Table of Contents
General Provisions
Exness (SC) Ltd, registered in Seychelles with registration number 8423606-1 and authorized by the Financial Services Authority (FSA) with license number SD025, places utmost importance on protecting your privacy and personal data. This Privacy Policy outlines how we collect, use, store, and protect your information when you use our services or visit our website. The policy applies to all Exness clients, including those in India, and covers data processing activities across our platforms, including the Exness Web Terminal and MT5. We are committed to maintaining the confidentiality of your information and ensuring compliance with applicable data protection laws.
Basic Concepts Used in the Policy
To ensure clarity, it is essential to define key terms used throughout this Privacy Policy. Personal data refers to any information relating to an identified or identifiable natural person. Processing encompasses any operation performed on personal data, including collection, storage, use, and deletion. The data subject is the individual to whom the personal data relates. Consent means any freely given, specific, informed, and unambiguous indication of the data subject’s wishes. The operator, in this context, refers to Exness as the entity determining the purposes and means of processing personal data.
Types of Personal Data Collected
- Identification information (name, date of birth, nationality)
- Contact details (email address, phone number, residential address)
- Financial information (bank account details, transaction history)
- Trading-related data (account balances, trading activity, preferences)
- Technical data (IP address, device information, login records)
| Data Category | Examples | Purpose |
| Identification | Passport, ID card | Account verification |
| Contact | Email, phone number | Communication, updates |
| Financial | Bank statements | Deposits, withdrawals |
| Trading | Trade history, positions | Platform functionality |
| Technical | IP address, browser type | Security, improvement |
Basic Rights and Obligations of the Operator
As the operator, Exness has specific rights and obligations regarding the processing of your personal data. We have the right to collect and process data necessary for providing our services and complying with regulatory requirements. Exness is obligated to implement appropriate technical and organizational measures to ensure the security of personal data. We must respond to data subject requests promptly and maintain accurate records of processing activities.
Basic Rights and Obligations of Personal Data Subjects
As a data subject, you have specific rights regarding your personal data processed by Exness. You have the right to access your personal data and request information about its processing. The right to rectification allows you to correct inaccurate or incomplete data. You can request the erasure of your data under certain circumstances. The right to restrict processing limits how we use your data. Additionally, you have the right to object to certain types of processing.
Exercising Your Rights
To exercise your rights as a data subject, you can contact our Data Protection Officer through the following channels:
- Email: [email protected]
- Postal address: 9A CT House, 2nd floor, Providence, Mahe, Seychelles
- Online form: Available in your Exness Personal Area
We will respond to your requests within 30 days, as required by applicable data protection laws.
Principles of Personal Data Processing
Exness adheres to fundamental principles in processing your personal data. Lawfulness, fairness, and transparency guide our data processing activities. We collect data for specified, explicit, and legitimate purposes, ensuring purpose limitation. Data minimization principles are applied to ensure we only process data that is necessary. We strive for accuracy in the personal data we maintain. Exness is accountable for compliance with these principles and can demonstrate this compliance when required.
Conditions of Personal Data Processing
Personal data processing by Exness is conducted under specific conditions to ensure compliance with data protection regulations. Processing is primarily based on the performance of contractual obligations between Exness and the client. We also process data to comply with legal obligations, such as anti-money laundering regulations. In some cases, processing may be based on the legitimate interests of Exness or third parties. Exness ensures that processing is necessary and proportionate to the purposes for which the data is collected.
Legal Bases for Processing
- Contractual necessity
- Legal obligation
- Legitimate interests
- Consent of the data subject
- Protection of vital interests
| Legal Basis | Example | Applicable Data |
| Contract | Account opening | Identification, contact |
| Legal obligation | KYC checks | Financial information |
| Legitimate interest | Fraud prevention | Transaction data |
| Consent | Marketing communications | Contact preferences |
| Vital interest | Emergency situations | Health information |
Procedure for Collection, Storage, Transfer and Other Types of Personal Data Processing
Exness collects personal data through various channels, including account registration forms, identity verification processes, and website interactions. Data is stored securely on our servers, with appropriate access controls and encryption measures in place. We retain personal data for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Data transfers, particularly cross-border transfers, are conducted in compliance with applicable data protection regulations. Exness may share data with third-party service providers, always ensuring appropriate safeguards are in place.
Data Retention Periods
Specific retention periods apply to different categories of personal data:
- Account information: 5 years after account closure
- Transaction records: 7 years from the date of the transaction
- Communication logs: 2 years from the last interaction
- Marketing preferences: Until consent is withdrawn
Confidentiality of Personal Data
Exness maintains strict confidentiality measures to protect your personal data. Access to personal data is restricted to authorized personnel on a need-to-know basis. All employees and contractors are bound by confidentiality agreements and receive regular training on data protection practices. We implement technical measures, such as encryption and secure data transfer protocols, to safeguard data confidentiality. In the event of a data breach, we have procedures in place to assess the risk to data subjects and notify relevant authorities and affected individuals as required by law.
Final Provisions
This Privacy Policy is subject to periodic review and may be updated to reflect changes in our data processing practices or legal requirements. We will notify you of any significant changes through our website or direct communication. The current version of the policy is always available on our website. By using Exness services, you acknowledge that you have read and understood this Privacy Policy and consent to the processing of your personal data as described herein.
