Information & rules
Arev verðbréfafyrirtæki hf. has established rules and procedures to ensure compliance with the laws and regulations that apply to the company's operations. Below is a reference to the rules that apply in the operations of Arev verðbréfafyrirtæki hf. Before starting a business, it is necessary for customers to familiarize themselves with the company's rules and terms. Arev verðbréfafyrirtæki hf. must obtain various information from customers and send the employees of Arev verðbréfafyrirtæki hf. all the necessary documents that need to be filled in as soon as the decision to start a business is made. Below you can find the main rules of Arev verðbréfafyrirtæki hf.
2. Collection, handling and storage of personal information
When establishing a business relationship as well as working for the company's customers, various information related to personal information is obtained. The company has a legal obligation to obtain information about its customers at the outset, such as due to the law on measures against money laundering as well as an obligation for the provision of information to supervisory bodies or other public bodies. Personal information is not obtained unless there is legal authority or the law stipulates that it must be obtained and the consent of customers is available. The main purpose of collecting personal information is to be able to provide customers with the services they have requested and the company offers. Information is stored as required by law, and no longer than necessary. After that time, the data will be deleted or rendered impersonal.
3. Disclosure to third parties
Arev Securities Company may disclose clients' personal information to third parties, such as in connection with their contractual relationship with the Company. Arev Securities Company provides to third parties only the personal information deemed necessary to achieve the purpose of the company's operations, in which case an agreement is made with that party. Such an agreement sets out the conditions for the handling and security of data, and a third party is also bound by confidentiality.
4. Security of personal information
With appropriate technical and structured measures, Arev securities firm seeks to ensure the security of its clients' personal information. These measures are intended to protect personal information from being accidentally lost or altered, as well as from unauthorized access, copying, use or disclosure. Examples of security measures that Arev securities firms can apply are access controls in the company's systems. Furthermore, the risk to the relevant processing of personal information is met by a risk assessment, when the information is of such a nature that it is needed.
5. Customers' rights
An individual has the right to have access to their personal information and, in certain circumstances, to have it corrected, deleted or restricted in their processing. He also has the right to object to the processing and request that his data be transferred. An individual also has the right to submit a complaint to the Data Protection Authority.
6. Retention period
During the business relationship, personal information is retained and for as long as required by law or objective reasons. When statutory data retention obligations or theirs are no longer needed, they are one. As a rule, the retention period is 5-7 years, which is based on the Act on Accounting, Income Tax, Value Added Tax, Money Laundering and the Act on the Company's Operating License.
Approved at a board meeting on March 31, 2021