1. What we collect
1.1 You give us
- Identity: name, date of birth, ID document (for KYC), photo.
- Contact: email, phone, postal address.
- Financial: bank or crypto wallet details for deposits/payouts.
- Trading: every order, fill, and match settlement.
1.2 We collect automatically
- Device, browser, IP address (used for fraud/abuse detection).
- Behavioral analytics โ clicks, page views, match outcomes (used to improve the product).
- Cookies โ see cookies below.
2. Why we have it
- Run the service โ match you with opponents, settle pots, pay you out.
- Comply with law โ KYC/AML, sanctions screening, suspicious activity reporting.
- Protect the platform โ fraud, collusion, and manipulation detection.
- Improve the product โ analyze how features are used.
3. Who we share with
Only a short list:
- KYC vendors (Sumsub, Persona) โ for identity checks.
- Payment processors (Stripe, Circle, Fireblocks) โ for moving money.
- Cloud infrastructure (AWS, Cloudflare) โ to run the platform.
- Regulators โ when legally required.
We never sell personal data. Full sub-processor list at compliance.
4. Your rights
You can request access, correction, deletion, or export of your data at any time. Email privacy@01lot.example โ we reply within 30 days (most within 5). For EU residents, you also have the right to lodge a complaint with your local data protection authority.
5. Retention
We keep your trading records and KYC data for 7 years after account closure, as required by UK financial regulation. Behavioral analytics is anonymized after 24 months. Marketing data is deleted on request.
6. Cookies
Details on what cookies we set and what each does โ see our cookie policy. You can change preferences at any time in Settings โ Privacy.
7. Security
All data in transit is encrypted (TLS 1.3). Data at rest is encrypted with AES-256. We rotate keys quarterly and audit access monthly. We're SOC 2 Type II audited annually โ report available on request.
8. Contact
Data protection officer ยท privacy@01lot.example