To be transparent on how we handle client data, give clients control of their data and help us meet European GDPR regulation we have taken the following measures:
- Documented client data we store, how we store it, why we store it and how we use it.
- Provided a tool so clients can have control over their data and how we use it.
- Work on an opt-in subscription system
Data we collectXGLOBAL Markets is a regulated investment firm so we are obligated to collect KYC documentation as well as communication, personal and financial information from clients. We have a duty to keep this information on record for 5 years following account inactivity; after which time we are permitted to delete it. This means we store photo identification and proof of address documentation as well as emails, telephone calls, contact details, address information, financial information and anything else provided during the account application or while the account is being operated.
How we collect dataWe collect document or personal/financial information through electronic forms, paper forms, email, telephone or in-person.
How we store dataWe store client data in secure Amazon and Microsoft datacentres located in the EU. We also store physical hard copies of certain information such as paper forms, certified documents or contracts at our HQ offices in Cyprus.
How we secure dataClient data (documents and data provided by electronic forms) is only ever uploaded or downloaded using secure SSL connections, which are enforced. This means there is no option for clients to upload or XGLOBAL employees to download in non-SSL secure way. We encrypt our databases and drives wherever possible. All our systems have scheduled backups so that in the event of hardware failure or corruption we will not lose client information. All our office terminals have their data backed up using an encrypted enterprise backup solution, Acronis Cloud. Hard copies are kept securely in the offices of management, compliance or back office departments. These offices are not open plan.
How we use client dataClient data is used for the following purposes:
- KYC and account validation purposes
- Categorising clients as professional or retail
- Categorising clients into various risk profiles
- Contacting clients with respect to client requests
- Contacting clients to inform them of important account information
- Contacting clients to provide them technical analysis
- Contacting clients to provide them newsletters or special offers