tfc global markets

Legal document

Privacy Policy

v1.0 draft — final at launch · Pending lawyer review
Version
v1.0 draft — final at launch
Last updated
Pending lawyer review
Effective
Live at launch
In plain English

We collect the minimum data needed to run the brokerage. We don't sell it, we don't share it for advertising, and we delete it when you ask. We hold ourselves to GDPR-grade data-protection standards.

1. Definitions

This section defines the data-protection terms used in this policy so they align with UK GDPR and the Data Protection Act 2018.

Personal data means any information relating to an identified or identifiable living individual.
Draft — pending counsel review

{{LEGAL_DRAFT}} — Full defined-terms list pending counsel review. Will define: personal data, processing, data controller, data processor, data subject, special category data, and supervisory authority — consistent with UK GDPR and DPA 2018 terminology.

2. Scope & data controller

This section identifies TFC Global Markets as the data controller and explains what this policy applies to.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Data-controller details pending counsel review. Will identify the legal entity acting as controller, its registered address, ICO registration number, and the Data Protection Officer or privacy contact.

3. What personal data we collect

This section lists the categories of personal data we collect — identity, contact, financial, verification, and usage data — and where it comes from.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Data-categories detail pending counsel review. Will cover: identity and contact details, KYC documents, financial and transaction data, device and usage data, and communications, with the source of each category. Principle: we collect the minimum required to operate as a regulated broker.

4. How we use your personal data

This section explains the purposes we use personal data for, such as operating accounts, meeting regulatory obligations, and preventing fraud.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Purposes of processing pending counsel review. Will cover: account administration, trade execution and reporting, KYC/AML compliance, fraud prevention, customer support, and service communications. We do not sell personal data or share it for third-party advertising.

5. Lawful bases for processing (GDPR Article 6)

This section maps each processing purpose to its lawful basis under Article 6 of the UK GDPR.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Lawful-basis mapping pending counsel review. Will map each purpose to a lawful basis: contract (account services), legal obligation (AML/KYC, reporting), legitimate interests (fraud prevention, service improvement), and consent (optional marketing), with the legitimate-interests balancing test recorded.

6. How we share your personal data

This section describes the limited circumstances in which we share personal data with processors, partners, and authorities.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Data-sharing terms pending counsel review. Will cover: technology and payment processors, the liquidity/white-label partner, regulators and law enforcement where legally required, and the contractual safeguards imposed on each. We do not share data for advertising.

7. International data transfers

This section explains how we protect personal data when it is transferred outside the UK.

Draft — pending counsel review

{{LEGAL_DRAFT}} — International-transfer terms pending counsel review. Will cover: the countries data may be transferred to, the transfer mechanisms used (adequacy decisions, International Data Transfer Agreement, or appropriate safeguards), and how the Client can obtain a copy of the safeguards.

8. Data retention

This section sets out how long we keep personal data and the criteria we use to decide retention periods.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Retention schedule pending counsel review. Will cover: retention periods by data category, the regulatory minimums (e.g. AML record-keeping), and deletion or anonymization once the period ends. Principle: we delete personal data when you ask, except where law requires us to keep it.

9. Your rights under GDPR and UK DPA 2018

This section explains the Client's data-protection rights and how to exercise them.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Data-subject rights detail pending counsel review. Will cover: access, rectification, erasure, restriction, portability, objection, and rights relating to automated decision-making — with how to make a request, our response timeline (one month), and any limits where law requires retention.

10. Cookies and tracking technologies

This section explains which cookies and similar technologies we use and how the Client can control them.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Cookie policy pending counsel review. Will cover: strictly necessary, functional, and analytics cookies, the consent mechanism, retention per cookie, and how to manage preferences. Will align with the cookie banner implemented at launch.

11. Children's privacy

This section confirms that our Services are not directed at children and that we do not knowingly process their data.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Children's-privacy terms pending counsel review. Will confirm the minimum age to hold an account, that Services are not offered to minors, and the steps taken if data from a minor is identified.

12. Changes to this policy

This section explains how we notify the Client when this privacy policy changes.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Change-notification terms pending counsel review. Will cover: how changes are published, notice for material changes, effective dates, and version history.

13. How to contact us or file a complaint (ICO)

This section tells the Client how to contact our privacy team and how to complain to the Information Commissioner's Office.

Draft — pending counsel review

{{LEGAL_DRAFT}} — Contact and complaint details pending counsel review. Will include: privacy contact (compliance@tfcglobalmarkets.com), the right to complain to the ICO, and the ICO's contact details (Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire SK9 5AF; ico.org.uk).

This document is in draft pending review by UK financial services counsel. Sections marked with an amber Draft badge contain placeholder text and are not final. Finalized versions go live before we open to traders. Questions: compliance@tfcglobalmarkets.com.