Legal Documents

    1. SIA “Dukascopy Payments” (“Company”) Privacy Policy has been developed in accordance with the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data (“GDPR”) and in accordance with relevant legal acts of the European Union and the Republic of Latvia.
    2. This Privacy Policy is legally binding and applicable when the Client applies to use or uses Company’s Services through website located at (“Web Application”) as well as in the mobile application the Company uses (“Mobile Application”).

    1. Client– any natural person, who has been using or has expressed willingness to use services provided by the Company;

      Dukascopy Group – in the context of this Privacy Policy - Dukascopy Bank SA incorporated in Swiss Confederation and its representative offices, Dukascopy Europe IBS AS and SIA “Dukascopy Payments” both incorporated in the Republic of Latvia;

      Privacy Policy – Company’s Privacy Policy;

      Personal Data – any information related to an identified or identifiable individual, for detailed information see Section 2;

      Processing – any actions and operations related to Personal Data for instance, but not limited to collection, recording, storage, transfer, erasure and others;

      Services – any services offered to Clients and other individuals and legal entities by the Company as prescribed in Terms and Conditions of the Company.

    1. SIA “Dukascopy Payments”, legal address: Lacplesa iela 20a-1, Riga, LV-1011, Latvia, telephone number: +371 67 399 001, is the controller of Client’s Personal Data.
    2. Company may collect and process information listed under the following Personal Data categories for the purposes specified under Section 4. Please note that the below list is not exhaustive and upon necessity the Company may request, collect and process other required information, including information regarding Personal Data, according to Privacy Policy and relevant legal enactments.
      1. Information received from Client:
        1. Natural persons identification data – including, but not limited to name, surname, tax identification number, date of birth, information from persons identification document (e.g. passport);
        2. Contact information – address, telephone number, e-mail address and other if relevant;
        3. Financial information – account number, income, payment transactions and other similar information;
        4. Professional and information regarding Clients’ education and family – information regarding level of education, education institution, marital status, place of work and related information, membership and other;
        5. Information relating to the use of services and their relation to Clients preferences, habits etc. – such as information on services used, personal settings, surveys, contests and campaigns in which Client has participated.
      2. Information collected automatically while using Services on Web Application or by using Mobile Application:
        1. Technical information and unique identifiers – Internet protocol (IP) address, login information, information about browser, time zone and other;
        2. Cookies are used on Company’s website and Mobile Application. For more detailed information on what types of cookies and unique identifiers we use and for which purposes, please see our Cookies Policy, which is available at Company’s Website:;
        3. Status information of usage of the Mobile Application.

    1. Company processes Personal Data if one of the following applies:
      1. processing of Personal Data is necessary to enter into and perform a contract;
      2. to comply with Company’s legal obligations;
      3. to ensure legitimate interests of the Company or third party;
      4. if Company receives consent from the Client.

    2. Company primarily processes Personal Data for following purposes:
      1. to provide Services;
      2. to send administrative information, including updates on policies and changes to agreement terms;
      3. to provide Client with information about Services, products, educational materials, upcoming events and other related information that may be useful to Client in relation to Dukascopy Group offers and for educational purposes;
      4. to assess and mitigate risks related to anti-money laundering and terrorism financing as well as transaction related risks;
      5. to comply with legal obligations and/ or government authority’s requests;
      6. in relation to legal claims related to Company’s legitimate interests;
      7. to provide additional or supportive services.

    1. Company reserves the right to disclose Client’s Personal Data to selected and designated third parties, including:
      1. within Dukascopy Group, including Dukascopy Bank SA and all its subsidiaries, affiliates, branches and representative offices irrespective of their geographical location;
      2. to selected and designated third parties, including Dukascopy Group providers, that perform services on Dukascopy Groups behalf under written agreement, which ensures proper safeguards and limitations with regards to Personal Data processing. This may include companies providing IT, payment service companies, including processing orders or payments as well as audit services, identity verification and due diligence services, data analysis, marketing support services providers, cloud service providers and others;
      3. to government, regulatory or other law enforcement agencies/ authorities

    1. Client Personal Data is primarily stored and processed in the European Union (EU) and/ or European Economic Area (EEA) or Swiss Confederation. However, where it is necessary Personal Data may be transferred outside the EU/ EEA and/ or Swiss Confederation.
    2. Company transfer Client Personal Data for processing outside the EU/ EEA or Swiss Confederation only when appropriate security measures have been taken and if one of the following applies:
      1. This is required under the laws and regulations;
      2. This is necessary to enter into or perform the agreement for the service;
      3. The Client has given consent to the processing of their data outside the EU or EEA.

    1. Period of processing of Personal Data depends on the purposes specified by the Company.
    2. In determining retention period of processing of Personal Data, Company takes into account contractual obligations, the legitimate interest of the Company and relevant legal enactments (such as legal enactments concerning anti-money laundering and terrorism financing and others).

    1. Client agrees not to hold Company nor Dukascopy Group or any of their officers, directors, employees and affiliates liable for losses of any kind, including financial, suffered by the Client in case of use of Client’s personal data, for example login, password or other, by a third party either communicated to this third party by the Client or obtained by the third party by an abusive/ fraudulent manner from the Client. Client shall be liable of any such personal data disclosure to unauthorised third parties.

    1. Client may access and receive upon his/ her written request Personal Data that are processed by the Company. If such request is excessive as well as repetitive Company may refuse to provide Client with copy of his/ her Personal Data or request reasonable fee taking into account the administrative costs of preparing such copy;
    2. Client may request to correct his/ her Personal Data if it is incomplete or incorrect;
    3. Client may request to erase his/ her Personal Data, however such right does not apply if Personal Data requested to be erased are being processed on legal grounds, for example based on legal obligations to comply with relevant legal enactments;
    4. Client may restrict processing of his/ her Personal Data. Any such request shall be assessed by the Company whether such request does not contradict or could not contradict to other legal grounds of processing that Company must comply with;
    5. Client may have the right to receive his/ her Personal Data in structured, commonly used and machine-readable format as well as to transmit it to another controller;
    6. All aforementioned rights should be exercised in good faith and on written request basis;
    7. If Client has any legal complaints that cannot be or are not resolved by negotiating with us, the Client may file a complaint with the Data State Inspectorate of the Republic of Latvia.

    1. Should Client have any questions or inquiries regarding processing of Personal Data by the Company, Client may contact us by sending an e-mail to: [email protected] or by sending us a letter to address indicated on the Company Website.

    1. Company reserves the right to make changes to Privacy Policy at any time without prior notice to the Client. Company shall use its website to inform the Client about any changes in Privacy Policy and the posting updated version of Privacy Policy on Company’s website shall be deemed as a valid notification of such changes to the Client. The Client undertakes to regularly review Company’s website and updates of Privacy Policy.
    2. Amendments or changes of Privacy Policy for the enrichment of Services and/or protection of Client’s data in cases where Client’s rights and obligations are not adversely affected shall become effective on the date specified in the Privacy Policy, unless expressly disapproved by the Client within 30 (thirty) calendar days as from the date of post or notification regarding changes, in which case the parties may exercise their right to terminate Business relationships in accordance with terms as laid down in Terms and Conditions of the Company.