• en
  • no

Privacy Policy

We (“we,” “us,” or “our”) are committed to safeguarding your personal data and your privacy.

This Privacy Policy explains how we collect and store the information you provide through the Norfin Bitflow website (the “website”).

These principles will be upheld:

  • To ensure transparency about how we collect and process your personal information:

We want you to be able to make informed decisions regarding how personal data is used and processed. That is why we have created this website. To that end, we use various methods and procedures to provide you with relevant information about the use of personal data.

If we determine that you need specific details, we will provide them at the appropriate date and time.

We are happy to answer any questions and provide any clarifications regarding applicable legal limitations. You can reach us via email at the address below: info@norfin-bitflow.com

  • Personal data will be used solely for the purposes outlined in the policy.

Personal Data may be processed by Us for various purposes, including providing the website to you and connecting you with third-party trading platforms (the 'Services'); improving the site; protecting our rights and interests; maintaining and delivering the Services; complying with regulatory or legal obligations; and performing administrative and business operations to support the provision and use of the Services.

We also process personal data to better understand your preferences and needs.

  • To access essential tools for exercising your rights regarding personal data:

To help you exercise your rights, we offer substantial resources. Contact us at any time to request access to your personal data. We can correct or delete it, stop using it for specific purposes or altogether, and transfer your information to you or a third party. We will strive to accommodate your requests.

  • Protect your personal data:

While we cannot guarantee the absolute security of your personal data, we guarantee that we will continue to employ a broad range of measures and techniques to ensure your personal data remains protected.

Our privacy and security policy is thorough.

1. The Scope?

This policy describes the types of personal data the company collects about natural persons and how it processes, shares with third parties, and safeguards that data, among other practices.

This Policy concerns information that relates to an identified or identifiable natural person. An identifiable natural person can be defined as someone who can be identified directly or indirectly through a combination of information we hold or are able to access.

The Policy defines “processing” as a process that involves the use or collection of personal data. It includes the management, structuring, and storage of personal data.

Our services are intended for a general audience and are not designed for individuals under 18. We do not knowingly collect or solicit information from anyone under the age of 18, nor do we knowingly permit such individuals to use our services. If we learn that we hold information about a child, we will delete it as quickly as possible.

2. What personal data do we hold about you?

When you use our services and channels or visit our website, we collect personal data. We may request your personal data in certain instances. In other instances, we gather your personal data by analysing the use of our services and channels or by receiving information from our third-party partners.

3. No obligation to disclose personal information to the company and any consequences.

However, you are not required to provide us with any personal data. In some circumstances, you may choose not to share any personal data. This may prevent us from providing certain services or limit users' access to the website.

4. What types of personal data can we collect? When you visit our website, we will collect the following personal information about you:

This includes information about your online activity logs and traffic data (including your IP address and the date and time of access), the language you use, software crash logs, the type of browser used, as well as details about the device you use. The information we collect is not personal data and cannot be used to identify you.

Personal Data We receive from you: Any personal data you voluntarily provide to Us when you connect with a third-party online trading platform through Us.

Personal information you submit to third-party platforms for trading purposes: this includes your full name, address, phone number, and email address.

5. The legal basis and the purposes for processing personal data

We process your personal data for the purposes described in this section and in accordance with the applicable legal basis.

Without a legal basis, the company cannot process your personal data. The legal grounds on which the company may process your personal data are:

  • You have consented to the processing of your personal data for one or more purposes. This applies when you submit personal information via the website so that we can transfer it to a third-party trading platform.
  • The Company or a third party may need to process personal data to pursue legitimate interests. For example, to improve our services or to defend legal claims.
  • Processing is required to comply with a legal obligation.

Contact us by email for more information about the processing required to protect legitimate interests.

Below is a list of the purposes and legal bases for our use of the information you provide to us. Personal data.

Scope
Legal basis

To share your personal information with third-party providers at your request to access digital trading services

At your request, we may collect personal data from you to share with third-party companies.

You have consented to the processing of your personal data for one or more purposes.

To respond to your requests, questions, or concerns, we require certain personal data to assist you with any inquiries you may have about our services.

Processing is necessary for the legitimate interests pursued by the company or a third party.

Personal data is processed to comply with any legal, administrative, or judicial obligations and to meet legal requirements.

Processing is required to comply with applicable legal obligations.

Enhancing Our Services We may use Personal Data to improve Our Services. This includes, among other things, crash and malfunction reports that we collect in relation to the Services.

Processing is necessary to pursue the legitimate interests of the company or those of a third party.

To Prevent Fraud and Misuse of Our Services

Processing is necessary for the purposes of the legitimate interests pursued by the company or a third party.

To meet the requirements of our services, we perform and manage activities such as back-office operations, business development, strategic decision-making, and oversight mechanisms.

Processing is necessary for the legitimate interests of the company, or those of a third party.

To support decision-making on a wide range of issues, we employ a variety of analytical techniques, including statistical methods.

Processing may be necessary for the legitimate interests of the company or a third party.

To protect our assets, rights, and interests, as well as those of third parties, we have developed HTML0 to establish and defend legal claims. We may process personal data to safeguard our rights, interests, and assets, or those of third parties, in compliance with applicable laws, regulations, agreements, and any relevant terms, conditions, or policies.

Processing is necessary for the purposes of the legitimate interests pursued by the company or a third party.

6. Transfer of Personal Data to Third Parties

The company may also share personal data with third-party service providers, such as hosting and storage partners, including IP address details and analysis of user experiences.

You may ask us to share specific personal data with third-party trading platforms. In such cases, we will share the personal data you have provided with those third-party platforms. Their use of your personal data is governed by their privacy policies. Your personal data may be shared with multiple trading platforms.

The Company may share personal data with affiliated entities or business partners. This can provide the Company with the resources needed to enhance and improve the products and services it offers its customers.

Where necessary to protect the rights of third parties or assets, The Company may disclose personal data to regulatory, local, or other official authorities.

We may also share your personal data with potential investors or buyers, or with lenders to the company or any other company within our corporate group, if a relevant transaction occurs (including the transfer or sale of assets belonging to the company or any other group entity), or as part of any merger, restructuring, consolidation, or bankruptcy of the company or any other business in the group.

7. Cookies and Third-Party Services

Third-party services, including advertising providers on our website and analytics companies, may be engaged. These parties may also use cookies or other technologies.

Cookies are small text files stored on your device when you visit or use this website. They collect information about your preferences and browsing behavior to enhance your experience, remember your settings, and tailor products and services to your interests. Cookies are also used for statistical and analytical purposes.

Some of the cookies we use are session cookies. These are stored temporarily on your device and expire as soon as you close your browser. Other cookies are persistent and remain on your device for a set period of time even after you close your browser. They help the site recognize you as a returning user and make it easier to access and navigate the website when you come back.

Types of cookies:

We may use them depending on their purpose:

Cookie type

Cookies are strictly necessary

Scope

These cookies are essential for accessing the features you request and for navigating our website. They enable us to deliver the information, products, and services you have requested.

They are necessary for your device to download and stream data. This enables you to browse the site, use its features, and return to pages you’ve visited before.

Additional Information

We use cookies to collect personal data, including your username and last login date, to confirm that you are logged in to the site.

They are deleted when you close your web browser (session cookies).

The cookie type

Functionality cookies

Scope

Cookies help us recognize you each time you visit our site and let us save your settings and preferences.

Additional Information

They remain active until their expiry date and persist even after you close the browser.

Type of cookie

Cookies for performance

Scope

We use cookies to collect statistical data about site performance and to enhance the site. They also enable us to analyse how our website is used.

Additional Information

Cookies store anonymous data that isn't associated with any identifiable or identified natural person.

They can be deleted when you close your browser. Other cookies remain valid indefinitely.

Cookies are blocked or deleted

To block or delete cookies, adjust your browser’s settings. Below are links to guide you through the process for several of the most widely used browsers.

  • firefox
  • Microsoft Edge
  • Google Chrome
  • safari

However, please note that some or all of the website's features and functions may not work as expected if this occurs.

ONLINE TRACKING NOTICE

The Company will retain your personal data for as long as necessary to fulfill the purposes described in this policy, or longer where permitted by applicable laws, regulations, policies, and orders.

We will share your information with third-party trading platforms for 12 months. If you consent, we will continue sharing your data for an additional 12 months.

We regularly review the Personal Data we hold to ensure we do not retain it longer than necessary.

9. Transfers of personal data to a third country or to an international organization

Your personal information may be transferred to other countries (i.e., your personal data may be sent to a third country—an additional country other than the one in which you reside—or to international organizations), including International Organizations or Jurisdictions. Company takes all necessary measures to protect the personal data you provide and to ensure that data subjects can exercise their rights and have access to effective legal remedies.

These protections and safeguards are available to all residents of the EEA (European Economic Area).

  • Transfer to a third country or international organisation that the European Commission has determined ensures an adequate level of protection for personal data transferred to it pursuant to Article 45(3) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016. (the “GDPR”)
  • The transfer is made pursuant to a legally binding and enforceable agreement between public entities or authorities, as provided in Article 46 (2) (a).
  • The transfer was carried out in accordance with the European Commission’s Standard Contractual Clauses adopted under Article 46(2)(c) of the GDPR. The Clauses adopted by the European Commission can be viewed at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

The Company can provide details about the security measures it uses to protect your personal data when it is transferred to third countries or international organizations. To request this information, please email us at info@wealthwaydigital.uk

10. Protection of Personal Data

We have implemented appropriate organizational and technical measures to protect personal data. This includes preventing accidental or unlawful destruction, loss, or alteration of personal data.

We cannot guarantee or warrant that the security of your personal data will be entirely error-free. We are also not liable for any intangible, incidental, or consequential damages arising from the use or disclosure of personal data. This includes, but is not limited to, personal data being disclosed due to transmission errors, unauthorised access by third parties, system failures, or any other causes beyond our control.

If required by law or by other obligations beyond our control, we may be required to disclose personal data about you to third parties, including public authorities. In these circumstances, we cannot influence or guarantee the level of security those third parties apply to your personal data.

Personal data transmitted over the internet is not completely secure. The Company cannot guarantee the security of any personal data you provide to us online.

11. Hyperlinks to websites owned by third parties

Links to third-party websites and applications are provided on this website. These websites and applications are not controlled or supervised by the company. We are not responsible for the collection or processing of personal data by these sites or apps. This Policy does not apply to activities conducted through such sites or apps.

When visiting any third-party websites or apps, we recommend that you review their privacy policies before deciding to access or use their apps. We also advise that you share any personal data with them.

12. Changes to this Policy

This Policy may be updated or revised at any time. If we make changes, we will notify you by posting the updated Policy on our website and indicating the effective date. In addition, for significant updates or changes, we will seek to inform you through the methods we deem appropriate, such as direct communications, and will publish an announcement on our website. Unless explicitly stated otherwise, any amendments will take effect upon publication of the revised Policy.

13. Your rights regarding the processing of your personal data

You are entitled to ask us to verify the accuracy of the personal data collected about you, to rectify any errors, and to delete any personal data we do not require. You may also restrict the scope or types of processing of your personal information.

If you are a resident of the EEA, please refer to this page:

These rights are available to you in relation to the information you provide that relates to your personal data. You may request to exercise your rights by sending an email to the address below.

Access rights

The Company can verify whether personal data are being processed about you. If they are, you have the right to access your personal data.

The Company will provide an electronic copy of the personal data it is currently processing and may charge a reasonable fee for any additional copies. The data will be made available electronically upon request.

The right to access personal data must not conflict with the rights and freedoms of others. If a request would undermine the rights and freedoms of another person, the company may refuse to comply with the request or limit the scope of its response.

Right to rectification

The Company has the right to correct inaccurate personal data. You have the right to request that any incomplete personal data about you be corrected, taking into account the purpose of processing.

Right to Erasure

The following reasons are applicable: (a) personal data are no longer required for the purposes for which they were collected or processed; (b) you withdraw consent and there is no other legal basis for processing; (c) you object at any time, on grounds relating to your particular situation, to processing based on legitimate interests pursued by us or by a third party; (e) personal data have been processed unlawfully; or (f) personal data must be erased to comply with the company’s legal obligations.

This right does not apply where processing is necessary (a) to comply with a legal obligation under European Union or Member State law; or (b) to establish, exercise, or defend legal claims.

Processing restrictions

If you are concerned about the accuracy of your personal data, you can request that the company restrict the processing of your personal data.

If you request restriction of your personal data, it may only be retained with your consent, to establish, exercise or defend legal claims, to protect the rights of another natural person, or for reasons of significant public interest within the European Union or a Member State.

Right to Data Portability

If processing is carried out by automated means and is based on your consent or a contract to which you are a party, you have the legal right to review the personal data you have provided to the company.

You are entitled to request that your personal data be transferred directly from the company to another controller, if and when technically feasible. Your rights under the right to erasure are not altered or limited by exercising your right to data portability. The right to transfer data may not infringe upon the rights or freedoms of any other person.

Right to challenge

You have the right to object at any time to the processing of your personal data based on legitimate interests pursued by the company or a third party. This also covers profiling based solely on those legitimate interests. If we can demonstrate compelling legitimate grounds for processing that override your rights, freedoms, or interests, or if processing is for the establishment, exercise, or defense of legal rights, we may continue processing.

Regarding direct marketing, you have the right to object at any time to the processing of your personal data.

Right to decline consent

You may withdraw your consent to our processing of your personal data at any time. This will not affect the lawfulness of any processing based on your consent before it was withdrawn.

You have the right to file a complaint with the relevant supervisory authority.

You may file an appeal with a supervisory authority established by a Member State to protect individuals’ fundamental rights regarding the processing of personal data within the European Union.

The laws of the European Union and its Member States may restrict your rights regarding personal data about you, as described in Section 13.

We will provide the requested information in accordance with your rights under Section 13 of this agreement within one month of receiving your request. This timeframe may be extended to up to two months if necessary, depending on the nature of the request and the volume of requests. Within one month of receiving your request, we will inform you of any extension and the reasons for it.

Provided it does not conflict with section 13 of the law, information requested under your rights in section 13 will be provided free of charge. If a request is unfounded or excessive, particularly if repeated, we may charge a reasonable fee to cover the administrative costs of providing the information or taking the action requested. We may also decline to act.

If we have any doubts about the identity of the individual who submitted your request or the person making the request, the company may ask for additional information to verify your identity.