1. Introduction
Finoa GmbH ("we", "us", or "our") operates with BaFin license number 50085604 and is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our financial compliance services.
This policy applies to all personal data processed by Finoa GmbH in connection with our services, including through our website, applications, and during client onboarding processes.
2. Data We Collect
2.1 Personal Identification Information
We may collect:
- Full name and contact details (email, phone, address)
- Date and place of birth
- Government-issued identification numbers
- Financial information (account numbers, transaction history)
- Employment details and professional background
2.2 Technical Data
When you use our digital services, we may collect:
- IP addresses and device information
- Browser type and version
- Pages visited and time spent on our services
- Cookies and usage data (see Section 6)
2.3 Special Category Data
In limited circumstances required by financial regulations, we may process:
- Politically Exposed Person (PEP) status
- Information about criminal convictions or offenses
3. How We Use Your Data
3.1 Legal Basis and Purposes
We process your personal data on the following legal bases:
- Contractual necessity: To provide our financial compliance services
- Legal obligation: To comply with BaFin, BAKNR, and other regulatory requirements
- Legitimate interests: For fraud prevention and service improvement
- Consent: Where explicitly provided for specific processing
3.2 Specific Uses
Your data enables us to:
- Verify your identity under AML/KYC regulations
- Conduct risk assessments and compliance checks
- Provide and improve our services
- Communicate important service updates
- Prevent fraud and financial crime
- Meet our regulatory reporting obligations
4. Data Protection and Sharing
4.1 Security Measures
We implement technical and organizational measures including:
- Encryption of data in transit and at rest
- Access controls and authentication protocols
- Regular security audits and penetration testing
- Staff training on data protection
4.2 Data Sharing
We may share your data with:
- Regulators: BaFin, BAKNR, and other authorities as legally required
- Service providers: Carefully vetted third parties assisting our operations
- Financial institutions: As part of transaction processing
- Legal entities: When required by court order or legal process
We never sell your personal data to third parties.
4.3 International Transfers
Where data is transferred outside the EU/EEA, we ensure appropriate safeguards are in place through:
- EU Standard Contractual Clauses
- Adequacy decisions
- Other approved transfer mechanisms
5. Your Data Protection Rights
Under GDPR and other applicable laws, you have the right to:
- Access: Request copies of your personal data
- Rectification: Request correction of inaccurate data
- Erasure: Request deletion under certain circumstances
- Restriction: Request limitation of processing
- Portability: Request transfer of your data to another organization
- Object: Object to certain processing activities
- Withdraw consent: Where processing is based on consent
5.1 Exercising Your Rights
To exercise these rights, please contact our Data Protection Officer at:
Data Protection Officer
Finoa GmbH
Voltastraße 1
14482 Potsdam
Deutschland
Email: info@finoa-trade.com
We may require identity verification before processing requests.
7. Policy Changes
We may update this policy periodically to reflect:
- Changes in our processing activities
- New legal or regulatory requirements
- Improvements in data protection practices
We will notify you of significant changes through our website or direct communication where appropriate.
Contact Information
Finoa GmbH
Voltastraße 1
14482 Potsdam
Deutschland
Regulatory Information
BaFin License: 50085604
BAK Nr.: 157341
Data Protection Inquiries
Email: info@finoa-trade.com
Phone: +49 331-231810-0