Updated: 6 November 2019
Who Are We
This policy is provided to you by Financial Spreads and describes who we are, why we need to collect your information and how we will use it. It will also tell you who we share your information with and how we use data to improve the products and service we provide to you.
Financial Spreads is aware of the trust you place in us when you visit our sites or utilise our products or services, and of our responsibility to protect your information.
"We", "Us" or "Our" in this policy refers to Financial Spreads and our related entities; who enable us to operate a 24-hour business from Monday to Friday, consisting of the following companies:
- Financial Spreads is a trading name of Finsa Europe Limited, a company registered in the United Kingdom with company number 07073413, whose registered office is 9th Floor, 30 Crown Place, London, EC2A 4ES and is authorised and regulated by the Financial Conduct Authority (FCA) registration number 525164.
The entities above apply the same data privacy standards to protect and secure your personal data whenever they provide online Contracts for Difference (CFD), spread betting, spread trading and spot forex products to retail and other customers, and act as individual data controllers of your Personal Information in relation to specific services they deliver.
Any reference to 'you', 'your', 'yours' or 'yourself' in this policy is a reference to any of our clients, potential clients or people visiting our websites as the context requires unless otherwise stated.
What personal information do we collect
As part of providing our products and services to you, we are required by law to execute Know Your Customer (KYC) checks in order to verify your identity before we set you up as a client and we use those details to effectively manage your account with us to ensure that you get the best possible service.
If you are an actual or potential client, we may collect the following types of information about you depending on your stage in the customer journey:
- identity data including title, first name, last name, date of birth, gender, username, account number or similar identifier;
- contact data including billing address, residential address, email address and telephone number;
- information about your source of income and wealth including details about your assets and liabilities, account balances, trading statements, tax and financial statements, government-issued documentation, employment and profession details;
- technical data including application software, internet protocol (IP) address, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our websites or applications;
- financial data including user id tokens from payment service providers, bank account details and payment card details;
- profile data including your username and password, trading performance, transaction data, notes, your interests, preferences, customer feedback, survey responses, internet chats and telephone recordings;
- usage data including information about how you use our website, products and services; and
- marketing and communications data including your preferences in receiving marketing from us and our third parties and your communication preferences.
We obtain this information in a number of ways through your use of our services or other dealings with us including through any of our websites, account opening applications, contact forms, telephone, internet chat systems, our demo sign up forms, webinar sign up forms and information provided in the course of ongoing client service correspondence. We may also collect information about you from third parties either through customer due diligence providers, sanctions screening providers, credit reference agencies, publicly available sources or screened third party data lists.
We also keep records of your trading behaviour, including a record of:
- suspicious transactions and orders
- your preference for certain types of products and services
- your financial transactions, the products you trade with us and their performance
- historical data about the trades and investments you have made including the amount invested
We will use your Personal Information to provide you with products and services, or information about our products and services, and continuously review your ongoing needs once you open an account with us or subscribe to information resources on our sites or applications (e.g. blogs, newsletters etc.).
Visiting our websites and cookies
How and why we use your personal information
We only use your personal information if we have a legal reason for doing so, such as:
- to comply with our legal and regulatory obligations;
- for the performance of our contract with you or to take steps at your request before entering into a contract;
- for our legitimate interests or those of a third party; or
- where you have given consent.
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests.
The table below explains what we use your personal information for and our reasons for doing so:
| What we use your personal information for || Our reasons |
| To provide products, services and support to you. || For the performance of our contract with you or to take steps at your request before entering into a contract. |
| To prevent and detect crime against you and members of the public. || For our legitimate interests or those of a third party, such as to minimise fraud that could be damaging for us and for you. |
| Conducting checks to identify our customers and verify their identity. || To comply with our legal and regulatory obligations. |
| Screening for financial and other sanctions or embargoes. || To comply with our legal and regulatory obligations. |
| Other processing necessary to comply with professional, legal obligations that apply to our business, e.g. under financial service regulation issued by our professional regulator. || To comply with our legal and regulatory obligations. |
| Gathering and providing information or evidence relating to audits, enquiries, legal claims, complaints or investigations by regulatory bodies. || To comply with our legal and regulatory obligations.|
For our legitimate interests to defend ourselves and relevant third parties from legal claims.
| Ensuring internal business policies are adhered to, e.g. policies covering data retention or security. || For our legitimate interests or those of a third party, i.e. to make sure we are following our own internal procedures so we can deliver the best service to you. |
| Operational reasons, such as improving efficiency, training and quality control. || For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price. |
| Ensuring the confidentiality of commercially sensitive information. || For our legitimate interests or those of a third party, i.e. to protect trade secrets and other commercially valuable information.|
To comply with our legal and regulatory obligations.
| Statistical analysis to help us manage our business, e.g. in relation to our financial performance, customer base, product range or other efficiency measures. || For our legitimate interests or those of a third party, i.e. to be as efficient as we can so we can deliver the best service for you at the best price. |
| Preventing unauthorised access and modifications to systems. || For our legitimate interests or those of a third party, i.e. to prevent and detect criminal activity that could be damaging for us and for you.|
To comply with our legal and regulatory obligations
| Updating and enhancing customer records. || For the performance of our contract with you or to take steps at your request before entering into a contract.|
To comply with our legal and regulatory obligations.
For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products.
| Statutory returns. || To comply with our legal and regulatory obligations. |
| Ensuring safe working practices, staff administration and assessments. || To comply with our legal and regulatory obligations.|
For our legitimate interests or those of a third party, e.g. to make sure we are following our own internal procedures and working efficiently so we can deliver the best service to you.
Marketing our services and those of selected third parties to:
- existing and former customers;
- third parties who have expressed an interest in our services;
| For our legitimate interests or those of a third party, i.e. to promote our business to existing and former customers.|
Your consent to us and third parties to provide you with promotional content on products, services and support.
| Credit reference checks via external credit reference agencies || For our legitimate interests or those of a third party, i.e. to ensure our customers are likely to be able to pay for our products and services |
| External audits and quality checks, e.g. maintain our accreditation and the audit of our account || For our legitimate interests or a those of a third party, i.e. to maintain our accreditations so we can demonstrate we operate at the highest standards|
To comply with our legal and regulatory obligations
The above table does not apply to special category personal information, which we will only process with your explicit consent.
We may use your personal information to send you updates (by email, text message, telephone or post) about our products and services, including exclusive offers, promotions or new products and services.
Where consent is needed for promotional purposes, we will ask for this consent separately and clearly, however, we do not usually need your consent because we have a legitimate interest in processing your personal information (see above 'How and why we use your personal information').
We will always treat your personal information with the utmost respect and never sell or share it with other organisations outside our related entities for marketing purposes. Whenever we rely on your consent as our legal basis for processing your Personal Information, you have the right to withdraw that consent or opt out of receiving promotional communications at any time by:
- contacting us via your usual means of communication or use the contact details in this policy (see below 'How to contact us')
- using the 'unsubscribe' link in emails
- send 'STOP' in response to any texts
We will usually ask you to confirm or update your marketing preferences: when we contact you, if you request information on our products and services or if there are changes in the law, regulation, or the structure of our business.
Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, permissible by law and is in accordance with this policy.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so. Please note that we may process your personal data without your knowledge or consent, in compliance with a regulatory obligation or permitted by law.
Who we share your personal information with
As part of using your Personal Information for the purposes set out above, we may disclose your information to:
- our related entities (see above 'Who we are')
- third party service providers we use to help deliver our products and services to you, such as electronic identity verification agencies, specialist advisers, administrative support, IT, financial, compliance, insurance, research etc.;
- introducers, brokers, marketing agents and those with whom we have a mutual relationship;
- credit providers, courts, tribunals and applicable regulatory authorities as agreed or authorised by law or our agreement with you;
- other third parties we use to help us run our business, e.g. marketing agencies or website hosts;
- credit reporting or reference agencies;
- trace debtors or beneficiaries, debt recovery agencies;
- crime prevention agencies; and
- anyone authorised by you
We only allow our service providers to handle your personal information if we are satisfied, they take appropriate measures to protect your personal information. We also impose contractual obligations on each service provider to ensure they can only use your personal information as instructed by us; to provide services to us and you.
We may share personal information with external auditors, e.g. in relation to maintaining our accreditations or audit of our accounts etc. and we may disclose and exchange information with regulatory bodies and law enforcement agencies to comply with our legal obligations and help prevent crime.
We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring. Usually, information will be anonymised, but this may not always be possible. The recipient of any such information will be bound by the same data privacy, confidentiality and security obligations.
Please note that the use of your Personal Information by external third parties who act as data controllers of your Personal Information is not covered by this policy and is not subject to our privacy standards and procedures.
Management of personal information
Information may be held at our offices and those of our related entities, third party agencies, service providers, representatives and agents as described above (see above: 'Who we share your personal information with').
To deliver a 24/5 service to you, it is sometimes necessary for us to transfer your personal information overseas, such as:
- with our related entities based outside the United Kingdom;
- with your and our service providers located outside the United Kingdom;
- if you are based outside the United Kingdom;
We will, however, ensure that any such transfer complies with our obligations under the data protection laws, and that such transfer maintains the confidentiality, integrity, availability and security of your personal information. Our standard practice is to use standard data protection contract clauses that have been approved by relevant regulatory or supervisory authority.
How long your personal information will be kept
We will keep your personal information while you have an account with us, or we are providing information, products or services to you. Thereafter, we will keep your personal information for as long as is necessary:
- to respond to any questions, complaints or claims made by you or on your behalf;
- to show that we have acted in accordance with the law; and
- to keep records as required by law.
We will not retain your Personal Information for longer than necessary for the purposes set out in this policy. Different retention periods apply for different types of personal information and when it is no longer necessary to retain your personal information, we will delete or anonymise it.
If you fail to provide personal information
Where we need to collect personal data by law, under the terms of a contract we have with you or are trying to enter into with you and you fail to provide that data when requested, we may not be able to perform the contract we have or in limited circumstances may only be able to provide a restricted service. In most cases, we may have to cancel the product or service you have with us, but we will notify you if this is the case at the time.
You have the following rights:
| Rights || Explanation |
| Access || The right to ask us to provide you with a copy of your personal information. |
| Rectification || The right to ask us to correct or update any mistakes or out-of-date personal information that we hold on you. |
| Erasure || The right to ask us to delete your personal information; we will erase your information if there are no applicable laws or regulations barring us from doing so. |
| Restriction of processing || The right to ask us to restrict processing of your personal information-in certain circumstances, e.g. if you contest the accuracy of the data|
| Data portability || The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party-in certain situations|
| To object ||
The right to object:
- at any time to your personal information being processed for direct marketing;
- in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.
You can exercise these rights free of charge by contacting our customer service team using the contact details listed in this policy (see below: 'How to contact us'). Please note that we reserve the right to charge the administrative cost of providing you with the requested information in situations where your request is excessive or unfounded, for instance where your request is repetitive, or you require multiple copies.
In situations where we have shared your personal information with third parties, we will inform them of your request to ensure that your data privacy rights are upheld by them.
Keeping your personal information secure
Safeguarding your personal information is important to us, whether you interact with us personally, telephone, e-mail, post, over the internet or by any other electronic medium. We follow strict security procedures and protocols in connection with the storage, processing and disclosure of your information, to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We also have procedures in place to deal with any suspected or actual data security breach and will notify you and any applicable regulator of a data security breach where we are legally required to do so.
Technology improvements and third-party sites
We are constantly striving to improve functionality on our websites and applications through technology changes and this may mean a change to the way in which personal information is collected or used. We will update this policy as necessary to inform you of any technology changes that affect your privacy rights.
Whilst we take appropriate technical and organisational measures to safeguard the personal information that you provide to us, we accept no liability if communications are intercepted by third parties or incorrectly delivered or not delivered from you to us. Where possible, we recommend transferring information directly to us using the functionality provided.
How to contact us
- phone on 0800 8620780 (+44 203 475 4830);
- email at email@example.com; or
- writing to 30 Crown Place, Moorgate, London, EC2A 4ES
You have the right to make a complaint at any time if you are not satisfied with our privacy practices or response to your complaint, you have the right to lodge a complaint with our supervisory authority, the Information Commissioner's Office (ICO). You can find details about how to do this on the ICO's website at https://ico.org.uk/concerns/
or by calling their helpline on 0303 123 1113. We would, however, appreciate the chance to deal with your concerns or complaints before you approach the supervisory authority so please contact us in the first instance.
Policy review and changes