Tower Research Capital LLC and its affiliates (collectively, “Tower Research Capital”, “we”, “our” or “us”) are committed to protecting your Personal Data (as defined below). Our privacy notice sets out the Personal Data we collect, the purposes for which Personal Data is collected and processed, who it may be disclosed to, and your individual rights. It applies to recruitment applicants, former employees, professional contact, visitors to our website, visitors to our offices or other with whom we may communicate. 

How we obtain your Personal Data

We may collect personal information from you that personally identifies you (“Personal Data”) when you use our website or otherwise engage in communication with us for example, submitting an employment application, entering into a contractual relationship with us, visiting our offices or contacting us when you use the email address on our website.

We collect Personal Data from a variety of sources, including:

• any documents you submit to us, including application forms, CVs or resumes, your passport or other identity documents; 
• your use of our website (including job application information submitted via our website, usage data through the use of browser cookies or other commonly used technologies such as web beacons and IP information); 
• your use of the Tower Guest Wi-Fi services on your personal device(s) at our offices;
• our communication or correspondence with you, such as when you contact us by email or by post; 
• from third parties in connection with potential employment such as recruiting agencies, employers, online platforms including professional and social networks and forums, employment background check providers, criminal records check providers, educational institutions, financial institutions, service providers and other individuals; or
• from other third parties in connection with your use of our website;
• CCTV devices at our offices for safety and security purposes.

The Personal Data we collect

• your name, title, address and contact details, including email address and telephone number;
• identification numbers, such as your passport number or government-issued ID number;
• your LinkedIn profile information;
• details of your qualifications, skills, experience and employment history, such as your CV or resume;
• where permitted by applicable law and regulation, information about your current level of remuneration, including benefit entitlements;
• whether or not you have a disability for which the company needs to make reasonable adjustments during the recruitment process;
• information about your nationality and entitlement to work; 
• equal opportunities monitoring information, including information about your ethnic origin, sexual orientation, health, and religion or beliefs; 
• other personal information you or others may provide to us during your communications with us; and 
• your browser, device type, IP address, and user session information.

Where we collect your Personal Data as part of a recruitment process, you are under no statutory or contractual obligation to provide that Personal Data to us, However, if you do not provide the information, we may not be able to process your application properly or at all. Further, we will seek information from third parties only once a job offer to you has been made and will inform you that we are doing so.

You are under no obligation to provide information for equal opportunities monitoring purposes and there are no consequences for your application if you choose not to provide such information.

When we interact with you outside of a recruitment process, you have no statutory or contractual obligation to provide Personal Data to us but if you do not provide contact information, it will be difficult for us to communicate with one another.

As our offices are protected by CCTV, you may be recorded when you visit. We use CCTV to provide a safe and secure environment for those who work in and visit our offices.

Our use of your Personal Data

We process your Personal Data where we have a legitimate interest (e.g., for recruiting purposes), if it is required for contractual or operational reasons, if required by applicable laws or regulations or on the basis of your consent. 

Where we process “special categories” of Personal Data about you (such as information about your health, race or sexual orientation), we do so on one of the following bases: your explicit consent, legal or regulatory requirements, health and safety, monitoring of equality and diversity, prevention or detection of crime or similar misconduct, management of occupational pension schemes, or because the processing is necessary for the establishment, exercise or defense of a legal claim.

How we share your Personal Data

We may share your Personal Data within the Tower Research Capital family of companies, with our third party service providers, and other third parties for the purposes set out below. 

• Within Tower Research Capital: Your Personal Data will be shared internally for the purposes of the recruitment exercise. We may share your Personal Data within Tower Research Capital. This includes members of the Tower Research Capital human resources and recruitment team, interviewers involved in the recruitment process, managers in the business area with a vacancy and IT staff if access to the data is necessary for the performance of their roles. 
• Third party service providers: We will share your Personal Data with third parties who perform services on our behalf.  For example, we share Personal Data with our vendors (e.g., IT services providers, cloud providers, background check vendors, online platforms, recruiting agencies and platforms), partners and consultants. We may also share Personal Data with companies that operate our website. 
• Legal reasons: We will share Personal Data if we think we have to in order to comply with the law or to protect ourselves such as responding to court orders or subpoenas. We may also share your Personal Data if a government agency or investigatory body requests. We may also use your Personal Data when we are investigating potential fraud or other areas of concern or if we believe in good faith that disclosure is legally required or otherwise necessary to protect our rights and property, or the rights, property or safety of others.

Privacy Notice for California Residents

Effective Date: January 1, 2023

For purposes of California Data Protection Law, California residents should note the following:

We may collect and use the following categories of Personal Data for the business purposes described in this Privacy Notice: Identifiers; Personal Information Categories Listed in the California Records Statue; Characteristics of Protected Classifications under California or Federal Law; Commercial Information; Internet or Other Network Activity Information; and Sensitive Personal Information.  We may collect these categories of Personal Data from certain sources, including directly from you, automatically from your device(s), our affiliates, and service providers.

We may disclose these categories of Personal Data to the following categories of third parties, as more fully described above: Our affiliate, service providers, and agencies or law enforcement for legal compliance purposes.

We do not “sell” or “share” your Personal Data. We do not sell or share the Personal Data of consumers under 16 years of age.

We do not use or disclose Sensitive Personal Data for purposes other than those specified under applicable California Data Protection Law.

Rights for individuals in the European Economic Area, the United Kingdom, the DIFC and the Asia-Pacific (APAC) region

Individuals who are located in or residents of countries in the European Economic Area (“EEA”), the United Kingdom (“UK”), the Dubai International Finance Centre (“DIFC”) and the Asia-Pacific (“APAC”) region, and certain other jurisdictions may have certain data subject rights that may be subject to limitations and/or restrictions. You may have the following rights under data protection laws:

• Right of subject access: The right to access and obtain a copy of your Personal Data on written request;
• Right to rectification: The right to have incorrect or incomplete Personal Data rectified;
• Right to erasure: The right to have certain Personal Data about you erased; 
• Right to restriction of processing: The right to require we delete or stop processing your Personal Data, for example where the data is no longer necessary for the purposes of processing;
• Right to object to processing: The right to object to the processing of your Personal Data; 
• Right to data portability: The right to ask for Personal Data you have made available to us be transferred to you or a third party; and
• Right to withdraw consent: The right to withdraw any consent you have previously given us to handle your Personal Data, provided that this will not affect the lawfulness of our use of your data prior to the withdrawal of your consent. 

These rights are not absolute; they do not always apply and exemptions may be applicable. 

If you would like to exercise any of these rights, please contact our Head of Compliance EMEA (compliance@tower-research.com). 

For the purposes of EEA, UK, DIFC and APAC data protection laws, we are the data controller of your Personal Data.

You may have the right to lodge a complaint about the processing of your Personal Data with your local data protection authority.

If you are unhappy with the way we have handled your Personal Data, you have a right to complain to your local data protection regulator.

• In the UK, your local regulator is the Information Commissioner, whose website is available at https://ico.org.uk
• In the Netherlands, your local regulator is the Dutch Data Protection Authority, whose website is available at https://www.autoriteitpersoonsgegevens.nl/en
• In France, your local regulator is the Commission nationale de l’informatique et des libertés, whose website is available at https://www.cnil.fr/
• In the DIFC, your local regulator is the Commissioner of Data Protection at DIFC, who can be contacted at commissioner@dp.difc.ae
• In Singapore, your local regulator is the Personal Data Protection Commission (PDPC), whose website is available at https://www.pdpc.gov.sg 
• In Hong Kong, your local regulator is the Office of the Privacy Commissioner for Personal Data, whose website is available at https://www.pcpd.org.hk  
• In China, your local regulator is the Cyberspace Administration of China (CAC), whose website is available at http://www.cac.gov.cn 

Security and retention of Personal Data

We maintain reasonable security procedures and practices but the internet is not 100% secure.  We cannot promise that your use of our website will be completely safe.  We encourage you to use caution when transmitting Personal Data over the internet. 

We will hold your personal information on our systems for the longest of the following periods: 

• as long as it is necessary or relevant for the practices described in this Privacy Notice; 
• the length of time it is reasonable to keep records to demonstrate compliance with professional or legal obligations;
• any retention period that is required by law; or
• the end of the period in which litigation or investigations might arise in respect of your use of our website or the services that we provide to you.

How we transfer your Personal Data

Due to the global nature of our business, your Personal Data may be transferred to jurisdictions outside your home jurisdiction (which may be the UK, EEA, the DIFC or APAC). The level of information protection in countries outside your home jurisdiction may be less than or different to that offered in your home jurisdiction. Where we transfer your Personal Data outside of your home jurisdiction, we will ensure that personal information is protected and transferred in accordance with applicable legal requirements, which can be done as follows:

• the country to which we send Personal Data may be approved in your home country (e.g., by the European Commission or under the UK or DIFC or under APAC data protection laws (as applicable)) as having adequate data protection laws; or
• the recipient may have signed a contract based on standard contractual clauses approved in your home jurisdiction (e.g., by the Information Commissioner’s Office in the UK, the European Commission, the Commissioner of Data Protection of the DIFC or the Cyberspace Administration of China in People’s Republic of China), obliging them to protect your Personal Data.

Automated decision making

Recruitment processes are not based solely on automated decision-making.

Contact us

If you have any questions about this Privacy Notice or other privacy concerns, please contact us at:

Tower Research Capital LLC
377 Broadway
11th Floor
New York, NY 10013
Attn: Data Protection Officer
DPO@tower-research.com 

We may update this Privacy Notice

From time to time we may change our privacy policies.  We will also post an updated copy on our website so please check periodically for updates.  You are bound by any changes to the Privacy Notice when you use the website after such changes have been first posted.