GDPR & AML Compliance Policy
Effective Date: 1 May 2025
Contact: [email protected]
Berentix Technologies Ltd. ("Berentix", "we", "our", or "us") is committed to full compliance with the General Data Protection Regulation (GDPR) and applicable Anti-Money Laundering (AML) regulations across all jurisdictions in which we operate.
This policy outlines how we protect personal data and implement AML procedures on our platform.
1. Scope
This policy applies to:
- Business users (companies using Berentix to raise capital)
- Investors onboarded via the Berentix platform
- Remote agents working within Berentix
- Visitors to berentix.com
2. GDPR Compliance
Berentix adheres to GDPR (EU Regulation 2016/679) in its treatment of all personal data. Our compliance includes:
a. Lawful Basis for Processing
- Performing platform services
- Fulfilling compliance requirements
- Securing legal agreements (contracts)
- Protecting legitimate interests (e.g., fraud prevention)
b. Data Minimization
- Identity verification (for KYC)
- Contact details (for authorized users only)
- Audit logs (for legal and operational integrity)
c. Access Control & Role Segregation
- Investor data is visible only to authorized compliance and business users
- Sales agents do not have access to investor emails, phone numbers, documents, or addresses
- Access is granted based on roles and securely logged
d. User Rights (Data Subjects)
All users (business or investor) may request:
- Access to their data
- Rectification or correction
- Data deletion (when not legally restricted)
- Data portability
- Restriction or objection to processing
Requests may be submitted to: [email protected]
e. Data Security & Storage
- All personal data is encrypted in transit and at rest
- Audit logs and sensitive uploads are stored on GDPR-compliant cloud infrastructure
- Platform access is protected by multi-factor authentication, IP control, and session limits
f. Data Retention
- Data is retained only as long as required by law or ongoing fundraising activity
- Investor KYC documents are stored only during active investment campaigns
- Users may request data deletion after project closure, subject to legal obligations
3. AML Compliance
Berentix operates under the principles of FATF recommendations and EU AML directives, including but not limited to 5AMLD and 6AMLD. While Berentix is not a financial institution, we provide tools that support AML responsibilities of our users.
a. Know Your Customer (KYC)
All investors onboarded through Berentix are required to:
- Upload a valid government-issued ID or passport
- Provide proof of address (utility bill or bank statement)
- Submit personal details matching contract data
b. Risk-Based Approach
We apply risk assessment measures based on:
- Investor country of residence
- Transaction volume or activity
- Document irregularities or red flags
High-risk cases are escalated to the platform’s compliance team for manual review.
c. Suspicious Activity Monitoring
Berentix monitors:
- Repeated failed identity checks
- Reused or tampered document uploads
- Login activity from blacklisted or high-risk IPs
- Attempted data extraction or manipulation
Suspicious users may be suspended and reported to authorities as required.
d. Document Verification
- All uploaded investor documents are timestamped and stored with checksum verification
- Reviewed for expiry, mismatch, or forgery
- Used solely for compliance, not shared with agents or external parties
4. No Custody of Funds
- Berentix does not hold, transfer, or process investor funds
- All investor payments are made directly to the business user’s bank account
- Berentix cannot intercept or refund any investment transaction
- AML responsibilities related to fund origin and usage fall on the receiving company
5. Breach Notification
In case of any data breach or security incident, Berentix will:
- Notify affected users without undue delay
- Report the breach to supervisory authorities where legally required
- Take all necessary steps to contain and resolve the issue
6. Responsibility and Contacts
Berentix employs a Data Protection and Compliance Officer to oversee all GDPR and AML-related processes.
For compliance matters, KYC verification, or data rights:
Berentix Technologies Ltd. is fully committed to protecting your personal data and ensuring lawful fundraising operations across all markets.