Who is responsible for your personal data?
Marex is responsible for your personal data. The Marex group of companies includes Marex Financial (including the Marex Solutions division), Marex Spectron International Limited, CSC Commodities UK Limited, Marex Spectron Europe Limited, Marex North America LLC (including the Rosenthal Collings Group division), Marex Hong Kong Limited, Marex Spectron Asia Pte Ltd and Spectron Energy (Asia) Pte Ltd (individually and collectively “Marex”).
What is personal data?
We collect information about you in a range of forms, including personal data. As used in this Policy, “personal data” has the meaning given to it in the GDPR, and includes any information which, either alone or in combination with other information we hold about you, identifies you as an individual, including, for example, your name, postal address, email address and telephone number.
How does Marex collect your personal data?
We may collect and process personal data about you or relating to you in the following ways: if you register to become a client of our Services; if you send us a message through our Services or correspond with us by telephone in writing or otherwise; administering and operating your account; as you visit web pages on our Website; and from any of your activities in connection with your use of our Services. We will at all times minimise the collection and use of personal data to what is necessary to administer our business and deliver our Services to you. In order to process your requests and transactions we will use the information provided by you. To serve you better, we may combine information you give us through various channels. With regard to each of your visits to our Website, we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, your ISP and/or mobile carrier, browser plug-in types and versions, operating system and platform, your location (if you are accessing the Services from a mobile device (note that most mobile devices will allow you to prevent location data from being sent to us));
- information about your visits, including the full Uniform Resource Locators (URLs) to, through and from which you access our service (including date and time); pages you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information, methods used to browse away from the page.
For which purposes will we use your personal data
We will only process your personal data when we have specific purpose and lawful reasons to do so. We may process your personal data on one or more of the following legal grounds:
- because processing is necessary for the performance of our Services to you under the contract with you or your organisation;
- To comply with our legal and regulatory obligations;
- Because processing is necessary for the purpose of our legitimate interests.
In addition, the processing may be based on your consent where you have expressly given that to us. Where we rely on legitimate interests as a lawful basis to process your personal data, we will carry out a balancing test to ensure that your interests, rights and freedoms do not override our legitimate interests. If you want further information on the balancing test we have carried out, you can request this from our Data Protection Officer firstname.lastname@example.org. We may use your personal data for the following purposes: Providing our Services to you as requested by you or your organisation; Administering your account with Marex; Protecting the security of and managing access to our premises, IT and communication systems, online platforms, Websites and other systems, preventing and detecting security threats, fraud or other criminal or malicious activities, Compliance with our legal obligations (such as record keeping obligations), compliance screening or recording obligations (e.g. for anti-money laundering, financial and credit checks and fraud and crime prevention and detection purposes); For monitoring and assessing compliance with our internal policies and standards; To identify persons authorised to trade on behalf of our clients, customers, suppliers and/or service providers; To comply with our legal and regulatory obligations and requests anywhere in the world, including reporting to and/or being audited by national and international regulatory bodies; To comply with court orders and exercises and/or defend our legal rights; and For any purpose related and/or ancillary to any of the above or any other purpose for which your personal data was provided to us.
With whom will we share your personal data?
As part of delivering our Services to you, we may provide third parties access to personal data for the sole purpose of them providing their services to us. We will use reasonable endeavours to ensure that those third parties only use your personal data for the specific purposes for which it is provided to them and consistently with this Policy and the requirements of the GDPR. We may share your personal data in the following circumstances: we may share your personal data between the Marex group companies on a confidential basis where required for the purposes of providing the Services to you and for administrative, billing and other business purposes; We may share your data with any third party to whom we assign or novate any of our rights or obligations; We may also instruct third party service providers to process personal data on our behalf and in accordance with our instructions. We will retain control over and will remain fully responsible for your personal data and will use appropriate safeguards as required by applicable law to ensure the integrity and security of your personal data when engaging such service providers; We may share your personal data with courts, law enforcement authorities, regulators or attorneys or other parties where it is reasonably necessary for the establishment, exercise or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process. Otherwise, we will only disclose your personal data when you direct us or give us permission, when we are required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.
Processing of your personal data by outside the EEA
Marex is a globally active commodities broker. We may transfer your personal data abroad in connection with the provision of Services to you. This may include countries outside the European Economic Area which do not provide the same level of protection as the laws of the European Economic Area. We will ensure that such international tranfers are made subject to appropriate or suitable safeguards as required by the GDPR.
Keeping your personal data secure
We will take appropriate technical and organisational measures to keep your personal data confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to personal data. Personal data may be kept on our systems or in paper files. Our employees respect your privacy and are required to safeguard your personal data pursuant to the terms of their employment contracts with Marex.
Subject to certain legal conditions, you have the right to request a copy in a structured, commonly used and machine-readable format of the personal data about you which we hold, to have any inaccurate personal data corrected, object to or restrict us using your personal data or have your personal data erased (Right to be forgotten). You may also make a complaint if you have a concern about our handling of your personal data. We do not engage in automated individual decision/making or profiling, but were this to occur you would be notified and you have the right to request that any decision which produces legal effects on yourself will not solely be based on said automated process. If you wish to do any of the above please send an email to email@example.com. We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorised disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data, and for any additional copies of the personal data you request from us. We will consider any requests or complaints which we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may lodge complaint about our processing of your personal data with the office of the information commissioner (www.ico.org.uk) .
For how long do we retain your personal data?
We will retain your personal data for the period necessary to fulfil the purposes outlined in this Policy or until your withdraw your consent and we are not legally required or otherwise permitted to continue storing such data.
Updating personal data about you
If any of the personal data you have provided to us changes, for example if you changed your email address, or if you become aware that we have any inaccurate personal data about you, please let us know by sending an email to firstname.lastname@example.org. We will not be responsible for any losses arising from incomplete, inaccurate, inauthentic or deficient personal data that you have provided to us.
Updates to this Policy
This Policy was last updated in May 2018. We reserve the right to update and change this Policy from time to time in order to reflect any changes to the way in which we process your personal data or changing legal requirements. In case of any such changes, we will post the updated Policy on the Website or publish it otherwise. The changes will take effect as soon as they are posted on the Website.
If you have any questions or concerns, please contact our Data Protection Officer (DPO) by emailing email@example.com.