Privacy Policy

Q: Can I delete my Quotex account and all my data?

Yes — contact privacy@quotex.vg to request account closure and data deletion. Note: AML regulations require us to retain certain records for 5 years post-closure, but these are kept in restricted-access archives, not used for any operational purpose.

This Privacy Policy explains how Quotex (operated by Awesomo Ltd) collects, uses, stores, and protects personal information from clients and visitors. It covers our compliance with major privacy frameworks (GDPR for…

Written by Quotex Editorial Team · Reviewed by Anna Petrov, CFA · Last updated May 15, 2026

Data Controller & Contact

The data controller responsible for the personal data collected via quotex.vg is Awesomo Ltd, registered in Saint Vincent and the Grenadines. For privacy-related inquiries, contact our Data Protection Officer at [email protected]. We respond to formal data-rights requests within 30 days as required by GDPR Article 12.

Information We Collect

We collect data only as necessary to operate the trading platform and comply with regulations.

Account data: email, password (bcrypt-hashed, never stored in plaintext), name, country, date of birth, phone number
KYC verification data: government-issued ID images, proof-of-address documents, selfie images (encrypted at rest)
Financial data: deposit/withdrawal method details (tokenised via payment processor — Quotex doesn't store raw card numbers), transaction history, account balance
Trading data: trades placed, outcomes, asset preferences, strategy usage patterns
Technical data: IP address, browser type, device fingerprint, login timestamps, geolocation (country-level only)
Communication data: support tickets, chat transcripts, email correspondence
Cookies and similar technologies: see Cookies section below

How We Use Your Data

All data collection is purpose-bound. We never sell personal data to third parties.

Account management: registration, authentication, password recovery, account security
KYC/AML compliance: verifying identity, monitoring transactions for suspicious patterns, regulatory reporting
Service delivery: executing trades, processing deposits/withdrawals, providing customer support
Communication: sending account notifications, security alerts, support responses, opt-in promotional emails
Improvement: aggregating non-identifying usage data to improve platform features
Legal compliance: responding to regulator inquiries, court orders, AML investigations

Legal Basis for Processing (GDPR)

Under GDPR, we process personal data on the following legal bases: (1) contract performance — necessary to provide the trading service you signed up for; (2) legal obligation — KYC/AML compliance under applicable financial regulation; (3) legitimate interest — fraud prevention, platform security, service improvement; (4) consent — for opt-in promotional communications and non-essential cookies. Consent is withdrawable at any time via account settings.

Data Sharing — Third Parties

We share personal data only with carefully selected partners, all bound by confidentiality and data-protection agreements.

Payment processors (Visa/Mastercard networks, USDT exchanges, regional providers like EBANX/Razorpay): for transaction processing only
KYC verification providers (Sumsub, Onfido): for identity verification, deleted after verification complete
Cloud infrastructure (AWS, CloudFlare): for hosting; data encrypted at rest
Email service providers: for transactional emails (no marketing partners receive your email)
Regulators and law enforcement: only when required by court order or regulatory inquiry from authorities with jurisdiction
We do NOT sell personal data to advertisers, data brokers, or any third party

Cookies & Tracking

We use the minimum cookies necessary for platform function plus optional analytics. As of May 2026, our static-site architecture has removed third-party tracking scripts (Google Analytics, Facebook Pixel, etc.) — we no longer transmit your browsing data to advertising networks.

Cookie type	Purpose	Duration	Required
Session	Keep you logged in	Browser session	Yes (essential)
Authentication token	Maintain login across visits	30 days (if 'Remember me')	Yes if you check Remember Me
Preference cookies	Remember language, timezone, chart settings	1 year	Yes (UX essential)
Analytics (removed)	Site improvement aggregates	—	Removed May 2026

Your Rights

Under GDPR and equivalent laws, you have the following rights regarding your personal data.

Right to access: request a copy of all personal data we hold about you
Right to rectification: correct inaccurate or incomplete data
Right to erasure ('right to be forgotten'): delete your account and data (subject to AML retention requirements)
Right to restrict processing: limit how we use your data (e.g., pause marketing)
Right to data portability: receive your data in a machine-readable format
Right to object: object to processing based on legitimate interests
Right to withdraw consent: revoke previously-given consent for optional processing
Right to lodge a complaint: contact your local data protection authority

Data Retention

Personal data is retained only as long as necessary. Account data is kept while your account is active plus 5 years after closure (to meet AML record-keeping requirements). KYC documents are retained for 5 years post-account-closure per anti-money-laundering regulations. Trading records are retained for 7 years (financial reporting requirement). Support tickets are retained for 2 years. After retention periods expire, data is securely deleted or anonymized.

Data Security

We implement industry-standard technical and organizational security measures: TLS 1.3 encryption for all data in transit, bcrypt password hashing with per-user salt, AES-256 encryption for sensitive data at rest, segregated database clusters with restricted access, mandatory 2FA for employees with access to client data, regular penetration testing by third-party security firms, quarterly access audits. No system is 100% secure — in the unlikely event of a data breach affecting your information, we will notify you within 72 hours per GDPR Article 33.

International Data Transfers

Your data may be transferred and processed in multiple jurisdictions: Saint Vincent and the Grenadines (our headquarters), EU/US (cloud infrastructure), and the country where you reside. All transfers are protected by standard contractual clauses or equivalent legal mechanisms ensuring your data receives adequate protection regardless of jurisdiction.

Children's Privacy

Quotex services are not available to anyone under 18 years old. We do not knowingly collect data from minors. KYC verification rejects applications from users with date of birth indicating under 18. If we discover we have inadvertently collected data from a minor, we will delete it immediately and close the account.

Changes to This Policy

We may update this privacy policy to reflect changes in our practices or applicable law. Material changes will be notified via email to registered users at least 30 days before taking effect. The 'Last updated' date at the top of this page indicates the current version. By continuing to use Quotex after a policy change, you acknowledge the updated terms.

How to Contact Our DPO

For any privacy-related question, request, or complaint: Email [email protected] with subject 'Privacy Request — [your account email]'. Include: what right you wish to exercise, your account details, and any supporting documentation. We respond within 30 days as required by GDPR Article 12. For urgent security concerns (e.g., suspected data breach affecting you), use [email protected] for priority handling.

Frequently Asked Questions

Does Quotex sell my data?

No. We do not sell personal data to advertisers, brokers, or any third party. Data sharing is limited to operational partners (payment, KYC, hosting) bound by strict confidentiality.

Can I delete my Quotex account and all my data?

Yes — contact [email protected] to request account closure and data deletion. Note: AML regulations require us to retain certain records for 5 years post-closure, but these are kept in restricted-access archives, not used for any operational purpose.

Does Quotex use Google Analytics or Facebook Pixel?

No (as of May 2026). Our static-site architecture removed all third-party tracking scripts. We no longer transmit browsing data to advertising or analytics networks.

How long is my data kept?

Active account: indefinitely. After account closure: 5 years for KYC docs (AML requirement), 7 years for trading records (financial reporting), 2 years for support tickets. Then securely deleted.

What if I'm an EU resident — do I have GDPR rights?

Yes. Even though Quotex is headquartered offshore, we apply GDPR-equivalent rights to all users for consistency. Exercise via [email protected].

Will I be notified if there's a data breach?

Yes — within 72 hours of becoming aware of any breach affecting your personal data, per GDPR Article 33. Notification will be via email with details of what was affected and recommended protective steps.

Ready to start trading on Quotex?

Start Trading on Quotex →

Disclosure: Sign-up links on this page may earn us a commission at no extra cost to you. This does not affect the editorial accuracy of our content — payouts, methods, and platform features are reported as observed.