1. Introduction
ALLSTRUCTUREDNOTES ASN AV, S.A., ALLSTRUCTURED ASN SA and or any affiliate or member of the ASN Group from
time to time. (“ASN Group”, “us” or “we”) highly appreciates your interest in our products and services. Your
privacy is important to us and we want you to feel comfortable using our products and services. It is a major
concern for ASN Group that your personal data is treated in a responsible manner and in compliance with legal
requirements.To this end, we take precautions, such as implementing robust technical and organizational
security measures including encrypted databases and passwords, WAF & Shield, SSL Communications, Multi-Factor
Authentications, access management, employee awareness-raising and training, appointment of a Data Protection
Officer (hereinafter “DPO”)
This Privacy Policy describes the way we process your personal data when you use our products and services,
visit our websites, use our mobile applications, or register for any service and provide information about
yourself (hereinafter “ASN Services”).
Please read our Privacy Policy carefully before registering for, or using any ASN Services and, in particular,
before entering any personal data, to understand our views and practices regarding your personal data, how we
will treat your personal data and the basis on which it could be disclosed to third parties. Please note that
any additional terms and conditions that apply to ASN Services will be provided when registering for such
services and a Sub-Distribution Agreement.
2. Processing personal data
2.1 Categories of personal data
ASN Group processes different categories of personal data (such as data of clients, prospects, website users,
suppliers, vendors or other third parties), it limits its processing of these to a necessary minimum and in
accordance with the applicable laws and regulations. This is understood as referring to the following:
— Master data (e.g., name, address, e-mail address, phone number, date of birth, account and contract number,
other account information, indicative prices, concluded transactions, or third parties, e.g., authorized
representatives, advisors who might also be affected by the data processing).
— Risk management, transaction and/or order data (e.g., data on generated Structured Notes, portfolio data,
data on managed Structured Notes, data on risk and investment profile management, fraud cases).
— Technical data (e.g., IP addresses, cookies, internal and external identifiers, logging data, record of
access and changes, content accessed by the website user, including time and date of access, account
number).
— Marketing data (e.g., any information or data that you may have introduced in your ASN account or that we
may have introduced for you; any information or data related to issuers or manufactures provided by you to ASN
Group, as may be any credentials related to the said issuers or manufactures; custodian data and data related
to which portfolio such custodian is assigned; data related to the types of portfolios managed by you (e.g.,
discretionary-managed portfolios).
2.2 Origin of personal data
In line with the purposes of paragraph 2.3, we may collect personal data - to the extent legally permitted -
from the following sources, in particular:
— Personal data that is given to us by the user, namely for account opening, for making an inquiry, as part of
a registration on our websites or when using certain products and services.
— Personal data that is necessary for the facilitation of ASN Services is transmitted to us via the technical
infrastructure (e.g., via our websites, login information, and transactions).
— Personal data from third parties such as issuers, manufactures, authorities, sanction lists (e.g., EU),
custodians, rating agencies, credit report entities, analytics providers or search information
providers.
— Personal data that is publicly accessible (e.g., public register information, public social media
platforms).
2.3 Purpose and usage of data
We may process personal data as described above for the provision of our services and/or for our own legally
prescribed purposes and to the extent legally permitted. For the avoidance of doubt, the process of personal
data will not include disclosure by transmission, dissemination or otherwise making available, alignment or
combination of the said personal data to third parties. This is understood as referring to the following, in
particular:
— Processing, improving, managing and executing our services as well as to update the data of users with whom
we maintain a business relationship.
— Service development, statistics, business decisions (e.g., developing ideas for new or assessing existing
products, services, procedures, technologies and returns, establishing key figures for the use of services and
utilization figures).
— Managing, controlling and monitoring business related decisions and risks, processing business in good time
(e.g., investment profiles, market, operational and fraud risks).
— System administration and reporting aggregated statistical information about browsing patterns and action
which does not identify any individual.
— Compliance, legal and/or regulatory disclosure, notification and reporting obligations to authorities,
courts, including but not limited to money laundering and terrorist financing (e.g., automatic exchange of
information with foreign tax authorities, prosecution departments).
— Market research, marketing, comprehensive client service, advice and information regarding range of services
etc. (e.g., events for clients, prospects and interested third parties, cultural events, sponsorship,
assessment of client, market or product potential, information regarding changes, determination of client
satisfaction, online and hardcopy advertisement).
— Protection of our interests and rights in case of claims against us or our employees and clients.
3. Storage of data
Once you have transferred personal data to us, this data is stored securely for the purposes mentioned in this
Privacy Policy as well as for which the information was provided.
We have implemented appropriate and robust data security measures to ensure that this information is only
accessible to a restricted number of authorized individuals and that it is protected against unauthorized
access, misuse, loss or damage.
In general, all data which is collected in any country is transferred and stored by us in encrypted databases
located in Ireland. Ireland is recognized as a country which offers an adequate level of data
protection.
Even though the retention period for personal data depends on statutory retention provisions, applicable legal
basis and the purpose of the data processing, ASN Operator or ASN Group will only store your personal data for
as long as necessary, taking into account our obligation to respond to requests or resolve problems, to
provide improved and new services and to act in accordance with applicable laws and regulations. ( eg: ASN
Group will storage personal data for the minimum period required by statutory provisions from the date the
transactions have been concluded, which could be a period of ten years in accordance with Article 25.1 of Law
10/2010 of 28 April 2010 on the prevention of money laundering and terrorist financing.)
In particular, this means that we are entitled to keep your personal data for a reasonable period of time
after you last contacted us. If the personal data we collected is no longer needed in this way, we are obliged
to delete it in a secure manner.
4. Data subject rights
You have a right to be informed whether personal data in relation to you is being processed by us. On request,
we will disclose to you the personal data in our databases, including available details about the origin of
the data, the purpose and, where appropriate, the legal basis for the processing and the categories of the
processed personal data, the parties involved in the data collection and the data recipients in ASN Group. For
the avoidance of doubt ASN Group will not include disclosure by transmission, dissemination or otherwise
making available to third parties.
You may withdraw your consent to the processing of your personal data and/or may wish to opt out of the use of
your information for advertising or marketing purposes at any time. You can exercise further rights, such as
the right of rectification and you are also entitled to have any inaccuracies in your personal data corrected,
or to have your personal data blocked or deleted, depending on the legal basis under which we are processing
particular personal data.
5. Cookies and web analytics services
Our websites use specific types of cookies. Please consult our Cookie Policy for more information on the use
of cookies.
We will not transfer any IP addresses. Any onward transfer by third parties will only be based on legal
regulations or as part of a data processing service agreement.
6. Contact
Please let us know, if we do not meet your expectations with respect to the processing of personal data or you
wish to complain about our data protection practices; this gives us the opportunity to examine your issue and
make improvements, where necessary.
You may contact us by sending us a clear request in writing to either one of the DPO email addresses or via
regular mail to the addresses indicated below.
Email: dpo@asn-global.com
Address: General Martienz Campos 21 6F, 28010, Madrid, Spain
7. Changes to the Privacy Policy
We reserve the right to amend this Privacy Policy without giving prior notification. We therefore advise you to
check our Privacy Policy on our websites on a regular basis.
