Privacy Policy
GDPR Compliant
1. Introduction
Who we are and why this policy matters
At BROKTRADING LTD ("Company", "we", "us", "our"), a private limited liability company incorporated under the laws of the Republic of Cyprus, with registered office at Orfeos Street 18B, 1070 Nicosia, Cyprus, and registration number HE 342927, operating under the trading name THE JAZZ FINTECH, protecting your privacy is our absolute priority, and this privacy policy aims to explain clearly and transparently how we collect, use, store, and protect your personal data when you visit our website, use our products, or access our services.
This policy has been drafted in compliance with the General Data Protection Regulation (GDPR), Cyprus Law 125(I)/2018, and all other applicable data protection regulations.
The Data Controller
The data controller for your personal data is THE JAZZ FINTECH (BROKTRADING LTD). If you have any questions about privacy or wish to exercise your rights, you can contact us at compliance@thejazzfintech.com.
Important note about the Merchant of Record: When you make a purchase through our channels, our Merchant of Record (MoR), Paddle, independently collects and processes certain personal data necessary to process your payment. In this context, the MoR acts as an independent data controller for payment data. This privacy policy covers only the data that we process directly; for data processed by the MoR, please refer to their privacy policy at paddle.com/legal/privacy.
Who this policy applies to
This privacy policy applies to various categories of individuals we interact with: visitors to our website, those who create an account with us, our customers, users of our software, recipients of our marketing communications, and more generally, anyone whose data is processed as part of our activities.
2. The Data We Collect
Categories of personal data
In the course of our business, we collect various types of personal data:
- Identity data includes your name, the username you choose, your date of birth, and, when necessary, identity documents.
- Contact data includes your email address, postal address, and telephone number.
- Account data includes your username, password (always encrypted for your security), and your preferences.
- Technical data includes your IP address, browser and device type, and your time zone.
- Usage data helps us understand how you interact with our services.
- Profile data includes your interests, expressed preferences, and feedback you provide.
- Marketing data consists of your preferences regarding the communications you wish to receive from us.
Data we receive from the Merchant of Record
When you complete a purchase, we receive from the MoR only the information strictly necessary to fulfil your order. This includes confirmation of successful payment, order details (which products you purchased and the type of licence), basic information to deliver your licence (name and email), and transaction reference numbers.
It is important for you to know that we never receive your full payment card details, banking information, or detailed billing data: this information remains exclusively with the MoR.
How we collect your data
Your data reaches us through various channels:
- Direct interactions occur when you register, make a purchase, fill out a form, or contact us.
- Automated technologies such as cookies and tracking pixels collect certain data during your browsing.
- Merchant of Record provides us with information when they process transactions.
- Third parties such as analytics services or public sources.
Special categories of data
We do not intentionally collect sensitive personal data, such as data relating to racial or ethnic origin, religious beliefs, health status, or biometric data.
3. Legal Bases for Processing
The GDPR requires that every processing of personal data be based on a valid legal basis. Here are the bases on which we rely to process your data:
- Performance of a contract (Art. 6(1)(b) GDPR): We use it to create and manage your account, deliver products, activate licences, and provide support.
- Legitimate interests (Art. 6(1)(f)): This occurs when we improve our services, ensure security, prevent fraud, analyse usage of our products, or send marketing communications to existing customers.
- Consent (Art. 6(1)(a)): For sending marketing communications to those who are not yet our customers or for the use of certain cookies.
- Legal obligations (Art. 6(1)(c)): Such as tax and accounting requirements, regulatory compliance, or responses to requests from authorities.
4. How We Use Your Data
To provide our services
We use your data to create and manage your account, to deliver licences and access keys for our products, to provide support when you need it, to communicate important information about your account, and to manage our relationship with you effectively.
To improve our products
The data we collect also helps us analyse how our services are used, improve existing products, develop new features, conduct research, and personalise your experience to better suit your needs.
For marketing activities
When we have your consent or when we can rely on our legitimate interest, we may send you newsletters, inform you about new products and features, offer you targeted advertising, or ask you to participate in surveys. Remember that you can always choose to stop receiving these communications: you will find an unsubscribe link at the bottom of every email we send.
To ensure security
Your data also helps us protect our services, detect and prevent fraudulent activity, verify user identity when necessary, and investigate any suspicious activity.
5. Who We Share Your Data With
Recipients of your data
In certain cases, we may share your data with third parties:
- Service providers (such as those providing hosting, email services, or data analytics) receive the data necessary to perform their functions.
- Merchant of Record to process orders and deliver licences.
- Business partners such as affiliates or resellers.
- Professional advisors (lawyers, accountants).
- Competent authorities when required by law.
International transfers
Your data may be transferred outside the European Economic Area (EEA). In these cases, we always implement appropriate safeguards to protect your data, such as European Commission adequacy decisions, Standard Contractual Clauses, or, in some cases, your explicit consent.
We do not sell your data: We want to be clear on one fundamental point: we do not sell your personal data to third parties, ever.
6. How Long We Keep Your Data
We retain your data only for as long as necessary for the purposes for which we collected it:
- Account data: Duration of your account + 7 years following closure
- Transaction records: 7 years (tax and legal requirements)
- Marketing data: Until you withdraw consent
- Technical and usage data: 2 years
- Support communications: 5 years
After these periods, your data is deleted or anonymised.
7. Your Rights Under the GDPR
The GDPR grants you a number of important rights over your personal data:
- Right of access (Art. 15): Obtain confirmation of the processing of your data and receive a copy.
- Right to rectification (Art. 16): Request the correction of inaccurate data.
- Right to erasure (Art. 17): Request the deletion of your data in certain circumstances.
- Right to restriction (Art. 18): Request that the processing of your data be limited.
- Right to data portability (Art. 20): Receive your data in a structured, commonly used format.
- Right to object (Art. 21): Object to processing based on legitimate interest.
How to exercise your rights
To exercise any of these rights, contact us at compliance@thejazzfintech.com. We will respond within one month. For data processed by our MoR (Paddle), please contact them directly.
8. Contact Us
If you have any questions about this Privacy Policy, you can contact us at:
THE JAZZ FINTECH (BROKTRADING LTD)
Address: Orfeos Street 18B, 1070 Nicosia, Cyprus
Email: compliance@thejazzfintech.com
Websites: www.thejazzfintech.com | www.pfarmour.com
Registration Number: HE 342927