The protection of privacy and the safeguarding of your Personal Data and financial information [Personal Information]is our highest priority. We respect your privacy rights and are strongly committed to protecting your privacy. In this Policy “we”, “us” and “our” means MFS Financial Services (DIFC) Limited [MFS] and “you”, “your”, “the user” means the individual or an authorized representative of a corporate entity who uses this Site. In the course of providing financial Products and Services, we collect and maintain certain information such as name, age, residential address and any other information we may collect when you use our Site, in order to enter into a transaction or open an account with us.
This Policy explains how we collect and protect your Personal Information. We ensure that any Personal Information obtained from you is not used or disclosed unless we have obtained your consent for such disclosure. By opening an account or by using our Site, you give your consent to the collection, use and the disclosure of Personal Information by us in accordance with this Policy and other agreements (if any) you have entered with MFS.
If you are a Customer of MFS and who is a natural person in a European Union country, you will be referred to as “the Data Subject” and you may be protected under the General Data Protection Regulations(GDPR) as applicable.
means a legal entity that controls, is controlled by or is under common control with another legal entity, but only while that control relationship exists. To “control” means the direct or indirect ownership or power to control more than 50% of the issued shares or other securities of an entity or of the voting rights attached to the issued shares or other securities of such entity; or the power to control, directly or indirectly, the appointment of more than 50% of any board of directors or governing body of such entity.
means the financial products made available to you by MFS and/ or its Affiliates.
means the services made available to you through our Site.
GDPR related Definitions:
Data Controller: means the entity (legal person, public authority, agency or other body) that determines the purposes, conditions and means for the processing of Personal Data of Data subjects.
Data Processor: means the entity (legal person, public authority, agency or other body) that processes Personal Data on behalf of the Data Controller (excluding the Data Controller’s own employees).
Data Subject: means an identified or identifiable natural person / the Customer who is in a European Union country; s.
Personal Data: means any information relating to an identified or identifiable natural person” i.e. a Data Subject. This includes, but is not limited to any information relating to an identified individual (i.e. making reference to information personal to that individual’s name, surname, etc.), or any information relating to someone who could be identified based on a variety of identifiers (i.e. tax number, online identifier, or any other identifiers).
- Collection and use of Personal Information
We collect your Personal Information through our Site when you log in to the Site. You may also provide Personal Information to us when you subscribe for any Products or Services or when you fill in account opening applications (whether written or electronic) or provide information in any other form.
Personal Information we collect may include information required to communicate with you and consist of the following information:
- Your name,
- Mailing address,
- Telephone number,
- E-mail address and other identification information,
- Demographic information,
- Birth date,
- Information about your intended transactions with us and other information,
- Information about transactions you enter into through our Site in order to assess your trading experience,
- Your approximate annual income and approximate net worth to assess your financial position and suitability for entering into transactions with us,
We may use the information collected from you for the following purposes:
- To establish and verify your identity and contact information,
- To establish and set up your trading account,
- Issue an account number and a secure password,
- To monitor your account activity and contact you with account information,
- To personalize and continually improve the Services,
- To customize your browsing experience and inform you about additional Products, Services or promotions that may be of interest to you.
- How long we keep your information
We keep your information only so long as we need it to provide services to you and fulfill the purposes described in this policy. This is also the case for anyone with whom we share your information and who carries out services on our behalf.
We may also retain information about you after the closure of the account or if your application is declined or abandoned for as long as we require in order to comply with legal and regulatory requirements and for our legitimate business purposes. We will ordinarily retain your information for six (6) years or as otherwise required by DIFC Law.
- Disclosure of Personal Information
We may share your Personal Information with our Affiliates and third parties for the purposes of providing you with Products and Services. For example, we may share your personal information in order to process transactions for your account, execute your trades on an exchange, and manage and administer your account or we may share your personal information with any of our service providers as required by them enabling them to provide their services to you. Furthermore, these service providers may only use your data in accordance with our mandate.
Our Affiliates will deal with your Personal Information in the same way as described in this privacy statement. MFS may disclose the information to MFS’s agents and sub- contractors as necessary in order to provide the Services to you.
We may be obliged to disclose your Personal Information in certain circumstances for legal or regulatory reasons, including but not limited to instances where we are required to disclose the information in accordance with the laws and regulations of Dubai Financial Services Authority (DFSA) or any other applicable regulation.
We may also disclose your Personal Information as necessary to perform credit checks, collect debts, enforce our legal rights or protect our interests and property.
- Data Security, Safety of Personal Information
We have taken appropriate steps to ensure the security of any Personal Information that we collect and held by us, including limiting the number of people who have physical or network access to our database servers.
A secure http/ communication channel ensures the security of data communications made through our Site. Your information is protected during transmission by using Secure Sockets Layer (SSL) software, which encrypts information transmitted to us. Furthermore, a 128 bit key, the most secure form of commercially available encryption, is used to ensure the security of your transactions. We also provide you with a unique user name and password to access your account information online. You are responsible for keeping this password confidential.
We assume no responsibility for loss of whatever nature, howsoever arising and/or resulting from computer viruses, trojans, worms or equivalent or similar items which is beyond our control.
Transmission of information via the internet is not completely secure. Although we have implemented systems and processes to protect your Personal Information, no data transmission over the Internet can be guaranteed to be completely secure. Accordingly, transmission of data should be done at your own risk.
We may record and monitor any telephone calls made to us or received by us to maintain our service standards, to check instructions, for compliance purposes and otherwise for your protection and ours.
- Links to other websites
Our Site may contain links to other websites. Please be aware that we are not responsible for the privacy practices of such other websites.
If the use of the websites of other third parties/ service providers is associated with the collecting, processing and use of personal data/personal information, please refer to the data protection notes of the respective third-party websites.
We reserve the right to change this Policy at any-time by posting revisions on this site. Such changes will be effective upon posting. We advise you to check our site frequently to review any changes to this Policy.
- Rights under GDPR
We are committed to fulfilling our obligations concerning the exercise of your rights under GDPR as a Data Controller or sometimes as a Data Processor, if you are a Data Subject/Customer who is a natural person in a European Union country subject to the other terms already specified in this policy. Please be advised that you have the following rights under GDPR (to the extent GDPR applies to your personal data):
- The right to request access to, personal data or restriction of processing or to object to processing, and rectification.
- The Right to erasure (i.e., the right to be forgotten): means that the Data Subject has the right to erasure of his/ her personal data without undue delay, as well as the cease of further data dissemination. To the extent that it is required by the regulatory bodies or under the Governing law, we may continue to store the personal data despite your request to erasure.
- The right to data portability – i.e. the Data Subject has the right to receive their personal data from the Controller and the right to transmit that data to another controller where technically feasible.
- The right to lodge a complaint with a supervisory authority.
- Privacy by Design: i.e. the personal data of the Data Subject will be collected and processed only on a need to know basis and only the necessary data will be collected.
If MFS acts as a Data Processor at any time, MFS will act on the written instructions given by the Data Controller exclusively.
- Contacting Us
Should you have any further queries about this Policy, or wish to opt-out of receiving communications relating to additional products, services or promotions that we feel may be of interest to you, or need to change and modify any information previously provided to us e-mail us at: email@example.com.
- Governing Law and Jurisdiction
Parties agree that the governing law of this Policy or other agreements entered with MFS is the DIFC law and the Parties submit to the jurisdiction of the DIFC courts, in Dubai, U.A.E.