Privacy policy

This Privacy Policy explains how maxaa Ltd., operating under the brand “maxaa” (hereinafter “maxaa”, “we”, “us”, or “our”), collects, uses, stores, shares, and protects personal data when providing its services and operating the website https://maxaa.eu (the “Website”).

This Privacy Policy is drafted in accordance with Regulation (EU) 2016/679, the General Data Protection Regulation (“GDPR”), and applicable European Union and Latvian data protection laws.

‍

1. Data Controller

The data controller responsible for processing personal data is:

maxaa Ltd.
Registered in the Republic of Latvia
Registered address: Kursisu street 23A, Marupe, Latvia
Email: info@maxaa.eu

‍

2. Scope of Application

This Privacy Policy applies to the processing of personal data relating to visitors of the Website, representatives, directors, beneficial owners, employees, and authorized users of business customers, prospective customers, partners, suppliers, and other natural persons whose personal data is processed in the course of maxaa’s business activities.

maxaa provides services exclusively on a business-to-business basis. The services are not directed at consumers or minors, and maxaa does not knowingly collect personal data from such persons.

‍

3. Categories of Personal Data We Process

Depending on the nature of the relationship and applicable legal requirements, maxaa may process personal data including, but not limited to, identification and contact information, professional and corporate affiliation details, compliance and due diligence information required for know-your-business, anti-money laundering, counter-terrorist financing, and sanctions screening purposes, technical data relating to the use of the Website and systems, and records of communications with maxaa.

‍

4. Purposes and Legal Bases of Processing

Personal data is processed solely for specified, explicit, and legitimate purposes and only where a valid legal basis under GDPR exists.

Processing is necessary for the performance of a contract or for the implementation of pre-contractual measures, including onboarding, account administration, provision of services, transaction processing, settlements, and customer support.

Processing is further necessary for compliance with legal and regulatory obligations to which maxaa is subject, including obligations arising from financial services regulation, AML and sanctions legislation, accounting rules, audit requirements, and lawful requests from competent authorities.

Where applicable, processing is carried out on the basis of maxaa’s legitimate interests, including ensuring the security and integrity of systems, preventing fraud and misuse, managing business relationships, improving services, and protecting legal rights, provided that such interests do not override the fundamental rights and freedoms of the data subject.

In limited cases, personal data may be processed on the basis of the data subject’s consent, which may be withdrawn at any time without affecting the lawfulness of processing carried out prior to withdrawal.

‍

5. Cookies and Similar Technologies

The Website uses cookies and similar technologies necessary for its operation, security, and performance. Certain cookies may also be used for analytical purposes. Users may control the use of cookies through browser settings. Disabling cookies may affect the functionality of the Website.

‍

6. Disclosure of Personal Data

Personal data may be disclosed to third parties only where necessary and lawful, including to regulated financial institutions, banking partners, payment and crypto-asset service providers, compliance and identity verification providers, IT and cloud service providers, professional advisors, auditors, and competent regulatory, supervisory, or law enforcement authorities.

All recipients are required to process personal data in accordance with applicable data protection laws and under appropriate contractual or legal safeguards.

‍

7. International Data Transfers

Where personal data is transferred outside the European Economic Area, maxaa ensures that such transfers are subject to appropriate safeguards in accordance with Chapter V GDPR, including adequacy decisions, standard contractual clauses, or other lawful transfer mechanisms.

‍

8. Data Retention

Personal data is retained only for as long as necessary for the purposes for which it is processed, including compliance with contractual, legal, regulatory, accounting, and audit obligations. Certain data demonstrates retention periods mandated by financial and AML legislation, which may extend beyond the termination of the business relationship.

‍

9. Data Security

maxaa implements appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including access controls, encryption, system monitoring, and incident response procedures. While reasonable measures are taken to protect personal data, absolute security cannot be guaranteed.

‍

10. Rights of Data Subjects

Data subjects have the rights provided under GDPR, including the right to access personal data, request rectification or erasure where applicable, restrict or object to processing, request data portability, withdraw consent where processing is based on consent, and lodge a complaint with a competent supervisory authority.

Requests may be submitted to info@maxaa.eu. maxaa may require verification of identity prior to responding.

‍

11. Automated Processing

maxaa may use automated systems for compliance, fraud prevention, and risk management purposes, as required by law. Such processing is subject to appropriate safeguards and does not result in legally significant decisions without human oversight where required.

‍

12. Third-Party Websites

The Website may contain links to third-party websites. maxaa is not responsible for the privacy practices or content of such websites.

‍

13. Amendments

This Privacy Policy may be updated from time to time. The current version will be published on the Website with the updated effective date. Material changes may be communicated through appropriate channels.

‍

14. Contact

All questions, requests, or concerns regarding the processing of personal data may be addressed to info@maxaa.eu.