CFDs are complex instruments and come with a high risk of losing money rapidly due to leverage. 76% of retail investor accounts lose money when trading CFDs with this provider.

Login Open Account
Legal

Privacy Policy

Last updated: 1 May 2025  ·  Effective date: 1 June 2025

1. Introduction

ultraplustrading Markets Limited and its affiliated entities ("ultraplustrading", "we", "us", or "our") are committed to protecting your personal information and your right to privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, use our trading platforms, or otherwise engage with our services.

By accessing or using our platforms, you acknowledge that you have read, understood, and agree to the practices described herein. If you do not agree, please discontinue use of our services.

This policy applies to all services provided by ultraplustrading Markets (MU) Ltd (FSC Mauritius, GB22200605), ultraplustrading Markets Limited (FSA St. Vincent, 26183 BC 2021), and ultraplustrading Markets ZA Pty Ltd (FSCA South Africa, FSP 53103).

2. Who We Are

ultraplustrading operates as a multi-jurisdictional financial services group. The data controller for your personal information depends on the regulated entity with which you hold your trading account:

  • ultraplustrading Markets (MU) Ltd — Ebene House, Hotel Avenue, 33 Cybercity, Ebene, 72201, Mauritius. Regulated by the Financial Services Commission (FSC).
  • ultraplustrading Markets Limited — Beachmont Business Centre, 321 Kingstown, St. Vincent and the Grenadines. Registered with the Financial Services Authority (FSA).
  • ultraplustrading Markets ZA Pty Ltd — 1st Floor, Cnr Kildare Road, Newlands, Cape Town, 7550, South Africa. Regulated by the Financial Sector Conduct Authority (FSCA, FSP 53103).

To determine which entity controls your data, or to raise a data-related query, please contact our Data Protection Officer at support@ultraplustrading.com.

View Certificate

3. Data We Collect

3.1 Information You Provide Directly

  • Identity data: Full legal name, date of birth, nationality, government-issued ID numbers (passport, national ID, driving licence)
  • Contact data: Email address, phone number, residential address, billing address
  • Financial data: Bank account details, payment card information (processed via PCI DSS certified processors — card numbers are never stored on our servers), source of funds declarations, tax identification numbers
  • KYC / AML data: Proof of identity and address documents, politically exposed person (PEP) declarations, sanctions screening data
  • Trading profile: Trading experience and knowledge, risk appetite, investment objectives, annual income range, employment status
  • Communications: Records of messages sent via live chat, email, telephone, and support tickets

3.2 Information Collected Automatically

  • Device & technical data: IP address, browser type and version, operating system, device identifiers, screen resolution
  • Usage data: Pages visited, time on site, features used, links clicked, login timestamps, session duration
  • Trading data: Order and execution history, account balance history, open positions, deposits and withdrawals, margin usage
  • Location data: Country and approximate region derived from IP address (not precise GPS location)
  • Cookies: Session cookies, authentication tokens, analytics identifiers — see Section 9

3.3 Information From Third Parties

  • Identity verification agencies and eKYC providers (e.g., Onfido, Sumsub)
  • Sanctions screening and PEP database providers (e.g., Refinitiv World-Check)
  • Payment processors and banking partners
  • Credit reference bureaus (where applicable for risk assessment)
  • Publicly available sources: regulatory registers, company filings, news archives

4. How We Use Your Data

We process your personal data strictly for the purposes below. We will never sell your personal data to third parties for their own commercial purposes.

PurposeData CategoriesLegal Basis
Account registration & onboardingIdentity, contact, financialContract
KYC / AML complianceIdentity, KYC documentsLegal obligation
Providing trading servicesAll account & trading dataContract
Payment processingFinancial, identityContract
Customer supportContact, communicationsContract
Fraud prevention & securityDevice, usage, financialLegitimate interests
Regulatory reporting & auditsIdentity, trading dataLegal obligation
Marketing communicationsContact, preferencesConsent
Platform analytics & improvementUsage, device dataLegitimate interests
Legal claims & disputesAll relevant dataLegitimate interests
Suitability & appropriateness assessmentTrading profile, financialLegal obligation

5. Legal Basis for Processing

  • Performance of a contract: Processing necessary to provide our trading services under the Client Agreement, including account opening, order execution, and payment processing
  • Legal obligation: Processing required by AML/CFT laws, tax reporting, and regulatory obligations under the FSC, FSCA, and FSA
  • Legitimate interests: Processing for fraud prevention, IT security, and business analytics, where our interests are not overridden by your fundamental rights
  • Consent: Processing for marketing communications, non-essential cookies, and other purposes where explicit consent has been obtained. You may withdraw consent at any time without affecting prior lawful processing

6. Data Sharing & Disclosure

We share data only where necessary, with appropriate contractual safeguards in place.

6.1 Service Providers (Data Processors)

  • Identity verification and eKYC providers
  • Payment processors and banking partners (PCI DSS Level 1 certified)
  • Cloud infrastructure providers under data processing agreements
  • Customer support and live chat platforms
  • Email delivery, notification, and analytics providers
  • Legal, accounting, and external audit firms

6.2 Regulatory & Legal Disclosure

We may be required to disclose your information to regulators, law enforcement, tax authorities, financial intelligence units, or courts. This includes obligations under the FSC, FSCA, and international FATF AML/CFT frameworks.

6.3 Group Companies

We may share data within the ultraplustrading group for operational, compliance, and risk management purposes, subject to binding intra-group data sharing agreements at equivalent protection standards.

6.4 Business Transfers

In a merger, acquisition, or asset sale, your data may be transferred. We will provide at least 30 days' notice before any such transfer, and you retain the right to request deletion where legally permissible.

7. International Data Transfers

Your data may be processed in countries including Mauritius, St. Vincent and the Grenadines, Lithuania, and the United Kingdom. Where we transfer data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses (SCCs) approved by relevant data protection authorities
  • Data processing agreements with all third-party processors
  • Transfer impact assessments where required
  • Binding corporate rules within the ultraplustrading group where applicable

To request details of safeguards for a specific transfer, contact support@ultraplustrading.com.

8. Data Retention

We retain personal data only for as long as necessary to fulfil the stated purposes and comply with regulatory obligations:

  • Active account data: Duration of your account relationship
  • KYC / AML records: Minimum 5 years after account closure (up to 10 years where required)
  • Trading and transaction records: 5–7 years after the relevant transaction date
  • Support and communications: 3 years from the date of the communication
  • Marketing consent records: Until withdrawal, plus 1 year
  • Legal claim data: Until resolution plus applicable limitation periods

Upon expiry of retention periods, data is securely deleted or irreversibly anonymised in accordance with our certified data destruction procedures.

9. Cookies & Tracking Technologies

We use cookies and similar technologies to deliver and improve our services. A cookie is a small text file stored on your device.

9.1 Types of Cookies

  • Strictly necessary: Essential for platform operation — session management, authentication, security. Cannot be disabled
  • Preference cookies: Remember your settings such as language, theme, and trading defaults across sessions
  • Analytics cookies: Aggregate usage data to improve our platform (e.g., Google Analytics). Only set with your consent
  • Marketing cookies: Deliver relevant content and measure campaign effectiveness. Set only with explicit consent

9.2 Managing Cookies

Manage your preferences via the cookie banner on first visit, or through your browser settings at any time. To opt out of Google Analytics, use the Google Analytics opt-out add-on.

⚠️ Disabling strictly necessary cookies will prevent login and platform access. Non-essential cookies can be disabled without affecting core functionality.

10. Your Rights

Subject to applicable law, you have the following rights regarding your personal data:

  • Right of access: Request a copy of personal data we hold about you and information on how it is processed
  • Right to rectification: Request correction of inaccurate or incomplete data
  • Right to erasure: Request deletion where data is no longer necessary, subject to legal retention obligations
  • Right to restriction: Request temporary or permanent restriction of processing in certain circumstances
  • Right to data portability: Receive your data in a structured, machine-readable format (e.g., CSV or JSON)
  • Right to object: Object to processing based on legitimate interests or for direct marketing purposes
  • Right to withdraw consent: Withdraw consent at any time without affecting prior lawful processing
  • Right against automated decisions: Not be subject to decisions based solely on automated processing with significant legal effects
  • Right to complain: Lodge a complaint with your local data protection supervisory authority

To exercise any right, email support@ultraplustrading.com with your name, account email, and a description of your request. We will acknowledge within 72 hours and respond fully within 30 calendar days (extendable by 60 days for complex requests, with notice). Identity verification may be required.

11. Security

We implement comprehensive technical and organisational measures to protect your data against unauthorised access, alteration, disclosure, or destruction:

  • 256-bit SSL/TLS encryption for all data in transit
  • AES-256 encryption for sensitive data at rest
  • PCI DSS Level 1 compliance for payment card data
  • Multi-factor authentication (MFA) enforced for account access
  • Role-based access controls (RBAC) limiting data access to authorised personnel only
  • Regular penetration testing, vulnerability assessments, and independent security audits
  • 24/7 intrusion detection systems (IDS) and security operations monitoring
  • Formal incident response and breach notification procedures

In the event of a data breach posing risk to your rights, we will notify you and the relevant supervisory authority within legally required timeframes (typically 72 hours).

⚠️ ultraplustrading will never ask for your password via email, phone, or live chat. If you receive such a request, treat it as fraudulent and contact support immediately.

12. Children's Privacy

Our services are strictly not directed to individuals under 18 years of age. We do not knowingly collect personal data from minors. Age verification is performed during account registration.

If you believe a minor has provided us with personal data, contact support@ultraplustrading.com immediately. Upon verification, we will promptly delete the data and return any deposited funds in accordance with our procedures.

13. Changes to This Policy

We may update this policy to reflect changes in our practices, technology, or regulatory requirements. When we make material changes we will:

  • Update the "Last updated" and "Effective date" fields at the top of this page
  • Email all registered account holders at least 14 days before the effective date of material changes
  • Display a prominent notice on our website and trading platform
  • Seek renewed consent where required by law

Continued use of our services after the effective date constitutes acceptance of the revised policy.

14. Contact Us

For any questions, concerns, or requests relating to this Privacy Policy or the processing of your personal data, please contact our Data Protection Officer:

Data Protection Officer
Email: support@ultraplustrading.com
Address: ultraplustrading Markets (MU) Ltd, Office 713, 7th Floor, Nexsky Building, Ebene Cybercity, 72201, Mauritius

South African clients: privacy.za@ultraplustrading.com
General support: Contact page  |  support@ultraplustrading.com

We acknowledge all enquiries within 2 business days and respond fully to formal data rights requests within 30 calendar days.

If unsatisfied with our response, you may escalate to your local supervisory authority: Data Protection Office Mauritius or the Information Regulator (South Africa).