Privacy Policy

We collect information that you provide directly to us, including: Personal Identification Information: - Full name, date of birth, and nationality - Contact information (address, email, phone number) - Government-issued identification documents - Tax identification numbers Financial Information: - Bank account details - Investment portfolio information - Source of funds and wealth documentation - Corporate ownership structures and valuations Technical Information: - IP address and browser type - Device information - Website usage data and cookies

We use the information we collect to: - Provide and maintain our financial services - Process loan applications and transactions - Conduct due diligence and know-your-customer (KYC) procedures - Comply with regulatory and legal obligations - Communicate with you about our services - Improve and personalize your experience - Detect and prevent fraud or other illegal activities - Analyze usage patterns and improve our website

Under the General Data Protection Regulation (GDPR) and Luxembourg data protection law, we process your personal data based on: - Contractual necessity: Processing required to fulfill our service agreements - Legal obligation: Compliance with financial regulations, anti-money laundering laws, and tax reporting requirements - Legitimate interests: Business operations, fraud prevention, and service improvement - Consent: Where required for specific processing activities

We may share your information with: Service Providers: - Banks and financial institutions facilitating transactions - Independent auditors conducting valuations - Legal and tax advisors - Technology service providers Regulatory Authorities: - Commission de Surveillance du Secteur Financier (CSSF) - Tax authorities as required by law - Law enforcement agencies when legally required Business Partners: - AQS International Wealth Management (our strategic partner) - Fund administrators and depositaries We never sell your personal information to third parties.

Your information may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including: - Standard Contractual Clauses approved by the European Commission - Adequacy decisions by the European Commission - Binding Corporate Rules where applicable Luxembourg serves as our primary data processing location, ensuring EU-level data protection standards.

We retain your personal information for as long as necessary to: - Provide our services and maintain our business relationship - Comply with legal and regulatory retention requirements - Resolve disputes and enforce our agreements Financial records are typically retained for a minimum of 10 years in accordance with Luxembourg financial regulations and anti-money laundering requirements.

Under GDPR, you have the following rights: - Right of Access: Request a copy of your personal data - Right to Rectification: Correct inaccurate or incomplete data - Right to Erasure: Request deletion of your data (subject to legal obligations) - Right to Restrict Processing: Limit how we use your data - Right to Data Portability: Receive your data in a structured format - Right to Object: Object to certain processing activities - Right to Withdraw Consent: Where processing is based on consent To exercise these rights, please contact our Data Protection Officer.

We implement appropriate technical and organizational measures to protect your personal information, including: - Encryption of data in transit and at rest - Secure access controls and authentication - Regular security assessments and audits - Staff training on data protection - Incident response procedures While we strive to protect your information, no method of transmission over the Internet is 100% secure. We cannot guarantee absolute security.

Our website uses cookies and similar technologies to: - Enable essential website functionality - Remember your preferences - Analyze website traffic and usage - Improve our services You can manage cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a minor, please contact us immediately.

We may update this Privacy Policy from time to time. Changes will be posted on this page with an updated revision date. We encourage you to review this policy periodically. For significant changes, we will provide notice through our website or direct communication.

For questions about this Privacy Policy or our data practices, please contact: Data Protection Officer Patrimonio Merchant Bankers S.A. Luxembourg Office Email: privacy@patrimonio-mb.com You also have the right to lodge a complaint with the Luxembourg National Commission for Data Protection (CNPD) or your local supervisory authority.