Information about our organisation and websites
Our Privacy Statement covers The London Metal Exchange and LME Clear Limited (together, “LME Group”) and their websites including http://www.lme.com/, https://datalicensing.lme.com/ and http://www.lmelive.com/. It also covers any email communications that we may send to you or your company. LME Group is based in the United Kingdom.
We are committed to protecting your privacy. This Privacy Statement describes the ways in which we collect information from you and what we use it for. Please read the policy to check how your information will be treated. It also describes your data protection rights, including a right to object to some of the processing which the LME Group carries out. More information about your rights, and how to exercise them, is set out in the Your Rights section.
This Privacy Statement may be updated periodically. We will update the date at the top of this Privacy Statement accordingly. On some occasions, we may also actively advise you of specific data handling activities or significant changes to this Privacy Statement, as required by applicable law.
The terms of this statement should be read together with our Website Terms and Conditions, any additional terms and conditions, disclaimers or other contractual terms you have entered into with us and any applicable mandatory laws and regulations, as amended from time to time.
Personal Data we collect
Information collected directly:
- If you are enquiring about, registering for, or using our services, courses, websites or databases, then we will process your personal data - including your name, address, e-mail address and phone number, preferences (e.g. metals you are interested in) and service usernames and passwords.
- If you attend one of our events or express interest in doing so you may provide us with your name, contact information, interests and marketing preferences.
- You may give us information about you when you complete a form on our site or by corresponding with us by phone, e-mail or other electronic means, or in writing.
- We use CCTV cameras in our premises, which may capture images including your personal data.
- We also undertake video and audio recordings of activity at our trading exchange, and record certain phone lines as set out in the Recording of telephone calls section.
- When we send or receive email from you we collect the address and content of the emails, the success or failure of our attempts to send you email, and information about when you receive, open or click on content in emails we send you and any subsequent visits you or other recipients make to our websites.
Information we collect about you from third parties:
- Under the Exchange Membership Agreement, Clearing Membership Agreement and the member on-boarding processes, our members and prospective members, and our members' clients and prospective clients, may provide us with personal data of their clients, staff, Directors and shareholders – including name, address, e-mail address and phone number, job titles and responsibilities, other information set out in a CV, passports and national identification documents, financial information (bank statements and debit/credit card statements), utility bills and share certificates.
- In relation to our market data products, our licensees will provide us with information about end users (name, e-mail address and end user account number), in order for us to ensure that the terms of the licence are complied with and to track usage.
- Our suppliers and warehouse companies also provide us with personal data about their staff (names and contact information) which we process as necessary to manage our relationship with the supplier and to ensure their suitability.
With regard to each of your visits to our site we may automatically collect the following information:
- technical information, including the Internet protocol (IP) address used to connect your computer to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; and
- information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our site (including date and time); services or issues you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page.
Information we receive from other sources:
- We undertake commercial and legal due diligence checks on our members and prospective members, which involves obtaining personal data on staff, Directors and shareholders from third parties which provide background checking services. The data we obtain may in limited cases include information about criminal offences or convictions of individuals. Further information about these checks is included in our membership information pack.
- We may combine the information we have collected from with information from other sources, such as public records or bodies, or private organisations.
Purpose and legal basis
We use personal data for the following purposes:
(1) Where this is necessary for purposes which are in our, or third parties, legitimate interests. These interests are:
- To undertake all necessary commercial due diligence on our members and prospective members;
- To develop our business by managing our relationships with actual or prospective: members, members’ clients, ISVs, warehouse operators, logistics firms, vendors, market data distributors, purchasers of market data and other products and services we provide, and any other key stakeholders;
- To provide users with access to our websites and features on the websites;
- To send individuals information they have requested;
- To ensure the security of our websites and our systems, by trying to prevent unauthorised or malicious activities;- To enforce compliance with our Exchange Membership Agreement, Clearing Membership Agreement, Website Terms and Conditions, the LME Rulebook, the LME Clear Rules and Regulations, and other contracts and policies;
- To send service messages to our members;
- To ensure the safety and security of our staff and premises through the use of CCTV cameras;
- To ensure the suitability of individuals who are permitted to trade and/or clear; and
- To undertake internal analysis on, and improvements of, our business.
(2) For purposes which are required by law:
- To collect and hold certain personal data in order to comply with our legal responsibilities under the Regulation on Markets in Financial Instruments (MIFID II). Further information about our collection and use of this personal data can be found here: https://www.lme.com/-/media/Files/Notices/2017/11/17-367-REQUIREMENT-FOR-MEMBERS-TO-SUBMIT-PII.pdf
- To carry out anti-money laundering and other due diligence checks required for compliance with the law and our regulatory responsibilities;
- To monitor and report suspicious trading activity in accordance with our regulatory obligations; and
- In response to requests by government or law enforcement authorities conducting an investigation.
(3) To fulfil a contract, or take steps linked to a contract:
- To process an individual's registration on our websites; and
- To send individuals information about their use of our websites and changes to our terms or policies.
(4) Where you give us consent:
- Where you ask us to send marketing information to you via a medium where we need your consent (for example, email marketing to private email addresses);
- On other occasions where we ask you for consent, for the purpose which we explain at that time.
We have carried out balancing tests for all the data processing we carry out on the basis of our legitimate interests, which we have described above. You can obtain information on our balancing tests by contacting us using the details set out later in this notice.
Confidentiality / Security
We have implemented security policies, rules and technical measures to seek to protect the personal data that we have under our control from:
• unauthorised access;
• improper use or disclosure;
• unauthorised modification; and
• unlawful destruction or accidental loss.
All our employees and data processors who have access to and are associated with the processing of personal data are obliged to respect the confidentiality of your personal data.
The personal data we process will be shared as follows:
- with companies providing services to us which require the processing of personal data, such as training providers, insurance brokers, payment processors, identity verification and security providers, and IT hosting, IT platform and/or IT maintenance providers, marketing agencies, email management suppliers, and service providers which assist with our commercial and legal due diligence processes;
- with our parent company, Hong Kong Exchanges and Clearing Limited and its group companies (“HKEX”), who store personal data on our behalf on shared servers;
- with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the protection of our legitimate interests in compliance with applicable laws;
- to the Bank of England, the Financial Conduct Authority and to other regulators as requested or required under applicable laws;
- if your personal data has been provided by a client or prospective client of our member, with designated clearing members and designated brokers to the extent such members or brokers are nominated by such client or prospective client; and
- in the event that our business is sold or integrated with another business, your personal data may be disclosed to our advisers and any prospective purchaser's adviser and will be passed to the new owners of the business.
Your personal data will be processed in or accessed from jurisdictions outside the European Economic Area ("EEA") namely by HKEX in Hong Kong, a country that does not have equivalent data protection laws to those in the EEA. We will also transfer your personal data for the above-stated purposes to suppliers outside the EEA.
When we transfer your data to HKEX, we make use of standard contractual data protection clauses, which have been approved by the European Commission. When we transfer your data to organisations outside the HKEX group (e.g. suppliers) we may use these clauses. We may also transfer your data to organisations in the US who participate in the EU-US Privacy Shield or which have corporate rules in place to protect your data, which have been approved by EU data protection authorities. For further information, including to obtain a copy of the documents used to protect your information, please contact us as described in the Privacy Support section below.
You have the right to ask us for a copy of your personal data; to correct, delete or restrict processing of your personal data; and to obtain the personal data you provide in a structured, machine readable format.
In addition, you can object to the processing of your personal data in some circumstances (in particular, where we don’t have to process the data to meet a contractual or other legal requirement). Where we have asked for your consent, you may withdraw consent at any time. If you ask to withdraw your consent to us processing your data, this will not affect any processing which has already taken place at that time.
You can object at any time to our use of your personal data for direct marketing purposes, by contacting us using the information below.
These rights may be limited, for example if fulfilling your request would reveal personal data about another person, or if you ask us to delete information which we are required by law or have compelling legitimate interests to keep. If you have unresolved concerns, you have the right to complain to a data protection authority in the country in which you live or work, or alternatively to the UK Information Commissioner (www.ico.org.uk).
We retain records related to actual or prospective: members, members’ clients, ISVs, warehouse operators, logistics firms, vendors, market data distributors, purchasers of market data and other products and services we provide, and any other key stakeholders, for an indefinite period of time, where such records are pertinent for the LME to ensure the orderly functioning of its markets.
Personal data relating to investment decision makers of our members' clients will be retained for as long as the relevant client is registered to use our services.
Where we process personal data for marketing and client relationship management purposes or with your consent, and you remain an active user of our websites or services, we process the data until you ask us to stop and for a short period after this (to allow us to implement your requests). We also keep a record of the fact that you have asked us not to send you direct marketing or to process your data indefinitely so that we can respect your request in future. Where you cease to be an active user of our websites or services, we will retain your data used for marketing and client relationship management purposes for a period of two years from your last interaction with us.
Recordings of telephone calls
We may record:
(a) telephone calls made or received by representatives of the LME Group; and
(b) the telephone number from which callers telephone the LME Group, together with the time, date and content of the call,
for the purpose of complying with our legal and regulatory obligations.
We may maintain records relating to (a) and (b) above, in each case in accordance with the LME Group’s policies from time to time and applicable law.
By post: 10 Finsbury Square, London, EC2A 1AJ
Phone: +44 (0) 207 113 8888
Fax: +44 (0) 207 680 0505
By post: The London Metal Exchange Singapore Branch, 30 Raffles Place, #19-03 Chevron House
VeraSafe has been appointed as the LME Group's representative in the European Union for data protection matters, pursuant to Article 27 of the General Data Protection Regulation of the European Union. If you are in the European Economic Area, VeraSafe can be contacted in addition to contacting the LME Group, only on matters related to the processing of personal data. To make such an inquiry, please contact VeraSafe using this contact form: https://verasafe.com/public-resources/contact-data-protection-representative or via telephone at: +420 228 881 031.
Alternatively, VeraSafe can be contacted at:
VeraSafe Czech Republic s.r.o
Prague 1, 11002
VeraSafe Ireland Ltd.
Unit 3D North Point House
North Point Business Park
New Mallow Road
VeraSafe Netherlands BV
Keizersgracht 391 A 1
016 EJ Amsterdam