VanEck Direct Application: Privacy Policy

We are VanEck Asset Management B.V., registered in the Netherlands with company number 34314095 whose registered office is at Barbara Strozzilaan 310, 1083 HN, Amsterdam, the Netherlands (VanEck, we, us or our).

VanEck is strongly committed to safeguarding the privacy and confidentiality of the Personal Data you have entrusted to us. This Privacy Policy covers VanEck's processing of Personal Data relating to visitors, users and account holders, collected through the VanEck Direct application (the Application) and in the course of VanEck's investment services provided to its customers through and in connection with the Application (the Services).

This privacy policy outlines our commitment to you.

1. Accountability

We have strict policies and procedures governing how we deal with your Personal Data. Each of our employees is responsible for respecting and protecting the Personal Data to which the employee has access.

Our management oversees privacy governance including policy, dispute resolution, education, communications activities and reporting to our Board of Directors on privacy matters. Please see Contact Us for more information.

2. Personal Data that we collect

Personal Data is information about an identifiable individual. It includes information that you have provided to us or was collected by us from other sources. It may include details such as your name and address, age and gender, personal financial records, identification numbers and personal references, to the extent permitted by local laws. We only collect the Personal Data that we determine to be required for the purposes set out in paragraph 3, How we use your Personal Data.

We may collect data directly from you by submitting your Personal Data to us and using the Application and the Services. This includes:

• Contact details and general information such as name, address, date of birth, phone number and email address;
• Financial information such as bank account information and your investment and risk profile, based on your investment and risk preferences provided by you to us during the onboarding process in the Application;
• Anti-crime and fraud information:  such as information relating to your financial situation, your creditworthiness or any criminal or fraudulent activities provided to us by you or third parties, including information which establishes your identity, such as passports and/or other official documents (including personal identification number and document number); information about transactions, credit ratings from credit reference agencies or information pooling groups; information in relation to fraud or offences committed by you or any suspicious transactions made by you, information revealing any politically exposed persons and sanctions lists where your details are included;
• Information or feedback you provide to us, such as when using the contact form of if you contact us in any other way, we will keep records of our correspondence and other content you may upload in your account; and
• Marketing preference information: details of your marketing preferences (e.g. communication preferences) and information relevant to selecting appropriate products and services to offer you.

We may also collect Personal Data automatically when you visit the Application or use the Services. This includes:

• Device Information: such as information about your operating system, browser, software applications, IP address, geolocation, security status and other device information in order to improve your experience, to protect against fraud and manage risk;
• Your transactions and holdings: details of transactions with us or holdings with us that you have made or initiated; and
• Application and communication usage: details of your visits to and use of the Application and information collected through tracking technologies including your IP address, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.

We do not collect special categories of Personal Data about you.

VanEck's Services are not directed at persons under the age of 18, and VanEck does not knowingly collect Personal Data from any child under the age of 13. If we learn that we have collected or received Personal Data from a child under 13 without verification of parental consent, we will delete that information. Please instruct us accordingly.

3. How we use your Personal Data

When we collect your Personal Data, we may use or disclose it for the following specific purposes. An explanation of the scope of the "legal grounds" can be found in Annex A hereto. As we will only retain your Personal Data as long as it is reasonably necessary to fulfil the specific purpose we collected it for, we have also listed the applicable retention periods relating to the specific purposes. Please note that, if your personal data will no longer needed for a specific purpose, we may still process such information if necessary for another purpose for which we collected the data (for example, to comply with a legal obligation).

• To communicate with you regarding products and services that may be of interest: to provide you with updates and offers, where you have chosen to receive these. We may also use your information for marketing our own and our selected business partners' products and services to you by email and phone. Where required by law, we will ask for your consent at the time we collect your data to conduct any of these types of marketing. We will provide an option to unsubscribe or opt-out of further communication on any electronic marketing communication sent to you or you may opt out by visiting Contact Us.

  Use justifications: consent, legitimate interests (to keep you updated with news in relation to our products and services).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), marketing preference information and financial information (such as information and preferences provided by you during your onboarding process).

  Retention period:

  • In the event we offer our own similar products or services: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.
  • In the event consent is required by law: until the moment you withdraw your consent for receiving marketing communications.

• To create your customer profile: we may process your personal data where required in order to create and maintain your customer profile within the Application. This includes any information in order to verify your identity and to be able to provide our Services.

  Use justifications: contract performance, legitimate interests (to enable us to perform our obligations and provide our Services to you).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), financial information (such as information and preferences provided by you during your onboarding process), anti-crime and fraud information and information or feedback you provide to us.

  Retention period: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.

• To communicate effectively with you and conduct our business: to conduct our business, including to respond to your queries, to otherwise communicate with you, or to carry out our obligations arising from any agreements entered into between you and us.

  Use justifications: contract performance, legitimate interests (to enable us to perform our obligations and provide our Services to you).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), financial information (such as information and preferences provided by you during your onboarding process), information or feedback you provide to us and transactions and holdings.

  Retention period: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.

• To understand our customers and to develop and tailor our products and Services: we, or third party service providers on our behalf, may analyze the Personal Data we hold in order to better understand our business and develop our products and Services. In order to ensure that content from our Application is presented in the most effective manner for you and for your device, we may pass your data to business partners, suppliers and/or service providers (see paragraph 5).

  Use justifications: legitimate interests (to ensure the quality and legality of our Services, to allow us to improve our Services and to allow us to provide you with the content and Services within the Application).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), financial information (such as information and preferences provided by you during your onboarding process), information or feedback you provide to us, transactions and holdings and application and communication usage.

  Retention period: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.

• To provide and manage products and Services: to administer our Services, including to carry out our obligations arising from any agreements entered into between you or your company and us, or to notify you about changes to our Services and products.

  Use justifications: contract performance, consent, legitimate interests (to enable us to perform our obligations and provide our Services to you or to notify you about changes to our Service).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), anti-crime and fraud information, financial information (such as information and preferences provided by you during your onboarding process), information or feedback you provide to us, application and communication usage and transactions and holdings.

  Retention period:

  • In the event processing will be based on contract performance or our legitimate interests: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account. In the event processing will be based on consent: until the moment you withdraw your consent.

• To verify your identity, protect against fraud and manage risk: we and other organizations may access and use certain information to prevent fraud, money laundering and terrorism as may be required by applicable law and regulation and best practice at any given time, including checking against sanctions, politically exposed persons (PEP) and other fraud or crime screening databases. If false or inaccurate information is provided and fraud is identified or suspected, details may be passed to fraud prevention agencies and may be recorded by us or by them.

  Use justifications: legal obligations, legal claims, legitimate interests (to prevent crimes and protect our business).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), anti-crime and fraud information, financial information (such as information and preferences provided by you during your onboarding process) and your transactions and holdings.

  Retention period: for the duration of 5 years after the end of our contract with you, as required by the applicable laws.

• To set up an investment profile: in order to set up an investment profile for you, we may process information relating to your financial situation, such as your bank account information, and information relating to your investment preferences. This is for us to ensure the quality of our Services and to comply with financial law obligations. 

  Use justifications: legal obligations.

  Personal Data: financial information (such as information and preferences provided by you during your onboarding process).

  Retention period: for the duration of 5 years after the set-up of the investment profile, as required by the applicable laws.

• To comply with legal or regulatory requirements, or as otherwise permitted by law: we may process your Personal Data to comply with our regulatory requirements or dialogue with our regulators or defend or prosecute claims as applicable which may include disclosing your Personal Data to third parties, the court service and/or regulators or law enforcement agencies in connection with enquiries, proceedings or investigations by such parties anywhere in the world. Where permitted, we will direct any such request to you or notify you before responding unless to do so would prejudice the prevention or detection of a crime.

  Use justifications: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), anti-crime and fraud information, financial information (such as information and preferences provided by you during your onboarding process), information or feedback you provide to us, device information and transactions and holdings.

  Retention period: for the duration of 5 years after the end of our contract with you, as required by the applicable laws, unless a longer duration will be required to comply with regulatory requirements or to defend or prosecute legal claims.

• To inform you of changes: to notify you about changes to our Services and products.

  Use justification: legitimate interests (to notify you about changes to our Service).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address) and financial information (such as information and preferences provided by you during your onboarding process).

  Retention period: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.

• To monitor certain activities: to monitor queries and transactions to ensure service quality, compliance with procedures and to combat fraud.

  Use justifications: legal obligations, legal claims, legitimate interests (to ensure the quality and legality of our Services).

  Personal Data: contact details and general information (such as name, address, date of birth, phone number and email address), financial information (such as information and preferences provided by you during your onboarding process), anti-crime and fraud information, information and feedback you provide to us, application and communication usage and your transactions and holdings.

  Retention period: for the duration of the period we have a contract with you and/or for the period during which you are registered with an account.

• To administer our Application and diagnose problems: to protect our business or troubleshoot problems, we may process information relating to your device and use of our service. By doing so, we will be able to ensure network security and to customize our Services in order to provide you with the best experience.

  Use justifications: legitimate interests (to ensure the quality of our Services and provide our Services to you).

  Personal Data: device information and application and communication usage.

  Retention period: for the duration of the period in which the Application is installed on your device.

• To reorganize or make changes to our business: in the event that we (i) are subject to negotiations for the sale of our business or part thereof to a third party, (ii) are sold to a third party or (iii) undergo a reorganization, we may need to transfer some or all of your Personal Data to the relevant third party (or its advisors) as part of any due diligence process for the purpose of analyzing any proposed sale or reorganization, certainly limited to what is required for this purpose and only to the extent allowed under applicable laws. We may also need to transfer your Personal Data to that reorganized entity or third party after the sale or reorganization for them to use for the same purposes as set out in this policy.

  Use justifications: legitimate interests (in order to allow us to change our business).

  Personal Data: anti-crime and fraud information and any other information that will be required for this purpose, such as information you provide to us (e.g. regarding complaints).

  Retention period: for the duration of the (negotiations of the) sale, reorganization and/or due diligence process.

4. Consent and Your Choices

Most of our processing is permitted by "legal grounds" other than consent (see paragraph 3 above). In relation to Direct Marketing, where we are required to do so, we will obtain your consent before using your Personal Data for this purpose. Direct Marketing is our communication with you by email, using your contact information, to inform you about products and services that we think may be of interest and value to you. This does not include communications regarding products or services that you currently have, including improved ways to use the products, or additional features of the products as well as transactional information.

If you prefer not to receive our Direct Marketing communications, you can withdraw your consent at any time and have your name deleted from our Direct Marketing and/or shared information lists. If you want to change your privacy preferences, please see Contact Us.

5. Sharing your Personal Data (and transfers outside your country)

We will only use or disclose your Personal Data for the purpose(s) it was collected and as otherwise identified in this Privacy Policy.

• Sharing within the VanEck group: We may share your Personal Data within the VanEck group, for marketing purposes, for legal and regulatory purposes, to manage credit risk and other business risks, to ensure we have correct or up to date information about you and to better manage your relationship with us.

• Sharing outside the VanEck group: Personal Data may be provided to third parties, including anti-fraud organizations, legal, regulatory or law enforcement authorities in cases of suspected criminal activity or contravention of law, for the detection and prevention of fraud, or when required to satisfy the legal or regulatory requirements of governments, regulatory authorities or other self-regulatory organizations, or to comply with a court order or for the protection of our assets (for example, collection of overdue accounts).

• Business sale or reorganization: Over time, we may buy new businesses or sell some of our businesses. Accordingly, Personal Data associated with any accounts, products or services of the business being purchased or sold will be reviewed as part of the due diligence process and subsequently transferred as a business asset to the new business owner. We may also transfer Personal Data as part of a corporate reorganization or other change in corporate control.

• Sub-contractors and agents: We may use affiliates or other companies to provide services on our behalf such as data processing, account administration, identification, support and fraud prevention and detection and marketing including third party service providers such as ID & pay, VI Company, Flynck, LexisNexis and Risk Narrative

  Such companies will be given only the Personal Data needed to perform those services and we do not authorize them to use or disclose Personal Data for their own marketing or other purposes. We have contracts in place holding these companies to standards of confidentiality equivalent to ours.

  In addition, our payment service provider and identity provider ID & pay may act as an independent data controller of your Personal Data in the context of identity, payment and transactions services provided within our Application. As independent data controller, ID & pay is responsible for the processing of your Personal Data.

6. Retention of Personal Data

Our retention periods for personal data are based on business needs and legal requirements. We retain your Personal Data for as long as is necessary for the processing purpose(s) for which the information was collected, and any other permissible, related purpose such as satisfying any legal or accounting requirements.

To determine the appropriate retention period of your Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data and whether we can achieve those purposes through other means, and the applicable legal requirements.

When Personal Data is no longer needed for the purposes for which we collected it for, our policy is to either irreversibly anonymize the data (and we may further retain and use the anonymized information) or securely destroy the data. Please note that, if your Personal Data will no longer be needed for a specific purpose, we may still process such information if necessary for another purpose for which we collected the data (for example, to comply with a legal obligation).  

Details of retention periods for the different purposes are set out in paragraph 3 above.

7. Accuracy and security of your Personal Data

We are committed to maintaining the accuracy of your Personal Data and ensuring that it is complete and up-to-date. If you discover inaccuracies in our records, or your Personal Data changes, please notify us immediately so that we can make the necessary changes. Failure to notify us of changes to your Personal Data may negatively impact the way we communicate or provide our Services to you. Where appropriate, we will advise others of any material amendments to your Personal Data that we may have released to them. If we do not agree to make the amendments that you request, you may challenge our decision as described in Contact Us.

Safeguarding your Personal Information
We use physical, electronic and procedural safeguards to protect against unauthorized use, access, modification, destruction, disclosure, loss or theft of your Personal Data in our custody or control.
We have agreements and controls in place with third party service providers that may have access to your Personal Data, requiring that any information we provide to them must be safeguarded and used only for the purpose of providing the service we have requested the company to perform.

Security over the internet

No data transmission over the Internet or Application can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your Personal Data in accordance with data protection legislative requirements.

All information you provide to us is stored on our or our subcontractors' secure servers and may only be accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our Application, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of.

8. Changes to this Privacy Policy

From time to time, we may make changes to this Privacy Policy. We will note the date of the most recent revision of this Privacy Policy at the bottom of the page.

Please see Contact Us to answer any questions you may have about our Privacy Policy.

9. Your Rights

If you have any questions in relation to our use of your Personal Data, you should first contact us as per the Contact Us section below.

In accordance with applicable law, you may have the right to require us to:

• provide you with further details on the use we make of your information;
• provide you with a copy of information that you have provided to us;
• update any inaccuracies in the Personal Data we hold (please see paragraph 7);
• delete any Personal Data that we no longer have a lawful ground to use or retain;
• where processing is based on consent, to withdraw your consent so that we stop that particular processing (see paragraph 4 for marketing);
• object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
• restrict how we use your information whilst a complaint is being investigated.

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g. the prevention or detection of crime) and our interests (e.g. the maintenance of legal privilege).  You can exercise your rights by filing a request by e-mail to privacy@vaneck.com. We aim to respond to your request within one month after receiving such a request. However, this one month term may be extended with two months. In such event, we will inform you within one month after receipt of your request and explain why the extension is necessary.

If you are not satisfied with our use of your Personal Data or our response to any exercise of these rights, you have the right to lodge a complaint to the Dutch data protection regulator (Autoriteit Persoonsgegevens), or any other data protection regulator in the country you reside in. We would, however, appreciate the chance to deal with your concerns before you approach the data protection regulator, so please contact us in the first instance.

10. Collection of Information

VanEck or our service providers may use web server logs, web beacons, or other electronic tools to collect information that is related to you but that does not personally identify you, such as:

• IP address;
• browser type;
• operating system;
• computer platform;
• information about your mobile device;
• geo-location data; and
• the state or country from which you accessed the Application.

VanEck or our service providers may also use web server logs, web beacons, or other electronic tools to collect and compile statistical and other non-personal information about your use of the Application and the Services provided within the Application, such as:

• the relevant pages you visit within the Application;
• the date and time of your visit;
• the number of links you click within the Application;
• the functions you use within the Application;
• the databases you view and the searches you request on the Application; and
• the data you save on, or download from, the Application.

Except for electronic tools that collect non-personal information, we need your consent to place electronic tools.

11. Contact Us

If you have any questions or concerns about our privacy practices or the privacy of your Personal Information, please let us know.

To unsubscribe from marketing material we send you, please follow the instructions at the bottom of the email you have received. Alternatively, or in case of any other privacy related questions, you may:

• Email us at privacy@vaneck.com; or
• By using the Contact Us section in the Application.

If after contacting us you do not feel that we have adequately addressed your concerns, you may contact the Dutch data protection regulator (Autoriteit Persoonsgegevens), or any other data protection regulator in the country you reside in, about the way we process your personal data.

Last Updated: June 2023 

ANNEX A: Table of Legal Bases

Use of Personal Data under EU data protection laws must be justified under one of a number of legal "grounds" and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of the grounds available is set out below. We note the grounds we use to justify each use of your information next to the use in the "Uses of your personal information" section of this policy.

These are the principal legal grounds that justify our use of your information: