LEGAL DOCUMENTATION

Privacy Policy

Last updated: January 21, 2026

Introduction

KEY COMMITMENT
At SMT Cash, your privacy is of paramount importance. This Privacy Policy explains how we collect, use, disclose, and protect your personal and financial information when you use our investment platform and services.

We are committed to protecting your privacy and ensuring the security of your data in compliance with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other relevant regulations.

By using our services, you acknowledge that you have read and understood this Privacy Policy. We encourage you to read this policy carefully and contact us if you have any questions.

Information We Collect

CRITICAL: We collect and process various types of information to provide and improve our services. This includes sensitive financial and personal data required for regulatory compliance.

Personal Information

Full name, date of birth, nationality, government-issued ID numbers, and other identifying information required for KYC compliance.

Contact Information

Email address, phone number, physical address, and other contact details necessary for account communication.

Financial Information

Bank account details, payment card information, transaction history, and investment portfolio data.

Investment Information

Investment preferences, risk tolerance, trading history, portfolio performance, and investment strategies.

Technical Information

IP address, browser type, device information, login data, and usage patterns for security and analytics.

Verification Information

Know Your Customer (KYC) documents, identity verification data, and compliance-related information.

How We Use Your Information

PRIMARY USES
Your information is used exclusively for providing investment services, maintaining security, and meeting legal obligations. We never sell your data to third parties.
  • Account Management: Creating and maintaining your investment account, processing transactions, and providing customer support
  • Identity Verification: Conducting KYC (Know Your Customer) and AML (Anti-Money Laundering) checks as required by law
  • Investment Services: Executing trades, managing your portfolio, and providing investment recommendations
  • Security: Protecting against fraud, unauthorized access, and other security threats
  • Communication: Sending important account updates, investment reports, and platform notifications
  • Compliance: Meeting legal and regulatory requirements, including tax reporting obligations
  • Platform Improvement: Analyzing usage patterns to enhance our services and user experience
  • Marketing: With your consent, sending promotional materials and investment opportunities

Legal Basis for Processing

We process your personal data based on the following legal grounds:

  • Contractual Necessity: Processing required to fulfill our contractual obligations to you
  • Legal Obligations: Compliance with financial regulations, anti-money laundering laws, and tax requirements
  • Legitimate Interests: Improving our services, preventing fraud, and ensuring platform security
  • Consent: Marketing communications and optional features that you have agreed to

Data Security Measures

SECURITY GUARANTEE: We implement industry-leading security measures including 256-bit AES encryption, multi-factor authentication, and 24/7 monitoring to protect your data.

Encryption

256-bit AES encryption for data at rest and TLS 1.3 for data in transit. All sensitive data is encrypted using military-grade standards.

Access Controls

Role-based access controls, multi-factor authentication, and strict authorization protocols to prevent unauthorized access.

Monitoring

24/7 security monitoring, intrusion detection systems, and real-time threat analysis to protect against cyber attacks.

Data Storage

Secure data centers with physical security, redundancy, and backup systems to ensure data availability and integrity.

Compliance

Regular security audits, penetration testing, and compliance assessments to maintain the highest security standards.

Training

Comprehensive security training for all employees and strict data handling protocols to prevent human error.

Data Retention

RETENTION POLICY: We retain your personal data only for as long as necessary for business operations and legal compliance.
  • Account Data: Retained for the duration of your account plus 7 years for regulatory compliance
  • Transaction Records: Retained for 7 years as required by financial regulations
  • Communication Records: Retained for 3 years for customer service purposes
  • Marketing Data: Retained until you withdraw consent or for 2 years after last interaction
  • Technical Data: Retained for 12 months for security and analytical purposes

After the retention period, your data is securely deleted or anonymized in accordance with our data destruction policies.

Your Data Protection Rights

YOUR LEGAL RIGHTS
Under GDPR, CCPA, and other data protection laws, you have comprehensive rights over your personal data. Exercise these rights by contacting us at privacy@smtcash.com

Right to Access

Request copies of your personal data and information about how we process it.

Right to Rectification

Correct inaccurate or incomplete personal data we hold about you.

Right to Erasure

Request deletion of your personal data under certain circumstances.

Right to Restriction

Limit our processing of your personal data in specific situations.

Right to Portability

Receive your data in a structured, commonly used format.

Right to Object

Object to our processing of your personal data for direct marketing.

International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer your data internationally, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses: Approved data transfer agreements with our service providers
  • Adequacy Decisions: Transferring data only to countries with adequate data protection levels
  • Binding Corporate Rules: For transfers within our corporate group
  • Additional Safeguards: Encryption, pseudonymization, and access controls

Third-Party Disclosure

NO DATA SALES: We do not sell your personal data to third parties. We only share information with trusted partners who provide essential services or when required by law.

We may share your information with:

  • Service Providers: Payment processors, cloud hosting providers, analytics services, and customer support platforms
  • Financial Partners: Banks, payment institutions, and investment partners necessary for transaction processing
  • Regulatory Authorities: Law enforcement, tax authorities, and financial regulators when required by law
  • Professional Advisors: Lawyers, accountants, and auditors for compliance and legal purposes
  • Business Transfers: In connection with mergers, acquisitions, or sale of company assets

All third parties are required to maintain the confidentiality and security of your data and are prohibited from using it for any purpose other than providing services to us.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our platform:

  • Essential Cookies: Required for platform functionality and security
  • Performance Cookies: Help us analyze platform usage and improve performance
  • Functional Cookies: Remember your preferences and settings
  • Marketing Cookies: Used for personalized advertising (with consent)

You can manage your cookie preferences through your browser settings or our cookie consent tool. For more details, please refer to our Cookie Policy.

Contact Information

PRIVACY SUPPORT
For any privacy-related questions or to exercise your data rights, contact our dedicated privacy team. We respond to all inquiries within 48 hours.

Email

support@smtcash.com

Address

100 Nicolson St Edinburgh Midlothian EH8 9BY

Data Protection Officer

ERIC CLIFFORD

Changes to This Policy

POLICY UPDATES: We may update this Privacy Policy from time to time. Material changes will be communicated via email and platform notifications.

We will notify you of any material changes by:

  • Posting the updated policy on this page with a new effective date
  • Sending email notifications to registered users
  • Displaying prominent notices on our platform

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your privacy.

Supervisory Authority

REGULATORY COMPLAINTS: If you believe your privacy rights have been violated, you have the right to file a complaint with your local data protection authority.

If you are located in the European Union, you have the right to lodge a complaint with your local supervisory authority regarding our processing of your personal data. Contact details for EU supervisory authorities can be found at:

European Data Protection Board

For users in other jurisdictions, please contact your local data protection authority.