Trade Online d.o.o., with the registered Slavonska avenija 1c, Zagreb and OIB 5713490759 (hereinafter referred to as: “The Company”) is aware of its obligations under the General Data Protection Regulation (GDPR) and is committed to processing your data securely and transparently. This privacy notice sets out, in line with GDPR, the types of data that we hold on you as a client or potential client the Company´s principal, OX Capital Markets Ltd. (Controller).
It also sets out how we use that information, how long we keep it for and other relevant information about your data.
The Company is a data processor, meaning that it processes personal data on behalf of the Controller. Our contact details are as follows: firstname.lastname@example.org, phone no..: +385 1 2099 278 The contact details of the Controller and its Privacy Notice can be found here or here.
For the purposes of this notice:
- Controller shall mean the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law;
- Processor shall mean a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller.
We hold several types of data about you, including:
• your personal details including your name, email address, phone number
• information on your position in a legal person (e.g. directorship) or business status (sole proprietorship)
• data processed during our assistance with the account opening
• voice on recorded line. How we collect your data We collect data about you via our marketing (especially telemarketing) activities and electronic communication (contact form on our website, e-mail…)
The Company is a registered tied agent of the Controller whereby it solicits new potential clients for the Controller and provides its administrative support to the Controller, especially during the onboarding process.
Your data will be processed on behalf of the Coontroller in accordance with the General Data Protection Regulation and local Croatian laws. We do not share your data with bodies outside of the European Economic Area.
In line with data protection principles, we only keep your data for as long as we need it for, usually during the period required by the relevant legislation. Recorded communications will be stored for a minimum of 5 years , and under certain conditions, for up to 7 years. Data provided by you with your explicit consent for the marketing purposes will not be stored for a period longer than 1 year unless other legal basis for processing these data is given.
The law on data protection gives you certain rights in relation to the data we hold on you. These are:
• the right to be informed. This means that we must tell you how we use your data, and this is the purpose of this privacy notice
• the right of access. You have the right to access the data that we hold on you. To do so, you should make a subject access request.
• the right for any inaccuracies to be corrected. If any data that we hold about you is incomplete or inaccurate, you are able to require us to correct it
• the right to have information deleted. If you would like us to stop processing your data, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it
• the right to restrict the processing of the data. For example, if you believe the data we hold is incorrect, we will stop processing the data (whilst still holding it) until we have ensured that the data is correct
• the right to portability. You may transfer the data that we hold on you for your own purposes
• the right to object to the inclusion of any information. You have the right to object to the way we use your data where we are using it for our legitimate interests
• the right to regulate any automated decision-making and profiling of personal data. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.
Where you have provided consent to our use of your data, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the data that you had previously given us consent to use. There will be no consequences for withdrawing your consent. However, in some cases, we may continue to use the data where so permitted by having a legitimate reason for doing so.
If you wish to exercise any of the rights explained above, please contact email@example.com.
The supervisory authority in Croatia for data protection matters is Agencija za zaštitu osobnih podataka: https://azop.hr/.
If you think your data protection rights have been breached in any way by us, you are able to make a complaint to it.
Last update: 1.02.2020