This privacy notice describes how Ura Central Corp (together with its affiliates, “Ura Central Corp“, “we” or “us“) collect and process personal information about you when you are a Member representative, a client or employee or beneficial owner of a Member (or an entity that is applying to become a Member), or a user of an Exchange, Clearing House or other Ura Central Corp services and products; how we use and protect this information; and your rights in relation to your personal information. Personal information is information, or a combination of pieces of information, that could reasonably allow you or your household to be identified directly or indirectly.
1. INFORMATION WE COLLECT
We may collect personal information from you directly (e.g. from a membership application or when you submit a query to us) and we may also collect information about you from other sources (where permitted by law).
We need certain personal information relating to you as a consequence of the contractual relationship we have with you or with Members to enable us to fulfil our contractual obligations. Failure to provide this information may prevent or delay the fulfilment of these obligations. We may also be required to collect certain personal information by law (for example, as a result of our legal obligations to take steps to prevent money laundering).
Where you provide personal information to us for purposes of providing services, we act as a service provider with respect to such personal information. We process the personal information consistent with Ura Central Corp’s Privacy Policy.
and, unless you provide prior written approval, we will not collect, retain, use, disclose, or sell your personal information for any purpose other than performing services pursuant to our contractual relationship, enabling us to meet our legal and regulatory requirements, marketing our products and services, or product improvement and development.
1.1 Information we collect directly from you,
The categories of information that we collect directly from you (depending upon your relationship with us and applicable law) include the following:
- Identifiers, such as your name, date of birth, age, address, country of residence, phone number, email address, account password, or other identification details;
- Commercial information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies;
- Protected characteristics, such as your military or military reserve service or status;
- Education information, such as the information included in your curriculum vitae;
- Professional information, such as your job title, company, or investor type;
- Financial information, such as credit card number and expiration date;
- Audio, electronic, visual, or similar information, such as photographs or voice recordings; and,
- Your preferences, such as how often you wish to receive marketing or other communications.
1.2 Information collected automatically from you,
We and our third-party service providers, use cookies, web beacons, and other tracking technologies to collect information about you automatically. Examples of this type of information include, but are not limited to:
- Identifiers, such as your IP (Internet Protocol) address, your browser type, your operating system, or domain name; and
- Internet or other electronic network activity information, such as the dates and times of your use of the Digital Services, the route by which you choose to access them, and your use of any hyperlinks or downloadable content available on the Digital Services.
We collect this information using cookies and other device-tracking technologies. Further information about our use of cookies and other device-tracking technologies is available under Cookies.
1.3 Information we collect from other sources,
We collect the following categories of information from other sources such as Members, third parties providing due diligence services, Companies House in the UK (or its equivalent in other jurisdictions) and other publicly available sources:
- Identifiers, such as your name, age, date of birth, phone number, email address, and postal address;
- Commercial information, such as your transactions and considered transactions, including companies in which you may have an interest;
- Education information, such as the information on a curriculum vitae;
- Professional information; and
- other relevant information in respect of the Membership and/or use of our services.
1.4 Sensitive data,
We may also collect sensitive information (also known as special category information) about you with your consent or as permitted or required by law. This is a category of personal information that has special protection under data protection laws, such as:
- information about race, ethnic origin, religion, or sexual orientation for diversity monitoring purposes
- photograph, fingerprint, or other biometric identifier for identification purposes
- health or disability information to provide occupational health support and administer insurance benefits
- criminal background check information for employee vetting purposes
- trade union membership
- banking and financial account, and national identification number in China
- precise location
2. HOW WE USE THIS PERSONAL INFORMATION AND THE BASIS ON WHICH WE USE IT
We use this personal information to:
- on-board new Members and carry out background screening checks (for instance, where your firm applies to become a Member of a Ura Central Corp Platform);
- carry out our obligations to Members and users of our services under any applicable contract (such as a membership or participation agreement);
- exercise our rights under any applicable contract;
- provide any services that you request from us;
- keep our records accurate and up-to-date;
- comply with legal obligations to which we are subject;
- exercise our legal rights where necessary to do so, for example, to detect, prevent and respond to fraud claims, intellectual property infringement claims or violations of law;
- provide, improve, and personalize the services by analyzing information about your recent usage for analytics purposes to understand how people use our services so that we can make them more intuitive; and
- carry out monitoring of the use of our services in accordance with applicable law.
In some countries in which we operate the law requires that we have a legal basis to process your personal information. In most cases, under EU and UK privacy laws, for example, the legal basis will be one of the following:
- to fulfil our contractual obligations, for example, to ensure that you have access to the applicable Ura Central Corp platforms;
- to meet our legal and regulatory obligations as a trading venue and clearing house, for example, to have transparent and non-discretionary rules and procedures and to provide for fair and orderly trading; and
- to meet our legitimate interests, for example, to ensure that we can provide you with our services and that our records are kept up-to-date and accurate. When we process personal information to meet our legitimate interests, we put in place robust safeguards to ensure that your privacy is protected and to ensure that our legitimate interests are not overridden by your interests or fundamental rights and freedoms. For more information about the balancing test that we carry out to process your personal information to meet our legitimate interests, please contact us at the details below.
We may obtain your explicit consent to collect and use certain types of personal information when we are required to do so by law (for example, when we process some categories of sensitive personal information). If we ask for your consent to process your personal information, you may withdraw your consent at any time by contacting us using the details at the end of this privacy notice.
Please note that withdrawing consent does not affect our right to continue to collect, use and disclose personal information where such collection, use and disclosure without consent is permitted or required under applicable laws.
3. YOUR RIGHTS OVER YOUR PERSONAL INFORMATION
Please let us know if any of the personal information that we hold about you changes so that we can correct and update the information on our systems.
In some countries where Ura Central Corp operates you have certain rights regarding your personal information, subject to applicable law. Depending on where you are located, these may include rights to:
- access and duplicate your personal information, including information about how your personal data collected by us has been used or disclosed within a year before the date of your request for access;
- rectify, correct, or supplement the information we hold about you;
- erase your personal information;
- restrict our use of your personal information;
- object to our use of your personal information;
- receive your personal information in a usable electronic format and transmit it to a third party (right to data portability);
- request an explanation of our personal information processing rules;
- receive additional information regarding the sources from which we collect information, the purposes for which we collect and share personal information, the information of yours we hold, and the categories of parties with whom we share your information.
If you are located in Australia, Canada, China, the EU or the UK, lodge a complaint with your local data protection authority or the applicable local data protection authority, office, or commissioner in the country where you work, reside, or where the subject-matter of your complaint or concern arises.
California residents have the right to opt-out of certain transfers of your information that involve monetary or other consideration. California law treats such disclosures as “sales” even if no money is exchanged and even if the disclosure is to an affiliate (“sales”). See section 4 below for more information regarding such disclosures. If applicable, you can exercise your right to opt-out. If you exercise the above rights, we will not discriminate against you by denying goods or services. We may, however, provide a different level of service or charge a different rate as permitted by applicable law.
We will contact you if we need additional information from you to honor your requests. To exercise any of the above rights, you may contact us at privacy@uracentral.com or contact the Data Protection Officer at the details below.
4. AUTOMATED DECISIONS ABOUT YOU
We may process your personal information by automatic means and without human intervention to make decisions or conduct ‘profiling’ about you. This involves using software that evaluates your personal aspects and predicts risks or outcomes. We carry out this automatic processing to secure our information technology and communications assets and the information processed by them.
We will only make these kinds of automated decisions about you where such decisions are required or authorized by law, for example for security or fraud prevention purposes.
If you require further information about automated decision-making, you want to object to our use of automated decision-making, or request an automated decision to be reviewed by a human being please contact privacy@uracentral.com and will explain to you what your rights are in relation to the processing in question.
5. INFORMATION SHARING
You acknowledge and agree that subject to applicable law, we may share your personal information for our business purposes with third parties under the following circumstances:
- with Ura Central Corp group companies. We work closely with other companies that fall within the Ura Central Corp group. For example, we share your information to host databases, utilize shared services across the Ura Central Corp group; for marketing purposes, internal reporting and customer insights and service optimization;
- with service providers and business partners. We may share your personal information with our service providers and business partners that perform business operations for us. For example, we may partner with other companies to carry out due diligence checks on our behalf, to facilitate payments and the delivery process in connection with our services, provide us with legal advice, host our databases, optimize our services, run marketing campaigns, support email and messaging services, and analyze information. We have entered into contractual arrangements that require our third-party service providers to respect our privacy practices and not use your personal information for purposes other than to carry out our instructions or provide services for us. Please see here for a list of our service providers and business partners that we may share your personal information with;
- to fulfil a request from a Member in accordance with our obligations under our contract with that Member;
- in the course of a sale or an acquisition of a Ura Central Corp group company;
- where permitted by law, to protect and defend our rights and property; and
- when required to do so by law, and/or by public authorities to comply with legal and/or regulatory requirements and cooperate with regulators and law enforcement bodies.
The following categories of your personal information may be shared with these parties:
- Identifiers;
- Commercial information;
- Internet or other electronic network activity information;
- Financial information;
- Professional information;
- Education information; and
- Inferences drawn from any of the above information categories.
6. INFORMATION SECURITY
We have implemented generally accepted standards of technology and operational security to protect personal information from loss, misuse, alteration, or destruction. We require all employees to keep personal information confidential and only authorized personnel have access to this information.
We will keep your personal information for as long as we have a relationship with you. Once our relationship with you has come to an end, we will retain your personal information for a period of time that enables us to:
- maintain business records for analysis and/or audit purposes;
- meet our regulatory requirements;
- comply with record retention requirements under applicable law;
- defend or bring any existing or potential legal claims; and
- deal with any complaints regarding the services.
We will delete or de-identify your personal information when it is no longer required for those purposes. If there is any information that we are unable, for technical reasons, to delete entirely from our systems, we will put in place appropriate measures to prevent any further processing or use of the information.
7. INFORMATION TRANSFER
Your personal information may be transferred to, stored, and processed in a country other than the one in which you are employed, which may not have the same level of data protection as your home country. These include India, Ireland, the United States, the United Kingdom, and so on. As such, your personal information may be accessed by the courts, law enforcement, and national security authorities of that other country. For the avoidance of doubt, if you are resident in the European Economic Area (“EEA”) or the UK this may include the transfer of your personal information from within the EEA or the UK to a country outside of the EEA or the UK.
We have put in place appropriate safeguards, such as standard contractual clauses in accordance with applicable data protection laws as well as technical safeguards in accordance with applicable legal requirements and the recommendations of the European Data Protection Board. For more information on the technical safeguards in place, please visit Security. Where the transfer is from China to a jurisdiction outside of China, the Company will comply with the applicable requirements to ensure that your personal information is adequately protected. Where the transfer of your personal information is from Singapore to a jurisdiction outside of Singapore, we will take steps to ensure that your personal information continues to receive a standard of protection that is at least comparable to that provided under the Personal Data Protection Act 2012 of Singapore (“PDPA”).
CONTACT US
If you have questions, complaints, or concerns regarding the way in which your personal information has been used, please contact us at Regulatory-DataProtection@uracentral.com.
We are committed to working with you to obtain a fair resolution of any complaint or concern about privacy. If, however, you believe that we have not been able to assist with your complaint or concern, you have the right to make a complaint to your local data protection authority.
8. CHANGES TO THE PRIVACY NOTICE
You may request a copy of this privacy notice from us using the contact details set out above. If we change this privacy notice, the updated version will be posted on our website promptly, and we may notify you via other channels.
Updated with effect from 20 March 2024