Privacy Policy

Responsible handling of your personal data is of utmost importance to Cairn Fundholm. We process information transparently, for defined purposes and in accordance with applicable law – in particular the GDPR. This policy explains what data we collect, why we use it, how long we store it and how we protect it.

1. Data controller

The data controller for your personal data within the meaning of the GDPR is the operator of the Cairn Fundholm website and platform. Relevant contact details and further information can be found in this site's imprint. For privacy questions you may contact our Data Protection Officer.

2. Collected data

We collect and process only the data necessary to provide our services, to fulfil legal obligations and to ensure the secure operation of the platform. These include in particular:

  • Identity data: first and last name, date of birth (for age and identity verification).
  • Contact details: email address, phone number (optional), country of residence and, where applicable, address.
  • Account and transaction information: payment details, deposits and withdrawals, transaction history.
  • Technical and usage data: IP address, browser type, device information, access times, log data.
  • Verification documents: identity documents, proof of address or other documents for KYC/AML checks (only if legally required).

Special categories of personal data (e.g. health data or religious beliefs) are generally not collected unless legally required or provided with your explicit consent.

3. Collection methods

Your data is collected through various secure channels:

  • Directly from you: for example when registering, maintaining your profile, submitting verification documents or using the contact form.
  • Automatically: e.g. via cookies, server logs, analytics tools and device information during platform use.
  • Through third parties: such as payment providers (for deposits and withdrawals), identity verification services (KYC/AML) or – with your consent – social login services.

4. Purposes of processing

We process your personal data only for clear and legitimate purposes:

  • Setting up, managing and providing your user account and platform features.
  • Processing and securing payment processes (deposits and withdrawals).
  • Personal customer support and handling your requests.
  • Fulfilment of legal and regulatory obligations (e.g. KYC, AML and tax requirements).
  • Ensuring IT security and protection against fraud, abuse and attacks.
  • Optimising the user experience and further developing the platform.
  • Marketing and informational purposes – only based on your explicit consent.

5. Legal bases for processing

  • Performance of a contract or pre-contractual measures (Art. 6(1)(b) GDPR).
  • Compliance with legal obligations (Art. 6(1)(c) GDPR), e.g. in connection with anti-money laundering.
  • Protection of legitimate interests (Art. 6(1)(f) GDPR), e.g. to ensure the stability and security of the platform.
  • Your explicit consent (Art. 6(1)(a) GDPR), for example for marketing or optional additional features.

6. Data sharing

Your data is shared only when necessary, and exclusively with carefully selected partners:

  • Payment service providers and banks for processing deposits and withdrawals.
  • Specialised providers for carrying out KYC/AML checks.
  • IT and cloud providers with whom we have concluded appropriate data processing agreements.
  • Analytics and security tools that – where possible – work with anonymised or pseudonymised data.
  • External advisers (e.g. lawyers, tax advisors) within the scope of legal obligations.
  • Authorities or courts when there is a legal obligation or rights need to be enforced.

Your personal data will not be transferred or sold to third parties for commercial purposes.

7. International data transfers

In some cases we use providers (e.g. cloud or analytics services) outside the European Economic Area. In such cases we implement appropriate safeguards, such as EU standard contractual clauses, binding corporate rules or adequacy decisions by the European Commission, to ensure an adequate level of data protection.

8. Data security

To protect your data we take extensive technical and organisational measures:

  • Encrypted data transmission using current protocols (e.g. TLS 1.3+).
  • Strong encryption of sensitive data at rest (e.g. AES-256).
  • Regular security audits, penetration tests and reviews by independent specialists.
  • Continuous monitoring of systems for suspicious activity and attack attempts.
  • Strict access restrictions and role-based permissions within the team.
  • Holding customer funds in segregated accounts at regulated partner institutions.

Absolute protection against all risks cannot be technically guaranteed, but we reduce such risks to a very low level with our measures.

9. Retention period

We store your data only as long as required for the stated purposes or as legally required:

  • For the duration of active use of your account and the contractual relationship.
  • After account closure for the legally required period (e.g. 5–10 years for tax and regulatory purposes).
  • For consent-based processing (e.g. marketing) until you withdraw your consent.

When data is no longer needed we delete it securely or anonymise it.

10. Your rights as a data subject

You have extensive rights regarding your personal data. In particular, you may:

  • Request information about which data we store about you.
  • Request correction of inaccurate data or completion of incomplete data.
  • Request deletion of your data where no legal retention obligations exist.
  • Request restriction of processing in certain cases.
  • Receive your data in a structured, commonly used and machine-readable format (data portability).
  • Withdraw given consents at any time with effect for the future.
  • Lodge a complaint with a competent data protection supervisory authority.

11. Cookies and similar technologies

We use cookies and similar technologies to ensure platform functionality, analyse usage and optimise the experience. Essential cookies are always active, while analytical and marketing cookies require your prior consent. Further details are available in our Cookie Policy.

12. Changes to this Privacy Policy

We may update this policy from time to time – for example due to legislative changes, regulatory requirements or new features. The updated version is always available on the website. We will inform you of relevant changes by email or directly on the platform.

13. Contact for data protection matters

If you have questions about data protection, this policy or exercising your rights, contact us by email at [email protected] or via the site's contact form. Our Data Protection Officer will review your request and respond promptly.

visa mastercard paypal ssl security

By using Cairn Fundholm you confirm that you have read this Privacy Policy and accept its contents.

Thank you for your trust. Protecting your data and your privacy is and remains a top priority for us.

Pagina Principale ¿Por qué empezar a invertir? ¿Cómo comenzar a invertir? ¿Quién está detrás de Cairn Fundholm? Riesgos asociados a la inversión Ventajas FAQ Contact Pravila privatnosti Terms and conditions