Privacy Policy

Last Updated: June 26, 2025
Effective Date: June 26, 2025

1. Introduction

AsianRobinHood.com delivers financial education exclusively to UK residents. We are not regulated by the Financial Conduct Authority. This Privacy Policy outlines how we collect, use, protect, and store data in compliance with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018.

2. Information Collection

We collect only minimal, non-personally identifiable information, including:

• Anonymous feedback submissions

• Technical data such as browser type and device category

• Pseudonymised IP addresses captured in server logs, automatically deleted after 30 days

We do not collect:

• Names, emails, or contact information

• Financial or identification documents

• Investment preferences or behavioural profiles

3. Legal Basis and Data Usage

We process data under the following lawful bases:

• Legitimate interest: to ensure core website functionality during active sessions

• Consent: for optional features that support service improvement

• Legal obligation: to maintain security logs for 30 days for cybersecurity compliance

Anonymised data is retained for a maximum of six months for service diagnostics and improvement.

4. Data Sharing

We do not sell, rent, or commercially exploit user data. Disclosures occur only:

• To comply with legal obligations (e.g., valid court orders)

• To essential infrastructure providers (e.g., Cloudflare, AWS), under strict GDPR-compliant data processing terms and confidentiality obligations

These providers may process non-identifiable traffic metadata to support uptime, security, and performance.

5. Your Data Rights

Under UK GDPR, you have the right to:

• Request access to your data (if any exists)

• Request erasure of feedback you submitted

• Object to specific processing activities

• Withdraw consent at any time

To exercise your rights, contact: legal@asianrobinhood.com. We aim to respond within 30 calendar days of verifying your identity.

6. Security Protocols

We take data protection seriously and implement:

• TLS 1.3 encryption (HTTPS) for all data transmissions

• Encryption at rest for any stored data

• Annual third-party security audits

• Minimal data retention periods

In the unlikely event of a data breach, affected users will be notified within 72 hours in accordance with UK law.

7. Cookies and Tracking

We only use strictly necessary cookies, including:

• Session cookies: to support website functionality

• Security cookies: to prevent CSRF attacks

These cookies:

• Contain no tracking identifiers

• Expire when your browser closes

• Are not used for advertising or analytics

8. Policy Updates

If we make material changes to this Privacy Policy:

• A persistent banner will be displayed site-wide for 30 days

• The "Last Updated" date will be revised accordingly

• Where required, we will request renewed user consent