Version 4.0 – Last updated: April 20, 2026
Article 1: Identification of the Data Controller
This privacy policy defines the strict data processing protocols maintained by Promenade Earnd ("the Platform", "we", "us"), with headquarters at Dronning Eufemias gate 16, 0191 Oslo, Norway. We act as the data controller in accordance with the Personal Data Act and the EU General Data Protection Regulation (GDPR). To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO) who can be contacted at: [email protected].
Article 2: Categories of Personal Data Processed
To deliver institutional-level analytical services and maintain a secure environment, we collect the following categories of data:
Identity Data: Full name, date of birth, nationality, and official identification required for mandatory Know Your Customer (KYC) and anti-money laundering (AML) controls.
Contact Information: Verified email address, active mobile number, and official residential address.
Financial Telemetry: Information on source of wealth, transaction history, digital asset wallet addresses, and detailed investor risk profiles.
Digital Footprint: IP addresses, device specifications, geographic location data, and logs of interaction with our analytical interfaces.
Article 3: Legal Basis and Purpose of Processing
The processing of your data is based on the following legal grounds:
Contract Fulfillment: Necessary to manage your account and deliver our technological services.
Legal Obligations: Compliance with the Norwegian Anti-Money Laundering Act and directives from the Financial Supervisory Authority.
Legitimate Interests: Necessary for proactive fraud prevention, cybersecurity, and optimization of our algorithms via anonymized datasets.
Consent: For sending personalized market analyses and the use of optional cookies.
Article 4: Advanced Security and Encryption
Promenade Earnd utilizes enterprise-grade security architecture:
AES-256 encryption: All stored data is protected with military-grade encryption protocols.
TLS 1.3 protocols: All data communication between the user and our servers is secured with end-to-end encryption.
European hosting: Data is stored exclusively on redundant, high-security servers within the European Economic Area (EEA).
Article 5: Your rights
In accordance with the GDPR, you have the right to access, rectification, deletion ("the right to be forgotten"), restriction of processing, data portability, and the right to object. Inquiries should be directed to [email protected]. You also have the right to lodge a complaint with the Norwegian Data Protection Authority (Datatilsynet).