EFFECTIVE DATE: June 11th 2025

LAST UPDATED: June 11th 2025

1. Introduction and Scope

Aurum Spade Capital ("Company," "ASC," "we," "our," or "us") is committed to comprehensive data collection and utilization to optimize our services, enhance client experience, and maintain operational excellence. This Privacy Policy outlines our extensive data collection, processing, sharing, and retention practices across all touchpoints including our website, services, communications, third-party integrations, and business partnerships.

IMPORTANT: By accessing our website, applying for services, or engaging with our content, you consent to the comprehensive data collection and processing practices outlined below.

2. Comprehensive Data Collection

We collect extensive personal, financial, technical, and behavioral data from all sources, including but not limited to:

2.1 Personal and Identity Data

- Full legal name, aliases, and previous names

- Contact information (email, phone, physical addresses)

- Date of birth and age verification

- Citizenship, residency, and tax jurisdiction information

- Government-issued identification documents and numbers

- Biometric data where legally permissible

- Emergency contact information

- Professional background and employment history

2.2 Financial and Investment Data

- Complete financial profiles and net worth assessments

- Bank account details and financial institution relationships

- Investment experience, preferences, and risk tolerance

- Income sources, amounts, and verification documentation

- Tax returns and financial statements

- Credit reports and credit scoring data

- Transaction history across all financial accounts

- Investment portfolio compositions and performance data

- Trading patterns and behavioral analysis

2.3 Account and Trading Data (via TagMarkets Partnership)

- Complete real-time account balances and equity positions

- All trade executions, orders, and transaction histories

- Deposits, withdrawals, and fund movement patterns

- Portfolio performance metrics and profit/loss calculations

- Risk exposure and leverage utilization data

- Communication records with custodial partners

- Account access logs and security events

- Trading psychology and behavioral pattern analysis

2.4 Technical and Device Data

- IP addresses, device identifiers, and hardware specifications

- Browser type, version, and configuration settings

- Operating system and software information

- Screen resolution, time zone, and language preferences

- Network connection details and internet service provider data

- GPS location data and geofencing information

- Mobile device sensors and accelerometer data

- Bluetooth and WiFi network information

2.5 Website and Application Usage Data

- Complete browsing history on our platforms

- Page views, time spent, and navigation patterns

- Click tracking, scroll behavior, and mouse movements

- Form field interactions and completion rates

- Search queries and content preferences

- Download and upload activities

- Session recordings and heatmap data

- Error logs and performance metrics

2.6 Communication and Interaction Data

- All email communications and attachments

- Chat logs, voice recordings, and video calls

- Social media interactions and public profile data

- Customer service interactions and support tickets

- Meeting notes and consultation records

- Feedback, reviews, and survey responses

- Marketing campaign engagement metrics

2.7 Third-Party and Social Media Data

- Social media profiles and public activity across platforms

- Professional networking site information (LinkedIn, etc.)

- Public records and background check information

- Credit monitoring and financial tracking services data

- News mentions and public reputation data

- Association memberships and professional certifications

3. Extensive Data Collection Methods

We collect data through multiple sophisticated channels:

3.1 Direct Collection

- Online applications and registration forms

- Account onboarding and verification processes

- Client interviews and consultation sessions

- Document uploads and submission portals

- Customer service interactions

- Survey and feedback collection

3.2 Automated Tracking Technologies

- Cookies (essential, functional, analytics, and marketing)

- Web beacons and embedded pixels

- Local storage and session storage

- Server logs and access records

- Mobile app analytics and crash reporting

- Cross-device tracking and fingerprinting

3.3 Third-Party Integrations and Partnerships

- TagMarkets Ltd: Complete account and trading data access

- Meta (Facebook/Instagram): Advertising pixels, custom audiences, lookalike modeling

- Google: Analytics, advertising, search data, Gmail interactions

- LinkedIn: Professional profile data and B2B advertising

- Credit reporting agencies: Financial background verification

- Data brokers: Enhanced profile and behavioral data

- Marketing platforms: Email engagement, automation, and segmentation

- Customer relationship management systems

- Fraud prevention and security monitoring services

3.4 Public Source Data Collection

- Public records and government databases

- News articles and media mentions

- Professional association directories

- Court records and legal proceedings

- Property ownership and asset registrations

- Corporate filings and business relationships

4. Comprehensive Data Usage Purposes

We utilize collected data for extensive operational and business purposes:

4.1 Service Delivery and Operations

- Client onboarding, verification, and due diligence

- Trading strategy development and portfolio management

- Risk assessment and management protocols

- Performance monitoring and reporting

- Account administration and maintenance

- Customer service and technical support

4.2 Business Development and Marketing

- Targeted advertising across all digital platforms

- Custom audience creation and lookalike modeling

- Market research and competitive analysis

- Product development and service enhancement

- Lead generation and client acquisition

- Brand awareness and reputation management

4.3 Analytics and Intelligence

- Behavioral pattern analysis and prediction modeling

- Client segmentation and tier optimization

- Performance benchmarking and comparative analysis

- Market trend identification and strategy development

- Operational efficiency optimization

- Fraud detection and prevention

4.4 Compliance and Legal

- Regulatory reporting and compliance monitoring

- Anti-money laundering (AML) and know-your-customer (KYC) verification

- Tax reporting and jurisdiction compliance

- Legal proceeding support and evidence preservation

- Audit preparation and regulatory examination support

5. Legal Basis for Processing

We process your data under multiple legal bases including:

- Explicit Consent: For marketing communications and optional data processing

- Contractual Necessity: For service delivery and account management

- Legal Obligations: For regulatory compliance and reporting requirements

- Legitimate Interests: For business operations, security, and analytics

- Vital Interests: For fraud prevention and security protection

- Public Interest: Where required by financial regulations

6. Extensive Third-Party Sharing and Integration

We share data with numerous third-party services and partners:

6.1 Core Service Partners

- TagMarkets Ltd: Complete financial and trading data sharing

- Custodial and banking partners: Account verification and management

- Payment processors: Transaction processing and fraud prevention

- Compliance service providers: AML/KYC verification and monitoring

6.2 Marketing and Advertising Partners

- Meta Platforms: Custom audiences, conversion tracking, advertising optimization

- Google: Analytics, advertising, audience targeting, search optimization

- LinkedIn: B2B advertising and professional targeting

- Email marketing platforms: Campaign management and engagement tracking

- Customer data platforms: Profile enrichment and segmentation

6.3 Analytics and Intelligence Services

- Web analytics providers: Comprehensive user behavior analysis

- Business intelligence platforms: Data processing and insights generation

- Customer relationship management systems: Client lifecycle management

- Survey and feedback platforms: Opinion collection and analysis

6.4 Infrastructure and Security Providers

- Cloud storage and computing services: Data hosting and processing

- Content delivery networks: Website and application performance

- Security monitoring services: Threat detection and prevention

- Backup and disaster recovery providers: Data protection and continuity

6.5 Legal and Professional Services

- Legal counsel: Litigation support and compliance advice

- Accounting and audit firms: Financial reporting and verification

- Regulatory consultants: Compliance monitoring and reporting

- Background check providers: Enhanced due diligence services

7. International Data Transfers

Your data may be transferred to and processed in multiple jurisdictions worldwide, including:

- United Arab Emirates (our primary operations)

- United States (cloud services and analytics)

- European Union (compliance and regulatory services)

- Other jurisdictions where our service providers operate

We ensure adequate protection through:

- Standard Contractual Clauses (SCCs)

- Adequacy decisions where available

- Binding Corporate Rules (BCRs)

- Explicit consent for specific transfers

8. Enhanced Data Security Measures

We implement comprehensive security measures including:

8.1 Technical Safeguards

- End-to-end encryption for all data transmission

- Advanced encryption standards (AES-256) for data storage

- Multi-factor authentication and access controls

- Regular security audits and penetration testing

- Intrusion detection and prevention systems

- Secure backup and disaster recovery protocols

8.2 Organizational Measures

- Role-based access controls and least privilege principles

- Comprehensive employee security training programs

- Regular security awareness and phishing simulation

- Vendor security assessment and monitoring

- Incident response and breach notification procedures

- Data loss prevention and monitoring systems

9. Data Retention and Lifecycle Management

We retain data for varying periods based on:

9.1 Active Service Period

- All data retained throughout active client relationship

- Real-time monitoring and continuous data collection

- Regular data updates and verification processes

9.2 Post-Service Retention

- Financial and trading data: Minimum 7 years for regulatory compliance

- Communication records: Minimum 5 years for dispute resolution

- Marketing and analytics data: Up to 10 years for business intelligence

- Legal and compliance data: As required by applicable regulations

- Archived data: Indefinite retention for legitimate business purposes

9.3 Data Destruction

- Secure data destruction when retention periods expire

- Certificate of destruction for sensitive information

- Regular review and purging of obsolete data

10. Your Rights and Limitations

Subject to applicable law and business necessity, you may have rights to:

10.1 Access and Portability

- Request copies of personal data we hold

- Receive data in structured, machine-readable format

- Transfer data to other service providers where technically feasible

10.2 Correction and Deletion

- Request correction of inaccurate or incomplete data

- Request deletion of personal data (subject to retention requirements)

- Right to be forgotten where legally applicable

10.3 Processing Restrictions

- Object to processing for direct marketing purposes

- Restrict processing in certain circumstances

- Withdraw consent where processing is consent-based

10.4 Important Limitations

- Rights may be limited by regulatory retention requirements

- Business necessity may restrict certain deletion requests

- Technical limitations may affect data portability

- Legal obligations may override individual rights requests

11. Automated Decision-Making and Profiling

We engage in extensive automated processing including:

- Client Risk Scoring: Automated assessment of investment suitability

- Fraud Detection: Algorithmic monitoring for suspicious activities

- Marketing Optimization: Automated audience targeting and campaign optimization

- Performance Analysis: Algorithmic trading strategy evaluation

- Behavioral Prediction: Machine learning models for client behavior forecasting

You have the right to request human review of automated decisions that significantly affect you.

12. Children's Privacy Protection

Our services are exclusively designed for adults (18+ years). We do not knowingly collect data from minors. If we discover that we have collected data from a minor, we will delete it promptly upon verification.

13. California Privacy Rights (CCPA/CPRA)

California residents have additional rights including:

- Right to know what personal information is collected and shared

- Right to delete personal information (subject to exceptions)

- Right to opt-out of sale of personal information

- Right to non-discrimination for exercising privacy rights

- Right to correct inaccurate personal information

IMPORTANT: We may "sell" or "share" personal information as defined by California law through our marketing and advertising partnerships.

14. European Data Protection (GDPR)

For EU residents, we provide enhanced protections including:

- Lawful basis for all processing activities

- Data Protection Impact Assessments (DPIAs) where required

- Appointment of Data Protection Officers where necessary

- Breach notification within 72 hours where required

- Right to lodge complaints with supervisory authorities

15. Policy Updates and Notifications

We may update this Privacy Policy at any time to reflect:

- Changes in our data collection practices

- New service offerings or partnerships

- Regulatory or legal requirement changes

- Business structure or operational modifications

Material changes will be communicated through:

- Email notifications to active clients

- Prominent website notices

- In-app notifications where applicable

- Direct mail for significant policy changes

Continued use of our services after updates constitutes acceptance of revised terms.

16. Contact Information and Data Protection Officer

For privacy-related inquiries, rights requests, or concerns:

Aurum Spade Capital - Privacy Office

Website: www.aurumspade.com

Email: Available through official website contact forms

Phone: As provided in client onboarding materials

Response Time: We will respond to privacy requests within 30 days of receipt, or as required by applicable law.

ACKNOWLEDGMENT: By using our services, you acknowledge that you have read, understood, and consent to the comprehensive data collection, processing, and sharing practices outlined in this Privacy Policy.