Privacy Policy

Your data, our responsibility.

1. Who We Are & Scope

ForexBrokerRatings.com (“FBR,” “we,” “our,” “us”) is an independent publisher that analyses and reviews retail foreign-exchange (“forex”) brokers. We operate the website https://forexbrokeratings.com (the “Site”). We do not provide brokerage services or personalised investment advice. This Privacy Policy governs all personal data processed via the Site, APIs, email, and any future mobile applications.

2. Legal Frameworks

We designed this Policy to comply with—or provide equivalent protection to—the world’s leading privacy regimes:

Law / RegionKey Rights Reflected
GDPR (EEA/UK)Art. 6 lawful bases, Art. 15-22 data-subject rights, SCCs for transfers
CCPA / CPRA (California)Notice at collection, “sale/share” opt-out, enhanced consumer rights
LGPD (Brazil)Legitimate interest basis, data portability, DPO contact
PIPEDA (Canada)10 Fair Information Principles
POPIA (South Africa)Processing limitation, openness, security safeguards
Australia Privacy ActAPP 1-13, cross-border disclosure protections

Where local law affords stronger protections than this Policy, we will honour them.

3. Information We Collect

CategoryExamplesCollection Method
Identifiersemail, IP, cookie ID, device fingerprintweb forms, analytics scripts
Usage Datapages viewed, clicks on broker links, session durationfirst-party cookies, log files
Commercial Databroker promotions clicked, affiliate IDsredirect URLs
Marketing Preferencesnewsletter opt-in status, email opensESP reports
User-generated Contentcomments, feedback, survey resultsvoluntary submission

We do not knowingly collect special-category data (e.g., health, biometrics) or data from children < 13 yrs. If notified, we will delete such data within 30 days.

4. Purposes & Legal Bases

PurposeGDPR BasisCCPA Category
Operate & secure SiteLegitimate interests“Security”
Send newslettersConsent“Marketing”
Track affiliate referralsLegitimate interests“Commercial information”
Respond to enquiriesContract“Customer records”
Comply with law / taxLegal obligation“Legal compliance”

5. Cookies & Tracking

We use session & persistent cookies plus similar technologies (e.g., localStorage) for: analytics, affiliate attribution, and UI preferences. You can control cookies via browser settings; disabling them may degrade some features (e.g., broker-comparison filters).

6. Global Data Transfers

Our servers are hosted in [select cloud region]. If your data is transferred cross-border, we rely on:

  • Standard Contractual Clauses (SCCs) for EEA/UK transfers
  • UK Addendum to SCCs (where applicable)
  • Implementing adequacy decisions, Binding Corporate Rules, or other recognised safeguards

7. How We Share Information

We never sell personal data. We share only with:

  1. Service providers (hosting, analytics, email) bound by confidentiality & data-processing agreements.
  2. Affiliate networks / brokers to validate referral conversions—limited to click ID & timestamp.
  3. Advisers & auditors under NDA.
  4. Regulators or courts when legally compelled or to assert/defend legal claims.

All vendors are vetted for technical & organisational security measures.

8. Data Retention

We retain data only as long as necessary for each purpose, plus any statutory retention period (e.g., 5 yrs for tax). Afterward, data is anonymised or securely erased using NIST SP-800-88 methods.

9. Security Measures

  • HTTPS/TLS 1.3 encryption in transit
  • At-rest encryption (AES-256) on production databases
  • WAF & DDoS filtration, rate limiting
  • Role-based access controls, MFA for admin accounts
  • Quarterly vulnerability scans & annual penetration tests
  • Incident-response plan aligned with ISO 27001 Annex A

No Internet transmission is 100 % secure; use the Site at your own risk.

10. Your Rights

RegionRights & How to Exercise
GDPR / UK-GDPRAccess, rectify, erase, restrict, object, data portability, lodge complaint with supervisory authority.
CCPA / CPRAKnow, delete, correct, opt-out of sale/share, limit use of sensitive data.
LGPDConfirm processing, anonymise, data portability, revoke consent.
OthersEquivalent rights under PIPEDA, POPIA, etc.

Submit requests via privacy@forexbrokeratings.com. We must verify identity (K-ID request token) before actioning. Response window: 30 days (extendable +60 days for complex cases).

11. Automated Decision-Making

We do not use profiling or automated decisions that produce legal or similarly significant effects (GDPR Art. 22).

12. Third-Party Links

Outbound links to brokers & resources have independent privacy practices. Review their policies before providing personal data. We disclaim liability for third-party content or data handling.

13. Children’s Privacy

The Site is not directed to children under 13. If you are a parent/guardian and believe your child provided data, contact us and we will delete it.

14 Changes to This Policy

We may revise this Policy due to legal, technical, or business changes. Updates appear here with a new “Last updated” date; material changes may be emailed to subscribers. Continued use after an update equals acceptance.

This Privacy Policy is for informational purposes only and does not constitute legal advice.