TradingBase
TRADINGBASE

TRADE SMARTER. GROW FASTER.

Market Intelligence

Academy, Library & AI

AcademyKhoá học & chứng chỉLibraryThư viện kiến thức tradingAITrợ lý phân tích macro XAUUSD

Feed & groups

Hall of LegendsBảng Phong Thần Trader — xếp hạng & vinh danhCommunityMạng xã hội Trade

Marketplace, ví, broker & IB

MarketplaceEA, Indicator, ToolsBroker HubSo sánh & chọn brokerBusiness CenterAffiliate & hoa hồng IB
ResearchPricingIntroduce

Market Intelligence

Market Intelligence

Learning

AcademyLibraryAI

Community

Hall of LegendsCommunity

Business

MarketplaceBroker HubBusiness Center

Research

News

Pricing

Pricing

Introduce

About TradingBase
Home / Legal / Data Processing Agreement

Browse

All documents

Quick links

Terms of ServicePrivacy PolicyCookie PolicyRisk DisclosureDisclaimerRefund PolicyCommunity GuidelinesSecurity PolicyAPI TermsAML/KYCData Processing Agreement

Data Processing Agreement

Version 1.0Effective 2026-07-17Updated 7/17/2026Language EN
Download MDDownload HTML

TradingBase Data Processing Agreement (DPA)

Document ID: LEG-012Version: 1.0Status: Draft for Legal ReviewEffective Date: [To be inserted]Last Updated: [To be inserted]

  • Purpose

This Data Processing Agreement (“DPA”) governs the processing of Personal Data by TradingBase where TradingBase processes Personal Data on behalf of a Customer.

This DPA supplements the TradingBase Terms of Service and Privacy Policy.

Where this DPA conflicts with another agreement regarding Personal Data processing, this DPA shall prevail to the extent of that conflict unless otherwise agreed in writing.

  • Definitions

For the purposes of this DPA:

Controller means the entity determining the purposes and means of processing Personal Data.

Processor means the entity processing Personal Data on behalf of the Controller.

Personal Data means information relating to an identified or identifiable natural person.

Processing includes collection, storage, use, disclosure, deletion, transmission, organization, or any other operation performed on Personal Data.

Applicable Data Protection Law means the privacy and data protection laws applicable to the processing activities covered by this DPA.

  • Scope

This DPA applies where:

a Customer acts as Controller;

TradingBase acts as Processor;

Personal Data is processed through TradingBase services.

This DPA does not apply where TradingBase acts as an independent Controller for its own operational purposes.

  • Processing Instructions

TradingBase shall process Personal Data only:

on documented instructions from the Customer;

as necessary to provide the contracted services;

where required by applicable law.

Where legally required processing conflicts with Customer instructions, TradingBase shall notify the Customer unless prohibited by law.

  • Categories of Personal Data

Depending on the services used, Personal Data may include:

account information;

contact information;

profile information;

authentication identifiers;

educational records;

trading journal entries;

API usage data;

support communications;

technical logs.

The exact categories depend on Customer configuration and Platform usage.

  • Categories of Data Subjects

Data Subjects may include:

Customers;

employees;

contractors;

students;

instructors;

community members;

API users;

authorized representatives.

  • Confidentiality

TradingBase shall ensure that personnel authorized to process Personal Data:

are subject to confidentiality obligations;

receive appropriate training where applicable;

access Personal Data only where necessary to perform their duties.

  • Security Measures

TradingBase shall implement reasonable technical and organizational measures designed to protect Personal Data, including where appropriate:

encryption;

authentication controls;

access management;

monitoring;

audit logging;

backup procedures;

vulnerability management;

incident response procedures.

Security measures may evolve over time provided they do not materially reduce the overall level of protection.

  • Subprocessors

TradingBase may engage subprocessors to support service delivery.

TradingBase shall:

exercise appropriate diligence when selecting subprocessors;

require subprocessors to protect Personal Data through contractual obligations;

remain responsible for the performance of its subprocessors to the extent required by applicable law.

A current list of subprocessors may be made available separately.

  • International Data Transfers

Where Personal Data is transferred internationally, TradingBase shall implement appropriate safeguards where required by Applicable Data Protection Law.

Such safeguards may include:

contractual transfer mechanisms;

adequacy decisions;

other lawful transfer mechanisms.

  • Assistance to the Customer

Where reasonably requested and taking into account the nature of the processing, TradingBase shall provide reasonable assistance regarding:

data subject requests;

security obligations;

regulatory inquiries;

privacy impact assessments where applicable;

compliance obligations related to the contracted services.

  • Personal Data Breach

If TradingBase becomes aware of a Personal Data Breach affecting Customer Personal Data, TradingBase shall:

investigate the incident;

take reasonable containment measures;

notify the Customer without undue delay where required by applicable law or contractual obligation;

provide available information reasonably necessary for the Customer to assess the impact.

  • Data Subject Rights

Taking into account the nature of the processing, TradingBase shall assist the Customer in responding to requests relating to:

access;

correction;

deletion;

restriction;

portability;

objection;

withdrawal of consent where applicable.

TradingBase may redirect requests directly to the Customer where appropriate.

  • Audits

Where permitted by applicable law and subject to reasonable confidentiality, security, and operational requirements, TradingBase may provide information reasonably necessary to demonstrate compliance with this DPA.

Audit requests should:

be reasonable in scope;

minimize operational disruption;

protect confidential information;

occur no more frequently than reasonably necessary unless required by law.

  • Data Retention and Deletion

Upon termination of applicable services, TradingBase shall, subject to legal obligations and documented Customer instructions:

return Personal Data where technically feasible; or

securely delete Personal Data within a reasonable period.

Certain information may be retained where required by applicable law or legitimate legal obligations.

  • Liability

Liability relating to Personal Data processing shall be governed by the applicable agreement between the parties and mandatory provisions of Applicable Data Protection Law.

Nothing in this DPA excludes liability that cannot lawfully be excluded.

  • Changes to this DPA

TradingBase may update this DPA to reflect:

legal developments;

regulatory guidance;

operational improvements;

changes to Platform services.

Material updates will be communicated through appropriate channels.

  • Governing Law

This DPA shall be governed by the governing law specified in the applicable agreement between the parties or otherwise determined under Applicable Data Protection Law.

  • Contact

Questions regarding this DPA or Personal Data processing may be submitted through TradingBase’s official privacy or compliance contact channels.

Appendix A — Subject Matter of Processing

The subject matter of processing consists of providing the TradingBase Platform and related services requested by the Customer.

Processing activities may include:

hosting;

storage;

synchronization;

authentication;

analytics;

customer support;

educational services;

AI-assisted services;

API operations.

Appendix B — Duration of Processing

Processing generally continues:

for the duration of the applicable service agreement;

until Customer instructions require deletion or return of data;

or for any additional period required by applicable law.

Appendix C — Technical and Organizational Measures (Illustrative)

Illustrative measures may include:

encryption of data in transit;

encryption of data at rest where appropriate;

role-based access controls;

authentication controls;

security monitoring;

vulnerability management;

backup procedures;

disaster recovery planning;

incident response processes;

employee confidentiality obligations.

These measures are reviewed periodically and may be updated as security practices evolve.

Appendix D — Categories of Subprocessors

TradingBase may engage subprocessors for services such as:

cloud infrastructure;

content delivery;

authentication;

payment processing;

customer support;

email delivery;

monitoring;

analytics;

document storage.

TradingBase will maintain appropriate contractual protections with subprocessors as required by applicable law.

TradingBase

TRADINGBASE

TRADE SMARTER. GROW FASTER.

Contact

tradingbase.asia@gmail.comIntroducePricing

Legal

Legal CenterTerms of ServicePrivacy PolicyCookie PolicyRisk DisclosureDisclaimerRefund Policy

Policies

Community GuidelinesSecurity PolicyAPI TermsAML/KYCData Processing Agreement

Academy · Signals · Market Intelligence · Community

© 2026 TradingBase · Terms · Privacy · Cookies