Privacy Policy

Responsible handling of your personal data is a top priority for Core Finoriax. We process your information transparently, purposefully, and in full compliance with applicable data protection rules — especially the General Data Protection Regulation (GDPR). In this Privacy Policy, we explain in clear terms what data we collect, why we use it, how long we store it, and the measures we take to protect it.

1. Data Controller

The controller responsible for processing your personal data under the GDPR is the operator of the Core Finoriax website and platform. Relevant contact details and additional information can be found in the legal notice (Imprint) on this website. If you have questions about data protection, you can contact our Data Protection Officer at any time.

2. Data We Collect

We collect and process only the data required to provide our services, meet legal obligations, and operate the platform securely. This includes in particular:

  • Identity data: first and last name, date of birth (for age checks and identity verification).
  • Contact data: email address, phone number (optional), country of residence, and where applicable, mailing address.
  • Account and transaction data: payment details, deposits and withdrawals, transaction history.
  • Technical and usage data: IP address, browser type, device information, access times, log data.
  • Verification documents: identity documents, proof of address, or other records for KYC/AML checks (only where legally required).

We do not generally collect special categories of personal data (e.g., health data or information about religious beliefs) unless a specific legal obligation or your explicit consent makes this necessary.

3. How We Collect Data

Your data is collected through different secure channels:

  • Directly from you: for example during registration, profile updates, submitting verification documents, or using the contact form.
  • Automatically: for example via cookies, server log files, analytics tools, and device information while using the platform.
  • Via third parties: for example payment providers (for deposits and withdrawals), identity verification services (KYC/AML), or — with your consent — social login services.

4. Purposes of Processing

We process your personal data only for clearly defined and legitimate purposes:

  • Creating, administering, and providing your user account and platform features.
  • Executing and securing payment processes (deposits and withdrawals).
  • Providing customer support and handling your requests.
  • Meeting legal and regulatory obligations (e.g., KYC, AML, and tax-related requirements).
  • Ensuring IT security and protecting against fraud, misuse, and attacks.
  • Improving the user experience and further developing the platform.
  • Marketing and informational purposes — only based on your explicit consent.

5. Legal Bases for Processing

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR).
  • Compliance with a legal obligation (Art. 6(1)(c) GDPR), e.g., for anti-money laundering requirements.
  • Legitimate interests (Art. 6(1)(f) GDPR), e.g., to ensure platform stability and security.
  • Your explicit consent (Art. 6(1)(a) GDPR), for example for marketing or optional additional features.

6. Data Sharing

We share your data only where necessary and only with carefully selected partners:

  • Payment providers and banks to process deposits and withdrawals.
  • Specialized providers to carry out KYC/AML checks.
  • IT and cloud service providers with whom we have appropriate data processing agreements in place.
  • Analytics and security tools that, where possible, work with anonymized or pseudonymized data.
  • External advisors (e.g., lawyers, tax advisors) where required by law.
  • Authorities or courts where there is a legal obligation or where rights must be enforced.

We do not commercially transfer or sell your personal data to third parties.

7. International Data Transfers

In some cases, we use service providers (e.g., cloud or analytics vendors) based outside the European Economic Area (EEA). In such cases, we ensure an adequate level of protection through appropriate safeguards such as EU Standard Contractual Clauses, Binding Corporate Rules, or adequacy decisions by the European Commission.

8. Data Security

To protect your data, we apply extensive technical and organizational measures:

  • Encrypted data transmission using current protocols (e.g., TLS 1.3+).
  • Strong encryption of sensitive data at rest (e.g., AES-256).
  • Regular security audits, penetration tests, and reviews by independent specialists.
  • Continuous monitoring of systems for suspicious activity and attempted attacks.
  • Strict access controls and role-based permissions within the team.
  • Holding client funds in segregated accounts with regulated partner institutions.

Absolute protection against every conceivable risk cannot be technically guaranteed — however, our measures reduce these risks to a very low level.

9. Data Retention

We store your data only for as long as necessary for the purposes stated or as required by law:

  • For the duration of active account use and the contractual relationship.
  • After account closure, for the period required by statutory retention obligations (e.g., 5–10 years for tax and regulatory purposes).
  • For consent-based processing (e.g., marketing) until you withdraw your consent.

Once data is no longer needed for the stated purposes, it is securely deleted or anonymized.

10. Your Rights as a Data Subject

You have extensive rights regarding your personal data. In particular, you may:

  • Request information about which data we store about you.
  • Request correction of inaccurate data or completion of incomplete data.
  • Request deletion of your data, provided no statutory retention obligations prevent this.
  • Request restriction of processing in certain cases.
  • Receive your data in a structured, commonly used, machine-readable format (data portability).
  • Withdraw consent at any time with effect for the future.
  • Lodge a complaint with a competent data protection supervisory authority.

11. Cookies and Similar Technologies

We use cookies and comparable technologies to ensure platform functionality, analyze usage, and improve your user experience. Necessary (essential) cookies are always active, while analytics and marketing cookies are used only with your prior consent. For more details, please refer to our Cookie Policy.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time — for example due to legal changes, updated regulatory requirements, or expanded platform functions. The current version is always available on our website. We will inform you about material changes by email or directly through the platform.

13. Contact for Privacy Questions

If you have questions about data protection, this policy, or exercising your rights, please contact us by email at support.corefinoriax@gmail.com or use the contact form on the website. Our Data Protection Officer will review your request promptly and respond.

visa mastercard paypal ssl security

By using Core Finoriax, you confirm that you have read this Privacy Policy and agree to its contents.

Thank you for your trust. Protecting your data and your privacy is — and will remain — a core priority for us.

Pagina Principale ¿Por qué empezar a invertir? ¿Cómo comenzar a invertir? ¿Quién está detrás de Core Finoriax? Riesgos asociados a la inversión Ventajas FAQ Contact Pravila privatnosti Terms and conditions