EFG HERMES Privacy Policy

This privacy policy tells you how we process your personal data when you use our website and our apps and when we communicate with you and gives you information about our use of cookies and similar tracking technologies.

It also describes your data protection rights, including a right to object to some of the processing which we carry out. More information about your rights, and how to exercise them, is set out in the ‘What are your rights in relation to the personal data we hold about you?’ section below.

Who are we?

The controllers of your personal data are listed in the Annex to this privacy policy.

These controllers are referred to as ‘we’, ‘our’ and ‘us’ in this privacy policy. We are committed to protecting your privacy and personal data. We take seriously our responsibility to hold your personal data securely and confidentially.

What personal data do we process about you?

The personal data we process includes the following:

  • Name
  • Account details and related contact information
  • Postal address
  • Telephone or fax number
  • Email address and other identifying addresses for electronic communications
  • Date of birth
  • Details from passports and other government or state issued forms of personal identification
  • Telephonic or electronic recordings
  • Browser and device information
  • App usage data
  • Information collected through cookies, pixel tags, google tags and other technologies
  • Demographic information
  • Survey responses and similar information which reveals views and preferences

We and our service providers collect the above information in a variety of ways. This includes from you directly and:

  • Through a browser or device: Certain information is collected by most browsers or automatically through devices, such as a Media Access Control (MAC) address, computer type (Windows or Mac), screen resolution, operating system name and version, device manufacturer and model, language, Internet browser type and version and the name and version of the services (such as the app) being used. We also collect your IP address, which is automatically assigned to a computer by an Internet Service Provider. An IP address will be identified and logged automatically in our server log files whenever a user accesses any of our services, along with the time of the visit and the page(s) that were visited. We use IP addresses for purposes such as calculating usage levels, diagnosing server problems and for administration purposes. We also derive approximate location from IP address for such purposes and to analyze where users are using our website, apps and services.

  • Using cookies and similar technologies: See the Cookies and Similar Technologies section below.

  • From third parties: See the following section.

If you correspond with us via e-mail, we retain a copy of such correspondence for internal use. The information collected is also used to provide a record of communications between you us and to comply with any applicable legal and/or regulatory requirements.

Do we collect personal data about you from third parties?

We also collect your personal data from third parties:

  • from our group companies (whose identities can be found in the link in the 'Who do we share your personal data with?' section below);
  • from publicly accessible sources, including publicly available online profiles and databases e.g. to establish and verify your identity, to find out your contact details to supplement the contact information we have about you and to liaise with you in relation to our products and services; and
  • by using third party cookies – this is explained further in the ‘Cookies and similar technologies’ section below.

How do we use your personal data?

We use your personal data:

  1. to perform our contract with you or to take steps linked to a contract, such as servicing your account;

  2. to pursue our legitimate interests which do not override your interests or fundamental rights and freedoms, such as:
    1. to operate and administer our website and apps;
    2. to provide products and services to our clients and to communicate with you and/or our clients about them;
    3. improving and developing the products and services we provide;
    4. providing information to you about our and/or our group companies services and products or anything else (e.g. additional products and services) that we think may be of interest to you/our clients (this information may be provided to you in the form of a digital advertisement and campaigns or via email or SMS)
    5. to identify which products or services we think you are interested in by using cookies on our website which track and analyse how you use our website;
    6. keeping a record of your communications with us for the purposes of your relationship with us and the services we provide;
    7. administration, assessment and analysis purposes;
    8. to check and verify your identity;
    9. to monitor and analyze the use of our products and services and website and apps for system administration, operation, testing and support purposes;
    10. to manage our information technology and to ensure the security of our website, apps and systems;
    11. to establish, exercise and/or defend legal claims or rights and to protect, exercise and enforce our rights, property or safety, or to assist our clients or others to do this; and
    12. to investigate and respond to complaints or incidents relating to us or our business, to maintain service quality and to train staff to deal with complaints and disputes;
    13. to check compliance with and enforce our terms and conditions or other contractual terms; and
    14. in relation to any proposed purchase, merger or acquisition of any part of our business;

  3. to comply with our legal obligations laid down in laws applicable to us including applicable regulations, market rules, any other legal authority in Egypt or in any other jurisdiction where we (or any of our affiliates) may operate; and

  4. as explained in the Cookies and Similar Technologies section below. We obtain your consent for the use of non-essential cookies. You have the right to withdraw your consent at any time. By not providing consent or withdrawing your consent, certain aspects or features of our website may not be available to you. The withdrawal of your consent does not affect the lawfulness of processing based on your consent before its withdrawal.

In relation to b), we have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests. You can obtain information about the balancing test we have undertaken by contacting us using the details at the end of this privacy policy.

In order for us to provide you with certain services, including but not limited to brokerage and research services, which require us to process your personal data due to regulatory and legal requirements (for example KYC and AML) the provision of information is mandatory.

If relevant data is not provided to us, then we will not be able to provide you with the full range of our services meaning that our services may only be offered with a limited scope or not at all. All other provision of your information is optional.

Cookies and similar technologies

Cookies are small pieces of information sent by a web server to a web browser which allows the server to uniquely identify the browser on each page. Other tracking technologies are also used which are similar to cookies. This can include pixel tags and tracking URLs. All these technologies are together referred to in this Policy as “Cookies”.

The types of Cookies that we use on our website, and the purposes for which they are used, are set out below:

  • Strictly necessary cookies: These cookies are essential in order to enable you to move around our website and use its features, such as accessing secure areas of our website. Without these cookies, any services on our Site you wish to access cannot be provided.
  • Analytical/performance cookies: These cookies collect information about how you and other visitors use our website, for instance which pages you go to most often, and if you get error messages from web pages. We use data from these cookies to help test designs and to ensure a consistent look and feel is maintained on your visit to the website. All information these cookies collect is aggregated. It is only used to improve how a website works. We use Google Analytics, for example, to anonymously track website usage and activity.
  • Functionality cookies: These cookies allow our website to remember choices you make (such as your user name, language or the region you are in) and provide enhanced, more personal features. These cookies can also be used to remember changes you have made to text size, fonts and other parts of web pages that you can customise. They are also used to provide services you have asked for such as watching a video or commenting. Additionally, these Cookies can be used to allow an optional service to function. The information these cookies collect may be anonymised and they cannot track your browsing activity on other websites.
  • Targeting cookies: These cookies are used to deliver adverts more relevant to you and your interests. They are also used to limit the number of times you see an advertisement as well as help measure the effectiveness of the advertising campaign. They are usually placed by advertising networks with the website operator’s permission. They remember that you have visited a website and this information is shared with other organisations such as advertisers. Quite often targeting or advertising cookies will be linked to site functionality provided by the other organisation.
  • Social media cookies: These cookies allow you to share what you’ve been doing on our website on social media such as Facebook and Twitter. These cookies are not within our control. Please refer to the respective privacy policies for how their cookies work.
  • Pixel tags: Also known as a clear GIF or web beacon. These are invisible tags placed on certain pages of our website but not on your computer. When you access these pages, pixel tags generate a generic notice of that visit. They usually work in conjunction with cookies, registering when a particular device visits a particular page. They are used to, among other things, track the actions of users of our services (including email recipients), measure the success of our marketing campaigns and compile statistics about usage of our services and response rates. If you turn off cookies, the pixel tag will simply detect an anonymous website visit.

If you don’t want to allow Cookies at all (other than 'strictly necessary cookies'), you can choose to “No, I Disagree” to accepting Cookies using the cookie consent management tool on our websites or rely on your browser’s settings to disable all Cookies. You can choose “Yes, I Agree” to accepting all Cookies. You can also accept or decline cookie categories (other than “strictly necessary cookies”) using the cookie consent management tool on our websites. Where you don't allow Cookies or delete or disable Cookies, certain features of our website may not be able to function.

For how long do we keep your personal data?

We only keep your personal data for as long as is necessary to fulfil the purposes for which it has been collected. When determining the appropriate retention period, we consider the risks of the processing, our contractual, legal and regulatory obligations, internal data retention policies and our legitimate business interests as described in this privacy policy.

Where we process data for: (i) registration purposes, (ii) support purposes or (iii) in order to customize your website experience, we keep this data for the duration of the period where you are a user and for an additional five-year period from when you cease to be a user.

Where we process data for marketing purposes we will do so unless we receive a request from you to stop. We will hold a record of such data for five years from when you request us to stop.

Where we process data for website security, we hold this data for a maximum period of one year.

Who do we share your personal data with?

Where we send direct marketing materials to you, we send your personal data to third parties with whom we have contracted to provide these materials to you on our behalf and in our name. These third parties may be located inside or outside the EEA.

We also share your personal data with:

  • service providers, who provide a service to us or you, including
  • their service providers, delegates and agents; and
  • other entities within EFG Hermes’ group of companies for the following purposes:
    1. to enable you to receive the services provided by our affiliate entities which may cover different financial services or be in different jurisdictions to those that we cover;
    2. to allows us to improve the services that we provide across the EFG Hermes group; and
    3. to allow us to produce analytical reports reflecting the services provided throughout the EFG Hermes group.

We also disclose your personal data to:

  • regulators, exchanges, auditors, courts, the police, or other law enforcement agencies where we are legally obliged to do so;
  • to other persons where disclosure is required by law or to enable products and services to be provided to you or our clients; and
  • our professional service providers (e.g., legal advisors, accountants, auditors, insurers and tax advisors) where relevant.

If it becomes relevant, we will share your personal data with a potential buyer and their advisers in connection with any proposed purchase, merger or acquisition of any part of our business.

Where is your personal data transferred?

When we share your personal data with the parties listed above, it involves transferring your personal data outside the European Economic Area (EEA), to countries where the level of protection of personal data has not been deemed adequate by the European Commission.

The locations of our group companies can be found here: List of Affiliates

Our third party service providers are located in List of service providers

Where information is transferred outside the EEA, and this is to a country that is not subject to an adequacy decision by the EU Commission, data is adequately protected by the standard data protection clauses (as approved by the European Commission) or other appropriate transfer mechanisms (e.g. EU-US Privacy Shield, binding corporate rules). Please contact us using the contact details provided in the Annex below to obtain a copy of our standard data protection clauses or further information about other appropriate transfer mechanisms we rely on.

What are your rights in relation to the personal data we process about you?

Subject to the conditions prescribed in applicable laws, you have the right: (i) to access, rectify or request erasure of your personal data; (ii) to ask us to restrict processing of it; and (iii) to request portability of it.

Subject to the conditions prescribed in applicable laws, you have the right (i) to object, on grounds relating to your particular situation, to processing of your personal data which is based on our or a third party’s legitimate interests; and (ii) to object to processing of your personal data for direct marketing purposes.

These rights may be limited, for example if fulfilling your request would reveal personal data about another person, where they would infringe the rights of a third party (including our rights) or if you ask us to delete information which we are required by law to keep or have compelling legitimate interests in keeping. Relevant exemptions are included in both the GDPR and Member State data protection laws. We will inform you of relevant exemptions we rely upon when responding to any request you make.

You can exercise these rights by contacting us using the contact details provided in the Annex below.

You also have the right to lodge a complaint with a supervisory authority about our use of your personal data in the EU Member State of your habitual residence, place of work or place where you consider an alleged infringement has taken place.

Amendments to this privacy policy

This policy was last updated on September 2019. We reserve the right to revise this policy at any time by posting a revised privacy policy and, if we consider it necessary, we will notify you of changes.

How can you contact us?

If you have any questions about this privacy policy, or would like to make any requests as described in this privacy policy, please contact us using the details in the Annex to this privacy policy.

Annex
# Data Controller Address Jurisdiction Group Representative/Contact Details
1 EFG Hermes Holding Building No. B129, Phase 3, Smart Village, Km 28 Cairo Alexandria Desert Road, 6 October 12577, Egypt Egypt

Name: Abdel Wahab Gadayel

Job Title: Group Chief Risk and Compliance Officer

Email: EFGHermes_DataProtection@EFG-Hermes.com
2 Financial Brokerage Group Building No. B129, Phase 3, Smart Village, Km 28 Cairo Alexandria Desert Road, 6 October 12577, Egypt Egypt
3 EFG Hermes UK Limited 88 Crawford Street, London, W1H 2EJ, England UK
4 Beaufort Asset Managers C/O Alexander & Co, 17 St. Anns Square, Manchester, England, M2, 7PW UK
5 EFG Hermes Oman LLC 3rd Floor, Al Hormouz Building, Way No 3109, Sultan Quaboos Street, Ruwi, Sultanate of Oman Oman
6 EFG Hermes Promoting & Underwriting Building No. B129, Phase 3, Smart Village, Km 28 Cairo Alexandria Desert Road, 6 October 12577, Egypt Egypt
7 EFG Hermes UAE Limited Office 301, Level 3, The Exchange, DIFC P.O. Box 30727 - DIFC, Dubai, UAE UAE
8 EFG Hermes KSA PO Box 300189, Third Floor, Sky Towers Nothern Tower, Riyadh 11372, Kingdom of Saudi Arabia KSA
9 EFG Hermes UAE LLC 106, The Offices 3, One Central, DWTC, P.O. Box 112736, Dubai, UAE UAE
10 EFG-Hermes Pakistan Limited Office # 904, 9th Floor, Emerald Tower, Plot No. G-19, Block-5, Clifton, Karachi, Pakistan Pakistan
11 OLT Investment International Company (B.S.C) Office # 31, Level 5, MJ Tower 2, Bldg 943 Block 436, Road 3620, Seef District, Manama, Bahrain Bahrain