Regulatory Disclosures Terms of Service Privacy Policy GDPR Privacy Policy

Liquidly, Inc. Privacy Policy (GDPR)

Effective Date: June 10, 2020

Introduction

Liquidly respects your privacy and is committed to protecting your Personal Data. This Privacy Policy pertains to visitors, users and others who reside in the European Union and the UK and will inform you as to how we collect, process and look after your Personal Data when you use our Service and tell you about your privacy rights and how the law protects you. For UK residents, any and all references to “GDPR” may be understood to be references to UK GDPR.

“Personal Data” is any data that can be used to identify you directly or indirectly (e.g., your identity data, bank statements, device identifier, location, browsing activity or IP address). Other defined terms in this Privacy Policy have the same meanings given to them in our standard privacy policy that can be accessed here.

While you use our Service, we are processing your Personal Data. You therefore have the right to know what we do with it, how long we retain it, and with whom we share it. It is important that you read this Privacy Policy together with any other privacy policy we may provide on specific occasions when we are collecting or processing Personal Data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements other notices and privacy policies and is not intended to override them.

Guiding Principles:
  • We only process Personal Data that is strictly necessary with regard to its purpose;
  • You remain in control of your Personal Data; and
  • Your Personal Data is processed in a transparent, confidential and secure manner.

Who Are We And How Can You Contact Us?

As further detailed in this Privacy Policy, we sometimes process your Personal Data on behalf of, and under the instructions of, our clients who have introduced our Service to you (“our Clients”). For example, you may be an existing client of our Client or an employee of our Client. In these cases, we are a “Processor” of Personal Data and they are a “Controller” (i.e., the main organization that is responsible for ensuring that your Personal Data is processed in compliance with applicable regulations).

For other processing activities, we are processing your Personal Data for our own benefits and purposes, without any instructions given by our Clients. In such cases, we are the Controller and responsible for your Personal Data.

If you have any concerns, questions or if you would like to exercise any of your rights with respect to your Personal Data, you may contact us, our EU representative or UK representative at the following addresses:

EU Representative:
PrighterGDPR-Rep by Maetzler Rechtsanwalts GmbH & Co KG
c/o Liquidly, Inc.
9 Clare Street
Dublin 2 D02 HH30
Ireland

UK Representative:
PrighterUK-Rep by Prighter Ltd.
c/o Liquidly, Inc.
20 Mortlake Mortlake High Street
London, SW14 8JN
United Kingdom

Liquidly:
Liquidly, Inc.
225 W 34th Street, 9th Floor
New York, NY 10122
United States
legal@liquidlypro.com

What Personal Data Do We Collect?

We may collect, use, store and transfer different kinds of Personal Data which we have grouped together as follows:

  • Identity Data which includes first name, last name, username or similar identifier and title.
  • Contact Data which includes business or residential address, email address and telephone numbers.
  • Technical Data which includes IP address, your log-in data, browser type and device type.
  • Transaction Data which includes details about completed transactions through our Service.
  • Financial Data which includes financial holdings information.

We do NOT collect any “Special Categories” of Personal Data about you (such special categories include details about race or ethnicity, religious or philosophical beliefs, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data).

How Is Your Personal Data Collected?

We collect your Personal Data in one of two ways: either you provide it to us directly or it is provided to us from our Clients so that we may provide our Service for your benefit.

The Data You Provide to Us Directly.
During our interactions with you, you may be asked to provide us with Identity Data and Contact Data. For example, we collect this Personal Data when you fill out a “Contact Us” form on our website or when you subscribe to our Service.

The Data We Collect from External Sources.
When we provide services to our Clients, they may transfer to us the following Personal Data relating to their employees and/or their clients: with respect to their employees, Identity and Contact data; with respect to their clients, Identity, Transaction and Financial Data.

Automated Technologies.
Each time you use our Service, we automatically collect Technical Data. We collect this personal data by using cookies which are small text files that are placed on your computer or mobile application when you use our Service. However, we do NOT collect any Personal Data via automated means when you make a visit to our website.

We may use cookies for the following purposes:

  • Authentication purposes, allowing you to automatically login into your account, using identifiers or data that you have previously entrusted to us;
  • Personalization of our user interface, allowing us to ensure that the display of our content is suitable for your device;
  • Building traffic statistics and tests aimed at measuring the relative performance of different versions of our website and platform, as part of problem solving, data analysis, tests, research, analysis, studies and surveys; or
  • Establishing statistics and volumes of visits and use of the various elements making up our site (sections and contents visited, routes) in order to improve the interest and ergonomics of our website and our platform.

Cookies may give us access to the following personal information: (i) Identifiers of the equipment you use (IP address of your computer), (ii) type of operating system, (iii) type and version of the browser software, (iv) dates and times of connection to our services, (v) address of the originating Internet page ("referrer"), (vi) activity data on our services, (vii) information relating to your use of our sites and applications and (viii) information relating to the presence of cookies on your terminal.

On your first visit on our platform, you will be prompted to take a clear, affirmative action so that we can ensure that you agree with the processing of your personal information. Before obtaining your consent, we will systematically inform you of the names of the organizations implementing the cookies, the consequences of your consent or refusal to consent, the purposes of the processing, and your right to withdraw your consent.

You can choose to consent to certain uses of your data and refuse others. If you decide to withdraw you consent, you can do so easily by contacting us via e-mail at legal@liquidlypro.com.

On What Basis do We Collect Your Data?

We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:

  • Where we need to perform the contract we are about to enter into or have entered into with you or our Clients with respect to our Service; and
  • Where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests. Legitimate interest is a set of commercial or business reasons that justify that we process Personal Data about you. We will use legitimate interest only when we have carried out an assessment on the impact that this processing may have on you and concluded that the processing does not unduly infringe your rights and freedoms.

For What Purposes Do We Use Your Data?

We have set out below, in table format, a description of the ways we plan to use your Personal Data and the legal basis for doing so. We have also identified what our legitimate interests are where appropriate.

Purpose/Activity Data Collected Lawful basis
Process your request when you submit the “Contact Us” form
  • Identity
  • Contact
  • Contract
Registering you for the Service/Create an account
  • Identity
  • Contact
  • Legitimate Interest (to comply with our regulatory reporting obligations under 17 CFR § 242.301)
  • Legitimate Interest (to keep track of your activity to prevent any misuse or any potential fraud with our Service)
To provide our Service for the benefit of the clients of our Clients
  • Identity
  • Financial
  • Transaction
  • Contract
To administer our Services and protect our business (including troubleshooting, system maintenance, data analysis, support, reporting and hosting of data)
  • Identity
  • Contact
  • Technical
  • Transaction
  • Legitimate Interest (for running our business, provision of administration and IT services, network security, prevention of fraud)

How Long Do We Keep Your Data?

Your Personal Data cannot be retained indefinitely. We will only retain your Personal Data for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. When their retention is no longer justified by legal, commercial or user account management requirements, or if you have made use of a right of modification or erasure, we will delete your Personal Data securely.

When we act as a Processor, our Clients define the retention periods of your Personal Data. When we act as a Controller, we will retain the Personal Data we collect from you:

  • For 3 years after a trade has occurred under SEC regulations for alternative trading systems;
  • For 1 year after you filled the “Contact us” form; and/or
  • For 3 years after our contract has ended with our Clients and your account was closed.

WHO IS LIKELY TO HAVE ACCESS TO THE DATA WE COLLECT?

Disclosure Within Our Organization
We disclose your Personal Data to a limited number of individuals, on a need-to know basis, with limited access permissions, within our organization. The following individuals within our organization may have access to some of your data: customer service, system administration, management and information technology. Staff who can access Personal Data are subject to an obligation of confidentiality and are trained in the protection of privacy.

Disclosure Outside Our Organization
We disclose your Personal Data to external organizations or authorities. We will always ensure that such disclosure allows you to benefit from the same level of protection that is granted to you by this Privacy Policy.

The following may have access to some of your data:

  • Our service providers: We use third-party cloud services to store your Personal Data. These services are located in the United States and/or Switzerland. The disclosure of your Personal Data to our service providers is made on the basis of signed contracts that are binding and that mention their obligations in terms of data protection, data security and confidentiality.
  • Police authorities, judicial or administrative authorities: We may disclose your Personal Data when we are required or authorized by law to cooperate with local, national or international law enforcement or other authorities for the reporting and/or investigation of improper or unlawful activities, or if we need to comply with court orders.

IS YOUR PERSONAL DATA TRANSFERRED OUTSIDE OF THE EUROPEAN UNION?

Insofar as we are a US-based organization, the Personal Data we collect when you use our Service is transferred to the United States. We may also transfer your Personal Data to India where our wholly-owned IT affiliate is located.

In the event of a transfer of this type, the processing is carried out in accordance with this Privacy Policy and that it is framed by standard contractual clauses of the European Commission which make it possible to guarantee a sufficient level of protection of privacy and fundamental rights of individuals. A copy of these standard contractual clauses can be made available to you upon request by writing us at legal@liquidlypro.com.

What Are Your Rights?

You have the right to access your Personal Data and request that it be rectified, supplemented or updated. You can also request the erasure of your data, to restrict our processing, or object to our processing, provided you can justify a legitimate reason.

You can ask to exercise your right to the portability of your data, that is to say the right to receive the Personal Data that you have provided to us in a structured, commonly used format and the right to transmit this data to another data controller.

Before responding to your request, we will verify your identity and/or ask you to provide us with more information to respond to your request. We will do our best to respond to your request within one month, unless your request is particularly complex. In such a case, we will inform you of the need to extend this response time by two additional months.

If you wish to exercise any of these rights set out above or have other questions or concerns, please contact us at legal@liquidlypro.com.

HOW ABOUT CHILDREN'S PRIVACY?

This website and our Service is not intended for children and we do not knowingly collect any data relating to children.

What Happens If We Make Changes To This Privacy Policy?

We may update this Privacy Policy to reflect changes to our information practices but we will not reduce your rights under this Privacy Policy without your express consent. We will post any changes to this Privacy Policy on this page and, if the changes are significant, we will provide a more prominent notice. We will also keep prior versions of this Privacy Policy in an archive for your review. We encourage you to periodically review our Privacy Policy for the latest information on our privacy practices and to contact us if you have any questions or concerns.