Data Processing and Retention Policy

Effective Date: 23.01.2026

## 1. General Provisions and Controller
This Data Processing Policy (the "Policy") outlines the fundamental principles and procedures governing the processing of personal data by Pocket Option ("Company", "we", "us"). We are committed to processing all personal data in a transparent, lawful, and secure manner.

Data Controller:
Павел Петров
Email: support@mypocketoption.vercel.app
Address: (Please contact via email for mailing address)

## 2. Principles of Data Processing
We adhere to the following key principles when processing your personal data:
- Lawfulness, Fairness, and Transparency: Data is processed lawfully, fairly, and in a transparent manner in relation to the data subject.
- Purpose Limitation: Data is collected for specified, explicit, and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
- Data Minimization: Data is adequate, relevant, and limited to what is necessary in relation to the purposes for which it is processed.
- Accuracy: Data is accurate and, where necessary, kept up to date.
- Storage Limitation: Data is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data is processed.
- Integrity and Confidentiality: Data is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage.

## 3. Categories of Data Processed
To provide our services, we may process the following categories of data:
- Identity Data: includes first name, last name, username or similar identifier.
- Contact Data: includes email address and telephone numbers.
- Technical Data: includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices you use to access this website.
- Usage Data: includes information about how you use our website, products, and services.
- Marketing and Communications Data: includes your preferences in receiving marketing from us and our third parties and your communication preferences.

## 4. Legal Basis for Processing
We process your personal data based on the following legal grounds:
- Consent: You have given clear consent for us to process your personal data for a specific purpose.
- Contract: The processing is necessary for a contract we have with you, or because you have asked us to take specific steps before entering into a contract.
- Legal Obligation: The processing is necessary for us to comply with the law (not including contractual obligations).
- Vital Interests: The processing is necessary to protect someone's life.
- Legitimate Interests: The processing is necessary for our legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect your personal data which overrides those legitimate interests.

## 5. Automated Decision Making and Profiling
We generally do not use fully automated decision-making processes that produce legal effects concerning you or similarly significantly affect you. If we use profiling (automated processing of personal data to evaluate certain personal aspects), we will inform you of the logic involved, as well as the significance and the envisaged consequences of such processing for you.

## 6. International Data Transfers
We operate globally, and your information, including personal data, may be transferred to — and maintained on — computers located outside of your state, province, country, or other governmental jurisdiction where the data protection laws may differ from those of your jurisdiction. If you are located outside the region where our servers are hosted and choose to provide information to us, please note that we transfer the data to our server locations and process it there. Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

## 7. Data Sharing and Processors
We may engage third-party service providers ("Processors") to process your personal data on our behalf. These Processors are bound by confidentiality agreements and are prohibited from using your personal data for any purpose other than providing the agreed-upon services. Categories of recipients include:
- Cloud Service Providers (hosting, storage)
- IT Support and Maintenance providers
- Email and Communication Service providers
- Analytics Providers (e.g., Google Analytics)

## 8. Data Security Measures
We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:
- Encryption of personal data where appropriate.
- Identification and authentication mechanisms for accessing data.
- Periodic risk assessments and security audits.
- Training for employees on data protection and confidentiality.

## 9. Data Subject Access Requests (DSAR)
You have the right to request information about the personal data we hold about you. To submit a Data Subject Access Request (DSAR), please send an email to support@mypocketoption.vercel.app with the subject line "DSAR Request". We will acknowledge your request and respond within the statutory time limits (usually one month).

## 10. Filing a Complaint
If you believe that your data protection rights have been violated, you have the right to lodge a complaint with a supervisory authority responsible for data protection in your country of residence or place of work.

## 11. Contact Information
For any inquiries regarding this Data Processing Policy, please contact our Data Protection Officer (DPO) or responsible person at:
Email: support@mypocketoption.vercel.app