Interactive Brokers Privacy Policy — Data Collection and Protection
Essential Facts: Interactive Brokers collects personal, financial, and technical information to provide brokerage services, employs encryption and access controls to protect client data, and limits third-party sharing to operational and regulatory requirements — never selling client information for marketing.
Interactive Brokers is committed to protecting the privacy and security of client information. This privacy policy describes the categories of data collected from clients, the purposes for collection, the measures employed to safeguard that data, and the limited circumstances under which information may be shared with third parties. As a regulated financial institution, Interactive Brokers maintains data practices that comply with applicable privacy laws including SEC Regulation S-P, GDPR, and equivalent frameworks in the jurisdictions where IBKR operates.
Information Collection and Purpose
Interactive Brokers collects personal identification information during account opening and throughout the client relationship. This includes legal name, residential and mailing addresses, date of birth, Social Security number or tax identification number, citizenship status, employment information, and financial profile data — all required for identity verification under anti-money laundering regulations and for account suitability assessments mandated by securities regulators. Clients may also provide beneficiary designations, authorized trader information, and linked bank account details for funding purposes. For information about broker-dealer registration requirements, records are available at sec.gov.
Transactional data encompasses the complete record of trading activity — order entries, executions, cancellations, positions held, margin balances, commissions paid, and corporate action elections. This data enables account servicing, regulatory reporting, tax document preparation, and the dispute resolution process. Interactive Brokers retains trade records for periods specified by SEC and FINRA regulations, which generally require preservation of brokerage records for at least six years.
Technical information collected during platform use includes internet protocol addresses, browser type and version, device identifiers, operating system details, and usage patterns within the Client Portal and Trader Workstation. Cookie technology supports session management, platform functionality, and security monitoring. Interactive Brokers uses both session cookies — which expire when the browser closes — and persistent cookies for remembering user preferences across sessions. Clients can manage cookie preferences through browser settings, though disabling essential cookies may impair platform functionality.
Data Security and Protection Measures
Interactive Brokers employs a layered security architecture to protect client data against unauthorized access, alteration, and disclosure. Data transmission between client devices and IBKR servers uses encryption protocols that protect account credentials, trading instructions, and personal information in transit. Stored data resides in secured environments with access controls that limit data visibility to authorized personnel whose roles require it — customer service representatives access account information to resolve inquiries, compliance staff review transaction records for regulatory purposes, and technology teams maintain systems without routine access to identifiable client data.
Two-factor authentication through IB Key or SMS adds a verification layer beyond password protection. The IB Key mobile application provides time-based one-time passwords and push notification authentication that requires biometric verification on supported devices. Network monitoring systems detect anomalous access patterns that may indicate unauthorized attempts. Interactive Brokers conducts regular security assessments and maintains incident response procedures to address potential data security events. Clients contribute to their own data security by maintaining the confidentiality of login credentials, enabling two-factor authentication, and promptly reporting suspected unauthorized account access.
Third-Party Data Sharing and Client Rights
Interactive Brokers shares client information with third parties under limited, defined circumstances. Clearinghouses and exchanges receive trade data necessary for settlement. Regulatory bodies including the SEC, FINRA, and equivalent foreign regulators may request account records as part of their oversight functions. Service providers that support Interactive Brokers operations — technology vendors, audit firms, and legal counsel — access data under contractual confidentiality obligations that restrict use to the specified service purpose.
Interactive Brokers does not sell client personal information to third parties for marketing or promotional purposes. Clients have rights regarding their data, including the ability to access collected information, request corrections to inaccuracies, and obtain copies of account documentation. Data deletion requests are honored where legally permissible, though regulatory recordkeeping requirements mandate retention of certain records for prescribed periods. Marketing communication preferences — including opt-out from promotional emails — are managed through the communication settings section within Client Portal. For independent privacy resources, the Federal Trade Commission provides guidance at ftc.gov.
| Data Category | Examples | Purpose | Retention |
|---|---|---|---|
| Personal Identification | Name, address, SSN/TIN, date of birth | Identity verification, regulatory compliance | Account life plus regulatory period |
| Financial Profile | Income, net worth, investment experience | Suitability assessment, margin eligibility | Account life plus regulatory period |
| Transactional Data | Trades, positions, balances, commissions | Account servicing, tax reporting, compliance | Minimum 6 years (SEC/FINRA rules) |
| Technical / Usage | IP address, browser type, device identifiers | Platform security, fraud prevention | Varies by data type and purpose |
Frequently Asked Questions
What information does Interactive Brokers collect?
Interactive Brokers collects personal identification information — name, address, date of birth, Social Security or tax identification number — required for account opening and anti-money laundering compliance. Financial profile data including income, net worth, and investment experience supports suitability assessments. Transactional data encompassing trade history, account balances, margin calculations, and position data enables account servicing and regulatory reporting. Technical data — IP addresses, browser type, device identifiers, and platform usage patterns — supports security monitoring and fraud prevention for all Interactive Brokers client accounts.
How does Interactive Brokers protect client data?
Interactive Brokers protects client data through encryption of data transmission and storage, two-factor authentication requiring IB Key or SMS verification at login, and restricted access controls that limit data visibility to authorized personnel with role-based permissions. Network monitoring systems detect unusual access patterns that may indicate unauthorized attempts. Physical security measures protect data centers and corporate facilities. Interactive Brokers conducts regular security assessments and maintains incident response procedures. Clients enhance their own security by enabling two-factor authentication, maintaining credential confidentiality, and promptly reporting suspected unauthorized access to Interactive Brokers support.
Does Interactive Brokers share client information with third parties?
Interactive Brokers shares client information with third parties as necessary for account servicing and regulatory compliance. Clearinghouses and exchanges receive trade data for settlement. Regulatory bodies including the SEC, FINRA, and equivalent foreign regulators may request records for oversight purposes. Service providers — technology vendors, audit firms, and legal counsel — access information under contractual confidentiality obligations. Interactive Brokers does not sell client personal information to third parties for marketing or promotional purposes. Information sharing is limited to operational necessity and regulatory requirement, with confidentiality protections governing all third-party data access arrangements.
What rights do clients have over their data at Interactive Brokers?
Interactive Brokers clients have rights to access their collected personal data, request corrections to inaccurate information, and obtain copies of account documentation and transaction records. Data deletion requests are evaluated and honored where legally permissible, though regulatory recordkeeping requirements mandate retention of brokerage records for prescribed periods — typically a minimum of six years under SEC and FINRA rules. Marketing communication preferences — including opt-out from promotional emails — are managed through the communication settings in Client Portal. Clients with questions about data handling practices can contact Interactive Brokers through the secure message center or by phone at +1-203-618-5800 for privacy-related inquiries.