Privacy and Data Protection Policy (GDPR)

INTRODUCTION

Lenno Limited respects the privacy of its customers and ensures the utmost protection of their personal data. The current Privacy Policy and personal data protection (hereinafter referred to as „Privacy Policy“) has been prepared and is based on the European legislation on data protection and enters into force as of 01.06.2019.

The present Privacy Policy regulates the processing of personal data of natural persons or representatives of legal entities of our clients or potential clients, as well as the users of our Web site: www.lenno.com („the Web site“), in relation to the services offered by all companies part of Lenno holding (hereinafter referred to as Lenno), including provided by and available on the Web site.

The present Privacy Policy, together with the “Cookies” Policy set the rules which Lenno Limited will comply with when processing the personal data, collected from you or about you, or which you provide.

Please, read this Policy carefully before using the Web site or providing your Personal data, regardless electronically, through the Web site or on paper, as with the provision of your Personal data you agree with its terms. If you do not wish your personal data to be processed in the way described herein, please do not provide them. The provision of your personal data is performed voluntarily in order to receive certain services provided by Lenno and using and accessing the Web site, as well as performing any other requests through the Web site. Please keep in mind that Lenno will not be able to provide you with the services you have asked for if you do not provide the necessary information. Please also take in mind that in some particular cases Your consent for the processing of personal data will not be required, if Lenno has a different legal basis, for example, the fulfillment of legal obligations.

WHO PROCESSES YOUR PERSONAL INFORMATION AND WHO IS LIABLE FOR IT

Lenno Limited is a company registered in England and Wales under number 12008730. You can contact us at:

Headquarters: 64 New Cavendish Street, London, United Kingdom, W1G 8TB; email: info [at] lenno.com; Personal data officer: email: privacy [at] lenno.com.

CATEGORIES OF PERSONAL DATA, PROCESSED BY LENNO

In the course of providing the requested services, Lenno Limited may process the publicly available personal data, personal data available to Lenno Limited in the exercise of its legal rights and obligations and / or personal data provided by you, either directly or through one of the companies part of Lenno holding. The main types of personal data processed are:

•    Personal identification information (name, middle and family name, PIN, date of birth, place of birth, citizenship, sex, identification document number);
•    Contact details (including permanent address, address for correspondence, different from the permanent address, your telephone number or a number of a contact person, email address and others);
•    Data on employment, occupation / position, work experience, education, previous employment, skills, qualifications, and others;
•    Marital status information;
•    Financial information (bank accounts, sources and amount of income, usual expenses (i.e. rent, utility, property tax and other expenses);
•    Data on real rights status (tangibles and real estate);
•    Information about the representative (legal representative or a proxy) of our client;
•    Data on indebtedness to natural or legal persons (such as names, PIN, etc.) and details of liabilities of the same (size, currency, repayment term, overdue, etc.);
•    Data on collateral of liabilities (including foreign ones) to banks and other persons (type, secured receivable, debt arrears);
•    Data on initiated enforcement proceedings and insolvency or liquidation procedures;
•    Information regarding experience and knowledge about investments (history relating to the trading of financial instruments, the nature and volume of orders and etc.);
•    Information regarding the investment objective;
•    Information according to FATCA;
•    Data related to health status.


In order to ensure the proper performance of services and obligations arising from contracts with Lenno holding companies, Lenno Limited has the right to process any information that is available in public registers and registers to which Lenno has access.

OBJECTIVES AND LEGAL BASIS FOR PROCESSING PERSONAL DATA

Lenno Limited processes your data for the purpose of administering the Web site and other methods of remote provision and provision of services by Lenno. Lenno Limited processes your data for the purpose of remote provision and provision of services by the Lenno holding companies and under the Privacy Policy of each company within the holding whose services you use. The privacy policies of each Lenno company's personal data are available on the Company's Web site or offices.

In addition to the foregoing, and in fulfillment of its legal obligations, Lenno Limited processes your data for the following purposes:

•    For performing tax-insurance control of the competent authorities and determining the tax in the tax area;
•    Provision of information to the competent authorities in relation to GDPR 2016/679 of 27 April 2016 and other applicable regulations;
•    Obligations relating to the conduct of correct and lawful accounting;
•    Prevention of fraud and money laundering.


Lenno Limited processes the relevant data obtained with the explicit consent of the customer for their processing for the following purposes:

•    Direct marketing of products and services;
•    Other purposes when there is no other legal basis for the processing of personal data.

The processing is required for the purposes of the legitimate interests pursued by Lenno:

•    For the purpose of ensuring security and protection of all companies within Lenno holding and their visitors’ and employees’ property, interests and safety, Lenno Limited maintains video surveillance equipment;
•    Assessing the level of clients’ satisfaction, as well as the efficiency of the advertising target;
•    Ensuring the quality of client service (video recording and audio recording).


CATEGORIES OF THIRD PERSONS THAT MAY ACCESS AND PROCESS YOUR PERSONAL DATA

1.    Insurers with whom Lenno Limited or one of the Lenno holding companies has a contract as an Insurance Broker;

2.    Persons who, by assigning Lenno Limited or one of the Lenno holding companies, maintain equipment and software used for processing your personal data;

3.    Banks serving payments made by and to you;

4.    Persons to whom Lenno Limited has provided the execution of part of the service-specific activities or obligations that Lenno provides to you; Data processors who, on the basis of a Lenno Limited contract, process your personal data on behalf of Lenno Limited;

5.    Natural persons providing services in order to sign contract: notaries, lawyers, proxies;

6.    Natural persons providing consultancy services in different areas - lawyers, accountants, marketing agencies, recruitment agencies, etc.;

7.    Courts and other competent authorities, institutions and persons to whom we are obliged to provide personal data under applicable law;

8.    Security companies holding a license to perform private security activities processing the video recordings on the territory of Lenno’s offices and / or maintaining other registers in the course of ensuring the access regime in the same sites;

9.    All companies part of Lenno holding;

10.   Other third parties providing services to Lenno holding companies.


HOW LONG DO WE KEEP YOUR PERSONAL DATA?

The time period for keeping your personal data depends on the processing purposes for which the latter were collected:

1.    Personal data processed for the purpose of concluding/amending and executing contracts between Lenno and you or a company represented by you- within the contract period and as of the definitive settlement of all financial relations between the parties. Lenno Limited may keep part of your personal data for a longer period of time until the expiration of the applicable limitation period in order to be protected from any customer claims regarding performance / termination of contracts as well as in case of a legal dispute that has been already arisen until its final settlement by a court / arbitration adjudication that has entered into force.

2.   Personal data processed for the purpose of issuing accounting / financial documents for the implementation of tax and social security regulations including, but not limited to - invoices, debit notes, credit notes, handover protocols, contracts for provision of service/goods, shall be kept not less than 11 years as from expiry of the limitation period for extinguishment of the respective public claim, unless the applicable law provides for a longer period.

3.    Personal data processed for the purpose of direct marketing - to the explicit withdrawal of the given direct marketing consent or receipt of an objection to the processing of personal data for the purpose of direct marketing.

4.    Video surveillance data from security cameras - up to 100 days as from recording creation. Phone calls shall be kept for up to 5 years from the call.

5.    Personal data obtained for the purpose of concluding insurance contracts, including health condition data, shall be kept within the term of the insurance contract.


6.    Personal data processed for the purpose of preventing fraud and money laundering shall be kept for a period of 5 years after the final settlement of all financial relations between the parties under Art. 67 of the LMML.

7.    Personal data processed for the purpose of analyzing and evaluating job applications shall be retained for a period of 1 year after application or until the applicant has explicitly withdrawn the consent.


YOUR RIGHTS IN RELATION TO THE PROCESSING OF YOUR PERSONAL DATA

1.    General rights

You have the following rights described below, related to the processing of personal data, which you may exercise at any time while Lenno keep or process your personal data by sending a request to the address of the Lenno Limited referred to above or electronically by e-mail: privacy@lenno.com.

Any client is entitled to access his/her personal data collected by Lenno upon written request. Lenno Limited shall be obliged to grant access solely to the data concerning the respective client, where personal data of third persons may be disclosed in the course of exercising the rights described above. Upon exercising his/her right of access, any customer of Lenno Limited shall be entitled at any time to request:


•    Confirmation of whether his/her personal data are being processed, information for the purposes of such processing, categories of personal data, and recipients or categories of recipients to whom personal data are disclosed;
•    To be notified in writing in a plain form and the notification shall contain his or her personal data that are being processed, as well as any available information about their source;
•    Information about the logic of any automated processing of personal data.


Any client shall be entitled, at any time, to request from Lenno Limited to:

•    Erase, rectify or block his/her personal data, the processing of which does not comply with the applicable legislation;
•    Notify any third persons to whom personal data have been disclosed of any erasure, rectification or blocking carried out in accordance with the preceding paragraph unless a notification is impossible or involves excessive effort.

Any client in relation to his/her personal data, shall be entitled:

•    To object before Lenno Limited the processing of his or her personal data in the presence of a legal basis for this; where the objection is justified, the personal data of the customer concerned can no longer be processed;
•    To object the processing of his or her personal data for the purpose of direct marketing;
•    To be notified prior to the first disclosure of his or her personal data to third persons or prior to their use for the purpose of direct marketing, as the respective client shall be entitled to object such personal data disclosure or use.

2.    You have the right to a complaint before a supervisory authority

You have the right to submit a complaint directly to the supervisory authority, i.e. The Information Commissioner's Office, having its seat address at: Wycliffe House Water Lane Wilmslow Cheshire SK9 5AF(https://ico.org.uk ).

In case you have any questions and / or complaints about the processing of your personal data and / or the exercise of the above rights, you can contact the Data Protection Officer (on the contacts detailed above).

3.    Profiling

Lenno Limited DOES NOT perform profiling, due to the fact that your personal data processing is not automated.

4.    Objection against direct marketing

You have the right to object to the future processing of your personal data for the purposes of direct marketing and advertising as well as to disclosure to third persons and personal data use on their behalf for the purposes of direct marketing and advertising by withdrawing your consent at any time. For this purpose, you may send an e-mail with the request to suspend the use of your personal data for the purpose of direct marketing, at: privacy@lenno.com.

5.    Can you refuse to provide personal data to Lenno Limited and what are the consequences of it?

In order to conclude a contract with you and / or to provide you with the requested services in accordance with the legal and respective contractual obligations, Lenno Limited or the respective company within the structure of the holding, certain data detailed in this Privacy Policy or the Privacy Policy of the company within the holding that provides you with the respective services.

Non-provision of such data may impede the ability for us to provide you with the type of service you have requested and / or to conclude a contract under the terms and conditions you require.


6.    Data portability

Any client of the companies within the structure Lenno holding may request his or her personal data to be transmitted or transferred to another personal data controller part or not part of the holding, which shall be performed in a structured, widely used and machine-readable format. In order to facilitate the workflow and reduce the engagement of its customers, the Lenno holding companies shall retain the right to transfer personal data for the purpose of providing new services within the holding and without the explicit request of the clients. The respective Lenno holding shall transfer the data directly if it is technically feasible.

HOW DO WE PROTECT YOUR DATA

Lenno Limited applies organizational, physical, IT and other required measures to ensure the security and protection of your personal data and the monitoring of the processing of personal data.

These security measures include, but not limited to, the following activities:

•    Lenno Limited has established the requirements for processing, registering and keeping personal data by implementing internal procedures, the observance of which is constantly supervised;
•    The access of Lenno Limited employees to personal data and permission to process personal data in the Lenno Limited database is limited, depending on their duties and obligations;
•    Lenno Limited has established confidentiality obligations for its employees;
•    Access to the office equipment of Lenno Limited and the computers of each employee is limited;
•    For maximum security when processing, transferring and keeping your personal data, we may use additional protection means such as encryption, pseudonymisation, etc.;
•    The security measures we apply are subject to constant improvement and adaptation to state-of-the-art technologies.


“COOKIES” POLICY

To learn more about the “Cookies” Policy, please visit the “Cookies” Policy page

CLIENT’S CONSENT

By applying for a service and/or using the Web site, the client and/or the user of the Web site agrees upon collecting and using public and/or non-public information and personal data by Lenno, as it is provided for in the present Privacy Policy.

PRIVACY POLICY AMENDMENTS

We may periodically update our Privacy Policy. Upon a change in the current policy, a notification shall be posted on our Website as well as the updated Privacy Policy. All amendments and addendums to the Privacy Policy shall be applied solely after publishing the actual content available through our Web site.

Trade Responsibly: CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 79.17% of retail investor accounts lose money when trading CFDs with this provider. You should consider whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.