Privacy Policy

This Privacy Policy (the “Policy”) explains how Verso Digital Market OÜ (“we”, “our Company”, or the “Controller”) collects, uses, stores, and protects the personal data of our customers (“you” or the “Customer”). Our aim is to provide transparency regarding the processing of your personal data in accordance with the General Data Protection Regulation (GDPR).

1. Controller of Personal Data and Contact Information

The controller of personal data is Verso Digital Market OÜ, registered in Tallinn, Estonia, with Business ID: [insert Business ID once available].

For inquiries regarding the processing of your personal data or to exercise your rights, you may contact us at:

• info@versopropfirm
• Address: Tallinn, Estonia
• Phone: +48 729 472 630 (optional)

2. What Personal Data We Collect

We process various categories of personal data depending on your interaction with our services:

• Data you provide directly: full name, email, postal address, date of birth, login credentials, payment details, business identification number (if applicable), and communications with us.
• Data collected automatically: IP address, device type, operating system, browser, connection provider, geolocation, website usage data (time and duration of visits, browsing history), and service usage information.
•  Data from third parties: details from trading platforms (e.g. simulated transactions, trade results), and social media information if you link your account (username, profile picture, associated email).

3. How We Use Your Personal Data

We process your personal data for the following purposes:

• Registration and user account management: to create and manage your account.
• Service delivery: to provide access to trading tools, simulations, and related services.
• Contractual obligations: to process payments and fulfil contractual commitments.
• Customer support: to respond to inquiries and provide assistance.
• Marketing communication: to send relevant updates and offers regarding our services (with opt-out option).
• Service improvement: to develop, test, and enhance our platform and security measures.
• Analytics: to evaluate service usage, customer preferences, and optimize user experience.
• Legal compliance: to comply with applicable legal and regulatory obligations.

4. Legal Basis for Processing

We rely on different legal bases depending on the purpose of processing:

• Performance of a contract: for registration, account management, and service delivery.
• Legal obligation: for compliance with applicable laws (e.g. accounting, taxation).
• Legitimate interest: for improving services, ensuring security, analytics, and certain marketing communications.
• Consent: for optional marketing communications and where required by law.

5. Data Storage and Security

Your personal data is stored in secure, encrypted databases. We have implemented technical and organizational measures to safeguard personal data against unauthorized access, alteration, disclosure, or destruction. Access is restricted to authorized personnel only.

6. Data Retention

We retain personal data only for as long as necessary for the purposes described in this Policy, or as required by law:

• Contract-related data: up to 10 years after contract termination, in line with legal obligations.
• Marketing communications: up to 5 years after the last contract or until you object.
• Service improvement data: generally up to 6 months.
• Data processed on the basis of consent: until you withdraw your consent.
• Legal compliance: for the periods mandated by applicable legislation.

7. Data Sharing and International Transfers

We may share personal data with trusted third parties who support our operations, including:

• Trading platform providers, enabling simulated trades.
• Hosting and cloud service providers.
• Payment service operators and financial institutions.
• IT and system administration providers.

Marketing and communication agencies, consultants, and postal service providers.

We may also share personal data with authorities if required by law. If we transfer data outside the European Economic Area (EEA), such transfers will occur under appropriate safeguards, such as Standard Contractual Clauses approved under the GDPR.

8. Your Rights as a Data Subject

In accordance with GDPR, you have the following rights regarding your personal data:

• Right of access: to obtain confirmation and details about the processing of your personal data.
• Right to rectification: to correct inaccurate or incomplete data.
• Right to erasure: to request deletion of your data in certain cases (“right to be forgotten”).
• Right to restrict processing: to limit data use under specific circumstances.
• Right to data portability: to receive data in a structured, machine-readable format and transfer it to another controller.
• Right to object: to object to processing based on legitimate interests or for direct marketing.
• Right to withdraw consent: where processing is based on consent, you may withdraw it at any time.
• Right not to be subject to automated decision-making, including profiling.
• Right to lodge a complaint: with the supervisory authority.
  
  Supervisory Authority: Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon), Tatari 39, 10134 Tallinn, Estonia.
  Website: https://www.aki.ee/en

9. Amendments to This Policy

We may update this Privacy Policy periodically to reflect changes in our services, practices, or legal obligations. Any updates will be published on our website. We encourage you to review this Policy regularly.

---