Introduction

NFINX (“we,” “our,” or “us”) is committed to protecting the privacy and security of your personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our B2B CRM platform designed for trading brokerages and financial service providers.

This policy applies to all users of our platform, including employees, administrators, and clients of our brokerage customers. By using NFINX, you consent to the data practices described in this policy. Our commitment to privacy extends beyond legal compliance to building trust with our business partners and ensuring the security of sensitive financial and trading data.

Information We Collect

Personal Information

We collect personal information that you provide directly to us through various interactions with our platform. This includes business contact information such as your name, email address, phone number, and company details that are essential for account creation and platform access. We also collect account credentials and authentication data to ensure secure access to our services, along with professional information including your job title, department, and role within your brokerage organization.

Your communication preferences and settings help us deliver relevant information and updates about our platform and services. For subscription services, we collect payment and billing information to process transactions and maintain your account status. This information is processed securely and in accordance with applicable financial regulations and data protection laws.

Trading and Financial Data

As a CRM platform specifically designed for trading brokerages, we may process various types of trading and financial data that are essential for your business operations. This includes client trader information that you manage through our platform, including trader account details, identifiers, and profile information. We also process transaction records and trading history to provide comprehensive client management capabilities and compliance reporting features.

Compliance documentation and verification records are handled with the highest level of security, including KYC (Know Your Customer) and AML (Anti-Money Laundering) documentation that your brokerage is required to maintain. Risk management data and performance metrics are processed to help you monitor and manage your trading operations effectively. All financial data processing is conducted in strict compliance with financial services regulations and industry best practices.

Technical Information

We automatically collect certain technical information when you use our platform to ensure optimal performance and security. This includes IP addresses and device identifiers that help us maintain secure access and detect potential security threats. Browser type and version information, along with operating system and platform details, enable us to provide a consistent user experience across different devices and systems.

Usage patterns and feature interactions are analyzed to improve our platform’s functionality and user experience. Error logs and performance data help us identify and resolve technical issues promptly. We use cookies and similar tracking technologies to enhance platform functionality, remember your preferences, and provide personalized experiences while maintaining your privacy and security.

How We Use Your Information

Platform Operations

We use your information to provide and maintain our comprehensive CRM services that support your brokerage operations. This includes account creation and user management processes that ensure secure access for all authorized personnel within your organization. Platform access and authentication systems protect your sensitive data while providing convenient access to authorized users.

Feature customization and personalization options allow us to tailor the platform experience to your specific business needs and workflows. Technical support and troubleshooting services utilize your information to provide efficient and effective resolution of any issues you may encounter. Service updates and maintenance activities are conducted to ensure your platform remains current with the latest features and security enhancements.

Business Intelligence

We analyze usage data to continuously improve our platform and services, ensuring we meet the evolving needs of trading brokerages. Performance optimization and system enhancements are based on real-world usage patterns to deliver the best possible user experience. Feature development and user experience improvements are guided by actual usage data to ensure new capabilities address genuine business needs.

Security monitoring and threat detection systems analyze patterns to identify and prevent potential security risks before they can impact your operations. Service quality assessment and optimization processes ensure that our platform maintains the high standards expected by financial services organizations. This analysis is conducted using aggregated and anonymized data to protect individual privacy while improving overall service quality.

Compliance and Legal Obligations

We process data to meet the complex regulatory requirements that govern the financial services and trading industries. Anti-money laundering (AML) compliance processes ensure that your brokerage meets its regulatory obligations for monitoring and reporting suspicious activities. Know Your Customer (KYC) verification processes support your customer onboarding and due diligence requirements.

Financial services regulations and reporting requirements are supported through our platform’s compliance features and data processing capabilities. Legal proceedings and dispute resolution processes may require us to provide information in accordance with applicable laws and court orders. Government requests and law enforcement cooperation are handled in strict accordance with legal requirements while protecting your rights and interests.

Information Sharing and Disclosure

Service Providers

We may share your information with trusted third-party service providers who assist us in operating our platform and delivering our services. These partnerships are essential for providing you with a comprehensive and reliable CRM solution. Cloud hosting and infrastructure providers ensure your data is stored securely and accessed reliably from anywhere in the world.

Payment processors and billing services handle financial transactions securely and in compliance with payment industry standards. Customer support and communication tools enable us to provide responsive and effective support when you need assistance. Analytics and monitoring services help us maintain platform performance and identify areas for improvement. Security and fraud prevention services protect your data and transactions from potential threats.

All service providers are carefully selected and bound by strict confidentiality and data protection agreements that meet or exceed our own privacy standards. We maintain oversight of their data handling practices and require them to implement appropriate security measures to protect your information.

Legal Requirements

We may disclose your information when required by law or to protect our rights and the rights of our users. Compliance with applicable laws and regulations may require us to provide information to regulatory authorities or government agencies. Response to legal process and court orders is handled in accordance with legal requirements while protecting your interests to the greatest extent possible.

Protection of our rights, property, or safety may require disclosure in situations where there is a legitimate threat or risk. Investigation of potential violations or fraud helps maintain the integrity of our platform and protects all users. Cooperation with regulatory authorities supports the overall security and compliance of the financial services ecosystem.

Business Transfers

In the event of a merger, acquisition, or sale of assets, your information may be transferred as part of the business transaction. Such transfers are conducted with appropriate confidentiality protections and in accordance with applicable data protection laws. We ensure that any successor organization maintains the same level of privacy protection and security standards that you expect from NFINX.

Data Security and Protection

Security Measures

We implement comprehensive security measures to protect your information from unauthorized access, use, or disclosure. Encryption of data in transit and at rest ensures that your sensitive information remains protected throughout all stages of processing and storage. Multi-factor authentication and access controls provide multiple layers of security to prevent unauthorized access to your account and data.

Regular security audits and vulnerability assessments help us identify and address potential security risks before they can be exploited. Employee training and security awareness programs ensure that our team understands and follows best practices for protecting your information. Incident response and breach notification procedures are in place to respond quickly and effectively to any security incidents.

Our security infrastructure is designed to meet the stringent requirements of the financial services industry and exceeds standard security practices. We continuously monitor and update our security measures to address emerging threats and maintain the highest level of protection for your data.

Data Retention

We retain your information only as long as necessary to fulfill the purposes outlined in this policy and to comply with applicable legal and regulatory requirements. Active account data is maintained while your account is active and you continue to use our services. Financial and compliance records are retained as required by law, which may include longer retention periods for certain types of financial data.

Backup and archival data is securely stored and managed to ensure business continuity and disaster recovery capabilities. Deletion requests are processed in accordance with applicable regulations and our commitment to respecting your privacy preferences. We maintain clear retention schedules and procedures to ensure that data is not retained longer than necessary.

Your Rights and Choices

Access and Control

You have comprehensive rights to access, correct, or delete your personal information in accordance with applicable data protection laws. You can review and update your account information at any time through our platform’s user interface. Request correction of inaccurate or incomplete data to ensure that our records are accurate and up-to-date.

Delete your account and associated data when you no longer need our services, subject to legal and regulatory retention requirements. Export your data in a portable format to facilitate transfer to other service providers or for your own records. Opt out of certain communications and marketing activities while still receiving essential service-related communications.

Data Portability

You may request a copy of your personal information in a structured, machine-readable format for transfer to another service provider. This right supports your ability to switch between service providers and maintain control over your data. We will provide your data in a commonly used format that can be easily processed by other systems.

Withdrawal of Consent

You may withdraw your consent to data processing at any time, subject to legal and contractual obligations that may require continued processing for compliance or service delivery purposes. Withdrawal of consent will not affect the lawfulness of processing that occurred before the withdrawal. We will inform you of any consequences of withdrawing consent, such as limitations on service availability.

International Data Transfers

Global Operations

NFINX operates globally to serve trading brokerages worldwide, which may require transferring your information to countries outside your residence. Data centers and cloud infrastructure locations are strategically positioned to provide optimal performance and reliability for our global user base. Service providers and business partners worldwide help us deliver comprehensive services and support.

Regulatory compliance and legal requirements may necessitate data transfers to meet local regulatory obligations and support your compliance needs. Cross-border business operations and support ensure that you receive consistent service quality regardless of your location. All international transfers are conducted with appropriate safeguards and in compliance with applicable data protection laws.

Adequacy and Safeguards

We ensure appropriate safeguards for international data transfers to protect your information regardless of where it is processed. Standard contractual clauses and data protection agreements provide legal frameworks for secure data transfers between countries. Adequacy decisions and approved transfer mechanisms ensure compliance with international data protection standards.

Technical and organizational security measures are implemented to protect data during international transfers and processing. Regular assessment of transfer risks and compliance helps us maintain the highest standards of data protection across all jurisdictions. We monitor changes in international data protection laws and adjust our practices accordingly.

Cookies and Tracking Technologies

Cookie Usage

We use cookies and similar technologies to enhance your experience and provide essential platform functionality. Essential cookies are required for basic platform functionality and cannot be disabled without affecting your ability to use our services. Performance cookies help us analyze platform usage and optimize performance to provide the best possible user experience.

Preference cookies remember your settings and customization choices to provide a personalized experience. Marketing cookies help us deliver relevant content and offers that may be of interest to your business. All cookie usage is designed to improve your experience while respecting your privacy preferences.

Cookie Management

You can control cookie settings through your browser preferences and our platform settings. Accept or reject non-essential cookies based on your privacy preferences while maintaining essential functionality. Delete existing cookies and browsing data to remove stored information and start fresh. Configure browser privacy and security settings to enhance your overall privacy protection. Opt out of third-party tracking and analytics while still benefiting from our core platform features.

Children’s Privacy

NFINX is designed for business use and is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children under 18, as our platform is specifically designed for professional use by trading brokerages and financial service providers. If we become aware that we have collected such information, we will take steps to delete it promptly and investigate the circumstances to prevent future occurrences.

Changes to This Policy

Policy Updates

We may update this Privacy Policy from time to time to reflect changes in our practices, technological developments, or applicable laws and regulations. Material changes that affect your rights or how we process your information will be communicated through platform notifications and other appropriate channels. Updated policies will be posted on our website with clear effective dates to ensure transparency about when changes take effect.

Continued use of our platform after policy updates constitutes acceptance of the updated policies, though we will always notify you of significant changes that may affect your rights or privacy. Historical versions of our privacy policy are available upon request to help you understand how our practices have evolved over time.

Notification Process

We will notify you of significant changes through multiple channels to ensure you are informed of important updates. Email notifications will be sent to registered users for material changes that affect their privacy rights or data processing practices. Platform announcements and in-app notifications will provide immediate visibility of important policy updates. Website updates and policy publication will ensure that current information is always available. Direct communication will be used for material changes that may significantly impact your use of our services.

Contact Information

Privacy Inquiries

If you have questions about this Privacy Policy or our data practices, we encourage you to contact us directly. Our dedicated Data Protection Officer is available to address your privacy concerns and provide guidance on your rights and our practices. You can reach us through multiple channels to ensure convenient access to privacy support.

We are committed to responding to privacy inquiries promptly and thoroughly, typically within 30 days of receiving your request. Our privacy team is trained to handle sensitive inquiries with the appropriate level of care and confidentiality.

Regulatory Authorities

You have the right to lodge a complaint with your local data protection authority if you believe we have not addressed your privacy concerns adequately or if you believe your rights have been violated. We encourage you to contact us first to resolve any issues, but we respect your right to seek external review when necessary. We will cooperate fully with any regulatory investigation and work to resolve any identified issues promptly.

Effective Date: This Privacy Policy is effective as of 07/02/2025 and supersedes all previous versions.