Privacy Policy

1. Introduction

Nolxide d.o.o. (hereinafter: "Nolxide", "we", "our") is committed to protecting the privacy of users of our real estate crowdfunding platform. This Privacy Policy describes in detail how we collect, process, store, and protect your personal data when using the nolxide.com platform.

This Policy applies to all users of our platform, including website visitors, registered users, and active investors. By using our platform, you confirm that you have read and understood this Privacy Policy.

2. Data Controller

The controller of your personal data is Nolxide d.o.o., with its registered office at Ulica kneza Mislava 12, 10000 Zagreb, Croatia. Tax ID (OIB): 85731924560. For all questions regarding data protection, you can contact us at privacy@nolxide.com.

3. Categories of Data We Collect

Identification data: name, surname, date of birth, personal identification number (OIB). Contact data: email address, phone number, residential address. Financial data: bank account details, records of transactions executed through the platform.

Technical data: IP address, browser type and version, operating system, language settings, cookie data. Platform usage data: pages and projects viewed, time spent on the platform, interactions with features.

4. Purpose and Legal Basis of Processing

We process your data to provide and manage platform services, verify identity in accordance with anti-money laundering regulations, process investments and financial transactions, communicate about your investments, improve user experience, and fulfill legal obligations.

Processing is based on contract performance, legal obligation (Capital Market Act, EU regulations), legitimate interest (service improvement and fraud prevention), and your consent for marketing communications and non-essential cookies.

5. Sharing Data with Third Parties

We may share your data with financial institutions involved in transaction processing, regulatory authorities (HANFA, Tax Administration) when required by law, IT infrastructure and service providers who assist in platform operations, and legal advisors when necessary.

All third parties with whom we share data are contractually bound to comply with data protection standards. Nolxide does not sell or rent users' personal data to third parties for marketing purposes.

6. Data Retention Period

We retain financial data and transaction-related documentation for a minimum of 11 years in accordance with Croatian accounting and tax legislation. User account data is retained while the account is active and for an additional 5 years after account closure. Technical and usage data is retained for up to 24 months.

7. Your Rights

Under the General Data Protection Regulation (GDPR), you have the right to access your personal data, rectification of inaccurate data, erasure of data ("right to be forgotten"), restriction of processing, data portability, objection to processing, and withdrawal of consent at any time.

To exercise these rights, contact us at privacy@nolxide.com. We will respond to your request within 30 days. If you believe your rights have been violated, you have the right to file a complaint with the Croatian Personal Data Protection Agency (AZOP).

8. Data Security

We implement comprehensive technical and organizational measures to protect your data, including SSL/TLS encryption of data in transit, AES-256 encryption of data at rest, strict role-based access controls, regular security audits and penetration testing, and continuous employee training on data protection.

9. Changes to Privacy Policy

Nolxide reserves the right to amend this Privacy Policy. We will notify you of any significant changes via platform notification or email at least 30 days before the changes take effect. We recommend regularly checking this page.

10. Contact

For all questions, requests, or complaints regarding the protection of your personal data, contact: Nolxide d.o.o., Ulica kneza Mislava 12, 10000 Zagreb, Croatia. Email: privacy@nolxide.com.