Privacy policy

Infront privacy policy

The Infront Privacy Policy describes which information we collect, what we use it for, who we share it with and what we share, and choices you have related to the processing of your personal data. When we refer to “Infront”, “We”, “Us” etc., we mean the Infront group entity.

Effective: 25 May 2018


 

Applicability of this privacy policy

This Privacy Policy applies to all Infront’s products and services including the Infront terminal, Web Trader, Mobile, entitlement systems and interfaces like My Profile and Free trial registration forms for ordering our products (collectively, the “Services”), Infrontfinance.com and other Infront websites (collectively, the “Websites”) and other interactions (e.g., customer service inquiries, registration for Webinars, IR contact etc.) you may have with Infront.
 

In addition, separate agreements governs delivery, access and use of the Services (the “Customer Agreement”).
 

We collect, receive, use, disclose, transfer and store Personal Data when needed to provide our Services and for operational and business purposes described in this policy.
 

If you do not agree with the terms, do not access or use the Services, Websites or any other aspect of Infront’s business.
 

Infront's role

Infront may process your Personal Data as data controller or on behalf of another data controller, i.e. as data processor. In the latter situation, Infront's processing is based on a data processing agreement with the data controller.
 

What types of personal data do we collect

Personal Data is data related to you or that can identify you as a person. For example your name, email address, phone number etc.
 

Personal Data we collect includes username, name and contact information, usage logs, trade logs, payment details, lists you create and notifications you set up and settings created as part of using the Services, as well as certain information collected in our application log (cf. below).
 

How do we collect and receive personal data

Infront may collect and receive Personal Data in a variety of ways:

 

  • When you register for a trial period
  • When you register to receive newsletter, IR information and similar
  • When you order one of our products online or on manual order form
  • When your broker registers your subscription to an Infront product in the Infront entitlement system
  • When you login and use the Infront applications (usage logs and trade logs)
  • When you set up custom workspace, create personal lists, set up notifications, trade etc.
  • Our servers automatically collect certain information in an application log to help us administer and protect the Services, troubleshoot technical issues and improve users’ experience. The information collected includes: IP address and browser type, device information such as SID (Security Identifier) and similar identifiers, device operating system and technical facts.

 

How we use personal data and the legal basis for processing

Personal Data will be used by Infront in accordance with any applicable terms in the Customer Agreement, End User License Agreement, Customer’s use of Services functionality, and as required by applicable law.
 

Infront uses Personal Data:
 

  • To conduct sales and contract process
  • To provide requested offers on our Services;
  • To deliver in accordance with Customer Agreements
  • To enable users to access and use the Services
  • To offer technical and other support to users of our Services
  • To update, maintain, improve and protect our Services, Websites and business. This includes use of Personal Data to support delivery of the Services under a Customer Agreement, prevent or address service errors, security or technical issues and analyze usage
  • As required by applicable law, legal process or regulation, or other legal obligations imposed by public authorities
  • To communicate with you by responding to your requests, comments and questions
  • To send emails and other communications. We may send you service, technical and other administrative emails, messages and other types of communications. We may also contact you to inform you about changes in our Services and important Services-related notices. These communications are considered part of the Services and you may not opt out of them. In addition, we sometimes send emails with promotional communications or other news about Infront. These are marketing messages so you can control whether you receive them.
  • To process orders, invoicing, payments and other financial follow-up
  • To investigate and help prevent security issues and misuse of data from vendors (this e.g. includes exchanges and news vendors)
  • To ensure Infront's or third parties' rights in the establishment, exercise and defence of legal claims that Infront believes to have, or directed against Infront from users, third parties or public authorities.

If the information collected is aggregated or de-identified so it is no longer reasonably associated with an identified or identifiable natural person ("Other Information"), Infront may use it for any business purpose. To the extent the collected information is associated with an identified or identifiable natural person and is protected as personal data under applicable data protection law, it is referred to in this Privacy Policy as “Personal Data.”
 

The legal basis for Infront's processing of Personal Data is i) the necessity for entering into or the performance of the Customer Agreement and/or End User License Agreement, e.g. to enable access to the Services, offer technical support to users, communicate with users regarding the Services and perform financial follow-up of the Services; ii) Infront's or a third party's legitimate interest, e.g. to update, maintain, improve and protect our Services or business interests, to investigate and prevent security issues and misuse and to ensure Infront's or third parties' rights in the establishment, exercise and defence of legal claims; iii) consent, e.g. in relation to processing for marketing purposes; and iv) compliance with statutory requirements, or other legal obligations imposed by public authorities.
 

Please note that Infront, in order to be able to fulfil our obligations according to the Customer Agreement and/or End User License Agreement, depend on receiving certain Personal Data about the users. The consequences of not providing such information is that Infront cannot fulfil the Customer Agreement and/or End User License Agreement.
 

How long do we store your data

Infront may store your Personal Data for as long as it is necessary for the purposes described in this Privacy Policy. This may include keeping data after you have deactivated your account for the period of time needed for Infront to pursue legitimate business interests, including conduct audits, comply with (and demonstrate compliance with) legal obligations (for example with exchanges and other 3rd party content providers), resolve payment disputes and enforce our agreements. Some data is kept to comply with national law (e.g. payment history and invoice information).

 

How we share and disclose personal data

Within the Infront Group. Our businesses around Europe and South Africa are supported by teams and functions. Personal data will be made available to the teams based in Europe if necessary for the provision of the Services, account administration, customer and technical support, and business and product development for example.
 

Third Party Service Providers and Partners. We may engage third party companies or individuals as service providers or business partners to process Personal Data on our behalf and support our business. These third parties may, for example, provide storage services. Additional information about the sub-processors we use to support delivery of our Services is set forth here. The relationship to such sub-processors will be governed by a data processing agreement, which among other things ensures information security for the Personal Data.
 

Third Party Content Providers. In order to provide our Products and Services, Infront receives content from third parties such as stock exchanges. Such vendors of market data or other third party content providers may require that Infront disclose certain information about you and your use of the Services for compliance and invoicing reasons. Such disclosure will be based on consent or other legal basis.
 

During a Change to Infront’s Business. If Infront engages in a merger, acquisition, bankruptcy, dissolution, reorganization, sale of some or all of Infront’s assets or stock, financing, public offering of securities, acquisition of all or a portion of our business, a similar transaction or proceeding, or steps in contemplation of such activities (e.g. due diligence), some or all Personal Data may be shared or transferred, subject to standard confidentiality arrangements.
 

Aggregated or De-identified Data. We may disclose or use aggregated or de-identified Other Information for any purpose.
 

To Comply with Laws. If we receive a request for information, we may disclose Personal Data if we reasonably believe disclosure is in accordance with or required by any applicable law, regulation or legal process.
 

To enforce our rights, prevent fraud, and for safety. To protect and defend the rights, property or safety of Infront or third parties, including enforcing contracts or policies, or in connection with investigating and preventing fraud or security issues.
 

With Consent. Infront may share Personal Data with third parties when we have consent from the data subject to do so.
 

Security

Infront takes security of data very seriously. Infront works hard to protect your Personal Data you provide from loss, misuse, and unauthorized access or disclosure. These steps take into account the sensitivity of the data we collect, process and store, and the current state of technology. Personal Data is sent in encrypted format between the front ends and our Services. The Services are hosted in secured data centers, and we place appropriate restrictions on access to Personal Data. We have Business Continuity and Disaster Recovery plans to protect the continuity of our Services
 

Age limitations

To the extent prohibited by applicable law, Infront does not allow use of our Services and Websites by anyone younger than 16 years old. If you learn that anyone younger than 16 has unlawfully provided us with Personal Data, please contact us and we will takes steps to delete such Personal Data.
 

Changes to this privacy policy

Infront may change this Privacy Policy from time to time. Laws, regulations and industry standards evolve, which may make such changes necessary, or we may make changes to our business that affects our processing of Personal Data. We will post the changes to this page and encourage you to review our Privacy Policy from time to time to stay informed. If we make changes that materially alter your privacy rights or require your consent, Infront will provide additional notice, such as via email or through the Services. If you disagree with the changes to this Privacy Policy, you should deactivate your Services account. Contact the Customer if you wish to request the removal of Personal Data under their control.
 

Where do we store and process personal data

Infront has offices in many countries and your Personal Data may be stored and processed outside your home country. We have networks, databases, servers, systems, support, and help desks located at many of our offices.
 

We use third parties for cloud storage and support and sales tools and take appropriate steps to ensure that Personal Data is processed, secured and transferred according to applicable law. When we transfer Personal Data from the European Economic Area to other countries in which applicable laws do not offer the same level of data privacy protection as in your home country, we take measures to provide an appropriate level of data privacy protection, for example by using EUs standard contractual clauses.
 

Your rights

Individuals located in certain countries, including the European Economic Area, have certain statutory rights in relation to their Personal Data. Subject to any exemptions provided by law, you may have the right to request access to your Personal Data, as well as to seek to update, delete or correct this Personal Data. You can usually do this using the settings and tools provided in your Services account. If you cannot use the settings and tools, contact Infront for additional access and assistance.
 

You may also request restriction of processing, object to the processing and under some circumstances require data portability. If the processing is based on your consent, you may at any time withdraw your consent. If you wish to exercise your rights, please refer to the contact information below.
 

Contacting Infront

Please also feel free to contact Infront if you have any questions about this Privacy Policy or Infront’s practices, or if you are seeking to exercise any of your statutory rights. You may contact us at support@infront.co or at our mailing address below:
 

Infront AS, Munkedamsveien 45, 0250 Oslo, Norway.
 

Data protection authority

Subject to applicable law, you also have the right to lodge a complaint with your local data protection authority or The Norwegian Data Protection Authority (DPA), which is Infront’s lead supervisory authority. You may direct questions or complaints to our lead supervisory authority by sending them an email: postkasse@datatilsynet.no
 

The Norwegian Data Protection Authority (DPA), P.O. Box 8177 Dep., 0152 Oslo, Norway