Privacy Policy

1. Data Collection

We collect only the data necessary to: (a) comply with KYC/AML regulatory obligations; (b) process transactions; (c) improve the user experience. This includes name, email, phone, identity documents, proof of residence, selfie, and browsing data.

2. Purpose of Processing

• Identity verification (KYC)
• Anti-money laundering prevention (AML)
• Processing of deposits and withdrawals
• Support and welcome communications (email/SMS)
• Regulatory auditing

3. Third-Party Sharing

Your data is shared only with: (a) KYC verification provider; (b) SMS sending provider; (c) payment providers; (d) regulatory authorities when legally required. No data is sold or shared for third-party marketing purposes.

4. Storage and Security

Data is stored on dedicated servers with encryption in transit (TLS 1.3) and at rest (AES-256). KYC documents are retained for the minimum legal period required by the applicable jurisdiction and then securely destroyed.

5. Your Rights

In accordance with the data protection laws applicable to your jurisdiction, you may have the right to:

• Access your personal data
• Request correction of incomplete or incorrect data
• Request data deletion (subject to legal retention obligations)
• Request data portability
• Withdraw consent at any time

To exercise your rights, contact us:compliance@thermomarkets.com

6. International Data Transfer

Your data may be processed on servers located in different jurisdictions. In all cases, we maintain adequate safeguards to protect your information in accordance with this policy and applicable laws.