Contents

Introduction............................................................................................................................................. 3

Scope of the Privacy Policy

.................................................................................................................3

Our Commitment to You...................................................................................................................... 3

Data Protection Officer

........................................................................................................................ 3

Your Consent to Collection and Use of Personal Information

...................................................3

Why We Process and Use Your Information

...................................................................................4

Disclosure of your Personal Data

...................................................................................................... 5

Safeguard Measures

............................................................................................................................. 6

Duration of keeping Your Information

..............................................................................................6

10.

Your Legal rights

...................................................................................................................................7

11.

...................................................................................................................................................8

12.

Geographical processing of Personal data

...................................................................................8

13.

Questions

............................................................................................................................................... 8

14.

Update of this Policy...........................................................................................................................8

Scope of the Privacy Policy

Through this privacy policy, your data may be called either “personal data” or “personal

information”. We may also sometimes collectively refer to handling, collecting,

protecting and storing your personal data or any such action as “processing” such

personal data.

For the purposes of this statement, personal data shall mean any information relating to

you which identifies or may identify you and which includes, for example, your name,

address and identification number.

To fully understand the changes and terms that will govern your use of our “Services,”

you will need to read the full Privacy Policy and Cookie Policy.

Our Commitment to You

We understand the importance of maintaining the confidentiality and privacy of Your

Information. By entrusting us with Your Information, we would like to assure you of our

commitment to keep such information private. We have taken measurable steps to

protect the confidentiality, security and integrity of Your Information.

Data Protection Officer

Should you have any questions about this privacy policy, including any requests to

exercise your legal rights, please send us an email at: [email protected]

Your Consent to Collection and Use of Personal Information

The Company collects information directly from you, through any correspondence made

with us by phone, e-mail or otherwise; including information which you enter when you

activities carried out on our website or any connected applications. Please note that

when you access our Website we collect non-identifiable information in the following

ways:

•

Contact Data – we collect, which may include, but are not limited to, your first

name, last name, nationality, date of birth, telephone number (landline and

mobile), fax number, email address and postal address

•

Personal and Professional Information - we collect, which may include, but are

not limited to, your marital status, education, occupation, information regarding

your financial situation such as source of wealth and gross annual income, tax

identification number.

•

Cookies (including third party Cookies) – Please refer to section 11 “Cookies”

•

Financial data – to use the Company’s services, we may require to collect certain

information, such as bank details, trading activity, transaction history, account

balance information.

The Company will need to obtain the following documents for verification purposes of

Clients’ trading accounts which are not limited to:

a) Proof of Identification (e.g. Passport/ID/Driver’s License)

b) Proof of Address (e.g. Utility Bill, bank letter)

c) Proof of Payment (e.g. Bank Statement)

The Company has the right to request additional documents and information to carry

out its due diligence where it deems fit. We only collect personal data that is adequate

and relevant for the purposes of our business and for a reasonable period of time as

required by law. We never ask for more information that is required by law.

If you have given us your specific consent for processing (other than for the reasons set

out above) then the lawfulness of such processing is based on that consent. You also

consent when the Company is transferring your personal information outside the

European Economic Area (“EEA”) where this is necessary for the Company to fulfil its

contractual obligations to you (see section 12 below). You have the right to revoke

consent at any time. However, any processing of personal data prior to the receipt of

your revocation will not be affected.

Why We Process and Use Your Information

We are committed to protecting your privacy and handling your data in a transparent

manner, and as such we collect, use, disclose, store and process your personal data for

the performance of our services as required by law.

Furthermore, we are obligated to collect such personal data not only for the

commencement and execution of a business relationship with you but also for the

performance of our contractual, regulatory, statutory and legal obligations.

Based on the requirements of our regulated authorities in our efforts to maintain our

Know-Your- Client procedures, we will require to verify clients’ trading accounts, so to

ensure our clients meet appropriateness and suitability requirements, process

transactions, send information about transactions/services and keep you updated with

products, services and news.

We further collect data to operate, provide, improve, understand, customise and

support our services in relation to your account.

We may collect your personal information through our App(s), one of our social medial

channels, public databases; joint marketing partners; from people with whom you are

connected on social media platforms, as well as from other third parties. Use of this

personal information, allows us to deliver information by email, SMS, push notification,

email, in-app notification or contact you by telephone or by any other means to provide

you with information about our products, services, training and offers we think would be

of interest to you. Such information is secured and treated as confidential. We always

give you the right to opt out/unsubscribe to receiving such communications from us at

any time.

Disclosure of your Personal Data

When providing our services or conducting our business operations, if necessary, we

may disclose or share your personal data. Such sharing of data is in accordance with

the Company’s internal security policies and applicable data privacy laws. We do not

sell the personal data we collect from you, or we do not distribute/transfer any personal

data to any unauthorized or non- affiliated third parties.

All the Company’s external services providers and suppliers enter into contractual

agreements with us, by which they legally agree to confidentiality and data protection to

the data protection law and General Data Protection Regulation (EU 2016/679) (“GDPR”)

and the Protection of Personal Information Act, 2013. Recipients with whom we may

disclose or share your personal information, may include the following:

a) Within the Company – such as various departments within the Company, where

all employees and contractors are required to follow our data privacy and

security policies when handling personal data.

b) Supervisory and other regulatory and public authorities, notary offices, tax

authorities, criminal prosecution authorities as much as a statutory obligation

exists

c) Third Party service providers – such as, and which are not limited to, financial

institutions, banks and payments processing providers, external and internal

auditors, financial and business advisors, fraud prevention agencies, Debt

collectors subject to bankruptcy or insolvency claims, External authorised

processors for processing client data, software system and platform

support, cloud hosting services, data analytics,

direct marketing/advertising services.

Safeguard Measures

The Company takes reasonable precautions to protect Personal Information from loss,

theft, misuse, unauthorized access or disclosure, alteration, or destruction.

The Company employ physical, electronic, and procedural safeguards to protect Personal

Information and it does not store Personal Information for longer than necessary to

provide the Service or as permitted by law.

In accordance with the recommendations of Payment Card Industry Security Standards

Council, customer card details are protected using Transport Layer encryption — TLS

1.2 and application layer with algorithm AES and key length 256 bit. The Company

does not store or collect any Credit Card data. All credit card information is stored on

the payment provider side. All payments made between Company and Client, and vis a

vis, via the Company’s merchant accounts and/or third party payment processing

service providers, the Client will receive unique billing descriptor on their card statement

from the bank, confirming the payment and which may include, but not limited to, the

description "ehamarkets, branded website and Customer support service telephone

number.

The Company’s datacenter(s) contain both internal and external servers. Access to the

Company’s internal server is restricted to pre-approved persons, servers and locations;

our external servers can be accessed via the Internet. Your Information is stored and

encrypted on secure servers and our servers can only ever be accessed by authorized

personnel.

While we will use all reasonable efforts to safeguard Your Information, you acknowledge

that the use of the internet is not entirely secure and for this reason we cannot

guarantee the security or integrity of any personal data transferred from you, or to you

via the internet.

Duration of keeping Your Information

You may request from us to erase/delete your personal data in cases where there is no

rationale as to the need for us to continue to process it. However, we may not be able to

comply with your request due to regulatory requirements by which you will be notified

accordingly.

We will not keep Your Information for any longer than is required for legal and/or

business purposes. In many cases, information must be kept for considerable periods of

time, subject to a maximum of seven (5) years. Retention periods will be determined

considering the type of

information that is collected and the purpose for which it is collected, bearing in

mind the requirements applicable to the situation and the need to destroy outdated,

unused information at the earliest reasonable time.

Your Legal rights

You have the following rights under data protection laws in terms of personal data we hold

about you:

a) Receive a Copy of your personal data – you have the right to have access to your

personal data, where your personal data is stored, how we collected your data

and for what purposes. Your request to obtain your personal data must be sent

to us in writing via a durable medium, where we will process your request in

accordance with the applicable law(s).

b) Request rectification/correction of the personal data we hold about you – you can

at any time have the right to correct any inaccurate or incomplete data we hold

about you. If this applies to you, please reach to our Customer Support Team.

c) Request erasure of your personal information – you have the right to request

deletion of your personal data (“right to be forgotten”). Please bear in mind that

we are under certain legal obligation to hold your data for a maximum of seven (5)

years.

d) Object to processing of your personal data – you have the right to object to the

processing of your personal data. Should you object to processing certain data,

then we may not be able to provide you our services.

e) Right to data portability – you have the right to request for your personal data to

be transferred to a third party, your request to transfer your personal data must

be sent to us in writing via a durable medium, where we will process your request

in accordance with the applicable law(s).

f) Data being processed for direct marketing purposes – you have the right to

object for your personal data to be used for direct marketing (this includes

profiling), where you can unsubscribe to our direct marketing campaigns.

Please note that for all the above mentioned, we may need to request specific

information from you to help us confirm your identity. This is a security measure to

ensure that personal data is not disclosed to any unauthorized third party. In

certain circumstances relevant legal requirements may prevent us from providing your

personal information.

10.

We use cookies to help us find which services you are interested in and remember

details about your application. We don't store sensitive information like your name or

address in our cookies, just an anonymous reference to them so that we're able to find

them. We also occasionally set Cookies to help you navigate around the site, enhance

your experience, or give you important information regarding interests.

When you access our Website, we collect information that your browser sends

whenever you visit the Website or an online service (“Cookies”). Such Cookies may

include, but is not limited to, your computer’s Internet Protocol address, browser type,

the web page you were visiting before you came to the Site and information you search

for on the Site. In addition, if you access the Website via a mobile device, we may

collect a PushID, subject to your consent as indicated by you in the mobile application,

and a Mobile IP.

You can choose to disable or block these cookies in your browser but without some of

them our site will not be able to give you the best experience possible.

11.

Geographical processing of Personal data

In order to provide services to you, you acknowledge that it may be necessary for your

information to be transferred to someone who provides a service to us in other countries,

including some outside of the European Economic Area ( ''EEA''), and you consent to

such transfer. To the extend we transfer your information outside the EEA, we will ensure

that the transfer is lawful and that the Processors in third countries are obligated to

comply with the European data protection standards and to provide appropriate

safeguards in relation to the transfer of your data in accordance with GDPR Article 46

and Protection of Information Act, 2013.

12.

Questions

If you have any questions regarding this policy, wish to access or change your

information or have a complaint, or if you have any questions about security on our

Website, you may email us at support@ehamarkets.com

14. Update of this Policy

This Policy is subject to change without notice. For this reason, you are advised to look

for up- dates from time to time.