Privacy Policy

Last updated: December 2024

cufflihqfr B.V. ("we," "our," or "us") is committed to protecting your privacy and personal information. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our wealth management services.

Data Controller

cufflihqfr B.V. acts as the Data Controller for the personal information we collect. We are registered in the Netherlands with registration number 67921450 and VAT number NL892106347B01. Our registered office is located at Marktplein 182, 1345 PD Almere, Flevoland, Netherlands.

Data Collection

The data we collect includes personal information such as your name, email address, phone number, financial information, investment preferences, and any other information you provide when using our services or contacting us. We may also collect technical information about your device and how you interact with our website, including IP addresses, browser type, and pages visited.

Types of Information We Collect:

• Personal Identification Information: Name, address, email address, phone number, date of birth
• Financial Information: Investment objectives, risk tolerance, financial assets, income information
• Technical Information: IP address, browser type, device information, website usage data
• Communication Records: Records of correspondence, meeting notes, and service interactions
• Marketing Preferences: Your preferences regarding marketing communications

How We Use Your Information

We explain how we use your information to provide wealth management services, process transactions, communicate with you, comply with legal obligations, and improve our services. The use of your data is essential for delivering personalised financial advice and maintaining our client relationships.

Specific Uses Include:

• Providing wealth management and financial advisory services
• Processing transactions and managing your investment portfolio
• Communicating about your account and our services
• Complying with legal and regulatory requirements
• Preventing fraud and ensuring security
• Improving our website and services
• Sending marketing communications (with your consent)

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds:

• Contractual Necessity: Processing necessary to perform our wealth management services
• Legitimate Interest: Processing for business operations, fraud prevention, and service improvement
• Legal Obligation: Processing required by financial regulations and compliance requirements
• Consent: Processing for marketing communications and optional services

Information Sharing and Disclosure

We do not sell, trade, or otherwise transfer your personal information to third parties without your consent, except as described in this policy. We may share information with:

• Service providers who assist us in operating our business
• Financial institutions for transaction processing
• Regulatory authorities when required by law
• Professional advisors such as lawyers and auditors
• Third parties in case of business transfer or merger

Data Retention

We retain your personal information for as long as necessary to provide our services and comply with legal obligations. Generally, we retain client information for a minimum of seven years after the end of our business relationship, as required by financial regulations. Marketing information is retained until you withdraw consent or for a maximum of three years from last contact.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

• Right of Access: Request copies of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data in certain circumstances
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Request transfer of your data
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent for consent-based processing

Data Security

We implement appropriate technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include encryption, access controls, regular security assessments, and staff training on data protection.

International Data Transfers

We primarily process data within the European Economic Area (EEA). If we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as adequacy decisions or standard contractual clauses approved by the European Commission.

Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and analyse website usage. For detailed information about our use of cookies, please refer to our Cookie Policy.

Third-Party Services

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

Changes to This Privacy Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Contact Information

If you have any questions about this Privacy Policy, wish to exercise your rights, or need to contact us regarding data protection matters, please contact us at:

Supervisory Authority

You have the right to lodge a complaint with the Dutch Data Protection Authority (Autoriteit Persoonsgegevens) if you believe we have not handled your personal data in accordance with applicable law. Contact information for the supervisory authority can be found at autoriteitpersoonsgegevens.nl.

This Privacy Policy is governed by Dutch law and complies with the General Data Protection Regulation (GDPR) and other applicable data protection legislation.