Privacy

J. Knobel Investor Services Limited (the “Company” or “we “or “Our”) is a Cyprus Limited Liability Company that was incorporated with registration number HE 379422 having its registered office and head offices at 55 Vyzantiou Street, 2064 Nicosia, Cyprus. If you have any questions, need clarifications or want more details about how we use your personal information, you can contact the Company at tel. +35722283212 or email at: info@jknobel.com

The Company is committed to protecting your privacy and handling your data in an open and transparent manner. The personal data that we collect and process depend on the service or product requested and agreed in each case. It is thus related with the necessity of the specific personal data to be used for the execution of our contract or/ and because of other legislation, regulation or European directives that the Company is obliged to comply with and that they will not be used for any other purpose, unless you give your consent (Consent Letter).

1. What we need
Our Personal Data Protection Policy governs the use and storage of your data. You can see our Personal Data Protection Policy at www.jknobel.com. The Company is a Controller of the personal data you (data subject) provide us. We collect the following types of personal data from you:

  • Names
  • Addresses
  • Date of Birth
  • Email Addresses
  • Phone Numbers
  • IP Addresses
  • Identification/Passport
  • Financial information
  • Educational information
  • Occupation
  • Marital status
  • Family status

We may also collect and process personal data from publicly available sources (e.g. the Department of Registrar of Companies and Official Receiver, commercial registers, the internet) which we lawfully obtain and we are permitted to process. If you are a prospective client or an authorised representative, officer, shareholder or beneficial owner of a legal entity or of a natural person which/who is a prospective client, the relevant personal data which we collect may include: Name, address, contact details (telephone, fax, email), identification data, date of birth, place of birth (city and country), if you hold/held a prominent public function (for PEPs), tax identification number, tax residency and other FATCA/CRS info (US Foreign Account Tax Compliance Act /EU Common Reporting Standard), national identification according to your nationality for MiFID II purposes, authentication data (e.g. signature).

When we agree to provide products and services to you or the legal entity you represent or beneficially own, then, in the context of the provision of investment services additional personal data will be collected and processed which may include: Current income and expenses, profession, current employment position, other professional activities (e.g. as per corporate certificates of directors/shareholders), property ownership and personal debts, personal investments and income from investments, number of dependents, other banking relationship details, tax residence and tax ID, data from entities that provide information for regulatory compliance (e.g. LexisNexis World Compliance), knowledge and experience with shares and other financial instruments (complex and noncomplex), investment strategy and scope, risk appetite, personal investment portfolio, personal objectives, recorded conversations, orders and minutes of meetings.

2. Why we need it
We need your personal data in order to provide you with the following services:

  • For the performance of a contract. We process personal data to provide investment and ancillary services based on contracts with our client but also to be able to complete our acceptance procedure to enter into a contract with prospective clients.
  • The purpose of processing personal data depends on the requirements for each service or product and the contract terms and conditions provide more details of the relevant purposes.
  • For compliance with a legal obligation There are a number of legal obligations emanating from the relevant laws to which we are subject as well as statutory requirements, e.g. the Money Laundering Law, the Investment Services Law, Tax laws. There are also various supervisory authorities whose laws, directives and regulations we are subject to e.g. the Cyprus Securities and Exchange Commission. Such obligations and requirements impose on us necessary personal data processing activities for identity verification, compliance with court decisions/ court orders, tax law or other reporting obligations and anti-money laundering controls.
  • For the purposes of safeguarding or servicing legitimate interests We process personal data to safeguard the legitimate interests pursued by us or by a third party. A legitimate interest is when we have a business or commercial reason to use your information. But even then, it must not unfairly go against what is right and best for you. Examples of such processing activities include: Means and processes undertaken to provide for the security of the Company’s IT and systems, preventing potential crime, asset security, admittance controls and anti-trespassing measures, Company risk management. Sharing your personal data for the purpose of updating/verifying your personal data in accordance with the relevant anti-money laundering compliance framework. Initiating legal claims and preparing our defence in litigation procedures.
  • For other reasons, provided you have given your consent Provided that you have given us your specific consent for processing (other than for the reasons set out hereinabove) then the lawfulness of such processing is based on that consent. You have the right to revoke consent at any time. However, any processing of personal data prior to the receipt of your revocation will not be affected. This may cover the provision of promotional material for services.
  • For collection of email addresses for the purpose of communication between the company and the user.
  • For collection of Phone Numbers for the purpose of communication between the company and the user.
  • For collection of IP addresses for the purpose of traffic analytics.

3. What we do with it
Your personal data is processed at the Company Offices located in Cyprus. We adhere to the security requirements for storage of sensitive personal data, as defined by law. Hosting and storage of your data takes place in secure data centers located in the European Union. It must be noted that we may disclose data about you for any of the reasons set out hereinabove, or if we are legally required to do so, or if we are authorized under our contractual and statutory obligations or if you have given your consent. All data processors appointed by us to process personal data on our behalf are bound by contract to comply with the GDPR provisions. Under the circumstances referred to above, recipients of personal data may be, for example: Supervisory and other regulatory and public authorities, in as much as a statutory obligation exists. Some examples are the Cyprus Securities and Exchange Commission, the income tax authorities. Other investment firms, management companies and depositaries, such as Custodians, Depositaries, Exchanges. According to our procedures for combating money laundering and financing of terrorism, the entities that provide information on regulatory compliance, e.g. LexisNexis World Compliance , and External legal consultants, Auditors and accountants, File storage companies, archiving and/or records management companies, Companies that developed the Company’s systems, companies who assist us with the effective provision of our services to you by offering technological expertise, solutions and support and facilitating trading.

4. How long we keep it
Under GDPR we are required to keep your documents for 12 Years according to the Data Retention Policy. After this period, your personal data will be irreversibly destroyed. Any personal data held by us for marketing and service update notifications will be kept by us until such time that you notify us that you no longer wish to receive this information.

5. What are your rights?
Should you believe that any personal data we hold on you is incorrect or incomplete, you have the ability to request to see this information, rectify it or have it deleted please contact us.

For prospective client personal data (or authorized representatives, officers or owners of a legal entity prospective client we shall keep your personal data for 6 months from the date of conclusion of all communications that didn’t lead to the opening of an account with the Company.
In the event that you wish to complain about how we have handled your personal data, please contact privacy@jknobel.com or in writing at in 55 Vyzantiou Street 2064 Nicosia Cyprus.

If you still feel that your personal data has not been handled appropriately according to the law, you can contact Cyprus, Office of the Commissioner for Personal Data Protection and file a complaint with them.

6. Changes to this privacy statement
Copy of this privacy statement is available on our website and is given/ contained with the account opening documents. This privacy statement may be modified or amended from time to time. We will notify you appropriately when we make changes to this privacy statement and we will amend the revision date stated below. You may also review the privacy statement published on our website periodically so as to be always informed about how we are processing and protecting your personal information.