We understand that your privacy is important to you and that you care about how your personal data is used. We respect and value the privacy of everyone who uses our Services and/or using our website and will only collect and use personal data in ways that are described here, and in a way that is consistent with our obligations and your rights under the General Data Protection Regulation (EU Regulation 2016/679) (the "GDPR").
The terms "processor" , " controller" , " processing" and " personal data" shall have the same meaning as stated in the General Data Protection Regulation.
|"Service(s)"||means the portfolio tools and information services to which you have subscribed. The Services may contain Premium Services;|
|"Account"||means an account required for you to access and use the portfolio tools and information services;|
|"Cookie"||means a small text file placed on your computer or device by our platform when you visit certain parts of our platform and/or when you use certain features of our platform. Details of the Cookies used by our platform are set out in Part 14, below; and|
|"Cookie Law"||means the relevant parts of the Privacy and Electronic Communications (EC Directive) Regulations 2003.|
This platform is an initiative of SYNC Financial Technology Limited, a limited liability company incorporated and existing under the laws of the United Kingdom with registered address at 71-75 Shelton Street, London WC2H 9JQ and with company number 09294992. (hereinafter referred to as " Swanest" or " we").
Personal data is defined by the GDPR as 'any information relating to an identifiable person who can be directly or indirectly identified in particular by reference to an identifier'.
Personal data is, in simpler terms, any information about you that enables you to be identified. Personal data covers obvious information such as your name and contact details, but it also covers less obvious information such as identification numbers, electronic location data, and other online identifiers.
Under the GDPR, you have the following rights, which we will always work to uphold:
b) The right to access the personal data we hold about you. Part 13 will tell you how to do this.
c) The right to have your personal data rectified if any of your personal data held by us is inaccurate or incomplete. Please contact us using the details in Part 15 to find out more.
d) The right to be forgotten, i.e. the right to ask us to delete or otherwise dispose of any of your personal data that we have. Please contact us using the details in Part 15 to find out more.
e) The right to restrict (i.e. prevent) the processing of your personal data.
f) The right to object to us using your personal data for a particular purpose or purposes.
g) The right to data portability. This means that, if you have provided personal data tous directly, we are using it with your consent or for the performance of a contract, and that data is processed using automated means, you can ask us for a copy of that personal data to re-use with another service or business in many cases.
h) Rights relating to automated decision-making and profiling. We do not use your personal data in this way.
For more information about our use of your personal data or exercising your rights as outlined above, please contact us using the details provided in Part 15.
If you have any cause for complaint about our use of your personal data, you have the right to lodge a complaint with the competent supervisory authority (for the UK: the Information Commissioner's Office: https://ico.org.uk/)).
In this Part 6 we have set out:
a) the general categories of personal data that we may process;
b) in the case of personal data that we did not obtain directly from you, the source and specific categories of that data;
c) the purposes for which we may process personal data; and
d) the legal bases of the processing.
We may process data about your use of our Services and/or website (" usage data"). This usage data may include your IP address, your geographical location, browser type and version, operating system well as information about the timing, frequency and pattern of your service use. Source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analysing the use of the platform and services. The legal basis for this processing is our legitimate interest, namely monitoring and improving our platform and services.
We may process your account information (" account data"). The account data may include your name, email address, country, browser fingerprint password, address, birthdate, city of birth, picture and gender.
We might also need to process your national ID or a copy of your passport/ id card/ driver license to comply with our obligations under MIFID II. The source of the account data is you or the financial institution, online broker or other intermediary you connect with.
The account data may be processed for the purposes of providing our Services, ensuring the security of our website and Services, maintaining back-ups of our databases and communicating with you. The legal basis for this processing is the performance of a contract between you and us. We might need certain information also to comply with our legal obligations.
We may process personal data that are provided in the course of the use of our Services (" service data"). The service data include your financial objectives (investment amount, time horizon); your financial situation (assets, liabilities, emergency funds); investment knowledge and your risk profile (risk appetite, capacity for loss), your portfolio information (value, holdings, units, currency preferences). The source of the service data is you (manually or via a CVS-file) or the financial institution, online broker or other intermediary you connect with. The service data are processed solely for the purpose of providing our services.
The legal basis for this processing is consent and the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process information relating to transactions, (including purchases), that you enter into with us and/or through our Services and/or website (" transaction data"). The transaction data may include your contact details, your card details and the transaction details. The transaction data may be processed for the purpose of supplying the purchased services and keeping proper records of those transactions. The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract.
We may process information that you provide to us for the purpose of subscribing to our email notifications and/or newsletters (" notification data"). The notification data may be processed for the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent or our legitimate interest, namely keeping you up to date when you created an Account.
We may process information contained in or relating to any communication that you send to us (" correspondence data"). The correspondence data may include the communication content and metadata associated with the communication. Our platform underlying the Services and/or our website will generate the metadata associated with communications made using the website contact forms. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
We may process any of your personal data identified in this policy where necessary for the establishment, exercise or defense of legal claims, whether in court proceedings or in an administrative or out-of-court procedure. The legal basis for this processing is our legitimate interests, namely the protection and assertion of our legal rights, your legal rights and the legal rights of others.
We may process any of your personal data identified in this policy where necessary for the purposes of obtaining or maintaining insurance coverage, managing risks, or obtaining professional advice. The legal basis for this processing is our legitimate interests, namely the proper protection of our business against risks.
With your permission and/or by using our legitimate interest, we may also use your personal data for marketing purposes, which may include targeted advertisement and contacting you by email with information, news, and offers on our products and services. If you have subscribed to our Premium Services, we will not use your personal data for direct marketing purposes without your permission. You will not be sent any unlawful marketing or spam. We will always work to fully protect your rights and comply with our obligations under the GDPR and the Privacy and Electronic Communications (EC Directive) Regulations 2003, and you will always have the opportunity to opt-out.
We will not keep your personal data for any longer than is necessary in light of the reason(s) for which it was first collected. Your personal data will therefore be kept until you delete your account or as long as required by mandatory law. Data will be deleted within 7 days from the receiving of the cancelation request. However, personal data might still be stored in the back-ups of the services. Such back-ups are deleted after 1 year.
We will only store or transfer your personal data within the European Economic Area (the "EEA"). The EEA consists of all EU member states, plus Norway, Iceland, and Liechtenstein. This means that your personal data will be fully protected under the GDPR or to equivalent standards by law.
Swanest is free to rely on data processors. A processor is the natural or legal person who processes your personal data upon request and on behalf of us, the controller. The processor is required to ensure the security and confidentiality of the personal data. The processor will always act on the instructions of the controller. We rely on processors for hosting purposes, administrative purposes, marketing purposes, analytic purposes and communication purposes.
With a view to the optimal protection of your personal data, we have made the necessary contractual arrangements with our processors to ensure that they apply the highest privacy standards. In any event, data processors shall be required to ensure the security and confidentiality of the personal data.
Swanest may share your personal data with other companies who do not operate on behalf of us. In this regard, financial transactions relating to our platform may be handled by our payment services providers. We will share transaction data with our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds.
In addition to your rights under the GDPR, set out in Part 5, when you submit personal data via our platform, you may be given options to restrict our use of your personal data. In particular, we aim to give you strong controls on our use of your data for direct marketing purposes (including the ability to opt-out of receiving emails from us which you may do by unsubscribing using the links provided in our emails or at the point of providing your details .
If you are a UK resident, you may also wish to sign up to one or more of the preference services operating in the UK: The Telephone Preference Service ("the TPS"), the Corporate Telephone Preference Service ("the CTPS"), and the Mailing Preference Service ("the MPS"). These may help to prevent you receiving unsolicited marketing. Please note, however, that these services will not prevent you from receiving marketing communications that you have consented to receiving.
You may access certain areas of our platform underlying the Services or website without providing any personal data at all. However, to use all features and functions available on our platform or website you may be required to submit or allow for the collection of certain data.
If you want to know what personal data we have about you, you can ask us for details of that personal data and for a copy of it (where any such personal data is held). This is known as a "subject access request".
All subject access requests should be made in writing and sent to the email or postal addresses shown in Part 15.
There is not normally any charge for a subject access request. If your request is 'manifestly unfounded or excessive' (for example, if you make repetitive requests) a fee may be charged to cover our administrative costs in responding.
We will respond to your subject access request within 15 working days and, in any case, not more than one month of receiving it. Normally, we aim to provide a complete response, including a copy of your personal data within that time. In some cases, however, particularly if your request is more complex, more time may be required up to a maximum of three months from the date we receive your request. You will be kept fully informed of our progress.
By using our platform, you may also receive certain third-party Cookies on your computer or device. Third-party Cookies are those placed by websites, services, and/or parties other than us. Third-party Cookies are used on our platform to facilitate payment services, to raise awareness for our blog, to support marketing activities and to conduct analytics for the purpose to enhance our services. For more details, please refer to the table below.
All Cookies used by and on our platform are used in accordance with current Cookie Law.
Before Cookies are placed on your computer or device, you will be shown a pop-up on our website requesting your consent to set those Cookies. By giving your consent to the placing of Cookies you are enabling us to provide the best possible experience and service to you. You may, if you wish, deny consent to the placing of Cookies; however certain features of our platform may not function fully or as intended.
Certain features of our platform depend on Cookies to function. Cookie Law deems these Cookies to be "strictly necessary". These Cookies are shown in the table below. Your consent will not be sought to place these Cookies, but it is still important that you are aware of them. You may still block these Cookies by changing your internet browser's settings as detailed below, but please be aware that our platform may not work properly if you do so. We have taken great care to ensure that your privacy is not at risk by allowing them.
The following first-party Cookies may be placed on your computer or device:
|Name of Cookie||Purpose||Strictly Necessary|
|idToken||To recognise when you visit Swanest again||yes|
and the following third-party Cookies may be placed on your computer or device:
|Name of Cookie||Provider||Purpose||Strictly Necessary|
|Stripe||Stripe Inc.||To facilitate secure payments.||yes|
|Sumo||Sumo Group Inc.||To raise awareness about our newsletter and blog.||no|
|Facebook Inc.||For analytics and marketing purposes.||no|
|Twitter Inc.||For analytics and marketing purposes.||no|
|Alphabet Inc.||For analytics and marketing purposes.||no|
|Mixpanel||Mixpanel Inc.||For analytics purposes.||no|
Our platform uses analytics services provided by Google Analytics and Mixpanel. Website analytics refers to a set of tools used to collect and analyse usage information, enabling us to better understand how our platform is used. This, in turn, enables us to improve our platform and the services offered through it.
In addition to the controls that we provide, you can choose to enable or disable Cookies in your internet browser. Most internet browsers also enable you to choose whether you wish to disable all Cookies or only third-party Cookies. By default, most internet browsers accept Cookies, but this can be changed. For further details, please consult the help menu in your internet browser or the documentation that came with your device.
You can choose to delete Cookies on your computer or device at any time, however you may lose any information that enables you to access Swanest more quickly and efficiently including, but not limited to, login and personalisation settings.
It is recommended that you keep your internet browser and operating system up-to-date and that you consult the help and guidance provided by the developer of your internet browser and manufacturer of your computer or device if you are unsure about adjusting your privacy settings.
If you wish to exercise your rights, you must send a written request and proof of identity by registered mail to SYNC Financial Technology Limited, 71-75 Shelton Street, London WC2H 9JQ, United Kingdom or by email to firstname.lastname@example.org. We will respond as soon as possible, and no later than 1 month after receipt of the request.