White Bridge Asset Management d.o.o., Šet. P. Preradovića 3, Osijek Šet. P. Preradovića 3, Osijek is a fund management company. We are committed to protecting and respecting your privacy, as well as to safeguarding your personal data.
We have incorporated firm security measures to ensure the protection of your personal data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
Data collection and use
We collect the Personal Data which you provide directly to us or which we generate when you contact us through our website, or corresponding with us by phone, email or any other medium.This may include:
- Contact information, such as full name, home address and email address, date and place of birth, mobile phone number;
- Financial information, such as bank account numbers, bank statement and trading information;
- Identity verification information, such as images of your government-issued ID, passport, national ID card or driving licence;
- Residence verification information, such as utility bill details or similar information;
- Information regarding the way in which you use our Services, such as when you used our Services, and the specific Services used;
- Information relating to communications with us, whether through our website or via email, over the phone or via any other medium.
Furthermore, we may collect and process Personal Data that you voluntarily and with your consent give to White Bridge Asset Management in our website’s forms, such as when you sign up for information and newsletters. Each time you use our Services or access our website, we may automatically collect information which will help us with website analytics and improvement of user experience as well as our services.This information may include:
- Computer or mobile device information, including IP address, operating system, network system, browser type and settings;
- Website usage information.
Some Personal Data may be collected from third parties who provide services to you or us, credit reference, fraud prevention, government agencies,and other financial institutions (where permitted by law), such as:
- Reputational information;
- Financial information;
- Business activities of corporate customers.
Our Services may also include integrated content or links to content provided by third parties (such as live chat, social media content, plug-ins and applications). Additional third parties may include our affiliated entities.
For specific and limited purposes, such as detecting and preventing financial crime or to make our services accessible to investors, we may also process certain special data categories. We will only process them where we’ve obtained your explicit consent or are otherwise lawfully permitted to do so. This may include biometric information, relating to the physiological, physical, or behavioural characteristics of a person, including facial or fingerprint recognition or similar technologies for money laundering and fraud prevention.
Purpose of processing Personal Data
The information we collect and use are for the following purposes below:
- Verification of your identity in accordance with applicable know-your-customer, money-laundering and other financial sector legislation or regulations;
- Communication and establishment of a responsible commercial relationship with you;
- Customized content by understanding your needs and your eligibility for products and services;
- Information to you about new products and services;
- Information to you about changes and enhancements to our Site;
- Showing ads on other websites to you
- Processing billing and collection of any fees;
- Delivery of products and services to you;
- Survey conduct and get feedback from you;
- Monitor and improvement of our Site;
- Compliance with our legal or regulatory obligations
Legal bases for processing your Personal Data
Legal basis for processing your Personal Data may be one of the following:Legal obligations
- We are subject to a number of legal obligations due to which we have to collect and store your Personal Data (Laws on the Prevention of Money Laundering and Terrorist Financing).
- To verify your identity in relation to accepting you as our client, we may include third parties carrying out credit or identity checks on our behalf.
- For monitoring and improving our website and services, we may collect and use your Personal Data, pursued by us or by a third party. There are various commercial or business reasons to use your Personal Data, such as system security, crime prevention, assets security, development of products and services, aml or risk management.
- We may need to use Personal Data collected from you to investigate issues or to settle disputes with you because it is our legitimate interest to ensure that issues and disputes get investigated and resolved in a timely and efficient manner.
- We may need to use your Personal Data to comply with any applicable laws and regulations, subpoenas, court orders or other judicial processes, or requirements of any applicable regulatory authority. We do this not only to comply with our legal obligations but because it may also be in our legitimate interest to do so.
- Our website pages and emails may contain certain types of data analysis tools that allow us to track receipt of correspondence and count the number of users that have visited our webpage or opened our correspondence. We may aggregate your personal information with the personal information of our other clients on an anonymous basis (that is, with your personal identifiers removed), so that more rigorous statistical analysis of general patterns may lead us to providing better products and services. If your personal information is completely anonymised, we do not require a legal basis as the information will no longer constitute personal information. If your personal information is not in an anonymised form, it is in our legitimate interest to continually evaluate that personal information to ensure that the products and services we provide are relevant to the market.
- We may need to process your personal information for internal business and research purposes as well as for record keeping purposes. Such processing is in our own legitimate interests and is required in order to comply with our legal obligations. This may include any communications that we have with you in relation to the products and services we provide to you and our relationship with you. We will also keep records to ensure that you comply with your contractual obligations pursuant to the agreement (‘Terms of Service”) governing our relationship with you.
- Where we process your sensitive Personal Data (sometimes known as special category personal data) to adhere to government regulations or guidance, such as our obligation to support you if you are or become a vulnerable customer.
- We may use your personal information to send you marketing communications by email or other agreed forms (including social media campaigns), to ensure you are always kept up-to-date with our latest products and services. If we send you marketing communications we will do so based on your consent and registered marketing preferences.
- Often the law requires us to advise you of certain changes to products or services or laws. We may need to inform you of changes to the terms or the features of our products or services. We need to process your personal information to send you these legal notifications. You will continue to receive this information from us even if you choose not to receive direct marketing information from us.
Security of information
Security and confidentiality of your Personal Data is of the utmost importance to us. To ensure it, we use a variety of security measures:
- Only authorized staff are permitted access to your Personal Information and are required to treat the information as highly confidential;
- Staff data protection and information security trainings;
- Password protected directories and databases;
- Security and data protection policies and procedures;
- Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely;
- Vulnerability Scanning to actively protect our servers from hackers and other vulnerabilities;
- All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database;
- Constant security review and improvement;
- Other measures to mitigate risks identified during the risk assessment process.
However, it is important to notice that we cannot guarantee the absolute security of your information. Moreover, we are not responsible for the security of information you transmit to us over networks that we do not control, including the internet and wireless networks.
Your information may be shared to third parties and legal and regulatory authorities only where it is necessary for us to lawfully carry out our business activities, such as:
- With your consent or at your request;
- When required to do so pursuant to any applicable law, regulations or rules;
- Where required to provide services to you;
- To protect the rights, property, or safety of us, our clients, or others;
- With other financial institutions regarding a misdirect payment or financial crime;
- With third parties providing services to us, such as market analysis, correspondent banks, fraud prevention agencies and other agents acting on our behalf;
- If our legitimate business interests require disclosure;
Transferring your information
All data you provide to us is stored on our secure servers. Where we transfer our data outside of the EEA (European Economic Area), we ensure that adequate safeguards are in place. Your personal data is processed in the EEA but may be transferred worldwide, due to some of our third-party service providers who are engaged on our behalf. Personal Data and other data may therefore be exported outside of the jurisdiction in which you reside. Your Personal Data may be processed and stored in a foreign country or countries. Under those circumstances, the governments, courts, law enforcement, or regulatory agencies of that country or those countries may be able to obtain access to your Personal Data through foreign laws. You need to be aware that the privacy standards of those countries may be lower than those of the jurisdiction in which you reside. We will always make sure that any transfer of your Personal Data is lawful and that Data Processors in third countries are obliged to comply with the European Union (EU) General Data Protection Act 2016 and the UK Data Protection Act 2018.
We have set policies and procedures for data retention in order to retain any personal information for no longer than required by applicable laws or regulations, for purposes for which it was obtained.
Retention periods for records are determined based on the type of record, the nature of the activity, product or service, the country and the applicable local legal or regulatory requirements.
When a client’s account is terminated or expired, we may need to maintain records for a significant period of time, as we are subject to certain anti-money laundering laws which require us to retain the following, for a period of 5 years after our business relationship with you has ended.
Retention periods may be changed from time to time (or waived where deemed low-risk) based on business or legal and regulatory requirements.
We will also delete your data at your request, unless we are obligated to maintain them to comply with our legal obligations. You can find out more about this by contacting us.
- You may verify, correct and update your Personal Data held by us. You may inform us at any time that your personal details have changed. In some cases we may need supporting documents from you as a proof i.e. personal information that we are required to keep for regulatory or other legal purposes. You may receive a copy of the Personal Data we hold on you.
- You may request the deletion of your Personal Information held by us. We may refuse a request for erasure if we still need you Personal Data for compliance with law. If we have disclosed your personal information to others, we will let them know about the erasure request where possible.
- You can ask us to suppress or block the processing of your personal information in certain circumstances. For example, you may want to establish the accuracy of your Personal Data or you don’t agree with the reason for processing it. If we have disclosed your personal information to others, we will let them know about the restriction of processing if possible.
- You may request the transfer of a certain part of your Personal Data to another party.
- You have the right to ask for reconsideration of any decision about you, that was based on an automated process, that affects your ability to access our products or services or has another significant effect on you, and requires human intervention.
- If we are processing your Personal Data based on a legitimate interest (or that of a third-party) you may challenge this. However, we may be entitled to continue processing your information based on our legitimate interests or where this is relevant to legal claims. You also have the right to object where we are processing your Personal Data for direct marketing purposes.
- You have a right to lodge a complaint with supervisory authority, to enforce your rights, as specified above.
Company news and updates, as well as relevant marketing information may be communicated to you. We shall only do this where you have given us your consent or otherwise where we are permitted to do so under law in pursuit of our legitimate interests such as, promoting our Services. We may also administer a contest, promotion or a survey.
If you do not wish to receive White Bridge Asset Management marketing material by any form of communication from us, you may unsubscribe at any time. Note that we can still contact you for activity updates, survey requests in respect of products and Services, respond to your inquiries or complaints, and similar communications, that we have provided to you after you have unsubscribed.
Latest update on: 15 April, 2021