INTRODUCTION

“Credence Secure Limited” needs to collect personal information from our clients and prospective clients in order to provide them with our products, services and any relevant information. Clients’ privacy is very important to us and we make it our priority to safeguard and secure any and all confidential information relating to individuals.


This Privacy Policy will go through what measures “Credence Secure Limited” (the “Company” or “Credence Secure Limited Private Company Limited by shares”) takes to collects, uses and manages the personal information we receive from the client or a third party in relation to the products and services we provide. This Privacy Policy also outlines clients’ rights relating to the processing of clients’ personal information.


Our Privacy Policy is reviewed and updated regularly in order to be compliant with data protection laws and other privacy regulations.

CREDENCE SECURE LIMITED COMPANY

Credence Secure Limited (Private Company Limited by shares incorporated under the Corporate and Business Registration Department at Port Louis, Mauritius law).

PRIVACY PROTECTION

“Credence Secure Limited” respects the privacy of any users who access its website(s) and therefore is committed to taking all reasonable steps to safeguard the privacy and confidential information of all clients and visitors of our website, in accordance with the applicable data protection laws and regulations.
To ensure this, we will train our staff on the importance protecting and respecting clients’ personal information and privacy. We will also appoint a Data Protection Officer to ensure that our Company manages/processes our clients’ personal information in compliance with the applicable data protection laws and regulations and in accordance with this Privacy Policy.

The personal information our clients will provide us with when registering themselves as a user of the Company’s website(s) or of its services is classified as registered information, which is protected in several different ways. They will be able to access their registered information after logging in to “Client Area” on Credence Secure Limited’s Website.
It is the clients’ responsibility to make sure that their password is only known to them and not disclosed to anyone else. Their registered information is securely stored with us, and only authorized staff will have access to this information. Please also note that transfer of information via the internet is not always entirely secure, but we will take significant precautions to assure that clients’ personal data is being protected.

PERSONAL INFORMATION WE COLLECT

As part of our application process and in order to open any type of account with us, the client must first complete and submit an application form with all the required information. By completing this application form, clients are requested to disclose personal information in order to enable the Company to assess clients’ applications and comply with the relevant laws (including their regulations). The information clients provide may also be used by the Company to inform them regarding its services.
The information that we may collect from client includes the following:

We obtain this information in a number of ways through their use of our services, including through any of our websites, apps, the account opening applications, our demo account forms or customer service communications. We may also collect this information about them from third parties such as their payment providers and through publicly available sources. We also keep records of their trading behavior, including records regarding the following:

If they choose not to provide the information, we need to fulfill their request for a specific product or service, we may not be able to provide them with the requested product or service.
We may record any communications, electronic, by telephone, in person or otherwise, that we have with them in relation to the services we provide to them and our business relationship with them. These recordings will be our sole property and will constitute evidence of the communications between us. Such telephone conversations may be recorded without the use of a warning tone or any other further notice.

PROCESSING OF CLIENTS’ PERSONAL INFORMATION

We may process our clients’ personal data on the following bases and for the following purposes:

1. PERFORMANCE OF A CONTRACT

We process personal data in order to provide our services and products, as well as information regarding our products and services based on the contractual relationship with our clients (i.e. so as to perform our contractual obligations). In addition, the processing of personal data takes place to be able to complete our client on-boarding/acceptance procedures.
In view of the above, we need to verify clients’ identity in order to accept client as our client and we will need to use those details in order to effectively manage clients’ trading account with us. This may include third parties carrying out credit or identity checks on our behalf. The use of clients’ personal information is necessary for us to know who client are, as we have a legal obligation to comply with ‘Know Clients’ Customer’ and customer due diligence’ regulatory obligations.

2. COMPLIANCE WITH A LEGAL OBLIGATION

There are a number of legal obligations imposed by relevant laws to which we are subject, as well as specific statutory requirements (e.g. anti-money laundering laws, financial services laws, corporation laws, privacy laws, and tax laws). There are also various supervisory authorities whose laws and regulations apply to us. Such obligations and requirements impose on us necessary personal data processing activities for credit checks, identity verification, payment processing, compliance with court orders, tax law or other reporting obligations and anti-money laundering controls.
These obligations apply at various times, including client on-boarding/acceptance, payments and systemic checks for risk management.

3. FOR THE PURPOSES OF SAFEGUARDING LEGITIMATE INTERESTS

We process personal data so as to safeguard the legitimate interests pursued by us or by a third party. A legitimate interest is when we have a business or commercial reason to use clients’ information. Examples of such processing activities include the following:

4.CLIENT HAVE PROVIDED CLIENTS’ CONSENT

Our storage and use of clients’ personal data are based on clients’ consent (other than for the reasons described or implied in this policy when clients’ consent is not required). The client may revoke consent at any time; however, any processing of personal data prior to the receipt of clients’ revocation will not be affected.

5.TO PROVIDE CLIENT WITH PRODUCTS AND SERVICES, OR INFORMATION ABOUT OUR PRODUCTS AND SERVICES, AND TO REVIEW CLIENTS’ ONGOING NEEDS

Once the client successfully opens a trading account with us, or subscribe to an update, we will need to use clients’ personal information to perform our services and comply with our obligations to client. It is also in our legitimate interests to try to ensure that we are providing the best products and services so we may periodically review clients’ needs based on our assessment of clients’ personal information to try to ensure that client is getting the benefit of the best possible products and services from us.

6.TO INVESTIGATE OR SETTLE ENQUIRIES OR DISPUTES

We may need to use personal information collected from a client to investigate issues or to settle disputes with client because it is in our legitimate interests to ensure that issues and disputes get investigated and resolved in a timely and efficient manner.

7.TO COMPLY WITH APPLICABLE LAWS, COURT ORDERS, OTHER JUDICIAL PROCESS, OR THE REQUIREMENTS OF ANY APPLICABLE REGULATORY AUTHORITIES

We may need to use clients’ personal information to comply with any applicable laws and regulations, court orders or another judicial process, or the requirements of any applicable regulatory authority. We do this not only to comply with our legal obligations but because it may also be in our legitimate interest to do so.

8.DATA ANALYSIS

Our webpages and emails may contain web beacons or pixel tags or any other similar type of data analysis tools that allow us to track receipt of correspondence and count the number of users that have visited our webpage or opened our correspondence. We may aggregate clients’ personal information (such as trading history) with the personal information of our other clients on an anonymous basis. If clients’ personal information is not in an anonymized form, it is in our legitimate interest to continually evaluate that personal information to ensure that the products and services we provide are relevant to the market.

9.MARKETING PURPOSES

We may use clients’ personal information to send client marketing communications by email, phone, SMS or other methods (such as social media channels) to ensure that client is kept up to date with our latest products and services. We will not disclose clients’ information to any outside parties that may allow them to directly market to client.

10.INTERNAL BUSINESS PURPOSES AND RECORD KEEPING

We may use clients’ personal information for internal business and research or record-keeping purposes. Such processing is in our own legitimate interests and is required in order to comply with our legal obligations. This may include any communications that we have with client in relation to the services and products we provide to client. We will also keep records to ensure that client complies with clients’ contractual obligations pursuant to the agreement governing our relationship with client.

11.LEGAL NOTIFICATIONS

Often the law requires us to advise client of certain changes to products or services or laws. We may need to inform client of changes to the terms or features of our products or services. We need to process clients’ personal information to send clients these legal notifications. The client will continue to receive this information from us even if the client chooses not to receive direct marketing information from us.

12.PHYSICAL SECURITY

If the client enters any of our premises, we may record clients’ image on our CCTV for security reasons. We may also take clients’ details to keep a record of who has entered our premises on any given day. It is in our legitimate interest to do this to maintain a safe and secure working environment.

DISCLOSURE OF CLIENTS’ PERSONAL INFORMATION

The Company will not disclose any of its clients’ confidential information to a third party, except: (a) to the extent that it is required to do so pursuant to any applicable laws, rules or regulations; (b) if there is a duty to disclose; (c) if our legitimate business interests require disclosure; or (d) at clients’ request or with clients’ consent or to Persons described in this policy. The Company will endeavor to make such disclosures on a ‘need-to-know’ basis unless otherwise instructed by a regulatory authority. Under such circumstances, the Company will notify the third party regarding the confidential nature of any such information.
As part of using clients’ personal data for the purposes set out above, the Company may disclose clients’ personal information to the following:

If the Company discloses clients’ personal information to business parties, such as cards or other payment processing companies or banks, in order to perform the services requested by clients, such third parties may store clients’ information in order to comply with their legal and other obligations.
Clients accept and consent that the Company may, from time to time, analyze the data collected while visiting our website(s) or by other means, such as questionnaires, for statistical purposes in order to improve the Company’s business activities.

TRANSFERS OUTSIDE OF THE MAURITIUS ECONOMIC AREA

We may transfer clients’ personal information outside Mauritius Economic Area to other Credence Secure Limited, Company, Group companies as well as service providers (i.e., processors) who are engaged on our behalf. To the extent we transfer clients’ information outside the Mauritius Economic Area, we will ensure that the transfer is lawful and that processors in third countries are obliged to comply with the international data protection laws or other countries’ laws which are comparable and to provide appropriate safeguards in relation to the transfer of clients’ data in accordance with Mauritius Data protection law. By submitting clients’ personal data, client consent to clients’ personal information being processed by staff of Credence Secure Limited operating outside the Mauritius Economic Area who work for us. Such staff maybe, among others, engaged in the fulfillment of clients’ requests, the processing of clients’ payment details and the provision of support services. The Company will take all steps reasonably necessary to ensure that clients’ data is treated securely and in accordance with this Privacy Policy.

CLIENTS’ COLLECTED INFORMATION

Tracking systems used on the Company’s website(s) may collect clients’ personal data in order to optimize the services provided to clients/potential clients. The website collects information in the following ways:

DEVICE INFORMATION

By recognizing clients’ devices used to access and use the Company’s website(s), we can provide client with the most appropriate version of our website(s).

LOG INFORMATION

Logging certain behaviors on the site enable the company to track user activity and therefore troubleshoot any issues that may occur.

LOCATION INFORMATION

Using clients’ IP addresses helps us localize our website content, which we provide to client based on clients’ country, and improve clients’ user experience on our site(s).

COOKIES

Cookies are text files with a small amount of data sent from our website(s) to clients’ browsers and stored on clients’ computer’s hard drives. Cookies help us improve the performance of our website(s) and our website visitors’ experience, track clients’ referrer (if any) and improve our future advertising campaigns.

COOKIES

Cookies are small pieces of data sent from our website(s) to clients’ browsers and stored on clients’ computer’s hard drive when using our site(s), and they may include a unique identification number. The purpose of collecting this information is to provide client with more relevant and effective experience on our website(s), including the presentation of our web pages according to clients’ needs or preferences.
Cookies are frequently used on many websites on the internet, and client can choose if and how a cookie will be accepted by changing clients’ preferences and options in clients’ browsers. The client may not be able to access some parts of our website(s) if client chooses to disable the cookie acceptance in clients’ browsers, particularly in clients’ Proposed Client Area account panel and other secure parts of our website(s). We, therefore, recommend client to enable cookie acceptance in order to benefit from all our online services.
Furthermore, we use cookies for re-marketing features in order to allow us to reach out to users who have previously visited our website(s) and have shown an interest in our products and services. Periodically, we may use third party vendors to display our ads over the internet to client, based on clients’ previous use of our website(s). The client can opt-out this particular use of cookies at any time by visiting Google’s Ads Settings page and the DoubleClick opt-out page or as they later update those facilities.
The Company uses session ID cookies and persistent cookies. A session ID cookie expires after a set amount of time or when the browser window is closed. A persistent cookie remains on clients’ hard drive for an extended time period. The client can remove persistent cookies by following directions provided in clients’ web browser’s ‘Help’ file.
For further details about our cookie policy and how our cookies work, read our Cookies Policy.

HOW WE OBTAIN CLIENTS’ CONSENT

If our use of clients’ personal information requires clients’ consent, such consent will be provided in accordance with the express written terms which govern our business relationship (which are available on our website(s), as amended from time to time), or any other contract we may have entered into with client or as set out in our communication with client from time to time. If we rely on clients’ consent as our legal basis for holding and processing clients’ personal information, client has the right to withdraw that consent at any time by contacting us using the contact details set out in this Privacy Policy.

STORAGE OF CLIENTS’ PERSONAL INFORMATION AND RETENTION PERIOD

In relation to clients’ personal information, we will hold this for as long as we have a business relationship with client, in a combination of secure computer storage facilities and paper-based files and other records and we take the necessary measures to protect the personal information we hold from misuse, loss, unauthorized access, modification or disclosure.
When we consider that personal information is no longer necessary for the purpose for which it was collected, we will remove any details that will identify the client or we will securely destroy the records. However, we may need to maintain records for a significant period of time (after client cease being our client). For example, we are subject to certain anti-money laundering laws which require us to retain the following, for a period of 5 years after our business relationship with client has ended:

Also, the personal information we hold in the form of a recorded communication, by telephone, electronically, in person or otherwise, will be held in line with local regulatory requirements (i.e., 5 years after our business relationship with client has ended or longer if client have legitimate interests (such as handling a dispute with client). If client has opted out of receiving marketing communications, we will hold clients’ details on our suppression list so that we know the client does not want to receive these communications.
We may keep clients’ data for longer than 5 years if we cannot delete it for legal, regulatory or technical reasons.

CLIENTS’ RIGHTS REGARDING CLIENTS’ PERSONAL INFORMATION

INFORMATION AND ACCESS

The client has the right to request what information we process, along with a copy of that personal information within thirty (30) days from the date of the clients’ request. If client requires additional copies, we may need to charge an administration fee.

RECTIFICATION

We will take all reasonable steps to make sure that clients’ personal information remains accurate, complete and up-to-date. If the personal information we hold about client is inaccurate or incomplete, the client is entitled to have it rectified. If we have disclosed clients’ personal information to others, we will let them know about the rectification where possible. The client may inform us at any time that clients’ personal details have changed by e-mailing us at the support@crdencesecure.com. The Company will change clients’ personal information in accordance with clients’ instructions. To proceed with such requests, in some cases we may need supporting documents from client as proof, i.e. personal information that we are required to keep for regulatory or other legal purposes.

ERASURE

The client can ask us to delete or remove clients’ personal information in certain circumstances such as if we no longer need it or client withdraw clients’ consent (if applicable) provided that we have no legal obligation to retain that data. Such request will be subject to any retention limits we are required to comply with in accordance with applicable laws and regulations. If we have disclosed clients’ personal information to others, we will let them know about the erasure where possible.

PROCESSING RESTRICTIONS

The client can ask us to ‘block’ or suppress the processing of clients’ personal data in certain circumstances such as if client contest the accuracy of that personal information or object to us processing it. It will not stop us from storing clients’ personal information. We will inform client before we decide not to agree with any requested restriction. If we have disclosed clients’ personal information to others, we will inform about the restriction if possible.

DATA PORTABILITY

Under the Data Protection Act, client has the right, in certain circumstances, to obtain personal information the client has provided us with (in a structured, commonly used and machine-readable format) and to re-use it elsewhere or ask us to transfer this to a third party of clients’ choice.

OBJECTION

relying on our own or someone else’s legitimate interests to process clients’ personal information except if we can demonstrate compelling legal grounds for the processing;

OPT-OUT OF SUBMITTING CLIENTS’ PERSONAL INFORMATION

If the client does not want us to use clients’ personal information, client must inform the Company by sending an email to the support@credencesecure.com. If client decides to do so, we may not be able to continue to provide information, services and/or products requested by client and we will have no liability to Client in this respect.

LEGAL DISCLAIMER

The Company may disclose clients’ personally identifiable information as required by rules and regulations and if the Company believes that disclosure is necessary to protect our rights or to comply with other proceedings, court order, legal process served or pursuant to governmental, intergovernmental or other regulatory bodies. The Company is not liable for misuse or loss of personal information or otherwise on the Company’s website(s) that the Company does not have access to or control over. The Company will not be liable for unlawful or unauthorized use of clients’ personal information due to misuse or misplacement of clients’ passwords, negligent or malicious intervention or otherwise by client or due to clients’ acts or omissions or a person authorized by client (whether or to that authorization is permitted by the terms of our legal relationship with client).

HOW TO CONTACT US

If the client has any questions or concerns regarding this Privacy Policy, please e-mail us at the support@credencesecure.com.