Privacy Policy
At Exness, keeping your information safe matters greatly to us. In this policy, we want to clearly explain what details we gather, why we need them, and how we use them appropriately. We also want to share the strong protections we have in place to guard any sensitive information you give us.
We aim to be fully open about our practices. This allows you to stay aware and have faith in how we handle your account and personal details properly as a company you can trust. This policy covers our current rules, but may change over time to match the best privacy standards we follow.
What Information We Gather and Why
Needed Account Information
To be able to legally open real-money trading accounts and properly verify identities as required under rules in places where Exness operates, we need to gather key personal information including:
- Your full legal name that matches your government identification documents
- Your residential address for us to confirm your identity and location
- Contact information such as personal email address and mobile phone number so we can send you important account notifications
- Your date of birth and identification card expiration date for identity verification
In addition to this mandatory information required in all cases, we also request:
Payment and Banking Data
Necessary payment and banking details such as bank account numbers, routing numbers, or partial debit/credit card numbers are gathered strictly and solely for the purpose of enabling deposits and withdrawals from your account when you make requests for fund transfers. We ensure this sensitive financial information is encrypted and only briefly accessed under advanced authorization controls by our payments processing team in order to fulfill your particular deposit and withdrawal requests.
Additional Profile Information
You have the option within your account settings to provide supplemental data such as your preferred interface languages, customized display preferences, website color themes, or other details to enhance and personalize your account portal experience if you choose. Any non-essential information you elect to provide is used expressly and exclusively for giving you more tailored, trader-focused support matches to your needs – and is never used for any external purpose or shared with any third party. You retain full rights to update or remove any additional elective profile information in your account at any time.
Aggregated Website Analytics
To assist our efforts in continuously improving our trading platforms’ interfaces, website experiences, mobile apps, and related customer service to keep pace with modern demands, our websites and account portals automatically gather certain aggregated usage analytics covering aspects like:
- The types of internet browsers and device operating systems used to connect to our domains
- Specific webpage and content areas visited within our sites
- Click-based navigation patterns and actions taken during website sessions
- Sources of web traffic and search terms that brought visitors onto our domains
- Average duration spent engaging with pages and content areas
This is compiled as anonymized data strictly focused on understanding broad collective usage trends rather than tracking any individual user behaviors. The insights derived from these website analytics help us identify popular flows to optimize, detect issues proactively, diagnose needed improvements, and guide how we tailor our online platforms and experiences based on the ways contemporary traders access our tools and services.
How We Use Your Information
Our main rule is to only use provided data where absolutely needed to enable trading or meet checks required for money transfers.
Required Account Details like full names, contacts, and IDs are necessary for:
- Confirming real trader identities and checking qualification to trade
- Verifying account ownership for safety
- Screening against warning lists to prevent financial crimes
- Letting legal trade orders in places we operate
- Smoothing ongoing account management
Without regulated proofs of trader identities, we simply could not legally process trades, update accounts, or keep things running properly.
Grouped Website Usage Data allows us to check adoption of new tools, catch problems early, improve designs based on usage, and make our self-service options better. By seeing general activity patterns rather than individual behaviors, we can better meet shared client needs.
Keeping Your Information Safe
Shielding collected personal data under strict protections and access rules is core for us. Keeping sensitive client information secure is required to remain operating in places we work. Main safety measures include:
Secured Storage
Account info, submitted documents, and trader data are saved exclusively on our private global cloud network with isolated access. Minimal data visibility is granted only to key staff required for trading operations. Dual authentication checks happen before any access.
Advanced Security Controls
All internal tools and external websites have rigorous enterprise-grade security including:
- End-to-end encrypted links using updated safety protocols
- Mandatory two-step verification at all account and staff login points
- Automated scanning to catch weaknesses for quick response
- Regular safety checks by reputed security partners
Strict Confidentiality Rules
Beyond robust technical controls, we enforce tight data handling policies so access to provided info and account details stays extremely limited. This is granted exclusively on a need-to-know basis to staff requiring visibility purely for core trading operations – never sales or marketing without explicit consent. Harsh penalties exist for unauthorized access attempts under our zero tolerance compliance regime.
Rules For Sharing Information
We never share, sell, or distribute clients’ personal information externally for promotional or business reasons unless you specifically allow it to expand financial services options from our ecosystem.
In some cases, trusted partners play key roles supporting internal tools, features and account options. Before permitting any access, we first check their safety measures closely – including reviews of their technical systems, data rules, access controls, and staff screening specifically focused on privacy protocols and regulations for sensitive materials.
If asked, we readily provide more visibility into specific providers’ privacy qualifications regarding potential interaction with underlying trader information as it enables external services supporting our internal platforms. Core integrations only cover what’s essential for a smooth, safe account experience.
Controlling Your Information
Depending on where you live, you may have certain rights to see or manage personal data held by financial companies. For example, European Union rules clearly define expanded rights around personal information.
As a global company working across regions both under such laws and outside their reach, we take a consistent approach respecting key principles universally to ensure fairness:
Reviewing Your Retained Data
Regardless of where you reside around the world, we respect the right for any client to understand precisely what non-sensitive information is being retained in association with your account history and interactions with us. After verifying identity, traders can submit requests to receive abbreviated records excluding any confidential materials from internal compliance reviews audits and background verification checks that must be kept private. We simply need to ensure proper identity authority before releasing various non-public details concerning existing and past account holders from our databases.
Updating or Correcting Existing Data
Similarly, if any non-critical supplemental information we retain internally such on available contact emails, phone numbers, mailing addresses or personal preferences becomes outdated or inaccurate due to life changes and transitions, submit correction requests with supporting details of what specific data needs to be modified and this will be validated and updated in a timely manner by our relevant customer service teams. Keeping select contact points and preferences details up to date helps ensure smooth, uninterrupted service.
Deleting Non-Essential Information
In line with data minimization principles, any optional supplemental data initially provided solely for purposes of receiving additional communications, marketing materials, or non-vital account notifications can also be completely erased from our systems as specified based on your contact preferences and consents.
For any personal account data inquiries submitted, identities are always validated for security purposes before adjustments are made or records containing existing underlying information are released. The majority of manual requests received from clients typically get formally addressed within 30 days after initial submission for streamlined fulfillment.
Please don’t hesitate to reach out directly via email to our dedicated privacy team contacts if any outstanding questions remain at any point related to current data holdings or next steps for formally requesting greater visibility, communicating changes, or submitting removal requests based on your specific eligibility. We are always happy to assist our clients in understanding data retention practices or exercising expanded privacy rights where applicable.