Privacy Policy
Effective Date: January 1, 2025 | Last Updated: January 1, 2025
1. Introduction
Lookinex is committed to protecting your personal data. This Privacy Policy explains what data we collect, why we collect it, how we use and protect it, and your rights regarding your data. This policy applies to all users of the Lookinex platform at lookinex.com and any related services.
2. Data We Collect
2.1 Account Data
- Full name, email address, phone number (optional), country of residence
- Password (stored as a secure hash — we never store your actual password)
- Preferred language and theme settings
2.2 Identity Verification (KYC) Data
- Government-issued ID (passport, national ID, driver's license) — front and back images
- Selfie photograph (with or without document, depending on verification tier)
- Proof of address (utility bill, bank statement)
- Source of funds declaration (for Tier 3 verification)
KYC documents are stored encrypted and access is restricted to authorized Lookinex compliance staff only.
2.3 Financial Data
- Deposit history (amounts, coins, transaction IDs, timestamps)
- Withdrawal history (amounts, destination addresses, transaction IDs)
- Investment records (amounts, dates, stop-loss settings, profit/loss history)
- Profit distribution and referral earning history
2.4 Technical and Usage Data
- IP address at login and at the time of financial transactions
- Device type, operating system, browser type, login timestamps
- Pages visited and features used on the Platform
2.5 Communications Data
- Support ticket content and messages
- Emails sent to or received from our support team
3. How We Use Your Data
| Purpose | Legal Basis |
|---|---|
| Providing and operating the Platform and investment services | Performance of contract |
| Processing deposits, withdrawals, and profit distributions | Performance of contract |
| Identity verification (KYC) and fraud prevention | Legal obligation + Legitimate interests |
| AML/CFT compliance and sanctions screening | Legal obligation |
| Sending transactional emails | Performance of contract |
| Responding to support requests | Legitimate interests |
| Improving the Platform and fixing bugs | Legitimate interests |
| Complying with legal and regulatory requirements | Legal obligation |
We do not use your personal data for any purpose not listed above without your explicit consent. Lookinex products are ad-free. We do not share your data with advertisers.
4. Data Sharing
We do not sell your personal data. We share data only with the following categories of recipients, strictly as necessary:
4.1 Service Providers
Cloud hosting providers, email delivery services, KYC/identity verification providers, blockchain analytics providers, swap/exchange services, and customer support tools. All service providers are contractually bound to process your data only on our instructions and in compliance with applicable privacy law.
4.2 Legal and Regulatory Bodies
We may disclose your data to law enforcement agencies, regulators, courts, or other public authorities when required by applicable law, a valid legal process, or to protect the rights, property, or safety of Lookinex, our users, or the public.
4.3 Business Transfers
In the event of a merger, acquisition, or sale of assets, your data may be transferred to the acquiring entity. You will be notified of any such transfer and your rights under this policy will continue to apply.
5. Data Retention
| Data Type | Retention Period |
|---|---|
| Account and profile data | Duration of account + 5 years after closure |
| KYC documents | 5 years after account closure (AML legal requirement) |
| Transaction and financial records | 5 years after account closure (AML/tax requirement) |
| Audit logs and admin actions | 5 years |
| Support communications | 3 years after ticket resolution |
| Technical logs (IP, session data) | 12 months |
| Marketing preferences | Until opt-out or account deletion |
After the applicable retention period, data is securely deleted or anonymized.
6. Data Security
We implement and maintain the following security measures:
- All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher
- KYC documents are encrypted at rest using AES-256 encryption
- Passwords are hashed using bcrypt with appropriate cost factors
- Access to production systems and sensitive data is restricted to authorized personnel with multi-factor authentication
- Regular security audits and penetration testing
- Fund assets held in cold storage wallets where possible
Despite these measures, no system is completely secure. In the event of a data breach, we will notify you and relevant authorities as required by applicable law, within 72 hours of becoming aware of the breach.
7. Your Rights
Depending on your jurisdiction, you may have the following rights regarding your personal data:
- Right of access — request a copy of the personal data we hold about you
- Right to rectification — request correction of inaccurate or incomplete data
- Right to erasure — request deletion of your data (note: data retained for legal compliance cannot be deleted before the required retention period)
- Right to restriction — request that we restrict processing of your data in certain circumstances
- Right to data portability — request a copy of your data in a structured, machine-readable format
- Right to object — object to processing based on legitimate interests, including for direct marketing
- Right to withdraw consent — where processing is based on your consent, you may withdraw consent at any time
To exercise any of these rights, contact us at privacy@lookinex.com. We will respond within 30 days.
8. Cookies
We use essential cookies (required for authentication and session management), analytics cookies (to understand how users interact with the Platform), and preference cookies (to remember your language and theme settings). We do not use advertising or tracking cookies.
You can manage cookie preferences through the cookie settings banner displayed on your first visit, or through your browser settings. Disabling essential cookies will prevent the Platform from functioning correctly.
9. Children's Privacy
The Lookinex Platform is not directed at individuals under the age of 18. We do not knowingly collect personal data from anyone under 18. If we become aware that a user is under 18, we will promptly close the account and delete all associated data.
10. International Data Transfers
Lookinex may transfer your personal data to countries outside your country of residence. Where we make such transfers, we implement appropriate safeguards such as standard contractual clauses approved by relevant data protection authorities.
11. Changes to This Policy
We may update this Privacy Policy from time to time. Material changes will be communicated via email and an in-platform notification at least 14 days before taking effect.
12. Contact
For privacy-related questions or to exercise your rights:
Email: privacy@lookinex.com | Response time: Within 30 business days