ACH is committed to protecting your personal information and respecting your privacy across all trading, investment, and financial services.
ACH Global Markets Ltd ("ACH", "we", "us", or "our") respects your privacy and is dedicated to safeguarding your personal data. This Privacy Policy explains how we collect, use, disclose, and protect information that applies to our website, trading platforms, mobile applications, and related services (collectively, the "Services").
We collect several categories of personal data to provide Services, comply with legal obligations, and protect our business. The table below summarizes our data practices:
| Category | Examples | Purpose |
|---|---|---|
| Identity & Contact | Full name, DOB, passport/ID, email, phone, address | Account creation, KYC, communication |
| Financial & Transactional | Bank details, trading history, deposits/withdrawals, source of funds | Processing, compliance, risk management |
| Technical & Usage | IP address, device IDs, browser type, trading logins | Security, analytics, platform performance |
| KYC & Verification | Government ID, proof of address, PEP status, selfie | Regulatory compliance, fraud prevention |
| Vessel & Consignment | IMO, vessel names, tracking preferences | Maritime tracking and trade finance services |
We process your personal data for legitimate business and legal purposes, including:
ACH uses essential, performance, functional, and optional advertising cookies. Essential cookies are required for platform security and operation. You can manage non-essential preferences via our cookie banner or browser settings. Disabling cookies may affect platform functionality.
We do not sell your personal data. We may share information with:
As a global platform, your data may be transferred to and processed in countries outside your residence (including the UK, EU, Singapore). We implement Standard Contractual Clauses and equivalent safeguards to ensure adequate protection.
We employ military-grade encryption (TLS 1.3, AES-256), multi-factor authentication, regular penetration tests, and strict internal access controls. While no system is 100% secure, we continuously improve our security posture.
We retain personal data for as long as necessary to fulfill the purposes outlined, typically 7 years after account closure to comply with financial regulations. KYC records are kept for minimum 5-10 years. After retention expires, data is securely deleted or anonymized.
Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, port, or object to processing of your data. To exercise these rights, contact dpo@ach-financial.com. We will respond within 30 days. You also have the right to lodge a complaint with the ICO (UK) or your local supervisory authority.
Our Services are strictly for individuals aged 18 and above. We do not knowingly collect data from minors. If you believe we have inadvertently collected child data, please contact us immediately.
We may update this policy periodically. Material changes will be communicated via email or platform notice. The "Last Updated" date indicates the latest revision. Continued use of our Services constitutes acceptance of the revised policy.
For any privacy-related questions, data subject requests, or concerns:
You have the right to complain to the Information Commissioner's Office (ICO) if you believe your data rights have been infringed.