Working Hours: Mon - Fri: 8:30 - 18:30

Privacy Policy

  • Home
  • /
  • Privacy Policy

Privacy Policy

At Atlas Market Exchange, we are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your personal information when you use our platform, website, mobile application, or any of our services.

This Privacy Policy applies to all clients, prospective clients, and visitors who interact with Atlas Market Exchange. By accessing or using our platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

Atlas Market Exchange is a fully licensed Danish bank operating under the supervision of the Danish Financial Supervisory Authority (FSA). We process personal data in accordance with the General Data Protection Regulation (GDPR) and all other applicable data protection laws and regulations.

1. Who We Are

Atlas Market Exchange is the data controller responsible for your personal data. As a regulated financial institution, we are legally obligated to collect and process certain personal information in order to provide our services, comply with applicable laws, and fulfil our regulatory obligations.

If you have any questions about this Privacy Policy or how we handle your personal data, please contact our Data Protection Officer (DPO) using the contact details provided in Section 14 of this policy.

2. Information We Collect

We collect personal data that is necessary to provide our services, meet our regulatory obligations, and improve your experience on our platform. The categories of personal data we may collect include:

  • Identity Information: Full name, date of birth, nationality, gender, and government-issued identification documents such as passport or national identity card.
  • Contact Information: Email address, phone number, residential address, and postal code.
  • Financial Information: Bank account details, payment card information, source of funds, net worth, income level, and investment experience.
  • Account Information: Username, account number, transaction history, portfolio holdings, trading activity, and account preferences.
  • Verification Documents: Proof of identity, proof of address, and any other documents required for KYC and AML compliance.
  • Technical Information: IP address, browser type and version, device type, operating system, time zone, and login data.
  • Usage Information: Pages visited, features used, search queries, time spent on the platform, and interaction data.
  • Communication Data: Records of communications between you and our support team, including emails, live chat transcripts, and call recordings where applicable.
  • Marketing Preferences: Your preferences regarding receiving marketing communications from us.

3. How We Collect Your Information

We collect your personal data through a variety of methods, including:

  • Directly from you: When you register for an account, complete verification forms, submit documents, make transactions, contact our support team, or otherwise interact with our platform.
  • Automatically: Through the use of cookies, tracking technologies, and server logs when you access and use our platform.
  • From third parties: From identity verification providers, credit reference agencies, fraud prevention services, financial data providers, and regulatory databases as permitted by applicable law.
  • From public sources: Publicly available databases, government registers, and official records where relevant to our compliance obligations.

4. How We Use Your Information

We use your personal data for the following purposes:

  • Account Opening and Verification: To verify your identity, assess your eligibility, and open and manage your account in accordance with KYC and AML regulatory requirements.
  • Service Provision: To process your orders, execute transactions, manage your portfolio, and provide access to our full range of financial products and services.
  • Regulatory Compliance: To fulfil our legal and regulatory obligations, including reporting to competent authorities, conducting ongoing monitoring, and maintaining required records.
  • Risk Management: To assess and manage financial, operational, and compliance risks associated with your account and trading activity.
  • Customer Support: To respond to your enquiries, resolve complaints, and provide assistance with account-related matters.
  • Platform Improvement: To analyse usage patterns, conduct research, and improve the functionality, security, and user experience of our platform.
  • Security and Fraud Prevention: To detect, investigate, and prevent unauthorised access, fraudulent activity, and other security threats.
  • Marketing and Communications: To send you relevant updates, product information, and promotional materials where you have provided your consent or where we have a legitimate interest to do so.
  • Legal Claims: To establish, exercise, or defend legal claims in the event of a dispute.

5. Legal Basis for Processing

We process your personal data on the following legal grounds under the GDPR:

  • Contractual Necessity: Processing is necessary to perform the contract we have with you and to provide the services you have requested.
  • Legal Obligation: Processing is required to comply with our legal and regulatory obligations, including AML, KYC, tax reporting, and financial regulation requirements.
  • Legitimate Interests: Processing is necessary for our legitimate business interests, such as improving our platform, preventing fraud, and ensuring the security of our systems, provided these interests are not overridden by your rights.
  • Consent: Where you have given your explicit consent for specific processing activities, such as receiving marketing communications. You may withdraw your consent at any time.

6. Sharing Your Information

We do not sell your personal data to third parties. We may share your information with the following categories of recipients only where necessary and in accordance with applicable law:

  • Regulatory Authorities: We may be required to disclose your personal data to the Danish Financial Supervisory Authority (FSA), tax authorities, law enforcement agencies, and other competent regulators in accordance with our legal obligations.
  • Service Providers: We work with trusted third-party service providers who assist us in operating our platform, including technology providers, payment processors, identity verification services, and customer support platforms. These providers are contractually bound to handle your data securely and only for the purposes we specify.
  • Financial Counterparties: We may share necessary information with banks, brokers, clearing houses, and other financial institutions involved in the execution and settlement of your transactions.
  • Professional Advisors: We may share your data with lawyers, auditors, and other professional advisors where necessary for legal, compliance, or audit purposes.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the relevant parties as part of that transaction, subject to the same privacy protections.
  • With Your Consent: We may share your data with other third parties where you have provided your explicit consent.

7. International Data Transfers

As a global financial platform, we may transfer your personal data to countries outside the European Economic Area (EEA). Where such transfers occur, we ensure that appropriate safeguards are in place to protect your data, including:

  • Transfers to countries that have been recognised by the European Commission as providing an adequate level of data protection.
  • Use of Standard Contractual Clauses (SCCs) approved by the European Commission.
  • Compliance with applicable data transfer mechanisms under the GDPR and relevant national laws.

You may request further information about the specific safeguards applied to international data transfers by contacting our Data Protection Officer.

8. Data Retention

We retain your personal data for as long as is necessary to fulfil the purposes for which it was collected, including satisfying legal, regulatory, accounting, and reporting obligations. In general:

  • Client account data and transaction records are retained for a minimum of five years following the closure of your account, in accordance with applicable financial regulations.
  • KYC and AML documentation is retained for a minimum of five years as required by anti-money laundering regulations.
  • Communication records, including support interactions, are retained for up to five years for compliance and dispute resolution purposes.
  • Marketing preference data is retained until you withdraw your consent or request deletion.

When your personal data is no longer required, we will securely delete or anonymise it in accordance with our internal data retention procedures.

9. Cookies and Tracking Technologies

We use cookies and similar tracking technologies on our platform to enhance your user experience, analyse usage patterns, and support the security and functionality of our services. The types of cookies we use include:

  • Essential Cookies: Necessary for the platform to function correctly and cannot be disabled. These include session management, authentication, and security cookies.
  • Analytical Cookies: Used to collect anonymised information about how users interact with our platform, helping us improve performance and usability.
  • Functional Cookies: Used to remember your preferences, such as language settings and display options, to provide a personalised experience.
  • Marketing Cookies: Used to deliver relevant advertisements and track the effectiveness of marketing campaigns, where you have provided your consent.

You can manage your cookie preferences through our Cookie Settings tool on the platform or through your browser settings. Please note that disabling certain cookies may affect the functionality of some features on our platform.

10. Data Security

We implement robust technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, disclosure, or destruction. Our security measures include:

  • End-to-end encryption of data in transit and at rest using industry-standard protocols.
  • Multi-factor authentication for account access and sensitive operations.
  • Regular security audits, vulnerability assessments, and penetration testing.
  • Strict access controls ensuring that only authorised personnel can access personal data on a need-to-know basis.
  • Continuous monitoring of our systems for suspicious activity and security threats.
  • Incident response procedures to promptly address and report any data breaches in accordance with applicable law.

While we take all reasonable steps to protect your data, no system is entirely immune to risk. We encourage you to use a strong password, enable two-factor authentication, and keep your account credentials confidential at all times.

11. Your Rights

Under the GDPR and applicable data protection laws, you have the following rights with respect to your personal data:

  • Right of Access: You have the right to request a copy of the personal data we hold about you and information on how it is being used.
  • Right to Rectification: You have the right to request the correction of any inaccurate or incomplete personal data we hold about you.
  • Right to Erasure: You have the right to request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal and regulatory retention obligations.
  • Right to Restriction of Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to transfer it to another data controller where technically feasible.
  • Right to Object: You have the right to object to the processing of your personal data where it is based on our legitimate interests or for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing carried out prior to withdrawal.

To exercise any of these rights, please submit a written request to our Data Protection Officer using the contact details in Section 14. We will respond to your request within 30 days in accordance with applicable law. We may need to verify your identity before processing your request.

12. Children's Privacy

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from minors. If you are a parent or guardian and believe that your child has provided us with personal information, please contact us immediately and we will take prompt steps to delete such data from our records.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you through the platform or by email prior to the changes taking effect. The updated Privacy Policy will always be available on our website with the date of the most recent revision.

We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your personal data. Your continued use of our services following any updates constitutes your acceptance of the revised Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the way we handle your personal data, please contact us through the following channels:

  • Data Protection Officer (DPO): info@atlasmarketexchange.com
  • General Support: info@atlasmarketexchange.com
  • Client Support: Available through the Platform's live chat and help centre.
  • Registered Address: Atlas Market Exchange, Hong Kong.

If you are not satisfied with our response, you have the right to lodge a complaint with your local data protection supervisory authority or the relevant regulatory body in your jurisdiction.