Privacy policy relating to Alpha Terminal

May 2018 Ionic Information Limited

Thank you for subscribing to one of our products or visiting one of our websites. This is the privacy policy for Ionic Information Ltd in which we explain our procedures and justifications for collecting and using your personal information. It also explains what, if any, data we collect whilst you are visiting our websites. We take your privacy extremely seriously, and we never sell, rent or otherwise disclose your personal data to third parties for marketing purposes.

Our methods for collecting and processing personal data comply with the General Data Protection Regulation (GDPR) introduced by the European Union on 25^th May 2018.

If you have any concerns about how your personal data has been collected, processed or used by Ionic Information, please email mydata@ionic.co.uk. Alternatively, you can write to:

Data Protection Officer, Ionic Information Ltd, 3 Bath Place, London, EC2A 3DR, UK

Your information

We collect and store the following information which you give us voluntarily:

Clients - When you subscribe to one of our products or request a free trial we collect the following information: name, job title, company name, address, telephone number and email address. We require this information in order to create and manage your account and provide you with customer support.

Mailing list subscribers - When you subscribe to one of our mailing lists, we collect your name and email address.

Ionic uses MailChimp (www.mailchimp.com), an online email list management and delivery service based in the US, for sending emails to customers and subscribers to our mailing lists. By subscribing to our products or our mailing lists, you acknowledge that the information you provide will be transferred to MailChimp for processing in accordance with their Privacy policy. Third party processors of data are not allowed to use or sell your personal data.

When you use our products and connect to our servers we collect and store your MAC address or the last four IP addresses that you have used. We do this to ensure that you are not abusing our service. These addresses are linked to your account number in a location which does not include your personal data.

If you subscribe to Alpha Terminal Go, our web-based service, your watchlists and portfolios are stored on our secure servers. They are stored in a separate location to your contact and company details. Ionic Information does not use, nor allow third parties to use, client watchlists or portfolios to derive information of any kind.

We do not hold or use profiling data for our customers or mailing lists other than that you provide voluntarily through our customer surveys. This data is not recorded or stored in our customer database but analysed separately to help improve our products and service.

Marketing

We may send you emails or letters about our products, news and events. We never sell, rent or otherwise disclose your data to third parties for marketing purposes.

All emails from Ionic Information include options for you to unsubscribe completely from marketing communications or update your preferences.

If you are not a client, the lawful basis on which we send business-to-business (B2B) letters or emails, based on GDPR's six lawful bases, is legitimate interest.

Disclosure of personal information

Ionic never discloses personal information to third parties, unless one of the following limited exceptions applies.

• As part of our data and exchange reporting obligations we may disclose personal information to entities (including but not limited to data owners and stock exchanges) that provide price and other data for your Alpha Terminal account. Ionic understands that the exchanges require this information to maintain effective controls over the distribution of their data.
• Ionic may disclose personal information to companies that help us process transactions on your account. Such companies are not allowed to use or sell your personal data.
• We may disclose information to group companies of Ionic Information.
• Ionic may use the services of GDPR-compliant third party companies to manage email or postal marketing campaigns. Such companies are authorised to use your personally identifiable data only for the benefit of Ionic and its group companies and ONLY where you have indicated that you are happy to receive communications from Ionic.
• Where required by law or to protect and defend its rights or property Ionic may disclose or report personal information. For example, Ionic may be required to co-operate with regulators or law enforcement authorities, resolve consumer disputes or to perform credit or authentication checks that require the use of your personal information.
• Where information is disclosed to third parties we ensure that they have suitable policies in place to protect your personal information, which prohibit them from using your personal information for their own marketing purposes, or sell it on, and require them to maintain the confidentiality of your personal information.

Your rights

You have the following rights:

• To request what personal information of yours we hold.
• To request that this data be updated.
• To request that this data is deleted or partially deleted from our systems.

When you ask us to delete your personal data, we will delete it from all mailing lists within 7 days.

If requested, we will delete all other personal information one year after you cease to be a customer in order to comply with our contractual and legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

If requested, we will delete all other personal information one year after you cease to be a customer in order to comply with our contractual and legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

If you wish to exercise any of these rights, please email mydata@ionic.co.uk. Alternatively, you can write to:

Data Protection Officer, Ionic Information Ltd, 3 Bath Place, London, EC2A 3DR, UK

Personal data breach

Upon becoming aware of a breach to our systems involving personal data, Ionic will notify each affected customer of the breach without undue delay.

3rd Party websites

While browsing any of our websites, you may be able to access third party websites through a hyperlink. Ionic assumes no responsibility for the content or privacy policies at such third party websites.

Cookies & web server logging

Ionic Information collects information on its websites through the use of temporary "session cookies" and web server logging.

Session cookies are short pieces of data used to reference a user's basket or form contents in a temporary database while browsing the website. When an order is placed the details entered are stored in a database at Ionic Information and the session cookie is deleted. A session cookie is not an executable program and cannot do anything harmful to your machine.

We also have Google Analytics enabled which uses cookies to track your usage of our website. This provides us with information which helps us make our website easier to use. It does not provide us with information about you. Google Analytics includes an option to share data about your usage of our website with other Google services. We do not allow this. Google's privacy policy. (www.google.com/privacypolicy.html)

Ionic Information does not use text or "permanent" cookies for the purpose of tracking usage of its site or to store personal information on a user's device.

Web server logging provides Ionic with aggregate website usage data to find out how often and when site content is requested. For example, Ionic may identify the pages on our websites that your browser requests or visits and the type of browser that you use. This information is used to improve the usability of our website. IP addresses are also logged for usage statistics and for security purposes to protect against actual or attempted abuse or misuse of Ionic's websites. The information is only personally identifiable if you have chosen to identify yourself; for example, by opting in to a mailing list.

Security

Ionic takes reasonable and prudent precautions to ensure that your personally identifiable data is protected against unauthorised access, use, or disclosure. Your personal data will be stored on our secure servers which incorporate both password and firewall protection.

All data stored that requires to be encrypted uses AES with a 128 bit key. The key is constructed from a password and MD5 hash to create the 128 bit key.