Privacy Notice

(the “Privacy Notice”)

Policy approval and information

Privacy Notice Policy approval and information

Data protection and disclosure of information

As part of our day-to-day business, we need to collect personal information from our clients and potential clients to ensure that we can meet their needs for a range of financial services and provide them with information about our services.

Your privacy is important to us, and it is our policy to respect the confidentiality of your information and the privacy of other persons, whether natural or juristic. This notice outlines how we manage your personal information and details your rights in respect of us processing your personal information.

We process your information in terms of our Protection of Information Policy. To review same, click here.

Defined terms provided herein are defined within the Protection of Personal Information Act, 2013, as may be amended or substituted from time to time (“POPIA”).

Who are we?

This Privacy Notice applies to the processing activities of the DMA Group. The DMA Group includes SCM DMA (Pty) Ltd, SCM DMA (Mauritius) Limited, Direct Market Access UK Limited, SCMSA Nominees (Pty) Ltd as well as any subsidiaries and affiliates of those entities, collectively (“DMA”). DMA is the party responsible for the processing of your Personal Information.

Any reference to ‘us’, ‘our’, ‘we’ in this Privacy Notice is a reference DMA. Similarly, any reference to ‘you’, ‘your’, ‘yours’ or ‘yourself’ in this Privacy Notice is a reference to any of our clients and potential clients as a Data Subject.

Our Privacy Notice will be reviewed from time to time to take account of new obligations, technology, changes to our operations and practices, and to make sure it remains appropriate to the ever-changing environment.

What kind of personal information do we collect?

We collect information necessary to fulfil our obligations to our clients in the course of providing a range of financial
services.

We may collect the following types of information about you:

Name, address and contact details, date of birth and gender, information about your income and wealth including details about your assets and liabilities, account balances, trading statements, tax and financial statements, bank details, education and qualifications, employment details including employment history, family details, lifestyle and social circumstance, location data, any other similar information.

On occasion the following sensitive Personal Information may be obtained: physical or mental health details, politicalopinion, trade union membership, racial or ethnic origin, religious or philosophical beliefs, sexual orientation, geneticdata and /or biometric data. We will only obtain and process this information with your express consent as set out in the relevant contractual terms, including but not limited to our General Business Terms or other agreements entered into with you.

We also keep records of your trading behaviour, including a record of i) products you trade with us and their performance, ii) products we trade on your behalf and their performance, and iii) historical data about the trades and investments you have made.

Much of this information is collected in compliance with our regulatory duties. This includes our obligation to verify the identity of clients and to maintain records of regulated business, including a record of products you invest in and historical data about investments you have made in the past. If you chose not to provide the information required, we may not be able to provide you with the requested product or service.

If you provide us with any Personal Information relating to a third party (e.g. information of your spouse, children, parents, employees, and/or persons associated with your company, organisation or trust etc.), by submitting such information to us, you represent to us that you have obtained their consent to do so.

It must be noted that DMA may receive Personal Information, whether as a direct client, or potential client, or as a related party to a direct client, or potential client. In this instance, should you provide any information pertaining to a minor, you confirm that you have the necessary competency to provide this information to DMA and the necessary authority to consent to DMA processing such information for and on behalf of such a minor.

How is the personal information obtained?

We obtain your information in a number of ways, for example through your use of our services or other dealings with us, including through the account opening process and from information provided during the course of ongoing client service correspondence and due diligence. We may also collect personal information about you from third parties through publicly available sources. Additionally, we may obtain Personal Information about you through your use of our websites, applications, or using cookies on our websites, in particular by recording your activity and
which pages you look at on our websites (please see below on Cookies).

We may record any communications with you including, electronic, telephonic, in person or otherwise, which will constitute evidence of the communications between us. This information is collected in compliance with our regulatory duties in relation to our record keeping obligations. Please note, that such telephone conversations may be recorded without the use of a warning tone or any other further notice. It should also be noted that, if you visit any of our offices or premises, we may have CCTV cameras which may record your image and conversations.

What lawful basis do we rely on?

We may be required to collect and use certain types of Personal Information to comply with the requirements of the law and/or regulations, however we are committed to processing all Personal Information in accordance with POPIA and the General Data Protection Regulation (“GDPR”), UK data protection laws and any other relevant data protection laws and codes of conduct (herein collectively referred to as “the data protection laws”) which are applicable to DMA and its business.

The data protection laws allow us to only process your data for certain reasons and under specific circumstances:

  • to perform a contract that we are party to;
  • to carry out legally required duties;
  • for us to carry out our legitimate interests;
  • where we obtain your consent;
  • to protect your interests; and
  • where something is done in the public interest.

All the processing carried out by us falls into the permitted reasons, for example; our use of your personal information in order to comply with our obligations under contract. This includes where a contract is not yet signed but you have requested us to take action as a first step (e.g. provide details of our services). This may also include online application forms that are completed prior to an agreement being signed. Another reason could be to comply with legal or regulatory requirements, such as carrying out verification checks in line with anti- money laundering/terrorist-financing regulations.

Consent

Where our use of your Personal Information requires consent, such consent will be provided explicitly by you, or such other party that has the necessary competency and authority to do so on your behalf.

If we rely on your consent as our legal basis for processing your Personal Information, you have the right to withdraw that consent at any time by contacting us using the contact details set out in this Privacy Notice below; however, the withdrawal of consent may be limited by law or subject to the completion of a relevant service or other similar and related activity. Withdrawal of consent will likely result in the termination of services. Please refer to the applicable contractual terms governing your relationship with DMA.

What do we do with the personal information we obtain?

We may use information held about you in the following ways:

  • to provide you with any services and/or information you request from us (which includes carrying out
    any obligations arising from any contracts entered into between you and us);
  • to notify you about changes to our services;
  • to provide you with information by post, email, telephone or otherwise about products and services of a
    similar nature to those you have previously purchased or expressed an interest in which are offered by
    DMA and which we think may be of interest to you. You have the right to ask us not to process your
    personal information for marketing purposes. You can exercise your right to prevent such processing by
    contacting us using the contact details set out in this Privacy Notice below. You can unsubscribe from
    emails from us by following the unsubscribe instructions included in every email.
  • to administer our sites and for internal operations, including troubleshooting, data analysis, load
    management, testing, research, statistical and survey purposes;
  • to improve our sites to ensure that content is presented in the most effective manner for you and for your
    device;
  • to measure or understand the effectiveness of content we serve to you and others, and to deliver relevant
    content to you;
  • for the purposes of providing services such as ‘most popular’ information on our website;
  • to deliver targeted advertisements to you and others as you browse the internet;
  • to obtain your feedback on a product, service or our sites via a third party appointed by us;
  • to allow you to participate in interactive features of our sites, when you choose to do so; and
  • as part of our efforts to keep our sites safe and secure and to prevent and detect money laundering,
    financial crime and other crime.

Disclosure of your personal information

We may share the Personal Information we hold about you across DMA to enable us to better understand your needs and run your accounts in the efficient way that you expect. Your Personal Information may also be used by the Group* for client modelling, statistical and trend analysis, with the aim of developing and improving our products and services.

We will never sell, trade, or rent your Personal Information to others; however, we may share your information with selected third parties including:

  • our service providers, suppliers and sub-contractors for the performance of any contract we have entered into with them. They may then process this data on our behalf to help run some of our internal business operations, for example, IT services.
  • governmental or judicial bodies or agencies to comply with our legal and regulatory obligations;
  • fraud prevention agencies, other companies and organisations to prevent or detect financial and other crime;
  • non-affiliated companies may sometimes be used to provide certain services such as preparing and mailing prospectuses, reports, account statements and other information, conducting research on client satisfaction, and gathering shareholder proxies.
  • advertisers and advertising networks that require the data to select and serve adverts about our services to you and others. It will only be passed to third party advertisers in order to provide services on behalf of DMA;
  • data, service and software providers that assist us in the improvement and optimisation of our sites;
  • credit reference agency or a verification company to conduct checks on you to verify the information you have provided.

Where we share your data with third parties, we ensure that your data is held securely and in line with applicable legislation.

Do we make automated decisions concerning you?

We do not carry out automated profiling on you; however, we may send your details on to a reference agency necessary for compliance with a legal obligation, for example, in connection with fraud prevention or anti-money laundering.

How we store personal information

Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone,
by mail, over the internet or via any other electronic medium.

We hold Personal Information in a combination of secure computer storage facilities, paper-based files and other records, and take steps to protect the Personal Information we hold within our possession from misuse, loss, unauthorised access, modification or disclosure.

When we consider that Personal Information is no longer needed, we will remove any details that will identify you or we will securely destroy the records. However, we may need to maintain records for a significant period of time in line with our regulatory obligations. For example, we are subject to certain anti-money laundering laws which require us to retain verification of identity records for a period of at least 5 (five) years after our business relationship with you has ended.

If we hold any Personal Information in the form of a recorded communication, telephonic, electronic, in person or otherwise in relation to our regulatory obligations as detailed above, this information will be held in line with local regulatory requirements, which will generally be 5 (five) years after our business relationship with you has ended.

Where you have opted out of receiving marketing communication, we will hold your details on our suppression list so that we know you do not want to receive these communications.

The Retention of Documents Policy contains further information on this. Click here.

Management and safeguarding of personal information

We always take appropriate technical and organisational measures to ensure that your information is secure. In particular, we train our employees, who handle Personal Information, to respect the confidentiality of client information and the privacy of individuals. We regard breaches of your privacy very seriously and will impose appropriate penalties, including dismissal where necessary. We have appointed an Information Officer and Deputy Information Officer to ensure that our management of Personal Information is in accordance with this Privacy
Notice, applicable policies, and the applicable legislation.

The internet is an open medium and we cannot guarantee that any information you send to us by email or via our sites will not be intercepted or tampered with; any transmission is at your own risk. To help protect your Personal Information and minimise the risk of it being intercepted by unauthorised third parties our secure servers employ Secure Socket Layer v3 (SSL) or Transport LayerSecurity v1 (TLS) encryption when you submit information to us through our sites. This security is signified by the “https” and the padlock on the URL bar. Some older browsers do not allow the use of current SSL technology and we therefore recommend that you use an up-to-date browser. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

Your rights as a data subject

The data protection laws give you certain rights in relation to the Personal Information we hold on you. These are:

  • the right to be notified. This means that we must tell you how we use your Personal Information. This is the purpose of this Privacy Notice;
  • the right of access. You have the right to access the Personal Information that we hold on you. To do so, you should make a subject access request;
  • the right for any inaccuracies to be corrected. If any Personal Information that we hold about you is incomplete or inaccurate, you are able to require us to make any necessary amendments to correct it;
  • the right to have information deleted. If you would like us to stop processing your Personal Information, you have the right to ask us to delete it from our systems where you believe there is no reason for us to continue processing it;
  • the right to restrict the processing of the Personal Information. For example, if you believe the Personal Information we hold is incorrect, we will stop processing it (whilst still holding it) until we have ensured that it is correct;
  • the right to portability. You may transfer the Personal Information that we hold on you for your own purposes;
  • the right to object to the inclusion of any information. You have the right to object to the way we use your Personal Information where we are using it for our legitimate interests;
  • the right to regulate any automated decision-making and profiling of Personal Information. You have a right not to be subject to automated decision making in way that adversely affects your legal rights.

Where you have provided consent to our use of your Personal Information, you also have the unrestricted right to withdraw that consent at any time. Withdrawing your consent means that we will stop processing the Personal Information that you had previously given us consent to use. There will be no consequences for withdrawing your consent; however, in some cases, we may continue to store and use the Personal Information where so permitted by having a legitimate reason for doing so or where required by law, regulation or by any other competent authorities. We may also not be able to continue our services to you.

You can read more about these rights within section 5 of POPIA.

Transfers of personal information outside of South Africa

Your data may be transferred to, stored at, and processed at a destination outside of South Africa by our service providers. By submitting your Personal Information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with applicable legislation or other relevant laws, including contractual terms where necessary

Link to external websites

Our sites may, from time to time, contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies or how such websites collect and use your data. Please check these policies before you submit any Personal Information to these websites.

Cookies

A cookie is a text file made up of letters and numbers that allows us to distinguish your browser/device from another visitor’s browsers/device. To learn more about cookies and how to manage them via your browser/device please visit aboutcookies.org.

Currently, across the DMA website and platforms, we make use of cookies to help manage the site and your visitor experience. These cookies may be used to collect analytics of non-personal visitor activity outlines, manage personal preferences, provide relevant or timely information to you or offer focused advertisements. Cookies, set across our site and trading platforms by our 3rd party partners or us, can be in the form of session or persistent cookies, and may use different technologies such as JavaScript or Flash. If you would like to ‘opt-out’ of the cookies set by our site and trading platforms, this can be accomplished on a cookie-by-cookie basis subject to browser settings. You may limit site operation or functions if you limit the cookies.

Access to personal information about you

You have the right to request a copy of the Personal Information we hold about you. If you would like a copy of some or all of this information, you may contact us as follows:

  • Information Officer contact details
    Full name: Peter Johnson
    Email address: compliance@dma.co.za
    Telephone number/s: +27(0)10 201 6300 (ext.14)
  • DMA’s head office details
    Physical address: 48 Seventh Avenue, Parktown North, Johannesburg, South Africa, 2193.
    Contact email address: info@dma.co.za
    Contact telephone number/s: +27(0)10 201 6

Updates to the Privacy Notice

We reserve the right to update this Privacy Notice to reflect any legal changes or changes to the way in which we process your Personal Information. The updated Privacy Notice will be published on our website and comes into effect at the time of publication on the website.

Contact Us

If you have any queries regarding privacy issues or the content of this Privacy Notice, please email us on
compliance@dma.co.za / compliance@dmamu.com; alternatively, by using the contact details provided above.

What if you have a complaint?

If you have a concern about any aspect of our privacy practices, you can make a complaint. This will be acted upon promptly. To make a complaint, please contact us via one of the methods set above.

You undertake to first make a good faith attempt to resolve your complaint with DMA.

If you are not first satisfied with our response to your complaint, you have the right to then lodge a complaint with our supervisory authority, the Information Regulator. You can find details about how to do this on their
website: https://www.justice.gov.za/inforeg/

TELL US ABOUT YOUR BUSINESS AND WE'LL GET BACK TO YOU.

    This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

    TELL US ABOUT YOUR BUSINESS AND WE'LL GET BACK TO YOU.

      This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.