The principles how Tara Capital processes client data are described in these principles of processing private data, hereinafter also referred as the principles.
Tara Capital ensures, within the framework of applicable law, the confidentiality of private data and has implemented appropriate technical and organizational measures to safeguard private data from unauthorized access, unlawful processing or disclosure, accidental loss, modification or destruction.
Private data may be collected from the client, from the client’s use of the services and from external sources such as public and private registers or other third parties.
Private data categories which Tara Capital may primarily, but not only, collect and processes are:
Identification data such as name, identification code, date of birth, data regarding the identification document (such as copy of the passport, ID card).
Contact data such as address, telephone number, email address, language of communication.
Data about the relationships with legal entities such as data submitted by the person or obtained from public registers or through third party for the execution of transactions on behalf of the legal entity in question.
Financial data such as accounts, ownership, transactions, credits, income, liabilities, the person’s financial experience and investment objectives.
Data on origin of assets or wealth.
Data about trustworthiness and due diligence, data that enables Tara Capital to perform its due diligence measures regarding money laundering and terrorist financing prevention and to ensure the compliance with international sanctions.
Data obtained and/or created while performing an obligation arising from law.
Data about the client’s tax residency such as data about the country of residence, tax identification number, citizenship.
Purpose and basis of processing personal data
Tara Capital processes personal data primarily to: manage customer relations in general and provide and administrate access to products and services; perform risk assessments; protect interest of the client and/or Tara Capital; provide additional services, perform customer surveys, market analyses and statistics; comply with legal obligations and verification of identity; establishing, exercising and defending legal claims.
Recipients of personal data
Personal data is shared with other recipients, such as: Authorities (such as law enforcement authorities, bailiffs, notary offices, tax authorities, supervision authorities and financial intelligence units); financial institutions, insurance service providers and intermediaries of financial services, third parties participating in the trade execution, settlement and reporting cycle; auditors, legal and financial consultants, or any other processor authorized by Tara Capita; third parties maintaining registers (such as to credit registers, population registers, commercial registers, securities registers or other registers holding or intermediating personal data); participants and/or parties related to domestic, European and international payment systems, such as SWIFT.
Geographical area of processing
As a general rule the personal data is processed within the European Union/European Economic Area (EU/EEA) but in some cases outside the EU/EEA, that can take place provided there is a legal ground i.e. legal requirement or person’s consent and appropriate safeguards are in place.
Upon request the client can receive further details on personal data transfers to countries outside the EU/EEA.
Retention periods
Personal data will be processed no longer than necessary/allowed. The retention period may be based on agreements with the client, the legitimate interest of Tara Capital or applicable law (such as laws related to bookkeeping, anti-money laundering, or other legal acts).
Clients’ rights as a natural person
A natural person as a client, has rights regarding his/her data processing that is classified as personal data under applicable law. Such rights are in general to: require his/her personal data to be corrected if it is inadequate, incomplete or incorrect; to file object to processing of his/her personal data, if the use of personal data is based on a legitimate interest; require the erasure of his/her personal data, for example if personal data is being processed based on the consent, if he/she has withdrawn the consent.
Such right does not apply if personal data requested to be erased is being processed also based on other legal grounds such as agreement or obligations based on applicable law; restrict the processing of his/her personal data under applicable law; receive information if his/her personal data is being processed and if so then require an access to it; receive his/her personal data that is provided by him-/herself and is being processed based on consent or in order to perform an agreement in written or commonly used electronical format and were feasible transmit such data to another service provider; withdraw his/her consent to process his/her personal data; file complaints pertaining to the use of personal data to the Estonian Data Protection Inspectorate (web-site: www.aki.ee) if he/she considers that processing of his/her personal data infringes his/her rights and interests under applicable law.