Privacy Policy

Privacy Policy

Nau Securities Limited (a company registered in England & Wales under no. 07128441) (“Nau Securities”, “we” or “us”) is committed to protecting and respecting the privacy of your personal data.

We are the controller of your personal data and this Privacy Policy sets out the basis on which we manage personal data within our organisation.

All US-domiciled clients will also be governed by the privacy policy of Global Alliance Securities, LLC (CRD# 167164), a SEC-registered broker-dealer and FINRA member which has entered into a SEC Rule 15a-6 chaperone agreement with Nau Securities.

All clients that use Nau Securities’ execution and clearing services will also be governed by the privacy policy of Cowan Execution Services, LLC (CRD# 35693), a SEC-registered broker-dealer and FINRA member which has entered into global execution and clearing agreement with Nau Securities.

This Privacy Policy, together with our Website Terms of Use and Disclamer and any other documents referred to on it, sets out the basis on which any personal data we collect from you, or that you provide to us, will be processed by us. Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.


The types of personal data we collect will depend on the circumstances in which the information is collected. However, the types of personal data we collect and hold about you may include:

  • identifying information, such as your name;
  • contact information, such as your address, email address and telephone/mobile number;
  • usernames and passwords that you create when registering for an account with us;
  • information about how you use the products or services we provide to you;
  • information about your use of our website, such as the research you viewed or searched for, any download errors during your use of the website and the length of time spent on certain pages;
  • records of our communications with you, such as telephone, email, SMS, online and in-person communications;
  • your organisation and position, where your organisation has business dealing with us;
  • information about your occupation and employer organisation;
  • details of any products or services we provide to your organisation; and
  • Nau Securities also collects information about its employees beyond that collected from its clients, such as trading activity, employee records that may contain personal data including safety information (e.g. location information, emergency contacts), travel and right to work information (e.g. copies of passports, visas and drivers licences) and health information; personal data captured in records when using Nau Securities’ systems and devices for personal use (e.g. transaction history);
  • other information that you provide us during the course of business.

If you choose not to supply us with this information, we may not be able to allow you to access or use our products or services (or all of the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.

Nau Securities confirms that it does not collect any personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.


We may collect personal data about you in the following ways:

  • when you order products or services from us;
  • when you register to use our website. download our research, use our online services (eg our execution service), and other products and services (including our website);
  • when you submit a query or request to us including reporting problems when using our website;
  • by tracking your use of our products and services (including our website);
  • by using cookies and other similar automated technologies which automatically collect technical data about your equipment, browsing actions and patterns as you interact with our website. Please see the section Cookies below for further details;
  • from third parties who are entitled to disclose that information to us;
  • from publically available sources;
  • when you respond to a survey that we may run or fill in forms on our website;
  • from online sources (including social media platforms and providers (e.g. LinkedIn);
  • suppliers of information products and services (e.g. companies that consolidate data from multiple public sources);
  • when you apply for a job with us; and
  • other lawful means.

Where we collect personal data from you, we will generally do so directly ourselves. However, in some cases we may collect personal data from a third party, such as through your representatives, contractors who provide services to us, or third parties who refer you to us because they think you may be interested in our products or services.


We use personal data we collect about you to:

  • verify your identity when you are dealing with us;
  • determine your or your organisation’s eligibility for any of our products or services;
  • enable us to carry out our obligations arising from any contracts entered into with you and provide you or your organisation with our research, products and services;
  • assist you with your queries, requests or concerns;
  • keep you informed about our activities (including other services we offer that are similar to those that you have already purchased or enquired about) and notify you of any changes to our products or services unless you have opted out of receiving that marketing;
  • monitor use of our products and services (including our website);
  • assess, operate, maintain, upgrade and improve our products and services (including our website);
  • maintain and update our records (including in our customer relationship management database;)
  • comply with our legal and regulatory obligations, or as otherwise required or authorised by law;
  • manage and resolve any legal or commercial complaints or issues;
  • perform our necessary business functions (eg employee education and training, internal audit investigations, performance reporting, market research and analysis), and to assess, operate, maintain, secure, upgrade and improve our products and services (including our website); and
  • any other purpose as authorised by you.

You can opt-out of receiving marketing communications from us at any time by contacting us using the contact details set out in section 14 below. Unsubscribing from marketing communications will not stop product or service related communications from us, such as administrative alerts in relation to your account.


We may disclose your personal data to:

  • your representatives, advisers and others that you have authorised to interact with us on your behalf;
  • our employees and third parties including business partners, consultants, contractors, suppliers, service providers (including IT services and website hosting), credit providers, professional advisers and agents who need the information to assist us with conducting our business activities;
  • related entities within our corporate group;
  • payment system operators and financial institutions;
  • security registration bodies;
  • prospective purchasers of all or part of our business or shares in our company or a related entity;
  • third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets;
  • government agencies or authorities, regulators, law enforcement agencies and other parties where authorised or required by law who ask us to disclose that information and to which we are legally required to disclose your personal data; and
  • parties identified at the time of collecting your personal data or as otherwise authorised by you.


We may disclose information to recipients that are located outside the country in which you are located (including contractors and third party service providers). We may disclose your personal data to our employees overseas as necessary to provide you with our goods and services.

We have related entities and service providers located in the United States of America, Spain and Portugal, and may disclose personal data to those entities. We will ensure that any overseas recipient has appropriate safeguards in place, ensures an adequate level of protection of your personal data, and does not breach the privacy law applicable in your jurisdiction or this Privacy Policy in relation to the personal data. Please contact us if you want further information on the specific mechanism used by us when transferring your personal data outside of the EEA.


We take reasonable steps to ensure that any of your personal data which we hold is accurate, complete and up-to-date. These steps include promptly updating personal data when we are advised that personal data has changed, checking our contact lists for accuracy, and providing individuals with a simple means to update their personal data.

We generally store the personal data that we collect in electronic databases, some of which may be held on our behalf by third party data storage providers. Sometimes we also keep hard copy records of this personal data in physical storage facilities. We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time. These measures include:

  • restricting access to our physical and electronic databases, and physical security such as security procedures for access to our business premises; and
  • technology-based security procedures including password protection, network firewalls, encryption, intrusion detection and site monitoring where practicable to do so.

We also take steps to monitor access to and modification of your information by our employees and contractors, and ensure that our employees and contractors are aware of and properly trained in their obligations for managing your privacy.

You also play an important role in keeping your information secure by maintaining the confidentiality of any usernames and passwords you use with our products and services (including our website). We ask you not to share your passwords with anyone.

Unfortunately, the internet is not a secure environment and no matter what physical and technical security processes and procedures are used, we cannot guarantee the security of your personal data and any transmission is at your own risk.


Personal data is only retained for as long as it is needed for the purpose for which it was collected or as required by law. Within a reasonable time after the expiry of this period, we will take reasonable steps to de-identify or destroy the personal data which is in our possession or control. As a regulated entity, we are required to keep orderly records of our business, internal organisation, services and transactions for a period of at least five years after final use.

We may de-identify data about you so that the data can no longer be used to identify you. We may use and disclose de-identified personal data in the course of our business (including for research and statistical purposes) in which case we may use this information indefinitely without further notice to you.


You have a right to:

  • access and request a copy of your personal data to check how we are using your personal data;
  • correct or rectify any personal information that is out-of-date, incorrect, incomplete or misleading;
  • object to the processing of your personal information;
  • withdraw any consent previously given by you to the processing of your personal data; and
  • ask us to restrict the use of your personal data.

Such requests should be submitted to us in writing using the contact details set out in section 13 below.

We will action your request within a reasonable time frame and provide one copy of your personal data free of charge. If your request is for additional copies or your request is manifestly unfounded, excessive or repetitive, we may refuse your request or charge a reasonable fee. If we refuse a request or charge a reasonable fee, we will advise you of the reasons for our refusal or any fees within a reasonable time frame.

You have a right to request a copy of the personal data you have provided to us in a structured, commonly used and machine-readable format and the right to have that information transmitted or ported to another entity under certain circumstances.

There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy, rights or freedoms of others, or result in a breach of confidentiality or applicable laws. In these cases we will let you know why we cannot comply with your request.


You have a right to request the erasure or destruction of your personal data (“the right to be forgotten”) when it is no longer necessary for the purpose for which it was originally collected, it is not being used for the purposes for which it was collected, or you wish to withdraw your consent for certain processing. You also have the right to ask us to delete or remove your personal data where you have successfully exercised your right to object to processing, where we have processed your personal data unlawfully, or where we are required to erase your personal data to comply with local law.

We maintain daily backups of our websites for ten days, so if you exercise your right to be forgotten, this will only be possible from ten days following your request.

There may be cases where we are unable to comply with your request such as where we need to continue processing your personal data in order to comply with applicable laws. Such requests should be submitted in writing using the contact details set out in section 13 below.


Our website uses cookies to distinguish you from other users of our website. This helps us to provide you with a good experience when you browse our website and also allows us to improve our website.

A cookie is a small text file of letters and numbers that we store on your browser or the hard drive of your computer if you agree. Cookies contain information that is transferred to your computer's hard drive.

We use the following cookies:

  • Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
  • Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
  • Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
  • Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.

You can find more information about the individual cookies we use and the purposes for which we use them in the table below:

Please note that third parties (eg advertising networks and providers of external services like web traffic analysis services) may also use cookies, over which we have no control. These cookies are likely to be analytical/performance cookies or targeting cookies.

You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you use your browser settings to block all cookies (including essential cookies) you may not be able to access all or parts of our website. The cookie “cookie-disclaimer” expires one year from when first installed, “csrftoken” expires one year from when first installed, “django-language” expires when the browsing session ends, “sessionld” expires 13 days from when first installed and “_utmz” expires six months after first installed.




More Information


Google Analytics

Visitor tracking


Google Analytics

Calculate visit length


Google Analytics

Records page visit start


Google Analytics

Records page visit end


Google Analytics

Monitorization of from where user arrived (Referral)



Greets user with message informing about our cookie policy



Protects site from Cross-site request forgery attacks Page 458 Ch. 6.5.2 Cross Site Request Forgery protection



Provides tailored internationalization and localization language support



Contains session ID that helps storing and retrieving arbitrary data on a per-site-visitor basis. Page 143 Ch. 3.3.8 How to use sessions


Our site may contain links to and from the websites of our partner networks, advertisers and affiliates. If you follow a link to any of these websites, please note that we are not responsible for the privacy practices or the content of those websites. The privacy practices and policies of whose websites may differ substantially from ours, so we advise you to check these policies before you submit any personal data to these websites.


We try to meet the highest standards in order to protect your privacy. However, if you are concerned about the way in which we are managing your personal data or think we may have breached our obligations under the applicable privacy or data protection legislation, or any other relevant obligation, please contact us using the contact details set out in section 13 below.

Complaints must be lodged in writing. In the complaint, please include your contact details (such as email address, name, address and telephone number) and clearly describe the complaint. We will deal with the matter within a reasonable time and will keep you informed of the progress of our

investigation. If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved satisfactorily, you can contact us to discuss your concerns. You are also entitled to make a complaint to the relevant privacy or data protection regulator such as:

  • United Kingdom: the Information Commissioner’s Office (ICO). Contact details can be found at the ICO’s website:


We may make changes to this Privacy Policy from time to time to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. The latest version of this Privacy Policy will always be available on our website ( The updated version will apply from the date stated at the end of the Privacy Policy.

We encourage you to check our website from time to time to ensure that you are aware of our current Privacy Policy.


If wish to opt-out of receiving marketing communications from us, or you require further information about this Privacy Policy or Nau Securities’ management of your personal data, please contact us using the following contact details:

    Nau Securities Chief Privacy Officer
    2 Eaton Gate
    London SW1W 9BJ
    United Kingdom
    Phone: +44 20 7947 5513

Last updated: 22 May 2018