Privacy Policy | Clearline Markets

1 Introduction

Clearline Markets (Pty) Ltd ("Clearline Markets," "we," "us," or "our") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you access our website, platform, and services.

By using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.

This Privacy Policy should be read together with our Terms of Service and Risk Disclosure.

2 Responsible Party

For purposes of POPIA, the responsible party for your personal information is:

Clearline Markets (Pty) Ltd

Republic of South Africa

FSP License: Pending

Information Officer:

Email: privacy@clearlinemarkets.com

Our Information Officer is responsible for ensuring compliance with POPIA and addressing any privacy-related concerns or requests.

3 Definitions

In this Privacy Policy, unless the context indicates otherwise:

Term	Definition
"Personal Information"	Information relating to an identifiable, living, natural person, and where applicable, an identifiable, existing juristic person.
"Special Personal Information"	Personal information concerning religious or philosophical beliefs, race, ethnic origin, trade union membership, political persuasion, health, sex life, biometric information, or criminal behaviour.
"Processing"	Any operation or activity concerning personal information, including collection, receipt, recording, organization, storage, updating, modification, retrieval, consultation, use, dissemination, erasure, or destruction.
"Data Subject"	The person to whom personal information relates (you).
"Responsible Party"	The person or entity who determines the purpose and means of processing personal information (Clearline Markets).
"Operator"	A person who processes personal information on behalf of the responsible party under a contract or mandate.
"POPIA"	The Protection of Personal Information Act 4 of 2013 of South Africa.
"FICA"	The Financial Intelligence Centre Act 38 of 2001 of South Africa.

4 Information We Collect

4.1 Account Information

When you register for an account, we collect:

Full legal name
Email address
Phone number
Date of birth
Password (stored in encrypted/hashed form)
Username or account identifier

4.2 Identity Verification (KYC/FICA) Information

To comply with FICA and FSCA requirements, we collect:

Government-issued identification (ID document, passport, driver's license)
Proof of residential address (utility bill, bank statement)
Selfie/photograph for liveness verification
Biometric data (facial recognition data for identity matching)
South African ID number or passport number
Tax identification number
Source of funds documentation
Sanctions screening results
Politically Exposed Person (PEP) screening results

4.3 Financial Information

For trading and payment purposes, we collect:

Bank account details
Payment card information (processed securely by payment providers)
Transaction history
Account balances and trading records
Withdrawal and deposit history

4.4 Trading Data

We collect data related to your trading activities:

Orders placed, modified, and cancelled
Open and closed positions
Trading strategies and algorithms (for Quant Studio users)
Backtest results and performance metrics
Risk management settings

4.5 Technical Data

We automatically collect:

IP address and geolocation data
Browser type and version
Operating system
Device identifiers
Session logs and timestamps
Pages visited and features used
Referral source

4.6 Communication Data

When you communicate with us, we collect:

Support requests and chat logs
Emails and correspondence
Feedback and survey responses
Contact form submissions

5 How We Collect Information

5.1 Directly From You

We collect information directly when you:

Register for an account
Complete identity verification (KYC)
Make deposits or withdrawals
Execute trades on our platform
Contact our support team
Subscribe to our newsletters
Participate in surveys or promotions

5.2 Automatically

We collect information automatically through:

Cookies and similar tracking technologies
Server logs and analytics tools
Security monitoring systems
Platform usage tracking

5.3 From Third Parties

We may receive information from:

Identity verification providers
Credit bureaus and financial databases
Sanctions and PEP screening services
Payment processors
Fraud prevention services
Public records and databases

6 Purpose of Processing

We process your personal information for the following purposes:

6.1 Service Provision

Create and manage your account
Provide access to trading platforms and tools
Process transactions and payments
Execute and manage trades
Provide customer support

6.2 Regulatory Compliance

Verify your identity (KYC) as required by FICA
Conduct anti-money laundering (AML) checks
Screen against sanctions lists
Report to regulatory authorities as required
Comply with FSCA requirements
Maintain records as required by law

6.3 Security and Fraud Prevention

Detect and prevent fraudulent activities
Monitor for unauthorized access
Investigate security incidents
Protect platform integrity

6.4 Communication

Send account-related notifications
Respond to inquiries and support requests
Provide service updates and alerts
Send marketing communications (with consent)

6.5 Improvement and Analysis

Analyze usage patterns to improve services
Develop new features and products
Conduct research and analytics
Personalize user experience

7 Legal Basis for Processing

Under POPIA, we process your personal information based on the following lawful grounds:

Legal Basis	Description
Consent	Where you have given express consent for specific processing activities (e.g., marketing communications).
Contract	Processing necessary for the performance of our agreement with you (e.g., account management, trade execution).
Legal Obligation	Processing required to comply with legal and regulatory requirements (e.g., KYC/FICA, FSCA reporting).
Legitimate Interest	Processing necessary for our legitimate business interests, provided these do not override your rights (e.g., fraud prevention, security, service improvement).
Protection of Data Subject	Processing necessary to protect your vital interests or those of another person.

7.1 Special Personal Information

We may process special personal information (such as biometric data for identity verification) only with your explicit consent or where permitted by law for regulatory compliance purposes.

8 Data Sharing & Disclosure

We may share your personal information with the following categories of recipients:

8.1 Service Providers (Operators)

Identity Verification Providers: Third-party KYC services for identity checks
Payment Processors: For processing deposits, withdrawals, and payments
Cloud Service Providers: For secure data storage and hosting
Analytics Providers: For platform usage analysis
Communication Services: For email and notification delivery

All operators are contractually bound to protect your information and process it only as instructed by us.

8.2 Regulatory and Legal Authorities

FSCA: Financial Sector Conduct Authority (upon licensing)
FIC: Financial Intelligence Centre (for suspicious transaction reports)
SARS: South African Revenue Service (for tax reporting)
Law Enforcement: When required by law or court order
Other Regulators: As required by applicable regulations

8.3 Professional Advisors

We may share information with lawyers, auditors, and other professional advisors for legitimate business purposes.

8.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity, subject to continued protection under this policy.

We Do Not Sell Your Data: We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

9 Cross-Border Transfers

Your personal information may be transferred to and processed in countries outside South Africa. When we transfer your information internationally, we ensure appropriate safeguards are in place as required by POPIA:

9.1 Safeguards for International Transfers

Transfer to countries with adequate data protection laws
Binding corporate rules or contractual clauses that provide equivalent protection
Your explicit consent to the specific transfer
Transfer necessary for the performance of a contract
Transfer necessary for legal proceedings or regulatory compliance

9.2 Cloud Infrastructure

Our services may utilize cloud infrastructure located in various regions. We ensure all cloud providers maintain appropriate security certifications and data protection standards.

10 Data Security

We implement comprehensive technical and organizational measures to protect your personal information:

10.1 Technical Measures

Encryption: TLS 1.3 for data in transit, AES-256 for data at rest
Password Security: Bcrypt hashing with salt for password storage
Authentication: JWT-based sessions with automatic expiration
Two-Factor Authentication: Optional 2FA for enhanced account security
Firewalls and Intrusion Detection: Network security monitoring
Regular Security Audits: Penetration testing and vulnerability assessments

10.2 Organizational Measures

Staff training on data protection and security
Access controls based on role and necessity
Confidentiality agreements with employees and contractors
Incident response procedures
Regular policy reviews and updates

10.3 Your Role in Security

While we take extensive measures to protect your data, you also play a crucial role:

Use a strong, unique password
Enable two-factor authentication
Keep your login credentials confidential
Log out from shared devices
Report any suspicious activity immediately

10.4 Security Breach Notification

In the event of a security breach that compromises your personal information, we will notify you and the Information Regulator as required by POPIA, typically within 72 hours of becoming aware of the breach.

11 Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected and to comply with legal obligations.

11.1 Retention Periods

Data Category	Retention Period
Account Information	Duration of account plus 5 years after closure
KYC/FICA Documents	5 years after business relationship ends (FICA requirement)
Trading Records	7 years (financial record-keeping requirements)
Transaction Data	7 years (FSCA and tax requirements)
Communication Records	3 years after last interaction
Technical Logs	12 months (security and debugging purposes)
Marketing Preferences	Until consent is withdrawn

11.2 Deletion

When retention periods expire, we securely delete or anonymize your personal information. Anonymized data may be retained for statistical and analytical purposes.

12 Your Rights Under POPIA

As a data subject, you have the following rights under POPIA:

12.1 Right to Access

You have the right to request confirmation of whether we hold personal information about you and to request a copy of that information.

12.2 Right to Rectification

You have the right to request correction or deletion of personal information that is inaccurate, irrelevant, excessive, out of date, incomplete, misleading, or obtained unlawfully.

12.3 Right to Deletion

You have the right to request deletion of your personal information, subject to legal retention requirements and legitimate business needs.

12.4 Right to Object

You have the right to object to processing of your personal information for direct marketing purposes or on grounds relating to your particular situation.

12.5 Right to Restrict Processing

You have the right to request restriction of processing in certain circumstances.

12.6 Right Not to Be Subject to Automated Decisions

You have the right not to be subject to decisions based solely on automated processing that produces legal effects or similarly significant effects.

12.7 How to Exercise Your Rights

To exercise any of these rights, please contact our Information Officer:

Email: privacy@clearlinemarkets.com
Contact Form: www.clearlinemarkets.com/contact

We will respond to your request within a reasonable time, not exceeding 30 days. We may request additional information to verify your identity before processing your request.

Note: Some rights may be limited where we are required to retain information for legal or regulatory compliance purposes (e.g., FICA requirements).

13 Cookies & Tracking Technologies

We use cookies and similar technologies to enhance your experience on our platform.

13.1 Types of Cookies We Use

Cookie Type	Purpose	Duration
Essential	Required for platform functionality, authentication, and security	Session / 24 hours
Functional	Remember your preferences and settings	30 days
Analytics	Understand how you use our platform to improve services	12 months
Performance	Monitor platform performance and errors	Session

13.2 Managing Cookies

You can control cookies through your browser settings. Please note that disabling essential cookies may affect platform functionality. Options include:

Browser settings to block or delete cookies
Private/incognito browsing mode
Third-party cookie management tools

13.3 Do Not Track

Our platform does not currently respond to "Do Not Track" browser signals. We recommend using the cookie management options above if you wish to limit tracking.

14 Marketing Communications

14.1 Consent-Based Marketing

We only send marketing communications where you have provided consent. Marketing may include:

Product updates and new features
Educational content about trading
Promotional offers and special events
Market insights and analysis

14.2 Opting Out

You can opt out of marketing communications at any time by:

Clicking the "unsubscribe" link in any marketing email
Updating your communication preferences in your account settings
Contacting us at privacy@clearlinemarkets.com

Please note that opting out of marketing does not affect transactional communications (account alerts, security notifications, etc.).

15 Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children.

If we become aware that we have inadvertently collected personal information from a child, we will take immediate steps to delete such information.

If you are a parent or guardian and believe your child has provided us with personal information, please contact us immediately at privacy@clearlinemarkets.com.

16 Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or business operations.

16.1 Notification of Changes

We will notify you of material changes by:

Email notification to your registered email address
Prominent notice on our platform
Updating the "Last Updated" date at the top of this policy

16.2 Review and Acceptance

We encourage you to review this policy periodically. Your continued use of our services after changes are posted constitutes your acceptance of the updated policy.

17 Complaints

If you have concerns about how we handle your personal information, you have several options:

17.1 Internal Complaints

Contact our Information Officer first:

Email: privacy@clearlinemarkets.com
We will investigate and respond within 30 days

17.2 Information Regulator

If you are not satisfied with our response, you may lodge a complaint with the Information Regulator of South Africa:

Information Regulator (South Africa)

SALU Building, 316 Thabo Sehume Street, Pretoria

P.O. Box 31533, Braamfontein, Johannesburg, 2017

Email: complaints.IR@justice.gov.za

Website: www.justice.gov.za/inforeg

18 Contact Information

For any privacy-related questions, concerns, or requests, please contact us: