UAB SwiftHorizon (“SwiftHorizon,” “we,” “us,” “our,” “ours”) is dedicated to protecting your privacy in compliance with applicable data protection laws. We operate from or within Lithuania, which is part of the EU. This Privacy Policy (the “Policy”) outlines our approach to data protection under the EU General Data Protection Regulation (Regulation (EU) 2016/679) (“GDPR”) and the Lithuanian Personal Data Protection Law (Law No. XIII-1426 of 30 June 2018), as well as guidance from the EU Personal Data Protection Board and the State Data Protection Inspectorate (“SDPI”).

The Policy details how we collect, handle, use, and disclose personal information through our websites, pages, features, mobile apps, API, and other online products and services that link to this Policy (collectively, the “Platform” or “SwiftHorizon Platform”), or when you interact with us. It also explains how you can file a complaint regarding privacy law breaches, access your personal information, and request corrections.

TWe recommend reading this Policy thoroughly as it is part of our Terms of Use.

By opening an account with us and using our Platform and services, you acknowledge that you have read, understood, and agreed to the terms of this Policy.

We collect and process various types of personal data when you start and throughout our relationship with you. Some data may be retained beyond the end of our relationship if required and if there is a legitimate reason to do so. We ensure that the collection and processing of information are limited to what is necessary to meet one or more of the lawful bases identified in this Policy.

When you register an account or use our Platform, we may request information to verify your identity and support the services offered on the SwiftHorizon Platform, including buying, selling, and trading digital assets. This may include:

This includes your full name, address, age, gender, signature, email address, mobile number, date of birth, nationality, passport number, driver’s license details, national identity card details, photographs, employment details, utility bills, and/or financial information. We might also request identification documents such as your passport or driver’s license, proof of residence, and proof of income to comply with anti-money laundering (AML) regulations and to detect and report any suspicious activities.

We collect data about your use of the Platform, including your browser type, app version, access times, pages viewed, IP address, other network identifiers, and the page you visited before arriving at our Platform.

We gather details about the computer or mobile device you use to access our Platform, such as the hardware model, operating system and version, unique device identifiers, and mobile network information.

We keep records of your activities on our Platform, including content you post, account details, transaction times, values, currencies, cryptocurrency prices, and payment methods.

With your device’s permissions, we may collect precise location data.

We use technologies like cookies and web beacons to collect information. For more details, please refer to our Cookie Policy.

We collect data related to your use of our services, including deposit snapshots, account balances, trade history, order activity, distribution history, bank account number, e-wallet identification data, currency and cryptocurrency amounts, and account statements.

This includes your bank account details, e-wallet information, credit card details (such as card number, expiry date, and CVC), tax identification number, transaction history, and trading data.

We collect data in compliance with legal requirements, including results from Politically Exposed Persons (PEP) and sanction screenings, additional personal data for proving Source of Funds (e.g., employment contract, inheritance certificate), and information on management structure and business activities.

We collect your personal data in the following ways:
(a) Information you provide to us directly when contacting us;
(b) Information we receive from third parties, such as third-party service providers;
(c) Information acquired by us during the course of our relationship and dealings with you;
(d) Information collected through the use by you of our website, platforms and applications;
(e) Information gathered from publicly available sources.

To process personal data, we require a valid legal basis under Data Protection Legislation. The reasons for collecting and processing your personal data include:

This applies to most of our processing activities related to personal data of our customers/clients. It covers both the pre-contractual phase (such as when you sign up) and the period after the contractual agreement is in place.

We are required to process personal data to comply with various legal obligations beyond Data Protection Legislation. For example, we must retain records according to legal requirements and may need to conduct investigations, due diligence, and reporting for anti-money laundering and other regulatory purposes.

We may process your personal data when it serves our legitimate interests or those of a third party, provided these interests are not overridden by your own interests or fundamental rights. We will always (i) identify the legitimate interest, (ii) demonstrate that processing is necessary to achieve this interest, and (iii) balance it against your rights and freedoms. Examples of such interests include:

• Marketing activities
• Legal claims exercise, establishment, or defense
• Fraud prevention

We generally rely on other legal bases for processing personal data rather than consent. However, if consent is required, we will obtain it fairly by clearly informing you of the purpose and obtaining a clear, affirmative action from you (e.g., ticking a box, toggling a switch, or signing). Consent may be needed for:

• Activating features in mobile apps
• Placing cookies and similar technologies, in line with our Cookie Policy

We may use the personal information you provide or that we collect under this Policy and relevant laws to:
(a) Provide our services to you;
(b) Verify your identity and conduct checks required by laws and regulations, such as "know your client," anti-money laundering, fraud, sanctions, and politically exposed person (PEP) checks;
(c) Contact you regarding your account, including requesting additional information or documentation;
(d) Send you notices related to your account, general updates, market updates, and marketing materials about SwiftHorizon services. You can opt out of these communications at any time by notifying us;
(e) Tailor the products and services offered through our Platform to your needs, including conducting suitability or appropriateness assessments for using our services and products;
(f) Manage your ongoing requirements and our relationship with you, such as processing transactions, troubleshooting issues, and preventing or investigating illegal activities. We may do this electronically unless you prefer not to receive electronic communications;
(g) Customize and improve our Platform;
(h) Assess your risk score based on parameters we establish;
(i) Determine if you qualify as a professional client, wholesale client, institutional client, or another specific client category;
(j) Detect and reduce the risk of fraud;
(k) Enforce or defend our rights;
(l) Meet our internal policy requirements;
(m) Market our products to you;
(n) Maintain administrative records related to our business;
(o) Implement security measures for your account, including two-factor authentication.

If you do not provide all the requested information, we may be unable to verify your identity, which could prevent you from opening a trading account with SwiftHorizon and using our Platform.

You can update your information anytime by visiting the “Account” page on our Platform. We recommend regularly updating your profile to ensure the services offered to you match your current circumstances. You may be required to update your information if we find it to be untrue, incorrect, incomplete, or inconsistent with other information you’ve provided. You acknowledge that we may rely on the information you provide, and you are responsible for any damages or losses resulting from inaccuracies, including any misalignment of our services with your needs.

We will only share the personal information we hold about you in the following situations:
(a) Between SwiftHorizon’s internal entities and our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership.
(b) With professional advisors, vendors, consultants, and service providers (such as transaction service providers, IT hosting companies, banks, financial institutions, and credit reference agencies) who need access to this information to perform work on our behalf.
(c) In connection with or during negotiations for any merger, sale of company assets, financing, or acquisition of all or part of SwiftHorizon by another company.
(d) In response to information requests if we believe disclosure is necessary or required by applicable laws or legal processes, including lawful requests by public authorities for national security or law enforcement purposes.
(e) If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property, and safety of SwiftHorizon or others.

We strive to ensure the security of your personal information and information that we collect related to you or your activities on our Platform. We protect your personal information by using data security technology and using tools such as firewalls and data encryption. We also require that you use a personal username and password every time you access your account online. As set out in SwiftHorizon terms of use, you must not share your password with anyone else.

Where it is necessary for us to share your personal information with a third party, we will ensure that third parties only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions.

We have also put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where we are legally required to do so.

We are committed to safeguarding your personal information and the data we collect about you or your activities on our Platform. To protect your information, we use advanced data security technologies, including firewalls and encryption. You are required to use a personal username and password to access your account online. As outlined in SwiftHorizon’s Terms of Use, you should not share your password with anyone.

When sharing your personal information with third parties, we ensure that they only process your data according to our instructions and have agreed to maintain its confidentiality and security. We have implemented robust security measures to prevent unauthorized access, loss, alteration, or disclosure of your personal information. Access is restricted to employees, agents, contractors, and other third parties who need to know the information for business purposes, and they will only process your data as instructed by us.

We have established procedures to handle any suspected data security breaches and will notify you and relevant regulators of any breaches when legally required.

We are committed to ensuring that the personal information we hold is relevant, reliable, accurate, complete, and up-to-date, and we take steps to protect its privacy and security. We retain personal information only as long as necessary for the purposes for which it was collected or to comply with legal or ethical requirements. We do not keep your personal data in a form that identifies you longer than necessary for the original purpose or to meet legal, accounting, or reporting obligations.

To determine the appropriate retention period, we consider factors such as the nature and sensitivity of the data, the risk of harm from unauthorized use or disclosure, the purposes for processing the data, and applicable legal requirements.

In some cases, we may anonymize your personal information so that it is no longer identifiable, and use it without further notice to you.

We are required to retain personal data related to you and your transactions for as long as needed to fulfill business or legal purposes, including anti-money laundering and counter-terrorism financing obligations.

Typically, we retain data related to financial transactions for up to 8 years after your last transaction or account closure, whichever is later. This period may be extended if necessary. We keep data during the service provision, for the contract’s duration, and for 10 years after the contract or legal relationship ends to comply with document archiving requirements and to handle legal claims.

If a transaction is not completed, personal data is stored for 3 years from the date it was received. If a transaction is refused due to anti-money laundering measures, the data is retained for 8 years from the refusal date.

Under anti-money laundering and counter-terrorism financing regulations, we process personal data for 8 years from receipt, with possible extensions if warranted.

If you withdraw consent or if the consent period expires, we retain data confirming the consent for 5 years from the end of the consent period or its cancellation to handle legal claims.

At the end of the retention period, we will securely delete or destroy the data and ensure that our sub-processors or third-party suppliers do the same.

Under Data Protection Legislation, you have several rights concerning your personal information, including:

(a) Access: You can request a copy of the personal information we hold about you to verify that we are processing it lawfully.
(b) Correction: You can request that we correct any incomplete or inaccurate information we hold about you.
(c) Erasure: You can ask us to delete or remove your personal information when it is no longer necessary for processing or if you have objected to processing.
(d) Objection: You can object to the processing of your personal information based on legitimate interests (or those of a third party) if you have specific reasons for doing so. You also have the right to object to processing for direct marketing purposes.
(e) Restriction: You can request that we restrict processing your personal information if you need us to verify its accuracy or the reason for its processing.
(f) Transfer: You can request that we transfer your personal information to another organization.

If you have concerns about how we use your personal data and we cannot resolve them through our internal processes, you can lodge a complaint with the State Data Protection Inspectorate (SDPI) in Lithuania. You can contact them at:
Address: State Data Protection Inspectorate L. Sapiegos str. 17 (Left-hand entrance) LT-10312 Vilnius
Email: ada@ada.lt
Phone: (+370) 5 212 7532
Fax: (+370) 261 9494
Website: https://vdai.lrv.lt/

Additionally, if you are not satisfied with how your complaint is handled, you have the right to contact the data privacy authority in your country. For details, visit the European Commission's website.

Occasionally, at our discretion, we may include or offer third party products or services on our Platform. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our Platform and welcome any feedback about these sites.

You have the right not to be subject to decisions based solely on automated processing, including profiling, which have significant effects on you. This right ensures that you are not affected by decisions made entirely by computer algorithms without human involvement.

However, this right does not apply if the decision:

• Is necessary for entering into or performing a contract between you and us.
• Is required or authorized by law.
• Is based on your explicit consent.

Currently, we do not use automated decision-making or profiling when processing personal data. Should this change, we will inform you and provide detailed information about the logic involved, as well as the significance and potential consequences for you.

We use technology to collect anonymous data about how you use our platform. This includes logging details like your server address, the date and time of your visit, the pages you view, and the type of browser you use. This information is collected without identifying you personally and is used for statistical purposes. It helps us improve the content and functionality of our platform, better understand our clients and markets, and enhance our services.

A “data breach” refers to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access to personal data. Data Protection Legislation requires us to identify, assess, and report such breaches promptly.

If we need to notify the State Data Protection Inspectorate (SDPI) of a data breach, we will do so without undue delay and within 72 hours of becoming aware of the breach. If for any reason we are unable to notify the SDPI within this timeframe, we will provide an explanation for the delay.

If your personal data is compromised and poses a high risk to your rights and freedoms, we will inform you as required.

We welcome your questions and comments about privacy. If you have any concerns or complaints, please submit a support request through SwiftHorizon’s website or email us at [service@swifthorizon.net]. We will review your complaint through our internal resolution process and aim to respond with a decision within 30 days of receiving your complaint.

Employees and authorized persons must adhere to strict confidentiality regarding any information related to personal data that they come across in their roles. This obligation extends beyond the duration of their employment or contract and continues even if they change positions within the company. They are prohibited from disclosing any personal data without the company’s written permission, unless such information is publicly available according to applicable laws or regulations.

The Policy will be reviewed from time to time to take account of changes to our operations or practices and, further, to make sure it remains appropriate to any changes in law, technology and the business environment. Any personal information held will be governed by our most current Policy.

Your right to information may be limited in certain circumstances:
Disproportionate Effort: If providing the information is impossible or would require disproportionate effort, we may not provide it. We will still take appropriate steps to protect your rights and interests, such as making information publicly available through this Policy.
Legal Requirements: If the provision or disclosure of information is expressly restricted by Data Protection Legislation, and appropriate measures are in place to protect your interests, we may not be required to provide the information.
Confidentiality Obligations: If the personal data is subject to professional secrecy under Lithuanian law, such as statutory obligations of secrecy, we may not disclose it.
Already Provided Information: If you already have the information, we are not obligated to provide it again.