Privacy Policy

Introduction

This Privacy Policy ("Policy") outlines how Nordic Arbex Limited (referred to as "We," "Our," "Us," or "Nordic Arbex") collects, uses, and protects personal information about users of its services ("You" or "Your"). By accessing or using our services through our website, You agree to the collection and use of Your personal data in line with this Policy.

This document establishes the fundamental guidelines and principles for how we manage Your personal information, including Our obligations under transparency laws. If You do not fully or partially agree with this Policy, You should cease using Our services. Any personal data collected prior to Your objection will continue to be handled according to this Policy until You provide explicit instructions for us to stop.

Our services are not intended for individuals under 18 years of age. If You become aware that a child under 18 has submitted personal data to Us, please notify Us immediately. If We discover that we have collected data from a child under 18, We will promptly delete the information and terminate their account.

We act as the data controller in accordance with the General Data Protection Regulation (GDPR), which means We determine how and why Your personal data is processed.

Definitions

• Personal Data: Any information relating to an identified or identifiable individual, such as names, identification numbers, location data, online identifiers, or details related to a person’s physical, physiological, financial, or social identity.
• Processing: Any activity carried out on personal data, including but not limited to collecting, recording, organizing, storing, adapting, retrieving, using, disclosing, or erasing such data.

Personal Data We Collect and How We Use It

When using Our services, We may collect various types of personal information from You, including:

• Customer due diligence information: Your name, date of birth, address, identification details (e.g., ID or passport), financial data, and sources of funds.
• Contact details: Your email address or other communication methods You choose to share with Us.
• Transaction data: Information about the transactions You make, such as transaction amounts, counterparties, and payment methods.
• Usage data: Details about how You interact with our website and services.
• Technical data: Information about Your device and internet connection, such as Your IP address, browser type, time zone, and operating system.
• Website interaction data: Information regarding Your visits to Our website, including the pages You view, how long You spend on each page, and how You navigate through the website.
• Marketing preferences: Information about Your choices regarding marketing communications from Us or third parties, including whether You have subscribed to any of Our updates or offers.

We collect and process Your personal information for the following purposes:

• To provide Our services and fulfill Our contractual obligations;
• To complete transactions on Your behalf;
• To provide You with important information related to Our services;
• To store Your preferences and manage Your requests;
• To send newsletters, promotional offers, and updates that may interest You;
• To improve the performance and functionality of the website (e.g., by testing new features, analyzing data, and gathering feedback);
• To offer customer support;
• To gather statistical and non-personal data to optimize Our website and services;
• To comply with legal obligations (such as KYC and AML regulations);
• To protect Your vital interests or those of others.

If We process Your data for Our legitimate interests, You have the right to object to such processing.

Sharing Your Personal Data

We only share Your personal data for valid reasons, such as when it is necessary to provide Our services or when required by law. We may share Your information with:

• Service providers: Carefully chosen third parties who assist Us in providing services, such as payment processors or technology partners. These partners must comply with appropriate data protection standards, and We remain responsible for their actions.
• Third-party controllers: In certain cases, We may need to share Your personal data with third parties that operate as independent data controllers (e.g., regulatory authorities, auditors, or legal advisors) when required by law or for the protection of Our rights.
• Business acquirers: In the event of a merger, acquisition, or sale of Our business assets, Your personal data may be transferred to the new owners. We will ensure that Your data rights remain protected.
• Authorized representatives: Any individuals or entities You authorize to communicate with Us on Your behalf regarding the services.

We will never sell Your personal data to third parties.

Security and International Transfers

Although We primarily process data within the European Economic Area (EEA), some activities may require transferring data to countries outside the EEA. We implement appropriate measures to safeguard Your data from unauthorized access, alteration, or disclosure. In the event of a data breach, We will notify You and the relevant regulatory authorities as required by law.

Data Retention

We retain Your personal data as long as necessary for the purposes outlined in this Policy or as required by law. For compliance with regulatory requirements, We will store Your data for a minimum of five years after Your account is closed.

Cookies

For more information on how We use cookies, please refer to Our Cookies Policy available on the website.

Your Rights

Under data protection laws (such as GDPR), You have the right to:

• Request access to Your personal data;
• Request that Your personal data be corrected or deleted;
• Object to the processing of Your personal data.

We aim to respond to Your requests within one month. If Your request is complex or involves a large amount of data, We may extend this period by two months. If Your request is repetitive, unfounded, or excessive, We reserve the right to decline it.

There is no fee for accessing Your data, but We may charge a reasonable fee if Your request is unfounded or excessive.

If We rely on Your consent to process Your personal data, You can withdraw Your consent at any time. This will not affect the legality of any processing carried out before the withdrawal.

If You fail to provide necessary personal data, We may be unable to deliver the services requested. We will notify You if this is the case.

Legal Considerations

We may preserve or disclose Your information if We believe it is necessary to comply with legal obligations, protect the safety of individuals, prevent fraud, or protect Our rights and property.

You acknowledge that We are not responsible for the misuse of Your information by third parties, particularly when You share Your data through external websites or platforms linked to Our services.

We may share Your data with law enforcement or regulatory authorities when required by law or necessary for the protection of Our users or services.

Third-Party Links

Our website may contain links to external websites, plug-ins, or applications. By clicking these links, third parties may collect or share Your data. We do not control these third-party sites and encourage You to review their privacy policies.

Policy Updates

We reserve the right to update this Policy as required by law or to reflect changes in Our data processing practices. Any updates will be posted on Our website.

Contact Information

If You have any questions regarding this Policy or wish to exercise Your rights, please contact Us at:

Nordic Arbex Limited
Registry Code: 15912846
Address: Citypoint, 1 Ropemaker Street, London, England, EC2Y 9AW
Email: support@arbex.io