PRIVACY POLICY

INTRODUCTION

CM Index LTD (hereinafter the “Company” or “we”) which is a member of the CM group of companies:-

 

CM Index LTD of Belize Companies & Corporate Affairs Registry (BCCAR | Update Soon):

Is incorporated under the laws of Belize having its registered office at (Update Soon). The Company is authorized as an International Business Company under the Act that is amended on 28 July 2022, a new Belize Companies Act 2022 was adopted and published in Belize as part of the modernization of company law and the business registration system. It covers the rules for establishing and administering companies in Belize, taking into account all the innovations of recent years and international standards in this area. The Act replaces the company laws that have been in force so far, namely the Companies Act governing local companies and the International Business Companies Act (IBC Act), which allowed the creation of international (offshore) companies in Belize.

 

CM Index LTD of Mwali International Services Authority (MISA | Update Soon):

Is incorporated under the laws of Mwali having its registered office at (Update Soon). The Company is authorized as an International Brokerage Company under the Government of Mwali whom adopted a new and modern legislation for incorporation of companies, including regulated financial entities. This pioneering legislation was known as Mwali Services Law 1998, and was amended 2001. Further articles 36-38 of the Constitution of Mwali speak in more detail to the public and private patrimony of the island, of which the M.I.S.A. forms a part. Finally, the transitory provision in Article 63 confirms the continued authority of the Mwali International Services Authority institution that existed by law prior to the adoption of the Constitution, having been created by Assembly decree at September 1999, and until today, is the only Authority for the autonomous territory of Moheli (Mwali), responsible for financial services and licensing. In 2013 government adopted amendments to the law relating to the licensing of banking and other activities.

 

CM Index LTD of Financial Services Authority of Saint Vincent & The Grenadines (FSA SVG | BC 26493 BC 2021):

Is incorporated under the laws of Saint Vincent and the Grenadines having its registered office at Suite 305, Griffith Corporate Centre, P.O. Box 1510, Beachmont, Kingstown, Saint Vincent, and the Grenadines. The Company is authorized as an International Business Company under the International Business Companies (Amendment and Consolidation) Act, Chapter 149 of the Revised Laws of Saint Vincent and Grenadines, 2009. 

 

This privacy statement covers the website www.cmindexltd.com and all its related subdomains and mobile applications that are registered and operated by CM Index LTD. The Company by the provisions of the Law outlines in the Privacy Policy (herein the “Policy”) how the Company collects, maintains, uses, and discloses personal information of the Client. This Policy applies to CM Index LTD which shall follow the principles as outlined herein.

This Policy applies to existing clients, prospective clients, and clients who have terminated their contractual relationship with the Company and website visitors (hereinafter jointly referred to as the “Clients” or “you”) who are accessing or using the Company’s website(s), systems & technology (hereinafter referred to as the “Systems & Technology”). The Company is committed to protecting the privacy of all Clients ‘Personal Data which it processes by the provisions of this Policy and the Company’s Terms of Business. For this Policy, references to “Personal Data” shall mean data that identifies or may identify Clients and which may include, for example, a Client’s name, address, identification number, telephone number, and date of birth.

COLLECTION OF PERSONAL

The Company collects different types of Personal Data through the Company’s Systems & Technology from Clients who visit such Systems & Technology or access, use, or request products and services offered by the Company. The provision of certain Personal Data is required for establishing a contractual relationship with the Company. Clients not wishing to provide such Personal Data will not be able to become a client with the Company or be provided with other products and/or services of the Company. Clients have a responsibility to ensure that the Personal Data, they provide to the Company and recorded in their information remains accurate and up to date throughout their contractual relationship with the Company. In addition to the information provided by Clients, the Company also lawfully collects and processes Personal Data from publicly available sources (including, inter alia, the press, social media, and the internet) and third-party risk management software solutions to meet its regulatory obligations and for confirming the validity of the provided information.

  • The Personal Data received from the Client, collected and processed by the Company are required for communication, identification, verification, and assessment of the business relationship established with the Client, contract performance, and legal compliance. The following Personal Data may be collected from Clients depending on the product and/or service the Company provides to them:

(a) Contact details such as the Client’s name, email address, and phone number. 

(b) Identification details such as the Client’s identification or passport number. 

(c) Biographical and demographic data such as gender, age, ethnicity, education, occupation, the Client’s experience, and whether he has a prominent public function status (PEP). 

(d) Information such as the Client’s income status, bank account number, and account details, tax information, and other information. 

(e) Information relevant to the services that the Company provides to the Client such as the Client’s transactions and communication records with the Company. 

(f) Details of visitors’ and Clients’ visits to the Company’s website and information collected through cookies and other tracking technologies including IP address and domain name, browser version, operating system, and geolocation. 

(g) Information about criminal convictions and offenses to the extent required and/or permitted by applicable law. 

(h) Information about the client’s mobile device Call log with the permission of the client. 

(i) Your marketing preferences.

  •  

NO CHILDREN OR ELDERLY DATA COLLECTION

  • The Company understands the importance of protecting children’s privacy. The Company’s services are not intended for children under eighteen (18) years of age nor is the Company’s website designed for use by children. Therefore, the Company does not knowingly or specifically collect children’s data. If the Company collects such data mistakenly or unintentionally, the company shall delete the information at the earliest possible once it obtains knowledge thereof. If the Client becomes aware of such data collection, he/she shall notify the Company at support@cmindexltd.com. The Company understands the importance of protecting the elderly’s privacy. The Company’s services are not intended for the elderly above sixty-five (65) years of age nor are the Company’s website designed for use by the elderly. Therefore, the Company does not knowingly or specifically collect elderly’s data. If the Company collects such data mistakenly or unintentionally, the Company shall delete the information at the earliest possible once it obtains knowledge thereof. If the Client becomes aware of such data collection, he/she shall notify the Company at support@cmindexltd.com.
  •  

USE OF PERSONAL DATA

  • The Company collects and processes Personal Data that is required for the evaluation, establishment, and maintenance of the contractual relationship between the Company and the Client and to comply with the Policy and applicable laws and regulations governing the provision of services. In In some cases, the Company may also process the Client’s Personal Data to pursue its legitimate interests or those of third parties provided that the Client’s interests and fundamental rights are not overridden by those of the Company or the third party.
  •  
  • (a) Where the Company needs to perform the contract, it has entered with the Client or to take certain steps before entering into a contract with the Client Processing is necessary for the Company to provide the Client with its products and services, and more specifically in order:

    • To verify the Client’s identity and carry out any required credit checks; 

    • To ensure that the Client meets the suitability requirements to use the Company’s products and services; 

    • To manage the Systems & Technology the Client holds with the Company; 

    • To process the Client’s transactions, and 

    • To send to the Client any information about transactions/post-transactions services. If the Client does not provide the requested Personal Data, the Company may be unable to offer the client its products and/or services

  •  

  • (b) Where the Company needs to comply with a legal obligation the Company is required to comply with certain legal and regulatory obligations which may involve the processing of Personal Data. Such obligations and requirements impose on the Company’s necessary data processing activities for identifying verifications, compliance with court orders, tax law or other reporting obligations, and anti-money laundering controls.

  •  

  • (c) Where the Company has legitimate interests to use the Client’s Personal Data More specifically, the Company may process the Personal Data for the following purposes:

  • • To develop or enhance its products and services;

    • To enhance the security of the Company’s network and information systems;

    • To identify, prevent and investigate fraud and other unlawful activities, unauthorized transactions, and other liabilities and manage risk exposure;

    • To maintain its Systems & Technology and records;

    • To manage its business operations and comply with internal policies and procedures;

    • To defend, investigate or prosecute legal claims;

    • To receive professional advice (such as legal advice), and 

    • For the analysis of statistical data which helps the Company in providing its clients with better products and services in the future. 

  • It should be noted that the Company anonymizes and aggregate such data so that they do not directly or indirectly reveal the Clients’ identities. The Company may provide this statistical data to third parties(as described in more detail in Section 8) solely for statistical purposes and to improve the Company’s marketing campaign.


  • (d) Where the Client has given his consent:

  • • The Company will ask for the Client’s consent when the Company wishes to provide marketing information to its Clients about its products or services that may be of interest to the Client.
    • The Company will ask for Clients’ permission to access their mobile device call log for the sole purpose of completing the phone number verification process. The Client may withdraw such consent at any time. This right doesn’t affect the lawfulness of the processing that was based on that consent before its withdrawal.

  •  

  •  

COOKIES

  •  A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. The Company uses cookies on its website(s). The company does link the information that it stores in cookies to any Personal Data the Client submits while accessing the Company’s website(s). The Company uses both session ID cookies and persistent cookies. A session ID cookie does not expire when the Client closes his browser. A persistent cookie remains on the Client’s hard drive for an extended period. The Client can remove persistent cookies by following the directions provided in his Internet browser’s “help” file. The Company sets a persistent cookie for statistical purposes. Persistent cookies also enable the Company to track and target the location and the interests of its users and to enhance the experience of its services on the Company’s website(s). If the Client rejects cookies, he may still use the Company’s website(s), but the Client will not be able to use the client area and submit his online application form. Some of the Company’s business partners use cookies on the Company’s website(s). The company has no access to or control over these cookies.

    •  

    • Cookies Analysis:

      • Below we provide the details of the cookies used and the options for further reading and opt-out: 

        CM Index LTD persistent and session cookies are used to support our visitors’ and clients’ browsing experience:

        • Required: To enable the core functionality for the website and user accessibility. Functional To maintain the user’s authentication and personalization functions through our websites and client’s area. To serve users with the appropriate content and resources based on their preferences.

          Analytical: To track users’ visits to our websites, identify their preferences and collect 5 online behavioral data for analysis and optimization.

          Third-Party Cookies: Cookies by third-party providers are used on our websites to enable tools and services to our visitors and clients and support our internal analysis and marketing activities. The Company has no access to, or control over these cookies therefore will not be liable for misuse or loss of Personal Data resulting from cookies on the Company’s website(s) that the Company does not have access to or control over.

          • The Client or visitor of the Company’s website acknowledges that he can control and manage the above cookies through his web browser security and privacy settings. If you’d like to learn more about cookies as well as how to manage and delete them, visit: www.allaboutcookies.org.

          •  

LINK TO OTHER WEBSITES

          • The Company’s website contains or may contain links to other websites or social media platforms of interest. However, once you have used these links to leave the Company’s website, you should note that the Company does not have any control over those other websites. Therefore, the Company cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, and such sites are not governed by this Policy. You should exercise caution and look at the privacy statement applicable to the website in question. The Company will not be liable for the unlawful or unauthorized use of the Client’s Personal Data due to misuse and/or malicious use and/or negligence and/or misplacement of the Client’s passwords either by him/her or any third party.

CLIENT RECORDS RETENTION PERIODS

Under the applicable laws and regulations, the Company is required to keep records containing Client Personal Data, information,  registration documents, communications, and anything else which relates to the Client after the execution of each transaction and/or for 6 (six) years of the termination of the business relationship

SHARING & DISCLOSURE OF PERSONAL DATA

In the course of the performance of the Company’s contractual and statutory obligations, the Client’s Personal Data may be disclosed to third parties. Most such third parties enter into contractual arrangements with the Company by which they observe data protection and confidentiality. Under the circumstances referred to above, recipients of Personal Data may be, for example:

  • (a) third-party payment service providers who help the Company provide its clients with the services of secure payment;
    (b) other service providers that the Company
    has chosen to support it in the effective provision of its products and services by offering technological expertise, solutions, and support;
    (c) governmental and regulatory bodies, including law enforcement authorities and FSB, in connection with inquiries, proceedings or investigations by such parties or to enable the Company to comply with its legal and regulatory requirements;
    (d) credit reference and fraud prevention agencies, third-party authentication service providers, and other institutions for credit checking, fraud prevention, and anti-money laundering controls;
    (e) third-party service providers for the provision of the required customer support services through live chat and the Company’s website visits and traffic monitoring through cookies; (f) external consultants including legal and tax consultants;
    (g) data reporting service providers;
    (h) market research companies and call centers; and
    (i) affiliates of the Company;
  • By the recommendations of the Payment Card Industry Security Standards Council, customer card details are protected using Transport Layer
    encryption — TLS 1.2 and application layer with algorithm AES and key length 256 bit. The Company does not collect, store, or process any personal credit or debit card information. All payment transactions are processed through payment service providers.
  •  

PERSONAL DATA RIGHTS

  • Clients have the following rights about their Personal Data:
  • (a) Right of access: The Client has the right to be informed whether the Company is processing his/her Personal Data and if so, to provide the Client with a copy of that Personal Data.
    (b) Right to rectification: The Client is entitled to request that the Company correct or complete his/her Personal Data if it is inaccurate or incomplete.
    (c) Right to erasure: This enables the Client to ask the Company to erase or remove the Client’s Personal Data under certain circumstances, such as when the Client withdraws his consent.

    (d) Right to restrict processing: This enables the Client to ask the Company to restrict the processing of the Client’s Personal Data if:

  • • it is not accurate;
    • it has been used unlawfully but the Client doesn’t want it to be deleted;
    • it is not relevant anymore, but the Client wants the Company to keep it for use in possible legal claims;
    • the Client has already asked the Company to stop using his Personal Data but he is waiting for the Company to confirm if it has legitimate grounds to use such Personal Data

  • (e) Right to data portability: The Client has the right to obtain his/her Personal Data provided to the Company in a structured, commonly used, and machine-readable format

  • (f) Right to object: The Client may ask the Company at any time to stop processing his/her Personal Data, and the Company will do so

  • • If the Company is relying on a legitimate interest to process the Client’s Personal Data and the Company cannot demonstrate compelling legitimate grounds for the processing, 

    • If the Company is processing the Client’s Personal Data for direct marketing

  • (g) Rights of automated decision-making and profiling: The Client has the right to be free from decisions based solely on automated processing of his/her Personal Data, including profiling, that affect him/her, unless such profiling is necessary for entering into, or the performance of, a contract between Client and the Company or the Client provides explicit consent.

    (h) Right to withdraw consent: If the Company relies on the Client’s consent to process his/her Personal Data, the Client has the right to withdraw that consent at any time. This will not affect the lawfulness of the processing that took place based on the Client’s prior consent.

    (i) Right to complain about the data protection authority: If the Client has a concern about the Company’s privacy practices, including how the Company handled his/her Personal Data, the Client can report it to the relevant data protection authority. To exercise any of the above rights, the Client may contact the Company at support@cmindexltd.com.

  •  

AUTOMATED DECISION MAKING & PROFILING

  • When you make an application to become a client we will use systems to make an automated assessment of your knowledge and experience through the evaluation of an appropriateness test. Based on the results of such a test will then assign the appropriate assesment. In such cases, you have the right to contact us to:
  •  
  • (a) give you information about the processing of your data (please also see Section 11 of this Policy about your rights); and/or
  • (b) request that one of our employees examines your application and obtain an explanation for the automated decision reached. You also have the right to challenge such a decision. Following such a request, we will reassess your application, taking into consideration both the reasons that a particular automated decision was reached as well as your point of view.
  •  

CONFIDENTIALLY & SECURITY OF PERSONAL DATA

  • Personal Data which the Company holds is to be treated by the Company as confidential and will not be used for any purpose other than those specified in this Policy. Any Personal Data that the Client provides to the Company will be treated as confidential and shared only with the parties set out in Section 8 of this Policy. Such Personal Data will not be disclosed to any other third party except if such disclosure is required under any regulatory or legal proceedings. The Personal Data that the Client provides in connection with registering as a user of the
    website(s) or for the Services is classified as Registration Information. The Company offers high protection for the Registration Information provided by the Client. The Client can access his Registration Information through a password selected by him which is encrypted and known only to the Client. The Client must be careful and protect his password from any third parties.

    •  

    • Registration Information is safely stored on secure servers that only authorized personnel has access to via password. The Company encrypts all Personal Data as it is transferred to the Company and thus makes all necessary efforts to prevent unauthorized parties from viewing any such information. Personal Data provided to the Company that is not Registration Information also resides on secure servers and is again accessible only to authorized personnel via password. This information is not accessible by the Client; therefore, no password is provided to view or modify this information

          •  

AMENDMENTS TO THIS POLICY

          • The Company reserves the right to review and amend this Policy from time to time for any reason and notify the Clients of any such amendments accordingly by posting an updated version of this Policy on the Company’s website(s). The Company will notify you about any material changes to this Policy by placing a notice on its website or by communicating with you directly. The Client is responsible for regularly reviewing the Policy and any amendments thereof.

          •  

ENQUIRIES & CONTACT DETAILS

          • For any general inquiries regarding this Policy please contact the Company by emailing the Customer Support Department at support@cmindexltd.com. For any requests regarding personal data rights, as set out in Section 11 of this Policy, or questions about how the Company processes Client’s Personal Data, please contact us at support@cmindexltd.com

error: Content is protected !!