• en
  • es

Privacy Policy

Your personal data and assets are our highest priority. We are fully committed to safeguarding them.

Cumbre Finlux collects and retains data necessary for your trading activities. The methods for collecting and storing this data are outlined in the Privacy Policy below.

Our policy is governed by the following principles:

  • To ensure complete transparency about our practices for collecting and storing your personal data:

Our goal is to ensure you understand how we collect and process all data so you can make an informed decision. We follow clear guidelines and processes for handling data on this website at every step. Our policy details the specific methods we use so you have clear, concrete information about its use. You are in control at all times.

We will always share information promptly whenever we determine you should be informed. Transparency is essential to us.

Our experienced team is always available to answer your questions about our processes, including our obligations under the laws of España. You can reach us at: info@cumbre-finlux.com

  • We do not use personal data for any purposes other than as described in our Privacy Policy.

We may process personal data for the following purposes, including ensuring the proper operation of Cumbre Finlux services and connecting trader members with third-party trading platforms. We may also use it to maintain and enhance website features and services, protect our rights, and comply with regulatory or other legal obligations. Finally, we may process this data as needed to deliver administrative and other business functions related to the Services we provide to you, the client.

To deliver better services tailored to your preferences and needs, Cumbre Finlux processes personal data.

  • To access and use essential tools that protect your personal data and safeguard your rights in this context:

You can contact us at any time to access all of your personal data. We can also update or delete it as needed. In addition, we can fulfill requests to transfer that data to you or to a designated third party. We provide these services and support so you can better exercise your rights to privacy and control.

  • Safeguard your personal data:

Our security systems are built to the highest standards, with banking-grade safeguards. While a 100% guarantee is not possible, we are committed to continually enhancing our infrastructure to the highest practicable level and strengthening the protective measures we already have in place.

We maintain a detailed and comprehensive privacy policy and the highest level of security systems.

1. The Scope?

This policy outlines our procedures for the collection, processing, and sharing of all data relating to natural persons.

The terms of our policy apply to all natural persons who are identifiable or identified. This includes any natural person who can be identified, or has already been identified, through data entrusted to us or data we can access and/or combine.

Data processing, as defined in the Privacy Policy, specifically refers to the storage, management, and organization of personal data.

We do not collect, nor do we intend to collect, any information about individuals under 18. We also do not allow individuals under 18 to use our platform for any purpose. If we discover any user or any information relating to a person under 18, that information will be deleted immediately.

2. What personal data do we retain?

When you register with us, we collect the personal data necessary to enable your use of our services. When required, we may also ask you to provide personal data to verify ownership of an account, for example. To maintain and improve the highest quality of our services, we collect and analyse data about how you use our platform, as well as services offered by our third-party partners.

3. You are under no obligation to share your personal data with the company.

Although you are not obliged to provide your data, choosing not to do so may limit the services we can offer. It may also restrict your ability to use our platform.

4. What personal data do we collect? When you visit our website, we may collect the following personal data:

We do not collect data that directly identifies you. We do, however, collect details such as your account activity, users’ IP addresses, and the date and time of access. For maintenance, security, and support, we retain system crash reports, browser information, and the device type used to access your account. We also record the language associated with your account.

Regarding personal data collection, we collect and store only the information you consent to share with us when you connect, through us, to a third-party trading platform.

The personal data you have supplied to third-party platforms may include: full name, address, phone number, and email address.

5. Why does the company need my personal data, and is it lawful for them to collect it?

The company's collection, storage, and processing of your personal information are solely for the purposes set out in the Policy. All such uses and processing comply with applicable laws in España.

The company cannot handle, process, or transmit your data except in compliance with the applicable laws in España. The legal bases for doing so are as follows:

  • You have agreed to allow the company to store and process your personal data. By submitting your data to the company, you authorize us to transfer it to the relevant third-party trading platform. You have consented to the processing of your personal data for one or more purposes.
  • To enhance our services, establish or defend legal claims, and pursue legitimate interests, among other purposes, the company may need to store and process your personal data.
  • Data processing is necessary to meet legal obligations.

If you would like to learn more about the data processing the company is legally required to perform, please feel free to contact us by email.

Below you will find a list of the specific purposes for which we may process your personal data, together with the applicable legal bases.

Scope
Legal basis

To provide you with access to digital trading, and only at your request, we will share your personal data with third-party platforms.

Your data may be collected and shared with third-party companies solely at your request and discretion.

You have consented to the processing of your personal data for one or more purposes.

Please share the required information so we can respond promptly and effectively to your requests, concerns, and questions about our services.

To allow the company to pursue its legitimate interests, or those of a duly appointed third-party company, processing of personal data is necessary.

To fulfill our legal obligations, as well as administrative requirements, we need to process personal information.

To comply with our legal obligations, we must process certain personal data.

Anonymised personal data and usage tracking are necessary to improve our services, including crash reporting.

To protect the legitimate interests of the company and its third-party service providers, we need to process and store personal data.

This measure is necessary to prevent fraud and protect against misuse of our service.

To safeguard the legitimate interests of the company and its third-party service providers, we need to process and store personal data.

To meet our service obligations, we oversee and carry out data processing for business development, strategic decision-making, oversight and compliance with legal obligations, as well as other business operations.

To safeguard the legitimate interests of the company and our third-party service providers, we must process and store personal data.

We leverage statistical and analytical tools to support decision-making across our broad range of services and strategic planning.

To protect the legitimate interests of the company and our third-party service providers, we need to process and store personal data.

When necessary to protect the company's rights, assets, and interests, and those of our third-party service providers, and to comply with all applicable local laws, regulations, agreements, and our own terms, conditions, and policies, we may process personal data. We will do so only in accordance with the necessary and established procedures.

To protect the legitimate interests of the company and our third-party service providers, we need to process and store personal data.

6. Sharing of Personal Data with Third Parties

To store and process IP addresses, conduct user surveys and analyses, and to provide other related services and functions, the company may share anonymised personal data with third-party service providers.

At your request, we will share certain personal data you provide with third-party services. In such cases, the use of your data will be governed by that company’s privacy policy. This may include multiple digital trading platforms.

To better serve our clients and enhance our overall services, the company may share personal data with its affiliates and partner companies.

When required by law, or to protect our rights and assets and those of our third-party partners, we may disclose data to competent legal or regulatory authorities.

In the event of a critical business transaction—such as the sale of the company or the pursuit of investment or financing—relevant data may be shared in a lawful and appropriate manner. This also applies in the case of a merger, restructuring, consolidation, or bankruptcy, as required by law.

7. Use of Cookies and Third-Party Services

To support site analytics and our work with advertising partners, we may use cookies and similar technologies, in accordance with applicable law and industry standards.

Cookies—small data files stored on your device when you visit a website—are used to collect information about browsing behaviour, preferences, and more. Their purpose is to personalise and enhance your experience. They allow us to remember your settings and preferences and to tailor our services accordingly. We also use cookies for website analytics and statistical reporting to support strategic planning.

Broadly speaking, the site uses two types of cookies. Session cookies are saved only for the duration of your visit and are removed when you close your browser. Persistent cookies remain in your browser even after your session ends. These enable the site to recognize you as a returning visitor and streamline your experience.


Types of cookies:

Cookies may be used as necessary, in accordance with their intended purpose:

Type of cookie

Cookies are strictly required

Scope

Cookies are used to recognize you as a client, enabling us to more effectively deliver the information, settings, and services you need and use. They also help you navigate our website and facilitate your access.

To enable your device to download and stream data, cookies are used. In addition, they make it possible for you to access relevant features and return to previously visited pages.

Additional Information

To enable quick and easy access to the site, cookies store and process certain personal data, such as your username and last login date, for example when you choose the remember me option at sign-in.

Session cookies are deleted when you close your web browser.

Type of cookie

Functionality cookies

Scope

Cookies enable us to securely store and quickly retrieve your settings and preferences. They also help us recognize you when you return to our website.

Additional Information

Persistent cookies continue after your browsing session and remain until they expire.

Type of cookie

Cookies for performance

Scope

To improve our services, we use cookies to collect statistical information. These cookies provide data on site performance and usage.

Additional Information

All information stored in cookies is anonymous and cannot be linked to any individual.

Session cookies are removed when you close your browser, while persistent cookies remain active until they expire—or indefinitely—unless you delete them.

Cookies are blocked or have been deleted

If you want to delete cookies or block them from being set, you must do so through your browser settings. Follow the links below for step-by-step instructions for the most popular browsers.

  • firefox
  • Microsoft Edge
  • Google Chrome
  • safari

Blocking cookies will prevent some site features and functions from working properly.


ONLINE TRACKING NOTICE

Your personal data will be retained for as long as necessary to perform the operations described in this policy. It may be retained for a longer period to comply with local laws, regulations, and company policies.

Your personal data will be shared, at your request and discretion, with third-party trading platforms for 12 months. When that 12-month period ends, and with your consent, it will be shared for a further 12 months.

Our operations include the regular review of all personal data to determine whether it is still required.

9. Transfers of personal data to third countries or international organizations

As required to provide our services and/or for security reasons, personal data may be transferred to third countries (outside your country) and to international organizations under comprehensive security protocols. We apply the highest standards of data security to protect your information and to ensure you have access to legal remedies and rights in all situations.

All residents of the EEA (European Economic Area) are protected by data protection laws and safeguards.

  • All data transfers take place under EU jurisdiction and competence, in accordance with the data protection standards set out in Article 45(3) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (“GDPR”)
  • All data transfers between public bodies or authorities are carried out in accordance with Article 46(2). This agreement is legally binding and enforceable.
  • The European Commission’s Standard Contractual Clauses (SCCs), issued under Article 46(2)(c) of the GDPR, set the conditions for data transfers, which are conducted in accordance with them. The Clauses are available at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

For details on the specific security measures the company uses to safeguard your personal data during third-country transfers, please send your request by email to info@wealthwaydigital.uk

10. Protection of Personal Data

Personal data is safeguarded using the highest standards of technical and organizational measures, aligned with industry best practices. These measures are designed to prevent data destruction caused by unlawful or accidental events, as well as the loss or alteration of that information.

Although we apply the highest level of care and follow data‑protection procedures required by applicable law, it is not possible to guarantee in every circumstance that your personal data will remain entirely error‑free. For that reason, we cannot be held liable in any case where personal data is disclosed or suffers damage of an incidental, intangible, or consequential nature. This includes circumstances beyond our control, such as disclosure resulting from transmission errors, unauthorised third‑party access, or any other cause of a similar nature.

If we receive legally binding requests from regulators or other authorities, we may be required to disclose your personal data to them. After disclosure under a legal obligation, we cannot control how those authorities handle, store, or protect your data.

Any information transmitted over the internet, including personal data, involves some risk of interception and is not 100% secure. The Company cannot guarantee the security of any data transmitted online.

11. Links to Third-Party Websites

On this website, you may encounter links to third-party applications and websites. Please be aware that these entities are not affiliated with us and are not under our control, and our privacy policy does not apply to them. They have their own procedures and priorities for collecting and processing personal data, and we are not responsible for such activities. Use at your own discretion.

Always review the privacy policy of any company or service when you visit their website before providing any personal data. Ensure that their data collection, use, and processing practices align with your preferences and priorities. Any data you choose to share should be provided directly to the service provider.

12. Policy Amendments

We reserve the right to update or modify our policy at any time. We will communicate any changes on the website and through other appropriate channels. The updated version of the privacy policy will be posted on the website and will take effect immediately upon publication, unless otherwise stated.

13. Your rights regarding personal data

You retain full control and the final decision over how your personal data is used, including verifying its accuracy, correcting errors, and choosing to delete it or restrict both the scope and nature of our processing.

On this page, residents of the EEA can find information relevant to them:

Your personal data is protected by the rights described herein. By sending an email to the address below, you can exercise those rights immediately.

Accessing Your Rights

If the personal data you have provided to us is accurate, you may access it at any time. Any of your personal data that we process is accessible by us and therefore verifiable.

You may request access to your personal data at any time for verification, and it will be provided to you in electronic format. If you request additional copies of the data we process beyond the initial copy, a reasonable fee may apply.

Rights granted by law and by the privacy policy must not infringe the rights of others. The company may deny or restrict access to personal data where doing so would encroach on the rights and freedoms of others.

Right to Rectify Errors

Any errors in your personal data, whether due to omissions or incorrect information, may be corrected by you or by the Company to ensure proper processing.

Erasure Rights

You have the right to request the deletion of your personal data in the following circumstances. 1) If your data has been processed without your consent or beyond lawful limits. 2) Upon your request to have the data removed where the Company has no legal obligation to retain it. 3) If you no longer consent to any processing by us, even if lawful and within our or a third-party provider’s legitimate interests, and, finally, 4) If we are legally required to delete your data.

The right to erasure may be overridden by legal obligations under EU law or the laws of any Member State. Likewise, this applies where data is needed for the establishment, exercise, or defence of legal claims.

Right to Restrict Data Processing

You have the right to request a restriction on the processing of your personal data if you believe it contains inaccuracies.

Upon your request to restrict the use of your personal data, it will be deleted except in the following circumstances: 1) where laws of the European Union or any Member State prevent this; 2) with your consent, if needed to establish, exercise, or defend legal claims; 3) to protect the rights of another natural person.

Data Portability Rights

You have the right to access and review any personal data you have provided, if you have consented in any way to its collection and its processing is carried out by automated systems.

You have the right to request the transfer of any or all of your personal data to another company or organisation, where technically feasible. This does not affect your right to have your data deleted. This right cannot be exercised if doing so would infringe the rights or freedoms of another natural person.

Right to object to data processing

Regardless of the Company's right to pursue its legitimate interests, or those of a third-party service provider, you have the right to object to processing and request that the processing be stopped. This right does not apply where there are compelling legal grounds to continue processing, including for the establishment, exercise, or defense of legal claims, as permitted by law. In these circumstances, we may continue processing your personal data.

You may object at any time to the processing of your personal data for any direct marketing purposes.

Right to Decline or Withdraw Consent

You have the right to withdraw your consent to our processing of your personal data at any time and, where possible, with immediate effect. This does not apply retroactively to any processing carried out before your withdrawal of consent.

If you are dissatisfied for any reason, you have the right to lodge a complaint with any legal, regulatory, or other supervisory authority.

If you believe your rights and freedoms have been violated in connection with the processing of your personal data, each European Union Member State has established regulatory and supervisory authorities for this purpose. You may lodge a complaint with these authorities at your discretion.

Section 13 outlines circumstances in which your personal data rights may be limited under European Union law or the laws of its Member States.

Once we receive your request concerning your personal data and its processing, we will provide access to the information you requested, as outlined in Section 13 of this policy. We may extend this timeframe by up to two months, depending on the volume and nature of requests. If an extension is required, we will notify you of the new deadline within one month of receiving your request.

We will provide the requested information electronically at no cost, unless doing so would contravene applicable law or the terms of Section 13. We reserve the right to charge a reasonable fee or to refuse a request that is manifestly unfounded, excessive, or repetitive.

We reserve the right to request additional proof of identity whenever there is reasonable doubt about the individual submitting a personal data request, to ensure data protection and security.