Cookie Policy

1. Data Controller

Digital Asset Security & Compliance Ltd. (Company Reg. No. 1234567) is the data controller under GDPR. Address: 123 Encryption Lane, SF, CA 94105. Email: [email protected].

2. Information We Collect

• Identification data: name, email, phone, company name
• Technical data: IP address, browser type, OS, device identifiers, cookies
• Financial data: relevant for anti-money laundering (AML) screening
• Communication content: emails, chat logs, support tickets

3. Legal Basis & Purposes

We process personal data based on consent (for marketing), contractual necessity (service delivery), legal obligation (AML/KYC compliance), and legitimate interest (network security). Purposes include: client onboarding, audit services, fraud prevention, and regulatory reporting.

4. Data Retention

We retain client data for 5 years post-engagement as required by financial regulations. Marketing data is kept until consent withdrawal. Technical logs are stored for 12 months.

5. Data Sharing

We may share data with: regulatory bodies (upon lawful request), cloud service providers (AWS/GCP with DPA), and blockchain analytics partners. No third-party marketing sharing.

6. International Transfers

We rely on Standard Contractual Clauses (SCCs) for transfers outside EEA. All data is encrypted at rest and in transit.

7. Rights

Under GDPR, you have the right to access, rectify, erase, restrict, port, and object. Contact [email protected]. Complaints can be filed with the ICO.

8. Security Measures

We implement AES-256 encryption, role-based access control, regular penetration testing, and DDoS mitigation. Our ISMS is ISO 27001 certified.