Introduction

Gold-i Ltd and its subsidiaries is a Software Development company providing software solutions to retail and institutional foreign exchange brokerages globally. Gold-I Ltd acts as a data controller under GDPR and is responsible for collection, storage and use of your personal data. Our Privacy policy explains how we use your personal data, how it is collected, how it is stored & how it is processed. It also explains your rights under the law relating to your personal data.

Our policy applies to all data processing activities carried out by Gold-i Ltd or its subsidiaries in electronic form (through websites or other applications) or where it is held in physical files that are structured in a way that allows ready access to information about individuals.

What is Personal Data?

Personal data is defined by the General Data Protection Regulation as:-
‘any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person’.

What Are Your Rights?

Under GDPR, as a data subject you have the following rights:
a) The right to be informed about the collection and use of your personal data. 
b) The right to access the personal data we hold about you. 
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. 
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to data portability. This means that you can ask us for a copy of your personal data held by us to re-use with another service or business in many cases.
h) Right to object to automated decision-making and profiling (although we do not use your personal data in this way)

For more information about our use of your personal data or if you wish to exercise your rights as outlined above, please contact our GDPR Officer on the following email address: GDPR@gold-i.com
If you have any cause for complaint about our use of your personal data, you also have the right to lodge a complaint with the Information Commissioner’s Office.

Information we collect

We may collect some or all of the following personal data, although this will vary according to whether your relationship with Gold-I is that of a Customer/Business contact or Employee.
• Name;
• Date of birth;
• Address;
• NI number
• Passport number
• Email address;
• Telephone number;
• Business name;
• Job title;
• Profession;
• Payment information;
• Information about your preferences and interests;
In order to provide our products and services, or information about our products and services to a Customer or Business contact, we may collect, store and use your personal data. We may collect your information through several different sources, including but not limited to:
• Website and forms
• Website Live Chat
• CRM system
• Web Help Desk
• Via Phone
• Via Email
• Instant Messenger, such as Skype
• Other Third Party Processors
• Third Party Service Providers
• Existing Clients, Partners, Employees
• Public Authorities

If you are a visitor to any of the websites owned and controlled by Gold-i Ltd, as a potential or existing client, partner, contractor, sub-contractor, or processor, this policy also applies to you and is legally binding in addition to your contract (or agreement) with Gold-i Ltd or its subsidiaries. 

By continuing to use our website or other services offered, you are agreeing to the collection, processing and use of your personal data by Gold-i Ltd.

 
Cookies

Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. This information is used to track visitor use of the website and to compile statistical reports on the website activity.
For further information visit www.aboutcookies.org or www.allaboutcookies.org.
You can set your browser not to accept cookies and the above websites tell you how to remove cookies from your browser. However, in a few cases some of our website features may not function as a result.

Third party links on our website

Our website contains links to other websites that are not operated by us and as such we have no control over, and assume no responsibility for the content, privacy policies or practices of any third party sites or services, as such we would advise you to review the Privacy Policy for these websites.

Marketing

Where permitted by law, we may use your personal data for marketing purposes, which may include contacting you by email/telephone/text message and/or post with information about our products and services and those of other companies that may be of interest to you, in addition to items of news and offers on our products and services. 
You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
If you have consented to receive marketing information previously but decide you no longer wish to, you may opt out at any time by sending us an ‘Opt Out’ email at the following email address: - GDPR@gold-i.com

Disclosure

We may pass your personal data on to companies, organisations or individuals contracted to Gold-i Ltd in the course of dealing with you. We will take steps to ensure that your personal data is handled safely, securely and in accordance with your rights, our obligations, and the third party’s obligations under the law. Any third parties that we may share your data with may only use them to fulfil the service they provide you on our behalf, such as: Gold-i’s subsidiaries and the staff located in our regional support offices such as those assisting with account opening, compliance, other operations, marketing or technical team members; authorised and trained on handling personal information for the provision of back office or other financial services (including payments processing and/or purchase transactions); The processors (individuals or companies) in contract with Gold-i in order to provide technical, 
compliance, regulatory, research, advertising, insurance, recruitment, ancillary services and other administrative services including, but not limited to, liquidity providers, cloud service providers, data centers, regulators, auditors, independent financial advisors and legal representatives; Fund managers, appointed trader, brokers or partners (also known as ‘Introducers’ or ‘Asset Managers’) that have contracts with us and who introduced you to us and/or who you give permission to trade; Taxing authorities, law enforcement agencies or in order to protect our services, products, platforms or other systems; We may also be approached by other processors or third parties to provide KYC documentation in order to fulfil their regulatory obligations or to carry out credit checks under AML, Countering Terrorist Financing and other fraud detection policies for example banks or payment service providers and we may do so under our legitimate interests in order that we comply with the applicable laws. 
In some limited circumstances, we may be legally required to share certain personal data, if we are involved in legal proceedings or complying with legal obligations, a court order, or the instructions of a government authority.
Gold-i will not sell, share with or transfer to third parties any information you provide except as set out in this privacy policy or other related policies. 

Data transfers outside the EEA

We may sometimes contract with third parties, including our subsidiaries (as described above) that are located outside of the European Economic Area (the “EEA” consists of all EU member states, plus Norway, Iceland, and Liechtenstein). If any personal data is transferred to a third party outside of the EEA, we will take suitable steps in order to ensure that your personal data is treated just as safely and securely as it would be within the UK under the GDPR, as explained above.

How do we secure collection, processing and use of personal data? 

We work hard to ensure our data processing activities are secured by following good industry practices, including, but not limited to: 
a. Encrypting data during collection and transfers
b. Restricting user access by roles and responsibilities 
c. Using complicated passwords for processing and storage systems
d. Staff training and awareness 
e. Ensuring all processors and partners understand and comply with the ‘data confidentiality’ requirements through contracts with Gold-i Ltd
f. Making regular data backups 
g. Systematic and secure destruction of unwanted or excessive data or the information (documents and records) that have passed their retention period, where practicably doable 

Our legal basis for processing personal data 

All data collected in accordance with this policy is for the performance of the contract, or to provide other services as requested by you from time to time, and therefore processing your data is in our legitimate interest in order that we comply with the applicable laws. 
Your personal data will be therefore used for one of the following purposes:
• Providing and managing your account
• Supplying our products and/or services to you, your personal details are required for us to enter into a contract with you
• Personalising and tailoring our products and/or services for you
• Communicating with you. This may include responding to emails or calls from you
• Supplying you with information by email that you have opted-in to receive. You may unsubscribe or opt-out at any time by contacting us using the following details: -
For the attention of the GDPR Officer:
Email address: GDPR@gold-i.com
Telephone number: 01483-668940
Postal Address: Acer House, 10 Medawar Road, Surrey Research Park, Guildford, Surrey, 
GU2 7AE
Consent

If Gold-i requires consent in order to provide any service or upon identifying a new purpose for processing, that is not currently stated within this policy, we may contact you to seek consent from you. Furthermore, you may withdraw consent at any time by emailing our GDPR Officer at the following address:-
GDPR@gold-i.com.

Access to your information

Please contact us if you have any questions about our Privacy policy or the personal information we hold about you, including if you wish to make a ‘Subject Access Request’. You can request this information in writing, by email or letter or by completing our ‘Subject Access Request’ form, which is available on request:-
For the attention of the GDPR Officer:
Email address: GDPR@gold-i.com
Telephone number: 01483-668940
Postal Address: Acer House, 10 Medawar Road, Surrey Research Park, Guildford, Surrey, 
GU2 7AE.

We will respond to your subject access request within a 30 day period. Normally, our aim would be to provide a complete response, including a copy of your personal data within a 30 day period. In some cases, particularly if your request is more complex more time may be required, up to a maximum of three months from the date we receive your request. In such circumstances you will you will be kept informed of our progress.

Data accuracy and retention

We are keen to ensure that your personal information is accurate & up to date and to retain it no longer than is necessary for the purpose for which it was obtained.
Ensuring personal data is disposed of when it is no longer needed will help us reduce the risk that personal data will become inaccurate, out of date or irrelevant. You may ask us to correct, add to or remove information that you think is inaccurate.
Your personal data will be kept for the following periods:
Personal data Personal data Period data will be retained
Existing Client Existing Employee On an ongoing basis
Former Client Former Employee For 6 years
Prospective Client Prospective Employee For 6 months

Changes to the Privacy Policy

From time to time we may make changes to our Privacy Policy. Any changes we make, along with the date of those changes, will be made available to you on the privacy section of our website.

Breach Notification

If any breach causes an unauthorised intrusion into our system that may affect you significantly, we will notify you as soon as practically possible and will take all necessary steps in order to avoid any such breaches from recurring.

Complaints

In the event that you wish to make a complaint about how your personal data is being processed by Gold-i (or third parties as described in the disclosure above), or how your complaint has been handled, you have the right to lodge a complaint directly with the supervisory authority, the Information Commissioner’s Office, and Gold-i’s Data Protection Officer: -
For the attention of the Data Protection Officer:
Email address: GDPR@gold-i.com
Telephone number: 01483-668940
Postal Address: Acer House, 10 Medawar Road, Surrey Research Park, Guildford, Surrey, 
GU2 7AE.