Privacy Policy

Our Privacy Policy below describes in detail how MFM Securities handles the collection, management, and protection of all confidential user information.


Our client privacy is very important to us. We are committed to protecting and respecting our clients’ personal data. This Privacy Policy describes what types of personal data we collect about our client when you choose to use our services, how we will use your personal data, when and with whom we share it, and how we will keep it safe. It also details your rights in respect of our processing of your personal information and how you may exercise them. Please take the time to read and understand this policy.

We may make changes to this notice from time to time and it is important that you check this notice for any updates. Any personal information we hold will be governed by the current privacy notice at the given time. If we make changes, we consider to be important, we will communicate them to you.

Please note that this notice is addressed to clients and potential clients. If you are a MFM Securities employee or a third-party service provider, your personal information will be used in connection with your employment contract, your contractual relationship, or in accordance with our separate policies which are available by contacting us.

Any reference to ‘us’, ‘our’, ‘we’, or ‘MFM Securities’ in this privacy notice is a reference to each group company within the MFM Securities Limited as the context requires unless otherwise stated. Similarly, any reference to ‘you’, ‘your’, ‘yours’, or ‘yourself’ in this privacy notice is a reference to any of our customers and potential clients as the context requires unless otherwise stated.

By accessing our websites, including using any of the communication channels to contact us, we consider that you have read and understood the terms of this notice and how we process any information you disclose to us including personal data prior to becoming a client. Once you open an account with us you agree that this notice, including any amendments, will govern how we collect, store, use, share, and in any other form process your personal data and your rights during our business relationship and after its termination.

The Personal Information do we collect and store.

As part of our business, we collect personal data from customers and potential customers that include the following:

Details of your visits to our Website or our Apps include, but are not limited to, traffic data, location data, weblogs and other communication data.

We use cookies to store and collect information about your use of our Website. Cookies are small text files stored by the browser on your equipment’s hard drive. They send information stored on them back to our web server when you access our Website. These cookies enable us to put in place personal settings and load your personal preferences to improve your experience. You can find out more about our cookies on our “Cookies Policy” available on our Website.

We also keep records of your trading behaviour, including a record of:


We are required by law to identify you if you are opening a new account or adding a new signatory to an existing account. Anti-money laundering laws require us to sight and record details of certain documents (i.e. photographic and non-photographic documents) to meet the standards, set under those laws. Identification documentation, as required under anti-money laundering legislation or other legislation relevant to the services we provide to you includes:

(a) passport;

(b) driver’s licence;

(c) national identity card (if applicable);

(d) utility bills;

(e) trust deed (if applicable);

(f) a credit check on the individual; or

(g) other information we consider necessary to our functions and activities.

If you are a corporate client, we are required to collect additional information such as corporate documents of address, shareholders, directors, officers including additional personal information on the Shareholders and Directors. We have the right to ask for any additional information we deem necessary to be compliant with our legal and regulatory requirements.

We obtain this information in a number of ways through your use of our services and websites, the account opening applications, our demo signs up forms, webinar signs up forms, website cookies and similar tracking technology built into our Websites and Apps, subscribing to news updates and from information provided in the course of our ongoing relationship.

We may also collect this information about you from third parties either through bought-in third party marketing lists, publicly available sources, social media platforms, introducing brokers and affiliates, bankers and credit card processors, subscription-based intelligence databases and other third-party associates.

We may ask for other personal information voluntarily from time to time (for example, through market research, surveys or special offers). If you choose not to provide the information, we need to fulfil your request for a specific product or service, we may not be able to provide you with the requested product or service.

We may record any communications, electronic, by telephone, in person or otherwise, that we have with you in relation to the services we provide to you and our relationship with you. These recordings will be our sole property and will constitute evidence of the communications between us. Such telephone conversations may be recorded without the use of a warning tone or any other further notice.

Further, if you visit any of our offices or premises, we may have CCTV which will record your image.

The Disclosing Personal Information

As part of using your personal information for the purposes set out above, we may disclose your information to:

We endeavor to disclose to these third parties only the minimum personal data that is required to perform their contractual obligations to us. Our third-party service providers are not permitted to share or use personal data we make available to them for any other purpose than to provide services to us.

Our websites or our apps may have links to external third-party websites. Please note, however, that third-party websites are not covered by this privacy notice and those sites are not subject to our privacy standards and procedures. Please check with each third party as to their privacy practices and procedures.

How we obtain your consent?

We may process your personal data for one or more lawful bases of processing (“Lawful Basis”) depending on the specific purpose for which we are using your data.

The Lawful basis are the following:

Where our use of your personal information does not fall under one of these three Lawful basis, we require your consent. Such consent shall be freely given by you, and you have the right to withdraw your consent at any time by contacting us using the contact details set out in this privacy notice or by unsubscribing from email lists.

We may use personal data provided by you through our website or otherwise and personal data provided during our business relationship to communicate with you for marketing promotional purposes as well as to provide you with market news and analytical reports. The channels used for such communications may include calling you, sending emails, notifications through your online account portal and sms notifications including push notifications.

Managing your Personal Information

We are committed to safeguarding and protecting personal data and will implement and maintain appropriate technical and organisational measures to ensure a level of security appropriate to protect any personal data provided to us from accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to personal data transmitted, stored or otherwise processed.

We have appointed a Data Protection Officer to ensure that our management of personal information is in accordance with this privacy notice and the applicable legislation.

We require organizations outside the MFM Securities Limited who handle or obtain personal information acknowledge the confidentiality of this information, undertake to respect any individual’s right to privacy and comply with all relevant data protection laws and this privacy notice.

In brief, the data protection measures we have in place are the following:

How long do we store your Personal Information?

We hold personal information in a combination of secure computer storage facilities and paper-based files and other records and take steps to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure.

When we consider that personal information is no longer needed, we will remove any details that will identify you or we will securely destroy the records.

However, we may need to maintain records for a significant period of time. For example, we are subject to investment services and anti-money laundering laws which require us to retain copies and evidence of the actions taken by us in regard to your identity verification, sources of incomes and wealth, monitoring of your transactions, telephone, chat and email communications, orders and trades history, handling of your complaints and records that can demonstrate that we have acted in line with regulatory code of conduct throughout the business relationship. These records must be maintained for a period of five years after our business relationship with you has ended or even longer if we are asked by our Regulators.

Personal data provided by you as a prospective client during account opening registration in case the registration was never completed or your account opening application was rejected, will be maintained for six months unless there is a regulatory reason requiring us to keep it for a longer period of time.

Where you have opted out of receiving marketing communications we will hold your details on our suppression list so that we know you do not want to receive these communications.

Our client rights

Please note that these rights do not apply in all circumstances. You are entitled to:

request restriction of processing of your personal data. This enables you to ask us to suspend the processing of your personal data in the following scenarios:

  • if you want us to establish the data’s accuracy;
  • where our use of the data is unlawful, but you do not want us to erase it;
  • where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or
  • you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it;

Please complete the personal data request by email using the registered email address you disclosed to us, to the following email address: [email protected]

Erasure requests can also be submitted through your online portal.

We try to respond to all requests within 3 to 5 working days. Occasionally, it may take us longer than 3 to 5 working days if your request is particularly complex or you have made a number of requests. In this case, we will notify you within 3 to 5 working days of the receipt of your request and keep you updated.

We may charge you a reasonable fee when a request is manifestly unfounded, excessive or repetitive, or we receive a request to provide further copies of the same data. In this case we will send you a fee request which you will have to accept prior to us processing your request. Alternatively, we may refuse to comply with your request in these circumstances.