Privacy and
Security Statement
Last modified August 2018
Your privacy is important to Capitalogix
In the course of serving you as an individual client or as someone associated with a corporate or institutional client, Capitalogix may obtain personal information about you. Obtaining this information is important to our ability to deliver the highest level of service to you, but we also recognize that you expect us to treat this information appropriately.
This policy describes the types of personal information we may collect about you, the purposes for which we use the information, the circumstances in which we may share the information and the steps that we take to safeguard the information to protect your privacy. As used throughout this policy, the term “Capitalogix” refers to Capitalogix, LLC and its affiliates worldwide.
The sources of information
The personal information we collect about you comes primarily from the account applications or other forms and materials you submit to Capitalogix during the course of your relationship with us. We may also collect information about your transactions and experiences with Capitalogix relating to the products and services Capitalogix provides. In addition, depending on the products or services you require, Capitalogix may obtain additional information about you, such as your credit history, from consumer reporting agencies.
Finally, in the provision of financial services to you and subject to strict compliance with all applicable laws and regulations, information may be collected about you indirectly from monitoring or other means (e.g. recording of telephone calls and monitoring e-mails). In these circumstances, the information is not accessed on a continuous or routine basis, but it may be used for compliance or security purposes.
The information we have about you
If you deal with Capitalogix in your individual capacity (e.g. as a private client), or as a settlor/trustee/beneficiary of a trust, or as an owner or principal of a company or other investment vehicle established to invest on your behalf or on behalf of your family, etc., the typical information we collect about you would include:
- Your name, address and other contact details;
- Your age, occupation and marital status;
- Extensive financial information, including source of wealth, investment experience and objectives, risk tolerance and, in certain jurisdictions, representations required under applicable law or regulation concerning your financial resources;
- A head and shoulders photograph from, as applicable, your passport, national identity card or driver’s license, as required by laws and regulations addressing due diligence and related matters; and
- A personal identifier such as, depending on your country of residence, your Social Security Number, National Insurance Number, Tax File Number, etc.
If you are an employee/officer/director/principal, etc. of one of our corporate or institutional clients, the typical information we collect about you personally would include:
- Your name and contact details;
- Your role/position/title and area of responsibility; and
- Certain identifying information (e.g. passport photo, etc.) as required by laws and regulations addressing money laundering and related matters.
Of course, you are not required to supply any of the personal information that we may request. However, failure to do so may result in our being unable to open or maintain your account or to provide services to you. While we make every effort to ensure that all information we hold about you is accurate, complete and up to date, you can help us considerably in this regard by promptly notifying us if there are any changes to your personal information.
Our use of your personal information
We may use your personal information to:
- Administer, operate, facilitate and manage your relationship and/or account with Capitalogix. This may include sharing such information internally as well as disclosing it to third parties, as described in the following two sections, respectively;
- Contact you or, if applicable, your designated representative(s) by post, telephone, electronic mail, facsimile, etc., in connection with your relationship and/or account;
- Provide you with information (such as investment research), recommendations, or advice concerning products and services offered by Capitalogix; and
- Facilitate our internal business operations, including assessing and managing risk and fulfilling our legal and regulatory requirements.
If your relationship with Capitalogix ends, Capitalogix will continue to treat your personal information, to the extent we retain it, as described in this policy.
Disclosures of your personal information within Capitalogix
In order to provide efficient and reliable services and to improve product and service options available to you, more than one entity within Capitalogix may be given, or given access to, your personal information. For example, one Capitalogix entity might share your information with another in order to facilitate settlement of your transactions or the maintenance of your accounts, or as part of its arranging for the performance of specialized services such as US and international brokerage, asset management and advisory and trust services. When so sharing your personal information, we adhere to applicable legal and industry standards regarding the protection of personal information. Additional information on how your personal information is protected while within Capitalogix is provided below, under Information Security: How We Protect Your Privacy.
Disclosures of your personal information to third parties
Capitalogix does not disclose your personal information to third parties, except as described in this policy. Third party disclosures may include sharing such information with non-affiliated companies that perform support services for your account or facilitate your transactions with Capitalogix, including those that provide professional, legal or accounting advice to Capitalogix. Non-affiliated companies that assist Capitalogix in providing services to you are required to maintain the confidentiality of such information to the extent they receive it and to use your personal information only in the course of providing such services and only for the purposes that Capitalogix dictates.
We may also disclose your personal information to fulfill your instructions, to protect our rights and interests and those of our business partners or pursuant to your express consent. Finally, under limited circumstances, your personal information may be disclosed to third parties as permitted by, or to comply with, applicable laws and regulations; for instance, when responding to a subpoena or similar legal process, to protect against fraud and to otherwise cooperate with law enforcement or regulatory authorities or with organizations such as exchanges and clearinghouses.
You should know that Capitalogix will not sell your personal information.
Information security: How we protect your privacy
Capitalogix is committed to protecting the privacy and confidentiality of your personal information. We limit access to your personal information to authorized Capitalogix employees or agents and, as described above in Disclosures of Your Personal Information to Third Parties, our service providers are held to stringent standards of privacy. We also maintain physical, electronic and procedural safeguards to protect the information against loss, misuse, damage or modification and unauthorized access or disclosure. Some of the other central features of our information security program are:
- A dedicated group – the Information Security Department – that designs, implements and provides oversight to our information security program;
- The use of specialized technology such as firewalls;
- Testing of the security and operability of products and services before they are introduced to the Internet, as well as ongoing scanning for publicly known vulnerabilities in the technology;
- Internal and external reviews of our Internet sites and services;
- Monitoring of our systems infrastructure to detect weaknesses and potential intrusions;
- Implementing controls to identify, authenticate and authorize access to various systems or sites;
- Protecting information during transmission through various means including, where appropriate, encryption; and
- Providing Capitalogix personnel with relevant training and continually updating our security practices in light of new risks and developments in technology.
Reporting security vulnerabilities
We encourage security professionals to practice responsible disclosure and let us know right away if a vulnerability is discovered on a Capitalogix product or application by sending an email to [email protected]. We will investigate all legitimate reports and follow up if more details are required.
Privacy and the Internet
The following additional information will be of interest to you as a visitor to this site:
- Users of private Capitalogix Web sites are required to identify and authenticate themselves prior to accessing our services. Generally, identification and authentication take place through the use of your user name and a password, or with an RSA SecurID* Card and a Personal Identification Number (PIN).
- The private Capitalogix Web sites are built upon a secure infrastructure with multiple layers of protection, including measures ranging from proper physical security of our machines to system intrusion detection capabilities. Within such private sites, Capitalogix uses industry standard encryption technologies to protect your information from external compromise.
- Security is a cooperative effort between Capitalogix and the users of the Capitalogix Web sites. Please remember that your password, RSA SecurID Card and PIN are personal to you and should not be made available to any other person. Also, you should discontinue their use and notify us if you have any reason to suspect that someone else may be using them.
- “Cookies” are small text files that may be placed on your Web browser when you visit our Web sites or when you view advertisements we have placed on other Web sites.
- “Clickstream” data (e.g., information regarding which of our Web pages you access, the frequency of such access, and your product and service preferences) may be collected by Capitalogix itself, or by our service providers, using cookies, Web beacons, page tags, or similar tools that are set when you visit our Web site or when you view an advertisement we have placed on another Web site. Clickstream data and similar information may be shared internally within Capitalogix and used: for administrative purposes; to assess the usage, value and performance of our online products and services; to improve your experience with our Web sites; and as otherwise permitted by applicable law or regulation. If you are a Capitalogix client, this information helps us suggest products or service offerings that may be of interest to you. This information may be processed by us for the purposes described above, or on our behalf by third parties, solely in accordance with our instructions.
- When you visit this site, your browser may be momentarily directed to the Web site of an ad server or other third-party service provider. This re-direction process will not be apparent to you. These third-party Web sites automatically receive your IP address when this happens, and they may also collect information from your interaction with our Web sites including computer and connection information, standard Web log information, and ad information. Such information does not identify you individually.
- Capitalogix may make available on this Web site third party applications such as content linking or sharing facilities. Information collected by providers of such applications is governed by their privacy policies.
- Our Web sites are not currently configured to respond to “do not track” signals or similar mechanisms.
Other privacy policies or statements; changes to policy
This policy provides a general statement of the ways in which Capitalogix protects your personal information. You may, however, in connection with specific products or services offered by Capitalogix, be provided with privacy policies or statements that supplement this policy. This policy may be changed from time to time to reflect changes in our practices concerning the collection and use of personal information. The revised policy will be effective immediately upon posting to our Web site.
Security
Beware of Fraudulent E-Mails and Web Sites
“Phishing” is a rampant Internet scam that relies on “spoofed” e-mails, purportedly from well-known firms, to lure individuals to fraudulent Web sites that look and feel like the well-known firm’s Web site. At such Web sites, victims are asked to provide personal information about themselves, such as their name, address and credit card number. These fraudulent e-mails and Web sites may also try to install malicious software on your computer that monitors your activities and sends sensitive personal information (your passwords, for example) to a remote location. With that information, criminals can commit identity theft, credit card fraud and other crimes.
You can protect yourself by following these best practices when using the Internet:
- Be aware that e-mail is insecure and easy to forge. E-mail that appears to be from a friend or company you do business with may be fraudulent and designed to trick you into providing personal information about yourself or installing dangerous software.
- Do not respond to e-mails or pop-up messages that solicit your personal information: name, address, Social Security number, etc.
- Only access trusted Web sites that you found other than by clicking on a Web site address in an e-mail and then added to your browser’s bookmarks. Otherwise, manually type the address into your browser and then bookmark it. When you receive an e-mail, rather than clicking on a Web site address in the e-mail, which can bring you to a fraudulent site, use the bookmark to access that site.
If you receive an e-mail from Capitalogix you are uncertain about, or which you believe to be fraudulent, please forward it to [email protected]. Capitalogix will investigate the e-mail and respond back to you. If you are a client of the firm, please notify your sales representative or investment professional.
Personal Computer Security Tips
No security practice is foolproof. You can, however, help protect yourself by following these best practices to secure your personal computer:
- Install antivirus and anti-spyware software on your computer and make sure it is up to date with the most recent virus/spyware signatures.
- Make sure your computer is up to date with the most recent software patches. Patches are software updates that often address software vulnerabilities that phishing scams and viruses exploit.
- Install a firewall between your computer and the Internet. A firewall is software or hardware that acts as a buffer between your computer and the Internet that limits access to your computer and blocks communications from unauthorized sources.
Please contact the manufacturer of your computer for additional information and recommendations.
Glossary of Terms
- Phishing: Phishing attacks use ”spoofed” e-mails and fraudulent Web sites designed to fool recipients into divulging personal financial data such as credit card numbers, account usernames and passwords, Social Security numbers, etc. By hijacking the trusted brands of well-known banks, online retailers and credit card companies, phishers are able to convince up to 5% of recipients to respond to them.
- Firewall: A system designed to prevent unauthorized access to or from a private network. Firewalls can be implemented in both hardware and software, or a combination of both. Firewalls are frequently used to prevent unauthorized Internet users from accessing private networks connected to the Internet, especially intranets. All messages entering or leaving the intranet pass through the firewall, which examines each message and blocks those that do not meet the specified security criteria.
- Patch: Also called a service patch, a fix to a program bug. A patch is an actual piece of object code that is inserted into (patched into) an executable program. Patches typically are available as downloads over the Internet.
- Computer Virus: A program or piece of code that is loaded onto your computer without your knowledge and runs against your wishes. Viruses can also replicate themselves. All computer viruses are manmade. A simple virus that can make a copy of itself over and over again is relatively easy to produce. Even such a simple virus is dangerous because it will quickly use all available memory and bring the system to a halt. An even more dangerous type of virus is one capable of transmitting itself across networks and bypassing security systems.
- Antivirus Software: A utility that searches a hard disk for viruses and removes any that are found. Most antivirus programs include an auto-update feature that enables the program to download profiles of new viruses so that it can check for the new viruses as soon as they are discovered.
- URL: Abbreviation of Uniform Resource Locator, the global address of documents and other resources on the World Wide Web.
- Spoof: To fool. In networking, the term is used to describe a variety of ways in which hardware and software can be fooled. IP spoofing, for example, involves trickery that makes a message appear as if it came from an authorized IP address (the numerical identifier for a computer).