Privacy Policy

This Privacy Policy describes how Easier Prop (“Easier Prop”, “we”, “us”) collects, processes, stores, and discloses personal data in connection with the Easier Prop API (the “Service”). It applies to Partners that integrate the Service and, where the Partner makes the Service available to End Users, to those End Users.

Easier Prop is exclusively a technology provider. We are not a broker, financial intermediary, or custodian, and we do not provide financial advice. Defined terms used here have the meaning given to them in our Terms of Service.

2.1 Partner as Controller

In relation to End Users, the Partner is the data controller and determines the purposes and means of processing. Easier Prop acts as a data processor on behalf of the Partner and processes End User data strictly to the extent technically necessary to operate the Service.

2.2 Easier Prop as Controller

In relation to the Partner’s own account data (registration information, billing contacts, API key activity, support correspondence), Easier Prop acts as data controller.

3.1 Partner Account Data

• Contact details: name, email address, organization.
• Authentication data: hashed password, API keys, session tokens.
• Billing and tax information where applicable (handled by our payment processor; we do not store full card numbers).
• Support correspondence and any information you voluntarily provide.

3.2 MT5 Credentials

When a Partner or End User chooses to connect a MetaTrader 5 account, we receive and store the login, password, and server name necessary to maintain the connection to the Broker. These credentials are encrypted at rest using AES-256 and decrypted only in memory when required to establish a session with the Broker.

3.3 Operational Data

• API request and response metadata (endpoint, timestamp, status, latency, IP address) used for diagnostics and abuse prevention.
• Trading activity metadata generated by use of the Service (order identifiers, symbols, volumes, timestamps). The authoritative record of all trading activity is held by the Broker.
• Service logs, retained for a limited period for security, debugging, and capacity planning.

3.4 No Special Categories

We do not knowingly collect or process special categories of personal data (such as data concerning health, ethnicity, or political opinions). Partners and End Users should not submit such data through the Service.

We process personal data for the following purposes:

• Service delivery — to operate the API, maintain broker connectivity, and execute requests. Legal basis: performance of a contract.
• Security and abuse prevention — to monitor for unauthorized access, rate-limit violations, and fraudulent activity. Legal basis: legitimate interest.
• Billing and account management — to invoice Partners and maintain account records. Legal basis: performance of a contract and legal obligation.
• Compliance — to comply with applicable laws, including tax, accounting, and lawful requests from competent authorities. Legal basis: legal obligation.
• Service communications — to send transactional messages such as incident notifications, security alerts, and material changes to the Service. Legal basis: legitimate interest.

We do not sell personal data and do not use it for advertising or profiling.

5.1 Encryption

MT5 Credentials are encrypted at rest using AES-256 with per-tenant encryption keys. Data in transit is protected using TLS. Database access is restricted to a limited set of operational personnel under access controls and audit logging.

5.2 Hosting

The Service is hosted on infrastructure located within the European Economic Area. Where third-party processors are used (for example, hosting providers, payment processors, error monitoring), they are bound by appropriate contractual safeguards and data protection obligations.

5.3 No Absolute Guarantee

Despite the measures described above, no system is immune from compromise. Easier Prop does not warrant that unauthorized access, disclosure, alteration, or destruction of personal data is impossible. Partners and End Users assume responsibility for the decision to submit credentials and personal data to the Service, and we encourage the use of dedicated MT5 accounts and credentials that can be rotated independently.

We retain personal data only for as long as necessary for the purposes set out in this Policy:

• Account data — for the duration of the contractual relationship and a reasonable period thereafter to handle disputes and comply with legal obligations.
• MT5 Credentials — until the Partner or End User deletes the corresponding connection, or the account is terminated. On deletion, credentials are removed from active storage within a short operational window; encrypted backups age out under our standard backup rotation.
• Operational logs — retained for a limited period (typically 30 to 90 days) for security and diagnostics, after which they are aggregated or deleted.
• Records required by law — for example, invoices and accounting records, retained for the period required by applicable law.

We may disclose personal data only:

• To our infrastructure and service providers (hosting, payment processing, error monitoring), strictly as needed to operate the Service and under appropriate contractual safeguards.
• To the Partner whose account the data relates to, when the request is properly authenticated.
• Where required by law, regulation, court order, or other valid legal process from a competent authority.
• In connection with a corporate transaction (merger, acquisition, asset sale), subject to confidentiality safeguards.

We do not transfer MT5 Credentials to any party other than the Broker, and only for the purpose of establishing the connection requested by the Partner or End User.

Where personal data is transferred outside the European Economic Area, we rely on appropriate safeguards such as the European Commission’s Standard Contractual Clauses or equivalent mechanisms recognized under applicable law.

Subject to applicable law (including the EU General Data Protection Regulation where relevant), data subjects have the right to:

• access the personal data we hold about them;
• request rectification of inaccurate or incomplete data;
• request erasure of personal data where there is no overriding legal basis to retain it;
• object to or request restriction of processing in defined circumstances;
• request data portability where technically feasible;
• withdraw consent at any time, where processing is based on consent, without affecting prior lawful processing; and
• lodge a complaint with the competent data protection supervisory authority.

End Users should generally direct rights requests to the Partner acting as their data controller. If the request relates to data Easier Prop holds as a controller, contact us using the details in Section 11.

The Easier Prop dashboard uses strictly necessary cookies and local storage to maintain authenticated sessions and remember interface preferences. We do not use advertising or third-party tracking cookies. Where analytics are used, they are limited to aggregated, non-identifying usage metrics for the purpose of improving the Service.

For any privacy-related question, request, or concern, contact us at privacy@easierprop.com. We aim to respond to verified requests within the timeframes required by applicable law.

We may update this Privacy Policy from time to time. Material changes will be communicated by updating the version number and, where appropriate, by direct notice to Partners. Continued use of the Service after the updated Policy takes effect constitutes acceptance of the changes.