individual circumstances. We will do so unless we believe we have a legitimate overriding reason to continue processing your information.
Marketing:
You have the right to stop our use of your information for direct marketing activities. To do so, all you need do is log on to Your Account and reset your marketing preferences.
Submitting a request
You can request to exercise these rights at any time by contacting us at: support@abansglobal.co.uk
To protect the confidentiality of your information, we will always ask you to verify your identity before proceeding with any request you have made. If you have authorised a third party to submit a request on your behalf, we will ask them to prove they have your permission to act.
If we choose not to action your request we will explain to you the reasons for our refusal.
Compliance Director
Abans Global
3rd Floor,
19 Gerrard Street,
London. W1D 6JG.
Email support@abansglobal.co.uk
.