RankTrade
Get started

Privacy Policy

Effective date: 17 May 2026

1. Who we are

RankTrade ("RankTrade", "we", "us") is the operator of the educational simulated-trading platform available at ranktrade.io. This Privacy Policy explains what personal information we process, why, on what legal basis, with whom we share it, and the rights you have. It applies in addition to our Terms of Service.

We are committed to the principles of the UAE Personal Data Protection Law (Federal Decree-Law No. 45 of 2021) and, where applicable, the EU/UK General Data Protection Regulation. If you are in another jurisdiction with local data-protection rules, those rules may also give you rights you can exercise with us.

2. Information we collect

Information you provide

  • Account. Email, password (hashed), display name, public identifier.
  • Identity verification (when required). Government ID, selfie/liveness check, address proof, date of birth, nationality.
  • Communications. Messages you send to support, survey responses, content you post (e.g., display name).
  • Wallet and payment data. Crypto wallet addresses and transaction identifiers you provide for deposits or withdrawals.

Information collected automatically

  • Usage data. Pages viewed, actions taken (e.g., entries, orders), session duration, errors encountered.
  • Device and technical data. IP address, user-agent, browser, operating system, screen size, approximate location derived from IP, time zone.
  • Cookies and similar technologies. See our Cookie Policy.

Information from third parties

  • Payment service providers. Confirmation of deposit/withdrawal status, transaction identifiers, risk signals.
  • KYC/AML providers (when applicable). Verification results, sanctions and PEP screening outcomes.
  • Market data providers. No personal data — only price information about financial instruments.

3. How and why we use your information

  • To provide the Service — create and maintain your account, run competitions, settle balances, pay prizes.
  • To process payments — including with PSPs and cryptocurrency processors.
  • To verify identity and comply with law — including AML/CTF, sanctions, fraud prevention, tax reporting where applicable.
  • To keep the Service safe — detect bots, multi-accounting, collusion, exploits, and other prohibited conduct.
  • To improve the product — analytics, error tracking, A/B tests.
  • To communicate — service notices, account updates, responses to your questions and, with consent, marketing.
  • To enforce our Terms — investigate disputes, defend claims, take corrective action.

4. Legal bases (EU/UK users)

If GDPR applies to your use of the Service, we rely on the following bases:

  • Performance of a contract — running your account, competitions, payouts.
  • Legal obligation — AML/CTF, sanctions, tax, accounting, responding to lawful requests.
  • Legitimate interests — security, fraud prevention, product analytics, defending our rights.
  • Consent — optional marketing, non-essential cookies; withdrawable at any time.

5. Who we share information with

We do not sell your personal information. We share it only with the following categories of recipients, under appropriate contractual safeguards:

  • Service providers — hosting (cloud infrastructure), database and authentication (Supabase), email delivery, error monitoring, customer support.
  • Payment service providers and crypto processors — to settle deposits, withdrawals, and prize payouts.
  • KYC/AML providers — for identity verification and sanctions/PEP screening, where required.
  • Professional advisers — auditors, accountants, lawyers, under duties of confidentiality.
  • Authorities — when legally compelled or where necessary to detect or prevent fraud or other unlawful activity.
  • Successors — if we restructure, merge, sell assets, or transfer the Service, your data may be transferred under the same protections.

6. International transfers

We may transfer personal information outside the country in which you reside, including to the United Arab Emirates and the regions where our cloud providers operate. Where we do, we put appropriate safeguards in place — for example, the European Commission's Standard Contractual Clauses, the UK addendum, or equivalent mechanisms recognised under applicable law.

7. How long we keep information

  • Account and competition data — for as long as your account is open, then for up to seven (7) years to meet legal, audit, and dispute-resolution obligations.
  • KYC/AML records — typically five (5) years from the end of the relationship, or longer if required by law.
  • Support communications — up to three (3) years.
  • Analytics and logs — typically up to twenty-four (24) months, aggregated where possible.

8. Your rights

Subject to local law, you have the right to: access the personal information we hold about you; correct inaccurate data; request deletion; object to or restrict certain processing; withdraw consent where processing is based on it; receive a copy of your data in a portable format; and lodge a complaint with a supervisory authority.

To exercise any of these rights, email privacy@ranktrade.io. We may need to verify your identity before acting on the request.

9. Security

We use technical and organisational measures designed to protect personal information against unauthorised access, alteration, disclosure, or destruction. These include encryption in transit, access controls, audit logging, and least-privilege practices. No system is fully secure; we do not guarantee absolute security.

10. Children

The Service is not directed to children under 18. We do not knowingly collect personal information from anyone under that age. If you believe a minor has provided us with information, contact us and we will delete it.

11. Cookies

We use cookies and similar technologies for authentication, preferences, and analytics. See the Cookie Policy for details and for how to manage your choices.

12. Changes to this policy

We may update this Privacy Policy from time to time. We will announce material changes in advance through reasonable means (in-app notice or email). The effective date at the top of the page tells you when the current version took effect.

13. Contact

For questions about this Privacy Policy or about how we handle your personal information, contact our privacy team at privacy@ranktrade.io.