1.1 We at Sunny Online Limited, trading as Northen Trading Labs (hereinafter referred to as 'Northen Trading Labs'), are committed to safeguarding the privacy of our website visitors, software users, and service subscribers.
1.2 This policy outlines how we process personal data in our role as a data controller, including the collection, storage, and use of personal data in connection with our website, EAsiTrader, and NTL Indicators.
1.3 By using our website or services, you agree to the practices described in this policy. If you do not agree, you must cease using our website and services immediately.
1.4 Our website uses cookies to enhance user experience. Where cookies are not strictly necessary for the operation of our website, we will seek your consent before their use. Please see Section 7 for more details.
1.5 This Privacy Policy applies to all users of our website, including those who purchase EAsiTrader directly from our website or through the MetaTrader Marketplace and subsequently register with us.
1.6 For questions or concerns regarding this policy, you may contact us using the information provided in Section 10 of this document.
2.1 In this Section 2, we describe:
(a) the categories of personal data we may process;
(b) the purposes for which we may process personal data; and
(c) the legal bases for processing your personal data.
2.2 We may process data about your use of our website and services ("usage data").
(a) Usage data may include your IP address, geographical location, browser type and version, operating system, referral source, length of visit, page views, and navigation paths.
(b) The source of the usage data is our analytics tracking system.
(c) Usage data may be processed for the purposes of analyzing website usage, monitoring performance, and improving our services.
(d) The legal basis for this processing is our legitimate interests in monitoring and enhancing our website and services.
2.3 We may process your account data ("account data").
(a) Account data may include your name, email address, and account details provided during registration or account management.
(b) The source of the account data is you.
(c) Account data may be processed for the purposes of operating our website, providing services, ensuring account security, and communicating with you.
(d) The legal basis for this processing is the performance of a contract between you and us or taking steps at your request to enter into such a contract.
2.4 We may process data related to your purchases ("transaction data").
(a) Transaction data may include your name, billing address, payment details, and purchase information regarding EAsiTrader or other services.
(b) The source of the transaction data is you or our payment service providers.
(c) Transaction data may be processed for the purposes of processing payments, fulfilling orders, and maintaining accurate records for financial and legal compliance.
(d) The legal basis for this processing is the performance of a contract between you and us and compliance with legal obligations.
2.5 We may process personal data submitted during the license registration process ("licensing data").
(a) Licensing data may include your Payment Number (for purchases via MetaTrader Marketplace) or subscription details (for purchases directly from our website).
(b) Licensing data is processed to issue license keys, manage access to EAsiTrader, and enable downloads of NTL Indicators.
(c) The legal basis for this processing is the performance of a contract between you and us and our legitimate interests in preventing unauthorized use of our products.
2.6 We may process communication data ("correspondence data").
(a) Correspondence data may include the content of any communication you send to us, whether via email, contact forms, or other channels.
(b) The source of the correspondence data is you.
(c) Correspondence data may be processed for the purposes of responding to inquiries, providing customer support, and maintaining records of communication.
(d) The legal basis for this processing is our legitimate interests in managing communications and resolving user queries effectively.
2.7 We may process data provided for subscribing to notifications or updates ("notification data").
(a) Notification data may include your name, email address, and subscription preferences.
(b) The source of the notification data is you.
(c) Notification data may be processed for the purposes of sending you updates, newsletters, or other relevant communications.
(d) The legal basis for this processing is your consent or our legitimate interests in keeping users informed about our products and services.
2.8 We may process information related to customer relationships ("customer relationship data").
(a) Customer relationship data may include your name, contact details, job title or role, and any communications between you and us.
(b) The source of the customer relationship data is you or your employer.
(c) Customer relationship data may be processed for the purposes of managing our relationships with customers, communicating with you, and promoting our products and services.
(d) The legal basis for this processing is our legitimate interests in effectively managing customer relationships and maintaining business communications.
2.9 We may process data related to transactions involving our website and services ("transaction history data").
(a) Transaction history data may include purchase details, subscription records, and associated communications.
(b) The source of this data is our systems or your interactions with our website.
(c) Transaction history data may be processed for record-keeping, compliance with financial regulations, and improving our services.
(d) The legal basis for this processing is compliance with legal obligations and our legitimate interests in maintaining accurate financial records.
2.10 We may process information provided during inquiries about our products or services ("inquiry data").
(a) Inquiry data may include your name, contact information, and details about your inquiry or support request.
(b) The source of the inquiry data is you.
(c) Inquiry data may be processed for the purposes of responding to your inquiries, offering support, or providing information about our products and services.
(d) The legal basis for this processing is your consent or our legitimate interests in ensuring effective customer support and engagement.
2.11 We may process information contained in or related to any communication that you send to us ("correspondence metadata").
(a) Correspondence metadata may include the communication content and metadata associated with the communication, such as timestamps and methods of communication.
(b) The source of the correspondence metadata is generated by our systems or provided by you.
(c) Correspondence metadata may be processed for the purposes of record-keeping, ensuring effective communication, and resolving disputes.
(d) The legal basis for this processing is our legitimate interests in maintaining clear records and managing communications efficiently.
2.12 We may process any of your personal data identified in this policy where necessary for the establishment, exercise, or defense of legal claims.
(a) This may include processing required during court proceedings, administrative hearings, or out-of-court settlements.
(b) The source of this data is you, our records, or other authorized parties.
(c) The legal basis for this processing is our legitimate interests in protecting and asserting our legal rights, complying with legal obligations, and defending against claims.
2.13 We may process any of your personal data identified in this policy where necessary for obtaining professional advice or managing risks.
(a) This may include consulting with legal, financial, or technical advisors and sharing data required for such consultations.
(b) The source of this data is you, our records, or relevant third parties.
(c) The legal basis for this processing is our legitimate interests in ensuring the proper protection of our business and managing operational risks.
2.14 We may process any of your personal data identified in this policy where necessary for compliance with a legal obligation.
(a) This may include processing required by applicable laws, regulations, court orders, or government directives.
(b) The source of this data is you, our systems, or authorized legal authorities.
(c) The legal basis for this processing is compliance with a legal obligation to which we are subject.
2.15 We may process your personal data to protect your vital interests or the vital interests of another natural person.
(a) This processing may include sharing information with medical providers, emergency responders, or other authorities in situations where health or safety is at risk.
(b) The source of this data is you, our systems, or authorized parties involved in the response.
(c) The legal basis for this processing is the protection of vital interests.
2.16 Please do not supply any other person's personal data to us unless we prompt you to do so.
(a) If you provide third-party personal data (e.g., during communication or registration), you confirm that you have the authority or consent to share this data with us.
(b) The legal basis for processing such data is our legitimate interests in fulfilling your requests and ensuring proper use of our services.
3.1 We may disclose your personal data to any member of our corporate group, which includes our subsidiaries, our ultimate holding company, and its subsidiaries, insofar as reasonably necessary for the purposes and legal bases set out in this policy.
3.2 We may disclose your personal data to our insurers and professional advisers as necessary:
(a) to obtain or maintain insurance coverage;
(b) to manage risks;
(c) to obtain professional advice; or
(d) to establish, exercise, or defend legal claims in court or other legal proceedings.
3.3 We may disclose transaction and payment-related data to our payment service providers, such as PayPal:
(a) to process payments, refunds, and related queries;
(b) to handle chargebacks and associated disputes; or
(c) to comply with legal or regulatory requirements related to financial transactions.
You can review the privacy policies of our payment service providers for further details on how they handle your data.
3.4 We may disclose your personal data to third parties where required by law or when disclosure is necessary to:
(a) comply with legal obligations, such as court orders or government directives;
(b) protect your vital interests or the vital interests of another natural person; or
(c) establish, exercise, or defend legal claims.
3.5 We may share your personal data with third-party service providers involved in the operation of our website and services, such as hosting providers, analytics tools, or customer support platforms, provided that:
(a) the third-party service provider processes the data only on our behalf and in accordance with our instructions;
(b) the third party complies with applicable data protection laws; and
(c) the processing is necessary to provide our services to you.
3.6 We will not sell, rent, or share your personal data with third parties for their direct marketing purposes without your explicit consent.
4.1 In this Section 4, we provide information about the circumstances in which your personal data may be transferred to countries outside the European Economic Area (EEA).
4.2 The hosting facilities for our website and services are located in the Republic of Ireland. Your personal data will primarily be processed within the EEA.
4.3 We may transfer your personal data to third-party service providers or partners located outside the EEA. Where such transfers occur, they will only be made:
(a) to countries that have been deemed to provide an adequate level of data protection by the European Commission; or
(b) under legally binding agreements incorporating standard contractual clauses approved by the European Commission, ensuring an adequate level of protection for your personal data.
4.4 You acknowledge that personal data submitted for publication on our website or through our services may be accessible worldwide via the internet. We cannot prevent the use or misuse of such data by others outside the EEA.
4.5 If you require further information about the safeguards in place for data transfers, please contact us using the details provided in Section 10 of this policy.
5.1 This Section 5 outlines our data retention policies and procedures, which are designed to ensure that we comply with legal obligations and protect your rights to privacy.
5.2 We will retain your personal data only for as long as necessary to fulfill the purposes outlined in this policy, including:
(a) to provide our services to you;
(b) to comply with legal and regulatory requirements;
(c) to resolve disputes; and
(d) to enforce our agreements.
5.3 Specifically:
(a) Transaction data will be retained for a minimum period of six years for legal, accounting, and tax purposes.
(b) Licensing data will be retained for the duration of your subscription and for up to one year after the subscription ends for administrative purposes.
(c) Correspondence data will be retained for a minimum period of two years unless a longer retention period is required by law.
5.4 In some cases, it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the retention period based on:
(a) the relevance of the data to ongoing legal, regulatory, or operational requirements; and
(b) the likelihood of future use for the purposes outlined in this policy.
5.5 Notwithstanding the other provisions of this Section 5, we may retain your personal data where such retention is necessary to comply with a legal obligation or to protect your vital interests or the vital interests of another natural person.
5.6 Upon the expiration of the applicable retention periods, personal data will be securely deleted or anonymized, ensuring that it is no longer identifiable or accessible.
6.1 We are committed to protecting your personal data and have implemented appropriate technical and organizational measures to secure it against unauthorized access, loss, misuse, or alteration.
6.2 Measures we take to protect your data include:
(a) storing personal data on secure servers protected by firewalls and access controls;
(b) encrypting sensitive information, such as passwords and payment details, both in transit and at rest;
(c) conducting regular security audits and monitoring for potential vulnerabilities; and
(d) limiting access to personal data to authorized personnel who are subject to confidentiality obligations.
6.3 Data transmitted between your web browser and our web server is protected using encryption technology (e.g., HTTPS).
6.4 You are responsible for maintaining the confidentiality of your account credentials, including your password. We will never ask for your password outside of the secure login process on our website.
6.5 While we take all reasonable precautions to secure your data, no method of transmission over the internet or electronic storage is completely secure. Therefore, we cannot guarantee absolute security.
6.6 In the event of a data breach that affects your personal data, we will notify affected individuals and any applicable supervisory authority as required by law.
6.7 If you believe your account or personal data has been compromised, please contact us immediately using the details provided in Section 10 of this policy.
7.1 As a user of our website and services, you have the following rights under data protection law:
(a) the right to access your personal data and obtain a copy of the information we hold about you;
(b) the right to request the rectification of inaccurate or incomplete personal data;
(c) the right to request the erasure of your personal data ("the right to be forgotten") under certain circumstances;
(d) the right to restrict or object to the processing of your personal data under certain conditions;
(e) the right to data portability, allowing you to request your personal data in a structured, commonly used, and machine-readable format;
(f) the right to withdraw consent at any time where consent is the basis for processing your personal data; and
(g) the right to lodge a complaint with a supervisory authority if you believe that our processing of your personal data violates data protection laws.
7.2 To exercise your rights, please contact us using the details provided in Section 10 of this policy. We will respond to your request within the timeframes required by applicable law.
7.3 Please note that some rights, such as the right to erasure or restriction of processing, may not apply where the processing is necessary to comply with a legal obligation or for other legitimate purposes.
7.4 If you withdraw consent for the processing of your personal data, this will not affect the lawfulness of processing carried out before the withdrawal.
8.1 Our website uses cookies to enhance your experience and provide essential functionality.
8.2 Cookies are small text files that are stored on your device when you visit our website. They allow us to:
(a) recognize your device during subsequent visits;
(b) improve the performance and usability of our website;
(c) remember your preferences and settings; and
(d) analyze how our website is used to improve our services.
8.3 We use the following types of cookies:
(a) Strictly necessary cookies: These are essential for the operation of our website and cannot be disabled.
(b) Performance cookies: These help us understand how visitors interact with our website by collecting anonymous usage data.
(c) Functional cookies: These enable enhanced functionality and personalization by remembering your preferences.
(d) Advertising cookies: These may be used to deliver targeted advertisements based on your browsing behavior.
8.4 You can manage your cookie preferences through your web browser settings. Most browsers allow you to block or delete cookies, but doing so may affect the functionality of our website.
8.5 For more information about how we use cookies, please refer to our Cookies Policy, available on our website.
9.1 We may update this Privacy Policy from time to time by publishing a new version on our website.
9.2 You should check this page occasionally to ensure you are happy with any changes to this policy. Significant changes will be highlighted on our website or communicated to you via email.
9.3 We may notify you of significant changes to this Privacy Policy by email or through the messaging system on our website.
9.4 Changes to this Privacy Policy will take effect immediately upon posting unless otherwise specified. Your continued use of our website or services following the changes indicates your acceptance of the updated policy.
9.5 If required by applicable law, we will seek your explicit consent before applying significant changes to how we process your personal data.
10.1 This website is owned and operated by Northen Trading Labs.
10.2 We are registered in England and Wales under registration number 4510868, and our registered office is at Semington House, Semington, Wiltshire, BA14 6JW, England.
10.3 You can contact us:
(a) by post, using the address above;
(b) by email, at rob@sunnyonline.co.uk; or
(c) through the contact form available on our website at www.northentradinglabs.com/contact.
10.4 All inquiries regarding this Privacy Policy, including requests to exercise your rights as outlined in Section 7, should be directed to the contact details provided above.
10.5 We aim to respond to all inquiries within two business days. However, response times may vary depending on the complexity and nature of your request.
11.1 We have appointed a Data Protection Officer (DPO) who is responsible for overseeing questions related to this Privacy Policy and ensuring compliance with data protection laws.
11.2 If you have any questions, concerns, or complaints regarding the handling of your personal data, you may contact our Data Protection Officer:
(a) by email at rob@sunnyonline.co.uk; or
11.3 The DPO will address your inquiry promptly and work with you to resolve any concerns regarding the processing of your personal data.
11.4 If you are not satisfied with our response or believe we are processing your personal data unlawfully, you also have the right to lodge a complaint with the relevant supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).
(a) You can contact the ICO via their website: www.ico.org.uk.
(b) Alternatively, you can write to them at: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.
12.1 If you believe that our processing of your personal data violates data protection laws or your privacy rights, you have the right to lodge a complaint with us or with the relevant supervisory authority.
12.2 To file a complaint with us:
(a) Contact our Data Protection Officer using the details provided in Section 11.
(b) Provide a clear description of your complaint, including any relevant details or documentation to help us investigate and address your concerns.
(c) We will acknowledge receipt of your complaint within two business days and aim to resolve it within 30 days. If additional time is required, we will notify you of the delay and provide an estimated resolution date.
12.3 If you are dissatisfied with our response or wish to escalate the matter, you can lodge a complaint with the Information Commissioner’s Office (ICO) in the UK:
(a) Online: Visit www.ico.org.uk.
(b) By post: Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, England.
(c) By phone: Call the ICO helpline at +44 303 123 1113.
13.1 Our website may include links to and details of third-party websites. These links are provided for your convenience and informational purposes only.
13.2 We have no control over, and are not responsible for, the privacy policies or practices of third parties. When you click on a third-party link, you are subject to the terms and conditions and privacy policy of the respective third-party website.
13.3 We encourage you to review the privacy policies of any third-party websites you visit to understand how they collect, use, and share your personal data.
13.4 This Privacy Policy applies only to personal data collected and processed by Northen Trading Labs through our website, services, and software.
14.1 We may update this Privacy Policy periodically to reflect changes in our practices, legal requirements, or other operational or regulatory reasons.
14.2 When we update this policy, we will revise the "Last Updated" date at the top of this page and, where significant changes occur, provide additional notice on our website or via email.
14.3 You are encouraged to review this Privacy Policy regularly to stay informed about how we are protecting your personal data.
14.4 Changes to this Privacy Policy take effect immediately upon posting unless otherwise specified. Your continued use of our website, services, or software following the changes indicates your acceptance of the updated policy.
15.1 In this Privacy Policy, the following terms shall have the meanings set out below:
(a) "We", "Us", and "Our" refer to Northen Trading Labs.
(b) "Personal data" means any information relating to an identified or identifiable natural person.
(c) "Processing" means any operation or set of operations performed on personal data, whether automated or not, including collection, recording, organization, storage, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, alignment, restriction, erasure, or destruction.
(d) "Data controller" means the entity that determines the purposes and means of processing personal data.
(e) "Data processor" means the entity that processes personal data on behalf of the data controller.
(f) "EEA" refers to the European Economic Area, which includes all EU member states plus Iceland, Liechtenstein, and Norway.
15.2 Any undefined terms used in this Privacy Policy shall have the meanings given to them under applicable data protection laws.