We (also referred to as “we”, “us” or “our”) are dedicated to protecting your personal data and upholding your privacy. This Privacy Policy describes how we collect, use and store the information you provide when accessing and using the Gaingate website (the “Website”). The following principles form the foundation of our commitment:

To ensure transparency, we explain how we collect and process your personal information:

We aim to ensure you can make informed decisions regarding the use and processing of your personal data. For this reason, our website provides clear and accessible information about the methods and procedures we use. If you require further details, we will supply specific information at the appropriate time. Please feel free to contact us with any questions or to clarify any legal requirements. You can reach us at info@blue-orion.com

Personal Data will be used solely for the purposes set out in the Policy.

Personal data may be processed by us for various purposes, including providing the website to you and connecting you with third-party trading platforms (the ‘Services’), enhancing the site, protecting our rights and interests, facilitating the maintenance and delivery of services, meeting any regulatory or legal obligations and undertaking administrative and business activities to support the Services. We also process personal data to better understand your preferences and needs.

Access essential tools designed to safeguard your rights in relation to personal data:

We aim to empower you to make informed decisions about how your personal data is collected, used and processed. We strive to maintain transparency and earn your confidence in our practices. Our website is dedicated to providing clear and relevant information on our data practices. Through various methods and procedures, we ensure you can easily access the information you need. Should you require more specific guidance, we will make that available promptly at the appropriate time. We are happy to answer any questions you may have and clarify any legal requirements or limitations. For further assistance, please contact us via email at info@blue-orion.com

Safeguard your personal data:

Although we cannot guarantee absolute security of your personal data, we are committed to employing a range of methods and techniques to safeguard it. Our Privacy and Security Policy outlines these measures in full.

1. The Scope?

This policy outlines the categories of Personal Data collected by our company from natural persons, and explains how we process, share, secure and manage that data. It covers any information relating to an identified or identifiable individual, defined as a person who can be recognised directly or indirectly through additional data we hold or access. For the purposes of this Policy, “processing” refers to any operation involving Personal Data, including its collection, use, organisation, structuring, storage, transmission to third parties and eventual erasure. We may share data with trusted third-party service providers to deliver and improve our services, under strict contractual obligations. We implement appropriate technical and organisational measures to protect your data against unauthorised access and disclosure. Our services are intended for general audiences and are not designed for use by anyone under 18. We do not knowingly collect information from minors or allow them to use our services. If we discover that we have inadvertently obtained Personal Data from someone under 18, we will delete it without delay.

2. What personal data do we hold about you?

When you access our services or channels, or visit our website, we collect Personal Data. In certain cases, we will ask you to provide this information directly. Otherwise, we gather it by analysing your use of our services or service channels, or by receiving it from our third-party partners.

You are not required to disclose personal information to the company; however, please be aware of any potential consequences.

You are not required to provide us with any personal data. However, if you choose not to supply certain information, we may be unable to deliver our services or grant access to the website.

4. What kinds of personal data can we collect? When you visit our website, we will collect the following personal information from you:

This includes details of your online activity log, traffic data (such as IP address, date and time of access), chosen language, software crash reports, browser type and device information. These details are non-private and cannot identify you. Personal data we receive from you consists of any information you voluntarily provide when connecting to a third-party online trading platform via us. Personal information you supply to those platforms to facilitate trading includes your full name, address, telephone number and email address.

5. Legal Basis and Reasons for Processing Personal Data

Your personal data is processed by the Company for the purposes outlined in this section and in accordance with the applicable legal basis. Without such a legal basis, the Company cannot use any personal data relating to you. The legal grounds on which the Company may process your personal data are:

• You have consented to the processing of your personal data for one or more purposes. This occurs when you provide personal information via the website so that we can forward it to a third-party trading platform.
• The Company or a third party may need to process personal data to pursue legitimate interests, for example, to enhance our services or to defend against legal claims.
• Processing must comply with legal obligations.

Please email us for further details on the processing we undertake to protect our legitimate interests. Below is a list of reasons and legal bases for using the personal data you provide.

6. Transfer of Personal Data to Third Parties

The Company may share your Personal Data with third-party service providers, including hosting and storage firms, IP address management services and user-experience analysts. You may also request that we transmit specific Personal Data to third-party trading platforms; in such cases your data will be shared under their privacy policies and may be provided to multiple trading venues. The Company may disclose Personal Data to affiliates or business partners to help develop and improve the products and services we offer. Where necessary to protect the rights or assets of third parties, we may release Personal Data to regulatory, local or other official authorities. We may also share your Personal Data with prospective investors, purchasers or lenders—either to the Company or to other group companies—in connection with any sale or transfer of assets, merger, restructuring, consolidation or insolvency within the group.

ONLINE TRACKING NOTICE

We may engage third-party services, such as advertising partners or analytics providers, who might deploy cookies or similar technologies. Cookies are small data files stored on your device each time you visit the website. They collect information about your browsing behaviour and preferences to enhance your experience, remember your settings and tailor content, products and services to your interests. Cookies also support analytics and performance measurement, helping us understand how the website is used and improve its functionality. Some cookies are session cookies, which expire when you close your browser. Others are persistent cookies that remain on your device for a set period after you close the browser. Persistent cookies enable the website to recognise you as a returning user and provide a seamless experience on subsequent visits.

7. Third-Party Cookies and Services

We may use them in accordance with their intended purpose:

Cookies are blocked or removed. To prevent or delete cookies, adjust your browser settings. Below are links to guide you through the process for several of the most well-known browsers.

• Firefox
• Microsoft Edge
• Google Chrome
• Safari

Please note that some or all of the Website’s features and functions may not work as you expect under these circumstances.

ONLINE TRACKING NOTICE This service does not currently support Do Not Track signals. 8. Retention of your personal data

The Company will retain your personal data for as long as is necessary to fulfil the processing purposes set out in this Policy, or for any longer periods permitted by applicable laws, regulations, policies or orders. We will share your information with third-party trading platforms for 12 months; if you consent, we will extend this period by a further 12 months. We regularly review retained personal data to ensure it is no longer needed.

9. Transfers of personal information to another country or to an international organisation

Your personal information may be transferred to other countries – for example, to a third country (any nation outside your country of residence) or to international organisations and jurisdictions. Our company implements all necessary safeguards to protect your personal data and ensure that you can exercise your rights and pursue effective legal remedies. These protections apply to all residents of the European Economic Area (EEA).

• Transfer to a third country or international organisation which the European Commission has determined provides an adequate level of protection for personal data under Article 45(3) of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 (GDPR)
• The transfer is carried out under a legally binding and enforceable agreement between public entities or authorities in accordance with Article 46(2)(a) of the viro.
• The transfer was carried out in compliance with the EU Commission’s standard data protection clauses adopted under Article 46(2)(c) of the GDPR. These clauses can be viewed at https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en.

We can provide details on the security measures we implement to safeguard your Personal Data when it’s transferred to third-party countries or international organisations. Please email info@wealthwaydigital.uk for further information.

10. Personal Data Protection

We have implemented appropriate organisational and technical measures to safeguard your personal data against accidental or unauthorised destruction, loss or alteration. However, we cannot guarantee that its security will be maintained without error, nor can we accept liability for any indirect, incidental or consequential damages arising from its use or disclosure. This includes, but is not limited to, instances of data exposure due to transmission errors, unauthorised third-party access or any other event beyond our control. Where we are required by law or regulation to disclose your personal data to third parties, such as public authorities, we cannot be responsible for the security measures those third parties apply. Data transmitted over the internet cannot be completely secured. While we strive to protect the information you send us, we cannot guarantee its absolute security during transmission.

11. Hyperlinks to Third-Party Websites

On this website, we provide links to third-party websites and applications for your convenience. These external sites and apps operate independently and are not under the Company’s supervision, so we cannot accept responsibility for how they collect or process personal data. This Policy does not govern their activities. Before using any third-party site or app, please review its privacy policy and terms of use. We recommend exercising caution before disclosing any personal information with these sites or apps. If you choose to provide any personal data to these third parties, your interactions will be governed solely by their policies.

12. Updates to this Policy

This Policy may be amended at any time. We will notify you of any changes by posting the revised Policy on our website. In the event of significant modifications, we will also endeavour to inform you through appropriate channels and publish an announcement online. Unless explicitly stated otherwise, all amendments take effect upon publication of the updated Policy. We recommend reviewing this Policy regularly to stay informed of any changes.

Your rights regarding your personal information

You have the right to request that we verify any personal data we hold about you, correct any inaccuracies and delete any information we no longer require. You may also ask us to restrict certain types of processing. If you reside in the European Economic Area (EEA), please refer to this page: [link]. These rights apply to all personal data you provide. To exercise them, please send an email to the address below. Access rights We will confirm whether we are processing your personal data and, if so, provide you with a copy electronically upon request. We may charge a reasonable fee for additional copies. We will not comply with requests that conflict with the rights and freedoms of others; in such cases, we may refuse or limit our response. Right to rectification You are entitled to have inaccurate personal data corrected. If your data is incomplete, you may request that we complete it by supplying a supplementary statement, taking into account the purposes for which the data is processed. Right to erasure You may request the erasure of your personal data if: a) the data is no longer necessary for the purposes for which it was collected or processed; b) you withdraw consent and no other legal basis for processing applies; c) you object to processing based on our or a third party’s legitimate interests; d) the data has been unlawfully processed; or e) erasure is required to comply with a legal obligation. This right does not apply where processing is necessary to comply with EU or Member State law, or to establish, exercise or defend legal claims. Restriction of processing If you contest the accuracy of your personal data, you may request that we restrict processing pending verification. Restricted data will only be retained and processed with your consent, to establish, exercise or defend legal claims, to protect another individual’s rights, or for reasons of substantial public interest within the EU or a Member State. Right to data portability Where processing is based on consent or on a contract to which you are party, and carried out by automated means, you have the right to receive your personal data in a structured, commonly used and machine-readable format. You may also ask us to transmit this data directly to another controller where technically feasible. Exercising this right does not affect your right to erasure and must not adversely affect the rights and freedoms of others. Right to object You may object at any time to processing based on legitimate interests, including profiling, or to direct marketing. If we demonstrate compelling legitimate grounds for the processing that override your rights, freedoms and interests, or to establish, exercise or defend legal claims, we may continue processing. Withdrawal of consent Where processing is based on your consent, you may withdraw that consent at any time by contacting us. Withdrawal will not affect the lawfulness of processing carried out before you withdrew consent. Complaints to supervisory authority You have the right to lodge a complaint with a supervisory authority in your Member State if you consider our processing of your personal data to infringe applicable data protection laws. EU and Member State law may impose certain limits on these rights as set out in section 13 of this agreement. Response times and charges We will respond to your request within one month of receipt. If necessary, taking into account the complexity and number of requests, we may extend this period by up to two further months, notifying you of the extension and the reasons for it within one month of receiving your request. Information will be provided free of charge unless requests are manifestly unfounded or excessive, particularly if repetitive. In such cases, we may charge a reasonable fee or refuse to act. If we have any doubt about your identity, we may request additional information to confirm it.