When using our services, we process personal data of our customers ("you", "your" or the "Customer"). This Privacy Policy (the "Policy") provides you with information about how your data are processed. We are committed to protecting your personal data in accordance with applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 ("GDPR") where applicable to EU residents.
In this Privacy Policy, you will find information regarding the following:
1. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA AND WHOM TO CONTACT?
The controller of personal data is DKZ INFORMATION TECHNOLOGY SERVICES L.L.C
RAG Tower, Al Barsha 1, Dubai, UAE
Registration number: 2701441
Registered in the United Arab Emirates
You can contact DKZ INFORMATION TECHNOLOGY SERVICES L.L.C at the above address or at privacy@dolvero.com regarding any questions and the exercise of rights relating to the processing of your personal data. For EU data subjects, the controller processes your data in compliance with the GDPR and applicable Member State data protection laws.
Privacy Contact Email: privacy@dolvero.com
2. WHAT INFORMATION DO WE COLLECT ABOUT YOU AND HOW DO WE OBTAIN IT?
In this section, you can read general information about which of your personal data we collect and how we collect it. Detailed information on the purposes for which we process personal data is given in Section 3 of this Policy. All information on the basis of which we can directly or indirectly identify you or which is related to you is considered personal data.
Data that you provide to us yourself
We obtain most of the data we collect about you directly from you in connection with your use of our services. This includes, in particular:
- Identification and contact data (name, surname, telephone number, e-mail address, postal address, date of birth, user name and password)
- Payment data (bank details, transaction information)
Data that we automatically collect
When you use our services, we automatically collect certain information:
- Device information (IP address, device type, operating system, browser, connection provider)
- Website usage data (visit dates, times, duration, country, browsing history)
- Service usage data (login/logout information, account settings, trading data)
Data from third parties
Some data about you is provided to us by third parties, such as providers of trading platforms that you choose for use of our services, and social network operators if you decide to link your social networking accounts to an account on the website. This includes:
- Data about the simulated transactions you have completed (such as the type of financial instrument, time of opening and closing the position, amount of investment, profit and loss)
- Data from social networks (user name, profile picture, e-mail address associated with the account on the social network)
3. HOW DO WE USE YOUR PERSONAL DATA?
We use personal data for the following purposes:
Registration and user account
In order to use the services, you must register on the website and create your account, and for this purpose we process your personal data.
Legal ground for the processing: Processing is necessary for the performance of the contract, and the provision of these personal data is required, as we cannot register your user account without them.
Provision of services and exercise of rights and obligations under the contract
In order to be able to provide you with our services, i.e. in particular to provide you with the relevant access, tools and support, and to carry out trades, we need to process your personal data.
Legal ground for the processing: Processing is necessary for the performance of the contract on the basis of which we provide our services, or on the basis of our legitimate interest.
Marketing communication about our services and products
If you are our current or past customer, we may from time to time send you marketing communications that relate to our services. We may also send you commercial communications to the extent to which you give us your consent.
Legal ground for the processing: If we have provided you with our services, we may from time to time send you marketing communications based on our legitimate interest. If you give us your consent to process your data for marketing purposes, then we process your data on the basis thereof.
Customer support and communication
If you use our customer support services, we will process your personal data.
Legal ground for the processing: Processing is based on our legitimate interest, namely in maintaining customer satisfaction and supporting the use of our services.
Improving services
If you use some of our services, we will process your personal data in order to develop, test and enhance the services and improve their security.
Legal ground for the processing: Processing is based on our legitimate interest, namely in improving our services.
Analytics
To obtain information about how our website and our services are used, we analyse customer behaviour.
Legal ground for the processing: Processing is based on our legitimate interest, namely in ascertaining customer behaviour and estimating customer preferences.
4. HOW DO WE STORE PERSONAL DATA AND HOW ARE THEY SECURED?
Data Storage
We process your personal data in an encrypted database on computers and other devices.
Security Measures
In order to ensure protection against unauthorised access or unauthorised alteration, disclosure or destruction of the data that we collect and process, we have adopted organisational and technical measures to secure them, which we strictly adhere to.
5. HOW LONG DO WE PROCESS YOUR DATA?
Personal data are processed to the extent necessary to fulfil the purposes described above and for the time necessary to achieve those purposes or for a period directly stipulated by law. Thereafter, the personal data are deleted or anonymised. We process personal data for the following periods of time:
Contract Data
For the purpose of performance of the contract and for the exercise of rights and obligations in connection with the contract, including any complaints, settlement of damage claims or related litigation, personal data are processed for the necessary period of time, but not more than 10 years from the termination of the last contract.
Marketing Data
For the purpose of sending business communications without your given consent, personal data are processed for a maximum of 5 years from the expiry of the last contract between us or until you raise an objection or unsubscribe from the business communications.
Service Improvement
For the purpose of enhancing our services, we usually process personal data for a maximum period of 6 months.
Legal Requirements
In order to fulfil our legal obligations, we process personal data for the period set out by the relevant legal regulations.
7. YOUR RIGHTS
You can exercise all your rights mentioned below, including your right to erasure of personal data and the withdrawal of your consent, by sending a request to us via email at privacy@dolvero.com. There are no specific words that you must use in your request, but please be specific enough, so we can help you with your request.
Right of access to personal data
You can ask us at any time to send you a confirmation as to whether or not your personal data are being processed. If we process your data, we will provide you with further details on the processing. If you request it, we will also provide you with a copy of the personal data processed.
Right to rectification of personal data
If we process your personal data inaccurately, you can notify us of this fact, and we will rectify the inaccurate personal data without undue delay.
Right to erasure of personal data ("right to be forgotten")
You have the right to obtain from us the erasure of personal data concerning you without undue delay in certain cases, such as when the data are no longer necessary, when you withdraw your consent, or when the data are processed unlawfully.
Right to restriction of processing
In certain cases, you have the right to obtain from us restriction of processing of your personal data for a certain period.
Right to data portability and to the provision of data in a machine-readable format
In the case of automated processing based on your consent or performance of the contract, you have the right to receive the data in a structured, commonly used and machine-readable format and to have them transmitted by us to another personal data controller.
Right to object
If we process personal data on the basis of our legitimate interest, you have the right to object to such processing. If you file such an objection, we will not be able to process your personal data unless we demonstrate compelling legitimate grounds for the processing.
Right to withdraw consent
If processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent given before its withdrawal.
Right not to be the subject of automated decision-making
Except where processing is necessary for entering into, or performance of, a contract, where this is permitted by applicable law, or based on your express consent, you have the right not to be the subject of any decision which is based solely on automated processing.
8. International Data Transfers
DKZ Information Technology Services L.L.C is established in the United Arab Emirates, and Stratinova LTD, our EU representative, is established in the Republic of Cyprus. Some of our processors and infrastructure providers may be located outside the European Economic Area (EEA), including the United States.
When personal data is transferred to a country outside the EEA that has not been recognised by the European Commission as providing an adequate level of data protection, we put in place appropriate safeguards in accordance with Articles 44–49 of the GDPR, including but not limited to:
- Standard Contractual Clauses (SCCs) approved by the European Commission, incorporated into our agreements with non-EEA processors
- EU-US Data Privacy Framework certification where applicable (e.g., Google, Microsoft, Cloudflare)
- Adequacy decisions where the European Commission has formally recognised a third country as providing equivalent protection
- Supplementary technical measures such as encryption in transit and at rest, pseudonymisation, and access controls
You may obtain a copy of the safeguards in place for any specific transfer by contacting us at privacy@dolvero.com.
9. Children’s Privacy
Our services are not intended for, nor directed at, individuals under the age of 18 years. Trading in financial markets involves significant risk and is not appropriate for minors.
We do not knowingly collect personal data from individuals under 18. If you are a parent or legal guardian and you become aware that your child has provided us with personal data, please contact us immediately at privacy@dolvero.com.
If we discover that we have inadvertently collected personal data from a person under 18, we will delete that data without undue delay.
10. Personal Data Breach Notification
In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will:
- Notify the competent supervisory authority without undue delay and, where feasible, not later than 72 hours after having become aware of the breach, in accordance with Article 33 of the GDPR
- Inform affected individuals without undue delay, where the breach is likely to result in a high risk to your rights and freedoms, in accordance with Article 34 of the GDPR
- Document the facts of the breach, its effects, and the remedial action taken
- Cooperate with regulatory authorities and affected individuals to mitigate any potential harm
If you suspect that your account or data may have been compromised, contact us immediately at privacy@dolvero.com.
11. DPO & Supervisory Authority
Data Protection Officer
DKZ Information Technology Services L.L.C is not legally required to appoint a Data Protection Officer under Article 37 of the GDPR. For all privacy-related questions, requests, or concerns, please contact us at privacy@dolvero.com.
EU Representative (Article 27 GDPR)
In accordance with Article 27 of the GDPR, our EU representative is:
Registration No. HE475207
Archiepiskopou Makariou III, 228, Agios Pavlos Building
3030 Limassol, Cyprus
Right to Lodge a Complaint
If you believe that our processing of your personal data infringes the GDPR, you have the right to lodge a complaint with a supervisory authority. Because our EU representative is established in Cyprus, the lead supervisory authority is:
1 Iasonos Street, 1082 Nicosia, Cyprus
Email: commissioner@dataprotection.gov.cy
Website: www.dataprotection.gov.cy
You also have the right to lodge a complaint with the supervisory authority of the EU/EEA Member State of your habitual residence, place of work, or place of the alleged infringement.
12. Final Provisions
We reserve the right to update this Privacy Policy from time to time to reflect changes in our processing activities, applicable law, or industry best practices. The most recent version is always available on this page, and the “Last updated” date at the top of the page indicates when the latest revision was made.
Where the changes are material, we will notify you in advance via email or through a prominent notice on our website. Your continued use of our services after the effective date of any updated Privacy Policy constitutes your acceptance of the revised terms.
If you do not agree with the updated policy, you may exercise your rights described in Section 7 above, or contact us at privacy@dolvero.com.
Questions About Your Privacy?
If you have any questions about this Privacy Policy or how we handle your personal data, please don't hesitate to contact us.
Contact Us