Keeping the information you choose to share with us through the GFI web site (the "Site") secure and ensuring your understanding of how we use and maintain your information is important to GFI. GFI maintains physical, electronic and procedural safeguards to protect customer information and while no data transmission over the Internet is 100% secure from intrusion, we have used and will continue to use commercially reasonable efforts to ensure the protection of your information. We continually assess new technology for protecting information and, when appropriate, upgrade our information security systems. When we refer to GFI, or use terms such as "we", "our" or "us", we are referring to GFI Group Inc., its wholly owned subsidiary, GFInet inc., and each of their respective wholly or majority owned, direct and indirect subsidiary and affiliated companies.
This Privacy Statement (the "Statement") discloses GFI´s privacy practices, designed to inform you as to:
- the kinds of information GFI collects from users of the Site and how that information is collected;
- how the information is used by GFI;
- whether GFI discloses user information to third parties;
- how you can access, update or delete any information collected about you by GFI; and
- the mechanisms we have implemented to protect your personal information.
We collect information about you when you visit and use the Site, and particularly when you enter or input information, whether during the qualification or registration process, in the course of entering, initiating, fulfilling and transmitting information or otherwise in connection with your general activities and/or use of the Site. If you are a registered user, you acknowledge and also consent to our tracking your activities and use of the Site in connection with your use of the non-public portions, features and functions of the Site(e.g., in order to confirm and fill orders, match principals, produce reports, maintain quality control and contact you concerning your order, transactions or activities should it be necessary or appropriate to do so).
You can visit this Site and learn about our company, its products and services, obtain general information and news about markets, and find out how to contact us – whether you are a prospective customer or are seeking employment without giving us any personal information about yourself. In general, for purposes of this Statement, when we use the term "your information" or similar terms, we mean information personally identifiable with a specific customer or about a customer's current or former relationship with any of GFI's subsidiaries or affiliates. In the U.S., this Statement is provided to you in accordance with the Federal Financial Privacy Law, 15 U.S.C. 6801-6810. If you are a UK customer, we may process personal data relating to you in carrying out our responsibilities, in all cases bound by the Data Protection Act 1998 (the "Act") which governs what we may do with such data.
Although we may track the numbers of visitors to the Site to inform us on how best to update the Site and enhance the experience for such visitors, personally identifiable information is not extracted in this process. We use such information on an aggregated basis to help us operate the Site, enhance and improve our service, improve the look of the Site and display advertising and marketing information. We may use the information you provide us to tailor your experience at our Site, to display content we think may be of interest you, or to let us customize what you see when you visit the Site according to your preferences. If we request that you provide us with personally identifiable data, we will give you the opportunity to "opt out" of receiving future communications from us.
Some features on the Site will require you to register as a customer and get our authorization before you can use those particular features. Whether you are an individual or a corporation, partnership or other form of commercial enterprise, in order for you to obtain our authorization to use those features and be considered a registered customer, you must provide us with certain information about you and your business and, for security purposes, we may require some personal information about you and, if you represent a business, any others you designate to represent that business in connection with the permitted use of the Site.
In addition to information about your business, for security purposes, you must provide us with information such as names, addresses, e-mail addresses, telephone numbers and other personally identifiable information for each individual who will use the Site, in order for us to authorize you and those individuals to access the features of the Site that are available only to registered users. This information also helps us to ensure we are able to securely identify you and each of these individuals as authorized users for the features you have successfully registered to use. Once registration is complete and we have granted you authorization, we may provide you with an identification and password (we may allow you to select these), however, you will be able to change your password, as well as any personal data you have given us in order to reflect updates to your information when they occur. If you are a designated representative of a business, keep in mind that an authorized representative of the business will also have the right to revoke that designation and, if so notified, we will immediately terminate your right to use the Site and you will no longer be authorized to use the Site as such.
If you are submitting personally identifiable information on behalf of others in your business to designate them as registered users, you represent that you have their permission, agreement and full authorization to provide this information to us for these purposes. We reserve the right to ask you to provide evidence of that at any time during, or even after, the submission process or to contact those individuals to confirm this at any time. If we determine that such authorization has not been properly obtained, we may immediately and without notice, discontinue your authorized use of those features of the Site for which you have registered.
Bear in mind that submitting information to us is not a guarantee or assurance that we will grant authorization or permit you, or anyone you designate, to use any or all of the features of the Site. If, for any reason, you are not granted authorization we will only retain the information you submit to us in order to communicate with you regarding your application and perhaps request additional or follow-up information, for audit purposes or as may be required by law or regulation and we will not use your information for any other purposes.
GFI collects and uses certain information to service our customer accounts. This may allow us to save you time and money and to better understand your needs. It also helps us help you learn more about GFI's products and services that may be of interest.
The information we collect and store generally consists of information gathered from your registration, data input, forms and other information you provide us, electronically, by phone, facsimile, in writing, in person or by any other means and information about your transactions and experience with GFI, such as account balances, trading activity, transaction history and parties to transactions.
If you are a resident or citizen in a country that is a member of the European Union, you may have certain additional rights in respect of the data we hold relating to you. You are entitled, on payment of a statutory fee, to a copy of the information we hold about you.
While information is critical to our ability to provide high quality service to you, our most important asset is the trust that our customers place in how we provide that service. Keeping customer information secure, and using it only as our customers would want us to, is a high priority for all of us at GFI. Consequently, our privacy standards are designed to ensure that we will:
- collect and use only the minimum necessary information required for us to deliver high quality service to customers, to administer our business and to let you know of products and services that are available from our group of companies;
- protect the information our customers share with us, maintaining strict standards of security and confidentiality. In this regard we even limit access by our own employees to those individuals who are trained and advised in the proper handling of customer information and any employee found violating our standards of security and confidentiality will be subject to our disciplinary processes;
- not disclose information, personal or business, to any external organization unless we have previously notified you (or the business, in the case of a commercial erprise) and obtained your consent or if we entered into a specific agreement with you to do so. We will exchange information to the relevant party or parties where it is necessary for the purpose of executing, confirming and/or settling your order or where we are under a legal obligation to do so;
- require any other organization that we retain or engage to provide support services for us to conform to our privacy standards; and
- make every effort to keep customer files complete, up to date, and accurate.
Although your privacy is very important to us, in this legal and technical environment, we cannot fully ensure that your personally identifiable information will not be disclosed to third parties. For example, we may be compelled to disclose your information to a governmental agency or a court; or third parties may unlawfully intercept or access transmissions or private communications. Additionally, we may (and you authorize us to do so) disclose any information about you to private entities, law enforcement or other government officials as we, in our sole discretion, believe necessary or appropriate to investigate or resolve possible problems or inquiries or to protect our own business and assets. In such circumstances, we will, where possible, require such third parties to maintain the confidentiality of any information so disclosed.
QUESTIONS ABOUT YOUR PRIVACY OR OUR POLICIES:
Telephone calls may be monitored or recorded in order that we can check that we have carried out your instructions correctly and to improve our quality of service.
In order to measure the use of our Site and make improvements to it, information may be gathered on users' visits to the Site. This involves logging domain names of visitors and any sites they may have been directed from. This information is aggregated for monitoring.
GFI complies with the Safe Harbor agreement with the European Union.
The collection of personal information by businesses is governed by Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 on the protection of individuals with regard to the processing of personal information and on the free movement of such information, as well as the national legislation of European Union Member states. For more information, follow this link.
GFI agrees to adhere to the European Union Safe Harbor Principles. GFI has a Chief Compliance Officer who is responsible internally within GFI for supervising our privacy policies and security of our data, as well as a Privacy and Compliance Officer for Europe. GFI educates its employees about compliance with the Safe Harbor Principles and has self-assessment procedures in place to assure its compliance.
From time to time, GFI enters into processing contracts with its clients in the EU that specify that the EU client recognizes that it is a data controller for the purposes of data protection legislation and therefore it will need to be in compliance with the relevant Member State national law. Any data processed by GFI is not further disclosed to third parties, except where required by the European client as a data controller or when required by law. Any information which our EU clients identify as sensitive will be treated as such.
GFI takes reasonable precautions to protect information from loss, misuse and unauthorized access, disclosure, alteration and destruction. Please contactprivacy@GFIgroup.com with any questions or concerns.
Copyright © GFI Group Inc. 2008
WEBSITE QUESTIONS AND ANSWERS
What steps has GFI taken to ensure the privacy and security of your information on its Site?
What is a firewall and what does it do?
An Internet Firewall is made up of a combination of hardware and software which is designed to securely separate the Internet from internal computer systems and databases. At GFI, data coming from customer computers via the Internet flows through a series of safety checkpoints on its way to our internal systems.
What does security on the Internet mean?
Security on the Internet means that transmissions sent from one source to another maintain their confidentiality and integrity. Confidentiality means that unauthorized users cannot read any transmissions sent from one party to another. Integrity means that messages are not altered during transmission.
GFI´s top priority is to protect the confidentiality and integrity of its customers' information. GFI uses all reasonable efforts to ensure that the appropriate safeguards have been implemented each step of the way. The safeguards include:
- Encryption - all applications and other communications requesting confidential information must be set up in a "secure environment" on our Site, transmitted to us securely through the use of encryption and maintained in a secure format upon receipt by us until distribution to the appropriate business area;
- Firewalls - GFI has in place an Internet firewall designed to securely separate the Internet from GFI's internal computer systems and databases. Data coming from customer computers via the Internet flows through a series of safety checkpoints on its way to our internal systems so that only authorized messages and transactions enter our computer systems; and
- Monitoring - GFI constantly reviews all internal systems to determine if there has been any security attacks or attempted break-ins. We also arrange for regular independent security checks on our computer systems to ensure our high standards are being complied with.
What are cookies?
Your Internet browser has a feature called "cookies." A cookie is a small piece of information that is stored in your browser by a web server. Cookies can only be read by the site that placed the cookie on the hard drive of your PC.
However, cookies tell us nothing about who you are unless you specifically give us personally identifiable information. You do not need to have cookies turned on to visit most GFI sites, although active participation in certain areas of the Site may require cookies. In addition, you may elect not to allow cookies to be collected by selecting certain options on your browser.
Cookies are text files stored on your computer’s hard drive when you visit the Site and most computer operating systems provide users with the option of disabling this function, should they choose to do so. Cookies contain unique identifying numbers that allow the technology in our Site to identify the file that is on your computer’s hard drive and take note of your previous visits to our Site, allowing us, among other things, to customize your visit to the Site each time you return. Cookies will not be used by us to track your personal activities or share such activities with any third party.
As you browse the Internet, cookie-enabled sites will send cookies to your browser, along with pages. Your browser probably has options that will let you control whether the browser accepts cookies, rejects cookies, or notifies you each time a cookie is sent to you.
You may need to enable cookies to log on to certain areas of our Site with your User Name and Password.
Q: How can I enable cookies?
A: Please follow the instructions below that match your browser type and version to enable cookie settings. If you are using AOL, please check your browser version and follow the appropriate instructions below. For additional assistance, please contact your Internet Service Provider (ISP).
Q: Are cookies secure?
A: The security and confidentiality of your account information and user codes will not be compromised when you accept a cookie from the Site. The cookie cannot be used to access any data on your computer.
We are always seeking to improve our network of sites and our business. In accomplishing these objectives, we may buy or sell a company, or one or more of the companies in our corporate family may merge with or be acquired by another company. If we sell a business, we may transfer some or all of your information as a part of the sale in order that the service being provided to you may continue or for other business purposes.
Our Site may contain advertisements, references and links to other web sites and organizations. We may also use third parties to display advertising on our Site and any of our HTML-formatted newsletters. Often these third-party advertising companies employ cookie and Web bug technologies to measure advertisement effectiveness. You should be aware that different rules may apply to the collection, use or disclosure of your information by third parties in connection with any other sites you encounter on the Internet. Cookies used by these third parties are theirs not ours and even if we have a relationship with the third party, we do not control those sites and we encourage you to investigate and ask questions before disclosing information to any such third parties.
Some aggregate customer data (not personally identifiable data) may be shared with the advertising companies to enhance and improve the operation and relevance of our Site.
We do not give any personally identifiable information to them as part of this relationship. Use of their tracking technology is subject to their own privacy policies.
You may notify us in writing at any time that you do not wish us to share personally identifiable information with any third party, other than as necessary to perform our obligations under this agreement and we will remove such information about you from any lists we provide to such third parties within thirty days of your notice to us.
How does GFI share the information?
GFI will make your personally identifiable information available to other companies or people when:
- we have your consent to share the information;
- we have engaged companies to work with or on behalf of GFI to provide a product or service that you have requested, such as opt-in e-mail announcements;
- you use co-branded services. When you use a co-branded service within our network of sites you grant us permission to pass your registration information back to that service partner. Their use of your information is subject to their applicable privacy policies; and
Change your password regularly.
Do not share your password with anyone.
Never write your password down or store it in your computer where it is automatically replayed. If someone walked up to your PC and replayed your logon sequence including a stored password, then they can connect as if they were you. Always key in your password yourself for each logon to a GFI account.
Remember to logoff when you have finished with your transmissions.
Protect your password by choosing one that is difficult to guess. Avoid words that may be found in the dictionary, as these are easy to guess.
Most users tend to select a password that is easily recallable so they will not forget it. Often a user selects a password based on things like personal or family details, possessions, interests, or relationships. Although this seems harmless, such passwords are inherently weak because they can be anticipated and easily guessed by an impostor. Someone trying to guess your password will try your name, date of birth, nickname and those of your spouse and children. A more enterprising impostor, on the other hand, may gather a substantial collection of candidates from dictionaries and mailing lists and search them for your password. At 1 millisecond per possible password choice, it takes less than 4 minutes to search a 250,000 word commercial dictionary. If someone did that to your password, would they get through?
A password offers no protection to any system or data if it can be guessed easily. Ideally, passwords should be easy to remember by the user but hard to guess correctly by anyone else.