FBSonline — Explore Finance

v. 1.0.

Last Revised: September 2024

Privacy Policy                                                                                                                                                     2
TABLE OF CONTENT
INTRODUCTION.................................................................................................................... 3
WHO WE ARE........................................................................................................................3
PERSONAL DATA................................................................................................................. 3
1. Information We Collect................................................................................................3
2. KYC............................................................................................................................. 5
3. How We Acquire Your Data.........................................................................................5
4. Purposes......................................................................................................................6
DISCLOSURE OF INFORMATION........................................................................................ 7
1. To Whom We Disclose Information.............................................................................7
2. Third-Party Sites.......................................................................................................... 8
3. Payment Providers...................................................................................................... 9
4. International Transfers.................................................................................................9
CONSENT.............................................................................................................................. 9
YOUR LEGAL RIGHTS........................................................................................................ 10
SECURITY........................................................................................................................... 11
1. Retention of Records................................................................................................. 11
2. Security Measures..................................................................................................... 12
GENERAL............................................................................................................................ 12
1. Changes to the Privacy Policy.......................................................................................12
2. Compliance with Applicable Legislation........................................................................13
3. Prevailing Language......................................................................................................13
4. Questions, Problems, or Complaints............................................................................. 13

1. INTRODUCTION

The protection of the security and privacy of your Personal Data is important to us and to the way we

conduct our business in compliance with the laws on privacy, data protection, and data security.

This Privacy Policy, together with our Terms and Conditions applicable to you and any additional

provisions that may be incorporated by reference into the terms apply to your use of our services, our

site accessible from Website, and any of the services accessible through the Website and our products

(collectively referred to as “Service”).

The purpose of this Privacy Policy is to outline what information the Company may collect, how it uses

and safeguards that information, and with whom we may share it.

2. WHO WE ARE

FBS is the data controller and is responsible for your Personal Data.

Email address: [email protected]

3. PERSONAL DATA

3.1. Information We Collect

(1) We will collect the following personally identifiable information (“Personal Data”):

(2) Account/Personal Area passwords are stored in the system and are not public information for

employees of the Company who do not need it for the purpose of providing services to the Client.

Personal details Full name, e-mail address, gender, home address, phone address,

phone number, date of birth, nationality, signature, utility bills,

photographs, and a video recording of the Client

Contact Information E-mail address, country, region

Sensitive and

Biometric Personal

Data

Sensitive personal data, when permitted by local law or with Client

consent, such as biometric information, for example, to verify the

Client’s identity by comparing the facial scan data extracted from the

Client’s selfie or video with the photo in Client’s government issued

identity document.

Government

Identifiers

Government issued identity documents such as passport, national

identification number, national identity card details, driver’s license

numbers.

Financial details Assets, liabilities, income, expenses, bank account information,

payment card information, source of funding, source of wealth, job

title, salary wage rate

Taxation information tax file number

Broad location data country location

Browsing Information IP address, geolocation, browser type/version, and operating system

Data about device manufacturer, operating system, CPU, RAM, browser type and

language, current time

Usage data data we collect with cookies and similar technologies

Marketing and

Research Information

Data for advertising and analytics purposes so we can provide the

Client with better service (e.g. browser/web history data and

preferences expressed through selection/viewing/purchase of goods,

services and content, information about Client’s mobile device

including (where available) type of device, device identification

number, mobile operating system.)

Trading experience Information relating to the previous trading experience, personal

goals, and objectives

for the processing of your chooses to give the Company.

(3) Through its Website (s), the Company will not collect any Personal Data unless you voluntarily

choose to provide it (e.g., by registration, email inquiry, survey, etc.). If you do not want your

Personal Data to be collected, please do not submit it.

(4) We will process your Personal Data legally and fairly and will not use it outside the purposes of

which we have informed you, including selling it individually or in the aggregate for commercial

use.

(5) We retain Personal Data in an identifiable format for the least amount of time necessary to fulfill

our legal or regulatory obligations and for our business purposes. We may retain Personal Data for

longer periods than required by law if it is in our legitimate business interests and is not directly

prohibited by the applicable law. If your account is deleted, we may take steps to mask Personal

Data and other Data, but we reserve our right to retain and access the data for as long as required

to comply with applicable laws. We will continue to use and disclose such Personal Data in

accordance with this Policy.

(6) We also collect, use, and share aggregated data, such as statistical or demographic data, for

any purpose (“Aggregated Data”). Aggregated Data could be derived from your Personal Data but

is not considered Personal Data by the law as this data will not directly or indirectly reveal your

identity. For example, we may aggregate your usage data to calculate the percentage of users

accessing a specific software feature. However, if we combine or connect Aggregated Data with

your Personal Data so that it can directly or indirectly identify you, we treat the combined data as

Personal Data which will be used in accordance with this Privacy Policy.

3.2. KYC

During the Know Your Client (KYC) process, we are also required by law to collect certain

documentation in order to verify your true identity, which may include, but is not limited to, proof of

identity in the form of Identity documents, proof of your permanent residential address in the form of a

utility bill, as well as your credit card details (we request both sides of the bank card. The front side

must contain the first 6 digits and the last 4 digits of the card number, the cardholder’s name, expiry

date, and signature. For security purposes, we request clients cover the CVC/CVV codes on the back

side). User’s card data is not stored in our systems since we do not have a PCI DSS certificate. For all

that information, we rely on our Payment Providers, who are duly certified.

3.3. How We Acquire Your Data

(1) Information may come from the following sources:

directly from you (from our communication and/or forms that you filled in)

cookies stored in your browser by our Website

IP-address

other sources, including third parties and publicly available sources

(2) We may combine that with information we collect via our services.

3.4. Purposes

We collect Personal Data for the following purposes:

(1) to authenticate your access to an account;

(2) to manage your account and keep you updated on all matters that concern your account;

(3) to provide the services that you have requested, including processing transactions;

(4) to respond to your requests, for example, to contact you about a question you submitted to

our customer service team;

(5) to provide the functionality of our products;

(6) to inform you about changes in our services, our service offering, and other important

service-related notices;

(7) to protect our rights and interests, as well as the rights and interests of our users and any

other person;

(8) to carry out any actions for which we have received your consent;

(9) to perform research and analysis about your use of, or interest in, our products, services,

or content, or products, services, or content offered by others;

(10) to comply with applicable legal or regulatory obligations, including complying with

requests from law enforcement or other governmental authorities or in legal proceedings;

(11) to fulfill our contractual obligations;

(12) to communicate with you, either directly or through one of our partners, including for

customer service, to provide you with updates and other information relating to the

Website, and for marketing and promotional purposes;

(13) to tailor the Website or other service we provide to you relating to your needs and

interests;

(14) to create anonymous statistical data;

(15) to prevent and investigate fraudulent or other criminal activity.

(16) to congratulate you;

(17) to offer you personalized and/or unique offers, services, products.

4. DISCLOSURE OF INFORMATION

4.1. To Whom We Disclose Information

(1) Your Personal Data may be disclosed to different recipients. The list below provides some of

the types of recipients and reasons for sharing your Personal Data.

Category of recipient Examples or

explanation

Share purpose

Our affiliates Any legal entity

affiliated with the

Company

Providing the basic services under

the Terms and Conditions;

Organizing the work of customer

support service;

Any other purpose deemed

necessary by the Company.

Financial institutions and

other similar organizations

Any such

organizations that

the Company deals

with in the course

of its business

Providing the basic services under

the Terms and Conditions;

Complying with our legal obligations

imposed by applicable laws (in

certain cases provided by law).

Partner (Introducing Broker

Program participant)

Those who had

been contracted to

provide us with

administrative,

financial,

insurance,

research, and/or

other services.

Providing the basic services under

the Company’s legal agreements;

Notifying the Partner that someone

has registered using their Partner

IDs or other identification tools or

has unsubscribed from the Partner.

In this case, we can give your name

and contact information to the

Partner;

Communicating with you through

one of our Partners, including for

customer service, to provide you

with updates and other information

relating to the Website and for

marketing and promotional

purposes.

Auditors, lawyers, and

other examination

organizations

Any entity

conducting an audit

or other

legal/financial

check

Complying with our legal obligations

imposed by applicable laws (in certain cases

provided by law).

Third-party service

providers whose activities

are required to perform the

Web hosting,

information

technology

Providing the basic services under the

Terms and Conditions.

service providers

Payment partners Enabling purchase opportunities within our

services. These payment processors are

responsible for processing your Personal

Data and may use your Personal Data for

their own purposes in accordance with their

Privacy Policies.

Data aggregation,

analytics, and market

research services

Google Analytics,

Google Ads

Creating and utilizing analytics on

our services and audience;

Conducting advertising and

marketing activity;

Conducting surveys and research;

Personalizing our services for you.

Advertising partners Any partners Conducting advertising and

marketing activity;

Personalizing our services for you.

Relevant parties in the

event of a change in

control, merger, or

acquisition

As our business develops, we may sell or

buy businesses or assets. In the event of a

corporate sale, merger, reorganization,

dissolution, or similar event, Personal Data

may be part of the transferred assets.

Authorities and parties

where relevant for

compliance with various

laws

Any authority Compliance with our legal obligations

imposed by applicable laws.

(2) Please note that we will never sell the Client’s Personal Data.

(3) In general, we require that any third-party service provider that we share any Personal Data

with undertakes to respect any individual’s right to privacy and comply with the Data

Protection Principles. These third-party service providers may keep a record of any

searches they performed on our behalf, and they may use the search details to assist other

companies in performing their searches. This Privacy Policy does not cover the practices of

third parties.

(4) In cases where the Client is attached to a Partner, such Partner may have access to the

Client’s information. Hence, the Client hereby consents to share information with such

Partner. We provide Partners only the minimum necessary data required for the purpose of

the Partner Agreement.

4.2.Third-Party Sites

Please be notified that FBS cannot be held responsible for the privacy practices of other

websites. We advise all visitors to be aware and read the privacy statements of every

Website that collects personal identity information.

4.3.Payment Providers

In accordance with the recommendations of the Payment Card Industry Security Standards

Council, customer card details are protected using Transport Layer encryption – TLS 1.2

and application layer with algorithm AES and key length 256 bit.

4.4.International Transfers

(1) We operate all over the world, and therefore we may transfer your data to our

counterparties (partners, affiliates, etc.) in different countries, including those which are

located outside the country in which you are based. We take all necessary steps, including

those imposed on us by applicable law, to ensure an adequate level of Personal Data

protection in each case. However, we would like you to consider that the countries to

which we transfer your data may not have the same data protection laws as your

jurisdiction.

(2) To facilitate our global operations, the Company may transfer, store, and process your

operations with our partners and service providers based outside of the country in which

you are based. Laws in those countries may differ from the laws applicable to your country

of residence. Where we transfer, store, and process your Personal Data outside of the

country where you are based, we will ensure that the appropriate safeguards are in place

to ensure an adequate level of protection. Further details regarding the relevant

safeguards can be obtained from us upon request.

5. CONSENT

(1) BY SUBMITTING INFORMATION, INCLUDING PERSONAL DATA, YOU ARE EXPRESSLY AND

VOLUNTARILY ACCEPTING THE TERMS AND CONDITIONS OF THIS PRIVACY POLICY. YOU

HAVE THE RIGHT TO WITHDRAW YOUR CONSENT AND USE YOUR INFORMATION BY

CHANGING YOUR ACCOUNT SETTINGS OR CLOSING YOUR ACCOUNT, BUT YOUR

WITHDRAWAL OF CONSENT WILL NOT BE RETROACTIVE.

(2) You should also be aware that we do not sell, rent, or disclose your Personal Data in

exchange for money or other valuable consideration to any third parties, and we shall not

incorporate such practice in our business unless providing you with a clear and explicit

way to exercise your opt-out right and before introducing appropriate changes to this

Policy.

(3) You consent to transfer your Personal Data to third parties as described in Section 4.1. of

this Privacy Policy, and as described in this Privacy Policy, including to carry out your

instructions or to provide our services, for the purpose of notifying a Partner of a client’s

detachment unless otherwise compelled by law or as necessary to enforce our Terms and

Conditions or to protect the rights or property of the Company or its users or the public. We

may provide Aggregated Data about the usage of our Services to third parties for purposes

that we deem, in our sole discretion, to be appropriate.

(4) We will display the Personal Data you select on your profile page and elsewhere according

to the preferences you select in your account settings. This Personal Data may be made

available for public viewing to other Clients.

Marketing mailings

(1) If you provide us with your email address and agree to this Privacy Policy, our partners and

we may send you emails regarding the products we offer. You can choose to opt out of

receiving emails from us at any time. If you wish to opt out with respect to more than one

email address, you must provide a separate request for each email address. Every email

sent from us will include appropriate unsubscribe instructions. To opt out of all email

marketing messages from us, you should follow the instructions provided with each email.

(2) If you provide us with your telephone number and agree to this Privacy Policy, our partners

and we may send you texts or call you regarding the products we offer. You can choose to

opt out of receiving texts or calls from us at any time by emailing us.

6. YOUR LEGAL RIGHTS

In accordance with applicable law, the Client may have the right to:

(1) Access Personal Data about the Client.

The Client may, at any time, request access to the Client’s Personal Data, and the Company

will provide the Client with access to that information either by providing copies of the

information requested, allowing the Client to inspect the information requested, or providing

the Client with an accurate summary of the information held. The Company may, prior to

providing access in accordance with this Privacy Policy, require the Client to provide evidence

of the Client’s identity. In the event the Company refuses access to the Client’s Personal Data;

the Company will provide an explanation for that refusal. The Company will endeavor to

respond to any request for access within 14 days depending on the complexity of the

information and/or the request and may charge fees for the request of a significant amount of

information to be copied or accessed.

(2) Request correction of Client’s Personal Data where it is inaccurate, incomplete, or

outdated.

To assist the Company with this, please contact the Company if any details the Client has

provided change. Furthermore, if the Client believes that the information the Company has

about the Client is not accurate, complete, or up to date, please contact us, and we will take all

reasonable steps to correct the information.

(3) Request deletion, anonymization, or blocking of Client’s Personal Data.

The Client may, at any time, request the deletion of Client’s Personal Data. We undertake to

perform the deletion within one month (30 calendar days). Please note that, under certain

circumstances, the Company may continue to process Personal Data if required to do so by

applicable law.

(4) Request restriction of or object to our processing of Client’s Personal Data.

(5) Withdraw the Client’s consent to our processing of the Client’s Personal Data.

(6) Request data portability and receive an electronic copy of the Personal Data that the

Client has provided to the Company.

(7) Be informed about third parties with which Client’s Personal Data has been shared.

(8) Request the review of decisions taken exclusively based on automated processing if

that could affect data subject rights.

7. SECURITY

7.1. Retention of Records

(1) We may be requested to retain and use your Personal Data to meet our legal obligations

for data security purposes and as we believe to be fit and necessary or appropriate for

purposes that include, but are not limited to,

a. compliance with our requirements under applicable laws and regulations;

b. responding to requests from courts and/or other public and governmental

authorities;

c. monitoring through compliance and anti-money laundering processes.

(2) We will not keep your information for any longer than the time required. In many cases,

information must be kept for considerable periods of time. Retention periods will be

decided, considering the type of information that is collected and the purpose for which it is

collected, bearing in mind the requirements applicable to the situation and the need to

destroy outdated, unused information at the earliest reasonable time. Under applicable

regulations, we will keep records containing Personal Data, trading information, account

opening and verification documents, communication, and anything else that is relative to

the Client for a maximum of seven (7) years after the termination of the Agreement

between you and our Company. In any event, we will keep your information for a minimum

duration as provided in the applicable Limitation of Actions Law.

7.2. Security Measures

(1) The Company takes precautions to ensure the security of your Personal Data and strives

to keep it accurate.

(2) We act with care to protect the Client’s Personal Data from loss, destruction, falsification,

manipulation, and unauthorized access or unauthorized disclosure. To do so, we have

developed and will maintain security procedures to safeguard Personal Data against loss,

theft, copying, and unauthorized disclosure, use, and/or modification.

(3) Access to Personal Data is limited to the company employees and authorized service

providers who require to receive it in order to perform their work.

(4) While we will use all reasonable efforts to safeguard the Client’s information, the Client

acknowledges that the use of the Internet is not entirely secure, and therefore, we cannot

provide any guarantee concerning the security or integrity of any Personal Data

transferred from or to the Client with the use of the Internet.

8. GENERAL

8.1. Changes to the Privacy Policy

This Privacy Policy may be modified from time to time, thus, check back often. To help you

be aware if changes have been made, we will adjust the “Last Revised” date or “Date of

publication” at the beginning of this document. The new Policy may be displayed on-screen,

and you may be required to read it to continue using the Service, Product, or Website.

Continued use of our products and services by you will constitute your acceptance of any

changes or revisions to this Policy.

8.2. Compliance with Applicable Legislation

We are committed to complying with applicable privacy and data protection laws and

regulations designed to protect your Personal Data, including the Data Protection Bill, 2021,

and other applicable current or future regional and state privacy and data protection laws

and regulations worldwide as they become effective.

8.3. Prevailing Language

This document, as well as the Company’s other legally-binding documents, is drawn up in

English. Any other version is provided as a translation. In the event of a conflict between the

translation and English versions, the English version will prevail.

8.4. Questions, Problems, or Complaints

You can contact us at [email protected] if you have any questions, problems, or

complaints regarding this Privacy Policy.