Legal

Privacy Policy

Effective date: May 28, 2026 · Last updated: May 28, 2026

Draft template — not legal advice. This document was generated as a starting point for OpenMarkets and has not been reviewed by an attorney. Replace every [bracketed] placeholder and have qualified counsel review and tailor it to your actual data practices and the laws of every jurisdiction where you operate (including US state privacy laws such as the CCPA/CPRA, the EU/UK GDPR, and applicable financial, gaming, and KYC/AML regulations) before publishing.

Contents

Who we are & scope
Information we collect
How we use information
How we share information
Connected venue accounts
Cookies & analytics
Data retention
Security
Your privacy rights
Account & data deletion
Children
International transfers
Changes to this policy
Contact us

This Privacy Policy explains how OpenMarkets Network, Inc. ("OpenMarkets," "we," "us," or "our") collects, uses, discloses, and protects information in connection with our websites, the OpenMarkets mobile application, and related services (collectively, the "Services"). By using the Services, you agree to the practices described here.

1Who we are & scope

OpenMarkets provides execution infrastructure that consolidates and routes orders across third-party trading venues. This policy applies to personal information we process as a controller (or business) when you use the Services. It does not cover the independent privacy practices of the third-party venues or other services you connect or link to, which are governed by their own policies.

2Information we collect

Information you provide

Account information — name, email address, phone number, username, and password.
Identity verification — where identity or eligibility checks are required, they are performed by the connected partner venues under their own terms; OpenMarkets does not operate a separate identity-verification process.
Communications — messages you send to support and related metadata.

Information from connected venues

When you connect a third-party venue account, we receive and securely store the access tokens or credentials, account identifiers, balances, positions, orders, and trading activity necessary to display your information and route orders on your behalf. We use this access only to provide the Services at your direction, and we protect connection data with encryption and other industry-standard safeguards.

Information collected automatically

Device & usage — IP address, device identifiers, app version, operating system, pages/screens viewed, and interactions.
Cookies & similar technologies — including analytics tags such as Google Tag Manager/Analytics (see Cookies & analytics).

Information from third parties

Identity, fraud-prevention, and analytics partners, and the venues you connect.

3How we use information

Provide, operate, maintain, and improve the Services, including consolidating prices and routing orders across connected venues;
Comply with applicable legal, regulatory, and compliance obligations;
Detect, prevent, and address fraud, abuse, and security incidents;
Communicate with you, including service, security, and support messages;
Analyze usage and measure and improve performance; and
Comply with law and enforce our Terms of Use.

[If you rely on GDPR legal bases, state them here: consent, contract, legal obligation, legitimate interests.]

Service providers / processors — hosting, analytics, identity verification, customer support, and similar vendors acting on our behalf;
Connected venues — to route and execute the orders you initiate;
Legal & safety — to comply with law, regulation, legal process, or governmental request, and to protect rights, safety, and property;
Corporate transactions — in connection with a merger, acquisition, financing, or sale of assets; and
With your consent or at your direction.

We do not sell your personal information [confirm; if you "sell" or "share" as defined by the CCPA/CPRA, disclose it and provide an opt-out].

5Connected venue accounts

The Services let you connect accounts you hold at third-party venues so we can display your information and route orders. Your funds and positions remain with those venues; we act as a connectivity and routing layer. Each venue is an independent third party with its own terms and privacy policy, and we are not responsible for their data practices. You can disconnect a venue at any time from your dashboard or menu panel in the app.

6Cookies & analytics

We and our partners use cookies and similar technologies to operate the Services and understand usage, including Google Tag Manager and Google Analytics. You can control cookies through your browser settings and opt out of certain analytics. [Add a cookie banner / consent mechanism where required, and link your cookie settings.]

7Data retention

We retain personal information for as long as needed to provide the Services and for legitimate business or legal purposes, including regulatory recordkeeping (which, for financial and identity records, may be a number of years). In general, we keep personal information only as long as needed for the purposes described above and to meet our legal retention obligations.

8Security

We use reasonable administrative, technical, and organizational measures designed to protect personal information. No method of transmission or storage is completely secure, and we cannot guarantee absolute security.

9Your privacy rights

Depending on where you live, you may have rights to access, correct, delete, port, restrict, or object to the processing of your personal information, and to withdraw consent.

California (CCPA/CPRA)

California residents may have the right to know, delete, and correct personal information, to opt out of the "sale" or "sharing" of personal information, to limit the use of sensitive personal information, and to non-discrimination for exercising these rights. [Describe categories collected/disclosed in the prior 12 months and your opt-out method.]

EEA / UK (GDPR)

If you are in the EEA or UK, you have the rights described above and may lodge a complaint with your supervisory authority. [Identify the controller, EU/UK representative, and DPO if applicable.]

To exercise any right, contact us at support@openmarkets.ai. We will verify your request as required by law.

10Account & data deletion

You can request deletion of your account and associated personal information by emailing support@openmarkets.ai with the subject "Account deletion request." We will process the deletion subject to information we are legally required to retain.

11Children

The Services are not directed to children and are intended only for individuals who are at least 18 years old, or the minimum age required by each connected partner if higher. We do not knowingly collect personal information from minors. If you believe a minor has provided us information, contact us and we will take appropriate steps.

12International data transfers

We may process and store information in countries other than where you live. Where required, we use appropriate safeguards for cross-border transfers. [Describe mechanisms, e.g., Standard Contractual Clauses, if applicable.]

13Changes to this policy

We may update this Privacy Policy from time to time. We will post the updated version and revise the "Last updated" date above, and will provide additional notice where required by law.

14Contact us

OpenMarkets Network, Inc.
718 N Washington Ave, Minneapolis, MN 55401
Email: support@openmarkets.ai