Privacy Policy
1. Who we are?
The Monex Group (‘we’, ‘our’ or ‘us’) comprises multiple legal entities, including but not limited to, Monex Canada, Inc. Members of the Monex Group may process certain personal data about you, depending on the scope of your specific relationship with us. Depending on the jurisdiction, processing of personal data is regulated under the Personal Information Protection and Electronic Documents Act (PIPEDA), General Data Protection Regulation (2016/679) (the GDPR) and the e-Privacy Directive (2002/58/EC) (collectively referred to as the Data Protection Laws). The Monex Group Company that you have a relationship with, whether through contract or otherwise, is responsible as ‘controller’ of your personal data for the purposes of those laws.
2. What does this Privacy Notice cover?
This Privacy Notice applies to the following three circumstances:
- personal data processed when you visit and use our website;
- any natural person that has been contacted through our direct marketing strategy, either via phone or email; and
- personal data processed to service our potential and existing clients.
3. Data protection principles
We will comply with the data protection principles set out under PIPEDA. This includes:
- maintaining policies and frameworks governing how we handle personal data and a Privacy Officer who oversees privacy governance;
- notifying you of our reasons for collecting, using and disclosing personal data;
- obtaining your consent in order to collect, use, or disclose personal data, unless otherwise permitted or required by law;
- limiting the collection of personal data to that which is necessary for our identified purposes;
- limiting the use and disclosure of personal data, and retain such data for the purposes for which it is collected;
- keeping personal data as accurate, complete, and up to date as possible;
- protecting personal data with appropriate security measures against unauthorised access;
- openness about how we manage your personal data and our policies and procedures are readily available;
- informing you, at your request, of the existence, use, and disclosure of your personal data; and
- allowing you to challenge our compliance with the above principles.
Personal data means any information about an individual from which that person can be identified, whether from the information alone or when combined with other information. It does not include data where your identity has been removed, such as anonymous data.
4. What personal data do we collect?
4.1 Personal data gathered from you
4.1.1 Website
When you visit our website, and navigate your way around, we acquire minimum personal data at this stage. The personal data we collect includes the following:
- information about your computer or device, including browser type and settings;
- log data – the webpage you were visiting before you came to our site, pages you visit on our site, time spent on those pages, information you search for on our site, IP address, access times/dates, and other statistics;
- history of interaction with our webpages, including traffic data relating to your internet connection; and/or
- other personal data that does not directly identify you, such as actions taken on our website.
Providing your personal data is optional, but it may be necessary for certain services we provide, and other processing activities e.g. to access content, or to qualify your suitability as a new customer. In such cases, if you do not provide your personal data, we may not be able to provide you with the requested services.
4.1.2 Marketing
We collect personal data if you respond to our marketing campaigns. This personal data is collected throughout communication with us, such as:
- call logs; and
- email exchanges with our staff.
We collect this personal data from you when you communicate with our staff through any medium.
4.1.3 Client
We collect the following personal data that you provide to us at onboarding:
- name;
- email address;
- telephone number;
- home address;
- nationality;
- date of birth;
- identification documents when necessary (and their attached personal data); and
- signature.
We collect this personal data from you when:
- registering for an account; and
- subscribing for our morning report.
We collect the following personal data throughout the business relationship:
- account activity, including payment instructions;
- communications with our staff; and
- usage of online portals.
We collect this personal data from you when:
- communicate to our staff through any medium; and
- access our online systems, portal or Monex Pay.
4.2 Personal data from other sources
4.2.1 Marketing
If we have contacted you during a marketing campaign, we may have collected personal data on you which could include:
- name (including a designatory letters you have attached);
- date of birth;
- country of residence;
- corporate email address (which will likely contain your name);
- corporate telephone number (which you may use for personal reasons);and
- occupation.
We collect this personal data from third parties who, in turn, may have gathered the data from publicly accessible sources, including but not limited to:
- LinkedIn.
- Directories of Canadian Companies; and
- news sources.
You can object to our processing of your data at any stage, please see the section ’13. What rights do you have?’.
4.2.2 Client
We may receive personal data about you from other sources, where applicable. This information includes:
- credit information;
- credit references;
- business partners, introducers, service providers; and
- legal and compliance checks.
We will add this information to the personal data we hold about you for the following purposes:
- to check customer creditworthiness;
- to check for possible fraudulent activity;
- comply with our legal obligations; and
- to improve and personalise our service.
Please note that we will ask for your explicit consent before any credit search is performed, and this search is only required for certain products and services.
4.3 Cookies and similar technologies
Cookies are small text files that are placed on your computer or device by websites that you visit or HTML-formatted emails you open. You can access our Cookies Policy on our website https://www.monexcanada.com/cookie-policy/.
5. How do we use personal data?
5.1 Website
We use your personal data mainly to: interact with you; to provide you with support services; to make it easy to navigate our website; to improve our website and our products; and to offer you content and services that might interest you.
We use your personal data as follows, where the processing is necessary to establish or administer our agreement with you:
- communicate with you regarding support services and provide you with critical service updates;
- allow you to register for our services;
- provide you with technical and customer support, and enable the provisioning of services; and
- determine the entity you are connecting from.
We may also use your personal data where processing is necessary for us to comply with our legal obligations, including responding to legal process or lawful requests. Lastly, we may use your personal data, where required by applicable law.
5.2 Marketing
We collect personal data about you in order to directly market services that we legitimately believe will be of interest to you. This data is used exclusively to communicate with you and discuss how we can help you.
If you contact us to discuss any topic or issue, we may monitor and record communications such as emails and telephone calls for the following purposes:
- quality assurance;
- training;
- fraud prevention;
- gathering statistical data for management information; and
- compliancewith relevant laws.
5.3 Client
We collect personal data about our users for the following purposes:
- onboarding;
- identify you and manage any accounts you hold with us;
- sending contract notes;
- complying with regulation;
- process your trades;and
- statistical analysis and behavioural analysis.
We may monitor and record communications such as emails and telephone calls for the following purposes:
- quality assurance;
- training;
- fraud prevention;
- gathering statistical data for management information; and
- compliancewith relevant laws.
6. Who your personal data may be shared with?
- We may share your personal information with other group companies, affiliates and other third parties to help us process your personal information for the purposes set out in this Privacy Notice. This may include: members of the Monex Group depending on your requested products and services;
- contractors, sub-contractors, business partners, introducers, suppliers and/or service providers that help us perform our business functions;
- credit reference agents in accordance with our credit checking policy below;
- law enforcement or national security agencies, inside or outside of Canada, including in in connection with any investigation to help prevent unlawful activity;
- legal representatives and consultants in situations where expert advice and legal opinions are required;
- in connection with the sale, financing or other similar transaction involving all or part of our business or assets; and/or
- processors that maintain our IT systems.
We collect and use personal data to provide you with a service or product that you have requested, or where necessary, to comply with a legal obligation. Additionally, we may collect and use certain personal data where you have given consent. Where the Monex Group asks for consent, you are free to withhold or revoke your consent by opting out.
We rely on the legal basis ‘legitimate interest’ or ‘consent’, as applicable, in order to market to you, with considerations to the Data Protection Laws and its requirements under consent.
7. How long your personal data will be kept
We will keep your personal data in line with our Data Retention Policy. This allows the Monex Group entities to perform the activities listed in this Privacy Notice. We will maintain your personal data through-out the lifecycle of the contract. We may need to keep your data for a longer period where we need to retain personal data to comply with legal or regulatory requirements, such as to help us respond to complaints or preventing fraud and financial crime. If we are not required to retain the personal data, we will destroy, delete or anonymise it at the point it is no longer required.
8. Keeping your personal data secure
We store your personal data in a secure environment on our servers or those of our service providers. We have appropriate security measures in place to prevent personal data from being lost, accessed or used in an unauthorised way, including encryption and other forms of security. We limit access to your personal data to our employees, representatives and agents who have a genuine business need to know it for the purposes described in this Privacy Notice. Those processing your personal data will do so only in an authorised manner and are subject to a duty of confidentiality.
We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.
Whilst we will use all reasonable efforts to secure your personal data, in using the website you acknowledge the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of personal data that is transferred from you.
9. Marketing
We would like to send you information about products, services and our business, which may be of interest to you. Such information could be sent by post, email, or telephone.
How we market to clients and potential clients differs and is explained below.
9.1 Client
We will ask whether you would like us to send you marketing messages on the first occasion that you provide any relevant contact information (i.e. on signing up to trade with us). If you do opt in to receive such marketing from us, you can opt out at any time (see ‘13. What rights do you have?’ below for further information). If you have any queries about how to opt out, or if you are receiving messages you do not want to, you can contact us using the details provided below.
9.2 Potential client
You may be sent marketing information, in this instance the personal data has been collected and processed in line with the previously described processes in sections 4.1.2, 4.2.2 and 5.2.
10. Credit Checking Policy
We may do a credit check on you so that we can make credit decisions about you and prevent financial crime. Any such search will be recorded on the files of the credit reference agency.
We may also disclose personal data about how you conduct your account to credit reference agencies and your personal data may be linked to records relating to other people living at the same address with whom you are financially linked.
Other credit businesses may use your personal data to:
- make credit decisions about you and the people with whom you are financially associated
- trace debtors; and
- prevent and detect financial crime.
If you provide false or inaccurate information to us and we suspect fraud, we will record this.
11. What rights do you have?
You may have certain rights under Data Protection Laws including:
The right to access – You have the right to access your personal data and information about how we process your personal data.
The right to rectification – You have the right to request that we correct any personal data you believe is inaccurate. You also have the right to request we complete personal data you believe is incomplete.
The right to erasure – You may have the right to request that we erase your personal data, under certain conditions. If you enforce this right at the same time as you object to the processing we will have to maintain basic identification data to ensure we do not contact you again.
The right to restrict processing and withdrawal consent– You have the right to request that we restrict the processing of your personal data, and to withdraw your consent to our processing of your personal data, under certain conditions.
The right to object to processing – You have the right to object to our processing of your personal data, this means if you do not want to be contacted for the purposes set out in this notice then we will stop processing your data.
The right to data portability – You may have the right to request that we transfer the data that we have collected to another organisation, or directly to you, under certain conditions.
If you make a request, we have one month to respond to you.
From time to time we may have other methods to unsubscribe (opt-out) from any direct marketing including, for example, unsubscribe buttons or weblinks. If such are offered, please note that there may be some period after selecting to unsubscribe in which marketing may still be received while your request is being processed.
12. Changes to the Privacy Notice
This Privacy Notice was published on 3 June 2021. The last update was on 13 July 2022.
We may update or amend this Privacy Notice from time to time. You should check this Privacy Notice frequently to ensure you are aware of the most recent version that will apply each time you access this website. We will also attempt to notify users of any material changes by:
- email if you have opted to receive emails; and/or
- a notice on the website header.
13. Contacting Us
If you have any questions about this Privacy Notice or the personal data we hold about you, please contact us by:
Email – dataprotection@monexcanada.com
Post – Monex Canada Inc., 66 Wellington Street West, Suite 3520, P.O. Box 61, TD Tower, Toronto, ON M5K 1E7
14. Complaints
If you have any complaints about this Privacy Notice or the personal data we hold about you, please contact us by reaching out to the above contact information.