PRIVACY POLICY

1. INTRODUCTION

Colmex Pro Ltd (“the Company”, “Colmex Pro”, “We” or “Us”) is a Cyprus Investment Firm (“CIF”) incorporated and registered under the laws of the Republic of Cyprus with Registration No. HE 260064, having its registered office at 117 Makariou III Avenue & Sissifou (ex Lefkosias-Limnazousas) Street, Quarter of Apostoloi Petrou & Pavlou, 3021 Limassol, Cyprus (contact number: +357 25 030036, email: [email protected]). The Company is authorised and regulated by the Cyprus Securities and Exchange Commission (“CySEC”), with licence number 123/10.

1.1. Scope and Objective

In order to effectively deliver its services to Clients, the Company must collect and process Personal Data, including sensitive personal data. We are proud of maintaining strong and professional relationships with our clients and other stakeholders (the “data subject” or “you”). Hence, we place great emphasis on respecting and supporting each individual’s right to privacy.

This Privacy Policy (“Policy”) applies to personally identifiable information that we collect and process through our website, www.colmexpro.com , as well as through any other related sites and applications (if applicable). This Policy does not apply to websites operated by other organizations and/or other third parties. Additionally, this Policy also applies to personal information we collect and process when you use or interact with our services, including through any correspondence made with us via email, phone, or other communication channels. The Policy aims to inform you about the types of information we collect, who we share it with, what we use it for, and how we keep it secure.

By using any of our Services, you consent to the collection, transfer, storage, disclosure, and use of your Personal Data in accordance with this Privacy Policy

1.2. Data Protection and Privacy Commitment

Protecting our Clients’ privacy and safeguarding their personal and financial information is of great importance to us. In accordance with data protection laws, the personal information we collect and store about you must be:

  • Used lawfully, fairly, and transparently.
  • Collected only for valid, clearly explained purposes and not used in a way that is incompatible with those purposes.
  • Relevant and limited to the purposes explained to you.
  • Accurate and kept up to date.
  • Retained only as long as necessary for the above-mentioned purposes.
  • Stored securely

The Company is responsible for ensuring the protection and confidentiality of clients’ personal and financial information. By opening an Account or establishing a business relationship with us, you consent to the collection, processing, storage, and use of your Personal Data as described in this Policy.

To prevent unauthorized access and/or disclosure, we have implemented appropriate physical, electronic, and managerial procedures and controls to ensure the security and confidentiality of client information.

The Company collects only the necessary information required to open and maintain a Client’s Account, establish a business relationship, and provide clients with the requested services. As a rule, the Company does not disclose personal or non-public information unless necessary to fulfill service obligations.

The purpose of this Policy is to explain:

  • What Personal Data we collect.
  • How we use your Personal Data.
  • When, with whom, and how your Personal Data is shared.
  • Your rights regarding your Personal Data.
  • Other relevant privacy and security matters.

When handling your Personal Data, we comply with the General Data Protection Regulation (“GDPR”) and relevant Personal Data protection laws and regulations of the EU and the Republic of Cyprus.

All words and phrases highlighted and not defined in this Policy, shall have the same meaning as defined in our Terms and Conditions (as applicable).

2. DEFINITIONS

‘Personal Data’ refers to any information related to an identified or identifiable natural person ("data subject"). An identifiable natural person is someone who can be identified, directly or indirectly, through an identifier such as a name, identification number, location data, online identifier, or through one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.

‘Processing’ means any operation or set of operations performed on personal data, whether manually or through automated means. This includes the collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment, combination, restriction, erasure, or destruction of data.

Controller’ refers to the natural or legal person, public authority, agency, or other body that determines, alone or jointly with others, the purposes and means of processing personal data. When the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law.

‘Processor’ refers to a natural or legal person, public authority, agency, or other body that processes personal data on behalf of the controller.

‘Third Party’ means any natural or legal person, public authority, agency, or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.

‘Consent’ of the data subject is a freely given, specific, informed, and unambiguous indication of the data subject’s wishes, expressed through a statement or clear affirmative action, signifying agreement to the processing of their personal data.

3. WHAT PERSONAL DATA DO WE COLLECT AND WHY

When you apply for or maintain a Trading Account with Colmex Pro, we collect Personal Data about you for business purposes, including evaluating your financial needs, processing your requests and transactions, informing you about products and services that may be of interest to you, and providing customer support.

The Personal Data we collect and the reasons include:

Personal Data Reason
Identifying Information: Such as your identification document, full name, date of birth, occupation, age, tax ID and/or related tax identification information. In order to comply with legal and regulatory requirements, including Anti-Money Laundering (AML) and Know Your Customer (KYC) obligations, tax reporting obligations, and to verify your identity when opening an account.
Contact Details: Such as email address, phone number or other contact information. To enable us to communicate with you regarding account-related matters, provide customer support, send regulatory updates, and inform you about services or promotions you may be interested in.
Financial Information: Such as estimated annual income, net worth, liquid assets, previous trading experience, employment details, and risk tolerance. To assess your suitability for our services, ensure compliance with regulatory requirements, evaluate your risk profile, and tailor financial products to your experience and investment capacity.
Banking Information: IBAN details, credit card details, and other payment processing information as requested by the respective payment service providers. To process deposits and withdrawals, comply with anti-fraud and AML regulations, and ensure secure financial transactions.
Technical and Usage Data: Such as login times, IP address, type of device or computer used to access our website, geographical location, internet service provider, volume of website usage, and types of data systems and reports accessed, session duration, and other related activity. To improve website security, prevent unauthorized access, detect suspicious activity, enhance user experience, optimize platform performance, and comply with cybersecurity and regulatory obligations.
Electronic Communications: Any letters, emails, chat messages, and telephone conversations. To comply with regulatory record-keeping requirements, monitor and improve customer service, resolve disputes, and provide proof of communications when necessary.
Any other personal information: Resulting from “Know Your Customer” and Anti-Money Laundering checks. To meet regulatory and legal obligations, ensure compliance with AML and Counter-Terrorism Financing (CTF) laws, and prevent fraud or financial crime.
Trading Activity: Such as products you trade, their performance, and the amount invested. To provide trading services, monitor account activity for market abuse and other regulatory purposes, generate reports for regulatory authorities, and offer personalized trading insights.
Web activity data: Such as pages visited (official website and landing pages), content viewed, links clicked, and URLs visited before and after accessing our website. To analyze website usage, improve platform functionality, enhance marketing strategies, and comply with cybersecurity and data protection regulations. For more information about cookies and how to manage them, please refer to the “Use of Cookies” section herein.
Third-party databases information: Such as identity verification data, identification documents, and background information received from public records or other non-affiliated entities to meet legal and regulatory obligations. To verify your identity, comply with legal and regulatory requirements, detect and prevent fraud, and ensure the security of financial transactions.

The Company may, from time to time, collect other necessary personal information in order to prevent loss or to protect the rights, privacy, safety, and property of the Company or other persons in accordance with our legitimate interests.

4. HOW WE COLLECT PERSONAL DATA

We collect Personal Data when you:

  • Register for an account or express interest in our products and services.
  • Provide identity verification information.
  • Submit feedback or inquiries.
  • Engage with us through customer support channels.

We collect only the necessary personal data required to open and manage your Account, safeguard your funds and privacy, and provide you with our Services. To this end, we gather information directly from you and may, in certain circumstances, gather information from Third Parties such as relevant banks and/or credit agencies, public records, compliance verification databases and other similar service providers for KYC purposes, to fulfil legal and regulatory requirements. We may also collect Personal Data about you from Third Parties such as Affiliates.

5. HOW WE KEEP YOUR PERSONAL DATA SECURE

We use appropriate technical and organizational measures to protect the Personal Data that we collect and process about you. The measures are designed to ensure a level of security appropriate to the risk associated with processing your Personal data. In particular, we:

  • Store Personal Data in secure facilities and, when the information is held electronically, on secured servers.
  • Use encrypted transmission links whenever possible.
  • Implement additional safeguards such as firewalls, authentication systems (e.g., passwords), and access control mechanisms to manage access to systems and data.
  • Perform regular scanning and penetration testing services to identify potential security vulnerabilities and apply relevant remedies to rectify them.
  • Ensure that our management and employees obtain proper training and stay up-to-date with the most recent challenges and developments to manage your data and ensure it remains confidential and integral.

6. WHO WE SHARE YOUR PERSONAL DATA WITH

The Company reserves the right to disclose Personal Data to Third Parties when required by law, regulatory obligations, or other regulatory bodies.

Third Party disclosures may include sharing information with our group companies, affiliates, or nonaffiliated companies that perform data processing and support services for your Account or facilitate your Transactions with Colmex Pro. These may include entities providing professional, legal, technological, payment processing, or accounting services to Colmex Pro. We may share information with group companies, Third Parties, and affiliates when such information is reasonably required for a legitimate interest or for legal and regulatory purposes. Additionally, we may share information within our group to offer products and services that meet your needs, delivered in a useful and relevant manner.

If you have been introduced to us by an Introducer, that Introducer may have access to your personal information.

Third Parties are required to maintain the confidentiality of your Personal Data and use it only for the purposes defined by Colmex Pro and in compliance with applicable laws.

Other Third Parties with whom we may share your Personal Data include, but are not limited to:

  • Agents, professional advisors, or service providers we engage with, such as affiliates, auditors, accountants, insurers, researchers, and other service providers including counterparty banks, liquidity providers, marketing agencies, sponsors, and IT service providers.
  • Financial institutions involved in managing our payments, such as banks or payment service providers.
  • Regulatory bodies, government agencies, law enforcement bodies, and courts.

We do not sell, license, lease or otherwise disclose personal information to third parties, except as described in this Privacy Policy.

Additionally, we may share Personal Data with any competent law enforcement body, regulatory authority, government agency, court, or other Third Party where such disclosure is necessary:

  1. To comply with applicable laws or regulations.
  2. To exercise, establish, or defend our legal rights.
  3. To protect your vital interests or those of any other person.

All Third Parties with whom we share Personal Data are required to protect such Personal Data in accordance with all relevant applicable legislation and in a manner consistent with our own data protection standards. We will not share Personal Data with Third Parties that we consider cannot provide Clients with the required level of protection.

6.1. International transfers of Personal Data

Subject to certain conditions, we may transfer your Personal Data to Third Parties in countries outside the EEA for further processing, in accordance with the purposes outlined in this Policy. When doing so, we will ensure that your privacy rights are adequately protected in accordance with applicable law, using appropriate technical, organization, contractual or other lawful means.

7. LEGAL BASIS FOR PROCESSING YOUR PERSONAL DATA

For the purposes of GDPR, Colmex Pro acts as Data Controller of the Personal Data we collect from you. The legal basis for processing your data will depend on the context in which they are collected and used, but will in most cases fall into one of the following categories:

  1. Entering into and performing the contract with you: If you have a Colmex Pro trading account, have registered on our website, or have applied for our services, we process your Personal Data on the legal basis that it is necessary to fulfil the terms and conditions of Colmex Pro, and provide our services to you. With respect to a Colmex Pro trading account, this includes facilitating access to our platform, processing payments and executing trades.
  2. For other justifiable grounds, including legal obligation and legitimate interests: We process your Personal Data, necessary for us to comply with our legal and regulatory obligations, as well as when necessary for legitimate interests in conducting our business. These include, but are not limited to:
    • Understanding your interests and preferences in order to provide you with relevant information and maintain promotional communications with you.
    • Analyzing and continuously improving our website and services, and helping us pilot test versions of the website internally to develop new features and ensure the efficient running of Colmex Pro services.
    • Detecting and mitigating fraud and credit risk.
  3. If you have given us consent: We process your Personal Data if you have granted us consent to process your Persona Data for marketing and promotional purposes. Such processing will only take place to the extent and for the purposes set out in the declaration of consent and to the extent agreed therein. Any consent given may be revoked at any time by you by contacting the DPO with future effect.

8. YOUR RIGHTS UNDER GDPR

Data subjects, depending on their place of residence, in EU and/or other regions, are inter alia entitled to:

Right of access – The right to obtain confirmation as to whether Personal Data are being processed and, if so, access to any Personal Data we hold about you along with relevant information about their processing.

Right of rectification – The right to request the correction of inaccurate or incomplete Personal Data without undue delay.

Right to erasure (Right to be forgotten) – The right to request the deletion of Personal Data, under certain conditions, such as when the data are no longer necessary for the purposes for which they were collected. Please note, however, that for legal reasons we may not always be able to comply with these requests for data erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

Right to restriction of processing – The right to request the restriction of data processing under specific circumstances, such as when the accuracy of the data is contested, or the processing is unlawful.

Right to data portability – The right to receive Personal Data you have provided to us in a structured, commonly used, and machine-readable format and to transmit that data to another controller of your choice, where technically feasible.

Right to object – The right to object to the processing of Personal Data when processing relies on our own legitimate interests or when your data are processed for direct marketing or profiling purposes, unless there are compelling legitimate grounds for the processing that override the individual’s interests, rights and freedoms, or that the processing is required for the establishment, exercise or defense of legal claims.

Rights in relation to automated decision-making, including profiling – The right not to be subject to decisions based solely on automated processing, including profiling, that produce legal or similarly significant effects for the individual, except under certain permitted conditions.

Right to complaint – Right to complaint – The right to lodge a complaint regarding the processing of your Personal Data with your supervisory authority for the protection of Personal Data. In Cyprus, this is the Office of the Commissioner for Personal Data Protection. For more detailed information please refer to the following website: http://www.dataprotection.gov.cy.

Any such requests to exercise your rights under GDPR (“request”) should be submitted electronically to the Data Protection Officer (“DPO”) by completing the Data Subject Access Request (“DSAR”) Form. Please note that some of the above-mentioned rights may be subject to limitations under certain circumstances.

Upon receiving a request, we will respond within one (1) month, unless the request is particularly complex, or you have made a number of requests. In such cases, we will notify you within one (1) month of the receipt of your request and keep you updated on the progress.

9. PROCESSING OF SPECIAL CATEGORY DATA

Under GDPR Regulation, certain categories of Personal Data require additional protection due to their sensitive nature. These data, referred to as “Special Categories Data”, include any information relating to:

  • Racial or ethnic origin
  • Political opinions
  • Religious or philosophical beliefs
  • Membership in a trade union
  • Sexual orientation or practices
  • Criminal record
  • Health information about an individual
  • Genetic data about an individual that is not otherwise health information
  • Biometric data used for the purposes of automated biometric identification or verification
  • Biometric templates

Processing of Special Categories Data is generally prohibited, except under certain circumstances where specific exceptions apply, such as where explicit consent is given or processing is necessary for legal, public interest, or healthcare-related purposes.

10. USE OF COOKIES

Cookies are small data files that are stored on your computer when you visit a website. Cookies are nonexecutable and cannot be used to install malware. They allow websites to recognize returning visitors and store basic information about them, that is checked and updated every time you visit the website. This helps us provide you with a better user experience and allows us to improve our website. By continuing to browse the site, you agree to our use of cookies. Some of the cookies set by Colmex Pro when you visit any of our websites are essential to the working functionality of the websites. You may reject non-essential cookies by adjusting your browser settings to refuse.

If you choose to reject cookies, you may still use the Website, though your access to some functionality and areas of the website may be restricted. If you block cookies, you will not be able to use all the features on our Website and Trading Platform and may have a different experience of our Services. You can also delete cookies already stored on your computer. Again, doing this may have a negative impact on the usability of our Services

For more information about the types of cookies and their use by Colmex Pro, please refer to the Cookie Policy

11. RETENTION OF PERSONAL DATA

We are legally obligated to keep your Personal Data provided to us, including but not limited to your name, address, email, phone number, trading and transaction history, deposits and withdrawals history, for the entire duration of the Agreement and for at least five (5) years after the end of our business relationship. We will retain your Personal Data for the longest of the following periods:

  1. For the period required for the performance of the relevant activity or services.
  2. For any retention period required by law.
  3. Until the end of any litigation and/or investigation by a public authority which arises in respect of the relevant activity and/or the services.
  4. Where the company has justifiable legitimate interest.

The retention period of your Personal Data will be subject to periodic review to ensure compliance with GDPR principles.

If we hold any Personal Data in the form of recorded communication, including telephone, electronic, in person or otherwise, this information will be retained for five (5) to ten (10) years after our business relationship has ended, in line with local regulatory requirements

We may keep an anonymized form of your Personal Data, which will no longer identify you, without time limits, to the extent that we have a legitimate and lawful interest in doing so.

12. LIMITATION OF LIABILITY AND DISCLAIMERS

The Company and/or its employees shall not be held liable for any loss or damage, including but not limited to indirect and/or consequential losses or damages, including loss of data and/or profit(s), arising from the use of the Company’s website.

The material and/or information contained on this website are for informational purposes only. All content, including but not limited to, images, texts, policies, forms and agreements, is owned and provided by the Company, and should not be reproduced, distributed and/or published, in whole or in part, for any purpose without the explicit written consent and/or permission of the Company. The material and/or information within this website should not be interpreted as an offer or solicitation of an offer for investment services/activities or any financial instruments.

The Company takes no responsibility for, and shall not be liable for, the website being temporarily unavailable due to technical issues beyond the Company’s control, nor shall we accept any liability for losses and/or damage resulting from reliance on the information contained within this website.

Furthermore, the Company is not liable for the privacy policies or the content of third-party websites linked to its site, and has no control over the use or protection of information provided by clients or collected by those sites. When linking to a co-branded or Third-party linked website, users may be asked to provide registration or other personal information. Such information is recorded by the Third Party and will be governed by the privacy policy of that Third Party.

This website may be accessed worldwide, however the financial products mentioned on the website may not be permitted by law for all investors in all countries. Through this website you may be able to link to other websites which are not under the Company’s control. The inclusion of such links does not in any way imply any recommendation and/or endorsement by the Company of the views expressed on those websites. These links are only offered as a convenience to all visitors.

Access to this website may be restricted to certain jurisdictions due to domestic legal restrictions. The Company bears no responsibility for visitors or users who access this website from jurisdictions where its use is prohibited, nor for any individuals who accesses the website illegally

The information on this website is not intended to constitute legal, investment, consulting, or other professional advice or services. Before making any decision or taking any action that might affect your personal situation and/or business, you should consult a qualified professional advisor.

13. PROTECTION OF MINORS’ PERSONAL INFORMATION

Our services are not available for users under the age of 18 (“minors”). We do not knowingly collect personal information from or about minors. If you are a minor, you should not download or attempt to use any of our services nor provide any personal information to us.

If we become aware that a minor has provided us with personal information, we will delete such information. If you have any reason to believe that a minor has shared any information with us, please contact us by filling a DSAR Form .

14. REGULATORY DISCLOSURE

We reserve the right to disclose Personal Data to Third Parties where required by law, regulatory, law enforcement or other government authority of a competent jurisdiction, in order to protect our rights and/or comply with legal obligations. Such disclosure shall occur on a ‘need-to-know’ basis, unless otherwise instructed by a regulatory or other governmental authority. Under such circumstances, we shall expressly inform the Third Party regarding the confidential nature of the information.

We, as a regulated firm, are required to comply with certain obligations under the Intergovernmental Agreement with the United States and have taken all reasonable steps to ensure compliance with the Foreign Account Tax Compliance Act (FATCA) and the Common Reporting Standard (CRS), as approved by the Organisation for Economic Co-operation and Development (OECD) for the exchange of information for tax purposes.

15. LINKING TO OTHER WEBSITES

If you access links on the Website to Third Party websites which are not owned by Colmex Pro, or if you access the Website through links from other websites, please be aware that these websites have their own privacy and/or cookies policies. We do not accept any responsibility or liability for these policies. You should check and review these privacy and/or cookies policies before you submit any Personal Data to these websites.

16. CHANGES TO THIS POLICY

The Privacy Policy will be reviewed periodically in order to take account of changes in our operations or practices and to make sure it remains appropriate to any changes in law, technology and/or the business environment. The updated Privacy Policy will be posted on the Website, and the client acknowledges that posting the update constitutes official notice to the client. Any Personal Data we hold will be governed by our most current version of this Policy. We advise you to review this Policy regularly to stay informed and to make sure that you are happy with any changes. If you disagree with the changes to this Policy, you should discontinue your use of the Website or related Services.

17. HOW TO CONTACT US

Questions, comments, or complaints regarding your Personal Data or this Policy are welcomed and should be addressed to the DPO at [email protected].

Requests for access to personal data or to exercise your rights under the GDPR should be submitted by completing the DSAR Form .

When using any of our Services you consent to the collection, transfer, storage, disclosure, and use of your Personal Data subject to this Policy

V7_2025
GET IT ON Google Play Donwnload on the App Store TradingViewButton