Legal

Privacy Policy.

Updated May 2026 · 1 May 2026

Our commitments regarding the personal data you entrust to us, without varnish.

Our commitment

Aurevia Tradex operates in full compliance with the EU General Data Protection Regulation (GDPR) and applicable national data protection laws. Personal data is encrypted at rest with AES-256 and used only for service delivery and statutory record-keeping. A Data Protection Officer is appointed and reachable at [email protected].

Data we collect

We collect only what we need to deliver the service and meet our legal obligations:

Identity details. Full name, date of birth, residential address, government-issued identification documents (ID card, passport or driving licence).
Contact details. Email address, phone number.
Financial information. Source of funds, transaction history, account balance, related-party disclosures where required.
Platform usage data. Activity logs necessary to deliver the service, troubleshoot issues, and meet our security obligations.

This information is never shared with unauthorised third parties. It is shared only with our regulated brokers (for the purpose of opening segregated accounts on the client's behalf) and our independent auditors during annual SOC 2 and ISO 27001 audit cycles, in both cases under written confidentiality undertakings.

How we store data

Client personal data is held in encrypted stores within the EU/EEA. In compliance with GDPR requirements, we do not transfer client personal data outside the EU/EEA without an appropriate transfer mechanism. Sensitive fields — such as government-issued identification documents and source-of-funds documentation — are encrypted at field level, with keys held in a separate key-management service.

Your rights

Under GDPR you retain the right to access, rectify, port, restrict the processing of, or delete your data. Requests should be directed to [email protected] and are answered within thirty days. You also have the right to lodge a complaint with your national data protection supervisory authority.

Retention

We retain client personal data for the duration the subscription is active and for the minimum retention period required by applicable financial-services legislation (typically five to seven years following account closure). Beyond that period the personal data is irreversibly deleted from production and backup systems.

← Back to home