This Policy is based on the privacy and data protection principles common to the countries in which we operate. This Policy is intended to summarize IBKR's data protection practices generally and to advise our customers, prospective customers, job applicants, website visitors and other third parties about IBKR's privacy policies that may be applicable to them.
This Policy is specifically addressed to those who provide Personal Information to IBKR or who visit or use IBKR's websites, trading platforms, software application and social media sites.
Who is responsible for your Personal Information?
IBKR is responsible for the Personal Information that we may collect in the manner discussed below. IBKR includes: Interactive Brokers LLC, One Pickwick Plaza, Greenwich, CT 06830 United States; Interactive Brokers (U.K.) Limited, (03958476) a Private Limited Company with registered office address, Level 20 Heron Tower, 110 Bishopsgate, London EC2N 4AY; and their respective affiliates (the "IBKR Entities"). Specifically, your Personal Information will be controlled by the IBKR Entity that is providing services or communication to you. In some instances your Personal Information will be controlled by more than one IBKR Entity.
How do we collect your Personal Information and what Personal Information do we collect?
IBKR collects and processes Personal Information from you. This may include, among other things, information:
Are you required to provide Personal Information?
In order for you to utilize our services, you will provide us with your Personal Information entirely voluntarily. In most circumstances IBKR cannot take action without utilizing certain of your Personal Information, for example, because this Personal Information is required to process your instructions or orders or provide you with access to our services or marketing materials. In most cases, it will be impossible for us to provide the services to you without the relevant Personal Information.
For what purposes will we use your Personal Information?
We may use your Personal Information for the following purposes ("Permitted Purposes"):
We may process your Personal Information for the following purposes after obtaining your express consent where legally required:
Where legally required, with regard to marketing-related communication, we will only provide you with such information after you have opted in and we will also provide you with the opportunity to opt out at any time if you do not wish to receive further marketing-related communication from us. We like to keep our customers, personnel and other interested parties informed of company developments, including news relating to IBKR that we believe is of interest to them. If you do not wish to receive publications or details of events or seminars that we consider may be of interest to you, please let us know by following this link: https://www.interactivebrokers.com/en/index.php?f=464. Where legally required, we will not use your Personal Information for taking any automated decisions affecting you or creating profiles other than described above.
Depending on which of the above Permitted Purposes we use your Personal Information for, we may process your Personal Information on one or more of the following legal grounds:
In addition, the processing may be based on your consent where you have expressly given that to us.
Who we share your Personal Information with, and in what circumstances
We may share your Personal Information in the following circumstances:
Otherwise, we will only disclose your Personal Information when you direct us or give us permission to do so, when we are allowed or required by applicable law or regulations or judicial or official request to do so, or as required to investigate actual or suspected fraudulent or criminal activities.
Personal Information about other people that you provide to us
Keeping Personal Information about you secure
To the extent required by law, we will take appropriate technical and organizational measures to keep your Personal Information confidential and secure in accordance with our internal procedures covering the storage, disclosure of and access to Personal Information. Personal Information may be kept on our Information Technology systems, those of our contractors or in paper files.
Transferring your Personal Information outside the European Economic Area ("EEA") (if GDPR applies)
For Personal Information subject to the General Data Protection Regulation (EU) 2016/679 ("GDPR") we may transfer your Personal Information outside the EEA for the Permitted Purposes as described above. This may include countries that do not provide the same level of protection as the laws of your home country (for example, the laws within the EEA or the United States). We will ensure that any such international transfers are made subject to appropriate or suitable safeguards if required by the GDPR or other relevant laws. You may contact us at any time using the contact details below if you would like further information on such safeguards.
With respect to persons covered by GDPR, in case Personal Information is transferred to countries or territories outside of the EEA that are not recognized by the European Commission as offering an adequate level of data protection, we have put in place appropriate data transfer mechanisms to ensure Personal Information is protected.
Updating your Personal Information
If any of the Personal Information that you have provided to us changes, for example if you change your email address or if you wish to cancel any request that you have made of us, please let us know by contacting IBKR Customer Service through the IBKR website at interactivebrokers.com/help. We will not be responsible for any losses arising from any inaccurate, inauthentic, deficient or incomplete Personal Information that you provide to us.
How long do we retain your Personal Information?
We retain your Personal Information in an identifiable form in accordance with our internal policies which establish general standards and procedures regarding the retention, handling and disposition of your Personal Information. Personal Information is retained for as long as necessary to meet legal, regulatory and business requirements. Retention periods may be extended if we are required to preserve your Personal Information in connection with litigation, investigations and proceedings.
Further rights for persons or information covered by GDPR
With respect to EEA residents and where your Personal Information is processed by an IBKR Entity established in the EEA ("Covered Individuals"), you have a number of legal rights under GDPR in relation to the Personal Information that we hold about you. These rights include:
We have designated a Data Protection Officer ("DPO") to enhance and promote compliance with and understanding of privacy and data protection principles. If you wish to do any of the above please send an email to firstname.lastname@example.org.
We may request that you prove your identity by providing us with a copy of a valid means of identification in order for us to comply with our security obligations and to prevent unauthorized disclosure of data. We reserve the right to charge you a reasonable administrative fee for any manifestly unfounded or excessive requests concerning your access to your data and for any additional copies of the Personal Information you request from us.
We will consider any requests or complaints that we receive and provide you with a response in a timely manner. If you are not satisfied with our response, you may take your complaint to the relevant privacy regulator. We will provide you with details of your relevant regulator upon request.
Notice to California Residents: As a federally-regulated provider of financial services, IBKR is broadly exempt from the California Consumer Privacy Act (CCPA). Personal information we collect from clients and prospective clients is protected under separate federal legislation. Over the past 12 months, the only type of information we have collected potentially subject to the CCPA is web-browsing information regarding passive visitors to our website who are California residents, but are not our clients and do not provide us with any specific personal information (name, email address, street address, social security number, etc.) to request information about our services, start an account application, or become a client. Information collected from these anonymous, passive visitors to our website may include IP address and browser-specific tags. We do not sell this information to third parties. We only use this information for internal purposes, such as to determine which advertisements are working and which content on our website is most interesting to visitors. Under the CCPA, California residents connected to this type of web-browsing data have a right to request access to it or request that it be deleted. However, we are unable (and not required) to process such requests because we cannot connect such passive web-browsing information collected with an email address or other personal information that we can use to verify that a requesting party is in fact connected to a specific web-browser or IP address.
How to contact us