GDPR Policy for RFNB.NET

Effective Date: 15 Of September 2025
Last Updated: 15 Of September 2025

RFNB.NET (“we,” “our,” or “us”) is committed to protecting the personal data of our users and their clients. This GDPR Policy explains how we comply with the General Data Protection Regulation (GDPR) and UK GDPR when processing personal data through our services.

1. Our Role Under GDPR

• Data Controller: For personal data relating to our direct users (brokers, subscribers), RFNB.NET acts as the data controller.

• Data Processor: For client data uploaded or processed by brokers, RFNB.NET acts as the data processor. In this role, we only process data on the broker’s instructions.

2. Lawful Basis for Processing

We rely on the following lawful bases for processing personal data:

• Contractual necessity – to deliver our services to brokers and their clients.

• Legitimate interests – to maintain and improve our platform and ensure security.

• Consent – for optional features, communications, or marketing.

• Legal obligation – where processing is required by law.

3. Types of Personal Data Processed

• Broker Data: Name, email, company details, login credentials, payment details.

• Client Data: Application forms, uploaded documents (e.g., proof of ID, bank statements, credit files), and communication records.

• Technical Data: IP addresses, browser type, device details, and usage logs.

4. Data Subject Rights

In line with GDPR/UK GDPR, individuals have the right to:

• Access their personal data.

• Request correction of inaccurate data.

• Request deletion of their data (“right to be forgotten”).

• Restrict or object to processing.

• Data portability (receive data in a structured, machine-readable format).

• Withdraw consent (where consent was given).

Requests can be submitted by emailing support@rfnb.net. We will respond within 30 days.

5. Data Security

We implement appropriate technical and organisational measures to protect personal data, including:

• Encrypted data storage and transfers.

• Firewalls and intrusion detection systems.

• Role-based access controls.

• Regular security audits and backups.

6. Data Retention

• Broker and client data is retained only as long as necessary to provide services or comply with legal obligations.

• After termination or upon request, data will be securely deleted or anonymised.

7. International Transfers

• Data is stored primarily within the UK/EU.

• If data is transferred outside the UK/EU, we use recognised safeguards such as Standard Contractual Clauses (SCCs) to ensure compliance.

8. Data Processing by Third Parties

We may engage trusted third-party service providers (e.g., hosting, payment processing, email services). Each provider is bound by GDPR-compliant contracts and only processes data under our instructions.

9. Data Breach Notification

In the event of a personal data breach:

• We will notify affected users without undue delay.

• Where legally required, we will notify the relevant supervisory authority within 72 hours.

10. Data Protection Officer (DPO)

We have appointed a Data Protection Officer responsible for GDPR compliance. You can contact them via:
Email: support@rfnb.net
Subject Line: FAO Data Protection Officer

11. Supervisory Authority

If you are based in the UK, you have the right to lodge a complaint with the Information Commissioner’s Office (ICO):
Website: https://ico.org.uk

For EU users, you can contact your local data protection authority.

12. Updates to This GDPR Policy

We may update this policy to reflect changes in legislation or our practices. Updates will be published on this page with a revised effective date.

13. Contact Us

If you have any questions about GDPR compliance or how we handle data, please contact us:

RFNB.NET
Email: support@rfnb.net
Website: https://rfnb.net