ISEC Wealth Management Limited (hereinafter the “Company”), is committed to protect your privacy and handling your data through a transparent manner. The Company
understands the importance of maintaining the confidentiality and privacy of your
personal data. By entrusting us with your information, we would like to assure you of our
commitment to keep such information private. We have taken measurable steps to
protect the confidentiality, security, and integrity of your Information.
As per the relevant sections of the Law 2016/679, if you are a natural person, the
Company is the personal data processor and controller of your personal data in relation
to the processing activities, which your personal data undergo as stated further below.
For the purposes of this statement:
i) Personal Data shall mean any operation or set of operations, which is
performed on personal data or on sets of personal data, whether or not by
automated means, such as collection, recording, organisation, structuring,
storage, adaptation or alteration, retrieval, consultation, use, disclosure by
transmission, dissemination or otherwise making available, alignment or
combination, restriction, erasure or destruction;
ii) Controller shall mean the natural or legal person, public authority, agency or
other body which, alone or jointly with others, determines the purposes and
means of the processing of personal data; where the purposes and means of
such processing are determined by Union or Member State law, the controller
or the specific criteria for its nomination may be provided for by Union or
Member State law;
iii) Processor shall mean a natural or legal person, public authority, agency or
other body which processes personal data on behalf of the controller;
2. Privacy Notice
This Privacy notice aims to provide you with an overview of how the Company collects and
processes your personal data and informs you about your rights under the local data
protection law and the EU General Data Protection Regulation (hereinafter the “GDPR”).
This statement is directed to natural persons, who are either current or potential clients of
the Company. Furthermore, this statement is directed to natural persons, who had a
business relationship with the Company in the past.
Further to the above, this statement is providing you with information on the
Circumstances that the Company may share your personal information with any third party
related to the Company, such as payment service providers.
3. Who we are
The Company is an authorised firm, established in Cyprus, with registration number
ΗΕ 360500. The Company is registered and licensed by the Cyprus Securities and Exchange
Commission (hereinafter the “CySEC”) with license number 356/18.
If you have any questions or want more details about how the Company uses your
personal information, you can contact our Data Protection team at email@example.com
4. Collection of Information
As part of the Company’s client account opening procedures and ongoing obligations, the Company needs to abide with the legislative framework currently in place with the Cyprus
Securities and Exchange Commission (‘CySEC’). Specifically, the Company shall comply
with its legal obligations under the AML Law (Law 13(I)/2018), as amended, and the AML
Directive (Directive DI144-2007-08 of 2012) for the establishment of the Client’s
economic profile and prevention of money-laundering. Additionally, to abide with the relevant
record keeping obligations under the European Commission Delegated Regulation (EU)
2017/565 (‘Delegated Regulation’) and Law 87(I)/2017 for establishing the suitability
and appropriateness of each Client based on the services offered by each CIF (Suitability
& Appropriateness Tests) and recordings of telephone conversations, client transactions,
FATCA and CRS.
The Company, based on the points above, is obliged to request, collect and maintain
for at least five (5) years the following information:
i) Name and Surname
ii) Date of Birth
iii) Place of Birth
v) Copy of the Passport and/or of the Identity Card
vi) Utility bill (including the full address of the client)
vii) Tax Identification Number
viii) Tax Residence
ix) Telephone number
xi) Employer’s name
xiii) Industry of Employment
xiv) Gross Annual Income
xv) Net Worth
xvi) Anticipated Turnover
xvii) Bank Account Details
The Company may collect the above information directly from you (during the account
opening procedure) and/or from other persons, including for example, credit reference
agencies, fraud prevention agencies, banks, other financial institutions, third party
authentication service providers (the Company is using World Check and RDC for authentication purposes and background purposes) and also from public registers.
The Company may also collect the information about you based on your use of our website(s),
such as pages visited, frequency, duration of visit and trading activities. The Company
also keeps records of your portfolio, including a record of:
a) Products traded on your portfolio and their performance;
b) Historical data about the trades and investments including the amount invested;
c) Historical data about your payment activities and your withdrawal activities.
Further to the above, the Company may also request further information to improve its
service to you (Existing or Potential Clients) or our activities (if you are our Provider for
Trading Data) under our relevant Agreement, as the case may be, or comply with
The Company records any communications, such as electronic, telephone, in person or
otherwise, that we may have with you in relation to the services that were provided by the
Company to you and the relationship with you. The said recordings will be the Company’s
sole property and will constitute evidence of the communications between the Company
5. To Whom the Company may disclose your information
As part of using your personal information for the purposes mentioned above, we may
disclose your information to the following parties:
a) Service providers and specialist advisers, who have been contracted to provide us
with IT, financial, regulatory, compliance, accounting and/or other services.
b) Tied Agents, with whom the Company has established relationships and who are
exclusively working for the Company.
c) Regulatory Authorities.
d) Anyone authorised by you.
e) Relevant authorities to investigate or prevent fraud, money laundering or other
f) Trade Repository or similar.
g) The Company’s employees to exercise their duties in accordance with the Agreement between the Company and yourself.
The Company requires from organisations outside the Company, who handle or obtain
personal information, to acknowledge the confidentiality of this information, undertake to
respect any individual’s right to privacy and comply with all the relevant data protection
laws and this privacy notice.
6. Use of the Information
The Company will use, store, process and handle your personal data in accordance with
the General Data Protection Regulation 2016/679 and the processing of Personal Data
(Protection of the Individual) Law of 2001, as amended or replaced from time to time.
Your personal data (not publicly available information and/or already possessed by the
Company without abiding with the provisions of the general data protection regulation),
will be collected and processed explicitly and specifically only for the purposes that have
been collected for (‘purpose limitation’) while the Company must require only the
necessary information in relation to the purposes, for which it has been collected.
We may transfer your personal information outside the European Economic Area. If we
such a transfer will be made, we will ensure that the transfer is lawful and that there are
appropriate security arrangements in place to safeguard your personal data as provided
by Applicable Regulations. In furtherance, the Company follows the European
Commission instructions with respect to this matter and it shall ensure that the third country, that your data may be transferred to, is recognised by the EU Commission as
adequate in respect of the protection of your personal data.
7. Your Consent
The use of your personal information requires your consent, such consent will be
provided in accordance with the Client Agreement that it is provided to you during the
account opening procedure and is also available on the Company’s website(s). The
Company, shall rely on the provided consent as its legal basis for processing your
personal data. You have the right at any time to withdraw that consent by contacting us
via phone or via email at firstname.lastname@example.org.
If you are a natural person and the use of your personal data requires your consent,
the Company will request for your consent to be provided freely, specific, informed and
an unambiguous indication of your desires, that by statement or by clear affirmative
action, signifies agreement to the processing.
If at any case you feel compelled to consent or you will endure negative consequences if
you do not, then your consent will not be valid. Additionally, your consent shall not be
bundled-up as a non-negotiable part of terms and conditions, due to the fact that such action would
indicate that you haven’t freely provided your consent.
8. Processing your personal data without your consent
In certain circumstances the company can process your data without your consent. The
following are considered to be the most relevant cases:
i) Processing is necessary for compliance with legal obligations to which the
controller is subject.
ii) Processing is necessary for the performance of a contract to which the person
is a party, or in order to take measures of the person’s request prior entering
into a contract.
iii) Processing is necessary in order to protect the vital interests of the data
iv) Processing is necessary for the performance of a task carried out in the public
interest or in the exercise of public authority or a third party to whom the data
v) Processing is necessary for the purposes of the legitimate interests pursued by
the controller or by the third party to whom the personal data are
communicated to, on a condition that such interests, override the rights, interests
and fundamental freedoms of the persons.
9. For how long we keep your personal data
The Company shall keep your personal data for as long as the company has business
relationship with you (physical person). Once the business relationship has been ended,
we may keep your data for up to five (5) years in accordance with the Laws governing
the Company. The Company may keep your personal data for longer than five (5) years
for legal, regulatory and/or any other obligatory reason.
Retention periods will be determined taking into account the type of information that is
collected and the purpose for which it is collected, bearing in mind the requirements
applicable to the situation and the need to destroy outdated, unused information at the
earliest reasonable time.
10. Management of your personal information and Safeguard Measures
The Company has taken all the appropriate organisational measures to ensure that your
personal data are secured. Moreover, the Company has established an internal
educational training for its employees so as to mitigate any risks that may affect your
data. The employees that are processing your data are being trained to respect the
confidentiality of customer information and the privacy of individuals. We consider
breaches of your privacy as top priority and the Company will enhance its internal
procedures to prevent any such event.
The Company has implemented procedures in respect of safeguarding your data. Access
to your information is only given to the employees and/or Tied Agents that need to have access to
it in order to enable the continuity of the agreement between you and the
Furthermore, we hold personal information in a combination of secure computer storage,
secure servers and from time to time if it is deemed necessary we will store them in
paper-based files. The Company has taken all the necessary steps to protect the personal
information that it holds from misuse, loss, unauthorized access, modification or
While we will use all reasonable efforts to safeguard your information, you acknowledge
that the use of the internet is not entirely secure and for this reason we cannot
guarantee the security or integrity of any personal data transferred from you, or to you
via the internet.
11. Change of Information
You may inform the Company at any time that your information has changed or that you
wish the Company to delete information we hold about you by emailing us at
email@example.com . We will change or delete your information in
accordance to your instructions, except to the extent that we are required to hold your
information for regulatory or legal purposes, to provide you with the Services you have
requested or to maintain adequate business records.
12. Right of Access
As a natural person you have the right to obtain a copy of any personal information
which we hold about you and to advise us of any perceived inaccuracy. Additionally, you
may also request the reasoning of holding such information.
To make a request, please contact us, verifying your identity and specifying what
information you require. You may contact us via e-mail at
If you have any questions regarding this Privacy Notice, wish to access or change your
Information, have a complaint, or if you have any questions about the security on our
Website, you may email us at firstname.lastname@example.org.
Furthermore, in case you are not happy with the quality of Services we have provided
you with regards to the personal data processing, , as a natural person, you have the
right to lodge a complaint with our supervisory authority, which is the Commissioner for
Personal Data Protection in the Republic of Cyprus.
14. Update of this Notice
This Notice is subject to change without notice. For this reason, you are advised to look for updates from time to time.