1.1. The Change Ltd.provides online trading services via its brand “FXRichmond” and its European billing agent and The Change Ltd website.
1.2. This Agreement covers all relationships between the Company and its clients who have registered on The Change Ltd. The Company provides its services only to persons who are of legal age.
1.3. The Company has the right to change or amend the Agreement at its sole discretion from time to time. All changes will be effective immediately, once updated and published on the website. If the Client continues to use the services of the Company after this term, then by default this means the Client has given consent to the changes that have been made. For the avoidance of doubt, it is advised that the Client regularly checks this Agreement for any changes and monitors news on The Change Ltd.
Privacy & Security
Access to a client’s personal information is restricted to the personnel who must have knowledge of such information in order to provide certain services to our clientele. We implement a series of electronic, procedural and physical safeguards which adhere to all applicable laws to ensure for the optimum safety of clients’ personal information.
Clients may be asked to provide us with certain identification documents in addition to other necessary documents we may require, as a precondition for performing transactions through our site. If clients do not provide these documents as and when prompted, the Company reserves the right to freeze the client’s account for any period of time, or even permanently shut down the account. Without prejudice to the aforementioned, the Company may, at its sole discretion, refuse to open an account for any or no reason for any person or corporation.
The General Data Protection Regulation (GDPR) 679/2016, replaces the 1995 Data Protection Directive (95/46/EC), and is designed for the protection of natural persons with regards to processing of personal data and on the free movement of such data. It harmonizes data privacy laws across Europe and it addresses the export of personal data outside the EU with the aim to protect all EU citizens’ data privacy and reshape the way organizations approach data privacy.
Under the GDPR, EU Clients are entitled to the following rights related to their personal Data:
- Right of access
- Right to erasure
- Right to data portability
- Right to rectification
- Right to restrict or object processing
What information are you entitled to under the GDPR?
Under the GDPR, as a client you have the rights to obtain:
- Access to your personal data
- Confirmation that your data is being processed
- The purposes of the processing
- The categories of personal data concerned
- The recipients of personal data
- The data storage period/if not, the criteria which determines the storage period
- The right to lodge a complaint with a supervisory authority
- The existence of automated decision making
- If the personal data is transferred to a third country/ right to be informed of the appropriate safeguards relating to the transfer
Right to Erasure
Under article 17 of the GDPR, as a client you have the right to have your personal data erased. This right is also known as the ‘right to be forgotten’, however, please note as per our company’s policy, we automatically erase any of this information after the minimum required regulation time, therefore there is no need to request it individually.
As part of the measures we take to safeguard our clients’ private information and accounts, the Company will implement and update advanced data protection procedures.
The Change Ltd invests substantial resources in ensuring its clients information is protected, as we view security in all senses as something of the utmost importance. To ensure authorized access only, The Change Ltd employs a two tier top class firewall protection: one at the server level and one at the application level. For user authentication and data transfer, The Change Ltd uses an advanced SSL certificates.
The application servers, i.e. the servers that handle our clients’ online activity, are separate from the transaction information, which is stored on a different data server.
For data recovery, integrity and replication, The Change Ltd uses two different server farms, which are physically located apart from each other. Data must be synchronized in both locations, and thus cannot be tampered with. All information stored on the servers is encrypted.
The use of our website with a client’s username and password is the sole responsibility of that client and the Company shall not be held responsible for any such use, or for validation that it is the client who is in actuality operating his/her Account.
The most common method for securing the exchange of data is encryption. The way encryption works is by encoding the data transferred over the communication line in a special way at the sending end, and decoding it using the same algorithm in reverse at the receiving end. The data being transferred through the communication channel is of no meaning or use to an eavesdropper, even if he does successfully intercept the data. Unless the interceptor can decode the data, it cannot be read. The length of the encryption key determines the encryption strength, while the key used to encrypt/decrypt the data is in the form of a very long number. The longer the number, the more difficult it is, exponentially, to decode the data. Lengths of keys vary between 32, 64, 128, 256 bit and so on. The minimum length for what is considered good security is 64-bit. When selecting a very long key, computing power must be taken into consideration as more is required to encode/decode the message, and at times this can cause the processing time to be slow. Different software protocols are used for privacy and data integrity, but they are overall handled in the same way as described above.
You can access our system by entering a username and password unique to you. This data is personal and must not be revealed to others on your end. Please take care that when you log into the system using your personal details, no unauthorized person is in a vicinity where they can view this information. Your personal password must never be revealed to anyone, and this includes service personnel. If anyone requests your password for whatever reason, do not reveal it to them and notify customer service immediately.