This is the privacy statement for Van Sterling Capital Ltd. (or “we”). Van Sterling Capital Ltd. is a company regulated by the Malta Financial Service Authority with the licence number IS/66549 with its address at 168, St. Christopher Street, Valletta VLT 1467, Malta.
Van Sterling Capital Ltd. is committed to protecting and respecting your privacy. This policy sets out the basis on which any personal data we collect from you or that you provide to us, directly or indirectly, will be processed by us. Please read the following carefully to understand our views and practices regarding personal data and how we treat it.
Van Sterling Capital Ltd. can be contacted at the above address, firstname.lastname@example.org and on +356 (27) 289 615.
The General Data Protection Regulation (EU) 2016/679
In this statement we have used certain terms which are set out in the EU´s General Data Protection Regulation (GDPR or the Regulation):
personal data means: any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
controller means: the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.
processor means: a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller.
processing means: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
What we do?
Van Sterling Capital Ltd. is a regulated asset manager for private and institutional clients.
Our Status under GDPR
Depending on the nature of the interaction, we may act as a processor in that we are acting upon instructions from controllers when we provide our services to them; and when we control the purposes and means of the processing of personal data, we act as a controller, as defined under GDPR.
What lawful reasons do we use to process personal data?
The lawful reasons Van Sterling Capital Ltd. uses to process personal data are set out in Article 6 of the regulation and with respect to the business model undertaken by Van Sterling Capital Ltd., our processing is lawful given that at least one of the following applies:
- The data subject has given consent to the processing of his or her personal data for one or more specific purposes (Consent).
- Processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract (Contract Performance).
- Processing is necessary for compliance with a legal obligation which we are subject to (Legal Obligations).
- Processing is necessary for the purposes of the legitimate interests pursued by Van Sterling Capital Ltd., except where our interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child (Legitimate Interest).
Sensitive personal data
Where we process sensitive personal data, we do so on the basis that we have established a lawful exception to the prohibition on processing sensitive personal data under Article 9 of the Regulation; and where Van Sterling Capital Ltd. is processing sensitive personal data of employees, it does so pursuant to its employment relationship with its personnel and so uses the exception set out in paragraph 2(b) of Article 9 of the Regulation.
What personal information do we collect?
We collect and process your personal information in a number of ways.
Information you give us directly
- You give us information about yourself when you register for an agreement with us. Information includes contact details, identity data such as your passport or national identification card, utility bills, age, gender, address details, employment details, financial details, tax information, details of your trading experience and knowledge and payment details such as credit and debit card information. We collect also personal data about you from publicly available sources.
- You choose to provide additional information to us when you contact us or otherwise interact with us, including via e-mail, letter, phone or chat function and through your use of our services.
- We keep records of communications when you contact us or otherwise interact with us, including e-mail, letter, online, telephone or live chat function on our platforms. This may include credentials such as passwords, password hints and other security information used for authentication and account access.
Information, we collect automatically
When you interact with our services, our servers keep an activity log unique to you which collects certain administrative and traffic information including source IP address, time of access, date of access, language use, software crash reports and type of browser used.
How does Van Sterling Capital Ltd. use my personal information?
We use your information for the following purposes:
- To provide a requested service or carry out a contract with you.
- To collect payment, deliver our services to you and to process your transactions.
- To provide you with support and service messages, including messages requesting your feedback on our services and notifying you about changes to our platform, services or changes to our terms, conditions and policies.
- To enforce any contract entered into between you and us for the provision of our services.
- To conduct security and anti-money laundering reviews and to validate your identity, age, the registration information provided by you and to verify your use of our services and your financial transactions.
- To develop and improve our platforms to enhance your experience and personalise our platforms and services for you.
- To improve the quality of the services we provide.
- To monitor accounts to prevent the use of unfair or unlawful practices.
- To ensure effective operational management and internal administration of our business, document retention, compliance with regulatory guidance and exercise or defence of legal claims.
- To protect, investigate and deter against fraudulent, unauthorised or illegal activity.
- In response to requests by government or law enforcement authorities conducting an investigation.
- To fulfil our legal regulatory responsibilities; and when required by our regulator.
Does Van Sterling Capital Ltd. share my personal data?
We take steps to ensure that our arrangements with third-party suppliers (including online vendors) protect your privacy. We share your personal information in the following circumstances:
- With suppliers and sub-contractors for the performance of a contract including where we engage the services of third-party suppliers to provide technical support and maintain your account with us. Such third parties may include but not limited to providers of brokers, banks, lawyers, auditors, platforms hosting, maintenance, marketing, data analysis, research and surveys.
- With analytics and search engine providers that assist us in the improvement and optimisation of our site.
- If Van Sterling Capital Ltd. or substantially all of its assets are acquired by a third party, in which case personal data held by Van Sterling Capital Ltd. (in part or in whole) may be one of the transferred assets.
- If we are under a duty to disclose or share personal data to comply with any legal obligation, or in order to enforce or apply our terms and other agreements; or to protect the rights, property, or safety of Van Sterling Capital Ltd. and its personnel, or others. This includes exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction.
- We may share your personal information with third-party electronic payment processors and/or financial institutions to process financial transactions you may undertake.
- We may share your personal information with trusted third-party suppliers of information verification services for the purposes of validating the personal information you provide to us in the course of using our services.
- Where you are found to have attempted to defraud us, our other group companies, or any other user of our services in any way including but not limited to payment fraud, or if we suspect you of fraudulent payment, including use of stolen credit cards, or any other fraudulent activity (including any chargeback or other reversal of a payment) or prohibited transaction (including money laundering). We reserve the right to share this information (together with your identity) with, banks, brokers, credit card companies, and appropriate agencies.
- Anyone authorised by you.
- To courts, tribunals, law enforcement or other government agencies, applicable competent authorities as required by law or requested to comply with applicable law for internal investigations and reporting or respond to a valid legal process.
- To process your personal information we use Microsoft Corporation’s services, One Microsoft Way, Redmond, WA 98052-7329, to process your personal information. We use the following products: Office 365 product range and the CloudService OneDrive.
Because Microsoft is a US-based company, some personal data is automatically transferred to the company and thus to the USA. The PrivacyShield Agreement between the US and the EU guarantees a sufficient level of data protection. In addition, Microsoft guarantees the secure handling of personal information in your End User Agreement on your online platform. From our side, we ensure that the products used are kept up-to-date and adjusted to our requirements.
- When processing your personal information, we use services of Salesforce.com, inc., Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA 94105, USA. We use the following product: Salesforce CRM.
How long does Van Sterling Capital Ltd. keep my personal information?
Information that we collect will be retained only for as long as is necessary to fulfil the purposes outlined above in this Privacy Notice (this will generally be for the duration of time where you utilise our services) or to comply with our legal obligations. We may retain your information further for a period of time specifically required by applicable regulations or laws, such as retaining the information for tax and accounting and financial services regulations record keeping obligations.
When determining the relevant retention periods for your personal information, we will take into account factors including:
- Our contractual obligations and rights in relation to the information involved.
- Legal obligation(s) under applicable law to retain data for a certain period of time.
- Statute of limitations under applicable law(s).
- Potential disputes.
- Guidelines issued by relevant data protection authorities.
We securely erase your information according to the legally binding GDPR version once the information is no longer needed.
Does Van Sterling Capital Ltd. Transfer my personal information abroad?
We store your personal information on our servers which may be based outside of the European Economic Area. We are often required to transfer data internationally. Accordingly, data about you may be transferred to jurisdictions which are not deemed to be “adequate” under the regulation.
Where your personal information is transferred to a country or territory outside the European Economic Area, and where this is to a country that is not subject to an adequacy decision approved by the EU Commission, we will take steps with the aim of ensuring that your privacy information continue to be protected. For example, by using third party´s Processor Binding Corporate Rules, Intra-group privacy agreements, EU Commission approved standard contractual clauses or verifying that third parties are certified under an approved certification mechanism according to international privacy rules.
We have implemented security measures that are designed to help protect the personal data we collect or receive in connection with our services from unauthorised access or disclosure. For example, we use encryption techniques to ensure the security of data; we also use password protection.
What forms of ID will I need to provide in order to access the above?
Van Sterling Capital Ltd. accepts the following forms of ID when information on your personal data is requested: passport, identity card, driving license, utility bill or bank statement from the previous 3 months. We reserve the right to request further information where your identification is not clear.
Your rights to complain
If you want to address a complaint to the authority we would be happy if you contact us beforehand under email@example.com.
Nevertheless and of course you have the right to contact the Commissioner for Data Protection regarding your complaint about the way we process your personal data. You can register your concern by contacting at the Commissioner under firstname.lastname@example.org.
The personal data we process is subject to rigorous measures and procedures to minimize the risk of unauthorized access or disclosure. We will get in touch with the supervisory authority (which in Van Sterling Capital Ltd. case is the Commissioner for Personal Data Protection located at Floor 2, Airways House, High Street, Sliema, SLM 1549, Malta, www. idpc.org.mt) and with affected data subjects, where this is required under the Regulation.
Changes to this privacy statement
If we change this privacy statement, we will let you know about the changes by publishing the updated version on our site.
At the request of the data subject we will confirm the information we hold about the data subject and how it is processed. As set out in the Regulation a data subject can request the following information:
- Identity and the contact details of the person or organisation that has determined how and why to process personal data. In some cases, this will be a representative in the EU.
- Contact details of the data protection officer, where applicable.
- The purpose of the processing as well as the legal basis for processing.
- If the processing is based on the legitimate interests of Van Sterling Capital Ltd. or a third party, information about those interests.
- The categories of personal data collected, stored and processed.
- Recipient(s) or categories of recipients that the data is/will be disclosed to.
- If we intend to transfer the personal data to a third country or international organisation, information about how we ensure this is done securely. The EU has approved sending personal data to some countries because they meet a minimum standard of data protection. In other cases, we will ensure there are specific measures in place to secure information.
- How long the personal data will be stored.
- Details of data subject´s rights to correct, erase, restrict or object to such processing.
- Information about the data subject´s right to withdraw consent at any time.
- How to lodge a complaint with the supervisory authority.
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether we are obliged to provide the personal data and the possible consequences of failing to provide such data.
- The source of personal data if it wasn’t collected directly from you.
- Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.
Van Sterling Capital Ltd.
Contact name: Sven Büchel
168, St. Christopher Street, Valletta VLT 1467, Malta