CM Index LTD (hereinafter the “Company” or “we”) which is a member of the CM Index LTD, is incorporated under the laws of Saint Vincent and the Grenadines having its registered office at Suite 305, Griffith Corporate Centre, P.O. Box 1510, Beachmont, Kingstown, Saint Vincent, and the Grenadines. The Company is authorized as an International Business Company under the International Business Companies (Amendment and Consolidation) Act, Chapter 149 of the Revised Laws of Saint Vincent and Grenadines, 2009 (herein the “Law”). This privacy statement covers the website and all its related subdomains and mobile applications that are registered and operated by CM Index LTD. The objects of the Company are all subject matters not forbidden by International Business Companies (Amendment and Consolidation) Act, Chapter 149 of the Revised Laws of Saint Vincent and the Grenadines, 2009, in particular, but not exclusively all commercial, financial, lending, borrowing, trading, service activities and the participation in other enterprises as well as to provide brokerage, training, and managed account services in currencies, commodities, indexes, CFDs, and leveraged financial instruments. The Company by the provisions of the Law outlines in the Privacy Policy (herein the “Policy”) how the Company collects, maintains, uses, and discloses personal information of the Client. This Policy applies to CM Index LTD which shall follow the principles as outlined herein.

This Policy applies to existing clients, prospective clients, and clients who have terminated their contractual relationship with the Company and website visitors (hereinafter jointly referred to as the “Clients” or “you”) who are accessing or using the Company’s website(s) and mobile applications (hereinafter referred to as the “Platforms”). The Company is committed to protecting the privacy of all Clients ‘Personal Data which it processes by the provisions of this Policy and the Company’s Terms of Business. For this Policy, references to “Personal Data” shall mean data that identifies or may identify Clients and which may include, for example, a Client’s name, address, identification number, telephone number, and date of birth.


The Company collects different types of Personal Data through the Company’s Platforms from Clients who visit such Platforms or access, use, or request products and services offered by the Company. The provision of certain Personal Data is required for establishing a contractual relationship with the Company. Clients not wishing to provide such Personal Data will not be able to open an account with the Company or be provided with other products and/or services of the Company. Clients have a responsibility to ensure that the Personal Data, they provide to the Company and recorded in their account remains accurate and up to date throughout their contractual relationship with the Company. In addition to the information provided by Clients, the Company also lawfully collects and processes Personal Data from publicly available sources (including, inter alia, the press, social media, and the internet) and third-party risk
management software solutions to meet its regulatory obligations and for confirming the validity of the provided information.

The Personal Data received from the Client, collected and processed by the Company are required for communication, identification, verification, and assessment of the business relationship established with the Client, contract performance, and legal compliance. The following Personal Data may be collected from Clients depending on the product and/or service the Company provides to them:

(a) Contact details such as the Client’s name, email address, and phone number. 

(b) Identification details such as the Client’s identification or passport number. 

(c) Biographical and demographic data such as gender, age, ethnicity, education, occupation, the Client’s financial trading experience, and whether he has a prominent public function status (PEP). 

(d) information such as the Client’s income status, bank account number, and account details, tax information, and other financial information. 

(e) Information relevant to the services that the Company provides to the Client such as the Client’s transactions and communication records with the Company. 

(f) Details of visitors’ and Clients’ visits to the Company’s website and information collected through cookies and other tracking technologies including IP address and domain name, browser version, operating system, and geolocation. 

(g) Information about criminal convictions and offenses to the extent required and/or permitted by applicable law. 

(h) Information about the client’s mobile device Call log with the permission of the client. 

(i) Your marketing preferences.


The Company understands the importance of protecting children’s privacy. The Company’s services are not intended for children under eighteen (18) years of age nor is the Company’s website designed for use by children. Therefore, the Company does not knowingly or specifically collect children’s data. If the Company collects such data mistakenly or unintentionally, the company shall delete the information at the earliest possible once it obtains knowledge thereof. If the Client becomes aware of such data collection, he/she shall notify the Company at [email protected]. The Company understands the importance of protecting the elderly’s privacy. The Company’s services are not intended for the elderly above sixty-five (65) years of age nor are the Company’s website designed for use by the elderly. Therefore, the Company does not knowingly or specifically collect elderly’s data. If the Company collects such data mistakenly or unintentionally, the Company shall delete the information at the earliest possible once it obtains knowledge thereof. If the Client becomes aware of such data collection, he/she shall notify the Company at [email protected]


The Company collects and processes Personal Data that is required for the evaluation, establishment, and maintenance of the contractual relationship between the Company and the Client and to comply with the Policy and applicable laws and regulations governing the provision of financial services. In In some cases, the Company may also process the Client’s Personal Data to pursue its legitimate interests or those of third parties provided that the Client’s interests and fundamental rights are not overridden by those of the Company or the third party.

(a) Where the Company needs to perform the contract, it has entered with the Client or to take certain steps before entering into a contract with the Client Processing is necessary for the Company to provide the Client with its products and services, and more specifically in order:

• To verify the Client’s identity and carry out any required credit checks; 

• To ensure that the Client meets the suitability requirements to use the Company’s products and services; 

• To manage the account the Client holds with the Company; 

• To process the Client’s transactions, and 

• To send to the Client any information about transactions/post-transactions services. If the Client does not provide the requested Personal Data, the Company may be unable to offer the client its products and/or services

(b) Where the Company needs to comply with a legal obligation As an investment firm, the Company is required to comply with certain legal and regulatory obligations which may involve the processing of Personal Data. Such obligations and requirements impose on the Company’s necessary data processing activities for identifying verifications, compliance with court orders, tax law or other reporting obligations, and anti-money laundering controls.

(c) Where the Company has legitimate interests to use the Client’s Personal Data More specifically, the Company may process the Personal Data for the following purposes:

• To develop or enhance its products and services;
• To enhance the security of the Company’s network and information systems;
• To identify, prevent and investigate fraud and other unlawful activities, unauthorized transactions, and other liabilities and manage risk exposure;
• To maintain its accounts and records;
• To manage its business operations and comply with internal policies and procedures;
• To defend, investigate or prosecute legal claims;
• To receive professional advice (such as legal advice), and 

• For the analysis of statistical data which helps the Company in providing its clients with better products and services in the future. It should be noted that the Company anonymizes and aggregate such data so that they do not directly or indirectly reveal the Clients’ identities. The Company may provide this statistical data to third parties(as described in more detail in Section 8) solely for statistical purposes and to improve the Company’s marketing campaign.

(d) Where the Client has given his consent

• The Company will ask for the Client’s consent when the Company wishes to provide marketing information to its Clients about its products or services that may be of interest to the Client.
• The Company will ask for Clients’ permission to access their mobile device call log for the sole purpose of completing the phone number verification process. The Client may withdraw such consent at any time. This right doesn’t affect the lawfulness of the processing that was based on that consent before its withdrawal.


A cookie is a small text file that is stored on a user’s computer for record-keeping purposes. The Company uses cookies on its website(s). The company does link the information that it stores in cookies to any Personal Data the Client submits while accessing the Company’s website(s). The Company uses both session ID cookies and persistent cookies. A session ID cookie does not expire when the Client closes his browser. A persistent cookie remains on the Client’s hard drive for an extended period. The Client can remove persistent cookies by following the directions provided in his Internet browser’s “help” file. The Company sets a persistent cookie for statistical purposes. Persistent cookies also enable the Company to track and target the location and the interests of its users and to enhance the experience of its services on the Company’s website(s). If the Client rejects cookies, he may still use the Company’s website(s), but the Client will not be able to use the client area and submit his online application form. Some of the Company’s business partners use cookies on the Company’s website(s). The company has no access to or control over these cookies.

Cookies Analysis

Below we provide the details of the cookies used and the options for further reading and opt-out: 

CM Index LTD persistent and session cookies are used to support our visitors’ and clients’ browsing experience:

Required: To enable the core functionality for the website and user accessibility. Functional To maintain the user’s authentication and personalization functions through our websites and client’s area. To serve users with the appropriate content and resources based on their preferences.

Analytical: To track users’ visits to our websites, identify their preferences and collect 5 online behavioral data for analysis and optimization.

Third-Party Cookies: Cookies by third-party providers are used on our websites to enable tools and services to our visitors and clients and support our internal analysis and marketing activities. The Company has no access to, or control over these cookies therefore will not be liable for misuse or loss of Personal Data resulting from cookies on the Company’s website(s) that the Company does not have access to or control over.

The Client or visitor of the Company’s website acknowledges that he can control and manage the above cookies through his web browser security and privacy settings. If you’d like to learn more about cookies as well as how to manage and delete them, visit:


The Company’s website contains or may contain links to other websites or social media platforms of interest. However, once you have used these links to leave the Company’s website, you should note that the Company does not have any control over those other websites. Therefore, the Company cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites, and such sites are not governed by this Policy. You should exercise caution and look at the privacy statement applicable to the website in question. The Company will not be liable for the unlawful or unauthorized use of the Client’s Personal Data due to misuse and/or malicious use and/or negligence and/or misplacement of the Client’s passwords either by him/her or any third party.


Under the applicable laws and regulations, the Company is required to keep records containing Client Personal Data, trading information, account opening documents, communications, and anything else that relates to the Client. However, the client can request an account deletion, platform deletion, or profile deletion through our support (via Live Chat) and mailing ([email protected]), or submit an official ticket from the client cabinet.


In the course of the performance of the Company’s contractual and statutory obligations, the Client’s Personal Data may be disclosed to third parties. Most such third parties enter into contractual arrangements with the Company by which they observe data protection and confidentiality. Under the circumstances referred to above, recipients of Personal Data may be, for example:

(a) third-party payment service providers who help the Company provide its clients with the services of secure deposit and withdrawal to and from a client’s account;
(b) other service providers that the Company
has chosen to support it in the effective provision of its products and services by offering technological expertise, solutions, and support;
(c) governmental and regulatory bodies, including law enforcement authorities and FSB, in connection with inquiries, proceedings or investigations by such parties or to enable the Company to comply with its legal and regulatory requirements;
(d) credit reference and fraud prevention agencies, third-party authentication service providers, and other financial institutions for credit checking, fraud prevention, and anti-money laundering controls;
(e) third-party service providers for the provision of the required customer support services through live chat and the Company’s website visits and traffic monitoring through cookies; (f) external consultants including legal and tax consultants;
(g) data reporting service providers;
(h) market research companies and call centers; and
(i) affiliates of the Company;

By the recommendations of the Payment Card Industry Security Standards Council, customer card details are protected using Transport Layer
encryption — TLS 1.2 and application layer with algorithm AES and key length 256 bit. The Company does not collect, store, or process any personal credit or debit card information. All payment transactions are processed through payment service providers.


The Company may process Personal Data to tell its clients about products, services, and offers that may be of interest to the Client. The company may only process such Personal Data if it has obtained the Client’s explicit consent to do so. If the Client no longer wishes to receive any promotional communications, he may opt-out of receiving them by following the instructions
included in each communication or by updating his email subscription preferences within the Client account area.


Clients have the following rights about their Personal Data:

(a) Right of access: The Client has the right to be informed whether the Company is processing his/her Personal Data and if so, to provide the Client with a copy of that Personal Data.
(b) Right to rectification: The Client is entitled to request that the Company correct or complete his/her Personal Data if it is inaccurate or incomplete.
(c) Right to erasure: This enables the Client to ask the Company to erase or remove the Client’s Personal Data under certain circumstances, such as when the Client withdraws his consent.

(d) Right to restrict processing: This enables the Client to ask the Company to restrict the processing of the Client’s Personal Data if:

• it is not accurate;
• it has been used unlawfully but the Client doesn’t want it to be deleted;
• it is not relevant anymore, but the Client wants the Company to keep it for use in possible legal claims;
• the Client has already asked the Company to stop using his Personal Data but he is waiting for the Company to confirm if it has legitimate grounds to use such Personal Data

(e) Right to data portability: The Client has the right to obtain his/her Personal Data provided to the Company in a structured, commonly used, and machine-readable format

(f) Right to object: The Client may ask the Company at any time to stop processing his/her Personal Data, and the Company will do so

• If the Company is relying on a legitimate interest to process the Client’s Personal Data and the Company cannot demonstrate compelling legitimate grounds for the processing, 

• If the Company is processing the Client’s Personal Data for direct marketing

(g) Rights of automated decision-making and profiling: The Client has the right to be free from decisions based solely on automated processing of his/her Personal Data, including profiling, that affect him/her, unless such profiling is necessary for entering into, or the performance of, a contract between Client and the Company or the Client provides explicit consent.

(h) Right to withdraw consent: If the Company relies on the Client’s consent to process his/her Personal Data, the Client has the right to withdraw that consent at any time. This will not affect the lawfulness of the processing that took place based on the Client’s prior consent.

(i) Right to complain about the data protection authority: If the Client has a concern about the Company’s privacy practices, including how the Company handled his/her Personal Data, the Client can report it to the relevant data protection authority. To exercise any of the above rights, the Client may contact the Company at [email protected].


When you make an application for account opening we will use systems to make an automated assessment of your knowledge and experience through the evaluation of an appropriateness test. Based on the results of such a test will then assign the appropriate leverage to your trading account. In such cases, you have the right to contact us to:

(a) give you information about the processing of your data (please also see Section 11 of this Policy about your rights); and/or

(b) request that one of our employees examines your application and obtain an explanation for the automated decision reached. You also have the right to challenge such a decision. Following such a request, we will reassess your application, taking into consideration both the reasons that a particular automated decision was reached as well as your point of view.


Personal Data which the Company holds is to be treated by the Company as confidential and will not be used for any purpose other than those specified in this Policy. Any Personal Data that the Client provides to the Company will be treated as confidential and shared only with the parties set out in Section 8 of this Policy. Such Personal Data will not be disclosed to any other third party except if such disclosure is required under any regulatory or legal proceedings. The Personal Data that the Client provides in connection with registering as a user of the
website(s) or for the Services is classified as Registration Information. The Company offers high protection for the Registration Information provided by the Client. The Client can access his Registration Information through a password selected by him which is encrypted and known only to the Client. The Client must be careful and protect his password from any third parties.
Registration Information is safely stored on secure servers that only authorized personnel has access to via password. The Company encrypts all Personal Data as it is transferred to the Company and thus makes all necessary efforts to prevent unauthorized parties from viewing any such information. Personal Data provided to the Company that is not Registration Information also resides on secure servers and is again accessible only to authorized personnel via password. This information is not accessible by the Client; therefore, no password is provided to view or modify this information


The Company is dedicated to providing transparency and user control over app accounts and associated user data. This policy outlines our approach to app account deletion, in accordance with Google Play’s standards.

a)App’s Account Deletion: We understand the importance of allowing our users to delete their app accounts and associated user data when they choose to. Our app account deletion policy ensures that you have the necessary controls over your personal information.

b) Deleting Your App Account: If you have an app account with CM Index Google Apps, you can request the deletion of your app account and the associated user data. To request the deletion of your app account, please follow these steps:

  • 1) Open the CM Index Google App.
  • 2) Go to your account settings or profile page
  • 3) Locate the option to delete your app account.
  • 4) Follow the provided instructions to confirm your app account deletion request.

c) User Data Deletion: When we delete an app account based on your request, we also delete the user data associated with that app account. This ensures that your personal information is removed from our systems in accordance with your request.

d) Temporary Account Deactivation: Please be aware that temporary account deactivation, disabling, or “freezing” your app account does not qualify as app account deletion. If you wish to permanently delete your account and associated data, you must follow the app account deletion process outlined above.

e) Contact Us: If you have any questions, concerns, or requests related to your app account, data, or this policy, please don’t hesitate to contact us using the following contact information.

f) Updates to this Policy: We may update this policy from time to time to reflect changes in our practices or to comply with legal requirements. We will post the revised policy on this page with an updated effective date.


The Company, we are dedicated to providing a secure and transparent environment for our users. Our app account deletion policy is designed to give you control over your app account and associated data, ensuring compliance with Google Play’s standards


The Company reserves the right to review and amend this Policy from time to time for any reason and notify the Clients of any such amendments accordingly by posting an updated version of this Policy on the Company’s website(s). The Company will notify you about any material changes to this Policy by placing a notice on its website or by communicating with you directly. The Client is responsible for regularly reviewing the Policy and any amendments thereof.


For any general inquiries regarding this Policy please contact the Company by emailing the Customer Support Department at [email protected]. For any requests regarding personal data rights, as set out in Section 11 of this Policy, or questions about how the Company processes Client’s Personal Data, please contact us at [email protected]

error: Content is protected !!