Confidentiality and “Need to Know” Principles
Any information related to the Company’s activity, its clients, its employees should be deemed sensitive information and treated with care. As a general practice, sensitive information should be shared only with employees who have a legitimate business need for that information.
While not required to provide disclosures (“privacy notices”) as described under Regulation S-P due to the nature of the Company’s customers, the Company has adopted the following supervisory procedures in order to comply with other aspects of Regulation S-P (adopted by the SEC in November 2000) and to protect the privacy of customer information.
The Company and its employees* are required to attempt to:
- Ensure the security and confidentiality of customer records and information. This means accessing customer’s information only in situations where there is a valid business purpose and sharing this information only on a need-to-know basis;
- Keep customers’ trading information obtained through the normal course of execution and clearing confidential;
- Protect against any anticipated threats or hazards to the security or integrity of customer records and information; and
- Protect against unauthorized access to or use of customer records or information that could result in substantial harm or inconvenience to any customer.
Notwithstanding the above, the Company and its employees may share customer information, including KYC and AML information and trading information, with our affiliates in order to facilitate services to you (in which our affiliates may play a function) and in order to facilitate internal reorganizations within the Santander Group.