1 Preamble
Van Sterling Capital Ltd., a licensed investment services undertaking authorised by the Malta Financial Services Authority (MFSA) under licence number VANS-IF-9616, is committed to processing the personal data of its clients, prospective clients and business partners with the requisite care. This Policy informs you, in accordance with Articles 13 and 14 of Regulation (EU) 2016/679 (the General Data Protection Regulation, “GDPR”), which categories of personal data we collect, the purposes for which and the legal bases on which we process them, the recipients to whom we disclose them, and the rights available to you.
The following legal framework applies to our processing operations:
- the GDPR and the Data Protection Act, Chapter 586 of the Laws of Malta;
- the ePrivacy Directive 2002/58/EC, transposed in Malta by the Electronic Communications Networks and Services (General) Regulations (S.L. 399.25), particularly with regard to the use of cookies and similar technologies;
- the record-keeping and documentation requirements arising under the Investment Services Act (Cap. 370), the MFSA Rulebooks, Article 16(7) of MiFID II and MiFIR;
- the obligations under the Prevention of Money Laundering Act (Cap. 373) and the FIAU Implementing Procedures, Parts I and II.
This Policy applies to the websites smarter-investments.com and vansterling.com and their subdomains. The intokia.com platform — which operates on a technically and legally distinct infrastructure (investor register, securities onboarding, and where applicable, third-country distribution under the WIB or full-prospectus regime supervised by BaFin) — is governed by a separate privacy notice that will be published when the platform becomes operational.
2 Data Controller
The controller for the processing of your personal data within the meaning of Article 4(7) GDPR is:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT – LJA 9012 Lija, Malta
Companies Registration Number: C 66549
MFSA Licence No. VANS-IF-9616
For all questions concerning the processing of your personal data and to exercise your rights as a data subject, you may contact our Data Protection Officer at:
Sven Büchel
Data Protection Officer pursuant to Article 37 GDPR
Telephone: +356 27 289 615
E-Mail: dataprotection@vansterling.com
3 Overview of Processing Activities
The following overview summarises the categories of personal data we process, the data subjects concerned, the purposes of processing and the categories of recipients. Details of each processing operation are set out in the sections that follow.
3.1 Categories of Personal Data
- Identification data: first name, surname, gender, date of birth, place of birth, nationality;
- Contact data: address, email address, telephone number;
- Identity-document data: ID-card or passport number, issuance details, photograph, residence permit where applicable;
- Tax and residence data: tax identification number, tax residence, FATCA/CRS-relevant information;
- Banking and investment account data: name of bank, IBAN, BIC, broker or investment account number;
- AML/KYC data: source of wealth and source of funds, occupation and source of income, politically exposed person (PEP) status, results of sanctions and adverse-media screening;
- Suitability and appropriateness data (MiFID II): information on your financial situation, investment experience and knowledge of financial instruments, investment objectives and risk tolerance under the three-pillar assessment;
- Transaction and order data: orders placed, executed transactions, portfolio holdings, fees and charges;
- Communications data: email correspondence, entries in contact and online forms, recordings of telephone calls and electronic communications under Article 16(7) MiFID II;
- Usage, metadata and procedural data: IP address, access timestamp, accessed URL, referrer URL, browser type and version, operating system, access provider, audit and workflow logs.
3.2 Categories of Data Subjects
- Users — all visitors to our websites;
- Members — users registered in our member area;
- Communication partners — persons contacting us via contact forms, email or telephone;
- Clients — persons with whom a client or portfolio-management relationship exists or is being established;
- Business and contractual partners — intermediaries (Trading Mentors, Introducers, marketing partners), service providers, advisers.
3.3 Purposes of Processing
- operation and functionality of the websites;
- responding to enquiries and pre-contractual measures;
- performance of contracts and provision of investment services;
- compliance with statutory and regulatory obligations (in particular KYC/AML, suitability and appropriateness assessment, record-keeping and tax reporting);
- information-system security and the prevention of unauthorised access;
- organisational and administrative procedures including CRM, accounting and internal reporting.
3.4 Categories of Recipients
- processors under Article 28 GDPR (hosting, CRM, security plugins, sanctions screening) — a consolidated overview is set out in Annex A;
- contractually bound intermediaries and distribution partners within the scope of the relevant business relationship;
- execution brokers, custodians and market infrastructure (in particular Swissquote);
- competent supervisory and tax authorities (MFSA, FIAU, Inland Revenue, foreign tax authorities within FATCA/CRS) to the extent legally required;
- lawyers, auditors and other advisers, where necessary for the pursuit of legitimate interests or compliance with statutory duties.
4 General Principles of Personal Data Processing
4.1 Personal Data (Article 4(1) GDPR)
Personal data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
4.2 Lawfulness of Processing (Article 6(1) GDPR)
We process personal data only where at least one of the following conditions is met:
- you have given your consent to the processing for one or more specified purposes (Article 6(1)(a) GDPR);
- the processing is necessary for the performance of a contract to which you are party, or for pre-contractual steps taken at your request (lit. b);
- the processing is necessary for compliance with a legal obligation to which we are subject — including under PMLA, FIAU Implementing Procedures, MiFID II/MiFIR, FATCA/CRS or tax record-keeping rules (lit. c);
- the processing is necessary for the purposes of our legitimate interests or those of a third party, except where your interests or fundamental rights and freedoms override (lit. f). Our legitimate interests are specified in the respective sections concerning individual processing operations.
4.3 Retention Periods and Erasure
We process personal data on the data-minimisation principle, only to the extent necessary for the relevant purpose, and we erase such data as soon as the processing purpose lapses. Exempted are data subject to the following retention or documentation obligations:
- AML/KYC records: five years following the end of the business relationship or completion of the occasional transaction (Reg. 13 PMLR / FIAU IPs), extendable up to ten years upon request by the FIAU;
- MiFID II records (orders, telephone conversations, electronic communications, suitability and appropriateness reports): five years, extendable up to seven years upon request by the MFSA (Article 16(7) MiFID II in conjunction with the MFSA Conduct of Business Rulebook);
- accounting and tax records: ten years following the end of the relevant financial year (Companies Act, Cap. 386, Art. 163; Income Tax Management Act, Cap. 372, Art. 19);
- access log files: see Sections 6.4 and 6.10;
- marketing and consent records: for the duration of the consent plus three years for evidentiary purposes.
The competent supervisory authority (MFSA, FIAU or another competent body) may require us to extend the retention periods set out above on a case-by-case basis. Any such extension takes place only on the basis of a specific, reasoned instruction from the authority, which is normally communicated to us in writing in advance. We will inform you upon request whether any such extension applies to data concerning you.
Once the relevant period has elapsed, the data is blocked and subsequently erased or anonymised, unless further retention is exceptionally necessary for the establishment, exercise or defence of legal claims.
5 Your Rights as a Data Subject
Under the GDPR you have the rights summarised below. To exercise these rights, please contact us using the contact details set out in Section 2.
5.1 Right of Access (Article 15 GDPR)
You have the right to obtain from us confirmation as to whether or not personal data concerning you is being processed and, where that is the case, access to the data and the information listed in Article 15(1) GDPR — in particular the purposes of processing, the categories of data, the recipients or categories of recipients, the envisaged retention period, the existence of your further rights, the source of the data where not collected from you, and the existence of automated decision-making including profiling.
5.2 Right to Rectification (Article 16 GDPR)
You have the right to obtain from us, without undue delay, the rectification of inaccurate personal data concerning you and the completion of incomplete personal data.
5.3 Right to Erasure (Article 17 GDPR)
You have the right to obtain from us the erasure, without undue delay, of personal data concerning you, where one of the grounds in Article 17(1) GDPR applies — in particular where the data is no longer necessary in relation to the purposes for which it was processed, you withdraw your consent, you object to the processing on legitimate grounds, or the processing was unlawful. Erasure may be refused or delayed where the processing is necessary for compliance with a statutory retention obligation or for the establishment, exercise or defence of legal claims (Article 17(3) GDPR).
5.4 Right to Restriction of Processing (Article 18 GDPR)
You have the right to request restriction of processing where you contest the accuracy of the data, the processing is unlawful and you oppose erasure, we no longer need the data but you require it for the establishment of legal claims, or you have objected pursuant to Article 21(1) GDPR pending verification of whether our legitimate grounds override yours.
5.5 Right to Notification (Article 19 GDPR)
We will communicate any rectification, erasure or restriction of processing to each recipient to whom the personal data has been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients upon request.
5.6 Right to Data Portability (Article 20 GDPR)
You have the right to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format, and to have such data transmitted to another controller, where the processing is based on consent or a contract and is carried out by automated means.
5.7 Right to Object (Article 21 GDPR)
You have the right, on grounds relating to your particular situation, to object at any time to processing of personal data concerning you which is based on Article 6(1)(e) or (f) GDPR. Where we process your data for direct-marketing purposes, you may object at any time without giving reasons.
5.8 Right to Withdraw Consent (Article 7(3) GDPR)
You have the right to withdraw any consent given at any time, with effect for the future. The lawfulness of processing carried out prior to withdrawal remains unaffected.
5.9 Automated Decision-Making (Article 22 GDPR)
You have the right not to be subject to a decision based solely on automated processing — including profiling — which produces legal effects concerning you or similarly significantly affects you, unless the decision is necessary for the conclusion or performance of a contract, is authorised by Union or Member State law, or is based on your explicit consent. For the practical application in our business, see Section 6.12.
5.10 Right to Lodge a Complaint (Article 77 GDPR)
Without prejudice to any other administrative or judicial remedy, you have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or the place of the alleged infringement, if you consider that the processing of your personal data infringes the GDPR. The competent supervisory authority for Van Sterling Capital Ltd. is:
Information and Data Protection Commissioner (IDPC)
Level 2, Airways House, High Street
Sliema SLM 1549, Malta
Telephone: +356 2328 7100
E-Mail: idpc.info@idpc.org.mt
Website: idpc.org.mt
Alternatively, you may lodge your complaint with the supervisory authority of your Member State of residence, which will, where appropriate, forward it to the IDPC.
6 Collection of Personal Data
The following sections set out the individual processing operations associated with our websites smarter-investments.com and vansterling.com and their subdomains. Where personal data is transferred to third countries, the relevant explanations are provided in Section 6.11.
6.1 Cookies and Similar Technologies
What are cookies? Cookies are small text files stored on your device when you visit our websites. They enable us to recognise your device on a subsequent visit and to provide certain functionalities. Similar technologies (e.g. local storage, session storage, web beacons) are treated in this Policy on the same footing.
Legal bases. Cookies strictly necessary for the provision of services you have expressly requested are placed without consent on the basis of Article 5(3) second sentence of the ePrivacy Directive (transposed in Reg. 9 S.L. 399.25 Malta). For all other cookies — in particular preference, statistics and marketing cookies and affiliate tracking — we obtain your consent through our consent manager (Article 6(1)(a) GDPR in conjunction with Reg. 9 S.L. 399.25). You may withdraw your consent at any time with effect for the future by adjusting your cookie settings via the consent manager linked in the website footer.
Categories of cookies:
- Strictly necessary cookies — enable basic functions such as page navigation, member-area login and secure data transmission;
- Preference cookies — store information that changes the behaviour or appearance of the website (e.g. language or region);
- Statistics cookies — help analyse website usage on an anonymised or pseudonymised basis;
- Marketing cookies — are used to track visitors across websites and display relevant advertising;
- Affiliate cookies — see the following section.
Affiliate Cookies
Categories of data processed: when you access our website via a link from a referring partner that includes a tracking URL parameter, a cookie is placed in your browser, subject to your consent. The cookie does not contain directly identifying personal data, but a cryptographically generated identifier of the referring partner.
Data subjects: users. Purposes: attribution of a referral to the correct commission calculation. Recipients: affiliated undertakings and contractually bound referring partners for settlement purposes. Retention period: 14 days, after which the cookie is automatically deleted by the browser. Legal basis: consent under Article 6(1)(a) GDPR in conjunction with Reg. 9 S.L. 399.25. Reliance on legitimate interests under Article 6(1)(f) GDPR is precluded by the ePrivacy regime.
A detailed list of cookies actually used (name, provider, purpose, lifetime) is generated automatically by the consent-management plugin Complianz and is available via the cookie banner; it also includes country-specific notices for users from the EU, the United Kingdom, the USA, Canada, Australia, South Africa and Brazil.
Cookie statement for users from the EU
This Cookie Policy was last updated on 29.05.2026 and applies to citizens and legal permanent residents of the European Economic Area and Switzerland.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. LinkedIn is located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Accept", you consent to us using all cookies and plug-ins as described in the pop-up and this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Data Protection Authority).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
Cookie statement for users from UK
This Cookie Policy was last updated on 29.05.2026 and applies to citizens and legal permanent residents of the United Kingdom.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalized advertising.
LinkedIn are located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Accept", you consent to us using all cookies and plug-ins as described in the pop-up and this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to transfer your data: you have the right to request all your personal data from the controller and transfer it in its entirety to another controller.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the supervisory authority (the Information Commissioner's Office (ICO)).
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
Cookie statement for users from US
This page was last changed on 29.05.2026, last checked on 29.05.2026 and applies to citizens and legal permanent residents of the United States.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. Cookies
When you visit our website it can be necessary to store and/or read certain data from your device by using technologies such as cookies.
2.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
2.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
2.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. LinkedIn is located in the United States.
3. Placed cookies
Most of these technologies have a function, a purpose, and an expiration period.
- A function is a particular task a technology has. So a function can be to "store certain data."
- Purpose is "the Why" behind the function. Maybe the data is stored because it is needed for statistics.
- The expiration period shows the length of the period the used technology can “store or read certain data."
4. Browser and Device based Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. You do have the right to opt-out and to object against the further use of non-functional cookies.
4.1 Manage your opt-out preferences
5. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
6. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- you may submit a request for access to the data we process about you;
- you may object to the processing;
- you may request an overview, in a commonly used format, of the data we process about you;
- you may request correction or deletion of the data if it is incorrect or not or no longer relevant, or to ask to restrict the processing of the data.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you.
For more information about your rights with respect to personal data, please refer to our Privacy Statement
7. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronized with cookiedatabase.org on 24.03.2026.
Cookie statement for users from Canada
This page was last changed on 29.05.2026, last checked on 29.05.2026 and applies to citizens and legal permanent residents of Canada.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Third parties
We have made agreements about the use of cookies with other companies that place cookies. However, we cannot guarantee that these third parties handle your personal data in a reliable or secure manner. Parties such as Google are to be considered as independent data controllers. We recommend that you read the privacy statements of these companies.
6. Cookies
6.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid.
6.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
6.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. LinkedIn is located in the United States.
7. Placed cookies
7.1 Manage your consent settings
You can also disable the use of cookies via your browser, but please note that our website may no longer work properly.
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser. Or you can indicate your preferences on the following page: youradchoices.ca
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- you may submit a request for access to the data we process about you;
- you may object to the processing;
- you may request an overview, in a commonly used format, of the data we process about you;
- you may request correction or deletion of the data if it is incorrect or not or no longer relevant. Where appropriate, the amended information shall be transmitted to third parties having access to the information in question.
- You have the right to withdraw consent at any time, subject to legal or contractual restrictions and reasonable notice. You will be informed of the implications of such withdrawal.
- You have the right to address a challenge concerning non-compliance with PIPEDA to our organisation and, if the issue is not resolved, to the Office of the Privacy Commissioner of Canada.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you.
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
Cookie statement for users from Australia
This page was last changed on 29.05.2026, last checked on 29.05.2026 and applies to citizens of Australia.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. You do have the right to opt-out and to object against the further use of non-functional cookies.
5.1 Manage your consent settings
You can also disable the use of cookies via your browser, but please note that our website may no longer work properly.
6. Cookies
6.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
6.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
6.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalized advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymized as much as possible. LinkedIn is located in the United States.
7. Placed cookies
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- you may submit a request for access to the data we process about you;
- you may request an overview, in a commonly used format, of the data we process about you;
- you may request correction or deletion of the data if it is incorrect or not or no longer relevant for any purpose under the Privacy Act.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this cookie statement. If you have a complaint about how we handle your data, we would like to hear from you.
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
Cookie statement for users from South Africa
This Cookie Policy was last updated on 29.05.2026 and applies to citizens and legal permanent residents of South Africa.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. LinkedIn is located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Accept", you consent to us using all cookies and plug-ins as described in the pop-up and this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- You have the right to know why your personal data is needed, what will happen to it, and how long it will be retained for.
- Right of access: You have the right to access your personal data that is known to us.
- Right to rectification: you have the right to supplement, correct, have deleted or blocked your personal data whenever you wish.
- If you give us your consent to process your data, you have the right to revoke that consent and to have your personal data deleted.
- Right to object: you may object to the processing of your data. We comply with this, unless there are justified grounds for processing.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the Information Regulator South Africa: P.O Box 31533, Braamfontein, Johannesburg, 2017 Complaints email: complaints.IR@justice.gov.za
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
Cookie statement for users from Brazil
This Cookie Policy was last updated on 29.05.2026 and applies to citizens and legal permanent residents of Brazil.
1. Introduction
Our website, https://smarter-investments.com/en (hereinafter: "the website") uses cookies and other related technologies (for convenience all technologies are referred to as "cookies"). Cookies are also placed by third parties we have engaged. In the document below we inform you about the use of cookies on our website.
2. What are cookies?
A cookie is a small simple file that is sent along with pages of this website and stored by your browser on the hard drive of your computer or another device. The information stored therein may be returned to our servers or to the servers of the relevant third parties during a subsequent visit.
3. What are scripts?
A script is a piece of program code that is used to make our website function properly and interactively. This code is executed on our server or on your device.
4. What is a web beacon?
A web beacon (or a pixel tag) is a small, invisible piece of text or image on a website that is used to monitor traffic on a website. In order to do this, various data about you is stored using web beacons.
5. Cookies
5.1 Technical or functional cookies
Some cookies ensure that certain parts of the website work properly and that your user preferences remain known. By placing functional cookies, we make it easier for you to visit our website. This way, you do not need to repeatedly enter the same information when visiting our website and, for example, the items remain in your shopping cart until you have paid. We may place these cookies without your consent.
5.2 Marketing/Tracking cookies
Marketing/Tracking cookies are cookies or any other form of local storage, used to create user profiles to display advertising or to track the user on this website or across several websites for similar marketing purposes.
5.3 Social media
On our website, we have included content from LinkedIn to promote web pages (e.g. “like”, “pin”) or share (e.g. “tweet”) on social networks like LinkedIn. This content is embedded with code derived from LinkedIn and places cookies. This content might store and process certain information for personalised advertising.
Please read the privacy statement of these social networks (which can change regularly) to read what they do with your (personal) data which they process using these cookies. The data that is retrieved is anonymised as much as possible. LinkedIn is located in the United States.
6. Placed cookies
7. Consent
When you visit our website for the first time, we will show you a pop-up with an explanation about cookies. As soon as you click on "Accept", you consent to us using all cookies and plug-ins as described in the pop-up and this Cookie Policy. You can disable the use of cookies via your browser, but please note that our website may no longer work properly.
7.1 Manage your consent settings
8. Enabling/disabling and deleting cookies
You can use your internet browser to automatically or manually delete cookies. You can also specify that certain cookies may not be placed. Another option is to change the settings of your internet browser so that you receive a message each time a cookie is placed. For more information about these options, please refer to the instructions in the Help section of your browser.
Please note that our website may not work properly if all cookies are disabled. If you do delete the cookies in your browser, they will be placed again after your consent when you visit our website again.
9. Your rights with respect to personal data
You have the following rights with respect to your personal data:
- confirmation of the existence of processing;
- access to data;
- correction of incomplete, inaccurate, or outdated data;
- anonymisation, blocking, or deletion of unnecessary, excessive, or processed data in disagreement with the provisions of the General Law for the Protection of Personal Data (LGPD);
- portability of data to another service or product provider, upon express request, in accordance with the regulations of the national authority, observing commercial and industrial secrets;
- deletion of personal data processed with the consent of the holder, except in the cases provided for in art. 16 of the General Law for the Protection of Personal Data (LGPD);
- information on public and private entities with which the controller shared data;
- information on the possibility of not providing consent and on the consequences of denial.
To exercise these rights, please contact us. Please refer to the contact details at the bottom of this Cookie Policy. If you have a complaint about how we handle your data, we would like to hear from you, but you also have the right to submit a complaint to the National Data Protection Authority (ANPD):
Autoridade Nacional de Proteção de Dados
Esplanada dos Ministérios,
Bloco C,
2º andar,
CEP 70297-400 - Brasília – DF.
Website
10. Contact details
For questions and/or comments about our Cookie Policy and this statement, please contact us by using the following contact details:
Van Sterling Capital Ltd.
Nu Bis Centre, Mosta Road
MT - LJA9012 Lija
Malta
Website: https://smarter-investments.com/en
Email: info@ex.comvansterling.com
Phone number: +356.27.289 615
This Cookie Policy was synchronised with cookiedatabase.org on 24.03.2026.
6.2 Social Plugins
We deploy social plugins only after active confirmation by you (“two-click solution”). On first access to our pages no direct connection is established to the relevant provider’s servers. Only by activating the corresponding button do you yourself establish a connection, transmitting at least your IP address and device-specific information to the provider. We have no influence over the content or use of the data so transmitted.
LinkedIn. The provider is LinkedIn Ireland Unlimited Company, Wilton Plaza, Wilton Place, Dublin 2, Ireland. Transfers to the United States to LinkedIn Corporation take place on the basis of the EU-US Data Privacy Framework (adequacy decision of 10 July 2023) and additionally on the basis of the EU Standard Contractual Clauses. Further information: https://www.linkedin.com/legal/privacy-policy.
6.3 Google Fonts (Self-Hosted)
We use fonts from Google Fonts, which are installed locally on our own server. When you access our websites, no connection is made to Google servers and no personal data is transmitted to Google. The legal basis for the use of these fonts is our legitimate interest in a consistent and visually appealing presentation of our online offering (Article 6(1)(f) GDPR).
6.4 Website Provision and Web Hosting
We use storage, computing capacity and software obtained from a service provider to operate our websites. When you access our websites we process your IP address in order to deliver the content to your device.
Categories of data processed: usage data (IP address, access timestamp, accessed URL, referrer URL, browser and operating system information, access provider), metadata and procedural data. Data subjects: users. Purposes: provision of the online offering, ensuring functionality, IT security. Retention period: server log files are archived in compressed form on a monthly basis; a maximum of ten log files is retained, after which the oldest file is overwritten. Data whose retention is required for evidentiary purposes is exempt. Legal basis: legitimate interests in a stable and secure online offering (Article 6(1)(f) GDPR).
Service providers:
- Host Europe GmbH, Hansestraße 111, 51149 Cologne, Germany
- Hetzner Online GmbH, Industriestr. 25, 91710 Gunzenhausen, Germany.
Data processing agreements under Article 28 GDPR are in place with the providers.
Email transmission and hosting. Our web hosting services include the sending, receipt and storage of emails. This entails the processing of recipient and sender addresses, transmission metadata, and the contents of emails, including for the purpose of spam detection. Please note that emails are usually only encrypted in transit; without end-to-end encryption we cannot guarantee confidentiality along the entire transmission path. The legal basis is Article 6(1)(f) GDPR.
6.5 Contact Enquiries and Communication
When you contact us via the contact form, by email or by telephone, we process the information you provide in order to handle your enquiry and any follow-up questions. Categories of data processed: identification, contact, content and usage data. Data subjects: communication partners. Purposes: responding to the enquiry, taking pre-contractual measures. Recipients: affiliated undertakings to the extent necessary for processing. Retention period: until your enquiry has been completed, and thereafter for the duration of any commercial or tax retention obligations; data collected during pre-contractual stages that did not lead to a contract is erased after three years. Legal basis: pre-contractual measures (Article 6(1)(b) GDPR) or legitimate interest in handling general enquiries (Article 6(1)(f) GDPR).
6.6 User Registration and Member Area (Ultimate Member)
We offer you the option of registering for our member area. Registration is handled by the Ultimate Member plugin. Categories of data processed: the email address is mandatory as login identifier. Optional information (e.g. first name and surname) may be added voluntarily in your account area. For security purposes, your IP address and the date and time are also stored upon registration and login. Data subjects: members. Purposes: access to protected content and functionality, identification and communication (e.g. password reset), security of the member area. Recipients: Ultimate Member does not pass user information beyond the website; transfers to processors take place only within the scope of our web hosting (see 6.4). Retention period: your data is erased once you deactivate your account or request its erasure, unless statutory retention obligations require otherwise. Legal basis: performance of the user contract for the member area and pre-contractual measures (Article 6(1)(b) GDPR).
6.7 Client Agreement
For prospective clients wishing to enter into a client agreement with us, we provide a form on our website (using the “Contact Form 7” plugin). Data collected during onboarding is supplemented by information we additionally collect in the course of meeting our regulatory obligations (KYC/AML, suitability/appropriateness).
Categories of data processed: identification, contact, identity-document, tax and residence, banking and investment-account, AML/KYC, suitability and appropriateness data, content data from the form including the investment amount declared. Data subjects: clients, prospective clients. Purposes: pre-contractual measures, performance of the client contract and provision of the investment service, compliance with statutory and regulatory obligations (in particular PMLA, FIAU Implementing Procedures, Article 25(2) and (3) MiFID II, FATCA/CRS). Recipients: processor for sanctions and adverse-media screening (Muinmos ApS); execution broker (Swissquote); competent supervisory and tax authorities to the extent legally required. Retention period: see Section 4.3; AML records at least five years following the end of the business relationship, MiFID II records at least five years, accounting and tax records ten years. Legal basis: performance of contract and pre-contractual measures (Article 6(1)(b) GDPR) and compliance with legal obligations under PMLA, FIAU IPs, MiFID II and FATCA/CRS (Article 6(1)(c) GDPR).
6.8 Client Management (Teamleader)
For managing client relationships we use the CRM system Teamleader provided by Teamleader NV, Dok-Noord 3A/101, 9000 Ghent, Belgium. Account and contract data collected via our website is transferred to the CRM. A data processing agreement under Article 28 GDPR is in place with the provider. Categories of data processed: identification, contact, contract and communication data, transaction and order data. Data subjects: clients, prospective clients, business partners. Purposes: management of client and business relationships, documentation of communication, internal reporting. Recipients: Teamleader NV as processor. Retention period: for the duration of the client relationship and thereafter for the duration of the statutory retention obligations (see 4.3). Legal basis: legitimate interest in professional client management (Article 6(1)(f) GDPR); insofar as necessary for contract performance, Article 6(1)(b) GDPR.
6.9 Recording of Telephone and Electronic Communications (MiFID II)
As an MFSA-licensed investment firm we are required under Article 16(7) MiFID II to record all telephone conversations and electronic communications relating to the receipt, transmission or execution of orders and to dealing on own account. This obligation also applies to conversations that do not lead to a transaction.
Categories of data processed: audio recordings of telephone communications, email correspondence, content of electronic messages (e.g. messenger services where used for order taking), metadata (date, time, parties involved). Data subjects: clients, prospective clients, employees. Purposes: compliance with statutory record-keeping obligations, evidence of proper order execution, dispute resolution, preservation of evidence vis-à-vis supervisory authorities. Recipients: the MFSA and other competent supervisory authorities upon request; processors in the field of communications infrastructure. etention period: five years, extendable up to seven years upon request by the MFSA (Article 25(2) MiFIR in conjunction with the MFSA Conduct of Business Rulebook). Legal basis: compliance with a legal obligation under Article 16(7) MiFID II and the MFSA Conduct of Business Rulebook (Article 6(1)(c) GDPR).
We will provide copies of recordings relating to your orders upon request for the duration of the retention period.
6.10 Data Security and Encryption
SSL/TLS encryption. For security reasons and to protect the transmission of confidential content our websites use SSL/TLS encryption. You can recognise an encrypted connection by the change in your browser address bar from “http://” to “https://” and the display of a lock symbol.
Transport encryption for email. For emails sent from our forms we use Transport Layer Security (TLS). Continuous protection across the entire transmission path is, however, not guaranteed where the receiving mail server does not support encryption.
Shield Security Pro. To protect our website against misuse, spam and cyber attacks (e.g. brute-force attacks), we use the Shield Security Pro security plugin from Fernleaf Systems Ltd. Among other things, the plugin uses built-in, automated bot detection (silentCAPTCHA), which operates on the server side without setting cookies. To proactively defend against known attackers, the plugin regularly downloads a global list of malicious IP addresses from the CrowdSec security platform (CrowdSec SAS, France) and compares it locally on our server. The IP addresses of ordinary visitors are not transmitted to CrowdSec. However, should verified attack behaviour on our website originate from an IP address, that specific IP address, along with technical metadata (time, type of attack), will be reported to CrowdSec to feed the global security network. This data is processed by CrowdSec for security purposes and is fully anonymised by IP and time blurring after a maximum of 6 months. Categories of data processed: usage data (IP address, date and time, browser type, URL accessed, login attempts). Data subjects: users. Purposes: protection against brute-force attacks, spam and malware. Recipients: the data primarily remains on our server. For the detection of global threats data is exchanged with the CrowdSec network; IP data is exchanged in pseudonymised form. Retention period: security logs are deleted after seven days. Legal basis: legitimate interest in IT security and the prevention of malicious activity on our website (Article 6(1)(f) GDPR).
Technical and organisational measures. Pursuant to Article 32 GDPR we adopt appropriate technical and organisational measures to ensure a level of security appropriate to the risk. These include, among other things, access and authorisation controls, encryption in transit and at rest, separation of test and production systems, regular security updates, data backups and an internal access-rights concept.
6.11 Transfers to Third Countries
Where we transfer personal data to countries outside the European Economic Area (EEA), such transfers take place exclusively on one of the following legal bases:
- an adequacy decision of the European Commission under Article 45 GDPR — in particular for transfers to Switzerland (e.g. to Swissquote in the context of order execution) and to certified recipients in the United States under the EU-US Data Privacy Framework (e.g. LinkedIn);
- Standard Contractual Clauses (SCCs) under Article 46(2)(c) GDPR, together with supplementary measures where the transferring entity considers these necessary on the basis of a Transfer Impact Assessment;
- your consent under Article 49(1)(a) GDPR, where no adequacy decision and no appropriate safeguards apply and you have consented after being informed of the possible risks.
We will provide a summary of the specific third-country transfers and the relevant safeguards upon request.
6.12 Automated Decision-Making and Profiling
During the onboarding process we assess your suitability for our services on the basis of the three-pillar framework prescribed by Article 25(2) and (3) MiFID II (financial capacity, knowledge and experience, investment objectives and risk tolerance). The assessment is supported by Muinmos (Muinmos ApS, Denmark), a rule-based onboarding and compliance scoring system that consolidates the information you provide into standardised categories and produces an indicative scoring result.
The final decision on the acceptance of a client relationship and on the suitability of a financial instrument or service is always taken by a member of our staff, taking into account the scoring result, the documents provided and any follow-up enquiries. In addition, a personal conversation with the client typically takes place to clarify open points and to discuss the assessment result individually. A decision based solely on automated processing within the meaning of Article 22(1) GDPR therefore does not occur. Should you wish to receive further information in this regard, please contact us using the contact details set out in Section 2.
6.13 Regulatory Transaction Reporting (MiFIR Article 26)
As an MFSA-licensed investment firm, Article 26 of Regulation (EU) No 600/2014 (MiFIR) requires us to submit complete and accurate reports of all transactions in financial instruments which we execute or arrange by us to the competent national authority (Malta Financial Services Authority). Categories of data processed: national client identifier in accordance with RTS 22 (Commission Delegated Regulation (EU) 2017/590) — for natural persons, an identifier derived from date of birth and components of the individual’s name, identification of investment decision makers and order-executing persons, transaction and financial instrument details. Data subjects concerned: clients on whose behalf we execute or arrange transactions, as well as persons responsible for investment decisions and execution. Purposes: compliance with the transaction reporting obligations under MiFIR. Recipients: Malta Financial Services Authority. Retention period: five years, extendable by the MFSA. Legal basis: compliance with a legal obligation pursuant to Article 26 MiFIR (Article 6(1)(c) GDPR).
7 Source of Data Not Collected from You (Article 14 GDPR)
Where we do not collect personal data directly from you, the data typically originates from the following sources:
- referring contractual partners (Trading Mentors, Introducers, marketing partners) who transmit your contact data and, where applicable, further information necessary for the initiation of the business relationship to us;
- providers of sanctions, PEP and adverse-media screening within the scope of our KYC/AML obligations (Muinmos);
- credit reference agencies and public registers (commercial registers, insolvency announcements, EU sanctions lists);
- competent supervisory and tax authorities in connection with regulatory or tax-related enquiries.
The categories of such data correspond to those set out in Section 3.1; they are processed for the purposes set out in Section 3.3 and on the legal bases set out in Section 4.2 and in Sections 6.5 to 6.9.
8 Amendments and Updates
We reserve the right to amend this Policy to adapt it to changes in legal requirements, supervisory practice or our services. The current version, with version number and date, is available on our website. In the case of material changes — in particular those affecting new processing purposes or categories of recipients — we will additionally notify you by appropriate means, for example by email or a prominent notice on your next visit to our websites.
Annex A — Register of Processors
The following overview lists the processors within the meaning of Article 28 GDPR with whom we cooperate in the provision of our services. A data processing agreement under Article 28 GDPR is in place with each of these processors. The overview is updated on an ongoing basis; the current version is available on request via the contact details set out in Section 2.
| Provider | Service | Location | Purpose | DPA |
|---|---|---|---|---|
| Host Europe GmbH | Web hosting, email | Cologne, Germany | Provision of the websites | ✓ |
| Hetzner GmbH | Web hosting | Gunzenhausen, Germany | Provision of the websites & Backup | ✓ |
| DataTracks | SaaS | Weybridge, UK | Conversion MiFIR Report | ✓ |
| Teamleader NV | CRM | Ghent, Belgium | Client management, contract documentation | ✓ |
| Muinmos ApS | KYC/AML, sanctions screening | Copenhagen, Denmark | Onboarding, suitability scoring | ✓ |
| YouSign SAS | Electronic signatures | Paris, France | Contract signing | ✓ |
| Fernleaf Systems Ltd. | Security plugin | United Kingdom | Shield Security | ✓ |
| CrowdSec SAS | Security network (pseudonymised IP exchange) | Paris, France | Threat intelligence | [verify] |
| Complianz B.V. | Consent management | Netherlands | Cookie banner, consent management | ✓ |
