Privacy Policy and Data Protection – Duoluxely
Version 4.0 – Last updated: April 27, 2026
Article 1: Identification of the Data Controller
This Privacy Policy defines the strict data processing protocols maintained by Duoluxely ("the Platform", "we", "us"), headquartered at Kipdorp 39, 2000 Antwerp, Belgium. We act as the data controller in accordance with the General Data Protection Regulation (GDPR) and Belgian law. To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO), reachable via: [email protected].
Article 2: Categories of Personal Data Processed
To provide institutional-level technical and analytical services, we collect the following data:
Identity Data: Full name, date of birth, nationality, and official identification required for mandatory KYC (Know Your Customer) and AML (Anti-Money Laundering) verification.
Financial Telemetry: Information on the origin of funds, transaction history, and risk profiles linked to our technical interfaces.
Digital Footprint: IP addresses, device specifications, geographical location data, and detailed logs of interaction with our systems.
Article 3: Legal Basis for Processing
The processing of your data is based on the following legal grounds:
Performance of the contract: Necessary to manage your account and provide our technical services.
Legal obligations: Compliance with Belgian legislation, including the Anti-Money Laundering Act and tax reporting requirements.
Legitimate interests: Necessary for proactive cybersecurity, fraud prevention, and technical optimization of the platform.
Consent: For sending market analyses and using non-essential cookies.
Article 4: Data Security and Sovereignty
Duoluxely uses enterprise-grade security architecture:
Encryption: All sensitive data is stored with AES-256 encryption and transmitted via TLS 1.3.
Hosting: Data is stored exclusively on highly secured servers within the EEA (European Economic Area), guaranteeing full protection under European data sovereignty rules.
Article 5: Your Rights
You have the right to access, rectification, erasure ("right to be forgotten"), restriction of processing, and data portability. Requests can be sent to [email protected]. You also have the right to lodge a complaint with the Belgian Data Protection Authority (GBA).