Topline
Limited
Regulated
by the Financial Services Authority Seychelles
PRIVACY
POLICY
Contents
1. Introduction...................................................................................................................................... 3
2. Scope of the
Privacy Policy................................................................................................................. 3
3. Our Commitment
to You.................................................................................................................... 4
4. Your Consent
to Collection and Use of Personal Information............................................................... 4
5. Why We Process
and Use Your Information........................................................................................ 5
6. Disclosure of
your Personal Data........................................................................................................ 6
7. Safeguard
Measures.......................................................................................................................... 6
8. Duration of
keeping Your Information................................................................................................ 7
9.Your Legal
rights................................................................................................................................. 7
10. Cookies........................................................................................................................................... 8
11. Geographical
processing of Personal data......................................................................................... 9
12. Questions........................................................................................................................................ 9
13. Update of
this Policy........................................................................................................................ 9
![]()
Topline Limited (hereinafter called the “Company”) is authorized and
regulated by the Financial Services Authority Seychelles (FSA) under Securities
Dealer License number SD10 6. The authority is the regulator for non-bank
financial services in the country and is responsible for the licensing,
supervision and development of the non-bank financial services industry of the
Seychelles.
Topline Limited is
authorized and regulated by the Financial Services Authority Seychelles (FSA)
under Securities Dealer License SD
Our registered address is
Suite 3, Global Village, Jivan's Complex, Mont Fleuri, Mahe, Seychelles
Through
this privacy policy, your data may be called either “personal data” or
“personal information”. We may also sometimes collectively refer to handling,
collecting, protecting and storing your personal data or any such action as
“processing” such personal data.
For the purposes of this
statement, personal data shall mean any information relating to you which
identifies or may identify you and which includes, for example, your name,
address and identification number.
To
fully understand the changes and terms that will govern your use of our
“Services,” you will need to read the full Privacy Policy and Cookie Policy.
We understand the importance of
maintaining the confidentiality and privacy of Your Information. By entrusting us
with Your Information, we would like to assure you of our commitment to keep
such information private. We have taken measurable steps to protect the
confidentiality, security and integrity of Your Information.
We gather information that you
choose to provide us with, give us permission to collect, or provide us with
upon your request when you register for or use our products and services.
Additionally, we collect information that is generated as you use XTrend products and services. We do this for specific
purposes and in a certain way, as outlined in this policy:
a)
Registration, Login and
Verification
•
When you register for or log in
to XTrend products or services, you can create an
account with your mobile phone number (we will send a verification code to your
mobile phone via SMS), and you can provide relevant identity information
(profile picture, nickname, and password) to complete the account registration.
You can also choose to provide your email address, gender, personal profile,
and bind a third-party account to complete your personal information based on
your own needs.
•
You can also register for, log
in to, and use XTrend products or services with a
third-party account, such as your Google account, Facebook account, or Apple
ID. By doing so, you authorize us to obtain your public information (profile
picture and nickname) registered on the third-party platform for binding with
your XTrend account, enabling you to directly log in
to and use XTrend products and services. To help you
identify the third-party login options, we may need to obtain a list of your
installed softwares. We will not disclose the above
information to any third party or use it for any purpose other than those
stated above, unless you give your voluntary consent or as required by relevant
laws and regulations.
•
When you choose to log in to
your XTrend account with a verification code, we need
permission to access your text messages. We do not charge for the SMS service,
but you are responsible for all charges and fees associated with text messaging
imposed by your wireless provider. If you refuse to send the message, you will
not be able to log in with a verification code, however, you have the option to
use alternative login methods.
•
Please note that if you refuse
to provide any personal details, you will only be able to use the
"Browse-only" mode, and we will not be able to provide you with the
full basic service of XTrend.
b)
Account Management
•
To reset the cell phone number
linked to your XTrend account, we will validate your
identity by sending an SMS verification code to the phone number you had
previously linked. If you decline to consent to above contents, you will not be
able to verify your identity using the above method, and as a result, you will
be unable to reset your cell phone number. However, this will not impede your
ability to use other services provided by XTrend
•
When you make changes to your
account such as recovering or changing password, unlinking account, and closing
account, we require to verificate your personal
information, mainly including cell phone number, device information, security
status, and account information. This measure is taken to ensure the security
of your account.
c)
Browse and Search Market Quotes
and News
•
When you use the Market Alert
or Major Event Notification functions of XTrend, it
requires access to your device's calendar to provide you with relevant
information in a timely manner. If the access is denied, you will not be able
to use these functions, but it will not affect your ability to use other XTrend services.
•
When you browse and search
market quotes and news on XTrend, data is collected
from your activity on the platform, including clicking, browsing, following,
searching, querying, and sharing.
•
We require access to your XTrend account and IP address to determine your location
and account validity, in order to provide you with relevant rights and services
regarding market quotes and news. If you decline, we may not be able to
accurately identify your location or verify the validity of your account, potentially
limiting your access to these services.
d)
Identity Verification
•
During the identity
verification process, we will require access to your device's camera,
microphone, and location. If you decline to grant permission for these
features, it may prevent us from completing the verification process.
The Company collects information
directly from you, through any correspondence made with us by phone, e-mail or
otherwise; including information which you enter when you register to use our
website, mobile app, subscribe to our service or any other activities carried
out on our website or any connected applications. Please note that when you
access our Website we collect non-identifiable information in the following
ways:
•
Contact Data – we collect,
which may include, but are not limited to, your first name, last name,
nationality, date of birth, telephone number (landline and mobile), fax number,
email address and postal address
•
Personal and Professional
Information - we collect, which may include, but are not limited to, your
marital status, education, occupation, information regarding your financial
situation such as source of wealth and gross annual income, tax identification
number.
•
Cookies (including third party
Cookies) – Please refer to section 11
“Cookies”
•
Financial data – to use the
Company’s services, we may require to collect certain information, such as bank
details, trading activity, transaction history, account balance information.
•
Image information - the image
you have elected to provide as your user avatar, signature, proof of
identification, proof of address, proof of payment.
The Company will need to obtain the
following documents for verification purposes of Clients’ trading accounts
which are not limited to:
a)
Proof of Identification (e.g.
Passport/ID/Driver’s License)
b)
Proof of Address (e.g. Utility
Bill, bank letter)
c)
Proof of Payment (e.g. Bank
Statement)
The Company has the right to
request additional documents and information to carry out its due diligence
where it deems fit. We only collect
personal data that is adequate and relevant for the purposes of our business
and for a reasonable period of time as required by law. We never ask for more
information that is required by law.
If you have given us your specific
consent for processing (other than for the reasons set out above) then the
lawfulness of such processing is based on that consent. You also consent when
the Company is transferring your personal information outside the European
Economic Area (“EEA”) where this is necessary for the Company to fulfil its
contractual obligations to you (see section 12 below). You have the right to
revoke consent at any time. However, any processing of personal data prior to
the receipt of your revocation will not be affected.
We are committed to protecting
your privacy and handling your data in a transparent manner, and as such we
collect, use, disclose, store and process your personal data for the
performance of our services as required by law.
Furthermore, we are obligated to
collect such personal data not only for the commencement and execution of a
business relationship with you but also for the performance of our contractual,
regulatory, statutory and legal obligations.
Based on the requirements of our
regulated authorities in our efforts to maintain our Know-YourClient
procedures, we will require to verify clients’ trading accounts, so to ensure
our clients meet appropriateness and suitability requirements, process
transactions, send information about transactions/services and keep you updated
with products, services and news.
We further collect data to operate,
provide, improve, understand, customise and support our services in relation to your account.
We may collect your personal
information through our App(s), one of our social medial channels, public
databases; joint marketing partners; from people with whom you are connected on
social media platforms, as well as from other third parties. Use of this personal information, allows us
to deliver information by email, SMS, push notification, email, in-app
notification or contact you by telephone or by any other means to provide you
with information about our products, services, training and offers we think
would be of interest to you. Such information is secured and treated as
confidential. We always give you the right to opt out/unsubscribe to receiving
such communications from us at any time.
When providing our services or
conducting our business operations, if necessary, we may disclose or share your
personal data. Such sharing of data is
in accordance with the Company’s internal security policies and applicable data
privacy laws. We do not sell the personal data we collect from you, or we do
not distribute/transfer any personal data to any unauthorized or nonaffiliated
third parties.
All the Company’s external services
providers and suppliers enter into contractual agreements with us, by which
they legally agree to confidentiality and data protection to the data
protection law and General Data Protection Regulation (EU 2016/679)
(“GDPR”). Recipients with whom we may
disclose or share your personal information, may include the following:
a)
Within the Company – such as
various departments within the Company, where all employees and contractors are
required to follow our data privacy and security policies when handling personal
data.
b)
Supervisory and other
regulatory and public authorities, notary offices, tax authorities, criminal
prosecution authorities as much as a statutory obligation exists
c)
Third Party service providers –
such as, and which are not limited to, financial institutions, banks and
payments processing providers, external and internal auditors, financial and
business advisors, fraud prevention agencies, Debt collectors subject to
bankruptcy or insolvency claims, External authorised processors for processing
client data, software system and platform support, cloud hosting services, data
analytics, direct marketing/advertising services.
The Company takes reasonable
precautions to protect Personal Information from loss, theft, misuse, unauthorized
access or disclosure, alteration, or destruction.
The Company employ physical,
electronic, and procedural safeguards to protect Personal
Information and it does not store
Personal Information for longer than necessary to provide the Service or as
permitted by law.
In accordance with the
recommendations of Payment Card Industry Security Standards Council, customer
card details are protected using Transport Layer encryption — TLS 1.2 and
application layer with algorithm AES and key length 256 bit. The Company does not store or collect any
Credit Card data. All credit card information is stored on the payment provider
side. All payments made between Company and Client, and vis a vis, via the
Company’s merchant accounts and/or third party payment processing service providers,
the Client will receive unique billing descriptor on their card statement from
the bank, confirming the payment and which may include, but not limited to, the
description "Rynat Trading Ltd, branded website and Customer support
service telephone number.
The Company’s datacenter(s) contain
both internal and external servers. Access to the Company’s internal server is
restricted to pre-approved persons, servers and locations; our external servers
can be accessed via the Internet. Your Information is stored and encrypted on
secure servers and our servers can only ever be accessed by authorized
personnel.
While we will use all reasonable
efforts to safeguard Your Information, you acknowledge that the use of the
internet is not entirely secure and for this reason we cannot guarantee the
security or integrity of any personal data transferred from you, or to you via
the internet.
You may request from us to erase/delete your personal
data in cases where there is no rationale as to the need for us to continue to
process it. However, we may not be able to comply with your request due to
regulatory requirements by which you will be notified accordingly.
We will not keep Your Information
for any longer than is required for legal and/or business purposes. In many
cases, information must be kept for considerable periods of time, subject to a
maximum of seven (7) years. Retention
periods will be determined considering the type of information that is
collected and the purpose for which it is collected, bearing in mind the
requirements applicable to the situation and the need to destroy outdated,
unused information at the earliest reasonable time.
You have the following rights under
data protection laws in terms of personal data we hold about you:
a)
Receive a Copy of your personal
data – you have the right to have access to your personal data, where your
personal data is stored, how we collected your data and for what purposes. Your request to obtain your personal data
must be sent to us in writing via a durable medium, where we will process your
request in accordance with the applicable law(s).
b)
Request
rectification/correction of the personal data we hold about you – you can at
any time have the right to correct any inaccurate or incomplete data we hold
about you. If this applies to you,
please reach to our Customer Support Team.
c)
Request erasure of your
personal information – you have the right to request deletion of your personal
data (“right to be forgotten”). Please
bear in mind that, as we are a FSA licensed investment firm, we are under
certain legal obligation to hold your data for a maximum of seven (7) years.
d)
Object to processing of your
personal data – you have the right to object to the processing of your personal
data. Please bear in mind that, as a FSA
licensed investment firm, should you object to processing certain data, then we
may not be able to provide you our services.
e)
Right to data portability – you
have the right to request for your personal data to be transferred to a third
party, your request to transfer your personal data must be sent to us in
writing via a durable medium, where we will process your request in accordance
with the applicable law(s).
f)
Data being processed for direct
marketing purposes – you have the right to object for your personal data to be
used for direct marketing (this includes profiling), where you can unsubscribe
to our direct marketing campaigns.
Please note that for all the above
mentioned, we may need to request specific information from you to help us
confirm your identity. This is a security measure to ensure that personal data
is not disclosed to any unauthorized third party. In certain circumstances relevant legal
requirements may prevent us from providing your personal information.
We use cookies to help us find
which services you are interested in and remember details about your
application. We don't store sensitive information like your name or address in
our cookies, just an anonymous reference to them so that we're able to find them.
We also occasionally set Cookies to help you navigate around the site, enhance
your experience, or give you important information regarding interests.
When you access our Website, we
collect information that your browser sends whenever you visit the Website or
an online service (“Cookies”). Such Cookies may include, but is not limited to,
your computer’s Internet Protocol address, browser type, the web page you were
visiting before you came to the Site and information you search for on the
Site. In addition, if you access the Website via a mobile device, we may
collect a PushID, subject to your consent as indicated by you in the mobile
application, and a Mobile IP.
You can choose to disable or block
these cookies in your browser but without some of them our site will not be
able to give you the best experience possible.
All your personal data is processed
within the European Economic Area (“EEA”).
In some cases, when we provide our services to you, your personal data
may be transferred to and processed within countries outside the EEA, such
jurisdictions may not offer the same level of data protection as in the
EEA. Through accepting provisions of our
services to you, you acknowledge and consent to such transfer.
If
you have any questions regarding this policy, wish to access or change your
information or have a complaint, or if you have any questions about security on
our Website, you may email us at info@topline.com
If
you are not content with
our response and
have concerns or
believe we are
not processing your personal data
in accordance with the law, you have the right to escalate your complaint to
the data protection regulator in
your jurisdiction.
This Policy is
subject to change without notice. For this reason, you are advised to look for
updates from time to time.