Privacy Policy | IndexEdge

Quick Navigation

1. Introduction
2. What Data We Collect
3. How We Collect Data
4. Why We Collect Data
5. How We Use Data
6. Data Retention
7. Data Sharing
8. International Transfers
9. Your Rights (GDPR)
10. Cookies & Tracking
11. Children's Privacy
12. Contact Us

1. Introduction

IndexEdge Trading Ltd ("we," "us," "our," or "Company") is committed to protecting your privacy and ensuring you have a positive experience on our website. This Privacy Policy explains how we collect, use, disclose, and otherwise process personal data when you visit our website at indexedge-trading.co.uk and interact with our services.

We are the data controller responsible for personal data processing. Our registered address is Financial Conduct House, 42 Leadenhall Street, London, EC3A 4AP, United Kingdom. We comply with the General Data Protection Regulation (GDPR), the UK Data Protection Act 2018, and all applicable data protection laws.

This policy applies to all visitors and users of our website. By accessing or using IndexEdge, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with our practices, please do not use our website.

2. What Data We Collect

We collect personal data that you voluntarily provide to us and data generated through your interaction with our website. The categories of data collected include:

Contact Information

Full name, email address, phone number, physical mailing address, and company name. We collect this when you submit contact forms, subscribe to newsletters, or request information about our services.

Account Information

If you create an account with us, we collect username, password (encrypted), account preferences, and trading activity preferences. Account credentials are encrypted and never stored in plain text.

Technical Data

Internet Protocol (IP) address, browser type and version, operating system, device identifier, referring/exit pages, pages visited and time spent on each page, and clickstream data. This data is collected automatically through cookies and analytics tools.

Usage Data

Information about how you interact with our website including which guides you read, which case studies interest you, search queries, pages bookmarked, and features accessed. This helps us understand user behaviour and improve our services.

Cookie Data

Identifiers placed on your device to track browsing preferences, authentication status, and website functionality. Persistent cookies remain on your device until manually deleted; session cookies expire when you close your browser.

Third-Party Data

In some cases, we receive data about you from third-party sources such as analytics providers, advertising networks, or publicly available data. We verify the legitimacy of such data before processing it.

3. How We Collect Data

We collect personal data through various methods and channels. Understanding our collection methods helps you make informed decisions about what information to share with us.

Forms & Submissions

Contact forms, newsletter signup forms, webinar registration, case study downloads, and account creation forms. All form submissions are stored securely in our database.

Analytics Tools

Google Analytics 4 tracks your browsing behaviour, page views, and interaction metrics. Meta Pixel captures conversion data for retargeting purposes. Both tools operate under separate privacy policies and user data agreements.

Server Logs

Our web server automatically records access logs containing IP addresses, request timestamps, HTTP status codes, and referring pages. These logs are retained for 90 days for security and troubleshooting purposes.

Cookies & Similar Tech

First-party and third-party cookies, web beacons, pixels, and local storage mechanisms track your preferences and browsing patterns. You can manage cookie settings through your browser or our cookie consent banner.

Email Communications

When you subscribe to our newsletter or receive marketing emails, we track email open rates and click-through behaviour using pixel tracking. This data helps us optimise email content and delivery timing.

Direct Communication

Data collected through phone calls, live chat, emails, and in-person meetings. We record details of your inquiries, preferences, and communication history for customer service purposes.

4. Why We Collect Data (Legal Basis)

Under GDPR Article 6, we collect and process personal data only when we have a lawful basis to do so. Our legal bases for data processing include:

Consent (Article 6(1)(a))

You explicitly consent to data processing by subscribing to our newsletter, downloading resources, or creating an account. You may withdraw consent at any time by unsubscribing or contacting our Data Protection Officer. Withdrawing consent does not affect the lawfulness of processing prior to withdrawal.

Legitimate Interest (Article 6(1)(f))

We process certain data based on legitimate business interests including improving our website functionality, understanding user behaviour, detecting fraud and security threats, and maintaining accurate records. We conduct balancing tests to ensure our interests do not override your fundamental rights and freedoms.

Contract Performance (Article 6(1)(b))

When you request our services or create an account, we process data necessary to fulfil our contractual obligations. This includes sending requested information, account management, and service delivery. Processing is essential to provide you with the services you've requested.

Legal Compliance (Article 6(1)(c))

We process data to comply with legal obligations including tax law, accounting requirements, and regulatory obligations. Financial records and transaction data are retained as required by UK tax authorities and relevant regulations.

5. How We Use Data

Personal data is used for specific, clearly defined purposes. We do not use data for purposes incompatible with these original purposes unless we obtain additional consent. Our primary uses include:

Service Delivery: Providing educational content, responding to inquiries, managing accounts, and delivering newsletters and resources you've requested.
Marketing & Communications: Sending promotional content, trading alerts, webinar invitations, and product updates. Marketing is only sent to users who have opted in and consented to receive such communications. We include unsubscribe links in all marketing emails.
Analytics & Insights: Analysing website usage patterns, user preferences, and content performance to optimise our platform and improve user experience. Aggregated, anonymised data may be used for market research and trend analysis.
Security & Fraud Prevention: Detecting, investigating, and preventing fraudulent transactions, unauthorised access, data breaches, and other security threats. IP addresses and device identifiers are used to identify suspicious activity patterns.
Website Optimisation: Improving website performance, fixing technical issues, enhancing user interface design, and personalising content recommendations based on your browsing history and preferences.
Legal & Compliance: Maintaining records for accounting, auditing, tax compliance, and regulatory obligations. Responding to legal requests from authorities and protecting our legal rights.
Customer Support: Providing technical support, resolving complaints, and enhancing customer service delivery through retention of communication history and support interactions.

6. Data Retention

We retain personal data only as long as necessary to fulfil the purposes for which it was collected or as required by applicable law. Retention periods vary by data type:

Data Type	Retention Period	Reason for Retention
Contact Form Data	2 years	Customer service and correspondence follow-up
Newsletter Subscribers	Until unsubscribe + 6 months	Marketing communications and preference management
Account Information	Duration of account + 2 years	Service continuity and dispute resolution
Analytics Data	13 months	Google Analytics default retention; helps identify long-term trends
Server Access Logs	90 days	Security monitoring and troubleshooting technical issues
Cookies (Session)	Duration of browser session	Temporary site functionality and user authentication
Cookies (Persistent)	1-2 years	Remembering user preferences and tracking across sessions
Financial Records	6 years	Tax compliance and statutory accounting requirements

After the retention period expires, we securely delete data unless we are legally required to retain it. If deletion is not possible (e.g., data stored in backups), we anonymise the data so it cannot be linked to you. You may request earlier deletion by exercising your right to erasure.

7. Data Sharing & Third Parties

We do not sell your personal data to third parties. We only share data with third-party service providers who assist us in operating our website and conducting our business. All third parties are contractually obligated to protect your data and use it only for specified purposes.

Categories of Service Providers:

Hosting & Infrastructure

CloudFlare, AWS, Linode – store website data and serve content. Subject to their privacy policies.

Analytics Providers

Google Analytics, Meta Pixel – track user behaviour. Each has independent privacy policies governing their data use.

Email & Marketing

Mailchimp, Klaviyo – manage newsletter campaigns. Email addresses and engagement data shared for list management.

Payment Processing

Stripe, PayPal – handle financial transactions. Payment data shared only as necessary for transaction processing.

Customer Support

Zendesk, Intercom – manage support tickets. Customer inquiries and contact data stored in support systems.

Legal & Law Enforcement

Data disclosed to authorities when legally compelled or necessary to protect rights and safety.

Important: We confirm that we do not engage in the sale, exchange, or rental of personal data to third parties for commercial gain. Our data sharing occurs only in circumstances where it is necessary to provide our services or required by law.

8. International Data Transfers

IndexEdge is based in the United Kingdom. However, some of our service providers operate internationally, which means personal data may be transferred to countries outside the European Economic Area (EEA). These transfers are protected by appropriate safeguards as follows:

Standard Contractual Clauses (SCC)

When transferring data to non-EEA countries not deemed adequate by the European Commission, we use Standard Contractual Clauses approved under GDPR Article 46(2)(c). These contractually binding terms ensure data recipients provide adequate protection equivalent to EEA standards.

Adequacy Decisions

Where applicable, we rely on European Commission adequacy decisions finding that certain countries provide adequate data protection. The UK has been granted adequacy status under the GDPR.

US Data Transfers

Data transfers to the United States are subject to Standard Contractual Clauses. Certain US service providers (Google, AWS) have implemented supplementary technical measures addressing US surveillance laws, as required by the EU Court of Justice's Schrems II decision.

Right to Request Information

You have the right to request information about the specific safeguards we have implemented for international transfers. Contact our Data Protection Officer for documentation regarding transfer mechanisms.

9. Your Rights Under GDPR

The GDPR provides you with various rights regarding your personal data. We are committed to facilitating the exercise of these rights. To exercise any of the following rights, contact our Data Protection Officer using the details provided in Section 12.

Right of Access (Article 15)

You have the right to request a copy of the personal data we hold about you in a machine-readable format. We will provide this within 30 days of your request. The information will include how we use your data, who we share it with, and how long we retain it.

Right to Rectification (Article 16)

If you believe data we hold about you is inaccurate or incomplete, you have the right to request correction. You can update account information directly through your profile or contact us to modify stored data. We will correct errors within 30 days.

Right to Erasure (Article 17) – "Right to Be Forgotten"

You have the right to request deletion of your personal data when it is no longer necessary for the purposes it was collected, you withdraw consent, or you object to processing. Please note that data subject to legal retention obligations may not be deleted. We will respond within 30 days.

Right to Restrict Processing (Article 18)

You may request that we limit the processing of your data while we verify its accuracy, when you dispute its legality, or during other specified circumstances. During restriction, data will be stored but not actively processed.

Right to Data Portability (Article 20)

You have the right to receive your personal data in a structured, commonly used, machine-readable format (e.g., CSV, JSON) and transmit it to another service provider without hindrance. We will provide this within 30 days of request.

Right to Object (Article 21)

You have the right to object to processing based on legitimate interest or direct marketing. For direct marketing, you can unsubscribe from newsletters at any time using the unsubscribe link in our emails or by contacting us.

Right to Withdraw Consent (GDPR)

Where we rely on consent as our legal basis, you can withdraw consent at any time without affecting the lawfulness of processing prior to withdrawal. Withdrawal is simple – unsubscribe from emails, disable cookies, or contact us directly.

Right to Lodge a Complaint

If you believe we have violated your rights, you have the right to lodge a complaint with the UK Information Commissioner's Office (ICO) at ico.org.uk or +44 1625 545 745. You may also contact your relevant supervisory authority in your country of residence.

How to Exercise Your Rights: Send your request in writing to our Data Protection Officer at [email protected] or by post to Financial Conduct House, 42 Leadenhall Street, London, EC3A 4AP, United Kingdom. Include your name, email, and a clear description of your request. We will respond within 30 calendar days.

10. Cookies & Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance user experience, improve website functionality, and provide personalised content. Cookies are small text files stored on your device that help us remember your preferences and track your activity.

Types of Cookies We Use:

Essential Cookies (Required)

Required for website functionality including user authentication, session management, and form submission. These cookies cannot be disabled without breaking site functionality. Duration: Session or 1 year.

Analytics Cookies (Opt-In)

Google Analytics 4 tracks page views, user flow, bounce rates, and conversion metrics. These cookies help us understand how visitors use our website and identify areas for improvement. Duration: 13 months.

Marketing/Retargeting Cookies (Opt-In)

Meta Pixel and Google Ads cookies enable retargeting campaigns on Facebook, Instagram, and Google. These cookies track your interests and browsing behaviour to show relevant advertisements. Duration: 1-2 years.

Preference Cookies (Opt-In)

Remember your language selection, theme preferences, and other customisation settings. Enable personalised user experience without re-entering preferences. Duration: 1-2 years.

Managing Cookies:

Browser Controls: Most browsers allow you to control cookies through settings. You can delete existing cookies, block future cookies, or set preferences per website. Disabling cookies may affect website functionality.
Cookie Consent Banner: Our cookie consent banner appears when you first visit. Select "Accept" to allow all cookies or "Reject" to disable non-essential cookies. You can manage preferences anytime through this banner.
Opt-Out Tools: Google Analytics opt-out browser extension available at https://tools.google.com/dlpage/gaoptout. Meta allows ad preference management at facebook.com/ads/preferences.

Do Not Track (DNT): If your browser sends a DNT signal, we respect your privacy choice and do not enable analytics or marketing cookies. However, essential cookies required for site functionality may still be used.

11. Children's Privacy

IndexEdge is not directed towards children under 16 years of age, and we do not knowingly collect personal data from children under this age. Our trading education and financial content are designed for adult learners and traders.

If we become aware that we have inadvertently collected data from a child under 16, we will take immediate steps to delete such information and notify the child's parent or guardian. Parents or guardians who believe their child has provided data to us should contact us immediately.

Under the UK GDPR and similar regulations, parental consent is required before processing data of children under 16. We do not market to, or knowingly collect data from, minors. Our website contains no content specifically targeting children, and all resources address adult learners.

12. Contact Information & Data Protection Officer

If you have questions, concerns, or requests regarding this Privacy Policy or our data handling practices, please contact us using the details below. We will respond to inquiries within 30 days.

Company Contact

IndexEdge Trading Ltd

Financial Conduct House
42 Leadenhall Street
London, EC3A 4AP
United Kingdom

Email: [email protected]

Phone: +44 20 3456 4789

Data Protection Officer

DPO Contact

Data Protection Officer
IndexEdge Trading Ltd
Financial Conduct House
42 Leadenhall Street
London, EC3A 4AP

Email: [email protected]

Response Time: 30 calendar days

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices, technology, legal requirements, or other factors. Any changes will be posted on this page with an updated "Last Modified" date. Significant changes will be communicated via email or prominent notice on our website. Your continued use of our website following notification of changes constitutes your acceptance of the modified policy. We encourage you to review this policy regularly to stay informed about how we protect your data.

Last Updated: January 15, 2026