FRT’s Privacy Policy

This Privacy Policy explains the types of personal information we collect, how we use it, and the circumstances under which we may share it. This Privacy Policy is provided on behalf of Financial Recovery Technologies LLC (collectively referred to as “FRT”, “we”, “us” or “our” in this privacy policy) and applies to any client, customer, employee and applicant information that we receive during any interaction with us (“Information”), unless the terms of service specifically contain separate requirements related to Information.

DATA CONTROLLER

FRT is the controller and responsible for your personal data. If you have any questions about this privacy policy, including any requests to exercise your legal rights (see below for further details), please contact us using the details set out below:

  • Legal Entity: Financial Recovery Technologies LLC
  • Address: 200 River’s Edge Drive, Suite 300, Medford, MA 02155, United States
  • Email: Privacy.Enquiry@frtservices.com
  • Phone: 339‐674‐1000

INFORMATION WE COLLECT

When you interact with us, we receive and collect certain information about you. The information that we receive and collect depends in part on what you do when you visit our website or how you interact with us. For example, if you should sign up for newsletters, or when you use the Contact Us tool to request information or make specific inquiries regarding any of our products or services. In these instances, you may provide personally identifiable information (“personal information”) such as your name and email address. If you are a customer, you may provide more detailed information such as financial details.

Personal information means any information about an individual from which that person can be identified. It does not include information where the identity has been removed (anonymous data). It is possible to browse our website without actively submitting any personal information.

We may collect, use, store, and transfer different kinds of personal information which include:

  • Your name, title, date of birth and gender (Identity Data).
  • Your address, email address and telephone number (Contact Data).
  • Your bank account details (Financial Data).
  • Details about services you have purchased from us, payments you have made, historical trading data, filings made on your behalf, funds collected on your behalf, and funds distributed to you (Transaction Data).
  • Your IP address, login data, browser type and version, and operating system and platform (Technical Data).
  • Information about how you use our website or our products or services (Profile and Usage Data).
  • Your preferences in receiving marketing from us and our third parties and your communication preferences (Marketing and Communications Data).

Our definition of personal information does not include “aggregate” data. Aggregate Data is data we collect about a group or category of products, services or customers, from which individual customer identities have been removed. In other words, information about how you use a service may be collected and combined with information about how others use the same service, but no personal information will be included in the resulting data. Likewise, information about the products you purchase may be collected and combined with information about the products purchased by others. Aggregate data helps us understand trends and customer needs so that we can better consider new products and services, and tailor existing products and services to customer desires.

Please note, we do not collect any special categories of personal information such as information relating to your racial or ethnic origin, political opinions, religious or philosophical beliefs, health or sexual orientation.

IF YOU FAIL TO PROVIDE YOUR PERSONAL INFORMATION

Where we need to collect personal information by law, or under the terms of a contract we have with you and you fail to provide that information when requested, we may not be able to perform the contract we have or are trying to enter into with you (for example, to provide you with a product or service). In this case, we may have to cancel a product or service you have with us but we will notify you if this is the case at the time.

HOW YOUR PERSONAL INFORMATION IS COLLECTED

We will limit the information we collect about you to what is necessary to administer our business, provide superior service, offer opportunities that we think would be of benefit to you, improve the customer experience of our website, and ensure technological compatibility with your computer, cell
phone, or other electronic or mobile devices (collectively, “Computer”).

We use different methods to collect information from and about you including through:

  • Direct Interactions: You may give us your information (for example, Identity, Contact and Financial Data) by completing forms on our website; by corresponding with us by email, phone or post; or by providing information to us in order for us to provide services. This includes personal information you provide when you:
    • Inquire about products or services;
    • Request white papers;
    • Subscribe to newsletters;
    • Request a price or quote;
    • Request marketing information or sign up for email alerts;
    • Follow us on social media;
    • Interact with us directly via phone or email; or
    • Provide data required for us to provide our services
  • Automatically Collected Information: Every time you visit and interact with our website, some information is automatically collected about you. This information may include, but is not limited to, some or all of the following items: the specific pages, buttons, images, videos, links, or forms that you access on this website; the type and version of Internet browser software and operating system you use; date, time, and duration of your website visit; your IP address; your domain; type of Computer (e.g. laptop, iPad, BlackBerry, iPhone); mobile carrier and/or Internet service provider; the location of your Computer, and demographic information concerning the country of origin of your Computer and the languages it uses.
  • Third Parties: We may receive personal information about you from various third parties and public sources, including, analytics providers such as Google Analytics, Lead Forensics, and Pardot, who primarily provide us with us with Aggregate and Profile and Usage data in relation to our customers and website users, but it may also contain personal information such as Technical and Identity Data. Where we receive personal information from third parties, we treat it in accordance with this privacy policy.
  • Information Collected Via Cookies: Cookies are small text files that are placed on your Computer to distinguish you from other visitors to
    this website. Using cookies is a standard practice for websites to collect or track information about your activities while using a website. We and our third‐party service providers may place cookies or similar files on your Computer for many of the reasons listed in this Privacy Policy while visiting this website. Most people do not know that cookies are being placed on their Computers when they visit websites because browsers are typically set to accept cookies. You can choose to have your browser warn you every time a cookie is being sent to you or you can choose not to accept cookies. You can also delete cookies from your Computer at any time. If you refuse cookies, the functionality of our website may be impacted. Since every browser and Computer is different, you will need to follow your browser’s instructions for disabling or deleting cookies.

YOUR DUTY TO INFORM US OF CHANGES

It is important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us.

HOW WE USE YOUR INFORMATION

Most of the information we collect is used to help deliver the services that our clients and customers request. It also may permit us to design and offer specific products and services that will be useful to our clients, our clients’ customers, and our customers, or that provide benefits, additional value or discounts.

We will only use your personal information when we have a lawful basis for doing so. We have explained below each lawful basis for using your personal information, and the purposes for which we use your personal information.

  • Performance of a contract: we need to use your personal information, such as Identity, Contact and Financial Data for the purposes of performing a contract you have entered into with us. For example, to process monthly/annual subscription payments; to set up new clients and provide support services.
  • Necessary for our legitimate interests: we use your personal information for ongoing business purposes, for example, we may use your Identity, Contact and Technical Data to understand our customers, develop our products and services and recommend appropriate services.
  • Compliance with a legal obligation: we use your Identity, Contact and Marketing and Communications Data to comply with various legal obligations including ensuring that you do not receive marketing communications from us in circumstances where you have advised us that you
    do not wish to receive those communications.

Generally, we do not rely on consent as a legal basis for processing your personal data other than in relation to sending third-party direct marketing communications to you via email. You have the right to withdraw consent to marketing at any time by contacting us using the details set out in our Contact Us section above.

In addition, if you would like further information about the specific lawful basis we rely on when using your personal data please contact us using the details set out in the Contact Us section above.

HOW WE SHARE YOUR INFORMATION

From time to time, we may share information that personally identifies you to FRT affiliates and to other non‐affiliated entities including in the following manner:

  • As may be required to deliver the requested services including sharing selected information with fulfillment vendors, and others;
  • In response to judicial proceeding, subpoena, court order or other legal process;
  • To comply with legal, regulatory or administrative requirements of governmental authorities;
  • To protect the rights or property of FRT, its clients, suppliers or customers, and to enforce the provisions of our terms or policies, in cases of customer fraud or disputes, and/or to prevent harm to you or others;
  • As disclosed to you in other applicable policies, terms of use, or other agreements;
  • For marketing and other business purposes; or
  • As permitted or required by law or as authorized by you.

We require all third parties to respect the security of your personal information and to treat it in accordance with the law. We do not allow our third‐party service providers to use your personal information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.

MARKETING

We aim to provide you with choices regarding certain personal information uses, particularly around marketing and advertising. As part of our ongoing marketing activity but only where our processing of personal information takes place in the context of our activities in the UK or the EU, we may use your personal information in the following ways:

  • Promotions: We may use your Identity, Contact and Profile Data to form a view on what we think you may want, need or may be of interest to you. We do this in order to provide you with the most relevant products and services. You will receive marketing communications from us if you have requested information from us, purchased products from us, or if you have provided us with your details in order to receive marketing promotions and in each case you have not opted out of receiving marketing communications from us.
  • Third-Party Marketing: We will get your express opt‐in consent before we share your personal data with any company outside the FRT Group for marketing purposes.
  • Opting Out: You can ask us or third parties to stop sending you marketing messages at any time by adjusting your marketing preferences via our website or by following the opt‐out links on any marketing messages sent to you. In addition, you can contact us at any time using the details set out below. Where you opt out of receiving these marketing messages, this will not apply to personal information provided to us as a result of a previous product/service purchase or any other transactions between us.

SECURITY

We maintain security standards that are designed to help us protect your information. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors or other third parties who have a business need to know. They will only process personal information on our instructions and they are subject to a duty of confidentiality.

While we use such security standards, we cannot guarantee that personal information you submit on this website will be secure, or that the services will be uninterrupted or error‐free.

We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

INFORMATION RETENTION

We will only retain your personal information for as long as necessary to fulfill the purposes we collected it for, including for the purposes of any legal, accounting or reporting requirements.

To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorized use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

Details of retention periods for different aspects of your personal data are available in our retention policy which you can request from us using the contact details set out below. By law, we have to keep basic information about our customers for six years after they cease being customers for legal and compliance purposes.

In some circumstances, you can ask us to delete your personal information (see section EU Data Protection Rights below for more information). Please note that in some instances we may anonymize your personal information (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without further notice to you.

THIRD‐PARTY LINKS

Our website contains links to and from other websites. Clicking on these links or enabling those connections may allow third parties to collect or share information about you. FRT makes no representations whatsoever about any other websites that you may have accessed our website from or may access through this website. FRT is not responsible for the privacy practices or content of those websites and FRT expressly disavows any liability whatsoever for use of such websites. It is up to you to take precautions to ensure that whatever you select for your use is free of items of a destructive nature.

NOTICE TO PERSONS OUTSIDE THE UNITED STATES

Personal information collected on FRT websites and services may be stored and processed in the U.S. or any other country in which FRT or its affiliates, subsidiaries or service providers maintain facilities. This will involve transferring personal information outside the European Economic Area (EEA). In addition, many of our external third parties are based outside the EEA so their processing of your personal information will also involve a transfer of data outside the EEA.

Whenever we transfer personal information outside the EEA, we ensure a similar degree of protection is afforded to it by ensuring that there are adequate safeguards in place by using specific contracts approved by the European Commission which gives personal information the same protection it has in the EU.

FRT complies with the EU‐U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States. FRT has certified to the Department of Commerce that it adheres to the Privacy Shield Principles. If there is any conflict between the terms in this privacy policy and the Privacy Shield Principles, the Privacy Shield Principles shall govern. To learn more about the Privacy Shield program, and to view our certification, please visit https://www.privacyshield.gov/. FRT commits to cooperate with the panel established by the EU data protection authorities (DPAs) and comply with the advice given by the panel with regard to data transferred from the EU.

  • FRT discloses personal information of individuals only in instances that are required and necessary in order to (a) with respect to employees or prospective employees, process data in connection with payroll, the provision of benefits, the provision of occupational health services, and compliance with legal, regulatory, and tax requirements, as well as to complete background checks and in connection with any potential sale of some or all of FRT’s business, (b) provide the services contracted by such individuals or their vendors that are FRT’s contracted or prospective clients, or (c) in cases where personal data must be shared for a purpose that doesn’t fall under (a) or (b), only after receiving explicit consent for such use or disclosure.
  • FRT’s security policies include the protection of personal data through encryption at rest and in transit, access limitations and other measures. Additionally, we provide individuals the right to request what information FRT has in its possession related to that individual as well as the right to request that the individual information is deleted or removed from FRT’s systems.
  • The Federal Trade Commission (FTC) has jurisdiction over FRT’s compliance with the Privacy Shield.
  • FRT complies with the Privacy Shield’s Principle regarding accountability for onward transfers. FRT remains liable under the Principles if its onward transfer recipients process Personal Data in a manner inconsistent with the Principles, unless FRT proves that it was not responsible for the event giving rise to the damage.

If you require any further information on the specific mechanism used by us when transferring your personal information outside the EEA, please contact us using the details set out in the Data Controller section of this document.

USE OF THIS WEBSITE BY CHILDREN

We encourage parents to take an active interest in their children’s use of the Internet. We do not intend to collect information from children who are under 18 years of age. If you are under 18, you should not provide information on this website and should ask your parent to do so for you.

CHANGES TO THIS PRIVACY POLICY

Please note that we will periodically make changes to our privacy policy and we reserve the right to change this Privacy Policy at any time. We will alert you that changes have been made by indicating at the bottom of the privacy policy the date it was last updated. It is your responsibility to review this Privacy Policy frequently and remain informed about any changes to it, so we encourage you to visit this page often. This Privacy Policy takes precedence over any previous privacy notices that we have issued related to our website and your continued use of our website constitutes your acceptance of any amendments to and the most recent version of this Privacy Policy.

CONTACTING US: QUESTIONS, CORRECTIONS, AND REMOVAL

Please contact us by visiting www.frtservices.com, or via our Contact Details set out above, with: (i) questions concerning our Privacy Policy; (ii) requests to update or correct your information provided to us; or (iii) to remove you from promotional mailing or e‐mail lists. Please include enough information so we can contact you. Requests will be processed as soon as practical and within one month of receipt. In some cases, where the request is particularly complex it may take slightly longer in which case we will keep you updated and inform of our progress.

EU DATA PROTECTION RIGHTS

Where our processing of personal information takes place in the context of our activities in the UK or the EU, individuals have the following rights in relation to your personal information (referred to as personal data for the purposes of EU data protection legislation:

  • Request access to your personal data: This enables you to receive a copy of the personal data we hold about you and to check that we
    are lawfully processing it. Request correction of personal data that we hold about you This enables you to have any incomplete or inaccurate information we hold about you corrected. Please note, we may need to verify the accuracy of any new details you provide.
  • Request erasure of your personal data: This enables you to ask us to delete personal data where there is no good reason for us continuing to process it. This may also apply where you have successfully exercised your right to object to processing (see below), where we may have processed your data unlawfully or where we are required to delete your personal data to comply with local law. Please note, however, that we may not always be able to comply with your request for erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.
  • Object to processing: This enables you to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your personal situation which makes you want to object to processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
  • Right to withdraw consent: You may withdraw consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.
  • Request to transfer data: This enables you to request the transfer of your personal data to you or a third party. We will transfer the data in a structured, commonly used, machine-readable format. This right applies only in respect of automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
  • Invoke binding arbitration: Under certain conditions, you may invoke binding arbitration.

If you wish to exercise any of the above rights, please contact us using the details in the Data Controller section of this document. Under EU data protection legislation, you have the right to make a complaint at any time to the relevant supervisory authority for data protection issues in your jurisdiction. A full list of the data protection authorities can be found at http://ec.europa.eu/justice/article‐29/structure/dataprotection‐authorities/index_en.htm.

We would, however, appreciate the opportunity to address any concerns in the first instance.

Updated: 22 August 2018