Privacy Policy

1. Overview & Commitment to Privacy

KGF Capital® ("KGF," "we," "us," "our") is committed to protecting your privacy and ensuring transparency in how we collect, process, and use your personal data. This Privacy Policy ("Policy") explains our data practices in compliance with the Swiss Data Protection Act (DSG) and Swiss Federal Data Protection Ordinance (FDPO).

This Policy applies to all users of KGF Terminal and our website (elitemacro.io). By using our Service, you consent to the data practices described herein.

2. Data Controller & Responsible Party

Data Controller: KGF Capital®
Location: Switzerland (Zürich)
Contact: compliance@kgfcapital.io

KGF is the data controller responsible for the processing of your personal data. For data protection inquiries, contact our compliance team at the email address above.

3. Types of Data We Collect

A. Data You Provide Directly:

• Registration Data: Name, email address, phone number, portfolio size, trading experience
• Application Data: Information submitted through the beta application form
• Communication Data: Messages, inquiries, feedback sent to our support team
• Payment Data: Bank account details, payment history (processed securely; we do not store full card numbers)

B. Data Collected Automatically:

• Usage Data: Pages visited, features used, time spent, interactions with the Service
• Device Data: Device type, operating system, browser, IP address
• Log Data: Access logs, error logs, security logs
• Cookies & Tracking: Session cookies, analytics cookies (see Section 8)

C. Data from Third Parties:

• Verification Data: Information from KYC/AML providers to verify your identity and portfolio
• Market Data: Public market data, news, and financial information (aggregated, not personal)

4. Legal Basis for Processing

We process your personal data based on the following legal grounds under DSG Art. 31:

• Contract Performance: Processing necessary to provide the Service and fulfill our obligations to you
• Consent: Where you have explicitly consented (e.g., marketing communications)
• Legal Obligation: Compliance with Swiss financial regulations, tax law, and AML/KYC requirements
• Legitimate Interest: Fraud prevention, security, service improvement, and business operations

5. How We Use Your Data

We use your personal data for the following purposes:

• Service Delivery: Providing KGF Terminal, generating reports, delivering signals and alerts
• Account Management: Creating and managing your account, processing payments, handling support requests
• Verification & Compliance: KYC/AML verification, portfolio validation, regulatory compliance
• Security: Detecting fraud, preventing abuse, protecting against unauthorized access
• Analytics & Improvement: Analyzing usage patterns, improving the Service, conducting research
• Communication: Sending service updates, notifications, and responding to inquiries
• Marketing (with consent): Sending promotional materials, newsletters, and product updates

We will not use your data for purposes other than those listed above without obtaining your prior consent.

6. Data Retention

Active Users: Personal data is retained for the duration of your use of the Service.

After Account Termination: We retain personal data for the following periods:

• Transaction & Payment Data: 7 years (Swiss tax law requirement)
• Account & Verification Data: 5 years (AML/KYC compliance)
• Usage & Analytics Data: 2 years (then anonymized)
• Communication Records: 3 years (dispute resolution)

After the retention period expires, data is securely deleted or anonymized. Data may be retained longer if required by law or for legal proceedings.

7. Data Sharing & Third Parties

No Third-Party Sharing: KGF does not sell, rent, or share your personal data with third parties for marketing or commercial purposes.

Limited Sharing for Service Delivery: We may share data with the following categories of recipients only as necessary:

• Service Providers: Payment processors, hosting providers, email services (under data processing agreements)
• Verification Partners: KYC/AML providers, identity verification services
• Legal Compliance: Swiss tax authorities, financial regulators, law enforcement (when legally required)
• Advisors: Legal counsel, auditors, accountants (under confidentiality agreements)

Data Processing Agreements: All third-party service providers are bound by written data processing agreements (DPA) that comply with DSG requirements.

No International Transfers: All personal data is processed and stored exclusively within Switzerland. We do not transfer data outside Switzerland except as required by law.

8. Cookies & Tracking Technologies

Session Cookies: We use session cookies to maintain your login session and provide basic functionality. These cookies are essential and do not require consent.

Analytics Cookies: We use analytics tools (Umami Analytics) to understand how users interact with our Service. These cookies are anonymized and do not identify you personally. You may opt out by disabling cookies in your browser.

No Third-Party Tracking: We do not use Google Analytics, Facebook Pixel, or other third-party tracking services.

Cookie Management: You can disable cookies in your browser settings. However, disabling cookies may impair the functionality of the Service.

9. Your Rights Under DSG

Under Swiss data protection law, you have the following rights:

Right of Access (DSG Art. 25): You have the right to request a copy of the personal data we hold about you, including the purposes of processing, categories of recipients, and retention periods.

Right to Correction (DSG Art. 26): You may request correction of inaccurate or incomplete personal data.

Right to Deletion (DSG Art. 27): You may request deletion of your personal data, subject to legal retention obligations. We will delete data upon request unless we are required to retain it by law.

Right to Data Portability: You may request that we provide your personal data in a structured, commonly used, and machine-readable format for transfer to another service.

Right to Object: You may object to processing of your data for marketing or analytics purposes.

How to Exercise Rights: To exercise any of these rights, contact us at compliance@kgfcapital.io with a clear description of your request. We will respond within 30 days.

10. Data Security

Security Measures: We implement industry-standard security measures to protect your personal data, including:

• Encryption of data in transit (TLS/SSL)
• Encryption of sensitive data at rest
• Secure access controls and authentication
• Regular security audits and penetration testing
• Firewalls, intrusion detection, and monitoring
• Staff training on data protection and security

No Absolute Security: While we take security seriously, no system is completely secure. We cannot guarantee absolute protection against unauthorized access, hacking, or data breaches.

Breach Notification: In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and relevant authorities within 72 hours as required by law.

11. Children's Privacy

KGF Terminal is not intended for users under 18 years old. We do not knowingly collect personal data from children. If we become aware that we have collected data from a child, we will delete it immediately.

12. Policy Changes

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes by posting the updated policy on our website and updating the "Last Updated" date. Your continued use of the Service constitutes acceptance of the updated policy.

13. Contact & Data Protection Authority

Questions About This Policy: If you have questions about our privacy practices, contact:

• Email: compliance@kgfcapital.io
• Legal Inquiries: legal@kgfcapital.io

Data Protection Authority: If you believe your rights have been violated, you may lodge a complaint with the Swiss Data Protection Commissioner (FDPIC) at www.edoeb.admin.ch.