Privacy Policy & Cookies

About this privacy notice

This privacy notice tells you how we use your personal information when you visit our website, make contact with us or access our platform. It sets out the ways in which we collect personal information, the uses of that personal information and the ways in which we will share any personal information you choose to provide to us
Please read this notice carefully. By submitting your details, you confirm that you have read and understood this notice in its entirety.
Our website may contain links to other websites operated by other organisations. If you follow a link to any of those third-party websites, please note that they have their own privacy notices.  We are not responsible for their notices or their processing of your personal information.  Please check these notices before you submit any personal information to them.

Who we are
GFO-X is the trading name of Global Futures and Options Ltd. Our company number is 13018987 and our registered office is at First Floor, 36-38 Botolph Lane, London, United Kingdom, EC3R 8DE).  We are responsible for the handling of your personal information we collect from you, unless stated otherwise.
We have a data protection officer (also known as a DPO) who can be contacted at dpo@gfo-x.com.
Information we collect about you

We will collect and process all or some of the following personal information from you:
Information you provide to us about yourself: personal information that you provide to us, such as when registering for an account on our website, including your name, email address, telephone number, home address, and delivery address.
Correspondence between us: if you contact us, we will typically keep a record of that correspondence. This may include telephone calls, which we record to assist us in training our staff and undertaking quality checks.
Website and communication usage: details of your visits to our website and information collected through cookies and other tracking technologies including, but not limited to, your IP address, domain name, your browser version and operating system, traffic data, location data, web logs and other communication data, and the resources that you access.
Information you provide to us about your business with us: This may include transaction reporting information, details of codes you use and the personal details relating to these codes.
Transactions and payment details: Transaction details of the participants of our Multi-Trading Facility (MTF), the payments they make and the details of individuals that are authorised to make these payments on behalf of the participant.

We may also collect information about you from other sources.

We might receive information from third parties relevant to the services we are providing such as fraud prevention bodies.
We may collect information you have allowed to be publicly available, such as the Companies House.
We may receive information from third parties who provide you with access to our platform and data, such as market data vendors, independent software vendors or the participants of our MTF.
We may receive information from regulatory bodies.
We enter into contracts with participants of our MTF or market data vendors which in turn provide you with access to our platform and data (whether as your suppliers or employers). To perform our regulatory and anti-money laundering obligations in connection with such contracts, we sometimes need to collect and use your personal information.  If you don’t provide us with this information, we might not be able to provide our data or services to you.  In this case, we might have to suspend or cancel the service you have with us.  We will notify the relevant access service provider if this is the case at the time.
When you complete our online forms or other requests for information, we will make it clear whether the information we request is voluntary or must be provided to us in order for us to proceed with your registration or other services.

Why we use your personal information?

When we use your personal information, we require a legal justification, also known as a “legal ground”. Normally, we will rely on the one or more of the following legal grounds:

Performance of a contract: This is relevant where we collect and use your personal information where necessary to perform our obligations under a contract with your access or service provider or employer.
Legitimate interest: This is relevant where we use your personal information where it is necessary for our legitimate interests, some examples of which are given below, and does not override your rights.
Compliance with law or regulation: This is relevant where we use your personal information where necessary to comply with applicable laws.
Consent: This is relevant where we need your consent to use your personal information.  However, we do not usually need your consent if there is another legal ground as above.  You can withdraw your consent by contacting us (see below).
We may process your personal data for more than one legal ground depending on the specific purpose for which we are using your personal information.

We use your personal information for the purposes and on the basis of the legal grounds set out below:

To process your identification details to confirm your identity and register you as a new end user or an account holder on our platform.
Legal grounds:  contract performance; legitimate interests (to establish a relationship with you).

To provide services which you have ordered and fulfil our contract with your access or service provider.

Legal grounds: contract performance; legitimate interests (to run our business).
To conduct questionnaires, surveys and research into customer satisfaction.
Legal grounds: legitimate interests (to enable us to improve our services and quality control).

To communicate effectively with you to respond to your queries or communicate with you in relation to your access to our platform.
Legal grounds: contract performance; legitimate interests (to address queries or complaints to or about our business and improve our services and quality control).

To record or monitor communications mentioned above.
Legal grounds: contract performance; legitimate interests (to address queries or complaints to or about our business, improve our services and quality control and support investigation of suspected breaches as set out below).

To undertake continuing checks, monitoring and audits: to monitor queries and transactions to ensure service quality and compliance with laws, policies and procedures.
Legal grounds: legitimate interests (to ensure the quality of services); compliance with laws that require us to conduct these activities.

To monitor the use of the GFO-X Multilateral Trading Facility by participants who have entered into a Participant Agreement with GFO-X, for example in order to assess whether participants are sending a substantial number of messages which do not result in completed transactions and monitor Order to Trade ratio.
Legal grounds: legitimate interests (to ensure compliance of participants and users); compliance with laws that require us to conduct these activities.

To investigate any suspected breaches of the rules of the GFO-X Multilateral Trading Facility.
Legal grounds: legitimate interests (to ensure compliance of participants and users and quality of services); compliance with laws that require us to conduct these activities.

To provide you with marketing materials such as our newsletters, updates and offers, where you have chosen to receive these on behalf of the participant or market data vendor or for your own purposes.
Legal grounds: depending on the type of marketing and our relationship with you, consent at the time we collect your data to conduct; legitimate interests (to promote and market our business).

To build a picture of you from short code information as part of our surveillance obligation as a regulated entity.
Legal grounds: compliance with laws and regulations that require us to surveil the end users.

To check your data against databases of individuals who are subject to sanctions, classified as “politically exposed persons” or have committed crimes and to follow up any suspicions to ensure that we comply with our anti-money laundering and terrorism obligations and to avoid fraud itself.
Legal grounds: compliance with laws that require us to conduct these activities.

To ensure website content is relevant: to ensure that content from our website and platform is presented in the most effective manner for you and for your device, which may include passing your data to business partners, suppliers and/or service providers.
Legal grounds: legitimate interests (to allow us to provide you with the content and services on our website and platform)

To transfer data to potential third parties (including sub-contractors) and disclose it to anti-fraud organisations and law enforcement or regulatory agencies anywhere in the world if required as described in the paragraph regarding Sharing data abroad below.
Legal grounds: legitimate interests (to ensure the quality of services); compliance with laws that require us to conduct these activities.

Who we share your personal information with:

We share your personal information outside our organisation with our suppliers or contractors, for the purposes described in this notice. They are bound by obligations of confidentiality.  Our suppliers and contractors include: data providers; IT and communications service providers; and maintenance service providers.
In addition, we may disclose information about you where required to do so by law, such as in connection with our regulatory obligations, any legal proceedings or prospective legal proceedings, law enforcement purposes, or in order to establish, exercise or defend our legal rights including providing information to others for the purposes of fraud prevention. In particular, we may share your personal information with the relevant regulators in connection with our obligations as a Market Data Provider or our obligation to provide Transaction Reporting information.
We may also disclose your personal information to the purchaser or prospective purchaser of our business which we are or are considering selling.
Security of your personal information

We will ensure that the personal information that we hold is subject to appropriate security measures. We maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with legal requirements.
Where you have set a password which enables you to access your account, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.
 

Sharing data abroad:

Where we transfer your personal information outs ide the UK, we will ensure that it is protected and transferred in a manner consistent with legal requirements applicable to the personal information, as some countries may not protect personal information in the same way as the UK. Broadly, these are:

The country to which we send the personal information may be approved by the UK for receiving personal information. All EU/EEA countries are approved by the UK.
The recipient may have signed a contract based on “standard contractual clauses” approved by the UK which require the recipient to protect your personal information;
we may be legally permitted to transfer your personal information outside the UK using other methods.
In all cases any transfer of your personal information will be compliant with applicable data protection law.
Please contact us as set out in the Contacting Us paragraph below if you would like to see a copy of the specific safeguards applied to the export of your personal information.
How long we keep your personal information

How long we keep your personal information will depend on our business needs and any legal requirements to keep the personal information in question. We retain personal data for as long as is necessary for the relevant purpose. There may also be laws that set out a minimum period for which we have to keep your personal information, even if we no longer need it for its purpose.
 

Your rights & contacting us

You have the right to request us to:

update any inaccuracies in the personal information we hold;
delete any personal information we no longer have a lawful ground to use;
where processing is based on consent, to withdraw your consent. This means we stop that particular processing, but it will not affect the validity of the processing based on your consent before you withdrew it;
to ask us to transmit the personal data you have provided to us, and we still hold about you to a third party electronically;
object to any processing based on the legitimate interests’ legal ground for reasons connected to your individual situation. However, we have the right to continue this processing if we believe we have a legitimate overriding reason to continue; and
restrict how we use your information whilst a complaint is being investigated.
Please note that there may be circumstances where the right you have requested does not apply or does not apply in full.
To make a request, please contact our DPO at dpo@gfo-x.com.
Right to stop marketing

You have the right to ask us not to process your personal information for direct marketing purposes at any time.
To exercise this right, you can click the “unsubscribe” option on any direct marketing email you receive from us or contact us at info@gfo-x.com.
Contact us

If you have any questions about this privacy notice or how we handle your personal information, you can contact our DPO at dpo@gfo-x.com.
If you are not satisfied with our use of your personal information or our response to you, you have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns/ 

Cookies notice- See below for more detail

We are concerned about the privacy of any personal information you may provide to us through this Website. A “cookie” is a piece of information that is saved to your computer’s hard disk by the web server. Confirmation of your reading and accepting these terms and conditions will place a cookie on your computer’s hard disk. This will ease your navigation around this Website by not popping up these terms and conditions again during this browser session. The cookie is temporary and will be removed when you close your browser. The cookie is not used for any other reason. You are not obliged to accept a cookie that we send you, and you can modify your browser so that it will not accept cookies.
Changes to our Privacy Notice

We may update this notice from time to time. If we will update the date it was last changed below.
This Privacy notice was last updated in August 2022

About this website Cookie Policy.

This Cookie Policy tells you (visitor) how we (GFO-X) use cookies when you visit our website.

Our website may contain links to other websites operated by other organisations. If you follow a link to any of those third-party websites, please note that they have their own cookie policies and privacy notices.  We are not responsible for their notices or their processing of your personal information.  Please check these notices before you submit any personal information to them.

1. Who we are

GFO-X is the trading name of Global Futures and Options Ltd. Our company number is 13018987 and our registered office is at First Floor, 36-38 Botolph Lane, London, United Kingdom, EC3R 8DE).

We have a data protection officer (also known as a DPO) who can be contacted at dpo@gfo-x.com.

2. What is a cookie?

A cookie is a very small text file, normally consisting of just letters and numbers, placed on an internet user's hard drive.

Cookies allow websites to store such things as user preferences, visitor statistics and can streamline the use of websites. You can think of cookies as providing a "memory" for the website, this enables the GFO-X website to recognise a visitor and respond appropriately.

The cookie is generated by the GFO-X web page server (basically the computer that operates the GFO-X website). The information the cookie contains is set by the GFO-X server and it can be used by the GFO-X server whenever a user visits. Or re-visits the GFO-X website.

A cookie is browser (e.g. chrome, explorer, safari, firefox) specific. If a visitor uses multiple browsers they will trigger multiple cookies.

GFO-X cookies do not contain personalized data. All GFO-X cookies are anonymized.

The cookie, generated by GFO-X, is stored on the visitors device. (This is why consent is important).

Visitors quite often find in their computer files cookies from websites that they have never visited. These cookies are usually set by companies that sell internet advertising on behalf of other websites. Therefore, it may be possible that users' information is passed to third party websites without the users' knowledge or consent, such as information on surfing habits. This is the most common reason for people rejecting or fearing cookies. GFO-X does not sell or share any cookie information on behalf of any advertisers.

3. What Types of cookies do GFO-X use?

We use 3 main types of cookies on our website:
Strictly necessary cookies are essential to the navigation of our website.
Performance cookies allow us to collect anonymous data on how visitors use our website; they are only used to improve how our website works.
Functionality cookies remember certain information from the choices you make whilst using our website. For example they may be used to save search settings.

4. GFO-X cookies
By continuing to use our website you agree that we can place both essential and non-essential cookies listed below on your computer or mobile device.
GFO-X use your cookie consent for the purposes of using Google Analytics (so we understand how visitors use our website).

Cookie name      Purpose
_ga, _gat, _gid   We use Google Analytics to gather website statistics. We do not receive any personal information on individuals and we do not share this information with any 3rd parties. It is used to help us understand which areas of our website are the most popular, which sections are performing badly and how our site is used.

This list may not be exhaustive as Google may change what cookies are necessary for the Google Analytics service.

[cookieConsent]               This cookie will be set once you agree to the GFO-X’s cookie policy, this is so you will not see the message again.

sf_timezoneoffset           This cookie allows us to show local times

5. Cookies from third parties.

Provider               Cookie name                                                      Description

Google                 NID, AEC, 1P_JAR, CONSENT, DV                          These cookies are set by google to memorize user preferences and information whenever they use its services such as Google Maps.

6. How long we keep your cookie information?

The maximum amount of time that Google Analytics will retain Google-signals data is 26 months, regardless of your settings. By default, Google signed-in data expires after 26 months.

Some cookies only persist for the duration of your session, for example the cookie ‘pm_sess’ that helps maintain your browser session only lasts for 30 minutes.

7. Blocking cookies

By using our website you agree that we can place both essential and non-essential cookies on your computer or mobile device.

Most internet browsers are automatically set up to accept cookies, but you can set your browser to refuse the cookies from our site or ask your browser to show you when a cookie has been set up. Certain Services are only activated by the presence of a cookie and, if you choose to refuse cookies, particular features of our website may not be available to you. Please visit the ‘About cookies’ website (https://www.aboutcookies.org/) for more information on blocking cookies.

Please note,

a)            if you share the use of a computer, accepting or rejecting the use of cookies will affect all users of that computer.

b)            Different browsers will trigger different cookies. So if you use multiple browsers on a single device you may have multiple cookies.

8. Your rights & contacting us

You have the right to request us to:

Delete any cookies or analytics we hold (in principle, it should be as easy to remove cookies as it is to provide consent);

To make a request, please contact our DPO at dpo@gfo-x.com.

If you are not satisfied with our use of your personal information or our response to you, you have the right to complain to the Information Commissioner’s Office: https://ico.org.uk/concerns

9. Changes to our Cookie Policy

We may update this Cookie Policy from time to time. If we will update, the date it was last changed is below.

This Cookie Policy was last updated in April 2023