TELOSTOUCH | PRIVACY POLICY

‍

Your privacy is very important to us and in this policy we outline how we collect, use, disclose, manage and safeguard your personal data when you use our services, browse our website or interact with us in other ways.

‍

WHAT PERSONAL DATA WE COLLECT AND WHY

‍

1. When you use our services as a relationship manager

If you are a relationship manager using our platform, we may collect the following types of personal data from you, with your consent where required:

Contact information, such as full name and email address, so we can communicate with you;
Occupation and title, as well as registration or licensing information for financial advisors so we can assess your credentials;
Username and password, so you can create an account and provide you access to your account;
Information you provide when you contact us, provide feedback, make a complaint or other
inquiries; and
Communications to allow you to communicate with your clients efficiently.

‍

2. When you use our services as a client relationship

When you use our platform as a client of a relationship manager, we may collect personal data, with your consent where required, when you or your relationship manager provide your data directly into the platform, for example, when you contact us or when your relationship manager or your financial institution inputs, imports or automatically syncs your data into the platform. The personal data that you provide to your relationship manager or that the relationship manager may generate about you is used for the purposes of facilitating the relationship between you and your relationship manager and it is governed solely by your agreement and relationship with the relationship manager and is not subject to this privacy policy. Please consult the privacy policy of your relationship manager and his / her institution.

TelosTouch is contractually bound by agreement with your relationship manager’s institution to protect and secure your personal data that advisors may use on our platform.

‍

HOW WE USE THE PERSONAL DATA WE COLLECT

We only collect personal data that is necessary to provide our services. In serving you we may use your

personal data to:

‍

Register your account with us and provide you with access to the platform;
Manage relationship managers and clients accounts on the TelosTouch platform;
Tailor the financial planning recommendations and presentation of information to clients and

advisors;

Facilitate interaction between relationship managers and their clients;
Administer, troubleshoot, enhance and manage the website and the platform and tailor your
experience while visiting the website and platform;
Send communications and notifications, including updates on your subscription or account;
With your permission, send promotional communications such as special offers or other
promotions;
Analyze the accuracy and effectiveness of the platform;
Analyze and understand our users and their needs;
Meet obligations as required by applicable laws; and
Respond to inquiries, complaints and other communications from you.

‍

HOW WE MAY SHARE YOUR PERSONAL DATA

‍

We do not sell, rent or disclose the personal data that we collect with third parties except in the following

Circumstances:

‍

External Professionals and Experts: we may share your personal data, including financial information

and financial documentation, with external professionals and experts (e.g., asset managers, insurance manufacturers, financial experts, professional service providers, etc.), selected by you in accordance with your instructions and only with your express consent.

‍

Required by Law: We will disclose personal data in our custody when we believe that the disclosure is

required by law, including to comply with a judicial proceeding, court order, or legal process served on us

and when we receive a request from regulatory or law enforcement authorities. When possible and

allowed by law, we will inform you about the request for disclosure and we will only disclose personal data

to law enforcement authorities upon demonstration of lawful authority.

‍

Investigations: We will disclose personal data without your knowledge or consent where it is reasonable

for the purposes of investigating a breach of an agreement or a contravention of the law that has been, is

being or is about to be committed and it is reasonable to expect that disclosure with the knowledge or

consent of the individual would compromise the investigation.

‍

Fraud: We will disclose personal data where it is reasonable for the purposes of preventing, detecting or

suppressing fraud and it is reasonable to expect that the disclosure with the knowledge or consent of the

individual would compromise the ability to prevent, detect or suppress the fraud.

‍

Business Transaction: We may disclose and share your personal data to explore and/or undertake a

corporate transaction, including a merger, acquisition, amalgamation, IPO, reorganization or sale of the

Company and/or the Platform. We will enter into an agreement that ensures that your personal data will

be used and disclosed solely for the purposes related to the transaction, will be protected by security

safeguards appropriate to the sensitivity of the information and will be retained only for as long as

Necessary.

‍

HOW DO WE SECURE YOUR PERSONAL DATA

‍

We are committed to safeguarding and to protecting the personal data we collect by security safeguards

that meet industry standards for financial institutions and that are appropriate to the level of sensitivity of

the data through (i) physical measures, such as secure areas; (ii) technical measures, such as encryption

and secure servers; and (iii) organizational measures, such as access policies based on need-to-know

and employee security through vetting and supervision. In particular, we employ the following measures:

‍

Security measures: our security controls follow SOC2 and ISO 27001 benchmarks to safeguard
customer data.
Encryption: all data is encrypted in transit and at rest using the industry standard algorithms.
Backups: we retrieve, encrypt, and store daily backups of our production data storage systems;
Monitoring: we perform regular monitoring and alerting of all production environments;
High Availability: we leverage major cloud vendors to provide a reliable, fault-tolerant, and

highly available solution to our customers.

Employee access and training: all our employees receive training with respect to handling

personal data and access to your data is provided on a need-to-know basis.

Relationship managers: the relationship managers using our platform adhere to terms and conditions requiring them to protect the personal information they access and use through the platform.

‍

WHERE WE STORE YOUR PERSONAL DATA

‍

We store personal information on servers located in the jurisdiction where the institution is located and stored with local Amazon Web Services and /or Microsoft servers.

‍

HOW LONG WE RETAIN YOUR PERSONAL DATA

‍

We only retain your personal data for as long as it is necessary for the purposes for which it was collected

or as required by law.

‍

WHAT ARE YOUR PRIVACY RIGHTS

‍

We maintain a well documented process for the creation, suspension, cancellation, modification and

deletion of user accounts. Depending on your jurisdiction, you may have the following rights with respect

to the personal data we collect and use:

‍

Updating data: If you have created an account on our platform, you can update or make changes to your

personal data by logging into your profile. If you do not have an account, you can contact us and we will

update your personal data we have to ensure its accuracy.

‍

Individual Access: If you make a request, we will let you know what personal data we have about you,

what it is being used for, and with whom it has been shared. We will provide you with access to your

personal data that is in our possession, subject to certain exceptions, such as information that refers to

another individual’s personal information that we cannot sever, or information subject to solicitor-client

privilege, or other legal restrictions that may prevent us from fulfilling your access request.

We will respond to your request within one month, free of charge, unless the volume or the complexity of

the request requires a longer process. We will notify you if we require an extension and may charge a

reasonable fee to cover administrative costs.

‍

Rectification: If you notice any inaccuracies or wish to update any part of your personal information, we

will rectify the information as necessary. We will provide rectification as soon as possible within one

month. If we refuse the request, we will provide justification.

‍

Withdraw consent: You may have the right to withdraw your consent to our use of your personal data.

When we identify new opportunities that require processing your personal data for reasons other than

those you have already consented for when we collected your information from you, we will seek your

consent if required under applicable legislation. We will respect your option if you object to such new use

or to withdraw your consent.

‍

HOW YOU CAN OPT-OUT OF RECEIVING PROMOTIONAL COMMUNICATIONS

‍

In the event you wish to unsubscribe from receiving promotional email or SMS communications from the

Company, you may opt-out by:

‍

Removing yourself by clicking “unsubscribe” at the bottom of an email, or responding STOP to an SMS message we send you, or
Contacting us at: support@telostouch.com.

‍

If you opt-out of receiving marketing-related emails or SMS messages from us, we may still send you important administrative messages, such as notifications regarding your account or subscription, or as otherwise consistent with applicable law.

‍

CONTACT US

‍

To contact us with questions about this privacy policy or other inquiries related to our privacy compliance

program, please send us an email at privacy@telostouch.com.

‍

Last updated: February 2024