FXOpen AU Pty Ltd ("FXOpen", "we", "us" or "our") is a company registered in the Commonwealth of Australia under registration number 61 143 678 719, having its address at Level 25, 108 St Georges Terrace, Perth WA 6000, Australia. We are authorised and regulated by the Australian Securities and Investments Commission (AFSL #412871).
We provide our customers with foreign exchange contracts (FX) and contracts for differences (CFD) trading.
We know that you are concerned with how we deal with your personal information. This privacy statement sets out our current policies and demonstrates our commitment to your privacy. Your further rights and our obligations in respect to collecting and dealing with your personal information are disclosed in the Privacy Act 1988 (Cth).
Purpose of the Information processing
We are required to maintain certain personal information about individuals for the purposes of satisfying our operational and legal obligations (to open an account, transact business effectively and to safeguard your assets and your privacy). We recognize the importance of correct and lawful treatment of personal information as it helps to maintain confidence in our organization and to ensure efficient and successful outcomes when using this information.
We collect your personal information to provide you with our services as specified in our Client Agreement, Product Disclosure Statement and other documents regulating our business relationship with you published at www.fxopen.com.au/en/policy. We only use personal information as appropriate to provide you with a high quality of service and security. For example, we may use the information collected from you to verify your identity and contact information and to establish the business relationship with you. We may also use this information to establish and set up your trading account, issue an account number and a secure password, maintain your account activity, and contact you with account information. We also use your personal information to process and execute your trading orders. We also may use your personal information in order to receive or send payments to you / from you. In this case, we may share your personal information with external payment provider, which you use to process the payment to us / from us, for example: your bank, corresponding banking institution, payment services provider. All this information helps us improve our services and inform you about new products, services or promotions that may be of interest to you.
Principles of the Information processing
All personal information is:
- Fairly and lawfully processed;
- Processed for a lawful specified purpose;
- Adequate, relevant and not excessive;
- Not kept for longer than necessary;
- Processed in accordance with the individual’s (data subject’s) rights;
- Not transferred to other countries without adequate protection.
Personal Information We Collect
We may collect and process the following data about you:
- Information that you provide by filling in forms on our website, in emails, by calls, in our live chat, support center;
- Up-to-date information about yourself, if you register your personal details to use our service;
- Information you provide to us in the applications we ask you to fill in;
- Details of your visits to our website, details of your emails, calls and requests sent through the live chat, support center from, including, but not limited to: traffic information, location information, weblogs and other communication information, the resources that you access, devices and services you use to contact us.
The personal information that we collect from our customers, process and control to provide our services, include:
- name, date of birth, address;
- contact details, such as: email address, phone number, postal address, messengers and/or social networks ID;
- financial information: source of funds you deposit or intend to deposit to us, source of wealth, your balances with us;
- occupation and name of employer;
- payment information: deposits and withdrawals amount, date of payment, banks and other payment institutions involved in the payment process;
- trading information: orders and their execution results;
- technical information such as your IP addresses used to access our website and services, your activity logs in our systems.
Considering our obligations under respective AML/CFT regulations we also collect, process and keep the documents, which the customer provides to us to verify the personal information specified above. This include: passport, driving license and other ID copies, utility bills or other documents confirming the address of the customer, bank or other financial institutions statements, documents confirming source of funds and/or source of wealth etc. Please refer to www.fxopen.com.au/en/aml-policy. We also collect the information about current, past and prospective clients and customers, website visitors, etc. with whom we have dealings. This information may include information required to communicate with you, including your name, mailing address, telephone number, email address and your location information.
We may also ask you for information when you report a problem with our website. If you contact us, we may keep a record of that correspondence. We may also ask you to complete surveys that we use for research purposes, although you do not have to respond to them.
You have choices about the information we collect. When you are asked to provide personal information, you may decline. Subject to the provisions of this policy specified below, you are also entitled to have FXOpen erase your personal information, cease further dissemination of the information and potentially have third parties halt processing of the information. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. However, if you choose not to provide information that is necessary to provide a service or feature or to withdraw the information that is still relevant to original purposes of processing, you may not be able to use that service or feature.
The information we collect depends on the context of your interactions with FXOpen, the choices you make, including your privacy settings, and the service and features you use. FXOpen shall comply with the regulations applicable to the financial services providers, including AML/CFT regulations. As a result, we need to collect, process and keep your personal information to meet the applicable legislation requirements. Your refusal to provide us with the personal information in some cases may lead to freezing of your accounts with us and the funds held on such accounts. Under certain circumstances, we shall also report your activity and respective personal information to authorities. Personal information may consist of information kept on paper, computer or other electronic media all of which is protected under the applicable law.
As a data subject which provides its personal information to us you are entitled to:
- obtain from us an information whether your personal information is being processed by us. You may also access your personal information and request us to provide you with a copy of your personal information;
- obtain from us without undue delay the rectification of inaccurate personal information. You also have the right to have incomplete personal information completed;
- subject to the information protection regulations applicable to you, you may request from FXOpen the erasure of your personal information without undue delay. The request shall be made on the legal grounds provided in the information protection regulations applicable to you, which include among other:
- the personal information are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
- you withdraw your consent on which the processing is based according to the provisions of the applicable to you information protection regulations and where there is no other legal ground for the processing;
- you object to the processing pursuant to the applicable information protection regulations and there are no overriding legitimate grounds for the processing, or the information subject objects to the processing;
- the personal information have been unlawfully processed;
- the personal information have to be erased for compliance with a legal obligation in European Union or the law to which FXOpen is subject.
You should also pay an attention that being a financial services provider we shall keep a part of your personal information to comply with FATF recommendations, Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth) and other applicable legislation. Your request to erase your personal information would not affect such part of the personal information.
- subject to the information protection regulations applicable to you, you may request from FXOpen to restrict processing of your personal information in the following cases:
- the accuracy of the personal information is contested by you, for a period enabling us to verify the accuracy of your personal information;
- the processing of your personal information is unlawful and you oppose the erasure of your personal information and request the restriction of their use instead;
- FXOpen no longer needs the personal information for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims;
- You object to processing pursuant to the applicable information protection regulations pending the verification whether the legitimate grounds of us override yours.
- you shall be notified by us once any rectification or erasure of personal information or restriction of processing to each recipient to whom the personal information have been disclosed takes place;
- receive your personal information, provided to FXOpen, in a structured, commonly used and machine-readable format and you have the right to transmit those information to any third party. You may also ask us to transmit your personal information directly from FXOpen to other person in case such other person support the information formats and secure connections used by FXOpen to transmit such information;
- object, on grounds relating to your particular situation, at any time processing of your personal information. If you do so, FXOpen wouldn’t process your personal information unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims. Such grounds include among other the responsibilities of FXOpen arising out of AML/CFT regulations;
- You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you. However, we could do so if this is necessary for entering into, or performance of, a contract between us. We use an automated information system, which collects and process your personal information and make a pre-decision in respect to the entering into agreement with you or requests an additional information from you in order to execute our obligations under the agreement with you.
Reasons we share your personal information
We share your personal information with your consent or as necessary to complete any transaction or provide any service you have requested or authorized (debiting and crediting your accounts, executing your trading orders, providing support to you etc.).
In order to provide you with our services we share your personal information with our partners, vendors and service providers, including IT and software providers and vendors. We may also share your personal information with third persons and authorities if required by law, in respond to legal process, to protect our clients, to maintain the security of our services and to protect the rights or property of FXOpen.
We do not sell, license, lease or otherwise disclose your personal information to any third party for any reason, except as described below.
We reserve the right to disclose your personal information to third parties when required to do so by law to regulatory, law enforcement or other government authorities. We may also disclose your information as necessary to credit reporting or collection agencies. We may also disclose your information to non-affiliated third parties if it is necessary to protect FXOpen rights or property. We share your personal information with the banks and payment institutions, which process your payments to/from us. Commonly, we share your name, address, contact details (email) and the amount of payment to/from you. Such disclosure is made solely to provide you with an ability to deposit withdraw funds to/from us.
We may share your personal information with third parties acting as our liquidity providers. Once we hedge your positions with external liquidity providers they may access the information regarding your trading orders, including types of derivatives traded, their amount.
Your personal information may be shared with our software vendors and IT services providers including trading platform providers (hereinafter – “IT vendors”). While providing FXOpen with software, its modifications, implementation and support IT vendors may have an access to our information systems from their systems and locations. As a result, some of your personal information depending on the system where they are kept may be disclosed to our IT vendors. We limit an access of such IT vendors to our information systems to the best of our abilities. However, the situation may arise that in the process of software maintenance (modification of software functionality, migrating information to the new software versions, fixing bugs etc.) the vendor and/or IT provider get an access to the databases where your personal information is stored.
Some of IT vendors act as our technology providers based on the software-as-a-service (SAAS) business model. In this case, FXOpen use their information systems installed on their hardware environment. Respectively, our databases may be kept on the servers of such vendors. In this case, we limit an access using integrated management rules, which restrict vendor’s access to the information kept by its clients (FXOpen).
To help us improve our services to you, we may engage another business to help us to carry out certain internal functions such as account processing, client service and support, client satisfaction surveys or other information collection activities relevant to our business. We may also provide a party with customer information from our database to help us to analyze and identify customer’s needs and notify customers of product and service offerings. Use of the shared information is strictly limited to the performance of the task we request and for no other purpose.
According to the applicable law, we are required to upload your trading information (trading orders and/or positions) along with some of your personal information (name and/or UID) to the trading information depositories. We enter into agreements with the well-known international depositories, which provide a highest level of information security.
We may share information with affiliates and partners, including companies operating under FXOpen ® brand name, if the information is required to provide the product or service you have requested, or to provide you with the opportunity to participate in the products or services our affiliates and partners offer. We may also forge partnerships and alliances, which may include joint marketing agreements, with other companies who offer high-quality products and services that might be of value to our customers. In order to ensure that these products and services meet your needs and are delivered in a manner that is useful and relevant, we may share some information with partners, affiliates and alliances. This allows them to better understand the offers that are most relevant and useful to yourself. The use of your personal information is limited to the purposes identified in our relationship with the partner or affiliate.
All third parties receiving your personal information from us under the respective agreements are required to protect your personal information in a manner similar to the way we do this. We use a variety of legal mechanisms, including contracts, to help insure your rights and protections.
Restriction of responsibility
Access to Personal Information
All individuals who are the subject of personal information held by us are entitled to:
- ask what information we hold about them and why;
- ask how to gain access to it;
- be informed how to keep it up to date;
- have inaccurate personal information corrected or removed;
- to receive the personal information concerning them, which they have previously provided;
- prevent us from processing information or request that it is stopped if the processing of such information is likely to cause substantial, unwarranted damage or distress to the individual or anyone else, etc.;
- require us to ensure that no decision which significantly affects an individual is solely based on an automated process for the purposes of evaluating matters relating to him/her, such as conduct or performance;
- be informed what we are doing to comply with our obligations under the personal information protection laws.
Security of Personal Information
We maintain strict security standards and procedures with a view to preventing unauthorized access to your information by anyone, including our staff.
We use different organizational and technological measures to protect your personal information such as pseudonymisation and encryption. As a part of the pseudonymisation process when you establish a business relationship with us we assign to your accounts (both ewallet and trading account) the unique identifiers (UID) which make your personal information no longer be attributed to you without the use of additional information from our information system. Your UID instead of your name is used in most of the information systems we utilize to provide you with our services. Only a limited number of our staff and third parties have an access to the information system where your personal information in conjunction with UID is stored.
We use leading encryption technologies to secure your information on a hardware and software levels. The hardware protection includes Cisco security products. The software protection tools include strict control mechanisms as follows: SSL, TLS with keys larger than 2048-bit.
All FXOpen members, all our staff and third parties whenever we hire them to provide support services, are required to observe our privacy standards and to allow us to audit them for compliance.
Where Personal Information is stored and processed
Personal information collected by FXOpen may be stored and processed in your region or in any other country where FXOpen or its affiliates, subsidiaries or service providers maintain facilities. Typically, the primary storage location is in the European Union, with a backup to the information centers in another regions. The storage location(s) are chosen in order to operate efficiently, to improve performance, and to create redundancies in order to protect the information in the event of an outage or other problem. We take steps to ensure that the information we collect under this privacy statement is processed according to the provisions of this statement and the requirements of applicable law wherever the information is located.
We transfer personal information to other countries. When we do so, we use a variety of legal mechanisms, including contracts, to help ensure your rights and protections travel with your information.
Retention of Personal Information
As a general rule, FXOpen retains your personal information for the whole period of the business relationship with you and 5 years from the moment termination of such relationship. However, the period of your personal information retention can vary for different information types in the context of different products, actual retention periods can vary significantly. The criteria used to determine the retention periods include, for instance:
- The period of information processing needed to provide the services. This includes such things as maintaining and improving the performance of those services, keeping our systems secure, and maintaining appropriate business and financial records. This is the general rule that establishes the baseline for most information retention periods.
- The information subject's consent for a longer retention period. If so, we will retain information in accordance with the consent.
- FXOpen is subject to a legal, contractual, or similar obligation to retain the information. Mandatory information retention laws including AML/CFT regulations can be applied in the applicable jurisdiction, government orders to preserve information relevant to an investigation, or information that must be retained for the purposes of litigation.
We may share Website usage information about visitors to the Website with reputable advertising companies for targeting our Internet banner advertisements on this site and other sites. For this purpose, pixel tags (also called clear gifs or web beacons) may be used to note the pages you've visited. The information collected by the advertising company through the use of these pixel tags is not personally identifiable.
If you have a privacy concern, complaint or a question regarding your personal information collecting, processing and keeping, please contact the Information Protection Officer by email [email protected], by phone +(61) 2 6145 2042 / + (61) 8 6557 8587 or send a correspondence to our office: Level 25, 108 St Georges Terrace, Perth WA 6000, Australia. We will respond to questions or concerns within 30 days.
Unless otherwise stated, FXOpen is a information controller for personal information we collect through the services subject to this statement.