Privacy notice: AlphaStream’s personalisation and insights service and your personal data

Last updated 15 March 2022

Please read this notice in conjunction with our website privacy policy.  

Who are AlphaStream?

Alphastream.IO Limited is a financial technology business. 

What do we do?

We provide a financial markets content personalisation and insights service to our financial services clients and their customers. We use machine learning and algorithms to process and deliver internal and third party content and market data from sources such as user activity, news and social media to customers on digital channels via headless API. 

What customer data do we use?

The following customer data is normally required for our personalisation and insights service: 

  • Trading activity such as when the account was funded, buying and selling activity, fund withdrawals
  • Web interaction activity such as clicks and hovers on all digital channels 
  • Device details such as IP address and device type
  • Observed and inferred data generated by our proprietary algorithm

Overview of Processor and Controller processes 

Timeline

Description automatically generated with medium confidence

How do we use customer data? 

We process customer data as a data processor on behalf of our clients. Our proprietary algorithm performs two major functions:

  • Machine reading of content and data from various sources in order to understand market trends 
  • Understanding user trading behaviour and content consumption across digital channels and making relevant content and data recommendations. 

We process customer data as a data controller to develop our algorithm and solution architecture. All data is fully anonymised and randomly sampled. 

How do we collect customer data?

We integrate with our clients’ back end operational systems to ingest customer data into the Alphastream platform, tag up digital channels in order to track user behaviour and capture form submissions such as account logins.

Where do we store customer data?

Data is stored in a private cloud housed in a UK based, Tier IV Data Centre.

How do we protect customer data?

  • All data transit channels protected with HTTP over TLS (HTTPS).
  • Personal data is anonymized on ingestion
  • Multi-Layer end to end encryption for data in transit and at rest RBAC Controls using concept of least privilege
  • Encrypted and secure file repositories

Who do we share customer data with?

As a data controller, we do not share customer data with any third party.

How long do we keep customer data?

Personal data is kept depending on the policy of the financial institution but typically for a period of 10 years.

Can customers opt-out?

Yes, we offer an opt-out feature within our service. Our clients’ customers can opt-out from the personalisation and insights service which will stop the delivery of any further personalised consent. 

Unless specifically requested by the customer, customer data will continue being ingested for AlphaStream’s own analytics, statistical and algorithm development purposes. The customer can exercise further rights as set out in our website privacy policy.  

Can we delete customer data?

Yes, we have a process for deletion of all personal data and will delete customer personal data on request without delay and no later than within one month. 

For more information about your data protection rights and how to exercise them, please see our website privacy policy.