Version 1.0 – Effective from 01/07/2025
1. Purpose of this Policy
The purpose of this Personal Data Protection Policy is to establish the guidelines under which SCAP Broker LTD (hereinafter, “The Company”) collects, processes, uses, retains, transfers, and protects the personal data of its Clients, Users, Business Partners, and Visitors, whether they interact through our websites, digital platforms, mobile applications, or in-person channels.
This Policy complies with the provisions of current data protection regulations in the jurisdictions in which The Company operates, including, but not limited to:
General Data Protection Regulation (GDPR) of the European Union,
Personal Information Protection and Electronic Documents Act (PIPEDA) of Canada,
California Consumer Privacy Act (CCPA) of the United States,
Protection of Personal Information Act (POPIA) of South Africa,
and other local laws on privacy and data protection.
Through this Policy, The Company informs data subjects about the purposes, legal bases, rights, procedures, and measures adopted to ensure the legitimate, transparent, and secure processing of their personal information.
2. Data Controller
SCAP Broker LTD acts as the Personal Data Controller, being the entity responsible for deciding on the use, purpose, and security of the personal data it collects, processes, or transfers within the framework of its services.
Company Name: SCAP Broker LTD
Contact email for data protection matters: [email protected]
The Company collects personal data through its technological platforms, electronic forms, onboarding systems, user accounts, KYC/AML processes, commercial interactions, and any other channel enabled for the execution of its operations in the international financial and technological ecosystem.
In cases where it acts as a data processor on behalf of third parties (for example, in integrations with strategic partners or regulated providers), SCAP Broker LTD will do so in accordance with data processing contracts, respecting the instructions of the original controller and ensuring an adequate level of protection.
3. Categories of Data We Collect
SCAP Broker LTD may collect and process, directly or indirectly, the following categories of personal data, necessary for the execution of its financial and technological services:
Personal identification data: full name, surnames, type and number of identity document or passport, nationality, date of birth, and country of tax residence.
Contact data: email, phone number, physical address, and city of residence.
Financial and banking data: bank account information, wallets, origin and destination of funds, financial statements, transaction history, and data related to anti-money laundering (AML/CFT) prevention.
Technical and navigation data: IP address, cookies, browser type, operating system, time zone, language, approximate geolocation, and browsing behavior on our platforms.
Legal and verification documentation: electronic forms, digitally accepted contracts, selfies for biometric verification, sworn declarations, invoices, tax or notarial certifications.
Operational and behavioral data: platform access history, records of financial orders and operations, trading behavior, interactions with the CRM, and user activity logs.
Important: SCAP Broker LTD does not collect or process sensitive data (health, sexual orientation, political affiliation, religion) except when expressly required by law, and only under strict security measures and explicit consent when applicable.
4. Purposes of Processing
Personal data collected by SCAP Broker LTD is processed lawfully, fairly, and transparently, with specific, explicit, and legitimate purposes. The specific purposes of processing include:
Contractual execution: Managing the legal and commercial relationship between The Client and SCAP Broker LTD, including the opening, maintenance, and closing of accounts.
Regulatory compliance: Verifying The Client’s identity and carrying out due processes for the prevention of money laundering, terrorist financing, and international sanctions (KYC/AML/CFT).
Access to financial platforms: Enabling the secure use of platforms such as MetaTrader 5, the CRM, the SCAP e-wallet, investment panels, PAMM accounts, and other technological systems of The Company.
Processing of operations: Executing financial operations, withdrawal requests, account funding, capital allocation, collection of commissions, or refunds.
Compliance with legal obligations: Addressing requirements from regulatory, tax, or judicial entities, both local and international.
Operational communications and Client support: Sending service-related notifications, providing technical support, processing complaints, and improving user experience.
Security and fraud prevention: Detecting and preventing unauthorized access, security incidents, suspicious activities, or misuse of The Company’s platforms.
Note: In no case will processing incompatible with these purposes be carried out without obtaining the express consent of the data subject, unless there is a legal or regulatory obligation.
5. Legal Basis for Processing
SCAP Broker LTD will process personal data only when there is a legal basis that justifies it. Such bases include, but are not limited to:
Execution of a contract: When processing is necessary to formalize, execute, or fulfill the services contracted by The Client, including access to trading accounts, withdrawals, funding, and operational management.
Compliance with legal obligations: When processing is required by applicable laws in the jurisdictions where The Company operates, including financial, tax, anti-money laundering (AML), and anti-terrorist financing (CFT) regulations.
Consent of the data subject: When The Client has given their free, specific, informed, and unequivocal consent for one or more specific purposes, such as sending promotional communications or participating in special programs.
Legitimate interest of the controller: When processing is necessary for the legitimate purposes of The Company, such as ensuring the operational security of its platforms, preventing fraud, improving user experience, or preserving the traceability and integrity of records.
Note: In cases where processing is based on consent, this may be revoked at any time, without retroactive effect and without prejudice to the legality of processing carried out previously.
6. Rights of Data Subjects
SCAP Broker LTD guarantees the data subject (Client, User, or Visitor) the full exercise of their rights in accordance with applicable data protection regulations in each jurisdiction. In particular, the data subject may exercise the following rights:
Access: Obtain confirmation as to whether SCAP Broker LTD processes their personal data and, if so, access it.
Rectification: Request the correction or update of inaccurate, incomplete, or outdated data.
Erasure (“right to be forgotten”): Request the deletion of their personal data when it is no longer necessary for the purposes for which it was collected, or when they have withdrawn their consent, unless there is a legal obligation to retain it.
Objection: Object to the processing of their data for reasons related to their particular situation, when processing is not mandatory or is based on legitimate interests.
Restriction of processing: Request that their data be stored but not temporarily processed in certain cases, such as during accuracy challenges or claims.
Portability: Request the delivery of their personal data in a structured, commonly used, and machine-readable format, or its direct transmission to another controller, when legally applicable.
Withdrawal of consent: Withdraw at any time their consent given for processing based on this ground, without retroactive effects.
To exercise any of these rights, the data subject must send their request to [email protected], attaching a copy of an official document that proves their identity. SCAP Broker LTD may require additional information to verify ownership and ensure data protection.
7. International Transfers
SCAP Broker LTD may transfer personal data to providers, regulatory entities, companies of the same corporate group, or to servers located outside the User’s country of residence, when necessary for the execution of services, compliance with legal obligations, or technical-operational support of its platforms.
In all cases, The Company guarantees that such transfers are carried out under conditions that ensure an adequate level of protection, in accordance with applicable international standards. For this purpose, it may use:
Standard contractual clauses approved by competent authorities (such as the GDPR of the European Union),
Binding corporate rules (BCR) for intragroup transfers,
Adequacy decisions issued by regulatory authorities,
Other legally valid mechanisms in the jurisdictions where SCAP Broker LTD operates.
The User may request additional information about the guarantees applied in each transfer by sending a written request to [email protected].
8. Information Retention
SCAP Broker LTD will retain personal data for the time strictly necessary to fulfill the purposes for which it was collected, and for a minimum period of five (5) years from the last relevant interaction with the User or Client.
However, data may be stored for a longer period when:
Required by applicable legal, tax, accounting, or regulatory provisions in the jurisdictions where The Company operates.
Necessary for the formulation, exercise, or defense of legal claims.
Required to comply with internal or external audits, or regulatory investigations.
Once the retention period has ended, SCAP Broker LTD will proceed to delete, anonymize, or block the data in accordance with the principles of integrity and minimization established by international regulatory frameworks on data protection.
9. Security Measures
SCAP Broker LTD has adopted a set of robust technical, organizational, and administrative measures to ensure a level of security adequate to the risk of personal data processing, in line with the principles established by regulations such as the General Data Protection Regulation (GDPR), the Personal Information Protection and Electronic Documents Act (PIPEDA), and other applicable international regulations.
Such measures include, without limitation:
Encryption of sensitive data, both in transit and at rest.
Multi-factor authentication (MFA) and restricted access controls based on roles.
Intrusion detection systems (IDS) and activity monitoring tools for technological platforms.
Periodic compliance audits and penetration tests on technological platforms.
Data backup and recovery protocols in case of incidents.
Continuous training for personnel on best practices in cybersecurity and data protection.
These measures specifically aim to:
Prevent unauthorized access.
Maintain the integrity, confidentiality, and availability of information.
Detect and mitigate risks of loss, alteration, misuse, leakage, or destruction of data.
Ensure the traceability and auditing of all relevant actions in information systems.
SCAP Broker LTD regularly reviews and updates these measures in accordance with technological advancements, the state of the art, and regulatory requirements.
10. Use of Cookies
SCAP Broker LTD informs that its website and technological platforms may use first-party and third-party cookies for the following purposes:
Allow technical and functional navigation of the site.
Analyze usage statistics and browsing behavior.
Remember user preferences.
Optimize the client experience on the platform.
The User can configure their browser to accept, reject, or delete cookies, although this could affect the proper functioning of some features. For more information, please consult our Cookie Policy, available on the official website.
11. Updates
SCAP Broker LTD reserves the right to modify, update, or supplement this Personal Data Protection Policy at any time, in order to adapt it to regulatory, technological, or commercial changes.
Any modification will be published on the official website and will include the effective date. When changes are substantial or imply new purposes, The Client will be notified through the previously registered contact methods (email, platform, or others).
Continued use of the services after the publication of changes constitutes express acceptance of the new version.
12. Contact
For questions, clarifications, or to exercise any of the rights contemplated in this Policy, you can contact the SCAP Broker LTD compliance team through the following channel:
This document is the property of SCAP Broker LTD. Its reproduction, modification, or distribution without express authorization will be prosecuted in accordance with international laws for the protection of contractual and reputational property.