Categories of Data We Process
To provide a functional and secure fintech environment, we process the following types of information:
Identity and Contact Data Basic information such as your full name, email address, and phone number provided during account registration or in support communications.
Verification and Compliance Data When applicable for platform integrity and fraud prevention, we may collect identification documents to confirm your identity in accordance with our internal security protocols and Spanish regulations.
Technical and Device Identifiers Automated collection of IP addresses, browser types, device metadata, and system logs necessary for secure authentication and platform monitoring.
Usage Analytics and Activity Metadata Information related to your interactions with our market tools and dashboard navigation. This helps us optimize our systems without involving direct custody of your assets.
Legal Bases for Processing
We process your data based on the necessity for contract execution (account management), our legitimate interests in platform security, compliance with legal obligations in Spain, and, where applicable, your explicit consent for specific preferences.
Operational Use of Information
Degiro uses your data for the registration process, account management, secure authentication, and providing responsive customer support. We monitor system logs for fraud prevention and security monitoring. Commercial communications are only sent based on your explicit opt-in preferences, which can be managed at any time through your account settings.
Data Retention and Shared Use
We do not sell your personal information. Data is shared only with selected categories of data processors, such as hosting providers, analytics partners, support tools, and verification or payment providers when necessary. Information is retained only for the time essential for service provision or to comply with legal record-keeping deadlines. International transfers are protected by standard safeguards to ensure the security of your data regardless of its location.
Security Measures and User Rights
We implement reasonable technical measures to protect your data, although absolute security cannot be guaranteed in a digital environment. You have the right to access, rectify, erase, restrict, or object to the processing of your data, as well as data portability. Requests can be sent to our support team, where we will perform identity verification steps to protect your privacy before responding within the stipulated timeframes.
Updates to This Policy
Changes will be communicated through in-platform notifications. We recommend periodic review of this policy to stay informed about our practices.
Last updated: May 19, 2026