ICU

Privacy Policy

ICU | Decor

Overview

ICU is always committed to comply with various laws and regulations while performing our activity. And we always take very seriously confidentiality and privacy of information of our clients and the counterparts. Furthermore, on 25th May 2018, the General Data Protection Regulation (the GDPR) came into force in the European Union (EU) and it gives individuals in the EU more safeness over their personal data and puts certain obligations on businesses that processes their information.

Article 5 of the GDPR States that Personal Data must be processed lawfully, fairly and in a transparent manner. In line with the GDPR this Privacy Notice provides you with information so you can better understand why and how we collect, process and destroy your data. We are committed to protecting and respecting your privacy. The ICU Privacy Policy, together with the Compliance Policy, Code of Conduct, Information Security Policy and any other documents referred to therein, sets out the legal basis on which any Personal Data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your Personal Data and how we will treat it.

This notice applies to all ICU entities, majority owned ICU businesses, businesses (funds) under management, staff departments, and to all customer engagements and transactions. The policy rules set forth in this notice shall be followed by all ICU staff who are based in every territory/jurisdiction, where ICU entities have their registered offices, including all employees, temporary employees, contractors, representatives, secondees, officers, senior management, partners and directors, who are bound hereby as well as by the applicable laws, rules and regulations. In cases where relevant or is required so by applicable laws and regulations the separate privacy policies could be elaborated which shall make an integral part hereof.

 

Identity of the Firm

INVESTEMNT CAPITAL UKRAINE LLC (the “Company”) incorporated and registered under the laws of Ukraine, registration number 35649564, registered office address Leonardo Business Centre, Kyiv, 01054, Ukraine. INVESTEMNT CAPITAL UKRAINE LLC is professional broker, a member of the group of companies under the brand ICU (the “ICU”) that includes the Company, all and any of its affiliated companies (the “ICU Entities”).

 

What types of Personal Data do we collect?

We collect information about you when you opt-in our newsletters, visit our website as well as while onboarding you as a client. We also gather data information when you share information based on consent by participating in surveys or attending our events. As permitted by law, we will also collect personal data for the perposes of carrying out AML KYC checks. Examples of data collected are included below:

  • Contact details (names, residence addresses, email addresses, telephone numbers, company affiliation, role within company);
  • Personal information (nationality, date of birth, national ID document, marital status);
  • Children’s data – only if they are listed as beneficiaries;
  • Financial data (bank account statements, utility bills, personal wealth/investments/ownership);
  • Internet browsing data (IP address, login information, browser type and version, time zone setting, browser plug-in types, geolocation information about where you might be, operating system and version, other meta data, etc).

However, the list above is not exhaustive and we may collect other non-sensitive data for the purposes outlined herein.

 

Special category data

Owing to the products and services that we offer, such as onboarding investors (‘KYC’), performing AML checks, and other background checks, we sometimes need to process special categories of data which are deemed to be more sensitive in nature. Where we collect such information, we will only request and process the minimum necessary for the specified purpose and identify a compliant legal basis for doing so. Special category of data we hold may include:

  • PEP status
  • Criminal conviction

 

Lawful basis for Processing

Where we process your data as your Data Controller, we rely on the following legal basis for Processing your Personal Data:

  • Consent: if you are a recipient of our online direct marketing. If you have consented to receive marketing, you may opt out at a later date.
  • Legitimate Interest: if you are our client or prospective client, business affiliate, or our website visitor, we may decide to send you materials of interest such as information about our services/products which we believe it would beneficial to you all such decisions are subject to Legitimate Interests Assessment (LIA) in order to ensure that processing is in line with that Data Subjects’ rights.
  • Performance of Contract: if you are our client, investor of the fund under ICU management, supplier, business affiliate or our website visitor;
  • Legal Obligation: if we process Personal Data according to requirements of international and/or domestic laws and regulations we subject to as in the case of legislation on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing (AML/CFT); the Common Reporting Standard (‘CRS’), the Foreign Account Tax Compliance Act (FATCA) etc.;
  • for the establishment, exercise or defence of legal claims or proceedings.

 

Data inquires

If you want to review, change or update the information that you have provided to us or have any other privacy concerns please contact us via email at privacy@icu.eu.

 

Purpose of data collected

We will use your personal data in the following situations:

  • Provision of financial products and services;
  • Promotion of ideas and events relating to services we provide;
  • Client onboarding;
  • Administration of your investments;
  • Maintenance of records of communications and management of your relationship with us;
  • Responding to your enquiries;
  • Compliance with any present or future law, rule, regulation, guidance, decision or directive (including those concerning anti-terrorism, fraud, AML and anticorruption);
  • Carrying out, in appropriate cases, KYC checks and other procedures that we undertake prior to you becoming a customer of ours;
  • Prevention and detection of fraud and other illegal activity or misconduct;
  • Providing you with our newsletter; and
  • Informing you about compliance with legal and regulatory obligations and providing related guidance.

 

Who we share our information with

We will not share personal information about you with third parties without your consent, except in situations when we are required, by law, to sometimes pass on some of this Personal Data to:

  • law enforcement agencies; financial regulators and other relevant regulatory authorities; government bodies; tax authorities; courts tribunals and complaints/dispute resolution bodies;
  • other bodies as required by law or regulation;
  • relevant financial institutions such as trustees, custodians and sub-custodians; administrators; banks; insurers; fraud protection agencies; and/or similar suppliers or service providers; or
  • companies providing services for money laundering checks and other fraud and crime prevention purposes and similar services, including financial institutions, credit reference agencies and regulatory bodies with whom such personal data is shared.

To fulfil our contract with you, the ICU may sometimes pass information to:

  • Intra group entities (ICU Entities) who provide additional or complementary services, such as the entities based in Ukraine, Cyprus and British Virgin Islands;
  • Our business partners or intermediaries with which we may have dealings;
  • Our auditors and professional advisors, such as lawyers and consultants;
  • Bankers, brokers and financial market infrastructure entities, trading venues;
  • Any other third-party services provider, for example to ensure the information security of collected personal data.

Current third parties that are involved in the processing of your data include: Google Inc., Amazon Web Services, Microsoft Corp.

 

International transfer outside the EEA

The ICU may transfer the personal data that it collects about Data Subjects, to the following countries outside the EU:

  • Ukraine;
  • Cyprus;
  • UK;
  • British Virgin Islands.

ICU would only transfer data based on one of the reasons set out in the GDPR including the performance of a contract between the any ICU Entity and the Data Subject, reasons of public interest, to establish, exercise or defend legal claims or to protect the vital interests of the Data Subject where the Data Subject is physically or legally incapable of giving consent and, in some limited cases, for our legitimate interest.

In these cases, we will follow the GDPR Guidelines in protecting the transfer of data to countries outside the EEA to ensure that the level of data protection afforded to individuals by the GDPR is not undermined.

The ICU will only transfer Personal Data outside the EEA if one of the following conditions applies:

  • the European Commission has issued a decision confirming that the country to which we transfer the Personal Data ensures an adequate level of protection for the Data Subjects’ this refers to (individual’s resident rights and freedoms);
  • appropriate safeguards are in place such as binding corporate rules (BCR), standard contractual clauses approved by the European Commission, an approved code of conduct or a certification mechanism, a copy of which can be obtained from the Responsible Officer;
  • the Data Subject has provided Explicit Consent (Explicit consent is where permission has been given by the Data Subject in writing to the proposed transfer after being informed of any potential risks).

 

Retention. Storing your data.

We will keep your Personal Data for no longer than reasonably necessary. We will retain your personal information in accordance with legal and regulatory requirements.

We use various technologies to collect and store information, including cookies, pixel tags, local storage, such as browser web storage or application data caches, databases, and server logs. The personal data we collect is primarily stored on a secure server of the trusted third party website and hosting provider located in Ukraine, Germany or USA. Secure access to the data is arranged to our employees located in the EU, United Kingdom and Ukraine.

 

Your rights and your Personal Data

You have a right:

  • to request a copy of your Personal Data which the ICU or related Data Controller holds about you;
  • to request the ICU or any related Data Controller to correct any Personal Data if it is found to be inaccurate or out of date;
  • to request your Personal Data is erased where it is no longer necessary for the ICU or related Data Controller to retain such data;
  • to withdraw your consent to the Processing at any time if consent constitutes the lawful basis for processing;
  • to object to Processing based on grounds relating to the Data Subject situation if the processing is necessary for the performance of a task carried out in the public interest or the processing is necessary for the purposes of the legitimate interest by us or a third party, unless such interest is overridden by your fundamental rights and interests;
  • to request a restriction is placed on further Processing;
  • to lodge a complaint with the Information Commissioners Office (the UK Supervisory Authority) – you can contact the Information Commissioners Office on 0303 123 1113 or via email found here: https://ico.org.uk/global/contact-us/email/ or at the Information Commissioner’s Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF;
  • not to be subject to a decision based on automated Processing; the ICU does not practice such decision making.

You may chose not to provide us your personal information. If you choose to do so, you must stop using the website and browsing its pages, then we will not automatically collect data about how you use the ICU website. You may not provide any personal data or fill out web forms on the site if you do not wish to use our services.

All requests shall be addressed to privacy@icu.eu.

 

Further Processing

Where we may seek to further process your data other than for the original purpose for which it was collected, the ICU shall only further process such data where the new Processing is compatible with the original purpose.

 

Safeguarding measures

We take your privacy seriously and take every reasonable measure and precaution to protect and secure your Personal Data. We work hard to protect you and your information from unauthorised access, alteration, disclosure or destruction and have several layers of security measures in place, including, without limitation, encryptions.

 

Legitimate Interests (if applicable)

We occasionally process your personal information under the Legitimate Interests’ legal basis. Where this is the case, we have carried out a LIA to ensure that we have weighed your interests and any risk posed to you against our own and that such interests are proportionate and appropriate such as for the purposes of HR, marketing and day-to-day operations.

 

Marketing

When sending marketing materials to customers, we may have the option to rely on your consent or legitimate interest.
We only use legitimate interests for marketing if we have assessed that the information being sent is beneficial to the customer, and have weighed our interests against your own and there is little to no risk posed, the method and content is non-intrusive, and the material being sent is something you would usually expect to receive. You can opt out of marketing by emailing us at privacy@icu.eu.

 

Cookies, analytics and traffic data

Cookies are small text files which are transferred from our website, applications or services and stored on your device. We use cookies to help us provide you with a personalised service, and to help make our website, applications and services better for you.

We provide the following information with some explanations to ensure transparency to our users:

  • what types of cookies are set;
  • how long they persist on your user’s browser;
  • what data they track;
  • for what purpose (functionality, performance, statistics, marketing, etc.);
  •  where the data is sent and with whom it is shared;
  • how to reject cookies, and how to subsequently change the status regarding the cookies.

You can block cookies by activating a setting on your browser allowing you to refuse cookies. You can also delete cookies through your browser settings. If you disable cookies, you will be able to continue using the ICU website, but certain services will not function adequately.

 

Changes to our Privacy Policy

We keep this GDPR Data Privacy Notice under regular review. Any changes we may make to our Privacy Policy in the future will be posted on this page and, where appropriate, notified to you by email.