Privacy Policy

1. Data we collect

• Identity data: name, date of birth, government-issued ID, photographs, source-of-funds documentation.
• Contact data: email address, phone number, postal address.
• Account & transactional data: trades, deposits, withdrawals, fee records, support correspondence.
• Technical data: IP address, device identifiers, browser metadata, login telemetry.

2. How we use your data

• To provide and operate the Services.
• To meet our regulatory and AML/KYC obligations.
• To detect and prevent fraud, abuse and security incidents.
• To improve the platform and personalize relevant communications.

3. Legal bases

We process personal data on the basis of contract performance, legal obligation, legitimate interests (including security and fraud prevention) and, where applicable, consent.

4. Sharing

We share data with regulated service providers (KYC, banking, analytics, infrastructure), supervisory authorities where required by law, and counterparties where mandated under the FATF Travel Rule. We do not sell personal data.

5. Retention

We retain personal data for as long as required to provide the Services and to satisfy legal, accounting or reporting requirements — typically 5–7 years after account closure for AML records.

6. Your rights

Subject to applicable law, you may request access, correction, deletion, portability or restriction of processing. Submit requests to privacy@fortivaultx.com; we respond within 30 days.

7. International transfers

Where personal data is transferred outside your jurisdiction, we rely on appropriate safeguards such as Standard Contractual Clauses or adequacy decisions.

8. Security

We use industry-standard administrative, technical and physical safeguards, including AES-256 encryption at rest, TLS 1.3 in transit, hardware-key MFA for staff and continuous third-party penetration testing.