Privacy Policy

This Privacy Policy describes how Nodera Ltd ("Company," "we," "us," or "our") collects, uses, stores, and discloses personal data in connection with your use of the Nodera platform ("Platform").

We are committed to processing personal data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and all other applicable data protection legislation.

Nodera Ltd
Monomark House, 27 Old Gloucester Street, London, England, WC1N 3AX
Company Number: 16990791

ICO Registration Reference: ZA872441
Registered with the Information Commissioner's Office (ICO) under the Data Protection Act 2018.

Data protection enquiries: legal@nodera.cc

3.1. Registration Data

• Full legal name;
• Email address;
• Country of residence and nationality;
• Date of birth.

3.2. Identity Verification Data (KYC/AML)

• Government-issued photo identification documents;
• Selfie photographs;
• Proof of address documents;
• Source of funds and employment information;
• Supporting financial documents (payslips, bank statements, tax returns, employment contracts).

3.3. Transaction Data

• Deposit and withdrawal history;
• Cryptocurrency wallet addresses;
• Plan purchases, activations, and reward accruals;
• Referral activity and earnings.

3.4. Technical Data

• IP address and geolocation data;
• Device type, operating system, and browser;
• Session duration and Platform activity logs;
• Cookies and similar tracking technologies.

3.5. Communications Data

• Support ticket and live chat content;
• Email correspondence with the Company.

We use your personal data to:

• Create and manage your account;
• Process deposits, withdrawals, and reward distributions;
• Conduct identity verification and ongoing customer due diligence as required under MLR 2017 and POCA 2002;
• Screen against sanctions lists (OFAC, EU, UN, UK HM Treasury);
• Detect, prevent, and investigate fraud and financial crime;
• File Suspicious Activity Reports (SARs) with the National Crime Agency where required by law;
• Comply with legal obligations and respond to regulatory and law enforcement requests;
• Provide customer support;
• Send transactional notifications and, where consent is given, marketing communications.

6.1. Identity verification data — including copies of identity documents, selfies, and source of funds declarations — is processed exclusively for the purpose of complying with our AML/CFT obligations under UK law.

6.2. Such data is reviewed only by authorised compliance personnel and is subject to strict access controls and encryption.

6.3. We are required by law (MLR 2017, Regulation 40) to retain AML-related records for a minimum of five years following the end of the customer relationship. This statutory retention obligation takes precedence over any data erasure request in relation to such records.

6.4. Where we submit a SAR to the National Crime Agency, we are subject to the "tipping off" prohibition under section 333A of POCA 2002. In such circumstances, we are legally prohibited from informing you that a SAR has been filed, the reasons for any associated account restriction, or the content of any regulatory communication.

We may share your personal data with:

• KYC/Identity verification providers: Third-party platforms operating under data processing agreements;
• Payment processors: For processing of cryptocurrency transactions;
• The National Crime Agency (NCA): For SAR filings where required under POCA 2002;
• HM Revenue & Customs (HMRC): Where required under MLR 2017 and applicable tax legislation;
• The Financial Conduct Authority (FCA): Where required under applicable financial regulation;
• Other regulatory authorities and law enforcement agencies: Where required by court order, statutory obligation, or lawful regulatory direction;
• Auditors and legal advisers: Subject to professional confidentiality obligations;
• The Information Commissioner's Office (ICO): In respect of any data protection matter.

We do not sell your personal data to third parties for commercial purposes.

Your data may be processed in countries outside the United Kingdom. Where such transfers occur, we ensure that appropriate safeguards are in place, including UK Government-approved standard contractual clauses or adequacy decisions, in accordance with Chapter V of the UK GDPR.

We retain personal data for the minimum period necessary to fulfil the purposes described in this Policy, subject to the following:

Longer retention periods apply where required by law, court order, or ongoing legal proceedings.

Subject to applicable law and certain statutory limitations, you have the right to:

• Access (Art. 15): Request a copy of the personal data we hold about you;
• Rectification (Art. 16): Request correction of inaccurate or incomplete data;
• Erasure (Art. 17): Request deletion of your data where we have no lawful basis for continued processing;
• Restriction (Art. 18): Request that we restrict processing pending resolution of a dispute;
• Portability (Art. 20): Receive your data in a structured, commonly used, machine-readable format;
• Objection (Art. 21): Object to processing based on our legitimate interests;
• Withdraw Consent: Where processing is based on consent, withdraw it at any time without affecting the lawfulness of prior processing.

Important limitation: The right to erasure cannot be exercised in respect of data we are required to retain under MLR 2017, POCA 2002, or any other statutory AML/CFT obligation.

To exercise any right, contact us at legal@nodera.cc. We will respond within 30 calendar days. We may require identity verification before fulfilling any request.

If you are dissatisfied with our handling of your data, you have the right to lodge a complaint with the Information Commissioner's Office (ICO):

ICO, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF
Telephone: 0303 123 1113
Website: ico.org.uk

We use cookies and similar technologies to maintain session integrity, detect fraud, and analyse Platform usage. You may manage cookie preferences through your browser settings, though disabling certain functional cookies may impair Platform functionality. A detailed cookie notice is available on the Platform.

Nodera Ltd implements appropriate technical and organisational security measures commensurate with the risk, including encryption of data at rest and in transit, role-based access controls, and periodic security assessments. No method of transmission over the internet or electronic storage is entirely secure; you use the Platform at your own risk.

We may update this Policy at any time. Material changes will be notified to you by email or by prominent notice on the Platform prior to taking effect. Continued use of the Platform following notification constitutes your acceptance of the revised Policy.