Your data, protected to broker-grade standards

Identity (name, DOB, government ID, photo), contact (email, phone, address), financial (income range, source of funds, trading experience), trading activity (orders, positions, P/L, IP, device fingerprint), and support communications.

To open and operate your trading account, route orders to liquidity providers, calculate margin and risk exposure, prevent fraud and market abuse, comply with regulators, and improve our trading platform and AI execution models.

As a FinCEN-registered MSB, we screen clients against OFAC, UN, EU and PEP lists, monitor transactions for suspicious patterns, and file SARs/CTRs as required by the U.S. Bank Secrecy Act. Refusing to provide KYC data means we cannot legally serve you.

We share data only with: liquidity providers and prime brokers (for order routing), custodian banks (segregated client funds), KYC/AML vendors, payment processors, cloud and analytics providers under DPA, and competent regulators or courts. We do not sell personal data.

TLS 1.3 in transit, AES-256 at rest, hardware security modules for trading keys, mandatory 2FA, role-based access, 24/7 SOC monitoring, and quarterly third-party penetration tests aligned with ISO 27001 controls.

We use essential cookies for session and security, and analytics cookies (with consent) to understand platform performance. You can control non-essential cookies via your browser or our consent banner.

Servers are hosted in the U.S. and EU. Transfers outside your jurisdiction occur under Standard Contractual Clauses or equivalent safeguards. Trading data is replicated to a disaster-recovery region in real time.

You may request access, correction, portability, or deletion of your data — subject to AML record-keeping rules that require us to retain trading and KYC records for at least five (5) years after account closure. Email privacy@tonee.exchange to exercise your rights.