Maintenance mode
Site will be available soon. Thank you for your patience!

Privacy Policy

Scope

This Privacy Policy explains how we collect, use, disclose, and protect personal data of individuals who visit our websites, use our platforms, products, or services (online or offline). It applies to clients and prospective clients, authorized representatives, agents, beneficial owners, and other natural persons interacting with WB Invest. It does not cover third-party websites or services we do not control.

Personal data we collect

We collect personal data from:

  • You (e.g., applications, forms, communications, uploads).
  • Automatically (e.g., device/usage data via cookies—see our Cookie Policy).
  • Third parties (e.g., KYC/AML providers, credit reference and fraud-prevention agencies, sanctions/PEP databases, public registries, business introducers, affiliates).

Categories may include:

  • Identity & Contact (name, date of birth, ID/passport details, address, email, phone).
  • KYC/AML & Screening (PEP status, sanctions, adverse media, criminal-conviction data where permitted by law).
  • Financial/Transaction (funding source, bank/payment details, transaction history).
  • Technical/Usage (IP address, device/browser, log data, site/app interactions).
  • Profile & Preferences (account settings, marketing preferences, support history).

How and why, we use your data
We process personal data for the following purposes:

  • Onboarding and account management (identity verification, suitability/appropriateness, customer support),
  • Compliance with laws (AML/CFT, screening sanctions, tax/reporting, record-keeping, responding to lawful requests)
  • Service delivery and operations (operate and secure our website/platform, prevent fraud/abuse, incident response)
  • Improvement of analytics and services (usage trends, performance, usability)
  • Marketing (sending product updates/offers)
  • Cookies & similar tech: Consent for non-essential cookies.

We do not rely on consent where law provides a different basis (e.g., AML). When we rely on consent, you can withdraw it at any time.

Legal bases for processing
Depending on the activity, we rely on one or more of: performance of a contract, legal obligation (e.g., AML/CFT), legitimate interests (e.g., site security, analytics, service improvement), and consent (e.g., certain marketing and non-essential cookies). We do not rely on consent where law provides a different basis. When we rely on consent, you can withdraw it at any time.

Automated decision-making & profiling

We may use automated tools to perform identity, fraud, risk, and suitability/appropriateness checks. You have the right to request human review, to express your point of view, and to contest a decision that has legal or similarly significant effects.

Disclosures (who we share data with)

We share personal data only as needed and with appropriate safeguards, including:

  • Group companies/affiliates involved in providing services.
  • Service providers/processors (IT hosting, KYC/AML screening, payments, analytics, communications, support).
  • Financial institutions and payment partners.
  • Professional advisors (auditors, legal, compliance).
  • Regulators, courts, law enforcement where required by law.
  • Business introducers/partners where they help provide our services.

We require recipients to protect your data and use it only for specified purposes.

International Transfers
We may transfer your Personal Data outside your jurisdiction to affiliated entities or third-party providers, provided appropriate safeguards are in place to protect your information.

Retention

We keep personal data only as long as necessary for the purposes above and to meet legal/regulatory requirements. For example, KYC/AML and transaction records are typically retained for 7 (seven) years after the end of the customer relationship (or longer where required by law or for the establishment, exercise, or defense of legal claims). After retention periods expire, we securely delete or anonymize the data.

Security

We apply technical and organizational measures appropriate to the risk, including access controls, encryption in transit and at rest where feasible, network security, monitoring, and staff training. You are responsible for keeping your credentials confidential and notifying us promptly of any suspected unauthorized use.

Your Rights
You have several rights regarding your Personal Data, including:

  • Access: Request confirmation of data processing and a copy of your data
  • Rectification: Correct inaccurate or incomplete information
  • Erasure: Request deletion of data under certain circumstances
  • Restriction: Limit processing in specific situations
  • Data Portability: Receive your data in a structured, machine-readable format
  • Objection: Stop processing for direct marketing or if legitimate interest is contested
  • Automated Decisions: Request protection from decisions based solely on automated processing
  • Consent Withdrawal: Revoke consent at any time without affecting past processing
  • Complaint: Report concerns the relevant data protection authority

For inquiries or to exercise your rights, contact our Data Protection Officer at [email protected]

Children
Our services are not directed to individuals under 18, and we do not knowingly collect personal data from children.

Cookies
See our Cookie Policy for details on how we use cookies and how you can manage your preferences.

Third-party links
Our websites may contain links to third-party sites. We are not responsible for their privacy practices. Please review their policies.

Changes to this Policy
We may update this Policy from time to time. We will post the updated version with a new “Last updated” date and, where appropriate, notify you through our services.

Governing law & jurisdiction

This Privacy Policy, and any non-contractual obligations arising out of or in connection with it, is governed by the laws of the Republic of Seychelles.