1. Introduction
This Privacy and Cookie Policy explains how Archax Middle East Connect Ltd collects, uses, stores, and protects personal data.
This policy applies to all users of the platform and ensures compliance with applicable data protection laws, including GDPR and UK GDPR.
This section presents practical legal interpretations, implications under GDPR and UK GDPR, and the operational commitments of Archax Middle East Connect Ltd regarding user data. We provide real-world examples, demonstrate how data flows in and out of the platform, and describe safeguards implemented at each stage. Compliance documentation and audit procedures are regularly conducted to ensure legal alignment.

2. About the Company
Archax Middle East Connect Ltd is a registered company in the United Kingdom (Registration No. 11302455), regulated under applicable financial and privacy laws.
Our mission is to provide access to ethical and halal investments across the Middle East and beyond.
(Repeated explanation regarding commitments and data protection as above.)

3. Types of Data Collected
We collect the following categories of data:

Personally Identifiable Information (PII)

Technical usage data (device, IP, browser, activity)

Financial information

Biometric identifiers (where KYC is required)

Data obtained from third-party platforms and referral sources
(Followed by the same commitments and safeguards repeated as above.)

4. Purpose of Processing
Collected data is used to:

Provide access to platform features

Verify identity and comply with legal requirements

Deliver personalized content and services

Detect and prevent fraud and abuse

Send notifications, updates, and offers
(Followed by standard statements on compliance and data protection.)

5. Legal Basis for Processing
We process your data based on the following grounds:

Contractual necessity (e.g. registration)

Legal obligation (e.g. financial reporting)

Legitimate interest (e.g. product development)

Consent (e.g. for marketing communications)
(Followed by the standard compliance and safeguards section.)

6. Data Retention & Security
Your data is stored securely using encryption and access controls.
We retain data only as long as necessary for the original processing purpose or where required by law.
(Repeated data protection practices as above.)

7. Your Rights under GDPR
You have the right to:

Access your personal data

Request rectification or deletion

Restrict or object to processing

Data portability

Withdraw consent at any time

File a complaint with a supervisory authority
(Repeats the compliance and auditing paragraph.)

8. Third-Party Sharing
We may share data with:

Law enforcement and regulatory authorities

Financial institutions and service providers

Analytics and fraud prevention services
Only the minimum necessary information is disclosed in such cases.
(Followed by standard compliance statement.)

9. International Transfers
We transfer data outside the EEA only with appropriate safeguards, including standard contractual clauses and adequacy decisions.
(Compliance and auditing language repeated as above.)

10. Cookie Policy
Cookies are used to ensure key platform functionality and improve the user experience.
We use:

Essential cookies (authentication, security)

Analytical cookies (usage statistics)

Third-party cookies (e.g. Google Analytics)
Users can disable cookies in their browser settings, which may affect site functionality.
(Standard compliance statement follows.)

11. Exercising Your Rights
To exercise your data rights, you may submit a formal request. We will respond within 30 days as required by GDPR.
Your request must include proof of identity.
(Followed by the repeated explanation of responsibilities and processes.)

12. Policy Updates
This policy may be updated periodically. Significant changes will be communicated via the platform and will take effect as of the date of publication.
(Compliance and data handling practices are reiterated.)