Ereus is a licensed company incorporated in Estonia with license number FVT000506 ,owned by a private limited company incorporated in Estonia with name Afterlight OÜ and registry code: 14651296. The address of the register office of the company is : Maakri tn 25, 10145, Tallinn, Estonia.
GENERAL DATA PROTECTION REGULATION
(a) Personal Data shall mean any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
(b) Controller shall mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
(c) Processor shall mean a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
COLLECTION OF INFORMATION
The Company complies with legislative requirements in place, including but not limited to the Regulation (EU) 2016/679 (“GDPR”) and to Directive DI144-2007-08 of 2012 (“AML Directive”) for the establishment on the Client’s economic profile and prevention of money-laundering as well as abide with the relevant record keeping obligations under the GDPR for establishing the suitability and appropriateness of client(s), based on the services offered by the Company, recordings of telephone conversations, client(s)’ transactions, FATCA and CRS reporting. In this regard, as part of the Company’s account opening procedures and ongoing obligations, the Company may request, collect and maintain, for at least five (5) years, information from clients and potential clients, including but not limited to: o Identification details such as name, age, nationality, passport/ID number, date of birth, place of birth, nationality, copy of the Passport and/or of the Identity Card, utility bill (including the full address of the client), tax identification number; tax residence etc; o Contact information such as telephone number, email; o Employment details such as employer’s name, profession, industry of employment; o Financial information such as gross annual income, net worth; source of funds; o Trading information such as experience, investment objectives, anticipated turnover; The Company may collect the said information directly from you (during the account opening procedure) and/or from other person(s) including, for example, credit reference agencies, fraud prevention agencies, banks, other financial institutions, third party authentication service providers and the providers of public registers. When you access our website, we collect non-identifiable information in the following ways:
When you access our website, we collect information that your browser sends, whenever you visit the website or online service (“Log Data”). This Log Data may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to our website and information you search for on our website and the Service. In addition, if you access the Service via a mobile device, we may collect a Push ID, subject to your consent as indicated by you in the mobile application, and a Mobile IP.
Ereus is based in, and provides its services from, Estonia.
Cookies are small text files stored by your browser, on your computer or device, when you visit certain pages or perform certain actions on the Company’s website. They are used to help your browser remember your choices and display the correct information for you,such as items in your basket, and not treat you as a new visitor each time you visit a page. Some cookies are only set for the duration of your visit (“session cookies”) to help you get around and give you relevant information. Others are set for longer periods (“persistent cookies”) so that your browser can remember your choices from a previous visit. The cookies stored cannot harm your device, are anonymous, and unique to your browser. You can choose to disable or block these cookies in your browser but without some of them our website may not work. For more detailed information about cookies please visit www.allaboutcookies.org.
THIRD PARTY COOKIES
If you don't want to receive certain categories of cookies, you can opt- out of them. It should be noted that our website may work without cookies, but you may lose some features and functionalities, if you choose to disable cookies.
6. PURPOSE OF OBTAINING INFORMATION
Personal Information is information relating to an identified or identifiable natural or legal person. An identifiable natural person is one who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that person.
The Company requests the relevant information in order to be in a position to provide products and/or services specifically:
- To verify client(s)’ identity;
- To ensure that client(s) meet the appropriateness and/or suitability requirements for the use of the Company’s products and/or services;
- To manage and operate client(s) trading account(s), if applicable;
- To process client(s)’ requests for transactions;
- To send client(s) information about transaction/post-transaction services;
- To keep client(s) updated about products and/or services and any other information relevant to client(s)’ relationship with the Company;
- For website improvement purposes;
- For the analysis of statistical data for the provision of better products and/or services;
- To detect, prevent, mitigate and investigate fraudulent or illegal activities;
- For provision of customer service.
The Company may also collect your Information related to use of the Company’s website(s), such as pages visited, frequency, duration of visit and trading activities.
The Company also keeps records of your trading behaviour, including a record of:
a) Products you trade and their performance;
b) Historical data about the trades and investments you have made including the amount invested;
c) Historical data about your payment and withdrawal activities.
The Company does not sell or trade the personal information in its possession. The provision of all personal information is necessary in order to use the Company’s products and/or services. The personal information will be collected and processed explicitly and specifically for the purposes that have been collected for (“purpose limitation”) while the Company shall require only the information necessary in relation to the purposes for which it has been collected. Further to the above, the Company may also request further information in order to improve its products and/or service or activities, under relevant Agreement(s) between us, as the case may be, or comply with applicable legislative requirements.
RECORDING OF INFORMATION
The Company shall record communications including electronic, by telephone, in person or otherwise, that we have with you in relation to the products and/or services offered to you. The said recordings will be the Company’s sole property and will constitute evidence of the communications between the Company and you.
8. MANAGEMENT OF YOUR PERSONAL INFORMATION AND SAFEGUARDING
The Company has taken all the appropriate organisational measures as to ensure that your personal data is secured. Moreover, the Company has established an internal educational training for its employees so as to mitigate any risks that may affect your data. The employees that are processing your data are trained to respect the confidentiality of personal information and the privacy of individuals. Access to your information has only employees and/or service providers and/or Partners/Tied Agents that need to have access to the information in order to enable the continuity of the agreement between you and the Company.
We consider breaches of your privacy as top priority and the Company is monitoring its internal procedures, on an ongoing basis, to prevent any such event. Furthermore, we hold personal information in a combination of secure computer storage, secure servers and, from time to time and if it is deemed necessary, we will store them in paper-based files. The Company has taken all the necessary steps to protect the personal information that it holds from misuse, loss, unauthorised access, modification or disclosure. The Company has introduced different security access levels, including administrator access rights, whereby the servers can only be accessed by authorized personnel. Also, the Company has implemented Antivirus, Spyware and Firewalls protection for the Company’s servers and PC’s.
While we will use all reasonable efforts to safeguard your Information, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data transferred from you, or to you, via the internet. The Company shall keep your personal data for as long as the company has a business relationship with you (physical person). Once the business relationship has been ended, we may keep your data for up to five (5) years in accordance with the legislative requirements governing the Company. The Company may keep your personal data for longer than five (5) years for legal, regulatory and/or any other obligatory reason. Retention periods will be determined taking into consideration the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information, at the earliest reasonable time.
The Company also uses level 1 PCI DSS compliant payment providers for transfers of client(s)’ funds. Moreover, the Company adopts the SSL (Secure Sockets Layer) network security protocol that keeps your personal online communication, and data, private and secure. The trading platform and client(s)’ Portal area are accessible with a unique password generated by client(s), at the time of registration. Client(s) can change and update their password at any time.
9. DISCLOSURE OF INFORMATION
As part of using your personal information for the purposes set above, we may disclose your information to:
(a) Service providers and specialist advisers who have been contracted to provide us with IT, financial, regulatory, compliance, accounting and/or other services;
(b) Partners or Tied Agents with whom the Company has closed relationships and who are exclusively working for the Company;
(c) Regulatory Authorities;
(d) Anyone authorised by you;
(e) Relevant authorities to investigate or prevent fraud, money laundering or other illegal activity;
(f) Trade Repository or similar;
(g) The Company’s employees so as to exercise their duties to further the agreement between us, or to assure the efficient functioning of our Trading Platform, the Trading Data functions etc.
USE OF INFORMATION
We use your information in order to
(i)monitor and analyse the use of the Company’s website and for the technical administration of the website,
(ii) improve the website
(iii) generate and derive useful data and information concerning the interests, characteristics, use and behaviour of the users. We aggregate Information and Non-Identifying Information. We may share aggregated information, including queries and offers generated as a result of your use of the Company’s website, that includes non- identifying information and Log Data, with third parties, for industry analysis, demographic profiling, other commercial purposes and to deliver targeted advertising about the Company’s products and/or services. Any aggregated information shared in these contexts will not contain any personal information. Business Transfers: We may transfer or otherwise share some or all of our assets, including, among others, your Personal Information and Log Data, in cases of a merger, acquisition, reorganization or sale of some or substantially all of our shares or assets, or in the event of bankruptcy.
The following are considered to be the most relevant:
(a) Processing is necessary for compliance with legislative requirements to which the controller is subject to;
(b) Processing is necessary for the performance of a contract to which the person is party, or in order to take measures of the person’s request prior entering into an agreement;
(c) Processing is necessary in order to protect the vital interests of the data subject;
(d) Processing is necessary for the performance of a task carried out in the public interest or in the exercise of public authority or a third party to whom the data are communicated;
(e) Processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party to whom the personal data is communicated, on condition that such interests override the rights, interests and fundamental freedoms of the person(s).
CHANGE OF INFORMATION.
You should inform the Company, at any time, if your information has changed or if you wish the Company to delete information held about you.We will change or delete your Information in accordance to your instructions, except in cases where we are required to withhold your Information for regulatory or legislative purposes, to provide you with the service(s) you have requested or to maintain adequate business records.
RIGHT OF ACCESS
As a natural person you have the right to obtain a copy of any personal information which we hold about you and to advise us of any perceived inaccuracy. Additionally, you may also request the reasoning of holding such information. To make a request, please contact us, verifying your identity and specifying what information you require. You may contact us at Ereus support.
UPDATE OF THIS POLICY