Privacy Policy

1. General

Aladinum LLC, a Wyoming limited liability company doing business as "Aladinum" (we, us, our), is committed to protecting the privacy of personal information collected through our website and our services. This Privacy Policy describes the information we collect, how we use and share it, and the choices available to you. It applies to www.aladinum.com and to the services we provide from it. This policy does not apply to third-party websites linked from our site; please review their own policies before using them.

2. International Transfers

Aladinum is based in the United States, and personal data we collect is processed in the United States. If you are located in the European Economic Area, the United Kingdom, or Switzerland, your personal data will be transferred to and processed in the United States, and we comply with the GDPR, the UK GDPR, and the Swiss Federal Act on Data Protection respectively in connection with that processing. Where we engage sub-processors that receive personal data originating from those regions, we put in place appropriate safeguards, including the European Commission's Standard Contractual Clauses, the UK International Data Transfer Agreement or Addendum, and the Swiss-amended Standard Contractual Clauses, as applicable. We do not rely on the EU-US Data Privacy Framework.

3. Information We Collect

3.1 Personal Information

We collect information you submit through our website or in correspondence with us. This includes your name, business or personal email address, employer (where given), job title, country, the content of any message you send, and — where you create an account — credentials and billing details required to operate the account.

3.2 Usage Information

When you visit our website or use our services, we automatically collect technical information about your session, including IP address, device and browser identifiers, language and operating system, referring URL, pages and resources accessed, request and response timestamps, error events, and API or feed usage telemetry. We use this information to operate, secure, and improve the service.

3.3 Information from Other Sources

We may receive personal data about you from sources other than yourself. A Licensee may provide personal data about its employees or contractors so that we can give them access to a licensed service or attribute usage; we process such data only on the Licensee's instructions. Where we redistribute data licensed from an upstream provider, that provider may require us to identify each end user and report unit-of-count usage. We may also receive payment status and payment-method metadata from our payment processor, and identity-verification information from providers engaged for paid accounts where required.

4. How Information Is Used

Information collected through our website is used for the purposes for which you provided it, including responding to enquiries, providing demonstrations, operating accounts, delivering support, and sending marketing communications about Aladinum services where permitted. Information collected through licensed services is processed only as needed to deliver those services to the Licensee, in accordance with the contract between us and the Licensee. Where an upstream licensor requires it, we report end-user identity and usage to the licensor at the cadence and in the format the licensor requires.

We operate two distinct lines of business — wholesale delivery to business customers, and controlled redistribution to individual end users — and we keep personal data from these two lines logically segregated. We do not transfer personal data between the two lines, and we do not sell personal data.

We share personal data only with parties that need it for the purposes described above. These include sub-processors that host, operate, or support the platform under written contracts containing equivalent data-protection obligations; upstream data licensors and exchanges where we are required to report identity and usage; payment processors and, where applicable, identity-verification providers; professional advisers under duties of confidentiality; and public authorities or courts where disclosure is required by a lawful and binding request.

4.1 Choice

We respect your choices about how your information is used. We provide an unsubscribe option in every marketing communication. If your information is held by us under a Licensee's licensed service, please contact the Licensee to opt out or to manage your preferences; we will support the Licensee in responding to your request.

5. Safeguards

We protect personal data using technical and organizational measures including encryption of data in transit and at rest, role-based access control with least-privilege defaults, logical separation between the environments that serve business customers and those that serve individual end users, audit logging of administrative actions, periodic vulnerability scanning, and documented due diligence on sub-processors before they are engaged. We are working towards alignment with the ISO/IEC 27001 information-security framework; we do not currently hold a certification.

6. How You Can Help

You can help protect your information by choosing a strong, unique password and keeping it confidential, signing out when you have finished using the service, keeping your browser and operating system up to date, and contacting us promptly if you suspect that your account has been compromised.

7. Accessing, Updating, and Removing Personal Information

Subject to applicable law, you have the following rights in relation to personal data we hold about you:

• Access: view the personal information we hold about you.
• Rectification: correct inaccurate or incomplete information.
• Erasure: request deletion in the circumstances permitted by law.
• Restriction: limit how we process your data in defined situations.
• Objection: object to processing based on our legitimate interests, including direct marketing.
• Portability: receive certain data in a structured, commonly used, machine-readable format.
• Withdrawal of consent: withdraw any consent you have given, without affecting the lawfulness of processing carried out before withdrawal.
• Complaint: lodge a complaint with the data-protection supervisory authority in your country of residence, place of work, or place of the alleged infringement.

Where Aladinum acts as processor for a Licensee, requests should be directed to that Licensee; we will support the Licensee in responding. Otherwise, contact us at [email protected] with enough information to identify you and the right you wish to exercise. We may need to verify your identity before acting on the request. We respond within one month of receipt, as required by Article 12(3) of the GDPR, and may extend that period by up to two further months where the request is complex or where we have received a number of requests from you.

8. Retention

We keep personal data for as long as is needed for the purpose for which it was collected, plus any period required by law or by a contractual obligation imposed on us (for example, by an upstream licensor). The following periods apply:

• Account data: for the life of the account plus 12 months after closure.
• Operational and feed-usage logs (technical): 13 months from the date of the log entry.
• Records required for unit-of-count reporting to upstream licensors (e.g., exchanges): 5 years from the reporting period, or longer where the specific licence requires it.
• Billing, tax and statutory accounting records: 10 years from the end of the financial year to which they relate.
• Marketing contacts: 24 months from your last interaction with us, or until you opt out, whichever is earlier.
• Recruitment records (unsuccessful applicants): 12 months after the recruitment decision, unless the applicant consents to a longer retention period.
• Support correspondence and ticket data: 24 months from case closure.
• Cookie consent and preference records: 24 months from the date consent was given or last refreshed.

When we no longer need personal data, we delete it or anonymise it.

9. Other Agreements

Aladinum and its Licensees may have entered into separate agreements concerning the handling of personal data, including data-processing addenda and arrangements imposed by upstream data licensors. Those agreements apply in addition to this Privacy Policy and prevail to the extent of any conflict in relation to data processed under the Licensee's service.

10. Questions

For any question about this Privacy Policy, please contact us at [email protected].

11. Right to Change Privacy Statement

We may update this Privacy Policy from time to time. Where a change is material, we will provide reasonable notice before it takes effect — for example by a banner on the website or, where we have your contact details, by email. Non-material changes take effect when we update the "Last updated" date at the top of this page.