Data Controller: Aether Capital Group Ltd is the data controller responsible for
your
personal information. We process your data in compliance with the General Data Protection Regulation
(GDPR), the UK Data Protection Act 2018, and all applicable data protection laws.
1. Information We Collect
1.1 Information You Provide Directly
- Identity data: Full name, date of birth, nationality, gender
- Contact data: Email address, phone number, residential address
- Identity verification documents: Passport, national ID card, driver's licence,
proof of address
- Financial data: Source of funds, cryptocurrency wallet addresses, transaction
history
- Account data: Username, password (encrypted), account preferences
- Communications: Support tickets, emails, live chat transcripts
1.2 Information Collected Automatically
- Technical data: IP address, browser type and version, device type, operating
system
- Usage data: Pages visited, features used, session duration, click patterns
- Cookie data: As described in our Cookie Policy
- Transaction data: Deposit and withdrawal amounts, timestamps, wallet addresses
1.3 Information from Third Parties
- Identity verification agencies (KYC/AML screening)
- Fraud prevention and sanctions screening services
- Blockchain analytics providers
- Referral partners where applicable
2. How We Use Your Information
We process your personal data on the following legal bases and for the following purposes:
|
Purpose |
Legal Basis |
| Account registration and management |
Contractual necessity
|
| Identity verification (KYC/AML) |
Legal obligation
|
| Processing deposits and withdrawals |
Contractual necessity
|
| Calculating and crediting investment returns |
Contractual necessity
|
| Fraud prevention and security monitoring |
Legitimate interests
|
| Regulatory reporting and compliance |
Legal obligation
|
| Customer support and communications |
Contractual necessity
|
| Platform improvement and analytics |
Legitimate interests
|
| Marketing communications (with consent) |
Consent
|
| Legal claims and dispute resolution |
Legitimate interests
|
3. Data Sharing & Disclosure
We do not sell your personal data to third parties. We may share your information with:
- Service providers: KYC verification providers, email services, hosting
providers, analytics tools — all bound by data processing agreements
- Regulatory authorities: Financial regulators, tax authorities, law enforcement
agencies when legally required
- Fraud prevention agencies: To prevent financial crime and verify identity
- Legal advisors: In connection with legal proceedings or regulatory
investigations
- Business transfers: In connection with a merger, acquisition or sale of assets,
with appropriate safeguards
4. International Data Transfers
Your data may be transferred to and processed in countries outside your jurisdiction. Where we
transfer
data internationally, we ensure appropriate safeguards are in place including Standard Contractual
Clauses
approved by the European Commission, adequacy decisions, or other lawful transfer mechanisms.
5. Data Retention
We retain your personal data for as long as necessary to fulfil the purposes for which it was
collected,
including for legal, regulatory and accounting requirements:
- Account data: Duration of account + 7 years following closure
- KYC documents: 5 years following account closure (AML requirement)
- Transaction records: 7 years (regulatory requirement)
- Support communications: 3 years
- Marketing data: Until consent withdrawn or 3 years of inactivity
6. Your Data Protection Rights
Under GDPR and applicable law, you have the following rights:
- Right of access: Request a copy of the personal data we hold about you
- Right to rectification: Request correction of inaccurate or incomplete data
- Right to erasure: Request deletion of your data where there is no lawful basis
for continued processing
- Right to restrict processing: Request that we limit how we use your data
- Right to data portability: Receive your data in a structured, machine-readable
format
- Right to object: Object to processing based on legitimate interests or for
direct marketing
- Right to withdraw consent: Withdraw consent at any time where processing is
consent-based
- Rights related to automated decision-making: Not to be subject to solely
automated decisions with significant effects
To exercise any of these rights, contact our Data Protection Officer at
privacy@aethertradepro.com.
We will respond within 30 days. Note that certain rights are subject to limitations where required
by law,
such as AML record-keeping obligations.
7. Security Measures
We implement industry-standard security measures to protect your personal data:
- 256-bit SSL/TLS encryption for all data in transit
- AES-256 encryption for data at rest
- Multi-factor authentication for account access
- Regular penetration testing and security audits
- Access controls limiting staff access to personal data on a need-to-know basis
- Secure data centres with physical access controls
- Regular data backup and disaster recovery procedures
8. Cookies
We use cookies and similar tracking technologies on our Platform. Please see our
Cookie Policy for full details
on the types of cookies we use, their purpose and how to manage your preferences.
9. Children's Privacy
Our Platform is not directed at persons under 18 years of age. We do not knowingly collect personal
data from minors. If we become aware that a minor has provided us with personal data, we will delete
it promptly. If you believe a minor has provided us with their data, please contact us immediately.
10. Changes to This Policy
We may update this Privacy Policy from time to time. The "Last Updated" date at the top of this page
indicates when it was last revised. We will notify registered users of material changes via email.
Continued use of the Platform following any changes constitutes acceptance of the updated policy.
11. Contact & Complaints
For privacy-related queries or to exercise your rights:
