Last updated October 2020
Contents
- Who does this policy apply to
- Purposes for which we collect and use your personal data
- Personal data collected by us
- Further information/marketing
- Personal data retention
- Sharing personal data
- Monitoring of communications
- Data Security
- Disclosures applicable to individuals in Europe and the UK
- 9.1 Legal basis for processing personal data
- 9.2 Your rights in connection with your personal data
- 9.3 Contact details for data requests and complaints
- 9.4 Transfers of personal data
- 10.0 Privacy Notice and Disclosures for California Residents
1 Who does this policy apply to
This is the privacy policy of the MarketAxess group of companies (MarketAxess Holdings Inc. and its global subsidiaries) and is aimed at external persons only. This policy does not apply to employees. Existing or prospective employees should contact the MarketAxess Human Resources Department for a copy of the staff privacy policy.
The amount of personal (PII) data that we hold on you and how we use it depends on your relationship with the relevant MarketAxess company and the products and services you use. Therefore, some of the information below may not be relevant to you.
2 Purposes for which we collect and use your personal data
We collect and use personal data for the following purposes:
- administering our existing and prospective business relationships and providing our services;
- reporting to regulators, other relevant authorities and self-regulatory organisations;
- obtaining feedback on our services, including conducting market or customer satisfaction research and statistical analysis (including behavioural analysis);
- to improve and personalise our services and marketing, and provide individuals with information concerning products and services which we believe may be of interest;
- compliance with any requirement of law, regulation, associations or voluntary codes adopted by any MarketAxess company, or good practice;
- confirming and verifying an individual’s identity (this may involve the use of a credit reference agency or other third parties, as well as publicly available government and/or law enforcement agency sanctions lists);
- the detection, investigation and prevention of fraud, breaches of our network security, the law or our contract terms, and other crimes or malpractice; and
- for the purpose of, or in connection with, any legal proceedings (including prospective legal proceedings), for obtaining legal advice or for establishing, exercising or defending legal rights,
together the “Specified Purposes”.
Please see the ‘European Specific Disclosures’ section below for the legal basis for our processing of personal data of individuals within the EU and UK.
3 Personal data collected by us
MarketAxess collects the following personal data in its day-to-day business:
- identity and contact details which are required in order to provide our services, including business email, address and contact numbers and, for certain MarketAxess Services accessed within the EU and UK, this will also include your date of birth, nationality and national ID (for example, passport number).
- data we obtain through our human interactions with you, including from phone calls and email correspondence, meetings with our staff, attendance and participation in events and certain relevant details about your preferences with regard to your interactions with MarketAxess or its products and services;
- data digitally gathered by us in connection with your systemised use of our services, such as generic types of data accessed, times and volume of use of the services and traffic data. For information about our use of cookies, please refer to the MarketAxess Cookie Policy; and
- data required by us to comply with applicable law and our regulatory obligations.
We may obtain personal data directly from you (e.g. when using our services and contacting us); from third parties (e.g. your employer, public databases and social media platforms and referrals), and automatically through your use of our website and services (e.g. technical data collected through cookies).
If you do not provide the personal data which we require, we may be unable to perform or manage our contractual or legal obligations, and we may not be able to provide our products and services to you or your organization.
4 Further information/marketing
If you have agreed to such contact, we may contact you about our other services to which you do not subscribe but which may interest you. We may, for example, invite you to attend a conference or a webinar. Such contact may be by post, email, or by telephone from time to time. You have a right to ask us at any time not to contact you by way of direct marketing.
5 Personal data retention
We will retain your personal data for as long as necessary, reflecting our need to provide our services, respond to queries and regulatory requests and resolve problems, and to comply with applicable law.
We have established internal policies for the deletion of personal data in accordance with our legal and regulatory obligations.
6 Sharing personal data
We may share your personal data:
- with others in your own organisation (i.e. we may pass certain personal data to your employer about your use of our service where the employer has a legitimate reason to receive it. Similarly, if you are the contact person in your organisation for a service, we may pass your contact details to those in your organisation for this purpose);
- within our group in order to manage and provide our services, and for other legitimate business purposes;
- with our business partners, suppliers and sub-contractors that supply services to us which require the processing of such personal data;
- as required by law, including competent regulatory and governmental agencies;
- as part of any reorganisation, sale or merger of all or a portion of the MarketAxess group; and
- where relevant in the context of services, we may disclose your personal data to other customers (such as trade matching or disclosed trading on a permissioned basis to customers or counterparties).
7 Monitoring of communications
We may monitor some email and other communications between you and individuals at MarketAxess. The reasons we may do this are related to the security of the relevant MarketAxess company, its staff and others, regulatory compliance, for detection and prevention of crime and to identify correct recipients or to make sure communications are dealt with during staff absence. In the case of emails, we may reject, delay or remove content from emails which have a nature, content or attachments which may disrupt our systems or because they may pose security issues such as viruses. We may also filter out emails which contain certain content on the basis that content is offensive or the email is unwanted or spam. In certain circumstances, this may unfortunately result in ‘innocent’ communications being affected but we do try and reduce such occurrences.
Telephone calls to our help desks or customer relations may also be recorded for quality control, regulatory and monitoring purposes.
8 Data Security
We have developed strict corporate policies governing information technology and security and take appropriate and technical organisational measures to safeguard the personal data which we hold. These cover areas such as access control, authentication, audit, monitoring, data storage and back up standards and environment integrity.
9 Disclosures applicable to individuals in Europe and the UK
This section 9 applies to the personal data of individuals within the EU and UK that is processed by any of the following MarketAxess firms as a data controller: MarketAxess Europe Limited, MarketAxess Capital Limited, MarketAxess NL B.V, Xtrakter Limited and/or Trax NL B.V.
9.1 Legal basis for processing personal data
The legal justifications for the processing of personal data for the Specified Purposes (as set out in section 2 above) include:
- our requirement to comply with applicable laws and regulations (for example, in relation to Specified Purposes (b), (e), (f), (g) and (h));
- fulfilment of our contractual obligations (for example, in relation to Specified Purposes (a) and (b)); and
- other processing in pursuance of our legitimate interests where not outweighed by the interests of the relevant individuals (for example, in relation to Specified Purposes (c), (d) and (h).
As a general rule, we do not seek to rely on the consent of individuals for the processing of their personal data. Where we do require consent, the individuals or their organisation will be approached in order to obtain the necessary consents. If we provide services that involve the disclosure of personal data on behalf of a client or counterparty (including, without limitation, disclosures to third parties outside the EU), it shall be the responsibility of such client or counterparty to ensure that it has all necessary rights to permit us to process and disclose the personal data accordingly.
9.2 Your rights in connection with your personal data
Access
If you are based in the EU or UK, you may request to:
- look at or obtain a copy of your personal data, including personal data in electronic and paper format; and
- be told the nature of personal data we hold about you, the purpose of processing such personal data and to whom the personal data may be disclosed.
Accuracy
You may request to have inaccurate personal data which we hold about you to be corrected, and any incomplete personal data to be completed.
Restriction, erasure and objection
You may:
- request that we restrict the processing of personal data where there is a problem with the underlying legality of the processing of such personal data;
- object to our processing of your personal data where it impacts your fundamental interests, rights and freedoms and we are relying on a legitimate interest for such processing; and
- request that we erase your personal data, subject to our data retention periods and policies as may be amended from time to time.
Where consent was relied upon as the basis for processing your personal data, you may object, change or withdraw that consent. A withdrawal of consent will not affect the lawfulness of any processing of that personal data that took place prior to such withdrawal.
Portability
In some circumstances, you may request that your personal data be provided to you or to a third party in a structured, commonly used and machine readable form. This right has a limited scope and only applies to personal data processed pursuant to a relevant contractual relationship and processing operations carried out by automated means. It also does not cover paper files and only applies to personal data available in electronic format.
9.3 Contact details for data requests and complaints
Any request or other communication with respect to access to your personal data may be exercised by sending a written request by post or email to our Client Services team at:
Level 10
5 Aldermanbury Square
London EC2V 7HR
Email: MarketAxess - [email protected] / Trax [email protected]
We will use reasonable endeavours to fulfil a request within one month of receiving a formal written request, subject to any extensions which may be permitted by law. We will only fulfil formal requests where it is technically feasible and to the extent that we are legally permitted to do so. In circumstances where we are not able to fulfil a formal request or if additional time is required to satisfy a request, we will advise you of this in writing.
If you have any concerns regarding our processing of your personal data, and we have not sufficiently addressed those concerns, then you may raise your concerns with the Information Commissioner’s Office (www.ico.gov.uk).
9.4 Transfers of personal data
MarketAxess operates globally and therefore we may transfer your personal data internationally to MarketAxess group companies and third party service providers, including to countries which do not have the same level of legal protection for personal data.
We seek to require those to whom we transfer personal data to protect it appropriately, including using EU-approved data transfer contracts. In this way, we work to protect personal data transferred to countries which do not have data protection laws or whose laws are less strict.
10.0 Privacy Notice and Disclosures for California Residents
This section 10 applies solely to the personal data of users who reside in the State of California ("consumers" or "you") and supplements the information contained in MarketAxess’ Privacy Policy. We have included this section 10 to comply with the California Consumer Privacy Act of 2018 (CCPA) and any terms defined in the CCPA have the same meaning when used in this notice.
Your Rights and Choices: The CCPA provides consumers with specific rights regarding their personal information. This section describes your CCPA rights and explains how to exercise those rights.
- Access to Specific Information and Data Portability Rights. You have the right to request that MarketAxess disclose certain information to you about our collection and use of your personal information over the past 12 months. Once we receive and confirm your verifiable request, we will disclose to you: (i) the categories of personal information we collected about you; (ii) the categories of sources for the personal information we collected about you; (iii) our business or commercial purpose for collecting or selling that personal information; (iv) the categories of third parties with whom we share that personal information, if any; (v) the specific pieces of personal information we collected about you (also called a data portability request); (vi) if we sold or disclosed your personal information for a business purpose, two separate lists disclosing: (a) sales, identifying the personal information categories that each category of recipient purchased; and (b) disclosures for a business purpose, identifying the personal information categories that each category of recipient obtained.
- Deletion Request Rights. You have the right to request that MarketAxess delete any of your personal information that we collected from you and retained, subject to certain exceptions. Once we receive and confirm your verifiable consumer request, we will delete (and direct our service providers to delete) your personal information from our records, unless an exception applies. We may deny your deletion request if retaining the information is necessary for us or our service provider(s) to: (i) complete the transaction for which we collected the personal information, provide a good or service that you requested, take actions reasonably anticipated within the context of our ongoing business relationship with you, or otherwise perform our contract with you; (ii) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for such activities; (iii) debug products to identify and repair errors that impair existing intended functionality; (iv) exercise free speech, ensure the right of another consumer to exercise their free speech rights, or exercise another right provided for by law; (v) comply with the California Electronic Communications Privacy Act (Cal. Penal Code § 1546 et. seq.); (vi) engage in public or peer-reviewed research in accordance with Section 1798.105 (d)(6) of the CCPA; (vii) enable solely internal uses that are reasonably aligned with consumer expectations based on your relationship with us; (viii) comply with a legal obligation; or (ix) make other internal and lawful uses of that information that are compatible with the context in which you provided it.
- Exercising Access, Data Portability, and Deletion Rights. To exercise the access, data portability, and deletion rights described above, please submit a verifiable consumer request to us by either:
Visiting https://www.marketaxess.com/contact-us or
E-mail: [email protected].
Only you, or a person registered with the California Secretary of State that you authorize to act on your behalf, may make a verifiable consumer request related to your personal information.
You may only make a verifiable consumer request for access or data portability twice within a 12-month period. The verifiable consumer request must: (i) provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative; and (ii) describe your request with sufficient detail that allows us to properly understand, evaluate, and respond to it. We cannot respond to your request or provide you with personal information if we cannot verify your identity or authority to make the request and confirm the personal information relates to you. We will only use personal information provided in a verifiable consumer request to verify the requestor's identity or authority to make the request.
- Response Timing and Format. We endeavor to respond to a verifiable consumer request within forty-five (45) days of its receipt. If we require more time (up to 90 days), we will inform you of the reason and extension period in writing. Any disclosures we provide will only cover the 12-month period preceding the verifiable consumer request's receipt. The response we provide will also explain the reasons we cannot comply with a request, if applicable. For data portability requests, we will select a format to provide your personal information that is readily useable and should allow you to transmit the information from one entity to another entity without hindrance. We do not charge a fee to process or respond to your verifiable consumer request unless it is excessive, repetitive, or manifestly unfounded. If we determine that the request warrants a fee, we will tell you why we made that decision and provide you with a cost estimate before completing your request.
- Non-Discrimination. We will not discriminate against you for exercising any of your CCPA rights. Unless permitted by the CCPA, we will not: (i) deny you goods or services; (ii) Charge you different prices or rates for goods or services, including through granting discounts or other benefits, or imposing penalties; (iii) provide you a different level or quality of goods or services; (iv) suggest that you may receive a different price or rate for goods or services or a different level or quality of goods or services. However, we may offer you certain financial incentives permitted by the CCPA that can result in different prices, rates, or quality levels. Any CCPA-permitted financial incentive we offer will reasonably relate to your personal information's value and contain written terms that describe the program's material aspects. Participation in a financial incentive program requires your prior opt in consent, which you may revoke at any time.
Contact Information: If you have any questions or comments about this notice, the ways in which MarketAxess collects and uses your information described in this section 10, your choices and rights regarding such use, or wish to exercise your rights under California law, please do not hesitate to contact us at:
Website: https://www.marketaxess.com/contact-us
Email: [email protected]
Postal Address:
MarketAxess
55 Hudson Yards Floor 15
New York NY 10001
Changes to Our Privacy Notice: MarketAxess reserves the right to amend this privacy notice at our discretion and at any time. When we make changes to this privacy notice, we will post the updated notice on the Website and update the notice's effective date. Your continued use of our Website following the posting of changes constitutes your acceptance of such changes.
Version Control
Version |
Date |
Changes/Comments |
Review conducted by |
1 |
October 2020 |
N/A |
Legal |