Privacy Policy &
Data Protection Commitment
FXPropTech is committed to protecting the privacy and security of all personal information we handle. This policy explains what data we collect, how we use it, and the rights you hold over your information.
Last updated: 30 April 2026 · Effective from 1 May 2026
Overview & Scope
FXPropTech ("we", "us", or "our") operates https://www.fxproptech.com and provides prop firm technology infrastructure, software, and related services (collectively, the "Services").
This Privacy Policy governs the collection, use, storage, and disclosure of personal information submitted by or collected about individuals who visit our website, inquire about our Services, enter into a business relationship with us, or otherwise interact with FXPropTech.
This policy applies to all platforms, products, and digital properties operated by FXPropTech. It does not apply to third-party websites or services linked from our website — we encourage you to review their respective privacy policies.
Data We Collect
We collect only the information necessary to deliver our Services, operate our business effectively, and comply with our legal obligations. The categories of personal data we may collect include:
Identity Data
Full name, job title, company name, and professional role within your organisation.
Contact Data
Business email address, phone number, mailing address, and preferred communication channel.
Technical Data
IP address, browser type and version, device identifiers, operating system, and access timestamps.
Usage Data
Pages visited, links clicked, time spent on pages, referral URLs, and feature interaction patterns.
Business Data
Information about your prop firm, trading platform preferences, infrastructure requirements, and service enquiries.
Transactional Data
Payment details, transaction history, billing records, and financial correspondence related to our Services.
We do not knowingly collect sensitive personal data (such as health information, biometric data, or government identification numbers) unless explicitly required for identity verification as part of a contracted service and with your explicit consent.
How We Use Your Data
FXPropTech uses personal information for specific, legitimate business purposes. We do not sell personal data to third parties. Our primary purposes for processing your data include:
- Service Delivery: Provisioning, configuring, and managing the technology infrastructure, CRM systems, and platform services you have engaged us to provide.
- Account Management: Creating and maintaining your account, processing onboarding, and coordinating with your team throughout the engagement lifecycle.
- Communications: Responding to enquiries, providing technical support, and issuing updates about your deployed infrastructure.
- Billing & Payments: Processing invoices, managing subscriptions, and maintaining accurate financial records in compliance with accounting standards.
- Product Improvement: Analysing usage patterns and customer feedback to improve existing features, develop new capabilities, and optimise platform performance.
- Fraud Prevention & Security: Detecting, investigating, and preventing fraudulent transactions, abuse, security incidents, and other harmful activities that may affect our platform or clients.
- Legal & Regulatory Compliance: Fulfilling our obligations under applicable laws, responding to lawful requests from public authorities, and maintaining required records.
- Marketing (with consent): Sending promotional communications, product announcements, and industry insights where you have opted in. You may withdraw consent at any time.
Legal Basis for Processing
Where applicable under the GDPR or equivalent legislation, FXPropTech processes personal data under one or more of the following lawful bases:
Contractual Necessity
Processing required to deliver the services agreed under our contract with you.
Consent
Where you have freely given, specific, informed, and unambiguous consent.
Legitimate Interests
Pursuing our legitimate business interests without overriding your rights and freedoms.
Legal Obligation
Compliance with applicable laws, regulations, court orders, or governmental directives.
Data Sharing & Third Parties
FXPropTech does not sell, rent, or trade personal data. We may share your information with trusted third parties only to the extent necessary to operate our business and deliver our Services:
- Technology Partners: Trading platform providers (e.g., MetaTrader, cTrader), KYC/AML solution vendors, payment processors, and cloud infrastructure providers who process data strictly on our behalf under binding data processing agreements.
- Professional Advisers: Lawyers, auditors, accountants, and insurers who provide professional services to FXPropTech and are bound by professional confidentiality obligations.
- Analytics Providers: Website analytics tools (such as Google Analytics) used to understand site traffic and improve user experience. These providers are subject to appropriate data protection terms.
- Regulatory Authorities: When legally required, we may disclose information to regulators, law enforcement agencies, or courts in response to valid legal requests.
- Business Transfers: In the event of a merger, acquisition, or sale of all or part of our business, personal data may be transferred as part of that transaction, subject to equivalent data protection measures.
Data Retention
We retain personal data only for as long as necessary to fulfil the purposes for which it was collected, including satisfying legal, accounting, or reporting requirements. Specific retention periods include:
- Client & contractual records — Retained for the duration of the contract plus 7 years to comply with statutory accounting obligations.
- Support & communication records — Retained for up to 3 years following the close of a support case or business enquiry.
- Website usage & analytics data — Retained for up to 26 months in aggregated or anonymised form.
- Marketing consent records — Retained until consent is withdrawn plus a reasonable period thereafter as evidence of compliance.
Upon expiry of the applicable retention period, personal data is securely deleted or anonymised so that it can no longer be associated with an identifiable individual.
Cookies & Tracking Technologies
Our website uses cookies and similar tracking technologies to enhance your browsing experience, understand how our site is used, and support our marketing activities. We deploy the following categories of cookies:
Strictly Necessary
Essential for the website to function correctly. Cannot be disabled without breaking core functionality.
Analytics Cookies
Collect anonymised data on site traffic and user behaviour to help us improve performance.
Preference Cookies
Remember your settings and preferences for a more personalised experience on return visits.
Marketing Cookies
Track campaign effectiveness and serve relevant ads across the web based on your interests.
You can manage cookie preferences through your browser settings or via our cookie consent banner. We use Cookiebot to manage consent records in compliance with applicable regulations. We also use Google Tag Manager, Google Analytics, and Twitter/X Pixel which may place or read cookies on your device.
Security Measures
FXPropTech implements a comprehensive set of technical and organisational security measures designed to protect personal data against unauthorised access, accidental loss, destruction, or disclosure. Our security framework includes:
- End-to-end encryption (TLS 1.3+) for all data in transit between clients and our servers.
- AES-256 encryption for sensitive data stored at rest in our databases and cloud infrastructure.
- Role-based access controls (RBAC) ensuring staff access personal data only on a need-to-know basis.
- Multi-factor authentication (MFA) required for all internal systems holding personal data.
- Regular security audits, vulnerability assessments, and penetration testing conducted by independent third parties.
- An incident response plan that includes notification procedures should a data breach occur. Where required by law, we will notify the relevant supervisory authority and affected individuals within 72 hours.
Your Privacy Rights
Depending on your location, you may have the following rights regarding your personal data. FXPropTech will respond to all valid requests within the timescales required by applicable law (typically 30 days under GDPR):
Right of Access
Request a copy of the personal data we hold about you.
Right to Rectification
Request correction of inaccurate or incomplete data.
Right to Erasure
Request deletion of your personal data ("right to be forgotten").
Right to Portability
Receive your data in a structured, machine-readable format.
Right to Object
Object to processing based on legitimate interests or for direct marketing.
Right to Restriction
Request that we limit how we process your personal data in certain circumstances.
Withdraw Consent
Withdraw consent at any time without affecting prior lawful processing.
Right to Complain
Lodge a complaint with your local supervisory authority if you believe your rights have been violated.
To exercise any of these rights, please contact us at privacy@fxproptech.com. We may need to verify your identity before processing the request to protect your data from unauthorised access.
International Data Transfers
FXPropTech operates globally and may transfer personal data to countries outside your jurisdiction, including countries that may not provide the same level of data protection as your home country.
When transferring personal data outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
- European Commission Standard Contractual Clauses (SCCs) incorporated into agreements with our data processors.
- Transfer to countries recognised by the European Commission as providing adequate data protection.
- Binding corporate rules or other legally approved transfer mechanisms where applicable.
Children's Privacy
FXPropTech's Services are directed exclusively at businesses and professionals operating in the financial technology sector. Our website and Services are not intended for individuals under the age of 18, and we do not knowingly collect personal information from minors.
If we become aware that personal data has been inadvertently collected from a minor without verifiable parental consent, we will take prompt steps to delete that information. If you believe we may have collected data from a minor, please contact us immediately at privacy@fxproptech.com.
Changes to This Privacy Policy
FXPropTech may update this Privacy Policy from time to time to reflect changes in our business practices, legal obligations, or regulatory requirements. We will indicate the date of the most recent revision at the top of this page.
For material changes that affect how we handle your personal data, we will take reasonable steps to notify you — such as by email, an in-product notification, or a prominent banner on our website — prior to the changes taking effect.
Your continued use of our website or Services following the posting of an updated Privacy Policy constitutes your acknowledgement of the updated terms. We encourage you to review this policy periodically to stay informed about how we protect your information.
Contact & Data Protection Enquiries
If you have any questions, concerns, or requests relating to this Privacy Policy or the way FXPropTech handles personal data, our team is here to help.
Get in Touch
For privacy-related enquiries, data subject access requests, or to report a potential data protection issue, please reach out to us directly. We will respond within 30 days as required by applicable law.