Privacy Policy
Last Updated: January 10, 2025 Effective Date: January 15, 2025 Version: 2.1.0
Executive Summary
ClearView-WOW is committed to protecting your privacy. This policy explains:
- What data we collect - Personal info, portfolio data, usage analytics
- How we use it - Platform functionality, analytics, compliance
- Your rights - Access, delete, export, and control your data
- How we protect it - Bank-grade encryption, SOC 2 compliance
- Who we share with - Service providers only, never sold
1. Introduction
Welcome to ClearView-WOW's Privacy Policy. This document describes how we collect, use, store, and protect your personal information when you use our portfolio management platform.
Controller Information:
- Name: ClearView-WOW Limited
- Address: 123 Financial District, London, UK
- Email: privacy@clearview-mgp.com
- Data Protection Officer: dpo@clearview-mgp.com
2. Data We Collect
2.1 Account Information
When you create an account, we collect:
- Identity Data: Name, email address, phone number
- Authentication Data: Password (encrypted), two-factor authentication details
- Company Information: Company name, LEI, registration details
- Profile Data: Role, preferences, timezone
2.2 Portfolio & Financial Data
To provide our services, we process:
- Portfolio Holdings: Securities, quantities, values, custodians
- Transaction Data: Orders, executions, settlements
- Performance Data: Returns, benchmarks, analytics
- Risk Data: Risk metrics, compliance limits, exposures
2.3 Usage & Technical Data
We automatically collect:
- Log Data: IP address, browser type, device information
- Usage Analytics: Pages viewed, features used, session duration
- Cookies: Session cookies, preference cookies (see Cookie Policy)
- Performance Metrics: Page load times, errors, system health
2.4 Communication Data
When you contact us:
- Support Tickets: Questions, issues, attachments
- Email Communications: Correspondence with our team
- Feedback: Surveys, feature requests, bug reports
3. How We Use Your Data
3.1 Service Delivery
We use your data to:
- Provide portfolio management and analytics
- Execute and track transactions
- Generate reports and insights
- Maintain your account and settings
- Provide customer support
Legal Basis: Contract performance (GDPR Art. 6(1)(b))
3.2 Compliance & Legal Obligations
We process data to:
- Comply with financial regulations (MiFID II, GDPR, etc.)
- Perform KYC/AML checks
- Report to regulatory authorities
- Maintain audit trails
- Prevent fraud and abuse
Legal Basis: Legal obligation (GDPR Art. 6(1)(c))
3.3 Platform Improvement
We analyze usage data to:
- Improve platform performance
- Fix bugs and errors
- Develop new features
- Understand user needs
- Optimize user experience
Legal Basis: Legitimate interests (GDPR Art. 6(1)(f))
3.4 Communications
We may contact you for:
- Transactional: Account alerts, security notices
- Service Updates: New features, system maintenance
- Regulatory: Compliance notifications, policy updates
- Marketing: Product updates (opt-out available)
Legal Basis: Legitimate interests, consent for marketing
4. Data Sharing & Disclosure
4.1 Service Providers
We share data with trusted third parties who help us operate:
- Cloud Infrastructure: AWS, Google Cloud (data hosting)
- Authentication: Auth0, Okta (identity management)
- Analytics: PostHog, Sentry (usage analytics, error tracking)
- Email Services: SendGrid (transactional emails)
- Payment Processing: Stripe (subscription billing)
All service providers are bound by data processing agreements and security requirements.
4.2 Regulatory Authorities
We may disclose data to:
- Financial regulators (FCA, SEC, ESMA)
- Law enforcement (with valid legal request)
- Tax authorities (when required)
- Auditors (for compliance verification)
4.3 Business Transfers
If we are acquired or merged, your data may be transferred to the new entity with equivalent protection guarantees.
4.4 What We Never Do
- ❌ We never sell your personal data
- ❌ We never share data with advertisers
- ❌ We never use data for purposes beyond this policy without consent
5. Data Security
5.1 Technical Measures
We protect your data with:
- Encryption: TLS 1.3 in transit, AES-256 at rest
- Access Controls: Role-based access, multi-factor authentication
- Network Security: Firewalls, intrusion detection, DDoS protection
- Monitoring: 24/7 security monitoring, automated threat detection
5.2 Organizational Measures
- Security policies and training
- Background checks for employees
- Incident response procedures
- Regular security audits
- SOC 2 Type II compliance
5.3 Data Retention
We retain data for:
- Account Data: While account is active + 7 years (regulatory requirement)
- Transaction Data: 7 years (MiFID II requirement)
- Usage Logs: 90 days
- Support Communications: 3 years
You can request earlier deletion subject to legal requirements.
6. Your Rights
6.1 Access & Portability
You have the right to:
- Access: Request a copy of your data
- Export: Download data in machine-readable format (JSON, CSV)
- Portability: Transfer data to another service
How to exercise: Settings > Privacy > Export Data
6.2 Correction & Deletion
You can:
- Correct: Update inaccurate information
- Delete: Request deletion of your account and data
How to exercise: Settings > Account > Delete Account or email privacy@clearview-mgp.com
6.3 Control & Objection
You can:
- Opt-out: Marketing communications, non-essential analytics
- Object: Processing based on legitimate interests
- Restrict: Limit processing while disputing accuracy
How to exercise: Settings > Privacy > Data Controls
6.4 Complaints
If you're unhappy with how we handle your data:
- Contact our DPO: dpo@clearview-mgp.com
- File a complaint with supervisory authority:
- UK: Information Commissioner's Office (ICO)
- EU: Your local Data Protection Authority
- US: FTC or state attorney general
7. International Transfers
We operate globally and may transfer data outside your jurisdiction:
- EU-US: We use Standard Contractual Clauses (SCCs)
- UK-International: UK Addendum to SCCs
- Adequacy Decisions: We transfer to approved countries where possible
All transfers comply with applicable data protection laws.
8. Children's Privacy
ClearView-WOW is not intended for users under 18. We do not knowingly collect data from children. If we discover we have collected data from a child, we will delete it promptly.
9. Automated Decision-Making
We use automated processing for:
- Risk Scoring: Portfolio risk assessment
- Compliance Checks: AML/sanctions screening
- Fraud Detection: Unusual activity detection
You have the right to:
- Request human review of automated decisions
- Challenge decisions that significantly affect you
10. Updates to This Policy
We may update this policy to reflect:
- New features or services
- Legal or regulatory changes
- Feedback and improvements
How we notify you:
- Email notification of material changes
- In-app notification banner
- Update badge on this page
Previous versions are available on request.
11. Contact Us
Privacy Questions:
- Email: privacy@clearview-mgp.com
- DPO: dpo@clearview-mgp.com
General Support:
- Email: support@clearview-mgp.com
- Phone: +44 20 1234 5678
- Live Chat: Available in platform
Postal Address: ClearView-WOW Limited Data Protection Officer 123 Financial District London EC2N 2DB United Kingdom
Glossary
Personal Data: Information that can identify you directly or indirectly.
Controller: The entity that determines how personal data is processed (ClearView-WOW).
Processor: A third party that processes data on behalf of the controller.
GDPR: General Data Protection Regulation (EU privacy law).
MiFID II: Markets in Financial Instruments Directive (EU financial regulation).
Data Subject: The individual whose personal data is being processed (you).