Legal

Privacy Policy

This Privacy Policy explains how NothingHolders Ltd collects, uses, and protects your personal data in accordance with applicable data protection regulations.

1. Data Controller

NothingHolders Ltd ([894500LM6DICD790FQ34]) is the data controller responsible for your personal data. Contact: [email protected].

2. Personal Data We Collect

We collect the following categories of personal data:

  • Identity Data: Full name, date of birth, government-issued ID, nationality
  • Contact Data: Email address, phone number, residential address
  • Financial Data: Account balance, transaction history, source of funds information
  • Technical Data: IP address, browser type, device information, login timestamps
  • Usage Data: Platform usage patterns, pages visited, features used
  • Communications Data: Records of communications with our support team

3. Legal Basis for Processing

We process your personal data under the following legal bases:

  • Contract performance: To provide the services you have contracted for
  • Legal obligation: To comply with AML, KYC, tax, and other regulatory requirements
  • Legitimate interests: For fraud prevention, security, and service improvement
  • Consent: For marketing communications (where applicable)

4. How We Use Your Data

Your personal data is used to:

  • Verify your identity and comply with KYC/AML obligations
  • Open, maintain, and manage your trading account
  • Process transactions and maintain financial records
  • Provide customer support and respond to enquiries
  • Comply with regulatory reporting and audit requirements
  • Detect and prevent fraud, money laundering, and other illegal activities
  • Improve platform security and functionality

5. Data Sharing

We may share your personal data with:

  • Regulatory authorities and law enforcement agencies as required by law
  • Identity verification and fraud prevention service providers
  • Payment processors and banking partners
  • Professional advisers (lawyers, auditors, accountants) under confidentiality obligations
  • Successor entities in the event of a corporate transaction

We do not sell personal data to third parties for marketing purposes.

6. Data Retention

We retain personal data for a minimum of 5 years following account closure (or such longer period as required by applicable law, typically up to 7 years for financial records). After the retention period, data is securely deleted or anonymised.

7. Your Rights

Subject to applicable law, you have the right to:

  • Access: Request a copy of your personal data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of data (subject to legal retention obligations)
  • Portability: Receive your data in a structured machine-readable format
  • Objection: Object to certain types of processing
  • Complaint: Lodge a complaint with your national data protection authority

To exercise your rights, contact: [email protected]

8. Data Security

We implement appropriate technical and organisational security measures including encryption of data in transit and at rest, access controls, regular security assessments, and staff training. No transmission over the internet is 100% secure, and we cannot guarantee absolute security.

9. Cookies

Our website uses essential cookies necessary for platform operation, as well as analytics cookies to understand usage patterns. You can manage cookie preferences through your browser settings. Disabling certain cookies may affect platform functionality.

10. Changes to this Policy

We may update this Privacy Policy. Material changes will be notified via email or platform notification. Continued use of the Platform following notification constitutes acceptance.

Last updated: January 2024.