Privacy and Data Protection Policy
Trading CFDs involves a significant risk of loss
Orion Code, “the Company”,”we” or “us”,it is responsible for the protection of the privacy and the safeguarding of
clients’ personal financial information and data. By opening a trading account with the Company, the client hereby
gives its consent to such collection, processing, storage and use of personal information by the Company as explained
below and in accordance to applicable data protection legislation (including but not limited to the General Protection
Regulation (EU) 2016/679 (the ‘GDPR’) and the Data Processing Law.
For the purpose of GDPR and the Data Processing Law, Orion Code is the data controller.
The collection of personal information
The Company collects the necessary information required to open a client’s trading account, perform transactions and
safeguard the clients’ assets and privacy and to provide clients with the services they require. In this respect, the
Company may ask clients, in certain circumstances to gather information from banks and/or credit agencies, and/or
clearing agencies and/or other sources which will help the Company to construct the clients’ profile based on their
requirements and preferences in order to provide its services effectively. The Company may collect customer’s credit
card data where is necessary to offer the services the customer opted for, the customers card details are protected
using Transport Layer encryption – TLS 1.2 and application layer with algorithm AES and key length 256 bit.
The information the Company collects includes information required to communicate with and identify its clients. The
Company may also collect certain demographic information, including, birth date, education, occupation, etc. The
Company also assesses trading related information.
The Company also collects Non-Personal Information, meaning the information which does not allow us to identify the
The other type of information that we collect is the Personal Information and this allows us to identify the end-user:
- Identifying documents- documents that we request from you for the proof of identity and your residency. Such
information is collected in order to perform transactions through the services provided by the Company.
- Registration information- to provide you with our services, at the registration stage, we ask you to provide us
your name, e-mail, telephone number.
- Voluntary information- when using our services such as customer support or any other means of communication
with us we
collect the information that you voluntarily provide about yourself.
- Device data- this is the information that we collect from your device and that includes your IP address, unique
identifiers and other information that relates to your activity while using the services of the Company.
We may record any communications, electronic, by telephone, in person or otherwise, that we have with you in relation
to the services we provide to you and our relationship with you. These recordings will be Company’s sole property and
will constitute evidence of the communications between the Company and you. Such telephone conversations may be
recorded without the use of a warning tone or any other further notice.
Use of personal information
The Company uses clients’ personal information only as required to provide quality service and security to its
clients. This information helps the Company to improve its services, customize browsing experience and enables it to
inform its clients of additional products, services or promotions relevant to clients and in this respect the clients
hereby consent to the usage of this data for such purposes.
It shall be noted that the Company may anonymize or de-identify the collected information which, on its own, cannot
personally identify you. In addition, the combination of Personal and non-Personal information is considered as
Personal information and will be treated so while remaining combined.
The personal data is stored during contractual relationship and after the termination for 5 years accordingly to relevant broker’s regulator and 7
years for taxation purposes.
Protection of personal information
Any personal information provided by the client to the Company will be treated as confidential and shared only within
the Company and its affiliates and will not be disclosed to any third party except under any regulatory or legal
proceedings. In case such disclosure is required to be made by law or any regulatory authority, it will be made on a
‘need-to-know’ basis, unless otherwise instructed by the regulatory authority. Under such circumstances, the Company
shall expressly inform the third party regarding the confidential nature of the information.
The Company may share information with affiliates in the event such information is reasonably required by such
affiliate in order to provide the products or services to its clients. The Company may share information with
affiliates and associates in order to offer additional similar products and services that meet clients’ needs and
which are delivered in a manner that is useful and relevant only where clients have authorized the Company to do so.
Non-affiliated third parties
The Company does not sell, license, lease or otherwise disclose clients’ personal information to third parties, except
The Company reserves the right to disclose personal information to third parties where required by Law, regulatory and
other government authority. The Company may also disclose information as necessary to credit reporting or collection
agencies as reasonably required in order to provide the services to Company and/or its clients.
In addition, the Company may engage third parties to help carry out certain internal functions such as account
processing, fulfillment, client service, client satisfaction surveys or other data collection activities relevant to
its business. Use of the shared information is strictly limited to the performance of the above and is not permitted
for any other purpose. All third parties with which the Company shares personal information are required to protect
such personal information in accordance with all relevant legislation and in a manner similar to the way the Company
protects the same. The Company will not share personal information with third parties which it considers will not
provide its clients the required level of protection.
As part of using your personal information for the purposes set out above, non-affiliated third parties are:
- service providers and specialist advisers who have been contracted to provide us with services such as
administrative, IT, analytics and online marketing optimization, financial, regulatory, compliance, insurance,
research or other services,
- payment service providers and banks processing your transactions;
- auditors or contractors or other advisers auditing, assisting with or advising on any of our business
From time to time the Company may contact clients whether by phone or email for the purpose of offering them further
information about the Company and financial market trading.
The Company uses all possible means to respect and protect its clients’ privacy. At any time, the client may contact
the Company and request:
- Right to access, request copy, correct or delete any Personal Information that the Company collected, and which
subject to processing but also the ways how data was obtained, the reason for processing, what data categories
processed and the basis of the automated processing system;
- Right to restrict processing. You have the right to request the restriction or suppression of your personal
Company to comply with Laws and Regulations may store the personal data but will not use it.
- Right to object. You have the right to object to the processing of your personal data. The Company may be able
continue processing to comply with Laws and Regulations
- Right to withdraw consent: Where we have obtained your consent to process your personal data you may withdraw
consent at any time. In this case, the Company will be forced to terminates its relationship with you within 10
- Right of erasure. You have the right to request erasure of your personal data. It shall be noted that the
refuse to satisfy your request as under any other legal obligations that the Company is subject to, we may be
to keep the information that you provide to us.
Right for data portability allows you to obtain and reuse your personal data for your own purposes across different
services. The Company shall provide such information to you free of charge however, in case of abuse of such right we
may charge you a reasonable fee in proportion with your request.
In case you disagree with the way we handle your Personal Data and/or you want to exercise any of your rights above,
please contact us by sending an e-mail to support at http://www.orion-code-access.net/ and we shall reply to you within 30 days. In
the case you have unresolved concerns you have the right to complain to the relevant data protection authority.
Please be advised that we shall keep your Personal Data for a certain period of time (7 years for taxation purposes)
to be able to provide to you the best of our services but also to comply with our legal obligations.
If you have already accepted to receive any Promotions and Benefits, according to the Terms and Conditions, offered by
the Company, you have the right to withdraw this acceptance
The Company may, on occasion, seek to contact clients, whether by phone or by email, for the purpose of informing them
of unique promotional offerings provided by the Company for the client
Any person wishing to opt out of further contact with the Company at any time whatsoever is entitled to do so through
the means to decline receiving such promotional offers from use available within the such promotional material. In
case you unsubscribe the Company will remove your contact details from its marketing distribution list.
Restriction of responsibility
The Company is not responsible for the privacy policies or the content of sites to which Orion Code links and has no
control of the use or protection of information provided by the clients or collected by those sites. Whenever a client
elects to link to a co-branded web site or to a linked web site, the client may be asked to provide registration or
other personal information. Please note that such information is recorded by a third party and will be governed by the
Use of "COOKIES"
site. Cookies used by the Company do not contain personal information or other sensitive information. The cookies used
by the company are:
- “Persistent cookies”- only read by our website, are stored on your devise for a fixed time period and are not deleted
when the browser is closed. We use these cookies to know who you are for your next visits allowing us to know your
preferences the next time you log-in.
- “session cookies”- these are only stored while the browsing session lasts enabling the normal use of the system and
are deleted when the browser is closed.
Please note that you may remove the cookies following your browser settings however, disabling of cookies may limit
your online experience as well as the functionality of some of the features for the services we provide may be low.
The Company may share web site usage statistics with reputable advertising companies and with its affiliated marketing
companies. It is noted that the information collected by such advertising companies is not personally identifiable. To
administer and improve the Orion Code web site, the Company may use third parties to track and analyze usage and
Company. These cookies do not contain any personally identifiable information.
To use our services a person must be above the age of 18. As per the Data Processing Law that comes into force on the
25 May 2018, a minor shall be considered a person below the age of 16 years unless otherwise advised by the Data
The Company reserves the right to access and verify any Personal Data collected and discard any such data in case that
the person who shared it with us is a minor. Please contact us at support at http://www.orion-code-access.net/ in case you have any
grounds to believe that a minor has shared any Personal Data with us.
materially changes this Policy including how it collects, processes or uses clients’ personal information, the revised
of what information the Company collects, how it uses it and to whom it may disclose it, in accordance with the
provisions of this Policy.
If you have any enquires regarding the Company’s Privacy and Date Protection Policy please email us (DPO’s email) or
call us …..
The Company shall try to respond to all requests within 30 days. Please note that it may take us longer than 30 days
if your request is particularly complex or you have made a number of requests. In this case, we will notify you within
30 days of the receipt of your request and keep you updated.
If you are not satisfied with our response to your complaint, you have the right to lodge a complaint with our