This document on the Privacy Policy and Regulatory Safeguards is in effect as of November 19, 2020 and will remain in force until the publication of a newer version. Ferrari-Pay reserves the right to correct or supplement this Document at any time. This Document does not replace the Service Agreement (Terms and Conditions) which we ask you to read carefully before entering into any trading. The current version of this Document is available on our Website .














5.1. Within the Group


5.2. Unaffiliated third parties


6. YOUR RIGHTS UNDER THE GDPR (General Data Protection Regulation)














  Note: The English version of the present notice is the official version, and shall prevail on any occasion where there is a discrepancy between the English version and the version in any other language.




Protecting the privacy, and safeguarding the personal and financial information of our clients is of great importance to our company. If you have any questions about this Privacy Policy or how we process your Personal Data, please contact us at .

FERRARI-PAY SOFTWARE SOLUTION LTD is a company incorporated under English Law, with legal headquarters in London, 3RD FLOOR 86-90 PAUL STREET, England (hereafter referred to as “Ferrari-Pay” or “We/Us”). We are a service company which regulates the conduct of Exchange activities.

The purpose of the present Policy is to explain:


• what Personal Data we collect;


• how we use your  Personal Data;


• how, with whom, and when we share your Personal Data;


• your rights;


• other useful information regarding privacy and security.

The references to this “Personal Data” Policy refer to “Personal Data” as defined in (EU) Regulation 2016/679 of the European Parliament and of the European Council of 27 April, 2016, relative to the protection of physical persons with regard to processing their Personal Data, as well as the free circulation of said data, and annuls Directive 95/46/EC (General Data Protection Regulation) (hereafter referred to as “GDPR”).

References in this document to “Associate(s)” are intended as references to an enterprise, company or other member entity of our group, to a representative appointed by us or by another company of our group, or to any other person, with whom we have a contractual relationship, agency agreement, or other agreement which could reasonably give rise to a  community of mutual interests.

References in this document to the “Group” are to be understood as references to Ferrari-Pay and any entity controlled by or controlling Ferrari-Pay, as well as to entities under the common ownership and control of Ferrari-Pay, where direct “control” means direct or indirect control at of least 50% of the voting rights or capital of a company;

When we collect, elaborate, and store the Personal Data furnished by the user, we are subject to the provisions of the GDPR, and to the laws and regulations regarding the protection of Personal Data throughout National Territory.

We, our Associates, any person who has rights over us or our Associates, over any member of our Group, over any agents or subcontractors appointed by us, or who work for the purpose of collecting, storing, and processing Personal Data, as well as third parties who act on our or their own behalf, can collect, process, and store the Personal Data provided by the user for purposes related to performing the transactions and other services we provide, for operational support, and the development of commercial activities. They can also act by providing us, or others professional or other services, to enforce our or others’ contractual rights, and to enable compliance with contractual, legal, and regulatory provisions to which we or our associates and the aforementioned third parties are subject to, anywhere in the world. By opening an account with Ferrari-Pay, the user consents to the collection, processing, storage, and use of their Personal Data by our company, our Associates or third parties, in accordance with the dispositions of the present Privacy Policy. Furthermore, it is agreed that the processing and storage of the Personal Data furnished by the user can be performed in or from any jurisdiction  within or without the European Union, even in countries or territories that do not offer the same level of Personal Data protection enjoyed by users within the European Union.

Moreover, the user declares and pledges that if he is not a physical person who provides an individual’s Personal Data or is an individual who provides Personal Data for someone other than himself, when opening an account with us, he pledges and declares that said person, whose data is collected, stored, and processed accordance with the provisions contained in the present Privacy Policy, has been informed and has given his consent to said collection, storage, and processing of his Personal Data in accordance with the provisions contained in the present document. The individual must also have been informed of his rights in relation to the Personal Data collected and processed in accordance with the provisions contained in the present document.








Information the user provides when submitting a request to open an account with Ferrari-Pay:

This is the Personal Data that the user provides when filling out the request for opening an account on our Website: (hereafter referred to as the “Website”), including, but not limited to: name, address, date of birth, e-mail address, telephone number(s), professional occupation, and source of income, etc. The data is collected in order to facilitate evaluating the request, and to complete the evaluations relevant to the Client (“Know your Customer”), in addition to the anti-money-laundering and adequacy evaluations that are required of us under the applicable laws and the regulations. We also use this information for communicating with our Clients. We can collect details from your e-mail when you enter it on the landing page of the Website to create an account, but before the registration process has been completed.

 We may also collect information in case technical assistance or customer assistance is necessary.

As part of our verification procedure performed in accordance with the requirements of laws and regulations, we also collect information necessary to verify your identity, such as an identity document, passport, or driver’s license.

This information can also be obtained or verified by comparing it with personal information we receive about you from public records or other entities not affiliated with Ferrari-Pay.

Additional information we may collect:

We may (but not necessarily in every case) also collect the following information:

(I) name, contact and messaging information if you contact us or participate in surveys, contests, or promotions;


(II) details such as surfing information, data on location and other computer communication data (including IP address and browser type), collected when accessing and using our electronic exchange platforms (hereafter referred to as the “Platforms”);


(III) information on the devices you use when accessing the Platforms, including the ID of your specific device;


(IV) pages (including the Website application and all the internal pages/landing pages) visited and the contents viewed, the links and buttons clicked, the URLs visited before and after the visit to our Website (hereafter referred to as “Web Data”). For further information about cookies and how to manage them, please see our Cookie Policy;


(V) Information on the volume, and expected and actual value of the transactions with our company and information about the payment methods provided;


(VI) conversations, by telephone, on Skype or Live Chat with Ferrari-Pay customer service representatives;


(VII) your reactions to our marketing campaigns (for example, opening/clicking on the promotional  or marketing e-mails sent by us or any third party service provider);


(VIII) your social media profile (name, profile photo, and any other information that you make available, if any) when you connect with or contact us via a social media account;


(IX) information from third party databanks to comply with our legal and regulatory obligations. Information needed to verify your identity, such as an identity card, passport, or driver’s license. This information also includes the personal information that we receive about you from public records or from other entities not affiliated with Ferrari-Pay.

Ferrari-Pay collects the information necessary to open, trade, and safeguard your assets and your privacy, and to provide the services you request. To this end, Ferrai-pay collects information directly from you, and can, under certain circumstances, collect information from other sources (such as confirmation verification databanks and similar service providers) that we use to profile your needs and preference, and to provide the best service.

Regarding the GDPR, Ferrari-Pay acts as the manager of the Personal Data collected from the users.






For more information about how we use your Personal Data, contact us at .

Ferrari-Pay processes your Personal Data for the following purposes:


(I) Creating, verifying, and managing your accounts. We use the personal information such as name, identity document/passport data, e-mail address, telephone number, and information about the device used for: opening and managing your account with Ferrari-Pay; to provide technical support and customer service; to verify your identity; to process payment information, and to send important information about your account and important services. This information is necessary to allow Ferrari-Pay to fulfill its obligations under the terms of the Investment Services Contract between the Client and Ferrari-Pay (hereafter referred to as the “Contract”), and also for the purposes of compliance to the applicable laws and regulations.

In order to verify your identity, age, and the accuracy of the data provided during registration, we may disclose said information to third parties, e.g. financial institutions, third party referral agencies, and data verification service providers. These operations are necessary in order to comply with our legal obligations.

In addition, we may use said Personal Data to enforce the terms of the Contract, and/or, if necessary, for the purposes of any disputes, actions, or claims between the user and the company in relation to the Contract or to our service.


(II) Personalization. We may use your personal information, including, but not limited to professional details and account history to determine, send, and/or suggest tailor-made solutions to personalize our services in line with your background, prior knowledge of financial markets and the general user experience. This type of processing is necessary for the purposes of our legitimate interests in developing, providing, or presenting personalized services and contents for our clients.


(III) Marketing. Based on your expressed preferences (where applicable), we can use your personal information, including but not limited to your name, e-mail address, telephone number, location, and Web Data to provide marketing and event messages across various platforms, such as social networks, e-mail, text messages, mail, online, push notifications, or other. We will send marketing messages;

(a)  until consent is withdrawn (or ceases to be valid) or;

(b) during the period you have a relationship with our company, and, unless otherwise specified, for a reasonable period of time after the termination of the relationship, t inform you about products, services, promotions, and special offers that we believe may be of interest to you.

We may involve our Associates and other third party marketing and publicity service providers for the purpose of offering marketing solutions, or carrying out marketing and /or publicity campaigns on our behalf. We may provide Personal Data to said service providers on a limited basis in order to allow them to perform the aforementioned services.

In the marketing e-mails or other marketing messages sent by us or our Associates, we will include instructions about how to opt out of these messages in the future. You can manage your information and update your marketing preferences even in your account settings on our Website. It may take up to 72 hours to process any changes made to your marketing preferences. We also inform you that even if you opt out of receiving marketing messages, we may still send you important information relative to your account and our services.

We, or our Associates, may, from time to time, send you marketing material that may be of particular interest based on your behavior, such as your browsing history and your background. These marketing messages will provide you with information about products, service, active promotions or offers (as applicable) available from any company within the Group and information about products and services provided by our selected partners and third parties.


We use a combination of collected  information such as advertising cookies, your e-mail address/telephone number, and  your activity on the site to show you targeted and relevant advertising on a selection of authorized Websites and social media. This information may also be used to measure and analyze the effectiveness and reach of these advertisements, to help us improve and perfect our marketing strategy in accordance with our legitimate interests in promoting our products and services.

Except where we use your Personal Data for marketing purposes based on your prior written and informed consent, and based on the opt-out preferences that you have communicated to us in relation to marketing messages, we process your Personal Data for marketing purposes only as necessary on a legal basis and for our legitimate interests in promoting our products and services.


(IV) Risk management. In order to provide you with our services and comply with out regulatory obligations, we process your Personal Data as needed, to assess and manage the risks for our company. The type of Personal Data that we can process for this scope include, but are not limited to: browsing history and trading patters (which we can identify to prevent abuse and other illicit purposes), name, identity document, passport, and residence.


(V) Analysis, research and development. We can use the personal information for internal research and development, to help discover system problems, manage our Website, improve and test the features and functions of our services, and ultimately to develop new content, products, and services, and to carry out tests and analyzes. This processing in necessary to pursue the legitimate interests of our company.


(VI) Legal and regulatory obligations. We may be required to use and store personal information for legal and compliance reasons, such as prevention, detection, or investigation of a crime or fraud. We may also use your personal information to meet our internal and external audit requirements, for information security purposes and in any case that we deem it necessary and appropriate:

(a) pursuant to applicable law, which may include laws outside of the user’s Country of residence;

(b) to comply with the requests from courts, law enforcement agencies, regulatory agencies, and other public and governmental authorities, which may include authorities outside the user’s Country of residence;

(c) to enforce the terms of the Contract, to respond to any claims against us in relation to the transactions.

Profiling. In accordance with our legitimate interests described below or, as the case may be, in order to fulfill our legal obligations, we may carry out profiling and analysis according to location data, address, age, professional occupation, experience, activity, and trading behaviors for the following purposes:

(a) Customer segmentation, to offer more appropriate products and services and to develop more relevant marketing strategies;

(b) We use advertising campaigns with the aim of reaching potential clients. Said campaigns are intended to promote products or services;

(c) To perform our target market evaluations in accordance with regulatory requirements;

(d) To analyzing risk and trading;

(e) Licenses and legal obligations, for example, anti-money-laundering, age verification, and fraud prevention.

Other purposes. We may be required to use and store your personal information to prevent loss or to protect the rights, privacy, security, or property of our company or others, in accordance with out legitimate interests.





Upon termination of your Contract, we will retain your Personal Data, including, but not limited to your name, address, e-mail, telephone number, trading transaction history, deposits and withdrawals, for at least 5 (five) years, as required by European Parliament and Council Directive 2014/65/EU of 15 May, 2014 regarding markets and financial instruments, amending Directive 2002/92/EC and Directive 2011/61/EU (“MiFID II”). When we store and process your Personal Data for marketing purposes based on your consent, we will store it until your consent is withdrawn or ceases to be valid.

However, depending on the Country of residence and/or citizenship, there may be different statutes of limitations in effect. The statute of limitation is a legal institution that identifies a time limit for test actions or the advancement of claims of various types, which means that, based on the relevant jurisdiction, you have the right to lodge a complaint against Ferrari-Pay in relation to the services offered by Ferrari-Pay only within a certain period of time (“Term of Limitation”). We have a legitimate interest in storing personal information (such as identity, address, transaction and trading history, and records of communications with the company) in order to allow us to defend ourselves against any claim or complaint. Consequently, said personal information will be stored after the expiry date or termination of the Contract within the term of limitation.



Personal information may be transferred or disclosed to any company within the Group or, according to the agreements and arrangements necessary to ensure data protection, to third parties for processing of said personal information based on our instructions, and in compliance with this policy and any other confidential and security measures.


5.1. Within the Group

Ferrari-Pay may share information with the Associates within its Group and with their respective legal, accounting, tax, and financial advisors if said information is reasonably requested by said Associates for the following purposes:

• Creating, verifying and managing an account;

• Promotions and events;

• Risk management;

• Legal and regulatory obligations.

Where we share your Personal Data within the Group, you consent to this sharing, with the following Associates:

(1) The company that provides us with trading services

(2) The company that  provides us with information technology services

(3) The  company that provides us with  IT development and maintenance services;

(4) The company that provides us with IT development and security services.

All Associated companies are wholly controlled by the Group.


5.2. Non-affiliated third parties

Ferrari-Pay may, from time to time, contact third parties to process the information. These third parties provide the company with services at a global level, including customer assistance, payment processing, verification information technology, payments, sales, marketing, data analytics, research, and surveys. Under the agreements with our partners, we may be required to share personal information to enable those partners to provide us with those aforementioned services. We may disclose the information to debt collection and credit reporting agencies as is reasonably required in order to provide the services to the user.

In the event that the client has been introduced by a third party manager, this sales manager may have access to the user’s personal information and we may share it with him for the legitimate purpose of complying with the obligations provided by the manager according to the agreements between our company and said sales managers.

The personal information to which read-only access may be allowed includes information such as name, address, contact details (e.g. e-mail and telephone number) and exchange activities. If you do not want your data to be shared with the third party manager who introduced you to our business, you can withdraw your consent by informing us by e-mail.

 We will share your personal information with third parties when we believe it is necessary for legal and regulatory reasons, including but not limited to:


(I) To fulfill our legal obligations and respond to requests from government agencies, including law enforcement and other public authorities, including authorities outside your Country of residence. Without limiting the generality of the foregoing, Ferrari-Pay, as a company regulated under English law, is required to comply with certain obligations under the intergovernmental agreement with the United States, and has taken all reasonable measures into consideration in accordance with the law on tax compliance of foreign accounts (FATCA);




(II)  In the event of merger, sale, restructuring, acquisition, joint venture, assignment, transfer, or other disposition of all or part of our business, assets, or stocks (including in connection to any bankruptcy or similar);


(III)  To protect our rights, clients, systems, and platforms.

The Client understands and accepts that Ferrari-Pay is required to disclose information relating to United States citizens subject to reporting to the relevant authorities in accordance with FATCA reporting requirements. The Customer can contact Ferrari-Pay for further information or clarification before signing the present Contract.


Countries outside the European Economic Area (“EEA”) do not always have strong data protection laws. If we transfer your Personal Data from the EEA to other Countries where the applicable laws do not offer the same level of data privacy protection as the EEA, we will take the necessary steps to provide an adequate level of data privacy protection. For example we use contractual clauses in approved templates and other measures to designed to ensure that whoever receives your Personal Data is able to protect it. We work to guarantee that the information that we collect is processed in accordance with the present Privacy Policy and the applicable requirements.



6. YOUR RIGHTS UNDER THE GDPR (General Data Protection Regulation)


Based on the GDPR, you, as the data subject, possess certain rights, detailed here below. Some of these rights apply only in specific circumstances and various aspects are qualified by the exemptions in the data protection legislation. In our response to the requests we will clarify whether said exemptions are applicable.





Access to Personal Data: You have the right to request a copy of your personal information that we have in storage. To request a copy, please contact Customer Service from the Contact Us page.

You must include adequate identification information and other relevant information to help us fulfil your request. We will respond to your request as soon as possible.

Rectification of Personal Data: You can request that we rectify and correct any incorrect Personal Data in our possession.

Right to withdraw consent: If you have given consent to the processing of your Personal Data, you have the right to withdraw that consent. To deactivate marketing e-mails you can use the unsubscribe link found in the marketing communications you receive. To unsubscribe  receiving from SMS push marketing messages you can send us a message at the number provided in the SMS push marketing message you receive. You can also write to us at the e-mail address: .

Right of cancellation: You can request to delete your Personal Data if there are no compelling reasons for our continuing to process it. This right only applies in certain circumstances and is not a guaranteed or absolute right (for example, we may store you data as described in Section 4 above).

Right to data transfer: This right allows you to receive the Personal Data that you have provided to us with your consent, or that is necessary for providing our products and services in a format that allows you to transfer said data to another organization. You may have the right to request that our company directly transfer your Personal Data to the other organization, if this is technically possible.

Right to limited processing of Personal Data: You have the right, under certain circumstances, to ask that the processing of your Personal Data be suspended. In case of suspension of Personal Data processing, we may still store it, but any other processing of this information will require your consent, subject to a few exceptions.

Right to oppose the processing of your Personal Data: You have the right to oppose our use of your personal date processed on the basis of our legitimate interests. However, we may continue to process your Personal Data , despite your opposition, where there are legitimate reasons for doing so or if we need to process your Personal Data involved in any legal claim.

Rights relating to automatic decision-making and profiling processes: You have the right to not be subject to a decision based exclusively on automated processing (without human involvement) where said decision produces a legal effect or has an otherwise significant impact on you. This means that it is possible to request the involvement of one of our employees or representatives in the decision-making process. We are proud of the fact that we do not make automated decisions of this nature.




Our website and all its digital resources, the mobile app, and the landing page use cookies to optimize the proper functioning of our platform. This operation helps us to provide you with a quality experience when browsing on our site as well as allowing us to improve it. By continuing to use our site, you accept our use of cookies.




Ferrari-Pay may periodically update this Privacy Policy. In the event that Ferrari-Pay materially changes the present Privacy Policy, including the way we collect, process, or use your Personal Data, the amended Privacy Policy will be posted on the website to keep you informed. Any dispute regarding our Privacy Policy is subject to the present Privacy Policy and the present Contract.




I have read, understand and accept the terms of the Privacy Policy. I also confirm that I have full power and authority to be bound by the terms of the present Privacy Policy.

For any questions or for more information regarding the present Privacy Policy, click on the Contact Us page.