Wettelijk

Privacybeleid

This policy explains how Unbanx Ltd collects, uses, stores, and protects your personal data in connection with our platform and services.

Last updated: 1 January 2025

1. Introduction

Unbanx Ltd ("Unbanx", "we", "our", "us") is committed to protecting the privacy and personal data of all individuals who use our platform and services. This Privacy Policy describes our practices in connection with information that we collect through our website, platform, mobile applications, and any other services we provide (collectively, the "Services").

By registering an account or using our Services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with the terms described here, you should not use our Services.

This policy is intended to comply with applicable data protection legislation, including the General Data Protection Regulation (GDPR) where applicable, and other relevant privacy laws in the jurisdictions in which we operate.

2. Data Controller

Unbanx Ltd is the data controller responsible for your personal data. For the purposes of applicable data protection law, we are responsible for determining how and why your personal data is processed.

If you have questions about this Privacy Policy or how we process your data, you may contact our Data Protection Officer at: [email protected].

3. Information We Collect

We collect information about you in the following ways:

  • Information you provide directly: When you register an account, complete verification, submit enquiries, or communicate with us, you provide information such as your name, email address, phone number, country of residence, date of birth, and government-issued identification documents.
  • Information collected automatically: When you access our platform, we automatically collect technical data including IP address, browser type and version, device identifiers, pages visited, time spent on pages, and referring URLs.
  • Transaction data: Records of deposits, withdrawals, asset allocations, and all account activity are retained as part of our regulatory and operational obligations.
  • Communication records: Copies of communications between you and our support or compliance teams are retained for quality assurance and regulatory compliance purposes.
  • Verification data: As part of our KYC process, we collect and retain copies of identity documents and any additional documentation required under our anti-money laundering procedures.

4. How We Use Your Information

We process your personal data for the following purposes:

  • To create and manage your account and provide access to our platform and Services
  • To comply with our legal and regulatory obligations, including KYC and AML requirements
  • To process transactions and maintain accurate financial records
  • To communicate with you regarding your account, platform updates, and service changes
  • To detect, investigate, and prevent fraudulent or unauthorised activity
  • To improve and develop our platform, based on aggregated and anonymised usage data
  • To respond to your enquiries, complaints, and support requests
  • To exercise or defend legal claims where necessary

We do not sell your personal data to third parties. We do not use your personal data for the purposes of targeted advertising.

5. Legal Basis for Processing

Where applicable under GDPR or equivalent legislation, we rely on the following legal bases for processing your personal data:

  • Contractual necessity: Processing required to fulfil our obligations under our Terms of Use and to provide you with our Services.
  • Legal obligation: Processing required to comply with applicable laws, including financial regulation, AML, and tax reporting requirements.
  • Legitimate interests: Processing necessary for our legitimate business interests, including platform security, fraud prevention, and service improvement, where these interests are not overridden by your rights.
  • Consent: Where we rely on consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing carried out before withdrawal.

6. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

  • Regulatory and governmental authorities: Where required by law, court order, or regulatory instruction, including financial regulators and law enforcement bodies.
  • Identity verification providers: Third-party services used to verify identity documents and conduct KYC checks. These providers operate under strict data processing agreements.
  • Custody and banking partners: Regulated financial institutions with whom we partner for asset custody and fund management. Data shared is limited to what is operationally necessary.
  • Technology service providers: Hosting, infrastructure, and security providers who process data on our behalf under contractual data processing agreements.
  • Professional advisors: Legal, audit, and accounting firms engaged to provide professional services to Unbanx, subject to confidentiality obligations.

All third parties with whom we share personal data are subject to appropriate contractual safeguards and are required to process your data only for the specified purposes.

7. International Data Transfers

We may transfer your personal data to countries outside your home jurisdiction, including countries that may not provide the same level of data protection as your country of residence. Where such transfers occur, we implement appropriate safeguards including standard contractual clauses approved by the relevant data protection authority, or we rely on other lawful transfer mechanisms.

8. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, regulatory, accounting, or reporting requirements.

In general, account data and transaction records are retained for a minimum of five years following the closure of your account, consistent with applicable financial regulation. Identity verification documents may be retained for longer periods where required by law.

Where data is no longer required, it is securely deleted or anonymised.

9. Your Rights

Subject to applicable law, you may have the following rights in relation to your personal data:

  • Right of access: To request a copy of the personal data we hold about you.
  • Right to rectification: To request correction of inaccurate or incomplete personal data.
  • Right to erasure: To request deletion of your personal data in certain circumstances, subject to our legal obligations to retain records.
  • Right to restriction: To request that we restrict the processing of your personal data in certain circumstances.
  • Right to data portability: To receive your personal data in a structured, commonly used format where processing is based on consent or contract.
  • Right to object: To object to processing of your personal data where we rely on legitimate interests as the legal basis.
  • Right to withdraw consent: To withdraw consent at any time where processing is based on consent.

To exercise any of these rights, please contact us at [email protected]. We will respond to verified requests within 30 days. In some cases, we may need to verify your identity before processing a request.

10. Cookies and Tracking Technologies

Our platform uses cookies and similar technologies to support functionality, analyse usage, and maintain security. We use the following types of cookies:

  • Essential cookies: Required for the platform to function. These cannot be disabled.
  • Analytical cookies: Used to understand how users interact with our platform. Data collected is anonymised and aggregated.
  • Security cookies: Used to detect suspicious activity and support fraud prevention measures.

We do not use advertising or cross-site tracking cookies. You may manage cookie preferences through your browser settings, though disabling essential cookies may affect platform functionality.

11. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, alteration, or disclosure. These measures include encryption in transit and at rest, access controls, multi-factor authentication for system access, and regular security reviews.

Despite these measures, no data transmission over the internet or data storage system can be guaranteed to be fully secure. If you believe your account has been compromised, please contact us immediately.

12. Children

Our Services are not directed at or intended for use by individuals under the age of 18. We do not knowingly collect personal data from minors. If we become aware that we have collected personal data from a person under 18 without appropriate consent, we will take steps to delete that information promptly.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify registered clients of material changes by email or through an in-platform notification. The date at the top of this policy reflects the date of the most recent revision. Continued use of our Services following notification of changes constitutes acceptance of the updated policy.

14. Contact and Complaints

If you have questions or concerns about this Privacy Policy or our data practices, please contact our Data Protection Officer at [email protected].

If you are not satisfied with our response, you have the right to lodge a complaint with the relevant data protection supervisory authority in your jurisdiction.