Privacy policy icon
Privacy Policy

StoneX Financial Pty Ltd

City Index Privacy Policy

StoneX Financial Pty Ltd (ABN 50 141 774 727) trading as City Index, and its related entities including StoneX Financial Ltd (UK Reg 05616586) and any other related entities from time to time (CI’, 'we', 'us' or 'our') recognise the importance of your privacy and abides by the Australian Privacy Principles contained in the Privacy Act 1988 as amended from time to time (the Privacy Act).

This document sets out our policy for the collection, use, disclosure and management of your personal information. Personal information is defined in the Privacy Act as any information or opinion (whether true or not, and whether recorded in a material form or not) about you as an identified individual or an individual who is reasonably identifiable.

By choosing to provide your personal information to us and receiving products and services from us, you consent to our collecting, holding, using and disclosing your personal information in accordance with this Privacy Policy.

The kinds of personal information that CI collects and holds

In order to conduct business with you and provide you with our products and services, CI is required by Australian law to collect your personal information to identify and verify you. The kinds of personal information that we may collect and hold about you may include your name, address, date of birth, contact details, income, assets and liabilities, bank account balances, financial statements, credit reporting information and employment details.

How CI collects personal information

We may collect your personal information directly from you when you give it to us in your application form, open and maintain an account with us, when you use our products and services, call us or visit our website to inquire about a product or service offered by us or so that we may conduct business with you. We may also need to do so to meet legal requirements.

We may also collect your personal information from third parties, including credit reporting bodies and any other relevant third parties.

CI maintains records of your personal information and all transactions and activities on accounts that you have with CI, including details of contracts traded and margin calls made.

Please note that because of the nature of the products and services we provide, and because we are required or authorised by or under an Australian law to deal with individuals who have identified themselves, we are unable to allow you the option of dealing with us on an anonymous basis.

Why is personal information required?

The purposes for which CI collects, holds, uses and discloses your personal information are:

  • Legal – we are required to confirm your identity and other personal information by the Anti-Money Laundering and Counter-Terrorism Financing Act 2006. We may also disclose your personal information to credit reporting bodies or service providers to confirm your credit rating.
  • Conducting business –The personal information we hold may be used for establishing and managing your account, reviewing your ongoing needs, enhancing customer service and products and providing ongoing information or opportunities that we believe may be relevant to you. As a result, we may send you marketing material from time to time by email, telephone, SMS or other electronic messaging services.

If you do not provide us with all the information we consider to be necessary, we may be unable to provide, or be limited in the provision of, services or products that we offer.

If you do not wish to receive any marketing material from us, please let us know by emailing our customer service team at

Importantly, except as set out in this Privacy Policy, we will not use or disclose your personal information unless permitted or required to do so by or under an Australian law.

How CI holds personal information

CI takes reasonable steps to protect your personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. Such reasonable steps include having measures in place to ensure that your personal information can only be accessed by our personnel who are properly authorised and are required to have access in the performance of their employment duties. We may store your personal information in hardcopy documents or electronically.

We may need to retain your personal information for a significant period of time. However, if we consider that your personal information is no longer needed for any of the purposes described above, and we are not required by or under an Australian law to retain the information, we will take reasonable steps to securely destroy your personal information or to ensure that the information is de-identified.

CI may disclose personal information to overseas recipients and other entities

CI may disclose your personal information to its related entities either in Australia or abroad, including the United Kingdom, Asia, the Middle East and elsewhere in the world from time to time. We will take reasonable steps to ensure that all personal information disclosed to such overseas recipients will be handled by those recipients in accordance with this Privacy Policy.

Other entities to whom CI may disclose your personal information include:

  • financial institutions and other similar organisations that CI deals with in the course of its business activities, or those that are nominated by you;
  • external service providers and professional advisers (which may be located overseas) that provide services to us;
  • any organisation at your request or any persons acting on your behalf, including your financial adviser, broker, solicitor or accountant;
  • introducing brokers with whom we have a mutual relationship (any of whom may be within or outside the European Economic Area) and who have introduced you to us;
  • government, enforcement or regulatory bodies;
  • credit reporting bodies or reference agencies;
  • any other entities where you have otherwise consented; and
  • any other entities if it is otherwise permitted or required by or under an Australian law, including the Privacy Act.

CI Websites

When submitting an application form (whether online or via a mobile application or otherwise) or other documents, or when visiting our website or dealing in our products, CI will collect and retain this information.

We also collect statistical information about visitors to our websites such as the number of visitors, pages viewed, types of processes executed, time online and documents downloaded. This information is used to evaluate and improve the performance of our websites. Unless you have provided your personal information to us, we do not collect any personal information through our websites other than statistical information.

You should also be aware that we use cookies on our websites. A cookie is a small amount of data, which often includes a unique identification number or value that is sent to your browser from a website’s computer and stored on your computer’s hard drive.

Each website can send its own cookies to your browser if your browser allows it. However, to protect privacy generally, your browser may only allow a website to access the cookies it has sent to your computer.

Cookies are used on our websites to collect the aforementioned statistical information so that you can access your accounts online. When accessing accounts online, a cookie will be created which uniquely identifies the computer, username and password. This eliminates the need to re-enter the aforementioned data each time accounts are accessed online.

Most internet browsers are set up to accept cookies. If you do not wish to receive cookies, you may be able to change the browser settings to refuse all cookies or have your computer notify you each time a cookie is sent, thereby giving the choice whether to accept it or not. If you reject all cookies, you will be unable to access accounts online. You can also delete cookies from computers after they have been created.

You can manage your cookie preferences at any time by changing your cookie settings via the Cookies Notice.

Telephone conversations

CI may record telephone conversations and ‘live’ chats. We will advise you at the time of the telephone conversation that the call may be recorded and, if you do not wish to have it recorded, you can let us know. Such recordings or transcripts from such recordings may be used to resolve any dispute that you may have with us.

Recordings or transcripts made by CI may be destroyed under CI’s normal practice.

Access to your information and corrections

If you wish to access or correct your personal information which we hold, please contact us by telephone or email.

For customers in Australia: 1800 354 182

For customers elsewhere: +61 2 9270 3682

or email

We will process your request usually within 14 days. There is normally no fee for requesting access to your personal information, although depending on the complexity of your request, we may charge a fee for processing the request, which is disclosed in our PDS.

Resolving your privacy complaints

If you wish to complain about a breach by us of the Australian Privacy Principles or a violation of this Privacy Policy, please contact the Compliance Department or CI by telephone or email.

For customers in Australia: 1800 354 182

For customers elsewhere: +61 2 9270 3682

or email

We will investigate the nature of your complaint and notify you within 30days of our findings. If you are not satisfied with our response to your complaint, you can telephone the Office of the Australian Information Commissioner's hotline on 1300 363 992 or email them at

Notifiable Data Breaches scheme

The NDB scheme applies to all agencies and organisations with existing personal information security obligations under the Australian Privacy Act 1988 (Privacy Act) from 22 February 2018, as such this includes CI.

The NDB scheme introduced an obligation to notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. This notification must include recommendations about the steps individuals should take in response to the breach. The Australian Information Commissioner (Commissioner) must also be notified of eligible data breaches.

CI will notify the Commissioner through the Notifiable Data Breach statement..

The NDB scheme only applies to data breaches involving personal information that are likely to result in serious harm to any individual affected. These are referred to as ‘eligible data breaches’. 

Changes to this Privacy Policy

We reserve the right, at our discretion, to change any part of this Privacy Policy at any time. You should review this Privacy Policy periodically so that you are updated on any changes.

CI Australia Privacy Policy 2024