;
Privacy Notice
Effective Date: 1 July 2018

Introduction and who we are

GPS Capital Markets, Inc. and its subsidiary in the United Kingdom, GPS Capital Markets Limited, are hereby collectively referred to as “GPS” or the “Company”.

This Privacy Policy applies to GPS websites, as well as, your use or access of our online services and content. This Privacy Policy describes how GPS collects, uses, shares and secures the personal information that we obtain about you directly or indirectly in accordance with applicable data privacy laws. It also describes your choices regarding use, access and correction of your personal information.

This nyPrivacy Notice does not apply to, and GPS is not responsible for, any third party websites which may be accessible through links from this website (please see section below titled Online services - Links to third party sites, services and content for more information).

This Privacy Notice additionally applies to our website and online services, including www.gpsfx.com, fxpert.gpsfx.com and any other website, mobile app or other online service created or hosted by us from time to time on which this Privacy Notice appears (together, our "online services") through which we may collect certain details if, for example, you want to subscribe to any publications or newsletters that we may periodically issue.

Please note that our online services make use of cookies and similar technologies, as described in more detail in the Cookies Policy section below.

Scope of Privacy Notice

This Privacy Notice explains and describes:

How We Collect and Use Your Information

At GPS, we are committed to safeguarding your privacy. We want you to know how we may collect, use, share, secure, and keep information about you, and the choices that are available to you regarding use, access and correction of your personal information. When we provide GPS products or services to you, we may also give you specific additional details about how we will use your personal information.

Safeguarding customers’ personal information and using it in a lawful manner, consistent with customer expectations, is paramount to GPS’ customer relationships. To do so, GPS has put in place a privacy policy that sets forth principles and requirements governing the collection, usage, retention, disclosure and disposal of customer’s information (the "Policy"). This Policy is based on current laws and regulations. GPS will comply with any obligations or standards that may be imposed by any new laws and regulations.

Since we may change this online privacy statement, we recommend that you check the current version available from time to time. If we make changes to this statement, we will update the “Effective Date” at the top of this page. If we make any material changes, we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on this website prior to the change becoming effective.

What is personal information?

Personal information includes, but is not limited to, individual names, tax identification numbers, and bank account numbers.

What information does this online privacy policy cover?

This online privacy policy describes how GPS may collect, use, share, secure, and keep information that we get about you online. We gather Online Information if you:

  • Voluntarily provide it to us, including when you communicate with us via email or other channels;
  • Visit or use our online services;
  • View or click on our online content; and
  • View or use our mobile applications.

In this policy, we also explain how we may combine online information with other information and how we then use the combined information.

GPS may use the information provided by customers for one or more of the following purposes:

  • To process, confirm and fulfill customer requests regarding GPS products and services or transactions made using our online platform, FXpert;
  • To contact customers regarding their enquiries and requests;
  • To identify customers for login;
  • To comply with the rules relating to Know Your Customer (KYC) obligations and under Prevention of Money Laundering Act (PMLA);
  • For identification, verification and background screening purposes;
  • To conform to legal requirements or comply with legal processes;
  • To protect and defend GPS’ rights, interests or property;
  • To enforce the terms and conditions of the products or services offered by GPS or such other purposes expressly specified in the data entry forms or other relevant sections of the web resources of GPS.
What information do we collect online and how do we collect it?

The types of information we collect depends on which product or service you use. Sometimes you give information directly to us (or to our service providers). For example, you might give us your name, email, mailing address, or phone number when you log into or update the settings on your GPS account using our online services;

We may also collect from you the personal information about your contacts, such as name and financial account number of someone to whom you are remitting payment (beneficiary) or from whom you are receiving funds.

When you provide us with personal information about your contacts we will only use this information for the specific reason for which it is provided.

As is true of most websites, we gather certain information automatically. We collect information through cookies. Most cookies will only collect de-identified information such as how you arrive at our website or your general location. These cookies are encrypted for security purposes and do not contain personal information. They are used to enable user verification for our platform.

How do we use the information we collect about you?

We may use online information we collect about you on its own or combine it with other information to:

  • deliver products and services, including to recognise you when you return to our websites;
  • complete transactions;
  • improve our websites and make them easier to use;
  • manage fraud and security risk, including to detect and prevent fraud or criminal activity;
  • safeguard the security of your information; and
  • use it in other ways as required or permitted by law or with your consent.
How we handle aggregated information and de-identified information

Aggregated information or de-identified information does not identify you individually; it helps GPS to better design our website and provide our clients with a better browsing experience.

Legal basis for usage of personal data

Where we intend to use your personal data, we rely on the following legal grounds:

Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, we may need your company email address in order to provide you with information related to FX trade execution or delivery of funds, and where we respond to your requests and provide you with services in accordance with our terms and conditions or other applicable terms of business agreed with you or with your employing organisation.

Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose, we may use your personal data, which may include:

  • for our own direct marketing or continued communication;
  • the prevention of fraud;
  • our own internal administrative purposes;
  • personalisation of the service(s) we provide to you;
  • ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or
  • reporting possible criminal acts or threats to public security to a competent authority.

Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to GPS as a provider of foreign exchange services.

Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organisation is not a client of GPS, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us in accordance with the contact information below, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.

Security

We take all reasonable procedures to protect personal and identifiable information from loss, misuse and unauthorised access, disclosure, alteration and destruction. We have taken and will continue to take appropriate measures to assure the security of sensitive personal data.

Any personal data transmitted to or from our website is protected by a secure socket layer (SSL) key which encrypts the data transmitted over the Internet. Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk. If you communicate with us using a non-secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.

How do we keep and safeguard your information?

GPS continuously reviews and enhances GPS’ security policies and security measures to consistently maintain a high level of security. We use administrative technical and physical security measures to protect your personal information including sensitive personal data or information against loss, misuse, damage and unauthorised access, modifications or disclosures. These measures include computer safeguards and secured files and facilities, use of firewalls, encryption, and other specialised technology. If you have any questions about the security of your personal information, you can contact us at [email protected].

We take reasonable steps to securely destroy or permanently de-identify personal information when we no longer need it.

The servers that are used to store sensitive personal information are kept in a secure environment, with security measures.

Cookies Policy

Our website and services delivered online use cookies and other similar technologies, for example, to distinguish you from other users when you browse our websites or use our online services and to allow us to improve our online services.

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently to improve the user experience, as well as to provide certain information to the owners of the site.

We may, for example, collect information about the type of device you use to access our online services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on our online services, the web pages you view immediately before and after you access our online services, whether and how you interact with content available on our online services, and the search terms you enter on our online services.

GPS’ website sets cookies which remain on your computer for differing times. Some expire at the end of each session and some remain for longer so that when you return to our website, you will have a better user experience.

Cookie Usage

We use cookies to help security user accounts in FXpert. This cookie is used to increase account security on public networks. This cookie also allows GPS to improve the user login experience. This cookie is encrypted and does not store any personal identification information pertaining to either the user or company.

Control of cookies

Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that account security and login process can lead to multiple steps of logging in to your account. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for the major browser providers.

Data Integrity and Purpose Limitation

Consistent with the data privacy laws, personal information is limited to the information that is relevant for the purposes of processing. As previously mentioned, the information collected is only utilized for the purpose described above in the section on “Notice of Information.” Personal information is not processed in a way that is incompatible with the purpose for which it has been collected. To the extent necessary and possible, reasonable steps are taken to ensure that data and information is reliable for its intended use, accurate, complete, and current.

Information Retention

GPS retains information about customers for as long as necessary to fulfill the purpose for which such information was collected or as is otherwise required in accordance with our internal data retention policies or to comply with our legal and regulatory obligations. However, this is subject to GPS’ rights and obligations under applicable laws to ensure retention of records which may contain sensitive personal data or information.

A maintained copy of our retention policy is available upon request. Should you wish to review our retention policy then please contact us.

Disclosure of your information

We may exchange your personal data with third-party service providers contracted to GPS where any of the following apply:

  • You have consented to us sharing your personal data in this way.
  • We deem reasonably necessary to provide you with the services that you have required at any particular time.
  • Such sharing is provided for under contract, including our terms and conditions for any particular service that we may provide to you.
  • Such sharing is to law enforcement bodies or other government authority.
  • We need to enforce or apply our terms and conditions to which you have agreed (or other terms that have been agreed to apply to our relationship with you or your employing organisation).
  • It is necessary to protect the rights and interests, property, or safety of GPS, our clients or others.
  • It is relevant in the circumstances to disclose the information to parties with whom we have co-promotional arrangements (such as jointly sponsored events, external venues, or caterers).
  • Our agents or contractors who assist us in providing our services require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.
  • We use third party service web hosting providers to provide services that involve data processing. This service may be updated from time to time.
  • All, or most, of the assets of GPS or any single business unit within GPS are merged with or acquired by a third party, or we expand or re-organise our business, in which case your personal data may form part of the transferred or merged assets.
  • We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with a Court Order).

Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on GPS’ behalf. When such third parties no longer need your personal data to fulfil this service, they will dispose of such details in line with GPS’ procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.

We own the database rights in the information collected via our online services. We do not sell, rent, or otherwise share information that reasonably identifies you or your organisation with unaffiliated entities for their independent use except as expressly described in this Privacy Notice or with your express prior permission.

We may share information that does not reasonably identify you or your organisation as permitted by applicable law.

Onward Transfer and Liability

GPS does not sell, trade, share or rent your information to third parties. We may be required to release personal information to third parties in response to a lawful request by public authorities, including to meet national security or law enforcement requirements.

EU-U.S. Privacy Shield

GPS Capital Markets, Inc. has certified to the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the transfer of personal information from the European Union (EU) and European Economic Area (EEA) to the United States. GPS is committed to subjecting all personal data received from EU member countries, in reliance on the Privacy Shield Framework, to the Framework’s applicable Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. To learn more about the Privacy Shield Framework, and to view our certification, visit the U.S. Department of Commerces’ Privacy Shield List, https://www.privacyshield.gov/list

GPS is responsible for the processing of personal data it receives, under the Privacy Shield Framework. GPS does not transfer data to third parties. As such, GPS complies with the Privacy Shield Principles for onward transfers of personal data from the EU, including the onward transfer liability provisions. With respect to personal data received or transferred pursuant to the Privacy Shield Framework, GPS is subject to the regulatory enforcement powers of the U.S. Federal Trade Commission.

If you have an unresolved privacy or data use concern that we have not addressed satisfactorily, you may contact your local EU data protection authority (DPA). Your local DPA’s contact information and website can be found at http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm. Please visit your local DPA’s website for more information or to file a complaint. The services of EU DPAs are provided at no cost to you. Under certain conditions, more fully described on the Privacy Shield website, https://www.privacyshield.gov/article?id=How-to-Submit-a-Complaint, you may be entitled to invoke binding arbitration when other dispute resolution procedures have been exhausted.

If there is any conflict between the policies in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern.

Your Rights

Under applicable data protection legislation, we have a duty of care to ensure that your personal data is accurate and up to date. Therefore, please contact us to update or correct your information if this changes or if you believe that any information that we have collected about you is inaccurate.

What are your rights and choices?

You will always have a right to access, update, change, correct or delete your personal information, or to ask whether we hold any of your personal information. If you have any questions about how we process your personal information, you may contact us at [email protected] We will respond to your request within 40 days. In certain circumstances we may be required by law to retain your personal information, or may need to retain your personal information in order to continue providing a service.

GPS acknowledges that you have the right to access your personal information. In cases where GPS has no direct relationship with the individuals whose personal data it processes, an individual who seeks access, or who seeks to correct, amend, or delete inaccurate data should direct their query to GPS’ Client (the data controller). You also have the right to object to, or request the restriction of, our use of your personal data.

Where you have consented to our processing of certain personal data, you can at any time withdraw such consent and/or tell us not to contact you with updates and information regarding our products and services (or part of them) either at the point such information is collected, (by leaving the relevant box unticked) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you. Please note that where you withdraw your consent we will no longer be able to provide you with the products or services that rely on having your consent. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Notice.

If you would like to exercise any of the rights set out in this section, please contact us using the details below. We may refuse to provide access where we have legitimate reasons for doing so under applicable data privacy laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision.

You may submit a complaint to the Information Commissioners Office, details of which can be found at https://ico.org.uk/global/contact-us.

If you make a privacy complaint, we will respond to let you know how your complaint will be handled. We may ask you for further details, consult with other parties and keep records regarding your complaint.

Further Information

To find out more about GPS, please visit www.gpsfx.com.

GPS at your request, can confirm what information we hold about you and how it is processed. If GPS does hold personal data about you, you can request the following information by contacting us using the details below:

  • Identity and the contact details of the person or organisation that has determined how and why to process your data.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of GPS or a third party, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient(s) or categories of recipients that the data is/will be disclosed to.
  • How long the data will be stored.
  • The source of personal data if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

In order to verify the identity of those who make a request to us, we will accept the following forms of ID when information on your personal data is requested:

  • Passport,
  • Driving licence, Birth certificate,
  • Utility bill dated within the last 3 months.

Recourse and Enforcement

In compliance with the data privacy laws and the EU-US Privacy Shield Principles, GPS commits to resolve complaints about your privacy and our collection or use of your personal information. Any inquiries or complaints regarding this privacy policy or the privacy of your data, or if you want to submit a written complaint about how we handle your personal data, please contact GPS Compliance Department via any of the following means:

GPS Capital Markets Limited
1 Finsbury Circus
London, EC2M 7EB
Email: [email protected]
Telephone: +44 (0)203 657 9191