Privacy Notice

1. Introduction

This Privacy Notice describes how https://fenryx.com ("we" or "the Company"), a company registered in Canada, collects, uses, and protects personal data in compliance with Data Protection Regulation of Canada, as well as the EU General Data Protection Regulation (GDPR). Our platform provides services to business clients in the European Union, helping them find partners for opening IBAN accounts and guiding them through that process. This Notice applies to personal data of individual representatives of those business clients (information relating solely to companies is not considered personal data under applicable law). We are committed to processing personal data lawfully, fairly, and transparently, in accordance with the above regulations.

Data Controller: The data controller for your personal data is GLOBALLY UNITED TECH CORPORATION, located at 142-757 West Hastings Street PMB 818, VANCOUVER, British Columbia, Canada, V6C 1A1. If you have any questions about this Notice or how we handle personal data, you can contact us at privacy@fenryx.com.

2. Personal Data We Collect

We collect and process various categories of personal data from you when you use our platform or services, including:

• Identification and Contact Data: Such as your name, surname, business title/position, company name, business email address, telephone number, and physical address. We also collect identity verification data like passport or national ID details (including document number, date of birth, nationality, and copies of identification documents) and any photographs or biometric identifiers included on those IDs. These identification documents may contain sensitive personal data (for example, a facial image used for biometric verification or information revealing racial or ethnic origin), which we handle with enhanced protection as required by law.
• Business and Financial Information: Information about the company you represent and its finances as needed for opening an IBAN account. This includes company registration details, business activities, ownership information, banking references or financial statements, and any documentation required for due diligence or regulatory compliance (e.g. proof of company incorporation, banking reference letters, tax or audit reports). If you provide us with bank account details or payment information (for example, for service fees), we will also process those financial details securely.
• Due Diligence and Compliance Data: As part of our services, we may collect data for Know-Your-Customer (KYC) and anti-money laundering (AML) checks. This can include background information such as proof of address, source of funds information, declarations regarding tax residency, and results of screenings against sanction lists or politically exposed persons (PEP) lists, where applicable. Some of this data (e.g. criminal records or sanctions status) can be considered sensitive under the GDPR and will only be processed to the extent permitted by law and necessary for compliance.
• Technical and Usage Data: When you use our website or online platform, we collect data through cookies and similar technologies. This data may include your IP address, browser type and version, operating system, device identifiers, language preference, time zone, and browsing actions on our site (such as pages viewed, dates/times of visits, and referral URLs). This information helps us ensure the security of our website, prevent fraud, and understand usage patterns to improve our services. We also log user account activities (e.g. logins, changes to account settings) for security and audit purposes.
• Communication Data: If you contact us or our support (for example, through email or contact forms), we will collect and retain the content of your communications along with your contact details to address your inquiries and maintain records of our correspondence.

3. Purposes and Legal Bases for Processing

We process personal data only for specific, explicit purposes, and rely on a valid legal basis for each processing activity in accordance with GDPR requirements. Below we describe the purposes for which we use your data and the corresponding legal bases:

• To Provide and Facilitate Our Services: We use personal and business data to facilitate your requests for opening IBAN accounts and related banking services. This includes evaluating your business’s profile and documentation, connecting you with appropriate partner financial institutions, assisting with application forms, and generally ensuring the process is smooth. We also use your data to provide customer support and communicate about the services you’ve requested.
• Identity Verification and Compliance Checks: We process identification documents and other due diligence data to verify your identity and your business’s legitimacy, in order to prevent fraud, comply with anti-money laundering (AML) and “Know Your Customer” (KYC) requirements, and assess risk. This may involve automated screening against sanction or watchlists and verifying documents via third-party identity verification services.
• Communication and Notifications: We use your contact information to communicate with you about your account and the services. This includes sending service-related emails such as account confirmations, updates on your IBAN account application status, important announcements about our platform, or responses to your inquiries.
• Marketing and Promotional Communications: With your permission, we may also use your contact details (such as email) to send you newsletters, industry updates, or offers about our services or new partner solutions that might interest your business.
• Analytics and Service Improvement: We process usage data and cookies to analyze how our platform is used, in order to troubleshoot performance issues, improve functionality, and enhance user experience. This may involve generating aggregated usage reports and statistics (for example, to understand which features are most used by clients, or how users navigate our website).
• Security and Fraud Prevention: We may monitor and analyze personal data (such as account logins, IP addresses, and usage patterns) to maintain the security of our platform, prevent unauthorized access, and detect fraud or other illicit activities.
• Legal Obligations and Record-Keeping: Finally, we process personal data as required to meet our legal and regulatory obligations beyond those mentioned above. This includes maintaining proper business records, complying with lawful requests from authorities or court orders, and fulfilling regulatory requirements (such as tax laws or reporting obligations).

4. Your Rights as a Data Subject

As an individual whose personal data we process, you have certain rights under the GDPR regarding that data. We respect your rights and have processes in place to enable you to exercise them. Your principal data protection rights include:

• Right of Access: You have the right to request confirmation of whether we are processing your personal data, and if so, to obtain a copy of the data we hold about you, as well as information about how we use it. This allows you to understand and verify the lawfulness of our processing.
• Right to Rectification: You have the right to have inaccurate personal data corrected, and incomplete data completed. If any of the personal information we hold about you is out of date or incorrect (for example, outdated contact info or an incorrect name spelling), please let us know and we will rectify it without undue delay.
• Right to Erasure: You have the right to request deletion of your personal data in certain circumstances (often called the “right to be forgotten”). For example, if the data is no longer necessary for the purposes it was collected, or if you withdraw consent and we have no other legal ground for processing, or if you object to processing and we have no overriding legitimate grounds, you can request that we erase your data. Please note this right is not absolute – sometimes we must retain certain data to comply with legal obligations or defend legal claims, in which case we will inform you.
• Right to Restrict Processing: You have the right to request that we restrict (temporarily halt) the processing of your personal data in certain scenarios – for instance, while we are verifying the accuracy of your data after you have contested it, or if you have objected to processing based on our legitimate interests and we are considering your request. When processing is restricted, we will store your data but not use it until the restriction is lifted.
• Right to Data Portability: You have the right to receive the personal data you have provided to us in a structured, commonly used and machine-readable format, and to have that data transmitted to another controller where technically feasible. This right applies when the processing is carried out by automated means and is based on your consent or on a contract (for example, if you provided us certain data and want to reuse it in another service). We will assist with such transfer requests as required by law.
• Right to Object: You have the right to object to our processing of your personal data where we rely on legitimate interests as the legal basis, including profiling based on those interests. If you object, we will no longer process the data unless we can demonstrate compelling legitimate grounds that override your rights and interests, or the processing is for establishment or defense of legal claims. Direct marketing: You also have an absolute right to object to your personal data being used for direct marketing purposes at any time – if you object, we will stop using your data for marketing immediately (and as noted, you can always unsubscribe from our marketing emails).
• Right to Withdraw Consent: If we are processing your personal data based on your consent (for example, for optional marketing or for analytics cookies), you have the right to withdraw that consent at any time. Withdrawal of consent will not affect the lawfulness of processing that took place prior to the withdrawal. If you withdraw consent for a specific feature (like analytics cookies), we will stop that processing for your data.

5. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Notice or the handling of your personal data, please contact us at:

Globally United Tech Corporation Privacy Team

Email: privacy@fenryx.com

Address: 142-757 West Hastings Street PMB 818, Vancouver, British Columbia, Canada, V6C 1A1

We will gladly assist you and address any issues to the best of our ability. You can also reach out to us to exercise your data subject rights or to request more information about our privacy practices.