login/register

ICF Market Privacy Policy

 

Last updated: [9/26/2025]

1) Who We Are

ICF Market (“we”, “us”, “our”) operates https://icf-market.net (the “Website”). We are a UK‑registered company.
Data Controller: ICF Market Ltd, [registered address in the UK].
Contact: [email protected]

2) Scope

This Policy explains what Personal Data we collect, how we use it, how long we keep it, and with whom we share it. It applies to the Website, our downloadable digital products (NinjaTrader add‑ons/indicators), license activation services, support channels, and our multilingual training courses.

3) What Data We Collect

  • Account & Identity: first and last name, email, (optional) phone, country, billing details (name and billing address).

  • Transaction & Licensing: order ID, payment status/metadata (from our payment providers), product keys, and device/hardware identifiers (e.g., Machine ID or similar) strictly for generating and validating software licenses.

  • Technical & Usage: IP address, browser and OS, device type, time zone, pages visited, referral URLs, error logs.

  • Cookies & Similar Tech: session cookies (login/cart), preference cookies (e.g., language, UI), and analytics cookies (aggregate usage).

  • Support & Communications: messages you send us (tickets/emails), attachments, timestamps.

  • User‑Generated Content: comments, reviews, support forum posts (if available).

  • Media Uploads: if you upload images, do not include EXIF GPS; visitors may download and extract location data from images.

Comments & Gravatar: When visitors leave comments, we collect the data shown in the form, plus IP and user‑agent for anti‑spam. An anonymized hash of your email may be sent to Gravatar to check if you use it. Gravatar’s privacy policy: https://automattic.com/privacy/. After approval, your profile image is visible with your comment.

4) Why We Process Your Data (Legal Bases)

We process Personal Data only when a lawful basis applies. Depending on context, one or more of the following will apply:

  • Contract: to create/manage your account; process orders; deliver downloads; issue/validate licenses tied to your hardware; provide course access; and offer support.

  • Legitimate Interests: to secure our services (fraud prevention, license abuse detection, service logs); improve performance and user experience; maintain accurate records; and communicate essential service updates.

  • Consent: sending newsletters/marketing (opt‑in), storing non‑essential cookies, publishing testimonials with your name, and any optional profile fields. You may withdraw consent at any time via your profile or by contacting us.

  • Legal Obligation: tax and accounting record‑keeping and compliance checks where applicable.

5) Cookies

  • Essential cookies (authentication, cart, checkout, CSRF): required for the site to function.

  • Preference cookies (e.g., language, display): improve your experience.

  • Analytics cookies (aggregate usage): help us understand performance and usage patterns.
    Typical durations:

  • Login cookies: 2 days; “Remember me”: 2 weeks; screen options: 1 year.

  • Temporary cookie on login page to test cookie support: erased when you close the browser.

  • If you edit/publish content, a 1‑day cookie stores the post ID (no personal data).
    You can control cookies in your browser settings; blocking essential cookies may break login or checkout.

6) Payments, Licensing, and Third‑Party Services

  • Payments: We use cryptocurrency payment gateways and Wise for international payments. Sensitive payment data (e.g., full card numbers) is processed directly by the payment providers and is not stored by us. We receive limited transaction metadata (e.g., status, time, amount, payer reference) to reconcile your order.

  • Licensing: Our custom licensing system generates and validates license keys. For anti‑piracy and entitlement checks, we collect hardware/device identifiers necessary to bind a license to your machine and to enforce fair‑use. We do not use these identifiers for profiling or marketing.

  • Email (SMTP): Transactional emails (order confirmations, password resets, service notifications) are sent via an SMTP/email delivery provider.

  • Embedded Content: Articles may include embedded content (videos, images, etc.). Embedded content from other websites behaves as if you visit those sites directly; they may collect data, set cookies, and track your interaction per their own policies.

  • NinjaTrader / NinjaTrader Ecosystem: We are an official vendor/partner. We do not share your personal data with NinjaTrader or the NinjaTrader Ecosystem for their independent purposes. If any integration requires limited data exchange strictly to enable a feature you request, we will do so minimally and only to fulfill that request.

7) Sharing Your Data

We do not sell or rent Personal Data. We only share it with:

  • Processors/Service Providers: payments (crypto gateway, Wise), hosting/infra, email delivery, anti‑spam, and licensing infrastructure — solely to provide our services and under confidentiality and data‑processing terms.

  • Legal & Security: where required by applicable law or to protect our rights, users, or the service (e.g., fraud/abuse detection).

  • Business Transfers: in a merger, acquisition, or asset transfer, data may transfer to the successor subject to this Policy or a substantially similar policy, with advance notice on the Website.

8) International Data Transfers

We serve a global audience. Your data may be processed in the UK, EEA, or other countries where our providers operate. We apply appropriate safeguards so that protection travels with your data (e.g., contractual commitments with processors).

9) Data Retention

We keep Personal Data only as long as necessary for the purposes outlined above:

  • Account data: while the account is active.

  • Orders & billing records: as required by tax/accounting laws.

  • Licensing artifacts (hardware IDs, activations): for the active license term and a reasonable period afterward to manage re‑activations, anti‑fraud checks, and audit.

  • Support tickets/emails: for the life of the issue and a reasonable period for reference and training.
    When retention is no longer necessary, we delete or irreversibly anonymize data. Backups are purged on a rolling schedule.

10) Your Rights

Depending on your location, you may have rights to: access, rectify, erase, restrict, object to certain processing (e.g., direct marketing), and data portability; plus the ability to withdraw consent where processing is based on consent. You can manage much of this via your account profile; otherwise contact [email protected]. We will respond within a reasonable time.
Age: Our services are for users 18+. We do not knowingly collect data from minors.

11) Security

We implement technical and organizational measures to protect Personal Data, including HTTPS (TLS), encrypted credentials at rest, role‑based access, least‑privilege administration, server hardening, monitoring, and staff confidentiality obligations. No online system is 100% secure, but we continually improve safeguards and investigate suspected incidents.

12) Comments, Password Resets & Anti‑Spam

If you request a password reset, your IP may be included in the reset email for security. Visitor comments may be checked via automated spam detection.

13) Changes to This Policy

We may update this Policy to reflect operational or legal changes. We will post the updated version here with a new “Last updated” date and, when appropriate, provide a more prominent notice.

if you need more info just contact us!