Introduction and Scope

At Byxtron, we believe your personal information deserves careful protection. This privacy policy explains exactly how we collect, use, and safeguard your data when you interact with our small capital investing services. Whether you're browsing our website, signing up for our learning program, or becoming a client, this policy applies to all your interactions with us.

We're based in Ireland and follow both Irish data protection laws and the General Data Protection Regulation (GDPR). This means you have strong rights regarding your personal information, and we're committed to respecting those rights completely.

Information We Collect

We collect different types of information depending on how you interact with our services. Here's what we gather and why:

• Contact details like your name, email address, and phone number when you reach out to us or sign up for programs
• Financial information relevant to your investing goals and risk tolerance during our consultation process
• Website usage data including pages visited, time spent, and general browsing patterns to improve our services
• Communication records of our conversations, emails, and meetings to provide better ongoing support
• Payment information when you enroll in our learning programs or use our services

How We Use Your Information

Your personal information serves specific purposes in delivering our small capital investing services. We use your data to provide personalized investment guidance, deliver our learning programs, and maintain ongoing client relationships.

When you participate in our educational content, we analyze your progress and engagement to tailor future recommendations. For our consulting services, we use your financial background and goals to create relevant investment strategies. We also use contact information to send you program updates, market insights, and service-related communications.

All marketing communications are optional. You can unsubscribe at any time, and we'll still provide all contracted services without any change in quality or access.

Legal Basis for Processing

Under GDPR, we need a legal reason to process your personal information. Here are the main legal bases we rely on:

• Contract performance: Processing necessary data to deliver our learning programs and investing services you've signed up for
• Legitimate interests: Analyzing website usage and improving our services, provided this doesn't override your privacy rights
• Consent: Sending marketing emails and newsletters, which you can withdraw at any time
• Legal compliance: Maintaining records as required by Irish financial regulations

Data Sharing and Third Parties

We keep data sharing to an absolute minimum. We never sell your personal information to anyone, and we don't share it for marketing purposes with other companies.

Sometimes we need to work with carefully selected service providers to deliver our programs effectively. This includes payment processors for handling enrollment fees, email service providers for sending program materials, and cloud hosting services for storing course content. These companies are bound by strict confidentiality agreements and can only use your data for the specific services they provide to us.

In rare circumstances, we might need to share information to comply with legal requirements or protect our legitimate business interests. We'd only do this when legally required and would limit the information shared to what's absolutely necessary.

Your Privacy Rights

As someone whose data we process, you have several important rights under GDPR and Irish law. You can exercise these rights by contacting us directly.

• Access: Request a copy of all personal information we hold about you
• Rectification: Ask us to correct any inaccurate or incomplete information
• Erasure: Request deletion of your personal data in certain circumstances
• Restriction: Ask us to limit how we process your information
• Portability: Receive your data in a structured, commonly used format
• Objection: Object to processing based on legitimate interests or for marketing purposes

We'll respond to any rights requests within one month. If your request is particularly complex, we might need up to three months, but we'll let you know if that's the case and explain why.

Data Security and Protection

Protecting your information is something we take seriously. We use industry-standard security measures including encrypted data storage, secure transmission protocols, and restricted access to personal information.

Our team receives regular training on data protection practices, and we conduct periodic security reviews to identify and address any potential vulnerabilities. We also maintain backup systems to prevent data loss while ensuring these backups receive the same security protection as our primary systems.

While we implement strong security measures, no system is completely immune to risks. If we ever experience a data breach that could affect your information, we'll notify you and the relevant authorities as required by law.

Data Retention

We keep your personal information only as long as necessary for the purposes we collected it. For active clients, we maintain records throughout our business relationship and for seven years afterward to comply with Irish financial record-keeping requirements.

Marketing communications and website analytics data are typically retained for three years unless you opt out earlier. Learning program participants' progress data is kept for five years to support ongoing educational development and alumni services.

When retention periods expire, we securely delete or anonymize your information. In some cases, we might keep anonymized statistical data for longer periods to improve our services, but this wouldn't identify you personally.

International Data Transfers

Most of your data stays within Ireland and the European Union. However, some of our technology providers are based outside the EU, particularly in the United States.

When we do transfer data internationally, we use appropriate safeguards such as Standard Contractual Clauses approved by the European Commission. These ensure your data receives adequate protection even when processed outside the EU.

Cookies and Website Technology

Our website uses cookies and similar technologies to improve your browsing experience and understand how people use our services. Most cookies we use are essential for basic website functionality, while others help us analyze usage patterns and remember your preferences.

You can control cookie settings through your browser preferences. Blocking certain cookies might affect some website features, but won't prevent you from accessing our main content and services.

We don't use advertising cookies or share cookie data with advertising networks. Our analytics cookies provide general usage statistics that help us improve our educational content and user experience.

Changes to This Policy

We update this privacy policy occasionally to reflect changes in our services, legal requirements, or industry best practices. When we make significant changes, we'll notify you by email if we have your contact details, or through a prominent notice on our website.

Minor updates that don't affect your rights or how we use your data might be made without specific notification, but we'll always update the "last modified" date at the bottom of this policy.

We encourage you to review this policy periodically to stay informed about how we protect your information.