1. What Information We Collect
When you open and use a Xantex account, we collect personal information that is necessary to provide our services and meet our regulatory obligations. This includes:
- Full name, email address, phone number and residential address
- Date of birth and national identification information (for KYC verification)
- Payment details including bank account and card information
- Trading activity, account balances and transaction history
- IP address, device type, browser information and login timestamps
- Communications you send us via chat, email or phone
2. How We Use Your Information
We use the information we collect for the following purposes:
- To open, operate and maintain your trading account
- To comply with regulatory requirements including KYC (Know Your Customer) and AML (Anti-Money Laundering) obligations
- To personalise your platform experience and provide relevant market information
- To send service communications such as account notifications, security alerts and withdrawal confirmations
- To detect, prevent and investigate fraud, money laundering and other illegal activities
- To improve our platform, products and services through aggregated usage analytics
3. Who We Share It With
We do not sell your personal data to third parties under any circumstances. We may share your information with:
- Payment processors — to process deposits, withdrawals and payment verifications securely
- Regulatory authorities — when legally required by the FCA, CySEC, SCB or other competent authorities
- Technology providers — including hosting, platform and analytics vendors, all bound by strict data processing agreements under GDPR and equivalent legislation
- Professional advisers — including lawyers, auditors and insurers, under confidentiality obligations
4. How We Protect Your Data
Xantex takes the security of your personal data seriously. We implement the following technical and organisational measures:
- 256-bit SSL encryption for all data transmitted between you and our systems
- Strict role-based access controls — only authorised personnel can access personal data
- Regular independent security audits and penetration testing
- Mandatory data protection training for all staff handling personal information
- Incident response procedures to detect, contain and report any data breaches
5. Your Rights
Under applicable data protection law (including UK GDPR and EU GDPR), you have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure — request deletion of your data, subject to regulatory retention requirements
- Right to portability — receive your data in a machine-readable format for transfer to another provider
- Right to object — object to certain types of processing, including direct marketing
To exercise any of these rights, contact our Data Protection Officer at privacy@xantexglobalmarkets.pro.
6. Cookies
We use cookies on our website to provide essential functionality, remember your preferences, and analyse how visitors use our platform. Cookies we use include:
- Essential cookies — required for the website to function (login sessions, security)
- Functional cookies — remember your preferences such as language and chart settings
- Analytics cookies — help us understand how visitors interact with our site (anonymised data only)
You can manage or disable non-essential cookies at any time through your browser settings. Note that disabling certain cookies may affect platform functionality.
7. Data Retention
We retain your personal data for as long as your account is active and for a minimum of 7 years after account closure, as required by financial services regulations including the FCA's record-keeping rules. After this period, data is securely deleted or anonymised. Specific retention periods vary by data type in accordance with applicable law.
8. Contact Our Data Protection Officer
For any privacy-related queries, requests or complaints, you can contact our Data Protection Officer directly:
We aim to respond to all data protection enquiries within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Information Commissioner's Office (ICO) at ico.org.uk.