Personal
Partners
Research
Academy

Mobile Apps

Scan to Download App

View all mobile apps

Refer a Friend
Log In
Join Now

Privacy Policy

BBG Limited Privacy Policy

Date: 16 July 2025
Entity: BBG Limited (JUC Building, Office F7B, Providence Zone 18, Mahe, Seychelles)
Trading Name: BlackBull Markets

Contact Details:

  • Phone: +248 437 6183
  • Email: support@blackbull.com
  • Website: www.blackbull.com

Why Do We Have A Privacy Policy?

We understand the importance of the honest and responsible use of your personal information. This Privacy Policy is formulated in compliance with the Data Protection Act 2023 (DPA 2023) and the Financial Consumer Protection Act 2022 (FCPA 2022). The DPA 2023 aims to protect individuals’ rights regarding the processing of personal data, recognizing the right to privacy under Article 20 of the Constitution.

The purpose of this Policy is to explain how we collect, store, use, and disclose personal information about you in your day-to-day dealings with us and when you visit our website. In this Policy, “we”, “our”, and “us” refers to BBG Limited and the services provided under the BlackBull Markets trading name. For the purposes of this Policy, we refer to the information that we collect about you as “personal information”.

Agreeing To This Privacy Policy

By accessing our website and using our services, you consent to the collection, storage, use, and disclosure of your personal information in accordance with this Policy.

What Personal Information Do We Collect About You?

During the account opening process for a demo or live trading account we may collect the following personal information necessary for identity verification and compliance with applicable laws and regulations governing the provision of the services:

  • Your name and date of birth
  • Email address, residential address, and phone number
  • Bank account information, occupation, income, and other financial details
  • Identity verification documents
  • Information to assess your suitability for our services
  • Details of services you use and your interaction with them
  • Transaction activity on your accounts
  • Correspondence between you and us
  • Your marketing preferences
  • IP address, device type, and ID
  • Any additional information required to meet our legal and regulatory obligations

The above list is non exhaustive and may include other sensitive personal data as defined by the Seychelles Data Protection Act 2023 (DPA 2023). If you provide personal information about another person, you confirm you are authorised to do so and have informed them of the terms of this Policy.

What Happens If You Don’t Provide Personal Information?

Providing personal information is optional. However, if you choose not to provide requested information, we may be unable to provide services or access to parts of our website.

How We Collect Your Personal Information

We may collect information:

  • When you contact us
  • When you request information or use our website or services
  • When you make a deposit or withdrawal
  • When you participate in promotions or surveys
  • From public sources or third parties where authorised

How We May Use Your Personal Information

We only use your personal information for the purpose it was collected and retain it only as long as necessary to meet our obligations. This may include:

  • Verifying your identity and meeting anti-money laundering requirements
  • Assessing your application and providing services
  • Managing your account and communications
  • Sending you information about our services
  • Internal research and optimisation
  • De-identified data for business analysis
  • Legal or regulatory compliance
  • Employment applications
  • Any other purpose notified at the time of collection

You authorise any third party to provide your personal information to us for these purposes. If there is no lawful basis for the usage of client’s personal data as indicated above, the client’s consent will be required.

Sharing and Transfer of Your Personal Information

We may share your information with:

  • Third parties for identity verification and compliance checks
  • Service providers assisting us in delivering our services
  • Liquidity providers, platform providers, or other agents
  • Regulatory and legal authorities
  • Financial institutions and professional advisors
  • Entities acquiring a business interest in us
  • Other recipients with your consent
  • Any party as permitted under the Seychelles Data Protection Act 2023 or other applicable law
  • Law enforcement or judicial authorities as required

In order to provide services to the client the Company may be required to transfer client’s personal information to parties located outside of Seychelles i.e. in the European Economic Area or in countries which may not have an equivalent level of data protection laws as in the Seychelles. Where this is the case, the Company will take reasonable steps to ensure the privacy of the client’s information, as required under Section 47 of the DPA 2023. By submitting personal information, the client agrees to the aforesaid transfer, storage and processing of the client’s information.

The Company may also share information with affiliates or any other company in the same group of the Company in the event such information is reasonably required in order to provide the products or services to its clients. The Company may share information with partners, affiliates and associates in order to offer additional similar products and services that meet clients’ needs and which are delivered in a manner that is useful and relevant only where clients have authorized the Company to do so.

In cases where clients have been introduced by a third party such as a Business Introducer, such Business Introducer may have access to clients’ information. Hence, clients hereby consent to the sharing of information with such Business Introducer.

All third parties with which the Company shares personal information are required to protect such personal information in accordance with all relevant legislation and in a manner similar to the way the Company protects the same. The Company will not share personal information with third parties which it considers will not provide its clients the required level of protection.

The client that has established a business relationship with the Company voluntarily consent to the disclosure of their non-public consumer data electronically in the form of a general agreement through the acceptance of the client services agreement at the stage of creating their account.

Application of Overseas Privacy Laws

Our website and services may be accessed from outside Seychelles. By using our services, you consent to your personal information being transferred, processed, and stored outside your location in accordance with this Policy and the Seychelles Data Protection Act 2023. We take the necessary steps to ensure equivalent protection standards are applied.

If you are located in a country with applicable data protection laws, we will comply with those to the extent required. If you have concerns about international transfers, or wish to withdraw consent, you may contact us as outlined below. Withdrawal may impact our ability to provide some services.

How We Store and Protect Your Personal Information

We store personal information electronically and in hard copy. We apply appropriate technical and administrative security measures to protect against unauthorised access, loss, misuse, or disclosure. There are inherent risks in internet communications; we encourage you to take steps to protect your information and notify us of any suspected compromise.

Duration of Storage

We retain personal information only as long as necessary to:

  • Fulfil the purposes for which it was collected
  • Provide services to you
  • Meet legal obligations or assert legal rights
  • Fulfil any other legitimate purpose in accordance with the Seychelles Data Protection Act 2023

Once the retention period expires, data will be anonymized, archived, or securely erased, following Section 16 of the DPA 2023.

Data Security and Breach Notification

The Company shall implement appropriate technical, organizational, and physical security measures to protect personal data from unauthorized access, loss, alteration, or destruction.

In case of a personal data breach, the Company will notify the Information Commission within 72 hours, as required under Section 43 of the DPA 2023. If the breach poses a high risk to the rights and freedoms of clients, affected individuals will also be informed promptly.

Cookies

The Company uses cookies to gather information about the client’s access to the Company’s website www.blackbull.com and other services the Company provides to the client. The Company may share web site usage statistics with reputable advertising companies and with its affiliated companies. It is noted that the information collected by such companies is not personally identifiable.

To administer and improve the services offered by the Company’s website, the Company may use third parties to track and analyse usage and statistical volume information. The third party may use cookies to track behaviour and may set cookies on behalf of the Company. These cookies do not contain any personally identifiable information.

Amendments to Policy

The Company reserves the right to make changes to this Privacy Policy from time to time for any reason and the client will be notified of such changes by posting an updated version of this Privacy Policy on the website. The client is responsible for regularly reviewing this Privacy Policy and the use of this website after any such changes are published, shall constitute an agreement to such changes.

Legal Disclaimer

The Company will not be liable for misuse or loss of personal information resulting from cookies on the Company’s site(s) that the Company does not have access to or control over. The Company will not be liable for unlawful or unauthorized use of client’s personal information due to misuse or misplacement of any passwords, negligent or malicious.

Communication with the Company

Further information on the Company’s Privacy Policy is available upon request. The Company’s contact details are:
Email: compliance@blackbull.com

Appendix – Data Subject Rights and Data Deletion Requests

1. Your Rights Under the Data Protection Act 2023 (DPA 2023)

As a client of BlackBull Markets (BBG Limited), you have a number of rights regarding your personal data under Part V of the Seychelles Data Protection Act 2023, including:

  • Right to be informed – You have the right to be informed about the collection and processing of your personal data.
  • Right of access – You may request access to the personal data we hold about you.
  • Right to rectification – You may request that we correct or update inaccurate or incomplete personal data.
  • Right to deletion – You may request the deletion of your personal data (also known as the “right to be forgotten”), subject to legal and regulatory exceptions.
  • Right to object – You may object to the processing of your personal data for specific purposes.
  • Right to data portability – You may request to receive your personal data.
  • Right to compensation – You may be entitled to compensation for material or non-material damages resulting from unlawful data processing.

2. How to Exercise Your Rights

To exercise any of the above rights, please contact our Compliance Team by email at: compliance@blackbull.com. Include the following in your request:

  • Your full name and contact details
  • The specific right you wish to exercise
  • Relevant supporting information (e.g., account number, data category, or context)

Please use an appropriate subject line such as: Data Subject Rights Request - [Right Name].

3. Identity Verification

To ensure we are protecting your privacy and preventing unauthorized access, we may request additional information or identification to verify your identity before fulfilling your request.

4. Response Timeframes

We will acknowledge receipt of your request within 5 business days and aim to respond fully within 15 business days, depending on the complexity and nature of the request.

5. Limitations and Exceptions

We may not be able to comply with your request in full where:

  • Retention is required to comply with legal or regulatory obligations
  • The data is necessary for the establishment, exercise, or defense of legal claims
  • Fulfilling the request would infringe on the rights or freedoms of other individuals
  • System integrity or contractual obligations would be adversely impacted

If your request cannot be granted in full, we will provide a clear explanation.

6. Final Notification

Upon completion of your request, we will inform you of the outcome—whether your request has been fulfilled or, where applicable, explain the reasons for partial or full refusal.

Join Now

📝 Heads up! The legal documents you’re viewing may not apply to your account.

Need the right documents for your region? ❯