Last Modified: May 25, 2018
The official language used by Topstep is English; in the event of a conflict between the English language version of this document and any version translated into any other language, the English language version shall prevail.
“Account” means a User Account.
“Authorization” means the set of rights and privileges on the Web Site assigned to a User by Topstep.
“Content” means all information and other materials present on the Sites, including Topstep’s products and services, text, images, photos, trading ideas, opinions rumors, advice, charts, financial information, ratings, reviews, or similar information.
“Controller” means a person or entity who, either alone or jointly, determines the purposes and means of the processing of Personal Data, controls the data, and is responsible for it, and does so with respect to persons (Data Subjects) who are physically located in the European Union.
“Credit Card Information” means certain credit and debit card information, including your card number, CVV number, expiration date, phone number, name, billing address, and email address.
“Data Subject” means an identified or identifiable natural person.
“Designated Agent” means the Topstep representative designated to receive notification of claimed infringement under the Digital Millennium Copyright Act.
“EU” means the European Union.
“Feedback” means your comments, feedback, information, or other materials regarding the Sites and Services.
“GDPR” means the General Data Protection Regulation, adopted as Regulation (EU) 2016/679 of the European Parliament on April 14, 2016. The GDPR is effective on May 25, 2018.
“Log Data” means information that your browser sends whenever you visit a website; this information is automatically recorded by our servers.
“Orders” means requests for subscriptions or other services placed by a User through the Sites or Services or through a third-party affiliate.
“Personal Data” means any information relating to an identified or identifiable natural person.
“Sensitive Data” means data that reveals racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, data that concerns health, or data that concerns a natural person’s sex life or sexual orientation.
“Topstep” (“we”, “our” or “us”) means TopstepTrader, LLC, an Illinois exempt limited liability company.
“User” means a natural person granted Authorization to use the Account on behalf of himself/herself.
“User Account” means an account of a User that is registered with Topstep that has access to specified Services of Topstep.
“User Data” means trading information generated by you and other Users (whether aggregated or otherwise).
“User Submission” means any comment, or personal information, including ideas, suggestions, opinions, comments, observations, or other material , posted to any public form on our Sites or Services, including any publication, article, social network page, blog, chat room, or other such forum.
“You” and “Your” means User and User’s.
3. TopstepTrader as Data Controller / Privacy Officer
For users in the EU, Topstep is a Controller, as defined in the GDPR, of your Personal Data. Should you have questions or requests regarding your Personal Data, you may contact Topstep’s Privacy Officer at any time at firstname.lastname@example.org. You may also call us at (888) 407-1611 or write to us at:
130 S. Jefferson St., Suite 200
Chicago, Illinois 60661
4. Designated Agent
Topstep’s Designated Agent for purposes of the Digital Millennium Copyright Act may be contacted at email@example.com. Please refer to “Designated Agent” in the subject line of your email. You may also call us at (888) 407-1611 or write to us at:
130 S. Jefferson St., Suite 200
Chicago, Illinois 60661
5. Collection of Personal Data
You may choose to register an account with our Sites or Services and we may collect certain personal information from you in order to provide services and to complete transactions.
When you register with us through our Sites or Services, we will ask you for Personal Data. Personal Data may include your name, phone number, email address, postal address, username, password, zip code, and age (optional).
Our Sites or Services may provide links to third-party applications, products, services, or websites for your convenience and information. If you access those links, you will leave our Sites or Services. We do not control those third party sites and services or their privacy practices, which may differ from our practices. We do not endorse or make any representations about third-party sites. Any information you choose to provide to, or that is collected by those third parties is not covered by the Agreement. We cannot control the activities of third parties, and we have no responsibility for any use of the information provided by such third parties. Any information you choose to provide to third party websites or products will be governed by the policies of those third party websites and products.
If you post a User Submission to any public forum on our Sites or Services, including any publication, article, social network page, blog, chat room, or other such forum, please be aware that any Personal Data disclosed in your User Submission can be read, viewed, collected, or used by other users of these forums, and could be used to contact you, send you unsolicited messages, or for purposes that neither you nor we control. We may also aggregate all or any part of User Submissions into a resource that we may use, share, or distribute provided that any Personal Data has been anonymized. Topstep is not responsible for the Personal Data contained in your User Submission.
6. Legal Basis for Collecting Personal Data
7. Where the Processing of Personal Data Takes Place
Personal Data is processed in the United States of America and in London, England.
8. Purposes for Which We Collect Personal Data / How We Use and Share Your Personal Data / Location of Processing
Purposes for Which We Collect Personal Data
We do not sell your Personal Data to third parties to use for their own marketing purposes. Topstep uses the information we collect for the following purposes:
- Provide our Services. To provide the services we offer on our Sites and Services, to communicate with you about your use of our Sites or Services, to respond to your inquiries, to provide troubleshooting, and for other customer services designed to make your experience better.
- Personalization. To tailor the content and information that we may send or display to you, to suggest personalized help and instructions, and to otherwise personalize your experience while visiting or using our Sites or Services.
- Advertising. To display interest-based advertising to you, to improve our advertising and measurement systems so that we can show you more relevant ads, and to measure the effectiveness and reach of ads and services.
- Marketing and Promotions. For marketing and promotional purposes, such as to send you news and updates, special offers, and promotions, or other otherwise contact you about products, services, or information we think may interest you, including information about third party products and services.
- Analytics. To gather metrics to better understand how users access and use the Sites and Services; to evaluate and improve the Sites and Services; and to develop new products and services.
- Comply with the Law. To comply with legal obligations, as part of our general business operations, and for other business administration purposes.
How We Use Your Personal Data
We use the information you provide to offer, manage, and/or improve our Sites or Services, including but not limited to:
- improving content
- adapting or adding in new features and functionality
- providing and improving service and support
- delivering relevant advertising
- assisting with social sharing functionality developing new products and services
- selecting content to be communicated to you
- aggregating certain types of information to better understand or provide better engagement with our Users
- contacting you regarding our products or services; and preventing and detecting security threats, fraud or other malicious activity
Topstep may share your Personal Data with our affiliates or with third parties, which provide services to us and which agree to keep such Personal Data confidential. You may view our agreements with our affiliates here.
We may employ third party companies and individuals for any of the following:
- to facilitate the Sites or Services
- to provide the Sites or Services on our behalf
- to perform related services, including maintenance, database management, web analytics, and improvement of the features or functionality
- to assist us in data analysis
We employ a third party company to process debit, credit, and other payments and to perform related services.
We may collect and compile general information about you and your preferences and interests and use that information as described in this Section. We may share with or sell such information to third parties for these same purposes, but would never do so without your consent. If you do not provide your consent, we will not share with or sell any of your information to third parties.
We retain the right to disclose Personal Data as allowed or required by law. We may also disclose Personal Data under the following circumstances:
- to respond to duly authorized information requests of police and governmental authorities
- to comply with any law, regulation, subpoena, or court order
- to investigate and help prevent security threats, fraud or other malicious activity
- to investigate and help prevent a violation of any contractual or other relationship with Topstep or the perpetration of any illegal or harmful activity
- to enforce and protect the rights and properties of Topstep, its affiliates and its business partners
- to protect the personal safety of our employees, agents, affiliates, business partners, customers or site users
Personal Data from our Users who reside in the European Union is processed in the United States and in London, England. Topstep shall process such Personal Data in accordance with the requirements of the GDPR.
California Privacy Rights
Pursuant to Section 1798.83 of the California Civil Code, residents of the State of California have the right to request from a business, with whom the State of California resident has an established business relationship, certain information with respect to the types of personal information the business shares with third parties for direct marketing purposes by such third party and the identities of the third parties with whom the business has shared such information during the immediate preceding calendar year.
To request a copy of the information disclosure provided by us pursuant to Section 1798.83 of the California Civil Code, please contact us at firstname.lastname@example.org.
European Union General Data Protection Regulation 2016/679
European Union General Data Protection Regulation EU 2016/679 (“GDPR”), approved by the European Parliament on April 14, 2016, and effective May 25, 2018, addresses the protection of natural persons located in the EU with respect to the processing of their Personal Data
GDPR recognizes that Personal Data shall be:
- processed lawfully, fairly and in a transparent manner
- collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes
- adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed
- accurate and, where necessary, kept up to date
- kept in a form which permits identification of Data Subjects for no longer than is necessary for the purposes for which the personal data are processed
- processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures
As a Controller, Topstep shall be responsible for, and shall be able to demonstrate compliance with, the foregoing principles. Therefore, you have the right:
- to request the correction or update of any Personal Data that is incorrect or incomplete
- to request the erasure of your Personal Data (the right to be forgotten)
- to portability of your Personal Data
- to object to the processing of your Personal Data
- not to be subject to a decision based on automated decision-making, including profiling
- to withdraw consent to the processing of your Personal Data
- to register a complaint with a supervisory authority (if you are located in the EU)
Unless otherwise prohibited by law, Topstep will effect any such request without delay. Where Topstep is able to comply with a request for erasure by anonymizing the Personal Data, we will do so.
Under the GDPR, you have the right to be forgotten. If you reside in an EU territory, you may request the deletion of your personal data that we collect, store, or process. When you make your request, we will balance the privacy rights of the individual concerned with the interest of the general public in having access to the information, as well as the right of others to distribute the information. For instance, we may refuse to delete information regarding financial scams or other unlawful activities. In the event Figo receives a request for erasure, or a request to be forgotten, Figo has the obligation to erase the personal data without undue delay (and no longer than 30 days after the request is received), where one of the following grounds applies:
- The Personal Data is no longer necessary for the purpose for which it was originally collected or processed.
- You withdraw your consent to the collection processing of your Personal Data.
- You object to the processing and there is no overriding legitimate interest for continued collection or processing of your personal data.
- You believe that your Personal Data was unlawfully processed or collected (i.e., in breach of the GDPR).
- Your Personal Data must be erased in order to comply with an EU or an EU Member State law to which we are subject.
- Such Personal Data was processed in relation to the offer of information society services to a child.
If you would like to submit a request for erasure (request to be forgotten), please use the form linked here.
Where Processing of Personal Data Takes Place
Personal Data is processed in the United States of America.
9. Keeping Your Personal Information Secure
To prevent unauthorized access or disclosure, to maintain data accuracy, and to ensure the appropriate use of the information, Topstep utilizes generally accepted industry standards to protect your Personal Data submitted to Topstep or relies on the services of third parties to provide the same. However, no method of transmission over the internet, or method of electronic storage is 100% secure. We cannot guarantee the absolute security of your Personal Data.
10. Children’s Privacy
Topstep Sites or Services are not intended for use by minors under the age of 18 and are not targeted to children. Topstep does not knowingly collect information from children under the age of 16, solicit information from such children, or market products to such children.
11. Sensitive Data
We do not intentionally collect, process, transfer, or store Sensitive Data.
12. Log Data and Cookies
Our servers also automatically record Log Data which includes information such as your internet service provider, your computer’s internet protocol address, browser type and operating system, referring/exit pages, clickstream data, pages of our Sites and Services that you visit (and the time spent on these pages), information you search for on our Sites or Services, and other statistics. We use this information to monitor and analyze your use of our Sites or Services and to bettor tailor them to your needs in order to provide you with a better experience.
To view our Cookies, please click here.
13. Access to and Accuracy of Your Information
Topstep strives to keep your Personal Data accurately recorded. You have the right to access and request the correction, amendment, or deletion of all of your recorded personal information that has been collected by us. If you wish to review your recorded Personal Data, please contact us at:
U.S. Mail: 130 S. Jefferson St., Suite 200
Chicago, Illinois 60661
Attn: Privacy Officer
If you write to us, please include your name, email address, and telephone number, and let us know what kind of information you want to see. You may see and copy your information in person, or if you prefer, we will copy and send you your information. If you see any mistakes, let us know and we will review it. If we agree, we will correct our files. If we disagree, you may file a short statement of dispute with us. Your statement will be included with any data we disclose in the future. We will also send the statement to anyone you ask us to who received your information from us in the past two years.
14. Data Retention
Topstep retains Personal Data for as long as we reasonably require it for legal or business purposes. In determining data retention periods, Topstep takes into consideration local laws, contractual obligations, and the expectations and requirements of our Users. We will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations. When we no longer need personal information, we securely delete or destroy it.
16. Contact Us
130 S. Jefferson St., Suite 200
Chicago, Illinois 60661
Attn: Privacy Officer
© 2018 TopstepTrader, LLC. All rights reserved.