Data Protection Notice

(Last updated: 31 October 2022)



We take the protection of your personal data very seriously; accordingly, the BNP Paribas Group has adopted strong principles in its Personal Data Protection Charter available at

BNP Paribas Arbitrage SNC ("We"), are responsible, as a controller, for collecting and processing your personal data, in relation to our activities. The purpose of this Data Protection Notice is to let you know which personal data we collect about you, the reasons why we use and share such data, how long we keep it, what your rights are and how you can exercise them.

Further information may be provided where necessary when you apply for a specific product or service.



This Data Protection Notice applies to you ("You") if you are interested in our products or services and make your personal data available to us (e.g. by contacting us via the contact options provided on this website).

When you provide us with personal data related to other people, please make sure that you inform them about the disclosure of their personal data and invite them to read this Data Protection Notice. We will ensure that we will do the same whenever possible (e.g., when we have the person's contact details).



You have rights which allow you to exercise real control over your personal data and how we process them.

If you wish to exercise the rights listed below, please submit a request by sending an e-mail to the following address or on our website. We may ask you to provide us with a scan/copy of your identity card.

If you have any questions relating to our use of your personal data under this Data Protection Notice, please contact our Data Protection Officer at the following address

2.1. You can request access to your personal data

If you wish to have access to your personal data, we will provide you with a copy of the personal data you requested as well as information relating to their processing.
Your right of access may be limited in the cases foreseen by laws and regulations. This is the case with the regulation relating to anti-money laundering and countering the financing of terrorism, which prohibits us from giving you direct access to your personal data processed for this purpose. In this case, you must exercise your right of access with CNIL (Commission Nationale de l'Informatique et de Libertés), which will request the data from us.

2.2. You can ask for the correction of your personal data

Where you consider that your personal data are inaccurate or incomplete, you can request that such personal data be modified or completed accordingly. In some cases, supporting documentation may be required.

2.3. You can request the deletion of your personal data

If you wish, you may request the deletion of your personal data, to the extent permitted by law.
You can object to the processing of your personal data based on legitimate interests
If you do not agree with a processing activity based on a legitimate interest, you can object to it, on grounds relating to your particular situation, by informing us precisely of the processing activity involved and the reasons for the objection. We will cease processing your personal data unless there are compelling legitimate grounds for doing so or it is necessary for the establishment, exercise or defence of legal claims.

2.4. You can object to the processing of your personal data for commercial prospecting purposes

You have the right to object at any time to the processing of your personal data for commercial prospecting purposes, including profiling, insofar as it is linked to such prospecting.

2.5. You can suspend the use of your personal data

If you question the accuracy of the personal data we use or object to the processing of your personal data, we will verify or review your request. You may request that we suspend the use of your personal data while we review your request.

2.6. You have rights against an automated decision

As a matter of principle, you have the right not to be subject to a decision based solely on automated processing based on profiling or otherwise that has a legal effect or significantly affects you. However, we may automate such a decision if it is necessary for the entering into or performance of a contract with us, authorised by regulation or if you have given your consent.
In any event, you have the right to challenge the decision, express your views and request the intervention of a competent person to review the decision.

2.7. You can withdraw your consent

If you have given your consent to the processing of your personal data, you can withdraw this consent at any time.

2.8. You can request the portability of part of your personal data

You may request a copy of the personal data that you have provided to us in a structured, commonly used and machine-readable format. Where technically feasible, you may request that we transmit this copy to a third party.

2.9. How to file a complaint with CNIL (Commission Nationale de l'Informatique et de Libertés)

In addition to the rights mentioned above, you may lodge a complaint with the competent supervisory authority, which is CNIL (Commission Nationale de l'Informatique et de Libertés). You may also contact the one in your place of residence.



In this section we describe how and why we use your personal data and draw your attention to some data processing we consider could be more impactful for you and, in some cases, may require your consent.

a. To fulfil our legitimate interest

We use your personal data:

  • for effective processing of your requests / contact;
  • for risk management purposes, in particular the enforcement of lawsuits and defense in litigation (e.g. in case of complaints);
  • for security of our IT systems (e.g. to enable blocking of affected IP addresses in case of cyber security attacks).

In any case, our legitimate interest remains proportionate and we verify according to a balancing test that your interests or fundamental rights are preserved. Should you wish to obtain more information about such balancing test, please contact us using the contact details provided in section 2.

b. To meet our various legal and regulatory obligations

We use your personal data to:

  • monitor and report risks (financial, credit, legal, compliance or reputational, default, etc.) that we and/or the BNP Paribas Group may incur;
  • record e-mails and messages, etc., to the extent legally necessary;
  • exchange and report any business, transaction or order, or to respond to an official request from a duly authorized local or foreign financial, tax, administrative, criminal or judicial authority, arbitrator or mediator, law enforcement agency, governmental agency or public body .

c. To respect your choice if we have obtained your consent for a specific data processing

For certain processing of personal data, we give you specific information and ask you to agree to such processing. Please note that you may revoke your consent at any time.



We collect and use your personal data, meaning any information that identifies or allows to identify you, to the extent necessary in the framework of our activities. We collect various types of personal data about you, including:

  • identification information (e.g. name) if you contact us via the contact form on the website or via e-mail / telephone
  • contact information private or professional (e.g. e-mail address, phone number) if you contact us via the contact form or e-mail / telephone;
  • data from your interactions with us, our branches (contact reports), our internet website, e-mail, phone conversation;
  • information about your device (IP address)

We never ask for any other sensitive personal data such as data related to your racial or ethnic origins, political opinions, religious or philosophical beliefs, trade union membership, genetic data or data concerning your sex life or sexual orientation, unless it is required through a legal obligation.



a. Sharing of information

We may be sharing information to other BNP Paribas entities (such as BNP Paribas S.A.) in case necessary to process any requests / contacts or in case it becomes necessary for risk management purposes as described above). In addition, we may be sharing information to financial authorities, supervisory authorities, judicial authorities or other public bodies and institutions, upon request and where there is a legal or regulatory obligation.



We will retain your personal data over the period required to comply with applicable laws and regulations or another period with regard to our operational requirements, such as proper account maintenance, facilitating client relationship management, and responding to legal claims or regulatory requests.



In a world where technologies are constantly evolving, we regularly review this Data Protection Notice and update it as required.

We invite you to review the latest version of this document online, and we will inform you of any significant amendments through our website or through our standard communication channels.



Cookie Policy

The BNP Paribas Group is committed to delivering the best possible service to you while maintaining the confidence that you place in us.
In this context, we have adopted strong principles to ensure the protection of your data.

As such, we would like to provide you with transparent information about how we place, use and store cookies on your device when you use our website (the “Website”) and you present the options to manage and delete cookies.


1. What is a cookie?

Cookies are small text, image or software files that can be placed and/or read on your device when you access our Website. The word “device”, when used in this Cookies Policy, refers notably to computers, smartphones, tablets and all other devices used for accessing the internet.

Cookies may be either: (i) session specific, meaning that they are deleted from your device once the session and browser are closed; or (ii) persistent meaning that they will remain on your device until they are removed.


2. What kind of information can be stored in a cookie?

The information stored by cookies placed on your device may relate to the following elements, within the limit of their retention period:

  • the type of browser you are using;
  • your country settings;
  • your settings on acceptance of terms of use
  • and any other information you have provided on our Website.

Cookies may contain personal data covered by our Data Protection Notice.


3. What type of cookies do we use? Is it possible to refuse the installation of these cookies?

Cookies we use on this Website are exclusively cookies which have the sole purpose of enabling or facilitating communication by electronic means or which are strictly necessary for the operation of the Website.
For instance, cookies we use on this Website can allow us to:

  • Enhance the security of the Website, e.g. by preventing Cross-Site Request Forgery (CSRF) attacks;
  • Keep track of your settings in your use of our Website (e.g. language, country etc.).

The use of cookies strictly necessary for the proper functioning of the Website does not require your consent. This is why no module for managing your cookie preferences is available on this Website.