Privacy Policy

Welcome to the privacy policy of TRADING STUDIO LTD. We are committed to protecting your personal data. This policy outlines how we handle your data when you visit our website (stocktrader.studio) or use our services.

Important Information and Who We Are

This policy provides information on how TRADING STUDIO LTD collects and processes your personal data. It is important to read this policy along with any other privacy notices we may provide. Our services are not intended for children under 13 years old.

TRADING STUDIO LTD is the controller and responsible for your personal data.

If you have any questions, please contact us at:

Your data protection rights

  • Access and rectification: you may request a copy of the information we process about you and ask us to rectify any incorrect data.
  • Erasure or restriction: in some circumstances, you may ask us to delete or restrict our processing of your data, but we cannot delete any data we are legally required to process.
  • Object to processing: in some circumstances, you may ask us to stop processing your data.
  • Data portability: in some circumstances, you may ask us to transfer your data to you or another organization.
  • Also, if you’re unhappy about how we process your data, you have a right to complain to a national data authority. We hope, however, that you will contact us first so that we can try to resolve the matter for you in a satisfactory way.

Please get in touch with us if you have any questions about how we handle your data or want to exercise one of your rights. You are entitled to a reply within 30 days.

The data we collect about you

We may process personal data when you:

  • Contact/communicate with us online (email, video calls, social media, etc.) or on the phone
  • Use our services/software (stocktrader.studio)

It is voluntary to provide us with personal data, but we cannot provide you with our services if you choose not to.

We do not rent, buy or sell personal data from or to others, use automated decisions or profiling in the processing of your personal data, or process any special category data as per the GDPR Article 9.

Retention

We only process your personal data when we have a purpose and a lawful basis for doing so. Under the GDPR Article 6-1, the lawful bases we rely on are:

  • Your consent
  • We have a contractual obligation (contract)
  • We have a legal obligation
  • We have a legitimate interest
  • As a rule, we do not process personal data for longer than necessary to fulfill the purpose for processing. To comply with this, we have regular internal GDPR audits where we formally assess our data protection and privacy work with the intention to amend, update and, if necessary, delete personal data.

We will only retain data for as long as we are required to as per applicable legal obligations such as accounting, tax, labour laws or any other relevant rules and regulations.

Cookies

We want to process as little personal information as possible when you use our website. That’s why we’ve chosen Fathom Analytics for our website analytics, which doesn’t use cookies and complies with the GDPR, ePrivacy (including PECR), COPPA and CCPA. Using this privacy-friendly website analytics software, your IP address is only briefly processed, and we (running this website) have no way of identifying you. As per the CCPA, your personal information is de-identified. You can read more about this on Fathom Analytics’ website.

The purpose of us using this software is to understand our website traffic in the most privacy-friendly way possible so that we can continually improve our website and business. The lawful basis as per the GDPR is “Article 6(1)(f); where our legitimate interests are to improve our website and business continually.” As per the explanation, no personal data is stored over time.

Transfer of personal data outside the EU/EEA

In some cases, your personal data will be transferred to a “third country”, i.e. outside the EU/EEA. For example, where we use data processors to manage email services. We only use data processors we trust that are well known, reputable, and have a data processing agreement/addendum.

We conduct risk assessments for every data processor we use in our business. In addition, where your personal data is transferred outside of the EU/EEA, we conduct an additional risk assessment. We review, in particular, the data processor’s technical and organizational security measures, reputation and safeguards for international transfers of personal data.

Data Breach Notification

TRADING STUDIO LTD takes the security of your personal data seriously. We have implemented appropriate technical and organizational measures to protect your data from unauthorized access, use, or disclosure. Despite these measures, no method of transmission over the Internet or electronic storage is 100% secure, and we cannot guarantee absolute security.

In the unlikely event of a data breach that is likely to result in a risk to your rights and freedoms, we will take the following steps:

  1. Assessment: We will promptly assess the nature and extent of the breach, including the types of data involved and the potential impact on individuals.
  2. Containment and Recovery: We will take immediate steps to contain the breach and mitigate any potential damage. This may include isolating affected systems, recovering compromised data, and enhancing security measures to prevent future breaches.
  3. Notification to Authorities: If the breach meets the threshold for notification, we will notify the relevant data protection authorities without undue delay and, where feasible, within 72 hours of becoming aware of the breach.
  4. Notification to Affected Individuals: If the breach is likely to result in a high risk to your rights and freedoms, we will notify you without undue delay. Our notification will include:
    • A description of the nature of the breach.
    • The name and contact details of our Data Protection Officer or other relevant contact point.
    • A description of the likely consequences of the breach.
    • A description of the measures we have taken or propose to take to address the breach and mitigate its effects.
  5. Review and Prevention: We will conduct a thorough investigation into the cause of the breach and implement measures to prevent future occurrences. This may involve revising our security policies, conducting additional staff training, and upgrading our security technologies.

Your trust is important to us, and we are committed to protecting your personal data and handling any data breaches with transparency and urgency. If you have any questions or concerns about our data breach procedures, please contact us at: