Privacy Notice

Monex Europe Markets S.V., S.A.U. acts as data controller under GDPR (2016/679) and Spanish data protection laws including Organic Law 3/2018.

This notice applies to three contexts:

1. Personal data processed when you visit and use our website
2. Any natural person contacted through our direct marketing strategy by phone or email
3. Personal data processed to service our potential and existing clients

Personal data must be: used lawfully, fairly and transparently; collected only for valid purposes clearly explained; relevant and limited to what is necessary; accurate and up to date; retained only as long as necessary; and kept securely.

4.1 Website: browser type and settings, log data (referring page, pages visited, time spent, search terms, IP address, access dates/times, statistics), interaction history with web pages.

4.2 Marketing: call logs, email exchanges with staff.

4.3 Clients (at registration): full name, email address, phone number, address, nationality, date of birth, identification documents and signature. During the commercial relationship: account activity including payment instructions, communications with staff, use of online portals.

4.4 From Other Sources: name, date of birth, country of residence, corporate email, profession — collected from LinkedIn, Companies House, news sources for marketing; credit information, references, and legal and compliance checks for clients.

4.5 Cookies: See separate Cookie Policy.

5.1 Website: interact with users; provide support services; facilitate navigation; improve site and products; offer content and services of interest.

5.2 Marketing: direct marketing of services of legitimate interest; monitoring and recording of emails and calls for quality assurance, training, fraud prevention, statistical data collection, and regulatory compliance.

5.3 Clients: registration; identification and account management; sending contractual notes; regulatory compliance; processing transactions; statistical and behavioural analysis; quality assurance; training; fraud prevention.

Data may be shared with: group companies and affiliates; contractors, subcontractors, business partners, introducers, service providers; credit reference agencies; law enforcement bodies; legal representatives and consultants; IT processors (ClaireLogic, DataArt Solutions, Microsoft Exchange, Microsoft Azure). Data is never sold.

Processing occurs under: service fulfillment, legal obligation, legitimate interests (marketing, dispute evidence, regulatory compliance, business operations), and consent (for direct marketing per Law 34/2002).

Retained per the Data Retention Policy and contract lifecycle. Extended periods apply for legal/regulatory requirements and fraud prevention. Data is destroyed, erased, or anonymized when no longer needed.

Encrypted storage; limited access; confidentiality obligations; breach notification procedures. Internet transmission cannot guarantee complete security.

Data may transfer outside the EEA with appropriate safeguards such as standard contractual clauses.

Clients are asked at registration. Potential clients are processed per the marketing sections above. Recipients may unsubscribe at any time.

Credit searches recorded with reference agencies. Personal account conduct may be disclosed to agencies. Other credit businesses may use data for credit decisions, tracing debtors, and fraud detection.

• Right of access: copies of personal data and processing details
• Right of rectification: correct inaccurate or incomplete data
• Right of erasure: deletion under certain conditions
• Right to restrict processing
• Right to object to processing (including marketing)
• Right to data portability
• Right to lodge complaint with AEPD (Agencia Española de Protección de Datos), Calle de Jorge Juan 6, 28001 Madrid

Response deadline: one month.

Last updated 1 July 2024. Changes notified via email or website notice.

Email: gdpr@monexeurope.eu
Address: Torre Picasso, Plaza Pablo Ruiz Picasso 1, 28020 Madrid, Spain
Data Protection Officer: RS SERVICIOS JURÍDICOS S.L. — dpo@rsprivacidad.es

Contact via above details; escalate to AEPD if unsatisfied (+34 901 100 099 / aepd.es).

Fields marked with asterisks (*) are mandatory. Other fields are voluntary. All requested data is necessary for optimal service provision.

The organisation implements GDPR and LOPDGDD technical and organisational measures protecting user rights and freedoms.