Millennium will never disclose, sell or lease to any third party any Personal Information that you provide to us, including through this website (the “Website”), without your permission, other than as described in this Policy, or unless we are required to do so by law.
BY PROVIDING US WITH YOUR PERSONAL INFORMATION, INCLUDING THROUGH THE USE OF THIS WEBSITE, YOU ACCEPT THIS POLICY AND CONSENT TO ITS TERMS, AS WELL AS ANY OTHER TERMS THAT ARE DESCRIBED TO YOU WHEN YOUR PERSONAL INFORMATION IS COLLECTED. PLEASE BE SURE TO READ OUR ENTIRE POLICY BEFORE SUBMITTING INFORMATION TO OUR WEBSITE. THIS POLICY MAY BE AMENDED OR UPDATED AT OUR DISCRETION FROM TIME TO TIME. PLEASE CHECK THE WEBSITE FROM TIME TO TIME FOR SUCH AMENDMENTS. BY CONTINUING TO ACCESS AND USE THE WEBSITE, YOU ACCEPT AND CONSENT TO THE TERMS OF THE THEN CURRENT POLICY, AS AMENDED. IF YOU DO NOT CONSENT TO THIS POLICY, PLEASE DO NOT USE THE WEBSITE OR OTHERWISE PROVIDE YOUR PERSONAL INFORMATION TO US.
What Personal Information Do We Collect?
“Personal Information” is any personally identifiable information about you that may be obtained directly from discussions with you, by corresponding with us by phone, e-mail, subscribing to our mailing lists, enquiring about our services and products or via any documents you may deliver to Millennium. This information may include your name, address, telephone number, social security number or tax identification number, assets, net worth, income, bank account information and occupation. We may also collect your IP address when you use the Website and we may keep track of your dealings with us, including details of your visits to our Website and the resources that you access, including, but not limited to, traffic data, location data, weblogs and other communication data.
We may also receive your Personal Information from our business partners and other third parties, provided that such third parties confirm to us that they have obtained your consent or, we have otherwise obtained your consent in this regard.
Publicly available information, such as business contact information or a public directory listing of your name, address, telephone number or information that is aggregated and not associated with a specific individual, including demographic information and statistics, is not considered Personal Information.
Should we want or need to rely on consent to process your data, we will request your consent orally, by email or by an online process for the specific activity we require consent for and we will record your response on our systems. Where consent is the lawful basis for our processing, you have the right to withdraw your consent to this particular processing at any time. You can do this by contacting the client services team on +44 20 8164 1200 or by sending an email to firstname.lastname@example.org
What Non-Personal Information Do We Collect?
We collect certain information which is recorded by the standard operation of our Internet servers on an anonymous basis, such as the operating system and type of browser you are using, the sections of the Website you visit, and the Website pages read and images viewed.
This non-identifiable information is used on an aggregate basis and in a non-personally identifiable form, including: (i) for Website and system administration purposes, (ii) to improve the Website, (iii) to conduct internal reviews of the number of visitors to the Website; (iv) to help us better understand visitors’ use of our Website; (v) to respond to specific requests from our visitors; and (vi) to protect the security or integrity of our Website when necessary.
When you view the Website, we may place a “cookie” on the hard drive of your computer which allows the Website to remember who you are. Cookies provide additional functionality to the website to better match users’ interests and preferences. With most Internet browsers, you can erase Cookies from your computer hard drive, block the creation of Cookies, or receive a warning before a Cookie is stored, although doing so may affect your use of the Website and your ability to access certain features of the Website. Please refer to your browser instructions or the help section of your browser to learn more about these functions. You may view our Cookies Policy here.
Our Website may use web beacons or other technologies. When you access certain pages of our website, a non-identifiable notice of that visit is generated which may be processed by us. These technologies usually work in conjunction with cookies. If you do not want your cookie information to be associated with your visits to these pages, you can set your browser to turn off cookies. If you turn off cookies, web beacons will still detect visits to these pages, but the notices they generate cannot be associated with other non-identifiable cookie information and are disregarded.
As a regulated entity, Millennium records telephone calls for business purposes including but not limited to the following:
- To comply with regulatory record-keeping requirements;
- To seek to ensure the prevention and detection of crime;
- To comply with contractual obligations with trading agreements; and
- For monitoring compliance with regulatory/self-regulatory, audit requirements and training purposes.
In doing so, Millennium will seek to be guided by the requirements of the applicable data protection laws as well as by Millennium’s Data Protection Policy.
Lawful grounds for processing
We may only collect, process and share personal data fairly and lawfully and for specified purposes (lawful grounds). The Data Protection Law restricts our actions regarding personal data to specified lawful purposes. These restrictions are not intended to prevent processing, but to ensure that we process personal data fairly and without damaging your interests. The lawful grounds for processing available under the Data Protection law vary depending on the nature and purpose of processing activities and the types of data being processed.
We will rely on one or more of the following lawful grounds when processing personal data:
- Where you have given consent to the processing of your personal data for one or more specific purposes;
- Where Processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
- Where Processing is necessary for compliance with a legal obligation to which the we are subject;
- Where Processing is necessary for the purposes of the legitimate interests by us or by a third party, such as direct marketing of our products or services, except where such interests are overridden by your interests or fundamental rights and freedoms which require protection of personal data.
We will in some circumstances rely on consent for particular uses of your data and you will be asked for your express consent, if legally required.
Personal data can only be collected for specified, explicit and legitimate purposes. It must not be processed further in any manner incompatible with those purposes. We cannot use personal data for new, different or incompatible purposes from that disclosed when it was first obtained unless we have informed you of the new purpose and you have provided your consent where necessary.
For What Purposes Do We Collect, Use and Disclose Your Personal Information?
Millennium collects and processes Personal Information primarily to:
- provide investment management services;
- communicate information about its products and services;
- process subscriptions in its private investment vehicles;
- respond to your communications, enquiries and requests;
- meet legal, regulatory, audit, security and financial requirements;
- maintain business records in accordance with applicable laws on recordkeeping;
- to notify you about changes to our service, our address, regulatory requirements, and any other obligations towards you;
- achieve any other purpose we may indicate to you from time to time.
Millennium as controller of the personal information collected permits only authorised individuals, who have been advised as to the proper handling of Personal Information, and who need to access this information to perform services, to have access to this information. These authorised individuals are required to maintain and protect the confidentiality of Personal Information.
Marketing and Preferences
We may contact you to send you updates (be email, telephone, text, social media or post) about the business or our products and services that might be of interest to you. Where consent is needed we will ask for this consent separately and clearly.
We will always ensure that your personal data is treated with respect and we will never sell or share it with other organisations for marketing purposes.
We may ask you to confirm or update your marketing preferences over time, such as when you instruct us to provide further services in the future, or if there are changes in the law, regulation, or the structure of our business. You can change your preferences for marketing at any time.
You have the right to object to direct marketing and profiling (the automated processing of your information to help us evaluate certain things about you, for example, your personal preferences and your interests) relating to direct marketing. If you don’t want to receive marketing information from us you can click on the ‘unsubscribe’ link that appears in the newsletters and/or marketing emails we send, by contacting the client services team on +44 20 8164 1200 or by emailing email@example.com
Please see the section about your rights for more details.
Sharing your Personal Information
There are a few circumstances in which we may provide your Personal Information to third parties.
In order to service your account and process transactions for your account, Millennium may provide Personal Information to its affiliates and to non-affiliated third-party financial service providers that assist Millennium in servicing your account and have a need for such information, such as a broker-dealer or administrator. In addition, Millennium may share Personal Information with non-affiliated third party non-financial service providers, in order to process or service client transactions, products or reporting. Unaffiliated third parties in this instance may include service providers such as word processors and printers. Any such contract entered into by Millennium will include provisions designed to ensure as far as possible that the third party will uphold applicable data protection laws when handling Personal Information. Millennium may also disclose Personal Information to regulatory authorities as required or permitted by applicable law.
In the event that we are involved in the sale or transfer of some or all of our businesses, as part of that sale or transfer transaction, we may disclose your Personal Information to the acquiring organisation, but we will require the acquiring organisation to agree to protect the privacy of your Personal Information in a manner that is consistent with this Policy.
Millennium does not otherwise provide information about you to outside firms, organisations or individuals except at your request or to our lawyers, advisors, accountants and auditors and as permitted by law.
Transfer of personal data to non-EEA countries
Your personal information may be processed and stored outside of your jurisdiction or at a jurisdiction outside of the European Economic Area (“EEA”). Such processing may be carried out by background checking agencies, for purposes of conducting due diligence, employment screening and background checking, or by staff working for counterparty banks and prime brokers with whom we may transact on your behalf.
Where we transfer personal data to third parties outside of the EEA (“third-countries”), we will seek to ensure that it is protected and transferred in a manner consistent with any legal requirements applicable to the information. This can be done in a number of different ways, for instance the third country to which we send the personal information may be subject to an “equivalency decision” by the European Commission, or the recipient in a third country may have signed a contract based on “model contractual clauses” approved by the European Commission, obliging them to protect your personal information in accordance with the Data Protection Law applicable in the EU.
The Data Protection Law may also permit us to transfer personal information to third countries in other circumstances, such as where the data subject has provided explicit consent to such transfer.
Security and Retention of Personal Information
We implement security safeguards to protect Personal Information against loss or theft, as well as unauthorised access, disclosure, copying, use or modification, regardless of the format in which the information is held. We use physical, electronic, procedural, organisational and technological measures to protect Personal Information, such as locked filing cabinets, firewalls, encryption, and employee education.
We will keep Personal Information only for as long as it remains necessary for the purposes for which it was collected, or as required by law or regulation. We use secure means of disposing of Personal Information.
Links to Third Party Websites
Our Website may contain links that take you to other third party websites. These third party websites are not governed by this Policy but by their own privacy policies which may differ from ours. This Policy does not extend to the collection of Personal Information by these third parties and Millennium does not assume any responsibility for the privacy practices, policies or actions of third parties. We encourage you to review the privacy policies of each website visited before using these websites or disclosing any Personal Information to third parties.
How To Correct Your Personal Information
Millennium wants to make sure that the information that we have collected about you is accurate, complete and current. We rely on you to notify us immediately if at any time you become aware that the information we hold about you has changed or has become inaccurate in any way.
Your rights under GDPR
Subject to our own legal obligations GDPR provides you with the certain rights, including:
Right to know
You have a right to ask us to know what data we hold on you at any time. You can exercise your right by contacting our Compliance Officer via email at firstname.lastname@example.org.
Right to request correction
You have a right to request correction of the Personal Information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected or updated.
Right to request erasure
You have a right to request erasure of your personal information. This enables you to ask us to delete or remove Personal Information where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal information in exercise of your right to object to processing.
Right to object to processing
You have a right to object to processing of your Personal Information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your Personal Information for direct marketing purposes.
Right to request restriction
You have a right to request the restriction of processing of your Personal Information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
Right to request transfer
You have a right to request the transfer of your Personal Information to another party in certain formats, if practicable.
Right to make a complaint
You have a right to make a complaint to a supervisory body which in the United Kingdom is the Information Commissioner’s Office. The ICO can be contacted through this link: https://ico.org.uk/concerns/.
You may write or email our Compliance Officer at the address below to request access to Personal Information that we have about you or to obtain further information about our privacy policies or practices:
The Compliance Officer
Millennium Global Treasury Services Ltd.
Cleveland House, 33 King Street
London SW1Y 6RJ, United Kingdom
MillTechFX Europe SAS
33, rue François 1er
75008 Paris, France