Trade Markets

PRIVACY POLICY

PURPOSE

At NBH Markets EU Ltd (hereafter the “Company”), we are committed to keeping your personal data safe and confidential both online and offline. The protection of privacy and the safeguarding of Clients’ personal and financial information is the Company’s responsibility and highest priority. This Privacy Policy applies to all personal information that we collect through Company’s website whether you are a former, present, or potential client of the Company. The Policy is to be considered in conjunction with our Terms & Conditions, other policies, our terms of legal services, and any other agreement which may be concluded with NBH Markets EU Ltd.

This policy provides information how we collect and process any personal data in accordance with the applicable data protection legislation, including the EU Regulation No. 2016/679 the General Data Protection Regulation (hereinafter GDPR).

It is important that you read this Privacy Policy together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

By accessing the website, and by providing personal and/or confidential information as per the General Data Protection Regulation 2016/679 and as per the Company’s Privacy Policy, the Client hereby gives the consent to such collection, processing, storage and use of personal information by the Company as explained below.

COLLECTION OF PERSONAL DATA

“Personal Data”, refers to any personal information that may be used and collected by the Company either alone or in combination with other information in the course of this business relationship, including through your use of the Company’s website and/or Platform.

Personal Information includes, but is not limited to, a first and last name, ID numbers, financial data (including trading data, deposits, withdrawals, and credit), email and physical addresses, other contact information, tax and financial data such as tax residency information and numbers as well a financial information which is required to establish and maintain client economic profile.

Automatic collection of personal information

The Company collects the following personal data automatically when an individual browses the Company’s website:

  • Technical Data: - Client Internet Protocol (IP) address: An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognise and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis;
  • Operating system information: The type of operating system of the computer from which an individual accesses our website can also be recorded;
  • Cookies: The Company uses cookies to secure Clients’ trading activities and to enhance the performance of the Company’s website. Cookies used by the Company do not contain personal information or other sensitive information; and
  • Information regarding the frequency of visits to our website.

Personal data collected upon registration

When an individual registers as a client of NBH Markets EU Ltd (previously AGM Markets Limited) - (hereafter referred to as a “Client”), the Company collects information required to open a trading account, perform transactions and safeguard the clients’ assets and privacy. In this respect, the Company gathers information from Clients and may, in certain circumstances, gather information from banks and/or credit agencies, and/or other sources which will help the Company to construct the Clients’ profile based on their requirements and preferences in order to provide its services effectively. The information the Company collects includes information required to communicate with and identify its Clients. The Company may also collect certain demographic information, including, birth date, education, occupation, etc. The Company also assesses trading related information.

The following documents will be required when opening a trading account:

  • Proof of identification: certified true copy of international passport with at least 6 (six) months validity.
  • Proof of residence: certified true copy of a valid utility bill (electricity/gas/water/bank

statement) that matches the full name and address as the one provided during the registration

process.

  • Evidence of your credit card or bank details as a proof of deposit.

In addition, the following information may also be collected from individuals who create an account with the Company:

  • Personal information including name, date of birth, email, full permanent addresses, telephone number, identity document, proof of residence, country of residence, details of employment, employment status, financial background, login, and password details, the individual’s current financial circumstances; the individual’s foreign exchange preferences and tolerance to risk; and other matters that are relevant to the services we provide;
  • Information required when subscribing for services such as to receive updates either via email or by posting on portions of the Company’s website only accessible to individuals with accounts; and
  • Any other personal information you may provide to the Company. Additionally, throughout the use of the Company’s services by a client, the Company will gather a set of data related to the details of any and all requests and transactions made by the client through the Company’s platform.

In general the Company collects and process the Personal Data, for any of the following reasons:

  1. To perform its contract with you,
  2. To comply with its legal obligations, including without limitation to the Markets in Financial Instruments Directive II (MIFID II) as amended from time to time, and the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007, No. 188(I)/2007, as amended from time to time (hereby referred to as MiFiD Law) and the Prevention and Suppression of Money Laundering and Terrorist Financing Law of 2007, 2010, 2012, and 2013, as amended from time to time (hereby referred to as Money-Laundering Law), and/or
  3. To safeguard its legitimate interest.

The Client acknowledges that all or part of the data concerning the Client's account and related transactions will be stored by the Company and may be used by the Company in case of dispute between the Client and the Company.

Additionally, the Company reserve the right to disclose information where required by law, regulatory, law enforcement or other government authority in order to protect the company rights and to comply with such legal proceedings. The Company, is regulated by the Cyprus Securities and Exchange Commission and takes all the necessary steps to comply with FATCA according to the intergovernmental agreement between Cyprus and United States. The clients are knowledgeable and accept that the company should report in case of a relation to the United States of a reportable person according to the requirements of FATCA.

LEGAL BASIS FOR PROCESSING PERSONAL DATA

Under EU data protection law, there must be a lawful basis for all processing of personal data (unless an exemption or derogation applies). We rely on:

Contractual necessity: Processing is necessary for the performance of a contract with the data subject or to take steps to enter into a contract to conduct regulated activities, when processing is necessary for the entry into, or performance of contract with the data subject or in order to take steps at this or her request prior to the entry into a contract.

Compliance with legal obligations: Processing is necessary for compliance with our legal obligation. NBH Markets EU Ltd has the necessity for compliance with a legal obligation.

Legitimate interest: Data will only be processed where it is necessary for the purposes of the legitimate interests pursued by NBH Markets EU Ltd, and these interests or fundamental rights are not overridden by the interests, rights and freedoms of the data subject and that the processing would not cause unwarranted harm. For instance, it is a legitimate interest of NBH Markets EU Ltd to process personal data on data subjects in order to expand the business, develop new business relations prevention of fraud, maintaining the security of our systems if/when necessary, enhancing, modifying or improving our services. The data subject must be given information on the specific legitimate interest if a processing is based on this provision.

USE OF PERSONAL DATA COLLECTED

The Company uses Clients’ personal information only as required to provide quality service and security to its Clients. This information helps the Company to improve its services, customize browsing experience and enables it to inform its Clients of additional products, services or promotions relevant to Clients and in this respect the Clients are required to provide their consent in regard to the usage of this data for such purposes.

Specifically, the personal data and information gathered as per Clause 3 may be used for the following purposes:

  • to enter into a contractual relationship with Clients;
  • to ensure compliance with our Terms & Conditions and our relevant policies;
  • to comply with anti-money laundering laws regulations such as the Prevention and Suppression of Money laundering Activities Law and the Directives of the Cyprus Securities and Exchange Commission for the prevention of money laundering and terrorist financing. Specifically, The Company’s internal money laundering compliance officer may have access to Clients Personal Data under his continuous obligation to monitor and investigate all suspicions transactions;
  • to assess the appropriateness of a certain financial instrument, request or transaction. For these purposes, the Company may consider the following matters: the Client’s level

and field of education, employment, professional experience and investment background;

  • to categorize clients as either a retail client, professional client and/or other eligible counterparty (as these are defined in the Client Categorisation Policy);
  • to establish appropriateness for leverage calculations in accordance with the Leverage Policy;
  • for marketing purposes;
  • for statistical purposes; and
  • to improve the quality of our services and develop new ones;

In regards to points above, for any reason should the client not consent to receive information of this nature, the client can inform us accordingly by contacting the Company on the contact details provided by the Company on its Terms and Conditions or at the following address: support@trademarkets.eu or dpo@trademarkets.eu

Who we share your personal information with?

We will not rent or sell your information to third parties outside of NBH Markets EU Ltd without your consent. We also impose strict restrictions on how our processors can use and disclose the data we provide. Here are the types of third parties we share information with:

  • Service providers and other partners: We transfer information to service providers (processors), and other partners who globally support our business, such as providing technical infrastructure services, trading platforms analysing how our Services are used such as measuring the effectiveness of ads and services, providing client service and support, client on-boarding, client identify verification, including PEPs and sanctions, conducting marketing communications and design, services related to our website management, services related to software and business development services.

    We may need to transfer personal data to recipients outside the European Union; these activities can include dealings with foreign public entities (only when necessary and under request), the outsourcing of services to external providers located outside the EU and/or processing the data outside the EU (i.e cloud computing, client identity verification and individuals from outside the EEA accessing to our web-services).

  • Measurement and Analytics Services: Partners who use our analytics services like Google Analytics (Non-Personally Identifiable Information Only). We do not share information that personally identifies you (personally identifiable information is information like name or email address that can by itself be used to contact you or identifies who you are) with advertising, measurement or analytics partners.

NBH Markets EU Ltd does extensive due diligence before choosing processors assuring that they provide sufficient safeguards, in particular in terms of expert knowledge, data governance, data security, cyber resilience, reliability and resources to implement technical and organisational measures in such a manner that processing will meet the requirements of General Data Regulation and ensure the protection of the rights of the data subject.

The adherence of the processor to a SLA Contract is used as an element to demonstrate compliance with the obligations of the controller. The carrying-out of processing by our processor it is governed by a contract other legal act under Union or Member State law, binding the processor to the controller. This data sharing with our processor enables us to proceed with our regulated activities and duties to KYC in order to meet our regulatory obligations relating to assess the appropriateness of our products and services, provide support to clients, etc. Some of those third party recipients (processors) may be based outside the European Economic Area; if the third party recipient is located outside the EU/EEA in a country not ensuring an adequate level of data protection, the transfer will only be completed if a written agreement has been entered into between NBH Markets EU Ltd icand the third party.

The written agreement shall be based on the Standard Contractual Clauses approved by the European Commission (and any updated versions). — for further information including on how we safeguard your personal data when these cases occur, see paragraph ‘Transfer of your information out of the EEA We will share personal information with law enforcement or other authorities if required by applicable law.

What happens in the event of a change of control?

If we sell or otherwise transfer part or the whole of NBH Markets EU Ltd or our assets to another organization (e.g., in the course of a transaction like a merger, acquisition, bankruptcy, dissolution, liquidation), your information such as name and email address and any other information collected through the Service may be among the items sold or transferred. You will continue to own your User Content. The buyer or transferee will have to honour the commitments we have made in this Privacy Policy.

CONSENT

The Company is committed to protecting your Personal Data. All Personal Data that we collect through the Company’s website and/or by other means, is processed in accordance with the

Applicable Regulations. By entering and/or using the Company’s website and/or platform, the Client hereby consents to Company’s Access and Use of the Website, and this Privacy Policy.

By entering and/or using the Company’s website and/or by accepting this Privacy Policy and/or the Company’s Term and Conditions and other policies and/or entering into an Agreement with the Company, the Client expressly agrees and consents the following:

  1. Unless the Client has expressly instructed otherwise, the Company will have the right to use such Personal Data, excluding the client’s sensitive Personal Data to remotely promote its services provided by the Company and/or other Affiliated Companies.
  2. The Client has the right to update or refuse any further processing of the Cline Personal Data, subject to the General Data Protection Regulation, however, the Client understands that the Company will not be in the position to provide the Client with its services and/or the Company may retain the Client’s Personal Data subject to Applicable Regulations.
  3. The Company may contact the Client for marketing and promotion communication, uncles the Client exercises the right to opt out.
  4. The aforementioned reasons will apply to both, current Clients of the Company as well as to prospective, irrespective of whether their account has been approved or not.

DISCLOSURE OF INFORMATION

Under the Company’s Terms and Conditions, other policies and Agreement between the Client and the Company, NBH Markets EU Ltd has the obligation to disclosure Client’s information in certain cases, including:

  1. Where requested the Company’s regulator, the Cyprus Securities and Exchange Commission or any other regulatory authority.
  2. Where required by law or a court.
  3. Where required in order for the Company to defend or exercise its legal rights to any court or Ombudsman or governmental authority.
  4. To Company’s affiliates: The Company may share information with affiliates in the event such information is reasonably required by such affiliate in order to provide the products or services to its Clients. These may include affiliates to which the Company’s delegates the following functions and activities: Internal auditors, External auditors, Legal support and Finance and accounting.
    The dissemination of personal information as described above shall be based on need-to-know principle. The Company may share information with partners, affiliates and associates in order to offer additional similar products and services that meet Clients’ needs and which are delivered in a manner that is useful and relevant only where Clients have authorized the Company to do so. In such cases, the relevant professionals are informed about the confidential nature of such information and commit to the confidentiality obligations. The Company does not sell, license, lease or otherwise disclose Clients’ personal information to third parties, except as described in this Privacy Policy.
  5. To Company’s non-affiliated third parties: The Company may share personal data to non-affiliated third parties in a non-identifiable form, ie. the individual to whom the data belongs cannot be identified and/or the data has been anonymised.
    • For marketing purposes: The Company may share website usage statistics with reputable advertising companies and with its affiliated marketing companies. It is noted that the information collected by such advertising companies is not personally identifiable.
    • To administer and improve the Company’s web site, the Company may use third parties to track and analyse usage and statistical volume information. The third party may use cookies to track behaviour and may set cookies on behalf of the Company. These cookies do not contain any personally identifiable information.
    • The Company reserves the right to disclose personal information to third parties where required by law, regulatory and other government authority. The Company may also disclose information as necessary to credit reporting or collection agencies as reasonably required in order to provide the services to its Clients.
    • In addition, the Company may engage third parties to help carry out certain internal functions such as account processing, fulfilment, Client service, Client satisfaction surveys or other data collection activities relevant to its business. Use of the shared information is strictly limited to the performance of the above and is not permitted for any other purpose.

All third parties with which the Company shares personal information are required to protect such personal information in accordance with all relevant legislation and in a manner similar to the way the Company protects the same. The Company will not share personal information with third parties which it considers will not provide its Clients the required level of protection. In cases, where Clients have been introduced by a Business Introducer, such Business Introducer may have access to Clients’ information. Hence, Clients hereby consent to the sharing of information with such Business Introducer.

DATA RETENTION

We can only keep the data we collect from you for so long as it is necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements

Accordingly, your Personal Data will be retained in accordance with the appropriate retention period for each category of data. Those periods are based on the requirements of applicable data protection laws and the purpose for which the information is collected and used, taking into account legal and regulatory requirements to retain the information for a minimum period, limitation periods for taking legal action, good practice and the Company’s business purposes. Any personal information stored by the Company may be extracted upon request.

Subject to Applicable Regulation, the Company will keep your data including personal data, trading information, communications, call recordings and anything else which relates to the Client for a minimum period of 5 (five) years from the date of termination of the business relationship with Client. The data storage period may be extended from 5 years to 7 years upon the request of the competent authority (regulator of the Company’s licensed activities). The data storage period may be extended from 5 years to 7 years upon the request of the competent authority (regulator of the Company’s licensed activities).

for at least 5 five years after termination of the business relationship with the Company shall review the collection, storage, and processing practices, including physical security measures, to prevent unauthorized access to our systems.

Certain information may be retained for extended period of time for specific business or legal requirements including for security, fraud and abuse prevention, financial record-keeping and compliance.

YOUR RIGHTS IN RELATION TO YOUR PERSONAL DATA

Regardless of the above, your personal data belongs to you. Accordingly, please note that you are always entitled to request details of the information the Company holds about you and how it is processed. We will respond to requests for personal data and, where applicable, will correct, amend or delete your personal data. Under certain circumstances, you have rights in accordance with the provisions of GDPR and the applicable local legislation as amended from time to time. We advise you to contact the Company with regards to your request/rights. Some of the rights can be considered complex and include exemptions.

  • Fair processing of information and transparency over how we use your use personal information;
  • The right to access personal data: via a Subject Access Request. Your request should be made in writing to support@trademarkets.eu. We may ask you for proof of identity before providing you with the data. There is usually no charge for such requests, however in limited circumstances we may be able to charge an administrative fee (and we will inform you in response to your request if that is the case).
  • The right to request that your personal data is corrected if it is found to be inaccurate: require us to correct any mistakes in your information which we hold.
  • The right to request that your personal data is erased where it is no longer necessary. In some circumstances this right may not apply e.g. if there is some other compelling reason for us to keep or process your data (and we will inform you in response to your request if that is the case).
  • Right to data portability: to receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to a third party (another controller) in certain situations.
  • The right to withdraw consent to processing at any time, where relevant i.e. where we are relying on your consent to process the data and not another legal reason for processing.
  • The right to object at any time to processing of personal information concerning you for direct marketing.
  • The right not to be subject to a decision which is based solely on automated processing, including profiling which produces legal effects concerning them or significantly affects them.
  • The right to object in certain other situations to our continued processing of your personal information.
  • Otherwise restrict our processing of your personal information in certain circumstance.

You also have the right to lodge a complaint in relation to the Company’s processing of your Personal Data with a local supervisory authority. Our aim is to use your Personal Data only as directed and to keep our information about you as accurate as possible. We strive to ensure that your Personal Data we hold is accurate and up to date.

If you have any enquiries about the Company’s use of the Client Personal Data, please contact Company’s Customer Support Department at support@trademarkets.eu or dpo@trademarkets.eu.

If you are unsatisfied with the Company’s response, you have the right to maintain a complaint with the supervisory authority for data protection matters in Cyprus, the Commission for Personal Data (“CPA”) at commissioner@dataprotection.gov.cy or telephone at +35722818456. Address: 1, Iasonos Str. 2nd Floor, 1082 Nicosia, Cyprus P.O. BOX 23378, 1682 Nicosia.

CLIENT OBLIGATION

The Company is required to obtain and maintain Clients Personal Data under Applicable Regulations. As such, clients are always obligated to provide the Company with accurate and complete information and to update the Company immediately regarding any changes to such

information. If the Client fails to provide the Company with accurate and complete information and Personal Data, the Company may stop providing any services to the Client.

BREACH OF SECURITY

The Company’s information technology department is responsible for ensuring the security of platform and Clients information. The department proceeds with the daily check of the event logs, the status of all hardware and software to detect any issues and to take corrective action and ensures the uninterrupted operation of the Company’s platforms and the minimization of any risk associated with loss of data. For these purposes, the following steps are taken:

  • Frequent backups of system data are performed.
  • Sufficient redundancy is built in hardware to ensure that the risk of interruption from component failure is minimized.
  • Internet connectivity redundancy is arranged.
  • All online real time trading systems are backed up in real time to servers
  • All computers to be password protected.
  • Access to software and different software modules are restricted to specific users.
  • Monitoring that the company’s anti-virus systems are up to date.
  • Implementation of strict Chinese walls policy to ensure there are effective physical and logical barriers in place to prevent the passing of personal information.

All employees of the Company shall be advised to treat personal information with due care and are obliged to safeguard it and use it only for the purposes listed in this Privacy Policy.

Unfortunately, no data transmission can be entirely secured and guaranteed. The Company makes every effort to safeguard your Personal Data and privacy. Notwithstanding any measures we take to protect your Persona Data, we cannot guarantee that: (i) such security measures will prevent our computers from being accessed illegally, and (ii) the Personal Data on them being stolen, misused or altered.

The Company, in accordance with the GDPR, has setup an internal data breach procedure to be followed in the event that any Personal Data is destroyed, lost, altered or if there is unauthorised disclosure of (or access to) Personal Data as a result of a breach of security. Data breaches or leaks which may pose a risk to individuals will be notified to the Office of the Data

Protection Commissioner within seventy-two (72) hours. A breach which is likely to result in a high risk to the rights and freedoms of individuals will also trigger an obligation to notify the holders of the Personal Data directly.

INTERNATIONAL TRANSFERS OF PERSONAL DATA

Your personal data may be sent, stored and/or used in a country outside European Economic Area (EEA) which does not offer the same level of protection as the EEA. When you give us your personal data, you agree to us doing this. We will take all steps reasonably necessary to ensure that your personal data is kept secure and protected in accordance with our legal obligations and standards. If this is not possible, for example because we are required by law to disclose data, we will ensure that the sharing of the data is lawful.

Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA.

RESTRICTION OF RESPONSIBILITY

The Company is not responsible for the privacy policies or the content of sites to which www.trademarkets.eu links and has no control of the use or protection of information provided by the clients or collected by those sites. Whenever a Client elects to link to a co-branded web site or to a linked web site, the client may be asked to provide registration or other personal information. Please note that such information is recorded by a third party and will be governed by the privacy policy of that third party.

DATA RETENTION

Subject to the Applicable Regulations, the Company will only retain your personal data for as long as it reasonably requires it for legal or business purposes which relates to the Clients Personal Data, trading information, communications and anything else which relates to the Client for five (5) years after the termination of the Agreement. The data storage period may be extended from five (5) years to maximum seven (7) years upon the request of the competent authority.

Contacting us about this Policy or making a complaint

If you have any queries about the contents of this Policy, or wish to inform us of a change or correction to your personal data, would like a copy of the data we collect on you, or would like to raise a complaint or comment, please contact us via the Personal Data Requests page on our website. If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can escalate your complaint to the data protection regulator in your jurisdiction.

The Office of the Commissioner for Personal Data Protection, can be contacted at 1 Iasonos str., 1082 Nicosia. Further information is available on the Office of the Commissioner for Personal Data Protection's website at http://www.dataprotection.gov.cy.

National requirements

NBH Markets EU Ltd shall comply with both the GDPR and national data protection legislation. If applicable national legislation requires a higher level of protection for personal data than such policies/guidelines, such stricter requirements are to be complied with. If NBH Markets EU Ltd policies/guidelines are stricter than the local legislation, our policies/guidelines must be complied with.

PRIVACY POLICY UPDATES

The Company may update this Privacy Policy from time to time. In the event that the Company materially changes this Policy including how it collects, processes or uses Clients’ personal information, the revised Privacy Policy will be uploaded on the Company’s website. In this respect, the Clients hereby agree to accept posting of a revised Privacy Policy electronically on the website as the actual notice of the Company to its Clients. Any dispute over the Company’s Privacy Policy is subject to this notice and the Client Agreement. The Company encourages its Clients to periodically review this Privacy Policy so that they are always aware of what information the Company collects, how it uses it and to whom it may disclose it, in accordance with the provisions of this Policy.

If you object to the processing of your Personal Data, or if you have provided your consent to processing and you later choose to withdraw it, the Company will respect that choice.

In case you want to exercise your right to review a copy of, amend or erase the Personal Data The Company holds about you or would like the Company to stop using your Personal Data in the manner in which you approved or if you have any questions about the Company’s use of your Personal Data, please contact the Company as set out below. Please note that even after you have chosen to withdraw your consent, we may be able to continue to process your Personal Data to the extent required or otherwise permitted by law, in particular to comply with any legal, audit, internal and record-keeping requirements.

The Company is committed to protecting your personal data. If you have questions or comments about our administration of your personal data, do not hesitate to contact us at support@trademarkets.eu. or dpo@trademarkets.eu