Data Protection Policy
Last Updated: 08.03.2025
Fundshing SRL (“Fundshing,” “we,” “our,” or “us”) is committed to ensuring the highest standards of data protection and privacy compliance across all our operations. This Data Protection Policy outlines how we collect, process, store, and protect personal data in accordance with General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), Brazil’s LGPD, Australia’s Privacy Act, and other global privacy laws.
1. Scope of This Policy
This policy applies to:
All personal data collected and processed by Fundshing.
All users, clients, partners, employees, and stakeholders interacting with Fundshing’s platforms, services, and website (Fundshing.com).
All Fundshing products, tools, and services involving personal or business data.
2. Data We Collect & Process
Fundshing may collect and process the following types of data:
2.1 Personal Data
Name, email address, phone number, and contact details.
Wallet addresses for blockchain-related services.
Business/company details for B2B transactions.
Identity verification details (e.g., passport, driver’s license) where required.
Payment and transaction data (excluding full credit card details).
Any data voluntarily provided by users for Fundshing’s services.
2.2 Non-Personal Data
IP addresses, browser types, and operating systems.
User behavior analytics, cookies, and tracking technologies (see our Cookie Policy for details).
Aggregated and anonymized blockchain transaction details.
3. Purpose of Data Processing
We process personal data for the following legitimate purposes:
Providing Services: To deliver tokenization, fundraising, advisory, and blockchain services.
Legal Compliance: Ensuring compliance with AML/KYC regulations, financial laws, and blockchain regulations.
User Communication: Responding to inquiries, sending updates, and providing support.
Security & Fraud Prevention: Monitoring activity for fraud prevention, cybersecurity, and regulatory compliance.
Marketing & Analytics: Conducting business development, advertising, and platform optimization.
4. Legal Basis for Processing
Fundshing processes personal data under the following legal grounds:
User Consent (GDPR Art. 6(1)(a)) – When users voluntarily provide information.
Contractual Necessity (GDPR Art. 6(1)(b)) – When data is required to fulfill service agreements.
Legal Obligation (GDPR Art. 6(1)(c)) – Compliance with financial regulations, AML/KYC laws.
Legitimate Interests (GDPR Art. 6(1)(f)) – Fraud prevention, security, and improving services.
5. Data Retention & Storage
Retention Period: We store personal data only as long as necessary for business, regulatory, or legal purposes.
Blockchain Data: Due to the immutable nature of blockchain transactions, some data (such as public wallet addresses) cannot be deleted once recorded on a blockchain.
Secure Storage: Data is stored securely using encryption, multi-factor authentication, and industry best practices to prevent unauthorized access or loss.
6. Data Sharing & Third-Party Processors
We do not sell, trade, or rent users’ personal data. However, data may be shared with:
Regulatory Authorities: If required under AML, KYC, tax, or legal obligations.
Third-Party Service Providers: (e.g., cloud hosting, KYC verification, security auditors) under strict data protection agreements.
Legal Advisors & Compliance Firms: To ensure legal adherence in multiple jurisdictions.
Blockchain & Smart Contract Platforms: Where transactions require on-chain execution.
7. International Data Transfers
Fundshing operates globally, and data may be processed in jurisdictions with differing privacy laws. We ensure:
GDPR-Compliant Safeguards for data transfers outside the EEA (EU Standard Contractual Clauses – SCCs).
CCPA & LGPD Compliance for data processing in the USA and Brazil.
Encryption & Security Controls to protect data regardless of location.
8. Data Subject Rights
Under GDPR, CCPA, and other laws, users have the right to:
Access their personal data (right of access).
Request correction of incorrect data (right to rectification).
Request deletion of their data (right to erasure/”right to be forgotten”).
Restrict processing in certain circumstances (right to restriction of processing).
Object to data use for marketing (right to object).
Request data portability (right to data portability).
Withdraw consent at any time (when processing is based on consent).
To exercise any of these rights, users may contact us at privacy@fundshing.com.
9. Security Measures
Fundshing employs industry-leading security practices, including:
End-to-End Encryption (E2EE) for sensitive data storage and transfers.
Multi-Factor Authentication (MFA) for access control.
Regular Security Audits & Penetration Testing to prevent cyber threats.
Blockchain Security Audits for smart contracts and digital assets.
Anonymization & Pseudonymization where applicable.
10. Compliance & Enforcement
Fundshing ensures compliance with international data protection laws and industry standards. In case of a data breach, we:
Notify affected users and regulators as required under GDPR/CCPA.
Take immediate steps to mitigate risks and enhance security.
Users have the right to lodge a complaint with their local Data Protection Authority if they believe their rights have been violated.
11. Changes to This Policy
We may update this policy periodically to reflect changes in regulations, technology, or business practices. The latest version will always be available on our website, and we encourage users to review it regularly.
12. Contact Information
For inquiries regarding this policy or your personal data, contact us:
Email: privacy@fundshing.com
Phone: +40733631603
Address: Nicolae Titulescu 48E, Bucharest, Romania
By using Fundshing’s services, you acknowledge and agree to this Data Protection Policy.