Article 1: Identification of the Data Controller
This Privacy Policy delineates the rigorous data processing protocols maintained by Nordiqo ("the Platform", "we", "us", or "our"), headquartered at Suite 3, The Oval Building, 160 Shelbourne Road, Ballsbridge, Dublin 4, D04 A2N7, Ireland. We act as the Data Controller under the General Data Protection Regulation (EU GDPR) and the Irish Data Protection Act 2018. To ensure absolute data integrity, regulatory alignment, and compliance with European data sovereignty laws, we have appointed a dedicated Data Protection Officer (DPO) reachable at [email protected].
Article 2: Categories of Personal and Cryptographic Information Collected
To deliver institutional-grade cryptocurrency analytics and maintain an impenetrable security environment, we collect information strictly in accordance with the principle of data minimisation:
Identity Metrics: Full legal name, date of birth, nationality, and official government-issued identification required for mandatory Know Your Customer (KYC) and Anti-Money Laundering (AML) verification.
Financial & Blockchain Telemetry: Information regarding source of wealth, digital asset wallet addresses (e.g., public keys), on-chain transaction hashes, fiat-to-crypto bridging activities, and detailed user risk profiles.
Digital Footprint & Analytical Interaction: IP addresses, device hardware specifications, geographical routing data, and granular logs of your interactions with our predictive crypto-market interfaces.
Article 3: Legal Basis and Purposes of Collection
In strict compliance with Irish and EU statutory frameworks, our collection and utilisation of information are founded upon:
Contractual Necessity: Essential for provisioning your account and delivering our core proprietary cryptocurrency data services.
Statutory Obligations: Mandatory compliance with the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (as amended), specifically regarding Virtual Asset Service Provider (VASP) frameworks, and directives from the Central Bank of Ireland.
Legitimate Business Interests: Required for proactive fraud prevention, blockchain network security enhancement, and the continual optimisation of our analytical models via anonymised on-chain data aggregates.
Explicit Consent: For the delivery of personalised digital asset market insights where explicit opt-in has been provided, in accordance with the ePrivacy Regulations.
Article 4: Advanced Security and Data Sovereignty
Nordiqo deploys enterprise-grade security architecture:
AES-256 Encryption: All data at rest is stored utilising military-grade cryptographic protocols.
TLS 1.3 Protocols: All data transmission between the user's client and our servers is secured via end-to-end encryption.
Sovereign Hosting: Data is exclusively hosted on redundant, highly secure servers within the European Economic Area (EEA), guaranteeing full protection under EU data sovereignty laws.
Article 5: Retention and Archiving Policy
We retain your personal information only for the duration strictly necessary:
Active Data: Maintained for the full duration of your active contractual relationship with the Platform.
Statutory Archives: Identity and fiat/crypto financial records are retained in a secure, immutable archive for a minimum of five (5) to seven (7) years following account closure, strictly to satisfy Irish Revenue Commissioners and AML statutory requirements.
Article 6: Your Rights and Access
Under the EU GDPR, you possess sovereign rights to request access to, and rectification, erasure, or restriction of processing of any personal information we hold about you. You may exercise these rights at any time by contacting our DPO at [email protected]. Should our resolution not meet your expectations, you retain the fundamental right to lodge a formal complaint with the Data Protection Commission (DPC) in Ireland.