Purpose
At MIndwave (our “Firm’) your privacy is very important to us. This Policy describes the ways in which we, operating under the brand name www.fundingrock.com collect, process, and retains personal information about you. "Personal information" includes any data that identifies you or can be used to identify you.
We process your information based on legitimate business interests, contractual obligations, and legal compliance.
All information is collected solely for the performance of contractual, regulatory, business and legal requirements and the process may have to be repeated and updated during the course of our business relationship.
This policy sets out your rights under the new General Regulation on Personal Data (EU) 679/2016 as amended from time to time (the “GDPR”).
Its aim is to explain how and why we process your personal data and how you have the right to know what information we have on you and how you can request that we provide you with access to it, update, transfer or delete it.
Our Firm
We are Cypriot Limited Liability Company offering Prop Trading Services based in Nicosia, Cyprus.
Contact Information
If you have any queries about our Privacy Policy or your rights as set out by this Privacy Policy, please contact us at:
+357 22 032052
What information we collect
Our Firm may collect information from you when you engage our services, when you contact us, in the course of our business and when you request information from us.
Reasons why we collect personal information from you:
To be able to provide our services, enforce agreements, carry out requests
To verify your identity
To comply with applicable laws and regulations, court proceedings and orders
To improve the services we provide to you and provide you with information regarding changes to our pricing and service outline
To protect the rights, property and safety of our Firm as well as our employees, associates and clients
For recruitment purposes.
We collect the following personal information from you when you engage our services as a client or are a prospective client in the following cases:
Name, Telephone Number, Address
Other contact information
Company information and email address if applicable
Payment information
Information necessary for the provision of service
Information required by legislation i.e. including but limited to Anti-Money Laundering, Know Your Client regulations etc.
Personal Identification Documents, passports and Identity Cards should this be required by law
Automatically Collected Information
When you visit our websites or use our services, we may collect data such as payment history, pages viewed, IP address, location data, device identifiers, and browsing activity.
How we use your data
Purposes of Processing Personal Information:
To fulfil obligations under laws such as anti-money laundering regulations, conduct identity checks, and ensure compliance with regulatory requirements.
Contract Performance: To provide requested products and services, manage your account, contact you regarding services, and enforce our terms and conditions.
Legitimate Interests: To improve services, conduct surveys, maintain business records, and optimize website performance.
Provision of services to you: We collect and maintain your personal data in order to be able to fulfil our contractual obligations. It is our Firm’s and any authorized third party that we use legitimate interest to use the necessary data in order to provide you with the highest level of service at optimum cost.
Compliance and Regulatory: We collect and maintain your personal data to comply with regulatory and legal obligations which include but are not limited to Anti-Money Laundering, Know Your Client, Tax, Insurance purposes etc. It is our Firm’s and any authorized third party that we use legitimate interest to comply with all legal and regulatory requirements.
Firm Administration: It is our Firm’s legitimate interest to collect and maintain your personal data to be able to protect and enforce our rights, as well as the rights of third parties.
Third party contractors: Sometimes we are required to appoint third party contractors to provide you with the services you require. All our contractors are subject to all necessary due diligence checks to ensure that your data is handled in accordance with all legal and regulatory procedures and obligations.
We only instruct and liaise with the abovementioned contractors in order to fulfil our contractual obligations with you and it is our legitimate business interest to ensure that we provide you with the highest level of service.
Recruitment: We collect a candidate’s personal data in order to assess their suitability for any potential vacancy at our Firm. We do so as part of prospective contractual obligations and because it is our Firm’s legitimate business interest to employ the most suitable persons at different positions in the Firm.
Personal data collected for recruitment purposes will not be used for any other purpose or relayed to any third party without your consent.
Marketing: It is our Firm’s legitimate interest to use your personal data to communicate with regarding new and updated services.
Marketing material will only be sent if you have consented to receive it or we have a legal right to communicate it to you.
You can opt out from receiving marketing material at any point by contacting XXXXX
Automated Decision-Making and Profiling
We may use automated decision-making tools to fulfil our legal obligations and provide services, including for KYC (Know Your Customer) and marketing purposes.
Consequences of Refusal to Provide Personal Information
If you decline to provide required information, we may be unable to offer you certain services.
Cookie Policy
Cookies are used on our websites to enhance functionality and performance. You may manage cookie preferences via your browser settings.
Links
Our privacy policy does not apply to third-party websites. We recommend reviewing their privacy practices.
Security
We implement measures to safeguard personal information, but no system can provide absolute security.
Minors
Our services and website are not intended for individuals under the age of 18 (or the age of legal consent in your jurisdiction). We do not knowingly collect personal information from minors. If you are a minor, please refrain from downloading or using our services or providing us with any personal information. If you believe that a minor has shared information with us, please contact us immediately.
Information Received from Third Parties
If you register using third-party social media accounts (e.g., Facebook, Google), we may obtain certain profile information based on your privacy settings. We encourage you to review those providers' privacy policies. We may also receive data from identity verification agencies and publicly available sources.
Unsolicited Information
If you provide personal information we have not requested, we will only retain data we are required or permitted to hold based on our services. If this unsolicited information cannot be isolated from retained data, you acknowledge it may be retained with your other personal information.
Please be aware that, we may also retain correspondence information, such as chat logs and call recordings.
Who do we share your personal data with
In order for our Firm to be able to perform its contractual, regulatory, business and legal obligations, we may share your data with the following parties:
Government departments and regulatory authorities
Auditors and professional advisers
Professional indemnity insurers and advisers
The courts, police and law enforcement agencies
Tax authorities and corporate registries
Third parties and associates we employ for the provision of services which include but are not limited to document processing and translation services, IT providers, courier and postal service providers, counsel, arbitrators, mediators, experts, accountants and auditors etc.
The above is a non-exhaustive list which may vary depending on the type of service to be provided.
Transfer of data
In order to fulfil our contractual, legal and regulatory obligations our Firm may need to transfer your data to other jurisdictions both within the European Union and to countries outside.
Our Firm and the third parties it works with operate under EU standard contractual clauses in relation to handling of personal information.
Confidentiality
Our Firm and all those who process your data on our behalf are committed to keeping your personal information as secure as possible.
In order to be able best protect your data, appropriate safeguards, rules and technical measures have been put in effect to prevent potential misappropriation or any unlawful action.
Retention
Our Firm will retain your data only for as long as it is needed for the purposes described above.
In general, our firm will hold your data for a period of 6 years from the date of last interaction.
Retention periods will vary and will be disclosed to clients and prospective clients in the signed engagement letters.
Furthermore, your data may be held for longer in order for our firm to be compliant with regulatory and indemnity obligations.
Your rights
You have the following rights in relation to your personal data
Right of access to your information
Right to rectification
Right to erasure
Right to restrict processing
Right to data portability
Right to object to the use of your personal data
Right to complain to the relevant Data Protection Authority
Right to withdraw your consent
The above requests are subject to the other legal and regulatory requirements imposed on our Firm.
If you have any questions or which to exercise any of the above rights please contact our Firm at [email protected]
Data Privacy requests and complaints procedure
You may submit your request or complaint via email to [email protected]
If you have questions related to your personal information or wish to exercise your rights under applicable law, please reach out to our Data Protection Officer (DPO) via the above email or through the contact form on our website, or by physical mail to Agias Elenis, 36
GALAXIAS COMMERCIAL CENTER, 4th floor, Flat/Office 401
1061, Nicosia, Cyprus.
Please indicate the nature of your privacy issue by marking the email subject line with “Privacy Request” or “Privacy Complaint”.
The email should include:
Your Full name and address
Full details of your privacy request or complaint
Evidence of previous communications with our firm regarding the specific data privacy issue
Evidence of potential losses incurred as a result of the alleged data privacy issue
We will acknowledge receipt within 72 hours (3 working days).
We will assess your request or complaint fully and endeavor to provide you with an answer within 3 weeks. If our assessment cannot be completed within 3 weeks, we will contact you to inform you when you can expect an answer.
If you are not satisfied with our response, you can contact the Data Protection Commissioner’s Office in the Republic of Cyprus at:
1 Iasonos str., 1082 Nicosia
or Postal address:
P.O.Box 23378, 1682 Nicosia
Tel: +357 22818456
Fax: +357 22304565
Email: commissionerdataprotection.gov.cy
You can also contact the data protection authority in your jurisdiction.
Changes to this Privacy Policy
Our Firm reserves the right to make changes to this Privacy Policy from time to time in order to reflect legislative and regulatory changes.
Governing Law
This Policy is governed and should be construed under the Laws of the Republic of Cyprus and should any dispute arise that is not resolved amicably or via the commissioner for data protection of the Republic of Cyprus, this shall be resolved by the Cypriot Courts having relevant jurisdiction.