Privacy Policy

Point Nine (“P9”) is entrusted with personal data and is dedicated to protecting the confidentiality and privacy of any such data, and for this reason, P9 has implemented and maintains policies relevant to the appropriate use, processing and storing of the personal data.

The present Privacy Notice (“the Privacy Notice”) aims at informing our Clients or other Individuals which entrust us with their personal data as to our relevant policies which are part of our overall Policy on Data Protection Security and Confidentiality Policy. Please review this Privacy Notice to learn more about how we collect, use, share and protect the personal information we obtain.

Who is Point Nine

P9 offers middle and back office services to financial institutions. P9’s operations team, combined with its proprietary developed web-based operations platform, helps its Clients to complement their existing middle and back office operations or even become their complete one-stop middle and back office solution.

P9 helps its Clients achieve their vision of operational excellence by reducing their operational risks and increasing their operating efficiencies and cost savings.

P9’s Clients use its technology platform and its services for trade capturing and storing (books and records) and to support all the operational and reporting requirements of all transactions throughout their life cycle.

P9’s middle and back office support takes over the minute the Client has executed a trade, and manages a part of, or it’s whole life cycle including regulatory reporting.

P9 offers to its Clients any subset/combination, or the complete package of its services.

Scope of Notice

This Privacy Notice is relevant to all aspects of data protection including the protection and security of personal data (as defined by the General Data Protection Regulation (EU) 2016/679
(“GDPR”)) of Parties that are Individuals.

Data covered under this Data Protection, Security and Confidentiality Policy include:

  1. Information recorded electronically and/or by automated means;
  2. Information forming part of a filing system or intended to form part of a filing system as defined in the GDPR.

 

General Policy Statement

We will:

  1. Follow good practice;
  2. Protect your personal data;
  3. Respect your rights under the GDPR;
  4. Be open and honest in our communications with you with regards to your personal data;
  5. Ensure that we comply with all laws applicable from time to time in respect of personal data we hold;
  6. Respect the rights of Clients and Third Parties;
  7. Ensure that we comply with data protection, security and confidentiality clauses in the SLAs signed between us and our Clients; and,
  8. Provide training and support to our Members who handle any type of personal data, so that they can act confidently and consistently.

 

Policy Statement for Individuals

P9 recognises that its first priority under the GDPR is to avoid causing harm to individuals. In the main this means:

    1. keeping information securely in the right hands, provided that at least one of the following legal grounds of processing applies:
      • The Individuals have granted their consent to the processing of their personal data for specific purposes to be identified in advance
      • Processing is necessary for the performance of a contract to which the Individuals are party or in order to take steps at the request of the Individual prior to entering into a contract
      • Processing is necessary where P9 has a legal obligation
      • Processing is necessary to protect the Individual’s vital interests or of another natural person
      • Processing is necessary for the purpose of a legitimate interest pursued by P9, but we recognise that we shall not pursue any such legitimate interests if these are overridden by the Individuals interests or fundamental rights;
    2. Holding good quality information; and,
    3. Communicating with the Individuals in a concise, transparent, intelligible and easily accessible form, using clear and plain language, facilitating the Individuals’ rights to access, rectification and erasure, restriction of processing, data portability, objection to processing in general, and objection to automated processing, including profiling

 

Sensitive Personal Data

P9 does not collect any such data, and we shall not be asking you to provide any such data.

Personal Data relating to criminal convictions and offences

The GDPR provides that processing of personal data relating to criminal convictions and offences or related security measures, shall be carried out only under the control of official authority, unless otherwise prescribed by applicable laws which further provide for appropriate safeguards for the rights and freedoms of the Individuals. Furthermore, the GDPR provides that no comprehensive register of criminal convictions shall be kept.

Use of Personal Data

This information is used:

  • To maintain proper employment records for P9’s use;
  • To maintain salary records and to pay Members in accordance with P9’s obligations;
  • To comply with P9’s legal obligations relating to tax and money and other reporting and regulatory requirements;
  • To comply with P9’s legal obligations relating to employment;
  • To facilitate provision of our services where necessary.

Legal Grounds for Personal Data Processing

P9 is keeping information securely in the right hands, provided that at least one of the following legal grounds of processing applies:

  • The Individuals have granted their consent to the processing of their personal data for specific purposes to be identified in advance
  • Processing is necessary for the performance of a contract to which the Individuals are party or in order to take steps at the request of the Individual prior to entering into a contract
  • Processing is necessary where P9 has a legal obligation
  • Processing is necessary to protect the Individual’s vital interests or of another natural person
  • Processing is necessary for the purpose of a legitimate interest pursued by P9, but we recognise that we shall not pursue any such legitimate interests if these are overridden by the Individuals interests or fundamental rights;

Retention of Personal Data

We will keep personal data for the whole period during the duration of the P9 service agreement with our Client, unless otherwise agreed between the Client and P9 and unless as provided below.

In the event that legal proceedings or other investigations from a public office or a supervisory authority have commenced, we shall retain the personal data for such time until the date of resolution and/or completion of any such legal proceedings or investigations.

Then, we shall irreversibly destroy any such personal data we have in our possession.

Storage of Personal Data

All P9’s infrastructure operates within the EU. The data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area (EEA). The data may also be processed by staff operating outside of the EEA who work for P9 or for one of our sub-processors. Such staff may be engaged in, among other things, the fulfilment of your order, the processing of your payment details and the provision of support services. By submitting your data, you agree to this transfer, storing and/or processing.

We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with our Privacy Policy. We maintain reasonable security standards and procedures with a view to preventing unauthorized access to data by anyone, including our staff. We use technologies (e.g. data encryption, firewalls) to protect the security of data by following a risk-based approach. All P9 members, all our staff and third parties are required to observe our privacy standards and to allow us to audit them for compliance.

Sharing of Personal Data

P9 shall not share any information with unaffiliated third parties, except as necessary for P9’s legitimate professional and business needs, to carry out the Client’s requests, and/or as required or permitted by law or professional standards. These include:

  • Service providers: P9 works only with reputable partners and service providers to process personal information where required. P9 will only transfer personal information to them when they meet our standards on the processing of data and security. We only share personal information that allows them to provide their services.
  • Reorganized or sold to another organization: P9 may also disclose personal information in connection with the sale, assignment, or other transfer of the business of the site to which the data relates;
  • Courts, law enforcement or regulatory bodies: P9 is subject to the law like everyone else. P9 may be required to give information to legal authorities if they so request or if they have the proper authorisation such as a search warrant or court order.
  • Audits: disclosures of personal information may also be needed for data privacy or security audits and/or to investigate or respond to a complaint or security threat.

In addition, P9 may transfer certain personal information outside of the EEA to outside companies working with us or on our behalf for the purposes described in this Privacy Notice (e.g. in order to provide you with products or services you requested, or due to public or legal duty to do so). If we do this your personal information will continue to be protected by means of contracts we have in place with those organizations outside the EEA, in line with the European Commission requirements. P9 will not transfer the personal information you provide to any third parties for their own direct marketing use.

Automatic Collection Cookies & IP Addresses

P9 or a designated service provider may use “cookies” or similar electronic tools to collect information for user-identification purposes only. A cookie is a small text file that is placed on your computer and is used to identify your browser but not you. You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies. We shall not use any of the information collected for any commercial purposes or the compilation of statistical data on your browsing actions and patterns.
Cookies may be placed on your computer or internet-enabled device whenever you visit P9 online. This allows the site to remember your computer or device. Usually, a notification banner will appear requiring your consent to collect cookies. If you do not provide consent, your computer or internet-enabled device will not be tracked. A secondary type of cookie referred to as “user-input” cookies may still be required for necessary functionality. Such cookies will not be blocked through the use of this notification banner. Your selection will be saved in a cookie and is valid for a short period (e.g. 30 days). If you wish to revoke your selection, you may do so by clearing your browser’s cookies.

Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings (often found in your browser’s Tools or Preferences menu). You may also delete cookies from your device at any time.

BY NAVIGATING ON OUR WEB SITES OR ENTERING YOUR LOGIN DETAILS TO ACCESS AREAS RESERVED FOR REGISTERED USERS, YOU SHALL BE ASKED TO AGREE THAT WE CAN PLACE THESE COOKIES ON YOUR COMPUTER OR INTERNET ENABLED DEVICE.

An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognize and communicate with one another. IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis.

Your Rights as Data Subject

P9 may ask for your permission for certain uses of your personal information, and you can agree to or decline those uses.
As described in “Cookies” above, if you wish to prevent cookies from tracking you as you navigate our sites, you can reset your browser to refuse all cookies or to indicate when a cookie is being sent. Note, however, that some portions of our sites may not work properly if you elect to refuse cookies.
In general, if you have submitted personal information to P9, you have the following rights:

  • The right to access information about you and to obtain information about how it is processed.
  • The right to request that your information is corrected if it is inaccurate or incomplete.
  • The right to request that your information is erased (depending on the circumstances and agreements in place). We may continue to retain your information if another legitimate reason for doing so exists.
  • The right to object to, and to request that we restrict, our processing of your information (depending on the circumstances and agreements in place). We may continue to process your information if another legitimate reason for doing so exists.
  • The right to withdraw your consent to our processing of your information (depending on the circumstances and agreements in place). We may continue to process your information if another legitimate reason for doing so exists.
  • The right to receive certain information you have provided to us in an electronic format and/or request that it is transmitted to a third party.
  • The right to ask us not to process your personal data for marketing purposes. Prior to collecting data, we will usually inform you if we intend to use your data for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your data.

You can exercise your rights by contacting us using the details set out in the “Questions and Enforcement” section. We will make all reasonable and practical efforts to comply with your request, if it is consistent with applicable law and professional standards.

Security Measures

P9 has reasonable security policies and procedures in place to protect personal information from unauthorized loss, misuse, alteration, or destruction. Despite P9’s best efforts, however, security cannot be absolutely guaranteed against all threats. To the best of our ability, access to your personal information is limited to those who have a need to know. Those individuals who have access to the data are required to maintain the confidentiality of such information. A series of technology and Cyber Security platforms and solutions are utilized to protect data within the P9 environment including, but not limited to perimeter security mechanisms, end point security mechanisms, encryption, etc.

Your Responsibilities

P9 is committed to protecting the online privacy of your personal information. If you have questions or comments about our administration of your personal information, please contact Maria Chatzipanagiotou via e-mail at maria.chatzipanagiotou@p9ft.com or at +357 25 752993. You may also use this contact information to communicate any concerns you may have regarding compliance with our Privacy Notice.

Notices

Any notice (“Notice”) required to be given under this Data Protection, Security and Confidentiality Policy must be addressed to the Data Protection Officer of P9 in writing and must be (a) delivered in person, (b) sent by first class registered mail, or air mail, as appropriate, (c) sent by overnight courier, in each case properly posted and fully prepaid to the appropriate address set forth below, (d) sent by facsimile, or, (e) sent by electronic mail (email). Notices will be considered to have been given when P9 acknowledges receipt of such Notice. P9’s contact details for Notices is as follows:

Address: 135 Arch. Makarios III Avenue
1st floor, Emelle Building
Limassol, Cyprus, 3021

Facsimile: +357 25 028244
Email: maria.chatzipanagiotou@p9ft.com