Dom Maklerski OANDA TMS Brokers S.A. Mobile Applications Privacy Policy

 

 

Dom Maklerski OANDA TMS Brokers S.A. Mobile Applications Privacy Policy

 

This Mobile Applications Privacy Policy of Dom Maklerski OANDA TMS Brokers S.A. (hereinafter the "Privacy Policy") was prepared by a company operating under the name Dom Maklerski OANDA TMS Brokers S.A. with its registered office in Warsaw (hereinafter referred to as "Data controller" or "OANDA TMS Brokers") as fulfillment of the obligation specified in art. 13 section 1 and 2 of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (hereinafter "GDPR ").

Here you can read OANDA TMS Brokers Privacy Policy regarding the personal data you provide via the mobile applications of Data controller. Installing and using OANDA TMS Brokers mobile applications, means collection by Data controller information about you. OANDA TMS Brokers present to you in this Privacy Policy how the data is collected by applications, and where can you seek further help. If you install and use OANDA TMS Brokers mobile application, it shall mean that you accept and agree with this Privacy Policy and the terms of processing of your personal data. If you do not accept this Privacy Policy, you must not use OANDA TMS Brokers application. 

 

  1. Who is responsible for your personal data?

 

The Data controller of your personal data is a company operating under the name Dom Maklerski OANDA TMS Brokers S.A. with its registered office in Warsaw, address: ul. Złota 59, 00-120 Warsaw, entered into the register of entrepreneurs under number 0000204776.

 

  1. How to contact the Data controller?

 

A Data Protection Officer has been appointed at OANDA TMS Brokers. In matters regarding the processing of personal data by the Data controller, you can contact via the following e-mail address: odo@tms.pl.

 

  1.  Data security

 

In connection with the conducted business activity, the Data controller collects and processes personal data in accordance with the relevant provisions, including in particular the GDPR and the principles of data processing contained therein.

OANDA TMS Brokers ensures transparency of data processing, informs about data processing and ensures that data is collected only to the extent necessary for the purpose indicated and is processed only for the period in which it is necessary.

In order to ensure data integrity and confidentiality, the Data controller has implemented procedures enabling access to personal data only to authorized persons and only to the extent that it is necessary for their tasks.

OANDA TMS Brokers takes all necessary actions so that its subcontractors and other cooperating entities guarantee the use of appropriate security measures whenever they process personal data at the request of the Data controller.

Keep the passwords of your accounts in a safe place, and do not disclose your account details to any third party. If you become aware of any unauthorized use of your password or any other breach of security, please contact Data controller immediately.

Communication between the mobile application and the Data controller's systems is carried out using modern encryption mechanisms.

Depending on the application selected, they may have different levels of access to the functionality of the terminal devices, which you will be informed about when installing the application.

  

  1. Purposes and basis for data processing

 

Data controller  may collect your personal data, including information that you provide when you register in the mobile application. 

"Personal data" means any data that can be used to uniquely identify you, such as name, email address, phone number or credit card information. 

Data controller use personal data provided to OANDA TMS Brokers electronically via Data controller  mobile applications to, inter alia, register users, administer and improve applications and associated services, to analyse the application use statistics and policy, as well as for other purposes approved by you. Data controller also use your personal data to communicate with you in other ways. For example, if you contact OANDA TMS Brokers via the application, Data controller may use your personal information to respond. 

The legal basis for the processing of your personal data is:

  1. to the extent that data processing is necessary for the implementation of the Framework Agreement and taking action before its conclusion and providing an information and educational service - art. 6 para. 1 letter b of the GDPR;
  2. to the extent that the data processing is necessary for the Data controller to perform legal obligations incumbent on him as an entity performing brokerage activities, in particular consisting in informing the financial supervisory authorities and financial information authorities about the services and transactions performed, verification and identification Client's identity and ongoing monitoring of its business relations and development of analyzes - art. 6 para. 1 letter c of GDPR in conjunction with the provisions of the Act of March 1, 2018 on counteracting money laundering and financing of terrorism, in particular with art. 34, 35, art. 36 and art. 37 of this Act;
  3. to the extent that data processing is necessary to achieve the objectives arising from the legitimate interests of the Data controller, such as improve applications and associated services, to analyze use statistics - art. 6 par. 1 letter f of GDPR.

 

  1. Non-Personal data

 

OANDA TMS Brokers may collect non-personal data about your use of Data controller mobile application, visits to OANDA TMS Brokers website. Community services, including pages you have viewed, links you have clicked, as well as other actions related to your use of OANDA TMS Brokers applications or services. Data controller may also collect certain technical information about your mobile device, such as your IP address, the type and model of your device, the user-defined device name, the type and version of the operating system, information about your time zone, as well as device language and localization information.  

 

  1. Aggregate data 

 

OANDA TMS Brokers may combine personal data collect from you with personal data provided by other users, in a non-identifiable format, thus creating aggregate data. Data controller plan to analyse aggregate data mainly to identify group trends. OANDA TMS Brokers do not link aggregate user data with personal data and aggregate data can therefore not be used to contact or identify you. Data controller will use user names instead of actual names when creating and analysing aggregate data. 

 

 

  1. Analytical tools and third parties

 

Please note that this Privacy Policy applies to information collected by OANDA TMS Brokers mobile applications which may contain links to other websites which are not owned or controlled by Data  controller. Such websites also collect your personal data.

Moreover, please note, that OANDA TMS Brokers applications are available for download from websites which are not under OANDA TMS Brokers control, and which are subject to privacy policies of third parties. Please read such privacy policies to learn how your personal data is processed by such third parties.

Mobile applications may have the following external analytics services connected:

  1. Google Firebase (provided by Google, Inc.) – to collect mobile applications statistics, installation data and information how you use this applications.

This data is completely anonymous.

More information about Google Firebase: https://support.google.com/analytics/answer/6318039?hl=en&ref_topic=6317497

The legal basis for using Google Firebase is art. 6 para. 1 letter of the f GDPR.

  1. Amplitude (provided by Amplitude, Inc.) – to collect mobile applications statistics, installation data and information how you use this applications. 

This data is completely anonymous. More information about Amplitude:  https://help.amplitude.com/hc/en-us/articles/206533238-Data-Security-Privacy The legal basis for using Amplitude is art. 6 para. 1 letter of the f GDPR.

  1. Adjust (provided by Adjust GMbH) – to attribute source of install to advertising campaigns. 

This data is completely anonymous.

More information about Adjust: 

https://www.adjust.com/product/gdpr/

The legal basis for using Adjust is art. 6 para. 1 letter of the f GDPR.

 

8. Users’ rights

 

The Data controller informs that in connection with the processing of personal data you have the following rights:

  1. the right to information about the processing of personal data - on this basis, the Data  controller provides you with a request for information on data processing, including primarily the purposes and legal grounds for processing, the scope of data held, entities to which it is disclosed, and the planned date of deletion data;
  2. the right to obtain a copy of the data - on this basis, the Data controller provides you with a copy of the data processed in the event of a request;
  3. the right to rectification - the Data controller is obliged to remove any incompatibilities or errors of personal data being processed and supplement them if they are incomplete;
  4. the right to delete data - on this basis, you can request the deletion of data the processing of which is no longer necessary to achieve any of the purposes for which it was collected;
  5. the right to limit processing - in the event of such a request, the Data controller ceases to perform operations on personal data until the reasons for the restriction of data processing cease (e.g. a decision of the supervisory authority allowing further processing of data is issued);
  6. the right to transfer data - on this basis - to the extent that the data is processed in an automated manner in connection with the concluded agreement or consent - the Data  controller issues the data provided by you in a format that allows data to be read by a computer. It is also possible to request that the data be sent to another entity, however, provided that there are technical possibilities in this respect both on the part of the Data controller and the indicated entity;
  7. the right to object to the processing of data for marketing purposes - you can object to the processing of personal data for marketing purposes, without giving any reason; h) the right to object to other purposes of data processing - you can at any time oppose - for reasons related to your particular situation - the processing of personal data that is based on the legitimate interest of the Data controller (e.g. for analytical or statistical purposes), objection in this respect it should contain a justification;
  1. the right to withdraw consent - if the data are processed on the basis of consent, you have the right to withdraw it at any time, which, however, does not affect the lawfulness of the processing carried out before its withdrawal;
  2. the right to complain - if you find that the processing of personal data violates the provisions of the GDPR or other provisions regarding the protection of personal data, you can submit a complaint to the body supervising the processing of personal data competent for your habitual residence, place of work or place of committing alleged violation. In Poland, the supervisory authority is the President of the Office for Personal Data Protection.

 

  1. Data processing period

 

The period of data processing by the Data controller depends on the type of service provided and the purpose of processing. The period of data processing may also result from provisions when they constitute the basis for processing. In the case of data processing on the basis of the Data  controller's legitimate interest, the data is processed for a period enabling the implementation of this interest or to object effectively to data processing. If the processing is based on consent, the data is processed until its withdrawal. When the basis for processing is necessary to conclude and perform the agreement, the data is processed until its termination. The period of data processing may be extended if the processing is necessary to establish or assert claims or defend against claims, and after that period - only if and to the extent required by law. After the end of the processing period, the data is irreversibly deleted or anonymized.

 

  1. Recipients and transfer of data outside the EEA

 

In connection with conducting operations that require the processing of personal data, personal data may be disclosed to external entities, including in particular suppliers responsible for operating IT systems and analytical tools, entities providing accounting services, postal operators, couriers, marketing agencies, legal advisers.

The Data controller reserves the right to disclose selected information about you to the competent authorities or third parties who submit a request for such information, based on an appropriate legal basis and in accordance with applicable law.

The Data controller transfers personal data outside the EEA only when necessary and with an adequate level of protection, primarily through:

  1. applying binding corporate rules approved by the competent supervisory authority,
  2. the use of standard contractual clauses issued by the European Commission,
  3. obtaining a certificate of compliance with the Privacy Shield by a third party,
  4. the transfer of data to a third country for which the European Commission has determined on the basis of a decision that the third country in question meets an adequate level of protection.

 

11. Automated decision-making

 

The Data controller will not apply automated decisions to you.

 

  1. Final provisions

 

This Privacy Policy is adopted and updated by a resolution of the Management Board of OANDA TMS Brokers.

This Privacy Policy may change. Users are asked to monitor the date of the last change of this Privacy Policy on an ongoing basis in order to verify relevant changes.

More     information       on          data      processing          by          the         Data controller           is            available             at: https://www.tms.pl/rodo

Date of last modification: 26/07/2021