Main

En

Policy on Personal Data Processing

Chapter 1. General provisions
  1. This Policy on Personal Data Processing (the "Policy") has been developed pursuant to the requirements of the Astana International Financial Centre (the "AIFC") data protection legislation and internal regulatory documents of Freedom Finance Global PLC (the "Company").
  2. This Policy uses main definitions and abbreviations provided for by the applicable legislation, internal regulatory documents of the Company as well as the following terms and definitions:
    1. Personal Data – any information relating to a certain individual or an individual identifiable based on such information recorded on electronic, paper and (or) other tangible media;
    2. Personal Data Subject – an individual directly or indirectly identified or identifiable based on the Personal Data;
    3. Sensitive Personal Data – the Personal Data revealing or concerning, directly or indirectly, racial or ethnic origin, communal origin, political affiliations or opinions, religious or philosophical beliefs, criminal record, trade union membership, and health or sex life;
    4. Commissioner – an individual appointed as the Commissioner of Data Protection in accordance with Data Protection Regulations No.10 adopted by the AIFC on 20 December 2017;
    5. License – License No. AFSA-A-LA-2020-0019 dated 20 May 2020 for carrying on regulated activities issued to the Company by the Astana Financial Services Authority.

3. The Policy establishes the following:

    1. principles of Personal Data processing;
    2. purposes and period of Personal Data processing;
    3. classification of Personal Data and Personal Data Subjects;
    4. procedure for notifying the Personal Data Subject about the Company identification information and other details;
    5. procedure for recordkeeping of operations related to the Personal Data processing carried out by the Company or on its behalf;
    6. procedure for notifying the Commissioner about the operations on the processing of Sensitive Personal Data and other Personal Data operations.
Chapter 2. Principles of Personal Data processing
  1. The Company processes the Personal Data in accordance with the principles of fairness, lawfulness and security.
  2. The Personal Data are processed by the Company for specified, explicit and legitimate purposes according to the Personal Data Subject rights based on his or her consent.
  3. In the course of processing of the Personal Data, it is ensured that they are adequate and relevant in respect of the purposes they are collected for or are further processed; the Personal Data being processed must not be excessive in respect of the declared purposes of the processing.
  4. The Company ensures that the Personal Data being processed by it are:
    1. accurate and updated, whenever necessary;
    2. kept in the form that allows to identify a Personal Data Subject no longer than it is required for the purposes the Personal Data were collected for and for which they are further processed.
  5. The Personal Data received by the Company are, in all cases, processed at the request of the Company or on the basis of the relevant requirement of the applicable legislation.
  6. The Personal Data Subject has the right to request the Company to provide information on the Personal Data related to him/her being collected and processed, as well as require the Company to correct, delete or block Personal Data.
Chapter 3. Purposes and period of Personal Data processing
  1. Processing of Personal Data means any action (operation) or set of actions (operations) in relation to the Personal Data, whether or not by automatic means, including collection, recording, organisation, storage, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of the Personal Data.
  2. The Personal Data are collected and processed by the Company for each of the following purposes:
    1. accession to the Company’s Regulations on the Provision of Brokerage (Agency) Services in the Securities Market approved from time to time by resolution of the Board of Directors of the Company (the "Regulations");
    2. provision of the services specified in the License to the client by the Company according to the terms of the Regulations;
    3. biometric identification of the client (his/her agents and representatives) when establishing business relations with him/her remotely, as well as in the course of provision of electronic services by the Company according to the terms of the Regulations;
    4. internal control, monitoring and accounting of the services provided by the Company to the client according to the terms of the Regulations;
    5. performance of due diligence of the client (his/her agents and representatives) by the Company as a financial monitoring entity pursuant to the requirements of the applicable legislation when establishing business relations and carrying out of transactions by the client;
    6. ensuring compliance with the legislative requirements applicable to the Company and its affiliated persons;
    7. development and improvement of the services provided by the Company and its affiliated persons;
    8. development of the marketing and advertising campaigns by the Company and its affiliated persons for marketing purposes, running of the campaigns, provision (sending) of any information materials to the client;
    9. performance of actions (obligations) by the Company associated with identification/authentication/authorization of the client (his/her agents and representatives) and verification of whether information/ data/ algorithms/ codes/ symbols/ identifiers/ numbers and others provided/used by the client/Company are reliable (correct) (including by way of receipt/reconciliation of Personal Data and other information available to the Company ) with a view to minimizing a risk of unauthorized operations in accordance with the applicable legislation and terms and conditions of relevant contracts;
    10. interaction of the Company with third parties which have/or may have relation to the conclusion and/or execution and/or servicing of any transactions/operations concluded (which will be probably concluded) as part of the client and the Company relationship;
    11. provision of reports and/or information by the Company to the authorized state bodies, the AIFC bodies, auditing, consulting, appraisal and other professional organizations, affiliated persons of the Company, data operators, communication operators, Company’s counterparties, as well as receipt of the reports and/or information by the Company from the said parties;
    12. provision of Personal Data to affiliates of the Company and third parties to implement cooperation in the field of information technology, information security and integration of information assets, subject to the applicable law, to ensure the provision of services using modern information technologies;
    13. possible assignment of rights under the Regulations;
    14. the Company’s compliance with the requirements of the applicable legislation for retention and accounting of data and information;
    15. exercise of the judicial and non-judicial protection of the Company’s rights in case of occurrence disputes related to the fulfilment of obligations stipulated by the Regulations, including in case of occurrence of disputes with the third parties regarding the provision of services by the Company;
    16. exchange of information due to consideration of applications, complaints, proposals of the client and provision of replies to them, including when handing over (receiving) correspondence (mail) to be sent (delivered or received) by post, courier;
    17. provision of any information materials to the client by the Company, including those about products and services of the Company by way of notification by telephone, email, as well as any other available communication channels, including direct marketing;
    18. performance of internal inspections and investigations by the Company’s employees;
    19. fulfillment of any other requirements of the applicable legislation by the Company.
  3. The Personal Data are processed by the Company during the entire period of existing legal relations between the Personal Data Subject and the Company occurring on the basis of the Regulations and are retained by the Company on any media (electronic, paper and (or) other tangible media) during three years after termination of the legal relations between the Personal Data Subject and the Company.
Chapter 4. Classification of Personal Data and Personal Data Subjects
  1. The Company differentiates between the Personal Data and the Sensitive Personal Data, but the Company does not process the Sensitive Personal Data.
  2. The Company processes the Personal Data of the following categories of the Personal Data Subjects:
    1. individuals who are the users of the Company’s Internet resource (ffin.global);
    2. individuals who intend to accede to the Regulations;
    3. individuals who are the Company’s clients and their representatives;
    4. individuals who are the Company’s employees and their close relatives;
    5. individuals who provide works or services who had concluded a civil contract with the Company;
    6. individuals who are members of the Company’s governing bodies;
    7. individuals whose Personal Data are publicly available and processing of such data does not breach their rights and complies with the requirements stipulated by the applicable legislation;
    8. individuals who are affiliated persons of the Company;
    9. other individuals who expressed consent for their Personal Data to be processed by the Company.
Chapter 5. Consent of the Personal Data Subject
  1. In the course of its business and having regard to the Personal Data processing principles set by this Policy, as well as the requirements of the applicable legislation, the Company ensures that a consent of the Personal Data Subjects is granted for the following actions of the Company:
    1. collection and processing by the Company of the Personal Data both in paper and electronic form, in data arrays (a set of data which allows to find the corresponding date by a specific value (parameter)) and (or) databases of the Company;
    2. transfer of the Personal Data by the Company to the affiliated organizations of the Company and other third parties, when such data must be provided in accordance with the requirements of the applicable legislation or fulfillment of obligations under the contract with the specified third parties; in doing so, the Company undertakes to request the said entities to ensure confidentiality of the provided Personal Data; and
    3. cross-border transfer of the Personal Data by the Company, whenever necessary, i.e. transfer of the Personal Data to the territories of foreign states, including the states not in the list of the jurisdictions having an adequate level of protection established by Data Protection Rules No.1 adopted by the AIFC on 22 January 2018.
Chapter 6. Notifying Personal Data Subject
  1. Except for the cases when the Company reasonably believes that the Personal Data Subject is already aware of such information (e.g., because it was included in the Regulations read by the Personal Data Subject), the Company provides the Personal Data Subject with the following information immediately after the collection of the Personal Data has been initiated:
    1. the Company's identification information;
    2. the purposes of processing for which the Personal Data are collected;
    3. information required to ensure fair Personal Data processing (having regard to particular Personal Data collection circumstances), including, for example:
      1. recipients of Personal Data and categories thereof;
      2. specifying whether answering of questions is mandatory or optional;
      3. rights of the Personal Data Subject to receive information about Personal Data, correct, delete or block Personal Data;
      4. information about whether the Personal Data will be used for the direct marketing purposes;
      5. whether the Personal Data processing general requirements or the Sensitive Personal Data processing requirements will be observed in the course of processing.
  2. Notifying a Personal Data Subject of the information mentioned in clause 1 hereof is done by way of publication of the relevant information on the Company’s Internet resource (ffin.global) or communication methods defined by the Regulation.
Chapter 7. Recordkeeping of Personal Data operations
  1. The Company retains the following records of the Personal Data processing operations carried out by the Company or on its behalf:
    1. description of the Personal Data processing operations;
    2. explanation of the purpose of the Personal Data processing operations;
    3. identities of the Personal Data Subjects which Personal Data are related to or, in case operations pertain to the category of the Personal Data Subjects, description of the category of the Personal Data Subjects;
    4. description of the category of the Personal Data being processed;
    5. list of the jurisdictions outside AIFC where the Company transfers or will be transferring Personal Data to, as well as information about each of such jurisdictions as to whether a particular jurisdiction has an adequate level of the Personal Data protection pursuant to the requirements of Data Protection Regulations No.10 adopted by the AIFC on 20 December 2017.
Chapter 8. Commissioner notifications
  1. The Company is obliged to notify the Commissioner of details of the following Personal Data processing operations which were or will be performed by the Company or on its behalf:
    1. any Sensitive Personal Data processing operation (or a set of such operations);
    2. any Personal Data processing operation (or a set of such operations) which provides for transfer of the Personal Data to a recipient located in the jurisdiction outside AIFC in case such jurisdiction does not have an adequate level of the Personal Data protection pursuant to the requirements Data Protection Regulations No.10 adopted by the AIFC on 20 December 2017.
  2. Notification in respect of the Personal Data processing operations must include information as follows:
    1. general description of the Personal Data processing operations;
    2. explanation of the purpose of the Personal Data processing operations;
    3. identities of the Personal Data Subjects which the Personal Data are related to or in case operations pertain to the category of the Personal Data Subjects, description of the category of the Personal Data Subjects;
    4. description of the category of the Personal Data being processed;
    5. jurisdictions outside AIFC, where the Company transfers or will be transferring Personal Data to, as well as information about each of such jurisdictions as to whether such jurisdiction has an adequate level of the Personal Data protection pursuant to the requirements of Data Protection Regulations No.10 adopted by the AIFC on 20 December 2017.
  3. Notification of the Personal Data processing operations must be submitted to the Commissioner not later than 14 calendar days after the commencement of operations, and in case such operations will last more than a year since the day of notification - every following year on a day when the first notification was provided.
  4. The Company notifies the Commissioner of changes in information about the Personal Data processing operations no later than 14 days since the day of the changes.
Chapter 9. Final provisions
  1. Responsibility for improper fulfillment of the requirements hereof shall rest with all the Company’s employees having access to the Personal Data as part of performance of their job duties.
  2. Issues not regulated by this Policy shall be solved in accordance with the provisions of the applicable law and/or internal regulatory documents of the Company.


Appendix to the Policy on Personal Data Processing of Freedom Finance Global PLC

Consent for the Collection and Processing of Personal Data

I, acting voluntarily, of my own free will and in my own interest, give my perpetual, unconditional, explicit, informed and conscious consent to Freedom Finance Global PLC carrying out its activities in accordance with the legislation of the Astana International Financial Centre (the "AIFC") on the basis of No. AFSA-A-LA-2020-0019 dated 20 May 2020 to carry on regulated activities (the "License"), BIN 200240900095 (the "Company"), to perform the following actions:

  1. collection and processing by the Company of my personal data (i.e. any data related to me) both on paper and in electronic format, in the Company’s data arrays (a set of data which allows to find the corresponding date by a specific value (parameter)) and (or) databases, including the collection and processing of my:
    1. last name;
    2. first name;
    3. patronymic name;
    4. date of birth;
    5. passport details;
    6. registration address;
    7. actual residential address;
  2. collection and processing of the data which can be automatically transmitted when I am visiting the Internet resources of the Company, including the following data:
    1. IP address;
    2. information retrieved from cookies;
    3. browser’s details (or other software that allows access to the advertisement display);
    4. time of access;
    5. address of the webpage, wherein an advertising section is located;
    6. referer (address of the previous webpage);

and I do understand that the information set forth in clauses 1) and 2) above may also be transferred to the information analytical systems which store and process data outside the Republic of Kazakhstan as well, and that collected IP-address statistics may be used to identify and solve technical issues, as well as to control whether financial payments made are legitimate;

3. transfer of my personal data by the Company to the affiliated organizations of the Company and other third parties when such data must be provided in accordance with the requirements of applicable legislation or fulfillment of obligations under contract with the said third parties; in doing so, the Company undertakes to request the abovementioned entities to ensure confidentiality of the transferred personal data;
4. cross-border transfer of my personal data by the Company, i.e. transfer of my personal data to the territories of foreign states including states not included in the list of the jurisdictions having an adequate level of protection defined by the AIFC Data Protection Rules No.1 dated 22 January 2018.

I hereby confirm that I have been notified that:

  • processing of my personal data means any action (operation) or a set of actions (operations) performed on my personal data, whether or not by automatic means, including collection, recording, organisation, storage, adaptation or alteration, retrieval, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, blocking, erasure or destruction of my personal data;
  • my personal data will be collected and processed by the Company for each of the following purposes:
  1. accession to the Company’s Regulations on the Provision of Brokerage (Agency) Services in the Securities Market approved from time to time by resolution of the Board of Directors of the Company (the "Regulations");
  2. provision to me by the Company of the services stipulated by the License in accordance with the terms of the Regulations;
  3. biometric identification of the client (his/her agents and representatives) when establishing business relations with him/her remotely, as well as in the course of provision of electronic services by the Company in accordance with the terms of the Regulations;
  4. internal control, monitoring and accounting of the services provided by the Company to me in accordance with the terms of the Regulations;
  5. performance of due diligence of the client (his/her agents and representatives) by the Company as a financial monitoring entity pursuant to the requirements of the applicable legislation when establishing business relations and carrying out of transactions by the client;
  6. ensuring compliance with the legislative requirements applicable to the Company and its affiliated persons;
  7. development and improvement of the services provided by the Company and its affiliated persons;
  8. development of the marketing and advertising campaigns by the Company and its affiliated persons for marketing purposes, holding promotions, provision (sending) of any information materials to the client;
  9. performance of actions (obligations) by the Company associated with identification/authentication/authorization of the client (his/her agents and representatives) and verification of whether information/ data/ algorithms/ codes/ symbols/ identifiers/ numbers and others provided/used by the client/Company are reliable (correct) (including by way of receipt/reconciliation of Personal Data and other information available to the Company) with a view to minimizing a risk of unauthorized operations in accordance with the applicable legislation and terms and conditions of relevant contracts;
  10. interaction of the Company with third parties which have/or may have relation to the conclusion and/or execution and/or servicing of any transactions/operations concluded (which will be probably concluded) as part of the client and Company relationship;
  11. provision of reports and/or information by the Company to the authorized state bodies, the AIFC bodies, auditing, consulting, appraisal and other professional organizations, affiliated persons of the Company, data operators, communication operators, the Company’s counterparties, as well as receipt of the reports and/or information by the Company from the said parties;
  12. provision of the Personal Data to affiliates of the Company and third parties to implement cooperation in the field of information technology, information security and integration of information assets, subject to the applicable law, to ensure the provision of services using modern information technologies;
  13. possible assignment of rights under the Regulations;
  14. the Company’s compliance with the requirements of the applicable legislation for retention and accounting of data and information;
  15. exercise of the judicial and non-judicial protection of the Company’s rights in case of occurrence disputes related to the fulfilment of obligations stipulated by the Regulations, including in case of occurrence of disputes with the third parties regarding the provision of services by the Company;
  16. exchange of information due to consideration of applications, complaints, proposals of the client and provision of replies to them, including when handing over (receiving) correspondence (mail) to be sent (delivered or received) by post, courier;
  17. provision of any information materials to me by the Company, including those about products and services of the Company by way of notification by telephone, email, as well as any other available communication channels, including direct marketing;
  18. performance of internal inspections and investigations by the Company’s employees;
  19. fulfillment of any other requirements of the applicable legislation by the Company;
  • my personal data will be retained be the Company on any media (electronic, paper and (or) other tangible media) during three years after the termination of my legal relations with the Company;
  • my personal data received by the Company will in all cases be processed at the request of the Company or on the basis of the relevant requirement of the applicable legislation;
  • I have the right to request the Company to provide me with information on my personal data related to me which are being collected and processed, as well as require the Company to correct, delete or block my personal data by submitting a relevant inquiry or request to the email address: [email protected].

This consent may be revoked by me at any time by submitting a written application by post to the following address: 16 Dostyk St., integral non-residential facility No.2, postal code 010016, Yessil district, Nur-Sultan, Republic of Kazakhstan or by email to [email protected].

Main
Starting
Investing
FAQ
Report for Tax Declaration

16, Dostyk street, integral non-residential facility No.2, Yessil district Astana, Republic of Kazakhstan (Talan Towers Offices).

+7 7172 67 77 55 - Free from landline numbers in Kazakhstan; calls from international and mobile numbers are chargeable.

7555 - free from mobile operators in Kazakhstan [email protected], [email protected]

Notify about fraudulent activities or security issues regarding this resource: fbroker.kz/trustcenter

2026

Freedom Finance Global PLC

Privacy Policy

Owning securities and other financial instruments is always associated with risks: the value of securities and other financial instruments can both rise and fall. Past investment results do not guarantee future income. In accordance with the law, the company does not guarantee or promise future returns on investments, nor does it provide guarantees regarding the reliability of potential investments or the stability of potential income.

Freedom Finance Global PLC provides brokerage (agency) services in the securities market on the territory of the Astana International Financial Center (hereinafter referred to as AFSA) in the Republic of Kazakhstan. Subject to compliance with requirements, conditions, restrictions and/or directions of the Acting Law of the AFSA, the Company is authorized to conduct the following Regulated Activities under License No. AFSA-A-LA-2020-0019: Dealing in Investments as Principal, Dealing in Investments as Agent, Managing Investments, Advising on Investments, Arranging Deals in Investments.

S&P Global ratings – “B+/B”, outlook “Positive”.

Ownership of securities and other financial instruments always involves risks: the cost of securities and other financial instruments may rise or fall. Past investment results do not guarantee future returns. In accordance with the legislation, the company does not guarantee or promise the profitability of investments in the future, does not guarantee the reliability of possible investments and the stability of the amount of possible income.

The information on the website is updated as part of keeping the data up-to-date and meeting regulatory disclosure requirements. Please note that these updates are for informational purposes only and are not marketing materials!