Privacy Policy and Data Protection – Investment Opportunities

Version 4.0 – Last updated: April 20, 2026

Article 1: Identification of the Data Controller

This privacy policy defines the strict data processing protocols maintained by Investment Opportunities ("the Platform", "we", "us"), with its head office at Karenslyst allé 14, 4th floor, 0278 Oslo, Norway. We act as the data controller in accordance with the Norwegian Personal Data Act and the EU General Data Protection Regulation (GDPR). To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO) who can be contacted at: [email protected].

Article 2: Categories of Personal Data Processed

To deliver institutional-grade AI-driven analytical services, we collect the following categories of data in accordance with the principle of data minimization:

Identity Data: Full name, date of birth, nationality, and official identification required for mandatory KYC (Know Your Customer) and AML (Anti-Money Laundering) checks.

Contact Information: Verified email address, active mobile number, and official residential address.

Financial Telemetry: Information about source of wealth, transaction history, and risk profiles linked to our analytical interfaces.

Digital Footprint: IP addresses, device specifications, geographical location data, and granular logs of interaction with our technical systems.

Article 3: Legal Basis for Processing

The processing of your data is based on the following legal grounds:

Performance of Contract: Necessary to manage your account and deliver our technological services.

Legal Obligations: Compliance with Norwegian law, including the Anti-Money Laundering Act and tax reporting requirements.

Legitimate Interests: Necessary for proactive cybersecurity, fraud prevention, and continuous optimization of our AI models.

Consent: For sending market analyses and using non-essential cookies.

Article 4: Data Security and Sovereignty

Investment Opportunities utilizes enterprise-grade security architecture:

Encryption: All sensitive data is stored with AES-256 encryption and transmitted via TLS 1.3.

Hosting: Data is stored exclusively on highly secure servers within the EEA, guaranteeing full protection under European data sovereignty regulations.

Article 5: Your Rights

You have the right to access your own data, rectification, erasure ("right to be forgotten"), restriction of processing, and data portability. Inquiries should be sent to [email protected]. You also have the right to lodge a complaint with the Norwegian Data Protection Authority.