Privacy Policy
Version: 13 April 2025
—
Introduction
Moneywheel Research Zrt. operates www.ultrafx.com („UltraFx”), providing virtual and dedicated servers with ultra-low latency connectivity. These services are designed for proprietary trading firms, investment banks, hedge funds, and individual algorithmic traders, allowing them access to various trading venues and networks where digital assets can be exchanged for other digital assets or fiat currencies (the „Platform”). The Platform is accessible via our Website: https://www.ultrafx.com. Together, the Platform and Website are referred to as our „Services.”
UltraFx does not access, monitor, or process any trading data or user-generated data stored on the servers rented through our platform. All activities, files, or information that reside on these dedicated or virtual servers remain fully under the control and responsibility of the customer. This Privacy Policy solely covers the data we collect through our website, user registration, payment processing, and account-related services.
This Privacy Policy outlines what personal data we collect through our Services, how we process that data, the duration of retention, and your rights as a data subject under the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 („GDPR”).
Please read this Privacy Policy carefully. Certain terms used herein may be defined in the UltraFx User Agreement.
Who is responsible for your personal data?
Moneywheel Research Zrt. is the data controller for the processing of your personal data, as outlined in this Privacy Policy. We act as a ‘controller’ under the GDPR, except in situations where another party is explicitly responsible for data processing.
For any questions regarding personal data processing, please contact us at the details provided at the end of this Policy.
Personal Data We Collect
While using our Services, we may ask you to provide certain personally identifiable information, including:
– Name, postal address, email address, phone number
– Payment information (e.g. last 4 digits of your credit card number)
– Registration data (e.g. password) – KYC related data (see our: [KYC policy]() )
To access our Services and open an account, you are required to provide this information either at the time of registration or during payment. If required by law or necessary to provide new features, we may ask for additional data and will explain the purpose and legal basis at that time.
Information Collected Automatically (Usage Data)
We automatically collect certain information when you interact with the Platform. This includes:
– IP address
– Browser type and version
– Operating system
– Date, time, and duration of visits
– Pages visited and links clicked
– Device identifiers and diagnostic data
When using a mobile device, we may also collect:
– Device type and unique ID
– Mobile operating system and browser
This information helps us improve performance, enhance user experience, offer customer support, and detect fraud. Please refer to our [Cookie Policy](https://www.ultrafx.com/en/cookie-policy) for further information.
Information from Third-Party
Services
To facilitate payments, we partner with:
– Stripe (https://stripe.com/en-nl/privacy)
– PayPal (https://www.paypal.com/us/legalhub/paypal/privacy-full)
– CryptoProcessing (https://cryptoprocessing.com/privacy-policy)
These services may process your name, email, billing address, and partial payment information. We do not store complete payment card details. Each provider processes your data in accordance with their own privacy policy.
For cryptocurrency payments, a Know Your Customer (KYC) and Anti-Money Laundering (AML) check is required. This is conducted by our partner, [Argos Identity](https://www.argosidentity.com/), and includes:
– ID document and type
– Issuing country
– Date of birth, nationality, and gender
– Document number, issue and expiry dates
– IP address and email
– AML status, submission ID and timestamp
For more information, please refer to our [KYC Policy](#).
How We Use Your Personal
Data
We may use your personal data to:
– Deliver our Services and process payments
– Communicate service updates, legal notices, and critical security alerts
– Provide technical support and resolve issues
– Maintain administrative records and comply with legal obligations
– Prevent fraud and unauthorized access
Legal Basis for Processing
We process your personal data in accordance with the GDPR, and rely on the following legal bases under Article 6(1):
Consent (Article 6(1)(a) GDPR) – for specific purposes such as marketing communications, where you have actively opted in;
Contractual necessity (Article 6(1)(b) GDPR) – to perform the agreement between you and UltraFx. This includes the processing required for registration on our website and the provision of our server rental services.
Legal obligations (Article 6(1)(c) GDPR) – to comply with regulatory requirements such as tax, anti-money laundering (AML), and financial reporting.
Legitimate interests (Article 6(1)(f) GDPR) – including fraud prevention, network and service security, and ensuring high-quality service.
Data Retention
UltraFx retains personal data only for as long as necessary to fulfill the purposes outlined in this Privacy Policy, or as required by applicable law.
When you rent a server from UltraFx, we are legally obligated to retain billing-related information for accounting and tax compliance. These records may include limited personal data such as your name, billing address, and payment reference details. This billing data is retained strictly for the duration required by relevant financial and tax regulations.
Importantly, this retention obligation does not apply—under any circumstances—to any data that you store, transmit, or process on the servers you rent. UltraFx does not access, manage, or retain any content or activity related to the rented infrastructure. That data remains solely under your control and responsibility.
Once your rental period ends and there are no outstanding legal or financial obligations, we will delete or anonymize your personal data.
Location of the Servers
We currently store and process personal data using Amazon Web Services (AWS) located in Frankfurt, Germany. This data location is chosen to ensure reliable service performance and compliance with relevant data protection regulations, including GDPR. All personal data handled by UltraFx is processed within the European Economic Area (EEA), unless otherwise required by applicable law.
Please note that while UltraFx rents infrastructure located at other data centers, including Equinix LD4 (UK) and Equinix NY4 (US), these are not used by UltraFx to store or process personal data for the purposes of service registration, billing, or account management. These server locations are provided solely as part of our infrastructure rental offering.
UltraFx does not access, monitor, or control any data stored, transmitted, or processed on the servers rented by users at these facilities. Full responsibility for any data on those servers lies with the user. UltraFx provides only the infrastructure rental service and has no capacity or intention to process data on behalf of users on their rented servers.
We currently store and process personal data using Amazon Web Services (AWS) located in Frankfurt, Germany. This data location is chosen to ensure reliable service performance and compliance with relevant data protection regulations, including GDPR. All personal data handled by UltraFx is processed within the European Economic Area (EEA), unless otherwise required by applicable law.
International Data Transfers
UltraFx does not transfer your personal data to any third country or international organization by default. All personal data is processed and stored within the European Economic Area (EEA), primarily on servers located in Frankfurt, Germany.
Your personal data may only be transferred outside the European Union (EU) or European Economic Area (EEA) to countries that ensure an adequate level of data protection, as determined by the European Commission. A list of such countries is available here: [Adequacy Decisions](https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en). In cases where data is transferred to a country that does not offer an adequate level of protection, such transfers will only take place if appropriate safeguards are implemented. These include standard contractual clauses approved by the European Commission or if the transfer is necessary for the performance of a contract or to handle your specific requests. You may request a full and updated list of such transfers and the applicable safeguards by contacting us at the address listed in this Privacy Policy. Copies of relevant safeguards may also be requested.
Your Rights
As a data subject, you have the right to:
As a data subject under the GDPR, you have the following rights with regard to your personal data:
Right of Access: You have the right to request confirmation as to whether or not we process your personal data, and, where that is the case, access to that personal data along with related information about its processing.
Right to Rectification: You may request that we correct or update any inaccurate or incomplete personal data concerning you.
Right to Erasure (‘Right to be Forgotten’): You may request the deletion of your personal data where it is no longer necessary for the purposes for which it was collected, if it was unlawfully processed, or if deletion is required to comply with a legal obligation.
Right to Restrict Processing: You may request that we restrict the processing of your personal data in certain cases, such as when you contest its accuracy or object to its processing.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, and machine-readable format and to request that we transmit that data to another controller, where technically feasible.
Right to Object: You may object to the processing of your personal data at any time when such processing is based on our legitimate interests, including profiling. You also have the right to object to the processing of your data for direct marketing purposes.
To exercise any of these rights, please contact us via email or post using the details provided in this Privacy Policy. To exercise these rights, you may contact the Data Controller at any time by sending a letter to the address provided above or via email. We may need to verify your identity before processing your request. If you believe your data has been unlawfully processed, you also have the right to lodge a complaint with your local data protection authority.
If you believe that your personal data has been processed unlawfully, you have the right to file a complaint with the data protection authority. In Hungary, this is the National Authority for Data Protection and Freedom of Information (NAIH);
Address: H-1055 Budapest, Falk Miksa Street 9-11
Phone: +36-1-391-1400
Email: ugyfelszolgalat@naih.hu
Website: www.naih.hu
You may also file your complaint with a different data protection authority within the EU if it is located in your usual place of residence or the place where the alleged infringement occurred. In case of unlawful
data processing, you are also entitled to bring the matter before the competent court based on your place of residence or habitual residence. A list of competent data protection authorities is available here.
Policy Updates
We may update this Privacy Policy periodically. If substantial changes occur (e.g. new data types), we will inform you via our website or direct communication prior to the update taking effect.
UltraFx / Moneywheel Research Zrt.
You may reach us: privacy@ultrafx.com
—
Moneywheel Research Zrt.
Established: 2011
EU VAT nr.: HU23521050
Commercial Registration nr.: 13-10-041215 (Pest County Court as company court [Hungary])
Head Office: 34. Munkas Str., 2120 Dunakeszi, Hungary
Representative: 14. Via Vittorio Veneto, 67100 L’Aquila, Italy