This notice sets out how BullionRock will process your personal information (as a Data Controller).
In providing the Services, BullionRock is obligated and/or permitted by law to retain copies of certain Personal Data in respect of its relationship with you and/or in order to provide the Services to you.
BullionRock is registered under local Data Protection Law and may retain your Personal Data collected from you in electronic, paper or other filing systems.
Your personal information may be disclosed to other companies within the Ravenscroft Group in order to facilitate the provision of the Services. When processing your Personal Data there will be times where BullionRock acts in the capacity of a data controller (as defined under applicable Data Protection Law).
Please note that the following terms set out below will apply to the way in which BullionRock processes your Personal Data when acting as a data controller.
Purposes of processing and legal basis for processing
BullionRock may process your Personal Data for the following purposes:
· BullionRock will itself (or through a third party e.g. credit reference agency) process certain information about you or your directors, officers and employees and your beneficial owners (if applicable) in order to carry out credit checks and anti-money laundering checks and related actions which BullionRock considers appropriate to meet any legal obligations imposed on BullionRock relating to the prevention of fraud, money laundering, terrorist financing, bribery, corruption, tax evasion and to prevent the provision of financial and other services to persons who may be subject to economic or trade sanctions, on an on-going basis, in accordance with BullionRock's anti-money laundering procedures;
· to provide the Services to you and/or for BullionRock's internal administration;
· to monitor and record calls and electronic communications for investigation and fraud prevention purposes, for crime detection, prevention, investigation and prosecution, and to enforce or defend BullionRock and its affiliates' rights, itself or through third parties to whom it delegates such responsibilities or rights in order to comply with a legal obligation imposed on BullionRock; and
· to monitor and record calls for quality, business analysis, training and related purposes in order to pursue the legitimate interests of BullionRock to improve its service delivery,
and which are necessary to comply with a legal obligation and/or which are necessary for BullionRock's legitimate interests indicated above.
Information that we collect through our website
You are not required to provide any personal information on the public areas of our website; however, you may choose to do so by completing any of the forms on which are included in the following pages:
· Open Account;
· Sign In;
· Client Login; and
· Contact us.
In addition to the information you knowingly provide, BullionRock collects the domain names and IP addresses of its visitors, along with usage statistics, analytics and browsing history. This data is used to promote our services. Please click HERE and read our Cookies Policy for further details. You may also provide us with personal information if you contact us by email, telephone or letter.
Recipients of data and international transfer of data
BullionRock may disclose your personal information as follows:
· to credit reference agencies (e.g. Experian) in order to carry out money laundering, credit and identity checks and comply with legal obligations;
· to third party vendors in order to process the data for the above mentioned purposes, such as IT providers, brokers and dealers;
· to competent authorities, courts and bodies as required by law or requested or to affiliates for internal investigations and reporting; and
· to BullionRock's affiliates in order to share your Personal Data for hosting and future Services.
The disclosure of personal information to the third parties set out above may involve the transfer of data to the United States of America and other jurisdictions outside the EEA. Such countries may not have the same data protection laws as your jurisdiction.
BullionRock will not transfer Personal Data to persons located outside the EEA until, if required by applicable Data Protection Law, that person has entered into an agreement with BullionRock that includes the standard contractual clauses (known as model contract clauses) that are recognised by the European Commission as offering adequate safeguards in relation to data protection.
Your Personal Data is only processed in accordance with applicable Data Protection Laws and in order to maintain an appropriate level of protection over that Personal Data. Please contact the Ravenscroft Group's Data Protection Officer for further details, including copies of the standard contractual clauses referred to above (see further contact details below).
Retention of personal information and security
Your personal information will be retained for as long as required:
· for the purposes for which the personal information was collected;
· in order to establish or defend legal rights or obligations or to satisfy any reporting or accounting obligations; and/or
· as required by data protection laws and any other applicable laws or regulatory requirements.
We will ensure that the personal information that we hold is subject to appropriate security measures.
Data Subject Rights
You have the following rights, in certain circumstances, in relation to your Personal Data:
· right to access your Personal Data;
· right to rectify your Personal Data;
· right to restrict the use of your Personal Data;
· right to request that your Personal Data is erased; and
· right to object to processing of your Personal Data.
Where you have provided your consent to processing, you may withdraw your consent at any time by contacting our Data Protection Officer via firstname.lastname@example.org stating that you withdraw your consent.
Where BullionRock requires your Personal Data to comply with KYC or other legal requirements, failure to provide this information means BullionRock may not be able to provide the Services.
You have the right to lodge a complaint with the Office of the Data Protection Commissioner in Guernsey where Ravenscroft Precious Metals Limited and Coinbox Limited is Registered, or your local Supervisory Authority.
If you wish to exercise any of the rights set out above, please contact our Group Data Protection Officer at email@example.com.
Data Protection Officer - contact details
If you have any questions about our use of your Personal Data, please contact the Group Data Protection Officer, Jade Cook at firstname.lastname@example.org, or at Ravenscroft Limited, PO Box 222, Level 5, The Market Buildings, Fountain Street, St. Peter Port, Guernsey, GY1 4JG, or on +44 (0) 1481 729100.
Changes to this policy
We may change this policy from time to time by updating this page. You should check this page from time to time to ensure you are happy with any changes. We last updated this policy on 22nd May 2018.