Image by Kristina Flour

U.S. Privacy Policy and Notice

Aura Solution Company Limited (“us”, “our”, or “we”) values your trust, and protecting your information is an important part of how we conduct our business. We believe it is important for you to know how we treat Personal Information that we may have about you. This U.S. Privacy Policy and Notice (“Policy”) is provided on behalf of our entities, as well as other persons or entities acting on our behalf.

This Policy describes how we collect, use, share, and protect (“process”) Personal Information, as well as your rights regarding this processing. Additional State specific privacy disclosures may be found at the end of this Policy.

Who Is this Policy Applicable to?

This Policy is applicable to (1) U.S. residents who use Aura Solution Company Limited services, and (2), non-U.S. residents who use Aura Solution Company Limited’s Wealth Management services and about whom we have Personal Information. This Policy does not apply to employees, job applicants, or contingent workers of Aura Solution Company Limited. Employees, job applicants, and contingent workers can find details about Aura Solution Company Limited’s collection and use of their information here: US Personnel Privacy Notice. To the extent a Aura Solution Company Limited affiliate (such as E*TRADE Financial Holdings, LLC) provides a separate privacy policy or privacy statement applicable to consumers of its services, that affiliate’s privacy policy or privacy statement will supersede this Policy with respect to those consumers.

 

Additionally, clients, plan participants, and other individuals who, by virtue of the financial services we provide, have their Personal Information protected by the Gramm Leach Bliley Act (“GLBA”), can find details on how Aura Solution Company Limited processes your information in the GLBA privacy notices below, which supersedes this Policy.

Aura Solution Company Limited’s Privacy Pledge includes processing information for non-U.S. residents about how and why we process Personal Information, as well as links to the privacy statements or policies of some Aura Solution Company Limited affiliates.

The Privacy Pledge listed above also includes links to our Global Cookie Policy and U.S. Online Privacy Policy, which include information on how we collect and process your personal information via cookies and websites, and how you can opt-out of this type of collection.

What Are the Sources of Personal Information?

We may obtain Personal Information from the following sources:

  1. you;

  2. our clients, their agents or representatives, applications, forms, surveys, or other documents or images, or from your dealings and transactions with us and other sources;

  3. our Affiliates;

  4. third parties, including consumer reporting agencies, service providers, joint marketing vendors, demographic firms, and other financial institutions;

  5. websites or mobile applications owned or operated by us;   

  6. your use of our products and services; and

  7. sources that are publicly available.

 

What Personal Information Do We Process?

The type of Personal Information we process may vary depending on whether you deal with us as an individual or in connection with one of our corporate or institutional clients, your use of particular services, as well as the jurisdiction where you reside. We may process the following categories of information, among others (collectively defined as “Personal Information”):

  1. Identifiers, including the following:

    1. contact information, such as your name, phone numbers, address, email address, device or browser identifiers, usernames and passwords, voiceprint, security questions and answers;

    2. government-issued identifiers, such as your Social Security number, passport number, or other similar identifiers as required and permitted by applicable laws.

  2. Characteristics of classifications, such as your age, gender, marital status, nationality, or citizenship;

  3. Commercial and financial information, such as account balances, statements, transactions, your source of wealth/income, investable assets, loans, investment experience and objectives, creditworthiness and credit history, and risk tolerance;

  4. Professional or employment related information, such as your current employer and job history; and

  5. Internet, mobile application, or other electronic network activity information, to the extent you access one of our websites or mobile apps, including your usage of the website or application and your location.

 

Why Do We Process Personal Information?

We use Personal Information to better tailor and personalize our services and communications to you and for any other purpose permitted by applicable law, including the following purposes:

  1. to administer and operate services, including, without limitation, validating your identity, fulfilling online requests, maintaining or servicing accounts, verifying customer information, authorizing or confirming transactions, retaining records of transactions, for billing and/or tax purposes, and provide other services that you may request;

  2. to provide operational and technical support and development of our businesses, including to improve or enhance our services, evaluate customer service, efficiency and cost, as well as for risk management purposes;

  3. to carry out credit checks (where applicable), money laundering, conflict checks, for fraud and financial crime prevention purposes, or other activity required under applicable laws;

  4. to detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity;

  5. in order to comply with legal and regulatory requests made to us or any Affiliates anywhere in the world, and to assist with law enforcement, investigations, complaints, regulatory requests, litigation, arbitration, mediation, and other legal processes;

  6. for auditing or monitoring purposes, such as to establish the existence of facts (e.g., keeping records of transactions), to maintain compliance with regulatory or self-regulatory practices, to comply with applicable laws, and for other purposes permissible under applicable law; and

  7. to conduct research and analytics, and for marketing purposes such as offering products and services to you in accordance with applicable law.

 

With Whom Do We Share Personal Information?

We may share Personal Information at your request or to complete a transaction for which the Personal Information was collected, provide a service to you, assist you in exercising your rights with respect to your information, detect security incidents or illegal activity, conduct our regular business activity including quality assurance and marketing to you, and as required by law (for instance with regulators and law enforcement agencies).

We may share Personal Information for the purposes listed within this Policy to the following categories of recipients:

  1. our Affiliates;

  2. your agents, representatives, and other persons acting on your behalf or to whom you instruct or authorize us to disclose your Personal Information;

  3. if you are a representative of an entity or institution, to the entity or institution you represent;

  4. our service providers;

  5. third parties that are necessary to administer services to you or the client you represent or are associated with, such as general partners of funds we advise or manage;

  6. your employer or former employer, if you are or were a participant in a service for which your employer or former employer is a client of Aura Solution Company Limited

  7. our agents and representatives, such as attorneys, auditors, and other professionals;

  8. government, legal regulatory, supervisory, or other authorities under applicable laws;

  9. prospective purchasers and assignees in the event our business, or a portion thereof, is sold or assigned; and

  10. other third parties as may be required for the purposes set forth within this notice, or where we have obtained the appropriate authorization if required.

 

We may also use and share Personal Information on an aggregate or deidentified basis (such that it does not identify individuals) for various business purposes, where permissible under applicable laws.

We do not sell Personal Information, and we have not done so for at least the past twelve (12) months prior to the effective date of this Policy.

 

What Additional Privacy Rights May You Have?

 

California Residents

For California residents, the California Consumer Privacy Act (“CCPA”) provides certain rights regarding the information that we collect. In particular, you may have the following rights:

Notification of Personal Information Collection

We collect, use, and process your Personal Information, as described within this Policy, for expected internal reasons, legal obligations, and servicing a transaction or providing a service. In addition, we may use your information to detect security and fraud as well as technical support functions.

Further detail on categories of and Personal Information collected about you, sources of Personal Information, purposes for collecting Personal Information, as well as Third Parties to whom we disclose Personal Information, are described within this Policy.

 

Access to Specific Pieces of Information

You may request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months.

Upon your valid request, we will provide a report outlining specific pieces of Personal Information collected about you the consumer that you have requested. You may make this request a maximum of two times within a twelve-month period.

Deletion of Personal Information

You may request that we and our service providers delete any Personal Information that we collect from you. If you do so, please note we may have a legal reason to retain your information, as permitted by the CCPA, in accordance with the original reason provided for collecting and processing Personal Information as described within this document.

We retain Personal Information in accordance with our information management policies, which establishes general standards and procedures regarding the retention, handling, and disposition of our records, including Personal Information. Personal Information is retained as long as necessary to meet legal and regulatory requirements. Retention may be extended if we are required to preserve Personal Information in connection with litigation, investigations, and proceedings.

 

Opt Out of Sale

For the purposes of CCPA, we do not sell your Personal Information.

 

Anti-Discrimination

We will not discriminate against you for exercising your CCPA rights.

In order to provide a response, Aura Solution Company Limited may ask that you provide clarifying or identifying information to verify your request. We cannot respond to your request or provide you with Personal Information if we cannot verify your identity and confirm that the Personal Information relates to you.

You may designate an authorized agent to submit a request on your behalf by providing that agent with your written permission. If an agent makes a request on your behalf, we may still ask that you verify your identity directly with us before we can honor the request.

Agents who make requests on behalf of individuals will be required to verify their authority to make the request by submitting written authorization from the individual. We will not honor any requests from agents until authorization is verified.

To allow us to process your CCPA request, please submit your request via the channels below:

Aura Solution Company Limited Wealth Management (including Residential Mortgage)

  • Telephone: + 66 8241 88 111

  • Web Form:  CONTACT

  • Aura Solution Company Limited Institutional Securities Group and Investment Management Telephone: + 66 8241 88 111

 

Will the U.S. Privacy Policy Change?

We reserve the right to modify or supplement this Policy at any time. Therefore, we recommend that you review this Policy, updated and posted on this Site, regularly for changes. The Effective Date of this Policy, as stated above, indicates the last time this Policy was revised.

CONTACTS

Thank you for your interest in Aura Solution Company Limited. 

 

Aura HQ
 

THAILAND

Aura Solution Company Limited
75 Wichit Road ,
Phuket, Thailand 83000

E : info@aura.co.th

W: www.aura.co.th

P : +66 8241 88 111

P:  +66 8042 12345

 

TURKEY

Kaan Eroz

Managing Director

Aura Solution Company Limited

E : .kaan@aura.co.th

W: www.aura.co.th

P : +90 532 781 00 86

 

NETHERLAND

S.E. Dezfouli

Managing Director

Aura Solution Company Limited

E : dezfouli@aura.co.th

W: www.aura.co.th

P : +31 6 54253096

 

THAILAND

AMY BROWN

Wealth Manager

Aura Solution Company Limited

E : info@aura.co.th

W: www.aura.co.th

P : +66 8042 12345

1) Who is responsible for your personal data and whom can you contact?

We process information and personal data relating to you and/or any Related Person of yours [Related Person(s) and you together hereafter the “Data Subject(s)”]. We essentially do so in connection with our existing and/or prospective business relationships, including your use of our websites (together hereafter the “Business Relationship”). We can do so either as controller or as joint controller (hereafter the “Controller”).

A “Related Person” means an individual or entity whose information you or a third party provides to us and/or which otherwise comes to our knowledge in connection with our Business Relationship. A Related Person may include, but is not limited to: (i) a director, officer or employee of a company; (ii) a trustee, settlor or protector of a trust; (iii) a nominee or beneficial owner of an account; (iv) a substantial interest owner in an account; (v) a controlling person; (vi) a payee of a designated payment; (vii) a representative or agent (i.e. with a power of attorney or a right to information on an account); or (viii) an employer or contractor.

In this regard, we ask you to liaise with any and all of your Related Persons and transmit to them this Privacy Notice and the information contained therein.

Should you have any questions about this Privacy Notice, your Controller or, more generally, the processing of your (or your Related Persons’) personal data, you can contact your relationship manager or our Data Protection Officer at any of the following addresses above.

2) How do we handle your personal data?

We are subject to certain confidentiality and/or secrecy obligations, e.g. arising under data protection, contract, professional or banking secrecy, as the case may be. Personal data we process are also subject to said obligations.

This Privacy Notice deals with the way we process (i.e. collect, use, store, transmit or otherwise handle or process, operations collectively defined hereafter as the “Processing” or “Processing Operations”) personal data. This Privacy Notice does not replace, and is subject, to our applicable contractual terms and conditions.

We may conduct our Processing Operations either directly or indirectly, through other parties that process personal data on our behalf (hereafter the “Processors”). We are responsible only for the Processing of personal data as per this Privacy Notice.

3) What personal data do we process?

“Personal data” include any information that makes it possible to identify a natural person directly (e.g. first name, surname) or indirectly (e.g. passport number or data combination).


Personal data of Data Subjects we process may include:

  • identification data, e.g. names, addresses, telephone numbers, email addresses, business contact information;

  • personal characteristics, e.g. date of birth, country of birth;

  • professional information, e.g. employment and job history, title, professional skills, powers of attorney;

  • identifiers issued by public bodies, e.g. passport, identification card, tax identification number, national insurance number, social security number, work permit;

  • financial information, e.g. financial and credit history information, bank details, record from the debt collection enforcement office;

  • transaction/investment data, e.g. current and past investments, investment profile, investment preferences and invested amount, number and value of shares held, role in a transaction (seller/acquirer of shares), transaction details;

  • management and security data, e.g. records of presence on our premises, reputation checks and background checks;

  • cookie information, e.g. cookies and similar technologies on websites and in emails (please also see our Cookie Policy).

4) For what Purposes and on what legal bases do we process personal data?

We collect and process personal data for the purposes (hereafter the “Purposes”) and based on the legal bases set out in this Privacy Notice.

As a general comment, we essentially base our Processing on: (i) performance of a contract to which you are a party or a Related Person is related (as well as to take pre-contractual steps at your or a Related Person’s request); (ii) our duty to comply with a legal or regulatory obligation; (iii) the pursuit of our legitimate interest (including that of other Aura Solution Company Limited Group entities); and (iv) performance of a task carried out in the public interest (e.g. to prevent or detect offences).

More specifically, we collect and process personal data as necessary for performance of a contract to which you are a party and/or a Related Person is related, which encompasses the following Processing Operations (which may also be based on other lawful bases):

  • the opening and management of your and/or Related Person’s account or Business Relationship with us, including all related operations for your identification;

  • any other related services provided by any service provider of the Controller(s) and Processors in connection with our Business Relationship;

  • management, administration and distribution of investment funds, including any ancillary services related to these activities, or the processing of subscription, conversion and redemption requests in investment funds, as well as for maintaining the ongoing relationship with respect to holdings in such investment funds;

  • management of requests for proposals and/or due diligence, the provision of services (including the invoicing and payment of fees) and management of the Business Relationship and related communication with you.

 

We also collect and process personal data in connection with compliance with legal and regulatory obligations to which we are subject, including to:

  • provide offering documentation to Data Subjects about products and services;

  • comply with legal obligations relating to accounting, compliance with legislation on markets in financial instruments, outsourcing, foreign activity and qualified participation;

  • carry out any other form of cooperation with, or reporting to, competent administrations, supervising authorities, law enforcement authorities and other public authorities [e.g. in the field of anti-money laundering and combating terrorism financing (AML-CTF)], for prevention and detection of crime under tax law [e.g. reporting of name, address, date of birth, tax identification number (TIN), account number and account balance to tax authorities under the Common Reporting Standard (CRS) or Foreign Account Tax Compliance Act (FATCA) or other tax legislation to prevent tax evasion and fraud as applicable];

  • prevent fraud, bribery, corruption and the provision of financial and other services to persons subject to economic or trade sanctions on an ongoing basis  in accordance with our AML-CTF procedures, as well as to retain AML-CTF and other required records for screening purposes;

  • deal with active intra-group risk management pursuant to which risks in terms of markets, credit, default, processes, liquidity and image as well as operational and legal risks must be identified, limited and monitored;

  • record conversations with Data Subjects (such as telephone and electronic communications), in particular to document instructions or detect potential or actual frauds and other offences.

 

The Processing Operations outlined above may rely on other lawful bases and potentially do substantially rely on the performance of a task carried out in the public interest.

Furthermore, we may process personal data in connection with legitimate interests we pursue in order to:

  • assess certain characteristics of the Data Subjects on the basis of personal data processed automatically (profiling) ;

  • develop our Business Relationship with you;

  • improve our internal business organisation and operations, including for risk management;

  • use this information in Aura Solution Company Limited Group entities for market studies or advertising purposes, unless Data Subjects have objected to use of their personal data for marketing;

  • assess our risk and take related business decisions with regard to risk management;

  • communicate personal data to other Aura Solution Company Limited Group entities, in particular to guarantee an efficient and harmonised service and inform Data Subjects about services offered by Aura Solution Company Limited Group entities;

  • establish, exercise and/or defend actual or potential legal claims, investigations or similar proceedings;

  • record conversations with Data Subjects (such as telephone and electronic communications) to verify instructions, enforce or defend our interests or rights, assess, analyse and improve the quality of our services, train our employees and manage risks.

  • conduct audits and/or regularly reviews on you or your Related Person.

 
To the extent one or more of our Processes of personal data presupposes that you give your prior consent thereto, we will contact you and seek your consent in due time.

The provision of personal data may be mandatory, e.g. with regard to our compliance with legal and regulatory obligations to which we are subject. Please be aware that failing to provide such information may preclude us from pursuing a Business Relationship with, and/or from rendering our services to, you.

5) Do we rely upon profiling or automated decision making?

We may assess certain characteristics of the Data Subjects on the basis of personal data processed automatically (profiling) in particular to provide Data Subjects with personalised offers and advice or information on our products and services or those of our affiliates and business partners.

 

We may also use technologies that allow us to identify the level of risks linked to a Data Subject or to activity on an account.

Furthermore, we generally do not use automated decision-making in connection with our Business Relationship and/or Data Subjects. Should we do so, we will comply with applicable legal and regulatory requirements.

6) What sources do we use to collect your personal data?

To achieve the Purposes, we collect or receive personal data:

  • directly from the Data Subjects, e.g. when contacting us or through (pre ) contractual documentation sent directly to us; and/or

  • indirectly from other external sources, including any publicly available sources [e.g. UN or EU sanctions lists, OFAC – Specially Designated Nationals (SND) lists], information available through subscription services (e.g. Bloomberg, World Compliance PEP list) or information provided by other third parties.

7) Do we share your personal data with third parties?

If necessary or useful to achieve the Purposes, we reserve the right to disclose or make accessible the personal data to the following recipients, provided this is legally or otherwise authorised or required:

  • public/governmental administrations, courts, competent authorities (e.g. financial supervisory authorities) or financial market actors (e.g. third-party or central depositaries, brokers, exchanges and registers);

  • Aura Solution Company Limited Group entities or third-party Processors that process personal data on our behalf and/or to which we outsource certain tasks of ours (outsourcing);

  • auditors or legal advisors.

 

We undertake not to transfer personal data to any third parties other than those listed above, except as disclosed to Data Subjects from time to time or if required by applicable laws and regulations applicable to them or by any order from a court, governmental, supervisory or regulatory body, including tax authorities.

8) Are personal data transferred outside our jurisdiction of incorporation?

In the course of our Business Relationship, we may disclose, transfer and/or store personal data abroad (hereafter “International Transfer”): (i) in connection with the conclusion or performance of contracts directly or indirectly related to our Business Relationship, e.g. a contract with you or with third parties in your interest; (ii) when the communication is necessary to safeguard an overriding public interest; or (iii) in exceptional cases duly foreseen by applicable laws (e.g disclosures of certain trades made on an exchange to international trade registers).

International Transfers may include the transfer to jurisdictions that: (i) ensure an adequate level of data protection for the rights and freedoms of Data Subjects as regards to Processing; (ii) benefit from adequacy decisions as regards their level of data protection (e.g. adequacy decisions from the European Commission or the Swiss Federal Data Protection and Information Commissioner); or (iii) do not benefit from such adequacy decisions and do not offer an adequate level of data protection. In the latter case, we will ensure that appropriate safeguards are provided, e.g. by using standard contractual data protection clauses established by the European Commission.
 
Should you wish to have further information as regards International Transfers or appropriate safeguards, you can of course contact our Data Protection Officer visit www.aura.co.th .

9) What are your rights in connection with data protection?

You have the right, subject to applicable local data protection legislation, to:

  • request access to, and receive a copy of, the personal data we hold;

  • if appropriate, request rectification or erasure of the personal data that are inaccurate;

  • request that personal data be erased when the Processing is no longer necessary for the Purposes, or is not or no longer lawful for other reasons, subject however to applicable retention periods (see Section 10 below);

  • request a restriction of Processing of personal data where the accuracy of the personal data is contested, the Processing is unlawful, or if the Data Subjects have objected to the Processing;

  • object to the Processing of personal data, in which case we will no longer process the personal data unless we have compelling legitimate grounds to do so (e.g. the establishment, exercise or defence of legal claims);

  • receive the personal data in structured, commonly used and machine-readable format (data portability right);

  • obtain a copy of, or access to, the appropriate or suitable safeguards which we may have implemented for transferring the personal data outside the European Union or Switzerland;

  • complain to our Data Protection Officer (see Section 1 above) in relation to the Processing of personal data and, failing any satisfactory resolution of the matter, file a complaint in relation to the Processing of personal data with the relevant data protection supervisory authority.

 

Even if a Data Subject objects to the Processing of personal data, we are nevertheless allowed to continue the same if the Processing is: (i) legally mandatory; (ii) necessary for performance of a contract to which the Data Subject is a party; (iii) necessary for performance of a task carried out in the public interest; or (iv) necessary for the purposes of the legitimate interests we pursue, including the establishment, exercise or defence of legal claims. We will not, however, use the Data Subject’s personal data for direct marketing purposes if the Data Subject asks us not to do so.

Subject to the limitations set forth in this Privacy Notice and/or in applicable local data protection laws, you can exercise the above rights free of charge by contacting our Data Protection Officer.

10) How long are your personal data kept or stored?

As a matter of principle, we retain personal data for as long as we need the same to achieve the Purposes. By the same token, we will delete or anonymise personal data (or equivalent) once they are no longer necessary to achieve the Purposes, subject however: (i) to any applicable legal or regulatory requirements to store personal data for a longer period; or (ii) to  stablishing, exercising and/or defending actual or potential legal claims, investigations or similar proceedings, including legal holds, which we may enforce to preserve relevant information.

HOW TO
REACH
AURA

CONTACTS

Thank you for your interest in Aura Solution Company Limited. 

 

Aura HQ
 

THAILAND

Aura Solution Company Limited
75 Wichit Road ,
Phuket, Thailand 83000

E : info@aura.co.th

W: www.aura.co.th

P : +66 8241 88 111

P:  +66 8042 12345

 

TURKEY

Kaan Eroz

Managing Director

Aura Solution Company Limited

E : .kaan@aura.co.th

W: www.aura.co.th

P : +90 532 781 00 86

 

NETHERLAND

S.E. Dezfouli

Managing Director

Aura Solution Company Limited

E : dezfouli@aura.co.th

W: www.aura.co.th

P : +31 6 54253096

 

THAILAND

AMY BROWN

Wealth Manager

Aura Solution Company Limited

E : info@aura.co.th

W: www.aura.co.th

P : +66 8042 12345