Privacy and Data Policy
This policy (together with our terms and any other documents referred to) sets out the basis on which any personal data we collect from customers or that they provide to us will be processed by us.
This policy also provides information on how customers can instruct us if they prefer to limit the use of their personal information as well as the procedures that we have in place to safeguard their privacy.
For the purpose of the Data Protection Act 1998, the data controller is HedgePRO. In relation to all personal data that we hold, we will observe our obligations under the Data Protection Act 1998 and the Data Protection Principles, under the UK Data Protection Act (DPA), as well as European Union General Data Protection Regulation (GDPR).
Information we may collect from customers
If customers notify us by e-mail or other written communication that any of the information which we hold about them is incorrect or misleading, we will take prompt action to correct or amend the information. They may do this by sending an e-mail to support@hedge-pro.com.
Unless permission is given by the customer in writing, we undertake to keep information about them confidential and in a way which does not enable them to be identified from the information displayed on our site.
Data breaches
HedgePRO commits to inform the customer and the relevant authorities, without undue delay, on becoming aware of any personal data that is subject to a personal data breach (as defined in Article 4 of the GDPR) while in our possession or control.
Agreed uses of personal information
We will acquire, store, process, use and disclose personal data about customers if collected through general enquiry email address, feedback form, registering for events, registering for newsletters.
We store customer data in the cloud with a third-party provider, this data is only used in the providing of our services. We provide a range of services which require us to process personal data to carry out our customers’ instructions. For example, we collect the identity of the user, their IP address, the reason for payment and the details of the recipient, in order to carry out an international payment on their behalf.
Whenever we transfer your personal information outside of the UK and the EU, we ensure it receives additional protection as required by law. To keep this privacy policy as short and easy to understand as possible, we have not set out the specific circumstances when each of these protection measures are used.
We may be forced to disclose information by the government or other law enforcement agencies or in connection with the investigation of unlawful activities. Third parties may also unlawfully intercept or access transmission or private communications. These are therefore exceptions to our policy of maintaining the privacy and confidentiality of their personal information.
If our business is sold, transferred or merged with another business, their details may be disclosed to our advisers and any prospective purchasers and their advisers and will be passed on to the new owners of the business. Except as explained above, we will not disclose their personal data to any third parties for any other purpose.
Storing customer personal information
We are GDPR compliant. We store all information customers provide to us on our secure servers. Once we have received their information, we will use strict procedures and security features to prevent unauthorised access.
Consent
By submitting their personal information to us, the customer consents to the use of that information as set out in this policy.
Access to information
We will ensure clients are aware that they have the right to access information held by us about them. Their right of access can be exercised in accordance with the Data Protection Act 1998. We retain the personal data processed by us for as long as is considered necessary for the purpose for which it was collected (including as required by applicable laws or regulations). In the absence of specific legal, regulatory or contractual requirements, our baseline retention period for records and other documentary evidence created in the provision of as set out by law. After this point, data is deleted and related accounts deactivated.
Changes to our privacy policy
If we change our privacy policy we will post the changes on our website, so that customers may be aware of the information we collect and how we use it at all times. We will also email the customer should we make any changes so that they may consent to our use of their information in that way. Continued use of the service will signify that they agree to any such changes unless we have been notified.