Privacy Policy

We collect various categories of personal data in order to provide our Services and comply with our legal and regulatory obligations.

1.1. Information You Provide Directly

• Identity Data: Full name, date of birth, nationality, gender, and government-issued identification numbers (passport number, national ID number, driving licence number).
• Contact Data: Email address, telephone number(s), residential address, and mailing address.
• Financial Data: Bank account details, payment card information (encrypted), source of funds documentation, income and employment details, net worth declarations, and tax identification numbers.
• Verification Data: Copies of identification documents, proof of address documents, selfie/liveness check images, and any other documents submitted for KYC/AML verification purposes.
• Trading Experience Data: Information about your trading knowledge, experience, investment objectives, and risk tolerance, as collected during our appropriateness and suitability assessments.
• Communication Data: Records of correspondence with our support team (emails, live chat transcripts, telephone call recordings), feedback, and survey responses.

1.2. Information Collected Automatically

• Device and Technical Data: IP address, browser type and version, operating system, device type, screen resolution, device identifiers, and time zone settings.
• Usage Data: Pages visited, time spent on pages, click patterns, navigation paths, referral URLs, and search queries used to find our website.
• Trading Activity Data: Order history, trade execution data, account balances, open and closed positions, profit and loss records, deposit and withdrawal history, and platform usage patterns.
• Cookie and Tracking Data: Information collected through cookies, web beacons, pixels, and similar technologies. For full details, please see our Cookie Policy.

1.3. Information from Third Parties

• Identity Verification Providers: Results from electronic identity verification, document authentication, and sanctions/PEP screening services.
• Credit Reference Agencies: Credit history and financial standing information where required for our risk assessment.
• Payment Service Providers: Transaction confirmation data from banks, card processors, and electronic wallet providers.
• Publicly Available Sources: Information from public registers, sanctions lists, adverse media databases, and other publicly available sources used for due diligence.
• Marketing Partners: Referral information if you were introduced to NextTrade by an introducing broker or affiliate partner.

We use your personal data for the following purposes:

2.1. Account Management and Service Delivery

• To process your account application and verify your identity;
• To open, maintain, and administer your trading account(s);
• To process deposits, withdrawals, and other financial transactions;
• To execute and manage your trades and orders;
• To provide customer support and respond to your enquiries;
• To send you account-related communications (confirmations, statements, margin alerts).

2.2. Regulatory Compliance

• To comply with our KYC (Know Your Customer) and AML (Anti-Money Laundering) obligations;
• To conduct appropriateness and suitability assessments;
• To fulfil our regulatory reporting obligations to the Financial Services Commission (FSC) of Mauritius and other competent authorities;
• To detect, investigate, and prevent fraud, money laundering, terrorist financing, and other financial crimes;
• To comply with sanctions screening requirements;
• To maintain records as required by applicable law and regulation.

2.3. Business Improvement and Analytics

• To analyse usage patterns and improve our website, platform, and services;
• To conduct internal research and statistical analysis;
• To develop new products, features, and services;
• To monitor and improve the performance and security of our systems.

2.4. Marketing and Communications

• To send you marketing communications about our products, services, and promotions (with your consent where required);
• To personalise your experience on our website and platform;
• To measure the effectiveness of our marketing campaigns;
• To administer referral programmes and promotions.

We process your personal data on the following legal bases:

• Contractual Necessity: Processing necessary to perform our contract with you (e.g., account management, trade execution, deposits and withdrawals).
• Legal Obligation: Processing necessary to comply with our legal and regulatory obligations (e.g., KYC/AML checks, regulatory reporting, tax reporting, record-keeping).
• Legitimate Interests: Processing necessary for our legitimate business interests, where these are not overridden by your rights and freedoms (e.g., fraud prevention, system security, business analytics, service improvement).
• Consent: Where we rely on your consent as the legal basis for processing (e.g., marketing communications, non-essential cookies). You may withdraw your consent at any time without affecting the lawfulness of processing carried out before withdrawal.

We may share your personal data with the following categories of recipients, only to the extent necessary for the purposes described in this policy:

• Regulatory and Government Authorities: the Financial Services Commission (FSC) of Mauritius, tax authorities, law enforcement agencies, financial intelligence units, and other competent authorities as required by applicable law or in response to lawful requests.
• Payment Service Providers: Banks, card processing companies (e.g., Visa, Mastercard), electronic wallet providers, and cryptocurrency payment processors, to facilitate deposits and withdrawals.
• Identity Verification and KYC Providers: Third-party providers that assist with identity verification, document authentication, facial recognition, sanctions screening, and PEP checks.
• Technology and Platform Providers: Providers of trading platform infrastructure, hosting services, cloud storage, and IT support services.
• Analytics and Marketing Providers: Providers of website analytics (e.g., Google Analytics), marketing automation tools, and advertising platforms, subject to your cookie and marketing preferences.
• Liquidity Providers: Counterparties and liquidity providers who facilitate trade execution. Minimal data (e.g., trade parameters, but not personal identity data) is typically shared for this purpose.
• Professional Advisers: Lawyers, auditors, accountants, and consultants engaged by NextTrade, bound by professional duties of confidentiality.
• Introducing Brokers and Affiliates: If your account was introduced by an IB or affiliate, limited data may be shared with them for commission calculation and relationship management purposes, in accordance with your consent.
• Group Companies: Other entities within the NextTrade corporate group, for internal administration, compliance, and business purposes.

We require all third parties to whom we disclose personal data to implement appropriate technical and organisational measures to protect your data and to process it only in accordance with our instructions and applicable data protection laws.

We do not sell your personal data to third parties for their marketing purposes.

5.1. As NextTrade operates internationally, your personal data may be transferred to, stored in, and processed in countries other than your country of residence, including Mauritius, the United Kingdom, and EU member states.

5.2. Where we transfer personal data outside the jurisdiction in which it was collected, we ensure that appropriate safeguards are in place, including:

• Standard Contractual Clauses (SCCs) approved by the relevant data protection authority;
• Binding Corporate Rules for intra-group transfers;
• Transfers to countries recognised as providing an adequate level of data protection;
• Other legally recognised transfer mechanisms as appropriate.

5.3. You may request a copy of the appropriate safeguards used for international data transfers by contacting our Data Protection Officer.

6.1. We retain your personal data only for as long as necessary to fulfil the purposes for which it was collected, including to comply with legal, regulatory, and internal policy requirements.

6.2. Our general retention periods are as follows:

6.3. Where personal data is no longer required, it will be securely deleted or anonymised. Anonymised data (which can no longer identify you) may be retained indefinitely for statistical and analytical purposes.

6.4. In some cases, we may retain data for longer periods where required by law (e.g., anti-money laundering regulations), to defend against potential legal claims (for the duration of the applicable limitation period), or where there is an ongoing investigation.

Subject to applicable law and certain exemptions, you have the following rights in relation to your personal data:

• Right of Access: You have the right to request a copy of the personal data we hold about you and information about how we process it.
• Right to Rectification: You have the right to request that we correct any inaccurate or incomplete personal data.
• Right to Erasure ("Right to be Forgotten"): You have the right to request the deletion of your personal data in certain circumstances, such as when the data is no longer necessary for the purposes for which it was collected. This right is subject to our legal and regulatory obligations to retain certain records.
• Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format, and to request that we transmit it to another controller, where technically feasible.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your personal data in certain circumstances, such as when you contest the accuracy of the data.
• Right to Object: You have the right to object to the processing of your personal data based on our legitimate interests. We will cease processing unless we demonstrate compelling legitimate grounds that override your interests, rights, and freedoms.
• Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
• Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority. The relevant supervisory authority is the Financial Services Commission (FSC) of Mauritius.

7.1. How to Exercise Your Rights

To exercise any of the above rights, please submit a written request to our Data Protection Officer at:

We will respond to your request within 30 calendar days of receipt. We may request additional information to verify your identity before processing your request. In certain circumstances, we may charge a reasonable fee or refuse your request if it is manifestly unfounded or excessive.

8.1. NextTrade may use automated decision-making processes, including profiling, for the following purposes:

• AML/KYC Screening: Automated screening of client data against sanctions lists, PEP databases, and adverse media databases;
• Fraud Detection: Automated analysis of trading patterns, deposit/withdrawal behaviour, and login activity to detect potentially fraudulent or suspicious activity;
• Risk Profiling: Automated assessment of your trading experience and financial situation to determine the appropriateness of our services for you.

8.2. Where automated decisions produce legal effects or similarly significant effects on you, you have the right to request human intervention, to express your point of view, and to contest the decision.

9.1. NextTrade's Services are not intended for persons under the age of 18 (or the age of legal majority in the relevant jurisdiction). We do not knowingly collect personal data from children.

9.2. If we become aware that we have collected personal data from a person under the age of 18, we will take steps to delete such data as soon as reasonably practicable and close any associated account.

9.3. If you believe that we have inadvertently collected data from a minor, please contact our Data Protection Officer immediately.

10.1. NextTrade implements appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include, but are not limited to:

• Encryption of data in transit (TLS/SSL) and at rest;
• Multi-factor authentication for account access;
• Regular security assessments and penetration testing;
• Access controls limiting data access to authorised personnel on a need-to-know basis;
• Employee training on data protection and security best practices;
• Incident response procedures for data breach management;
• Regular backup and disaster recovery processes;
• Physical security measures at our data centres and offices.

10.2. While we take extensive measures to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security but are committed to maintaining industry-standard protections.

10.3. In the event of a data breach that is likely to result in a high risk to your rights and freedoms, we will notify you and the relevant supervisory authority in accordance with applicable data protection law.

11.1. Our website may contain links to third-party websites, services, or applications. This Privacy Policy does not apply to those third-party sites, and we are not responsible for their privacy practices.

11.2. We encourage you to review the privacy policies of any third-party websites you visit before providing them with any personal data.

12.1. We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. Material changes will be communicated to you via email and/or a prominent notice on our website.

12.2. The "Last updated" date at the top of this page indicates when the policy was most recently revised. We encourage you to review this policy periodically.

12.3. Your continued use of our Services after any changes to this Privacy Policy constitutes your acceptance of the updated policy.

If you have any questions, concerns, or requests regarding this Privacy Policy or our data processing practices, please contact our Data Protection Officer:

You also have the right to lodge a complaint with the relevant data protection supervisory authority: