This page together tells you the terms of use on which you may make use of our website (our site), whether as a guest or a registered user. Please read these terms of use carefully before you start to use the site. By using our site, you indicate that you accept these terms of use and that you agree to abide by them. If you do not agree to these terms of use, please refrain from using our site.

This site is operated by the Company as named on each page of this website (“We”). We are registered in England and Wales. Our Registered office, place of business, Company number and VAT number are as follows:
  • Monex International Limited – 04974470
  • 32 Spring Street , Paddington W2 1JA
  • VAT Number – 119618600

Access to our site is permitted on a temporary basis, and we reserve the right to withdraw or amend the service we provide on our site without notice (see below). We will not be liable if for any reason our site is unavailable at any time or for any period.

From time to time, we may restrict access to some parts of our site, or our entire site, to users who have registered with us.

If you choose, or you are provided with, a user identification code, password or any other piece of information as part of our security procedures, you must treat such information as confidential, and you must not disclose it to any third party. We have the right to disable any user identification code or password, whether chosen by you or allocated by us, at any time, if in our opinion you have failed to comply with any of the provisions of these terms of use.

You are responsible for making all arrangements necessary for you to have access to our site. You are also responsible for ensuring that all persons who access our site through your internet connection are aware of these terms, and that they comply with them.

We are the owner or the licensee of all intellectual property rights in our site, and in the material published on it. Those works are protected by copyright laws and treaties around the world. All such rights are reserved.

You may print off one copy, and may download extracts, of any page(s) from our site for your personal reference and you may draw the attention of others within your organisation to material posted on our site.

You must not modify the paper or digital copies of any materials you have printed off or downloaded in any way, and you must not use any illustrations, photographs, video or audio sequences or any graphics separately from any accompanying text.

Our status (and that of any identified contributors) as the authors of material on our site must always be acknowledged.

You must not use any part of the materials on our site for commercial purposes without obtaining a licence to do so from us or our licensors.

If you print off, copy or download any part of our site in breach of these terms of use, your right to use our site will cease immediately and you must, at our option, return or destroy any copies of the materials you have made.

Commentary and other materials posted on our site are not intended to amount to advice on which reliance should be placed. We therefore disclaim all liability and responsibility arising from any reliance placed on such materials by any visitor to our site, or by anyone who may be informed of any of its contents.

We aim to update our site regularly, and may change the content at any time. If the need arises, we may suspend access to our site, or close it indefinitely. Any of the material on our site may be out of date at any given time, and we are under no obligation to update such material.

The material displayed on our site is provided without any guarantees, conditions or warranties as to its accuracy. To the extent permitted by law, we, other members of our group of companies and third parties connected to us hereby expressly exclude:

  • All conditions, warranties and other terms which might otherwise be implied by statute, common law or the law of equity.
  • Any liability for any direct, indirect or consequential loss or damage incurred by any user in connection with our site or in connection with the use, inability to use, or results of the use of our site, any websites linked to it and any materials posted on it, including, without limitation any liability for:
    • loss of income or revenue;
    • loss of business;
    • loss of profits or contracts;
    • loss of anticipated savings;
    • loss of data;
    • loss of goodwill;
    • wasted management or office time; and
  • Any liability for any other loss or damage of any kind, however arising and whether caused by tort (including negligence), breach of contract or otherwise, even if foreseeable, provided that this condition shall not prevent claims for loss of or damage to your tangible property or any other claims for direct financial loss that are not excluded by any of the categories set out above. This does not affect our liability for death or personal injury arising from our negligence, nor our liability for fraudulent misrepresentation or misrepresentation as to a fundamental matter, nor any other liability which cannot be excluded or limited under applicable law.
We process information about you in accordance with our privacy policy, which is also be found on this website. By using our site, you consent to such processing and you warrant that all data provided by you is accurate.

Whenever you make use of a feature that allows you to upload material to our site, or to make contact with other users of our site, you must comply with any applicable laws and content standards. You warrant that any such contribution does comply with those standards, and you indemnify us for any breach of that warranty.

Any material you upload to our site will be considered non-confidential and non-proprietary, and we have the right to use, copy, distribute and disclose to third parties any such material for any purpose. We also have the right to disclose your identity to any third party who is claiming that any material posted or uploaded by you to our site constitutes a violation of their intellectual property rights, or of their right to privacy.

We will not be responsible, or liable to any third party, for the content or accuracy of any materials posted by you or any other user of our site.

We have the right to remove any material or posting you make on our site if, in our opinion, such material does not comply applicable laws or content standards.

You must not misuse our site by knowingly introducing viruses, trojans, worms, logic bombs or other material which is malicious or technologically harmful. You must not attempt to gain unauthorised access to our site, the server on which our site is stored or any server, computer or database connected to our site. You must not attack our site via a denial-of-service attack or a distributed denial-of service attack.

By breaching this provision, you would commit a criminal offence under the Computer Misuse Act 1990. We will report any such breach to the relevant law enforcement authorities and we will co-operate with those authorities by disclosing your identity to them. In the event of such a breach, your right to use our site will cease immediately.

We will not be liable for any loss or damage caused by a distributed denial-of-service attack, viruses or other technologically harmful material that may infect your computer equipment, computer programs, data or other proprietary material due to your use of our site or to your downloading of any material posted on it, or on any website linked to it.

You may link to our home page, provided you do so in a way that is fair and legal and does not damage our reputation or take advantage of it, but you must not establish a link in such a way as to suggest any form of association, approval or endorsement on our part where none exists.

You must not establish a link from any website that is not owned by you.

Our site must not be framed on any other site, nor may you create a link to any part of our site other than the home page. We reserve the right to withdraw linking permission without notice. If you wish to make any use of material on our site other than that set out above, please address your request to ‘Contact Us’ on this site.

Where our site contains links to other sites and resources provided by third parties, these links are provided for your information only. We have no control over the contents of those sites or resources, and accept no responsibility for them or for any loss or damage that may arise from your use of them.

The English courts will have exclusive jurisdiction over any claim (including non-contractual disputes or claims) arising from, or related to, a visit to our site.

These terms of use and any dispute or claim arising out of or in connection with them or their subject matter or formation (including non-contractual disputes or claims) shall be governed by and construed in accordance with the law of England and Wales.

We may revise these terms of use at any time by amending this page. You are expected to check this page from time to time to take notice of any changes we made, as they are binding on you. Some of the provisions contained in these terms of use may also be superseded by provisions or notices published elsewhere on our site.

If you have any concerns about material which appears on our site, please contact us via the ‘Contact Us’ section of this website. Thank you for visiting our site.


GDPR 2018

This Data Protection Policy (the “Policy”) sets out the policy which Monex International Limited (referred to as “we” or “us” in this document) has adopted in order to facilitate compliance with the General Data Protection Regulation (the “GDPR”) when we establish and manage customer relationships and execute transactions.

The GDPR regulates the “processing” of “personal data”. Its definition of “personal data” covers all information relating to identifiable living individuals which is held on computer, in other automatically-processable form or in a manual filing system which is structured so as to facilitate access to information relating to particular individuals. (Information relating to companies and other “legal” persons is not caught). Its definition of “processing” covers any conceivable activity in relation to personal data, including collection, analysis, processing in the ordinary sense of the word, storage, disclosure, international transfer and deletion.

We process personal data in various circumstances and in relation to various categories of individual. This Policy deals specifically with personal data collected in the context of the establishment and management of our customer relationships and the execution of transactions on the instructions of our customers (“Customer and/or Transaction Management”). It does not, for example, deal with data protection issues which might arise in relation to our HR or direct marketing activities.

It should be borne in mind that the GDPR regulates processing of personal data relating to all individuals, not just relating to customers. Information relating to individual representatives of corporate customers, or to individuals (or individual representatives of corporates) elsewhere in a payment chain – for example, an ultimate payee or an individual representative of an aggregator – is also protected by the GDPR.

The individuals to whom personal data relate, whether customers or otherwise, are known as “data subjects”.

The UK Information Commissioner (the “Commissioner”) is responsible for enforcement of the GDPR and has published a range of guidance on data protection issues, all of which is available on the Commissioner’s website at www.ico.gov.uk.

Our principal obligations under the GDPR include: (i) processing personal data fairly, legitimately, lawfully and proportionately; (ii) informing individuals regarding our processing of their personal data; (iii) abiding by restrictions on the international transfer of personal data; (iv) keeping personal data secure, taking steps to ensure that they are accurate and up-to-date and deleting them when they are no longer needed; (v) maintaining an appropriate registration with the Commissioner’s office; and (vi) responding appropriately when data subjects seek to exercise their statutory rights of access, correction and objection.

A copy of this Policy will be supplied to each employee of Monex International Limited. The requirements set out in this Policy are mandatory unless otherwise stated and must be followed by all our employees and agents. It is the responsibility of each such person to acquaint themselves with the requirements of this Policy. [Failure to comply with this Policy may constitute a serious disciplinary offence and could result in dismissal.]

This Policy is supplementary to our other published policies, including our conduct of business, anti-money laundering and complaints policies.
Mr G Kiruba has been designated as Monex International Limited’s data protection officer (the “Data Protection Officer”). If you have any questions about this Policy or application in particular circumstances you should consult the Data Protection Officer.

The GDPR requires that all of our processing of personal data should be fair and lawful and should meet one of various specified conditions. In designing and implementing each Customer and/or Transaction Management procedure involving the processing of personal data, we must take these requirements into account and ensure that they are met.

We expect that our routine processing of personal data for Customer and/or Transaction Management procedure will generally meet the most general of the available conditions, which is known as the “legitimate interests” condition. The legitimate interests condition will apply, and allow us to process personal data, if both:
  • the processing is necessary for the purposes of legitimate interests that we, or a person to whom we disclose the data, pursue (these may be business, compliance or other purposes); and
  • the processing is not “unwarranted” because it prejudices the rights, freedoms or legitimate interests of the data subjects.

Each processing operation should, therefore, be assessed to ensure that part A of this condition is met – i.e. we have a legitimate business, compliance or other purpose for carrying out the processing. If part A is met, you should then consider whether the processing will prejudice the data subjects in any way – our expectation is that, provided the other rules in this Policy are followed, our ordinary processing for Customer and/or Transaction Management purposes will not prejudice data subjects’ rights, freedoms or legitimate interests. If you consider that there is a potential for prejudice to be caused in a particular case, the prejudice should be balanced against our interests and a view taken on whether our interests outweigh the prejudice to the data subjects.

If you are in any doubt as to whether the legitimate interests condition is met, you should consider whether the processing can be justified on the basis that it meets any of the other statutory conditions available in the GDPR. The other conditions most likely to apply are as follows:

Processing is justified if it is necessary to fulfil a UK legal obligation. This will include, for example, processing in order to carry out legally-required anti-money-laundering checks; or in response to a UK court order. Foreign legal requirements are not automatically sufficient to justify disclosure or other processing of personal data.

Processing is justified if it is necessary for the performance of a contract with the data subject or to take steps at the data subject’s request with a view to entering into such a contract. This will justify some processing of personal data relating to individual customers.

Processing can be justified on the basis of data subject consent. Our customer contracts should, therefore, include consents to the processing of individual customer data that will be necessary as part of our Customer and/or Transaction Management procedures.

The requirement that personal data should be processed lawfully can be breached in a number of circumstances, not covered by this Policy because in themselves they fall outside the scope of the GDPR – for example, processing for fraudulent purposes would be unlawful and would therefore breach the GDPR.

The GDPR also prohibits the processing of excessive, irrelevant or inadequate personal data. Systems and procedures should be designed so as not to collect personal data which are excessive or irrelevant (in particular: personal data should not be collected on a “just-in-case” basis) and, of course, you should ensure that the data collected are adequate for the relevant purposes.

Personal data collected for any given purpose should not then be used for a purpose which is incompatible with that purpose – we would not expect this to be an issue in the ordinary course of Customer and/or Transaction Management, however.
We expect the general requirement that processing of personal data should be fair to be met if all the other requirements of this Policy are met.

We are required under the GDPR to ensure that data subjects have various information readily available to them. This requirement is subject to exceptions, however, and these exceptions are of relatively wide application in the context of Customer and/or Transaction Management. In particular, (a) information only needs to be made available where it is practicable to do so; (b) in the case of personal data which are not collected directly from the data subject (for example, payee data collected from a payer customer), we are not obliged to provide information if to do so would involve disproportionate effort; and (c) we take the view that we can assume that data subjects have, and need not therefore make available, information which should reasonably be obvious to them.

The information to be made available is (a) our identity; (b) the purposes for which we expect to process the data; and (c) any further information that needs to be provided to ensure that our processing of the data is fair.

We must ensure that our customer contracts inform our individual customers of the following:our identity;
the purposes for which we process their information (including know-your-client and related compliance purposes as well as the execution of transactions and customer management generally); and the following further information, which, we consider, needs to be provided to ensure that our processing of customer data is fair:
the categories of person to whom we may disclose customer data (including, for example, non-customer payers and payees; aggregators; any persons with whom we might share data for fraud prevention purposes; and regulatory and prosecuting authorities);
the fact that, if payments are made to persons outside the European Economic Area, this may involve transfers of the customer’s personal data to jurisdictions which do not have data protection laws as strict as those in the UK; and
information as to the customer’s rights of access and correction under the GDPR, and contact details so that they can contact the Data Protection Officer if they want to exercise those rights Our customer contracts should also require customers to pass this information on to any individuals whose personal data they provide to us.

We take the view that we do not need to provide information to data subjects other than individual customers to justify our processing of their personal data for routine Customer and/or Transaction Management purposes. In particular:

We take the view that the effort involved in contacting an individual non-customer payer or payee, whose personal data are given to us by a customer, in order to provide him or her with information about our processing of his or her personal data, would be disproportionate given that we process his or her information only in order to facilitate a transaction of which he or she will in any case be aware.

We take the same view in relation to individual representatives of our customers – having required our customers to pass the required information on to their representatives we take the view that the effort involved in contacting the representatives directly would be disproportionate.

We must have in place appropriate technical and organisational security measures to protect the personal data that we process for Customer and/or Transaction Management purposes against unauthorised or unlawful processing and accidental loss, destruction or damage.

We need to identify the particular security measures that are “appropriate” in the context of our business. They must deliver a level of security which is appropriate to the nature of the data and the risks associated with unauthorised or unlawful processing and accidental loss, destruction or damage. We must, in particular, take reasonable steps to ensure the reliability of our employees who have access to the data.

If any aspect of our processing of personal data for Customer and/or Transaction Management purposes is outsourced to a third party service provider, including the outsourcing of any wider function which includes the processing of personal data, we must be assured that the service provider will have appropriate technical and organisational security measures in place as discussed in paragraphs above ;
ensure that the arrangement is governed by a written agreement which requires the service provider to process the data only on our instructions and imposes on the service provider obligations equivalent to our obligations as set out in paragraphs above; and

while the arrangement is in place, take reasonable steps from time to time to ensure that the service provider is meeting its security obligations in practice.

We must take reasonable steps to ensure that the personal data that we process are accurate and, where relevant, up to date.

We must delete personal data when we no longer need them, given the purposes for which they are processed. This does not, for example, prevent us from keeping records containing personal data which may be relevant if there is a future dispute with a customer or another person, but it does require us to delete those records when a dispute is no longer a real possibility unless we have another legitimate purpose for continuing to keep the personal data.

We do not seek to collect or process personal data identified by the GDPR as “sensitive” for Customer and/or Transaction Management purposes. You should not collect or process sensitive personal data for these purposes and should delete them if you become aware that we have collected them, except with the approval of the Data Protection Officer given on the basis of an assessment of the requirements of the GDPR.

The GDPR’s definition of “sensitive personal data” covers personal data consisting of information as to: racial or ethnic origin; political opinions; religious or other similar beliefs; trade union membership; physical or mental health or condition; sexual life; the commission or alleged commission of any offence; or any proceedings for any offence committed or alleged to have been committed, the disposal of such proceedings or the sentence of any court in such proceedings.

We do not use so-called “automated decision-taking” techniques for Customer and/or Transaction Management purposes. You should not use such techniques except with the approval of the Data Protection Officer given on the basis of an assessment of the requirements of the GDPR.

The GDPR’s restrictions on the use of automated decision-taking cover systems which make decisions which significantly affect individuals solely on the basis of the automated processing of their personal data, without any human intervention. Examples would be the use of automated credit-scoring tools to pre-screen credit applications and the use of automated tools to pre-screen applications for employment. Semi-automated systems, where the ultimate decision is made or reviewed by a human being, are not caught by these rules.

We maintain a registration with the Commissioner’s office which covers our processing of personal data for Customer and/or Transaction Management (and other) purposes.

You should keep the Data Protection Officer aware of material changes to the purposes for which we process personal data or, within any given purpose, the categories of personal data that we process, the categories of data subject to whom the data relate, the categories of person to whom we disclose the data or the countries or territories outside the European Economic Area to which we transfer the data, so that he or she can ensure that the registration is amended accordingly.

Data subjects have statutory rights of access to and correction of the personal data that we hold about them. They also have a statutory right to object to our processing of their personal data – that is, to require us to stop processing their data – although only in very limited circumstances. If a data subject attempts to exercise any of these statutory rights you should immediately pass his or her communication to the Data Protection Officer so that he or she can ensure that we respond appropriately and within the timescale laid down under the GDPR.

In recording and processing personal data for Customer and/or Transaction Management purposes you should bear in mind data subjects’ rights of access. You should not record personal data that you would not want the data subject to see.