This Policy also specifies the point of contact within the Firm where requests regarding an individual’s personal data and/or complaints about the Firm’s handling of personal data can be directed and requests for information about how the Firm is held accountable for safeguarding any personal data, should it be stored or transferred by the Firm, will be handled.
I. HOW WE RECEIVE PERSONAL DATA & TYPES OF PERSONAL DATA COLLECTED
A. Ways in which We Receive Personal Data
The personal data we collect includes data you provide to us voluntarily, when visiting our website, in the course of completing account opening applications (whether written or electronic) or the ongoing provision of our services to you, including:
- Through our website (www.ctsfutures.com, www.*.t4login.com/register) (the “Websites”), including, without limitation, your requests for information, trials, demonstrations or subscriptions to our blogs through the functionality of the Websites;
- In communications with our clients or potential clients, whether through written communication, email, text, telephone, or other electronic messages between an individual or his/her employer or business and the Firm; and
- From our third-party providers and other business partners (including, without limitation, our marketing consultants).
B. Types of Personal Data
Your personal data that may be collected or processed by the Firm includes:
- first and last names;
- address and past addresses;
- phone number;
- email address;
- date of birth and/or age;
- credit card information;
- IP address;
- work experience, including job titles, company names, and dates of employment;
- veteran status;
- financial information, such as that which could be used to process invoices and payments; and
- any other information that might be used to identify you by another person.
II. COOKIES AND OTHER TRACKING TECHNOLOGIES
As you navigate through and/or interact with our Websites, we may use automatic data collection technologies to collect certain information about your equipment, browsing actions and patterns. One of these tracking technologies is cookies which are small text files placed on your device and are commonly used on the internet.
Our Websites are not intended for children under 18 years of age. No one under age 18 may provide any information to or on the Websites. We do not knowingly collect personal data from children under 18. If you are under 18, do not use or provide any information on these Websites or on or through any of its features/register on the Websites, make any purchases through the Websites, use any of the interactive or public comment features of these Websites or provide any information about yourself to us, including your name, address, telephone number, email address, or any screen name or user name you may use. If we learn we have collected or received personal data from a child under 18 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 18, please contact us at [email protected].
IV. DATA INTEGRITY AND PURPOSE LIMITATION (USES OF PERSONAL DATA)
We collect, use, disclose, transfer and store your personal data when needed to conduct our business and to provide you with the best possible services and experience.
The Firm, generally, processes personal data for the purposes of (i) counseling clients and providing software solutions, technical and customer support and sending you important account, subscription and service data, in order to perform our contractual obligations and/or (ii) promoting the Firm in its marketplaces. If you are a resident of the European Economic Area (the “EEA”) we shall send you marketing and offers via email communication where we have your permission to do so. In case you don’t want to receive such communication from us in the future, please use the unsubscribe link within the email.
We may also use personal data to allow individuals access to files and computer systems that are provided as part of our services or in connection with our business development, marketing, and accounting activities. Additionally, personal data may be utilized to carry out our obligations and enforce our rights arising from any contracts entered into between you and us, including for billing and collection purposes or to notify you of any changes to our business, our Websites or any of our services.
Moreover, We may also collect and use your non-personal, anonymised information for statistical purposes and analysis and to help us provide a better service.
V. OUR LEGAL OBLIGATIONS
We may be required to retain and use personal data to meet our internal and external audit requirements, for data security purposes and as we believe necessary or appropriate: (a) to comply with our obligations under applicable law and regulations, which may include laws and regulations outside your country of residence; (b) to respond to requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include such authorities outside your country of residence; (c) to monitor compliance with and enforce our trading platform terms and conditions; or (d) to protect our rights, privacy, safety, property, or those of other persons. We are also required to use and retain personal data after you have closed your account for legal, regulatory and compliance reasons, such as the prevention, detection or investigation of a crime, loss prevention, or fraud prevention.
VI. CONTROLLING YOUR PERSONAL DATA
In the provision of software services, the Firm is acting as a data processor of client-controlled data. We may be a data controller with regard to personal data collected through our Websites. We respect your rights to control your personal data and will facilitate the execution of your rights in accordance with applicable law, as specified below.
A. EEA/UK residents only:
As per the General Data Protection Regulation (“GDPR”), we respect your right to access and control your personal data. We will respond to requests for personal data and, where applicable, will correct, amend, or delete your personal data.
(1) Access to personal data: We will give you access to your personal data (including a copy of it) on request, unless any relevant legal requirements prevent us from doing so or where other exemptions apply. Before providing access to you, we will ask you to prove your identity and give us sufficient information about your interaction with us so that we can locate any relevant data.
(2) Correction and deletion: You have the right to correct or amend your personal data if it is inaccurate or requires updating. You may also have the right to request us to delete your personal data. If you request that we delete your personal data this will result in the automatic closure of your account and we will remove your personal data from active processing. However, we will be required to maintain your personal data to comply with our legal and regulatory requirements including, but not limited to, our record retention requirements.
(3) Restrict processing: You have the right to control the use of your personal data for marketing purposes. In some other certain circumstances you can ask us to stop processing your personal data. However, this may result in us being unable to continue to provide you with access to the trading platform.
We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your personal data, and for any additional copies of the personal data you request from us.
If you are an EEA/UK resident and wish to exercise any of the above-mentioned rights, please contact us via email to [email protected].
B. California residents only:
California Civil Code Section § 1798.83 permits users of our Website that are California residents to request certain information regarding our disclosure of personal data to third parties for their direct marketing purposes. To make such a request, please contact our Privacy Team and the Data Protection Officer by emailing [email protected] or by mail to 2 Pierce Place, Suite 200, Itasca, IL 60143.
VII. DATA SECURITY
We are committed to safeguarding and protecting personal data and will implement and maintain appropriate technical and organizational security measures to ensure a level of security appropriate to protect any personal data provided to us from accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or access to personal data transmitted, stored or otherwise processed, which include, inter alia:
- Physical and logical access controls that limit who can access personal data based on business/processing need;
- Our employees are bound by confidentiality obligations; and
- Data Protection and Privacy Incident Response Team to handle all personal data incidents or issues, including, without limitation, individual requests related to his/her personal data processed by the Firm.
Nevertheless please mind that information transmitted on the Internet and/or stored on systems attached to the Internet is not 100% secure. As a result, we do not ensure, warrant or guarantee the security or integrity of such information.
VIII. ACCOUNTABILITY FOR ONWARD TRANSFER
We share or disclose your personal data when necessary to provide services or conduct our business operations as described below. When we share personal data, we do so in accordance with applicable data privacy laws and our internal security standards.
Below are the parties with whom we may share personal data and why.
- Affiliated Companies – The Firm may share personal data about our current and former clients with our affiliated companies for complying with regulatory obligations, the provision of services, account administration, sales and marketing, and customer and technical support. All of our employees and contractors are required to follow our data privacy and security policies when handling personal data. We may process personal data in connection with the website and trading platform in the following locations: United States, Bulgaria, Ukraine, and Israel.
- Unaffiliated Companies (third-party service providers) – We partner with and are supported by service providers. We may make personal data available to our service providers only when necessary to fulfill the services they provide to us, such as software, system and platform support; direct marketing services; cloud hosting services; advertising; data analytics; and order fulfillment and delivery. If the Firm transfers personal data to a third party, the recipient will maintain the same level of protection as required of the Firm. In addition, all third-party service providers engaged by the Firm are bound by contract to refrain from using any personal data for any purpose other than the provision of the given service for the Firm.
- Third parties for legal reasons – In addition to disclosures described above, we may also disclose or transfer personal data to third parties when you ask us to do so or when we believe it is required by law, such as:
- To comply with legal obligations and respond to requests from competent government agencies, including law enforcement and other administrative public authorities, which may include such authorities outside of your country of residence.
- To comply with an order of a competent court, and which may include competent courts outside of your country of residence.
- In connection with, or during negotiations of, any merger, acquisition, spin-off, sale of company assets, subsidiary, any financing or any similar transaction (including in connection with any bankruptcy or similar proceedings). We may also disclose personal data to third parties in order to prevent damage or harm to us, our services or any person or property, if we believe that disclosure is required by law (including to meet national security or law enforcement requirements), or in response to a lawful request by any public or governmental authority.
- To protect our rights, users, systems and services.
The Firm does not sell (or otherwise trade) personal data to third parties. However, the Firm may share personal data with its affiliated companies for the purposes of providing clients with information about our affiliated companies’ service offerings. For example, the Firm may provide emails to its subsidiary or a third-party service provider for direct email distribution of blogs, on-line surveys, or notifications.
Except as described in this Policy, we will not otherwise disclose personal data to any third parties unless you have been provided with an opportunity to opt out of such disclosure.
If an individual wishes to opt out or limit the use and disclosure of their personal data to a third party or a use that is incompatible with the purpose for which the personal data was originally collected or authorized, the individual may send such request to [email protected].
IX. INTERNATIONAL TRANSFERS OF PERSONAL DATA
Due to the nature of our services and our trusted third party providers, we may need to process your personal data in jurisdictions other than the U.S. In such cases, we will ensure that the processing only takes place in jurisdictions that have been found to uphold an adequate level of protection regarding personal data or ensure that there are other legal mechanisms in place to ensure appropriate safeguards for the processing of the personal data.
X. DATA RETENTION
We will only retain your personal data for as long as we reasonably require it for legal or business purposes subject to the minimum applicable regulatory retention period. In determining data retention periods, we take into account local laws, contractual obligations, and the expectations and requirements of our clients. When we no longer need personal data, we securely delete or destroy it.
We may amend this Policy at any time. If we make any material changes in the way we collect, use, and/or share your personal data or to this Policy, we will notify you by prominently posting notice of the changes on the Websites covered by this Policy. We encourage you to periodically review this page for the latest information on our Policy.
XII. CONTACTING US ABOUT THIS POLICY OR MAKING A COMPLAINT
If you have any questions or concerns about this Policy, or want to exercise your rights as a data subject as set out in this Policy, or would like to raise a complaint or comment, please contact our Privacy Team and the Data Protection Officer by emailing [email protected] or by mail to 2 Pierce Place, Suite 200, Itasca, IL 60143.
When you email us you may be requested to provide some additional personal data, like your name, email address and residential address. We will use this data to verify your identity in order to be able to respond to your query, so that we can meet our contractual obligations.
Emails are stored on our standard internal contact systems which are secure and cannot be accessed by external parties.
If you are not satisfied with our response or believe we are not processing your personal data in accordance with the law, you can escalate your complaint to the data protection supervisory authority in your jurisdiction. Contacts of the local European data protection supervisory authorities can be found here.
This Policy was last updated on June 1, 2022.