Privacy Policy

Fxward provides software infrastructure for proprietary trading firm operations, including broker account management, challenge tracking, and MetaTrader MT4/MT5 integration. This Privacy Policy explains what personal data we collect, how we use it, who we share it with, and what rights you have over it.

By using Fxward, you agree to the collection and use of information as described in this policy. This policy applies to our website at fxward.com and to all services provided through the Fxward platform. If you are a trader using a portal built by a Fxward customer, please review that firm's privacy policy in addition to this one.

Information you provide directly

• Account information: your name, business name, email address, and billing details
• Communication data: messages sent through support channels, contact forms, or live chat
• Configuration data: broker account details, challenge parameters, and trading rules you set up

Information collected automatically

• Usage data: pages visited, features used, session duration, and in-app actions
• Technical data: IP address, browser type, operating system, and device identifiers
• Log data: error reports, performance metrics, and security event records

Payment information

Payment processing is handled by our PCI-DSS compliant processors. We store only a transaction reference and the last four digits of your card. We do not store full payment card numbers.

We use the information we collect to:

• Provide and operate the service: provision accounts, process subscriptions, send transactional emails (invoices, password resets, confirmations), and maintain MetaTrader integrations
• Ensure security: detect unauthorized access, monitor for suspicious activity, and protect the integrity of data across the platform
• Improve the platform: understand usage patterns, prioritize features, and diagnose performance issues; analytics are aggregated and not tied to individual traders
• Communicate with you: send service-critical notifications including account alerts, maintenance notices, and security warnings
• Comply with legal obligations: retain records as required by applicable law and respond to lawful requests from authorities

We do not sell your personal data to third parties. We do not use your data to make automated decisions that materially affect you without your knowledge.

We use a limited set of third-party services to operate Fxward. Each receives access only to what is necessary for their specific function.

Google Analytics

Tracks anonymous website traffic and feature engagement on our marketing site. No personal trading data is shared. You can opt out via the Google Analytics opt-out browser add-on.

Crisp Chat

Powers our in-app support chat. Crisp receives your name, email address, and the contents of conversations. Conversations are retained to maintain support context. Crisp's privacy policy is available at crisp.chat/en/privacy.

Payment processors

Subscription billing is handled by our PCI-DSS compliant payment processors. They receive only the data necessary to complete a transaction.

Infrastructure providers

We use cloud infrastructure providers for hosting and storage. These providers process data on our behalf under data processing agreements and are prohibited from using it for their own purposes.

How long we keep your data

Account data is retained for the duration of your subscription and for 90 days following termination, allowing time for account recovery or dispute resolution. After 90 days, personal data is permanently deleted or anonymized. Usage and security logs are retained for up to 12 months. Billing records are retained for 7 years as required for financial compliance.

How we protect it

All data in transit is protected using TLS 1.2 or higher. Data at rest is encrypted using AES-256. Access to production systems is restricted to authorized personnel under least-privilege principles and is logged. We conduct regular security assessments and maintain an incident response program.

No security system is impenetrable. If you believe your account has been compromised, contact us immediately at [email protected].

Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise any of them, email [email protected]. We will respond within 30 days. Requests may be subject to identity verification.

• Access: request a copy of all personal data we hold about you
• Rectification: request correction of inaccurate or incomplete data
• Erasure: request deletion of your data, subject to legal retention requirements
• Portability: receive your data in a structured, machine-readable format
• Objection: object to processing based on our legitimate interests
• Restriction: ask us to limit how we process your data while a dispute is resolved

We may decline requests where we are required by law to retain data or where a request is clearly unfounded or excessive.

Essential cookies

Required for the platform to function. They maintain login sessions and remember in-app preferences. These cannot be disabled while using the service.

Analytics cookies

Google Analytics places cookies on our marketing website to measure anonymous traffic and feature engagement. These are not used inside the platform application. You can opt out by adjusting your browser settings or using the Google Analytics opt-out add-on.

We do not use advertising cookies or third-party behavioral tracking cookies.

For privacy questions, data requests, or concerns about how we handle your information:

We aim to respond to all privacy inquiries within 5 business days.