This Policy is based on the privacy and data protection principles common to the countries in which we operate. This Policy is intended to summarize SIPA’s data protection practices generally and to advise our customers, prospective customers, job applicants, website visitors and other third parties about SIPA’s privacy policies that may be applicable to them.
This Policy is specifically addressed to those who provide Personal Information to SIPA or who visit or use SIPA’s websites, trading platforms, software application and social media sites.
Who is responsible for your Personal Information?
SIPA is responsible for the Personal Information that we may collect in the manner discussed below. SIPA includes: SIPA Group SA, Rue Lion d’Or 6, 1003 Lausanne, Switzerland; SIPA Bulgaria, 22 Slivnitsa Blvd. 9000 Varna, Bulgaria; and their respective affiliates (the “SIPA Entities”). Specifically, your Personal Information will be controlled by the SIPA Entity that is providing services or communication to you. In some instances, your Personal Information will be controlled by more than one SIPA Entity.
How do we collect your Personal Information and what Personal Information do we collect?
SIPA collects and processes Personal Information from you. This may include, among other things, information:
provided during the SIPA account application process or during use of any of SIPA’s website applications (for example, your name, email address, telephone number, birth date, tax ID number, investment objectives, etc.);
acquired as a result of the transactions you conduct through the SIPA systems or in connection with services offered by SIPA (for example, if you participate in SIPA’s asset management program);
received from consumer-reporting agencies;
Are you required to provide Personal Information?
In order for you to utilize our services, you will provide us with your Personal Information entirely voluntarily. In most circumstances SIPA cannot take action without utilizing certain of your Personal Information, for example, because this Personal Information is required to process your instructions or orders or provide you with access to our services or marketing materials. In most cases, it will be impossible for us to provide the services to you without the relevant Personal Information.
For what purposes will we use your Personal Information?
We may use your Personal Information for the following purposes (“Permitted Purposes”):
To provide you with brokerage and other services available on our platforms, and/or to deal with any requests or inquiries you may have;
To pursue legitimate interests, including to carry out, monitor and analyze our business or operations;
To conduct our recruiting processes;
To contact you (unless you tell us that you prefer us not to) regarding features and functionality that may be of interest to you;
To enter into or carry out contracts of various kinds;
To conduct monitoring by us or any other person on our behalf using various methods, including: (i) the use of “intelligent” automated monitoring tools; or (ii) through random monitoring of systems, for example systematically via electronic communication recording tools; (iii) specific monitoring of systems for example in relation to investigations, regulatory requests, subject access requests, litigation, arbitration or mediation or; (iv) data tracking, aggregation and analysis tools that pull data from various disparate data sources to draw linkages and/or detect behavioural patterns, interactions or preferences for analysis (including predictive analysis); and/or (v) using other similar monitoring technology that may become available from time to time;
To comply with applicable laws or regulations in any country;
For any other purpose for which your Personal Information was provided to us.
We may process your Personal Information for the following purposes after obtaining your express consent where legally required:
To communicate with you through the channels you have approved to keep you up to date on the latest developments, announcements and other information about IBKR services, products and technologies;
To conduct customer surveys, marketing campaigns, market analysis, or promotional activities;
To collect information about your preferences to create a user profile to personalize and foster the quality of our communication and interaction with you (for example, by way of newsletter tracking or website analytics).
Where legally required, with regard to marketing-related communication, we will only provide you with such information after you have opted in and we will also provide you with the opportunity to opt out at any time if you do not wish to receive further marketing-related communication from us. We like to keep our customers, personnel and other interested parties informed of company developments, including news relating to SIPA that we believe is of interest to them. If you do not wish to receive publications or details of events or seminars that we consider may be of interest to you, please let us know by following this link: https://www.sipagroup.com. Where legally required, we will not use your Personal Information for taking any automated decisions affecting you or creating profiles other than described above.
Depending on which of the above Permitted Purposes we use your Personal Information for, we may process your Personal Information on one or more of the following legal grounds:
Because processing is necessary for the performance of a client instruction or other contract with you or your organization;
To comply with our legal obligations (for example, to keep pension records or records for tax purposes);
Because processing is necessary for the purposes of our legitimate interest or those of any third party recipients that receive your Personal Information, provided that such interests are not overridden by your interests or fundamental rights and freedoms.
Because processing is useful or necessary in our discretion, and is not prohibited under the law of the relevant jurisdiction.
In addition, the processing may be based on your consent where you have expressly given that to us.
Who we share your Personal Information with, and in what circumstances
We may share your Personal Information in the following circumstances:
We may share your Personal Information between the SIPA Entities on a confidential basis as allowed by applicable law or where required for the purpose of providing products or services and for administrative, billing and other business purposes. A list of the countries in which SIPA Entities are located can be found on our website;
We may share your Personal Information with companies providing services in the areas of fraud and crime prevention and with companies providing similar services, including financial institutions such as credit reference agencies and regulatory bodies;
We may share your data with third parties to assist us with the conduct of our recruitment processes;
Consistent with applicable law, we may share your Personal Information with courts, law enforcement authorities, regulators or attorneys or other parties for the establishment, exercise or defence of a legal or equitable claim or for the purposes of a confidential alternative dispute resolution process;
We may also use aggregated Personal Information and statistics for the purpose of monitoring website usage in order to help us develop our website and our services.
Otherwise, we will only disclose your Personal Information when you direct us or give us permission to do so, when we are allowed or required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities
Personal Information about other people that you provide to us
Keeping Personal Information about you secure
To the extent required by law, we will take appropriate technical and organizational measures to keep your Personal Information confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to Personal Information. Personal Information may be kept on our Information Technology systems, those of our contractors or in paper files
Transferring your Personal Information outside the EEA (if GDPR applies)
For Personal Information subject to the General Data Protection Regulation (EU) 2016/679 (“GDPR”) we may transfer your Personal Information outside the EEA for the Permitted Purposes as described above. This may include countries that do not provide the same level of protection as the laws of your home country (for example, the laws within the EEA or the United States). We will ensure that any such international transfers are made subject to appropriate or suitable safeguards if required by the GDPR or other relevant laws. You may contact us at any time using the contact details below if you would like further information on such safeguards.
With respect to persons covered by GDPR, in case Personal Information is transferred to countries or territories outside of the European Economic Area (“EEA”) that are not recognized by the European Commission as offering an adequate level of data protection, we have put in place appropriate data transfer mechanisms to ensure Personal Information is protected.
Updating your Personal Information
If any of the Personal Information that you have provided to us changes, for example if you change your email address or if you wish to cancel any request that you have made of us, please let us know by contacting SIPA Customer Service through the SIPA website at sipagroup.com/help. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Information that you provide to us.
How long do we retain your Personal Information?
We retain your Personal Information in an identifiable form in accordance with our internal policies which establish general standards and procedures regarding the retention, handling and disposition of your Personal Information. Personal Information is retained for as long as necessary to meet legal, regulatory and business requirements. Retention periods may be extended if we are required to preserve your Personal Information in connection with litigation, investigations and proceedings.
Further rights for persons or information covered by GDPR
With respect to EEA residents and where your Personal Information is processed by an SIPA Entity established in the EEA (“Covered Individuals”).
If you are a Covered Individual, you have a number of legal rights under GDPR in relation to the Personal Information that we hold about you. These rights include:
Obtaining information regarding the processing of your personal information and access to the personal information that we hold about you. Please note that there may be circumstances in which we are entitled to refuse requests for access to copies of personal information, (in particular, information that is subject to legal professional privilege);
Requesting that we correct your personal information if it is inaccurate or incomplete;
Requesting that we erase your personal information in certain circumstances. Please note that there may be circumstances where you ask us to erase your personal information but we are legally entitled to retain it;
Objecting to, and requesting that we restrict, our processing of your personal information in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your personal information but we are legally entitled to refuse that request;
Withdrawing your consent, although in certain circumstances it may be lawful for us to continue processing without your consent if we have another legitimate reason (other than consent) for doing so.
We have designated a Data Protection Officer (“DPO”) to enhance and promote compliance with and understanding of privacy and data protection principles. If you wish to do any of the above, please send an email to email@example.com.
We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorized disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data and for any additional copies of the Personal Information you request from us.
We will consider any requests or complaints that we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may take your complaint to the relevant privacy regulator. We will provide you with details of your relevant regulator upon request.
How to contact us
What are Cookies and Web Beacons?
Cookies are pieces of data that a website transfers to a user’s hard drive for record-keeping purposes. Web beacons are transparent pixel images that are used in collecting information about website usage, e-mail response and tracking. Generally, cookies may contain information about your Internet Protocol (“IP”) addresses, the region or general location where your computer or device is accessing the internet, browser type, operating system and other usage information about the website or your usage of our services, including a history of the pages you view
Strictly Necessary Cookies
These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by you which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can configure your browser to block or alert you about these cookies, but certain areas of the site will not function properly. These cookies do not store any personal data.
Performance Cookies and Web Beacons
These cookies and web beacons allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information that these cookies and web beacons collect is aggregated and, therefore, anonymous. If you do not allow these cookies and web beacons our aggregated statistics will not have a record of your visit.
These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third party providers whose services we have added to our pages. If you do not allow these cookies, some or all of these services may not function properly.
Targeting Cookies and Web Beacons
These cookies and web beacons may be set throughout our site by our advertising partners. They may be used by those companies to build a profile of your interests and show you relevant advertisements on other sites. They do not store personal information that could identify you directly, but are based on uniquely identifying your browser and internet device. If you do not allow these cookies and web beacons, you will experience less targeted advertising. The website does not track users when they cross to third party websites, does not provide targeted advertising to them and therefore does not respond to Do Not Track (“DNT”) signals.
Managing Your Cookie Preferences
You have many choices with regards to the management of cookies on your computer. All major browsers allow you to block or delete cookies from your system. However, if you do decide to disable cookies you may not be able to access some areas of our website or the website may function incorrectly. To learn more about your ability to manage cookies and web beacons and how to disable them, please consult the privacy features in your browser or visit www.allaboutcookies.org.