Margin trading products are complex instruments and come with a high risk of losing money rapidly due to leverage. 85.3% of retail investor accounts lose money when trading on margin with this provider. You should consider whether you understand how margin trading works and whether you can afford to take the high risk of losing your money.

Privacy Policy

Pepperstone Markets Kenya Limited


Company No: PVT-PJU7Q8K

Version: 2

Review: Annual

Date: October 2021

1. Introduction

1.1 Protecting your privacy and keeping your personal information confidential is very important to us. This Privacy Policy (“Policy”) sets out how we collect and manage your personal and sensitive information.

1.2 This Policy describes the types of personal information that we collect about you when you choose to use our services, how we’ll use your personal information and how we’ll keep it safe. Please take the time to read this Policy carefully so that you can understand how we handle your personal information.

2. Who we are

2.1 Pepperstone Markets Kenya Limited is a limited company registered under organisation number PVTPJU7Q8K at 2nd Floor, The Oval, Ring Road Parklands, P.O Box 2905 -00606, Nairobi, Kenya. Pepperstone Markets Kenya Limited is part of the Pepperstone group of companies which includes Pepperstone Group Limited, our Australian parent company. Both companies are separate data controllers but are collectively referred to in this Policy as “Pepperstone” “we” “us” or “our”.

2.2 We’re an online trading platform which assists retail and institutional investors to trade over- thecounter derivatives, including margin foreign exchange (“Forex”) contracts, spread-bets and contractsfor-difference (“CFDs”). Our online trading platforms operate through the www.pepperstone.com/en-af website (our “Website”) and the Pepperstone mobile applications (the “Apps”).

2.3 “Client”, “you” or “your” means an individual who’s the subject of the personal information that we process as a data controller.

2.4 We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Policy. If you have any questions about this Policy, including any requests to exercise your legal rights, please contact the DPO using the details set out below:

Attn: Data Protection Officer

2nd Floor, The Oval

Ring Road Parklands

P.O Box 2905 -00606

Nairobi

Kenya

Email: compliance.ke@pepperstone.com

Phone Number: +254 2038 93547/8/9

2.5 You have the right to make a complaint at any time to the Office of Data Protection Commissioner (“ODPC”), the supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the ODPC so please contact us in the first instance.

3. Scope of this Privacy Policy

3.1 This Policy (together with our Terms and Conditions of Service and any other documents referred to in it) sets out the basis on which we’ll process any personal information we collect from you, or that you provide to us. This Policy also sets out how you can instruct us if you prefer to limit the use of your personal information and the procedures that we have in place to safeguard your privacy.

3.2 For the purpose of this Policy, Data Protection Law means the Data Protection Act 2019. For the purpose of the Data Protection Law the data controllers are Pepperstone Markets Kenya Limited and Pepperstone Group Limited.

3.3 By using our Websites or our Apps, applying for an account with us or giving us information, you’re indicating that you understand how we collect, use and disclose your personal information in line with this Policy. If you don’t agree with this Policy, you mustn’t use our Website and our Apps, access our services or provide any information to us.

4. Data we collect (or receive) about you

4.1 Personal information is any information about you that is capable (or reasonably capable) of identifying you. It does not include data where the identity has been removed (anonymous data).

4.2 Sensitive information includes things like your racial or ethnic origin, political opinions or membership of political associations, religious or philosophical beliefs, membership of a professional or trade association or trade union, sexual orientation or criminal record. Your health, genetic and biometric information and biometric templates are also sensitive information. Sensitive information is also personal information for the purposes of Data Protection Law.

4.3 The personal information we collect (or receive) about you may include the following:

(a) name;

(b) date of birth;

(c) postal or email address; or

(d) phone numbers, including home, mobile and work;

(e) fax number;

(f) source of wealth;

(g) occupation;

(h) credit card details;

(i) bank account details, including institution name, branch, account name, bank identifier, and account number or IBAN;

(j) trading experience information, including your understanding of relevant risks and ability to withstand financial loss.

4.4 We’re required by law, such as the Proceeds of Crime and Anti-money Laundering Act 2019, Prevention of Terrorism Act 2012 and the Guidelines on Prevention of Money Laundering in the Capital Markets (“AML Laws”), to identify you if you’re opening a new account or adding a new signatory to an existing account. The AML Laws require us to obtain and record details ofcertain documents (i.e. photographic and non photographic documents). Identification documentation, as required under the AML Laws, includes:

(a) passport;

(b) driver’s licence;

(c) national identity card;

(d) utility bills;

(e) trust deed;

(f) information relating to your source of wealth;

(g) a credit or bankruptcy check; and/or

(h) other information we consider necessary to our functions and activities.

4.5 Where necessary, we also collect information on the following individuals:

(a) trustees;

(b) partners;

(c) company directors and officers;

(d) officers of co-operatives and associations;

(e) client’s agents;

(f) beneficial owners of the client; and

(g) persons dealing with us on a “one-off” basis.

4.6 We may take steps to verify the information we collect. For example, a birth certificate provided as identification may be verified with government-held records (such as births, deaths and marriages registers) to protect against impersonation, or we may verify with an employer that employment and remuneration information provided in a credit application is accurate.

4.7 You have the option of not identifying yourself, or of using a pseudonym, when dealing with us in relation to a particular matter. However, we can only provide you with this option when it is not impracticable for us to do so and when no law requires identification. If you fail to provide information that we request which is mandatory, we may not be able to proceed with your request. This will include any information required for legal purposes or information that we require to start a business relationship with you. All mandatory questions will be marked.

5. How we collect personal information

5.1 We may collect (or receive) and process your personal information when:

(a) you contact us, whether through our Website, our Apps or otherwise (for example, via our online form, by e-mail, post, fax or phone), as we may keep a record of that correspondence. For example, if you submit a complaint, report a problem with our services or our Website or our Apps or otherwise liaise with our sales, technical support or any other department in our company. This includes information provided by you when you update your trading account such as your name, email, country, password, etc;

(b) we ask you to complete surveys that we use for research purposes, although you do not have to respond to them;

(c) you use and interact with our Website or our Apps including your device’s manufacturer and model, IP address, browser type and version, time zone setting, browser plug-in types and versions, operating system, web browser, platform, mobile carrier, and your ISP. We may collect details of your visits to our Website or our Apps (including, but not limited to, traffic data, location data, weblogs and other communication data). We do this via email and website cookies, and similar tracking technology built into our Website and Apps. We make cookie policies available on each of our Website and Apps to give you more detailed information on how we use them;

(d) you use your trading account to login to and use our platform technology and other features and functionalities;

(e) you use the online trading products we provide to you. Under no circumstances are these details disclosed to any third parties other than those who need to know this information in the context of the services we provide; or

(f) you use social media, including “like” buttons and similar functions made available by social media platforms.

6. How we may use your personal information

6.1 We may process your personal information for one or more lawful bases of processing (“Lawful Basis”) depending on the specific purpose for which we are using your data (see below).

6.2 We may process your personal information in the following ways:

Purpose of data processingLawful basis
Dealing with your inquiries and requests, including contacting you if necessary. Your consent or performance of our contract with you.
Notifying you about important changes or developments to our Websites, our Apps or to our products or services (e.g. changes of features or enhancements). Performance of our contract with you or necessary for our legitimate interests.
Carrying out our obligations arising fromany contracts connected to you. Performance of our contract with you or necessary for our legitimate interests.
Providing and personalising our services, enhancing your client experience and tailoring our services to you.Performance of our contract with you or necessary for our legitimate interests.
Giving you access to all parts or features ofour Websites, our Apps or our services.Performance of our contract with you or necessary for our legitimate interests.
Where applicable, processing your payments.Performance of our contract with you or necessary for our legitimate interests or to comply with our legal obligations.
Administering your registration and/or membership and other trading account records.Performance of our contract with you or necessary for our legitimate interests.
Market research, analysis and creating statistics.Your consent, performance of our contract with you or necessary for our legitimate interests.
Sending you marketing communications, for instance, to contact you from time to time regarding things you have told us you want to hear about, such as new products, special offers, competitions and sponsored events. If you use our Apps, we may use push notifications to highlight when we’ve added new offers and promotions that may be of interest to you. Your consent or necessary for our legitimate interests.
Preventing, detecting and investigating potentially prohibited or illegal activities, and enforcing our Terms and Conditions of Service.To comply with our legal obligations or necessary for our legitimate interests.
Improving and developing our Website, our Apps or our products and services, as well as collecting feedback from you about our Websites, our Apps, and other activities. For example:
  • we may need to gauge whether a new product, website feature or App is likely to appeal to a large proportion of our client base. If it doesn’t, we’ll want to know why; or
  • occasionally we may invite you to review a website or App. If we do, it’s possible that we will use independent research and feedback providers to act on our behalf.
Performance of our contract with you or necessary for our legitimate interests.
Ensuring that content from our Website is presented in the most effective manner for you and for your computer or mobile device.Performance of our contract with you or necessary for our legitimate interests.
Ensuring we’ve got adequate security measuresand services in place so you can safely access our Websites and our Apps. Performance of our contract with you, to comply with our legal obligations or necessary for our legitimate interests.
Complying with all the applicable laws and regulations.To comply with our legal obligations.
Debt recovery or debt tracing, crime, fraudand money laundering compliance.To comply with our legal obligations or necessary for our legitimate interests.
Recruitment purposes - if you’ve appliedfor a position with us, including contacting you to discuss a role and to assess your suitability.Your consent, performance of our contract with you or necessary for our legitimate interests.
Monitoring how people use our Websites and our Apps to see if they’re being abused or threatened, for example, by internet trolls posting inappropriate comments in review areas or by would-be hackers looking to undermine our security.Your consent, performance of our contract with you or necessary for our legitimate interests.
Allowing us to understand our client base across all our businesses. We do this by merging your details with information from other clients of our Websites and Apps. We can then spot trends and common factors among clients, plus we can tailor our business approach, our marketing communications, our digital and social media, our Websites and Apps to the things we believe you and other people like you would be most interested in. This process involves the analysis of many human traits and is sometimes called profiling‘market segmentation’ or ‘client segmentation’. Among other things, we look at common trendsor ‘segments’ based on people’s geographic location, trading behaviour, online behaviours, engagement with marketing activities (e.g. email opens and clicks), preferences, and any other personal information you have submitted to us or arising from your use of our Websites or our Apps.Processing is necessary for our legitimate interests.
Testing new systems and processes as we roll them out (but generally only in anonymous form) to make sure they work correctly and meet the standards we set for ourselves.Processing is necessary for our legitimate interests.
Taking steps to verify the data we collect. For example, if you provide a birth certificate as identification, we may verify this with records held by the General Register Office to protect against impersonation, or we may check with your employer that the employment and remuneration information you’ve provided in an application for credit is accurate.Performance of our contract with you, to comply with our legal obligations or necessary for our legitimate interests.
Checking some of the information that you provide to us against third party databases to confirm that it’s accurate. Performance of our contract with you, to comply with our legal obligations or necessary for our legitimate interests.
Accessing your financial information, such asyour billing address, bank account details and payment history to allow us to take payments from you in connection with the online trading products you purchase, send you refunds or enable our support team to deal with your enquiries. We don’t disclose these details to any third parties other than those who need to know this information for the performance of the services that you’ve requested. Performance of our contract with you, to comply with our legal obligations or necessary for our legitimate interests.
Collecting social media content if it’s in the public domain, and any messages you send direct to us via social media. This informationcan include posts and comments, pictures and video footage on websites such as YouTube, Facebook and Twitter. We may process this information as necessary to respond to any social media posts or other public comments you might make, whether they are directed to us or about us, our Websites, mobile Apps or other activities, to resolve disputes, provide technical support and troubleshoot problems, as permitted by law. Performance of our contract with you, to comply with our legal obligations or necessary for our legitimate interests.

6.3 If you’re an existing client, we may contact you by email, SMS, phone, post, messaging apps or other electronic means with information, products or services that you request from us or with information, products or services which are similar to the services we are providing to you (independently or jointly with others), unless you’ve opted out of being contacted for these purposes. If you change your mind about being contacted in the future, please let us know.

6.4 We don’t sell, rent, or otherwise provide your personal information to third parties unless you consent to this or it’s necessary to provide you with our services, conduct our associated business activities or as described in this Policy. We may share information with any member of our group of companies, which means our subsidiaries, our ultimate holding company and its other subsidiaries (the “Affiliates”).

6.5 We may place a cookie on your device when you access our Websites or our Apps. These cookies will let us know when you’ve accessed our Websites or downloaded or used our Apps. We’ll share this information with our advertising providers such as Facebook or Twitter (e.g. IP addresses or unique mobile identifiers). The cookies will let our advertising providers know when to serve ads and who to serve them to, ensuring that our ads are only served to people who have previously visited our Websites or used or downloaded our Apps (“Retargeting”). You can find out more about our cookies in our “Cookies Policy” available on our Website here.

6.6 You may ask us to provide you with information about our services or about services offered jointly with or on behalf of other organisations by sending us an e-mail to compliance.ke@pepperstone.com or writing to us at:

Attn: Data Protection Officer

2nd Floor, The Oval

Ring Road Parklands

P.O Box 2905 -00606

Nairobi

Kenya

6.7 If you stop using our Website, our Apps or our services, or your permission to use our Website, our Apps or our services is terminated, we may continue to use and disclose your personal information in compliance with this Policy (as amended from time to time) and as permitted by law. If you want us to stop emailing you about our Website, our Apps or our services, please unsubscribe or send your request to the contact details set out above.

7. Your contact information

If you provide us with incomplete or inaccurate information, we may not be able to provide you with the products or services that you ask for. You can change your contact details at any time by updating your profile within your trading account. You can also update your communication preferences by changing your notification choices in your settings.

8. Sensitive information

We’ll only collect sensitive information about you if we have your consent, or if we’re required or authorised by law.

9. Aggregated Data

Aggregated data is general data about groups of people which doesn’t identify anyone personally, for example the number of people in a particular industry that engage in forex trading. We use aggregated data to:

(a) help us to understand how you use our products and services and improve your experience with us; and

(b) customise the way that we communicate with you about our products and services so that we can interact with you more effectively. We may share aggregated data with our business or industry partners.

10. Anonymity and pseudonymity

In certain situations we may be able to give you the option of using a pseudonym or remain anonymous when you deal with us. We’re only able to provide you with this option when it’s practical for us to do so, and if we’re not required by law to identify you.

11. Security of personal information

11.1 Nobody can guarantee the security of the Internet. Please be aware that communications over the Internet, such as emails/webmails, aren’t secure unless they’ve been encrypted. Your communications may route through a number of countries before being delivered.

11.2 We can’t accept responsibility for any unauthorised access or loss of personal information that’s beyond our control. That said, the protection of your personal information is extremely important to us and we have put a range of security procedures in place to keep it safe, as set out in this Policy.

11.3 Your trading account is protected by your username and password. You shouldn’t share your username and password with anyone else. When using social networking, group chat and forum features, please ensure that you don’t submit any personal information that you don’t want to be seen, collected or used by other users.

11.4 We’ll use reasonable endeavours to implement appropriate policies, rules and technical measures to protect the personal information that we have under our control (having regard to the type and amount of that data) from unauthorised access, improper use or disclosure, unauthorised modification, unlawful destruction or accidental loss. Our security measures include:

(a) implementing stringent IT security policies and providing regular training to employees on cyber vigilance and personal data protection;

(b) requiring our employees to use passwords and two-factor authentication when accessing our systems; encrypting data sent from your computer to our systems during internet transactions and client access codes transmitted across networks;

(c) employing firewalls, intrusion detection systems, monitoring and the latest patches and virus scanning tools to protect against unauthorised persons and viruses from entering our systems;

(d) using dedicated secure networks or encryption when we transmit electronic data externally for purposes of outsourcing;

(e) practising a clean desk policy for all premises and providing secure storage for physical records; and

(f) employing physical and electronic security measures such as swipe cards, alarms, cameras and guards (as required) to protect against unauthorised access to buildings.

11.5 From time to time you may interact with certain social media services such as social networks, chat groups and forums, in connection with the products that we offer. When using these features please take care not to submit any personal information that you don’t want to be seen, collected or used by other users.

12. Who we disclose personal information to

12.1 We may share your personal information for processing (for the purposes set out in this Policy) with:

(a) our affiliated product and service providers and external product and service providers that we may act as agent for (so that they can provide you with the product or service you’re asking for or in which you’ve expressed an interest);

(b) any person acting on your behalf, including your financial adviser, solicitor, settlement agent, accountant, executor, administrator, trustee, guardian or attorney;

(c) your nominated employment reference (to confirm details about you);

(d) introducing brokers, affiliates and agents who refer your business to us;

(e) credit reporting agencies;

(f) other financial institutions and organisations that we deal with in the course of our business or at their request, if you seek credit from them (so that they can assess whether to offer you credit);

(g) our employees, our Affiliates and their employees. For instance, Pepperstone Limited and Pepperstone Group Limited are part of the Pepperstone group of companies and will share your information;

(h) auditors or contractors or other advisers auditing, assisting with or advising on any of our business purposes;

(i) analytics and search engine providers that assist us in the improvement and optimisation of our Websites or our Apps;

(j) our successors in title, our prospective sellers or buyers of our business or to our Affiliates when we have a merger or re-organisation;

(k) government bodies and law enforcement agencies where required by law and in response to other legal and regulatory requests;

(l) any third-party where disclosure is required to enforce or apply our Terms and Conditions of Service or other relevant agreements;

(m) to protect the rights, property, integrity or security of our company, our clients, or others (including, without limitation, you). This includes exchanging information with other companies and organisations for fraud protection and credit risk reduction purposes;

(n) to our advertising providers for re-targeting purposes; and if you’ve given your consent, to selected third parties that may contact you about products and services which may be of interest to you in any jurisdiction where we operate.

12.2 Any social media posts or comments that you send to us (on our Facebook page, for instance) will be shared under the terms of the relevant social media platform (e.g. Facebook or Twitter) that you’ve used and could be made public. We don’t control these platforms and we’re not responsible for them sharing your information in this way. So, before you make any social media posts, you should review the terms and conditions and privacy policies of the platforms that you use. That way, you’ll understand how the platforms will use your information and how you can stop them from using it in certain ways if you’re unhappy about it.

12.3 We have confidentiality arrangements in place to cover off any situations where your personal information may become known to our contractors, agents and outsourced service providers. We don’t permit our contractors, agents and outsourced service providers to use or disclose personal information for any purposes other than our own.

12.4 Mobile app platforms:

(a) our Apps run on third-party software platforms, for example, Apple’s iOS platform which powers Apple’s iPhone, and Google’s Android platform which powers Android based smartphones; and

(b) your use of our Apps is also subject to the relevant mobile app platform provider’s terms and conditions and privacy policy. You should review their terms and conditions and privacy policy to ensure you understand the kinds of data (if any) they’ll gather about you, how they will use that data, and what you may be able to do if you are unhappy about it.

12.5 We won’t adopt a government related identifier (such as your passport, national ID or driver’s license number) as our own identifier unless required or authorised to do so under any applicable law, regulation or court/tribunal order. Before we use or disclose any government related identifier of yours, we’ll ensure that the use or disclosure is:

(a) reasonably necessary for us to verify your identity for the purposes of our activities or functions; or

(b) reasonably necessary for us to fulfil our obligations to a government agency or authority; or

(c) required or authorised by or under a UK law, regulation or a court/tribunal order; or

(d) reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

13. Your rights regarding your personal information

13.1 You’re entitled to exercise these rights regarding your personal information, with some exceptions which we’ve explained below:

(a) request access to your personal information (commonly known as a "data subject access request");

(b) request correction of the personal information that we hold about you;

(c) request erasure of your personal information. Please note that for legal reasons we might not always be able to comply with these requests. We’ll let you know if this is the case when you make your request;

(d) object to processing of your personal information if we’re relying on a legitimate interest (or those of a third party) and you feel it impacts on your fundamental rights and freedoms. You also have the right to object if we’re processing your personal information for direct marketing purposes. Please note that in some cases, we may prove that we’ve got compelling legitimate grounds to process your information which override your rights and freedoms;

(e) ask us to suspend the processing of your personal information, if:

i. you want us to establish the data's accuracy;

ii. our use of the data is unlawful but you don’t want us to erase it;

iii. you need us to hold the data even if we no longer require it, so that you can use it to establish, exercise or defend legal claims; or

iv. you’ve objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it;

(f) request the transfer of your personal information to you or to a third party. We’ll provide you, or a third party that you’ve chosen, with your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information (i.e. not to hard copies) which you initially consented to us using or where we used the information to perform a contract with you; and

(g) withdraw consent at any time if we’re relying on your consent to process your personal information. If you withdraw your consent, we may not be able to provide certain products or services to you. We’ll let you know if this is the case at the time you withdraw your consent. Please write to:

Attn: Data Protection Officer

2nd Floor, The Oval Ring Road Parklands

P.O Box 2905 -00606

Nairobi

Kenya

Email : compliance.ke@pepperstone.com

13.2 Please quote your name and address when you write to us and provide brief details of the data that you would like a copy of or which you would like to be corrected (this helps us to locate your data more easily).

13.3 We’ll require proof of your identity before providing you with details of any personal information we may hold about you.

13.4 We try to respond to all legitimate requests within 1 (one) month. It might take us longer than this if your request is particularly complex or if you’ve made a number of requests. We’ll let you know if this situation applies to you within 1 month of receiving your request and keep you updated.

13.5 We may charge you a reasonable fee if your request is manifestly unfounded, excessive or repetitive, or we receive a request to provide further copies of the same data. We may also refuse to comply with your request in these circumstances.

14. Access to your credit report

14.1 You have the right to ask for a copy of any credit report that we’ve obtained about you from a credit-reporting agency. Please note that we might not have retained a copy of the report after we’ve used it, so the best means of obtaining an up-to date copy is to get in touch with the credit-reporting agency directly.

14.2 You have the right to have any inaccuracies in your credit report corrected or, if there’s any dispute about accuracy, to have a note added to your credit reporting agency file explaining your position.

14.3 We’re required to let you know if we decline your credit application wholly or partly because of adverse information on your credit report.

15. Cookies

We use cookies to store and collect information about your use of our Website. Cookies are small text files stored by the browser on your equipment's hard drive. They send information stored on them back to our web server when you access our Website. These cookies enableus to put in place personal settings and load your personal preferences to improve your experience. You can find out more about our cookies in our “Cookies Policy” available on our Website here.

16. Where we store and process your personal information

The data that we collect from you may be transferred to, and stored at, a destination outside Kenya. It may also be processed by staff who work for us or for one of our suppliers or Affiliate companies outside of Kenya. Such staff may be engaged in, among other things, the fulfilment of your request, the processing of your payment details and the provision of support services. By submitting your personal information, you agree to this transfer, storing or processing. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Policy.

17. Your consent and changes to this Policy

17.1 We can amend or modify this Policy from time to time. If we do, we’ll postthe updated version on our Website and on our Apps. It’s your responsibility to check the Policy every time you submit your personal information to us.

17.2 We’ll let you know as soon as is practicable if our purposes for processing your personal information change, and seek your consent if we’ve introduced a new purpose for processing.

18. Use of your personal information submitted to other websites

18.1 Except as otherwise stated, this Policy only addresses the use and disclosure of personal information that we receive about you or collect from you.

18.2 If you disclose your personal information to others (e.g. websites that we link to), different rules may apply to their use or disclosure of the data that you disclose to them. We’re not responsible for the privacy policies and practices of other websites, even if you accessed the third-party website using links from our website.

18.3 We recommend that you check the policy of each website you visit and contact the owner or operator of that website if you have concerns or questions.

19. Data retention

19.1 We’ll only retain your personal information for as long as you have consented to it, or for as long as is necessary to us to provide you with our services or fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, reporting or regulatory requirements. For instance, under tax laws we have to keep basic information about our clients (including contact, identity, financial and transaction data), typically for six years after they cease being clients.

19.2 To decide on the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.

19.3 In some circumstances you can ask us to delete your data.

19.4 In some circumstances we may anonymise your personal information (so that it can nolonger be associated with you) for research or statistical purposes. In these situations, we may use this information indefinitely without further notice to you.

20. Further information

20.1 If there’s something that we’ve done, or failed to do regarding to your personal information, whether positive or negative, please let us know. Your comments enable us to learn as a business and continuously improve our services.

20.2 If you think there’s a problem with the way that we’re handling your data, you have the right to complain to:

Data Protection Commissioner

Office of the Data Protection Commissioner

P.0. Box 30920

00100 NAIROBI

CA Centre

Phone: +254 703042000/ +254 796954269/ +254 778048164

Email: info@odpc.go.ke

Complaints can be submitted using the complaints form on the CMA website at the following link: https://www.odpc.go.ke/report-a-complaint/

21. Your duty to tell us about changes

It’s important that the personal information we hold about you is accurate and current. Please keep us informed if your personal information changes during your relationship with us by emailing us at compliance.ke@pepperstone.com.