A stylized abstract logo of interlocking geometric shapes, metallic finish, subtle shadows against a dark background, photorealistic, 8k
Get Started

Privacy Policy

Official Page

1. Data Controller & Scope

Digital Asset Risk Mitigation GmbH (DARM) is the data controller for personal data collected through our website, services, and communications. This policy applies to all users interacting with our digital platforms, including clients, partners, and visitors. We process personal data in compliance with GDPR, CCPA, and other applicable privacy laws.

2. Types of Data Collected

  • Identity Data: full name, job title, organization, and professional verifications.
  • Contact Data: business email, phone number, and postal address.
  • Technical Data: IP address, browser type, device identifiers, and session logs.
  • Usage Data: pages visited, features used, and interaction timestamps.
  • Special Categories: We do not collect sensitive personal data such as political opinions or biometrics. However, for KYC/AML compliance, we may process financial identification documents under strict legal bases.

3. Legal Bases for Processing

We process personal data based on: (a) contractual necessity for service delivery; (b) legal obligations for regulatory compliance (e.g., AML/CFT); (c) legitimate interest in business operations and fraud prevention; and (d) explicit consent for marketing communications. Data subjects may withdraw consent at any time.

4. Data Sharing & Transfers

We share data with: (i) sub-processors such as cloud hosting providers (AWS, Swiss GDPR-compliant regions); (ii) regulatory authorities when required by law; (iii) blockchain analytics partners for threat detection (pseudonymized data). All transfers outside the EEA are covered by Standard Contractual Clauses (SCCs) or adequacy decisions.

5. Data Retention

Personal data is retained for the duration of the business relationship plus 5 years post-termination for legal purposes. KYC documents are retained for 10 years per Swiss AML regulations. Technical logs are kept up to 12 months.

6. Your Rights

Under GDPR, you have rights to: access, rectification, erasure (right to be forgotten), restriction of processing, data portability, and objection. For CCPA, you have rights to know, delete, and opt-out of sale (we do not sell data). Exercise rights via [email protected] with subject line ‘Data Subject Request’.

7. Security Measures

We implement AES-256 encryption at rest, TLS 1.3 in transit, role-based access controls, and regular penetration testing. Data is stored in SOC 2 Type II certified facilities.

8. Changes & Contact

This policy is reviewed quarterly. Last updated: 2024-10-01. For inquiries, contact our Data Protection Officer at [email protected].

Schedule a Consultation

Protect Your Assets Today

Contact Us

Trading and holding digital assets carries significant risk, including potential loss of principal. Past performance is not indicative of future results. The information provided by RiskShield is for educational purposes only and does not constitute financial or investment advice. Consult with a qualified professional before making any financial decisions.