Privacy Policy

Scope

This Privacy Policy explains how BridgingFi collects, uses, and protects your personal data under the UK GDPR, EU GDPR, and Data Protection Act 2018.

Lawful Basis

We process your data based on:

- Performance of a contract;

- Compliance with legal obligations (e.g., AML laws);

- Legitimate interests in operating the platform.

Data Collected

- Identity documents, contact details, wallet addresses, transaction metadata.

Purpose

- KYC/AML verification;

- Transaction processing;

- Security monitoring;

- Regulatory compliance.

Data Subject Rights

You have the right to access, rectify, erase, restrict processing, object, and request portability of your data, and to lodge a complaint with a supervisory authority.

Cross-Border Transfers

Where personal data is transferred outside the UK/EU, we implement Standard Contractual Clauses or rely on adequacy decisions.

Retention

KYC data is retained for at least 5 years after account closure or as required by law.

Contact

For privacy matters, contact our Data Protection Officer at [DPO email].