MerivoBack to Home

Last Updated: April 2026

PERSONAL DATA PROCESSING CONSENT

Merivo Fund (hereinafter — "Fund"), incorporated in the British Virgin Islands as a BVI Incubator Fund, operating through its platform at merivo.fund, hereby informs you of the conditions under which your personal data is processed.

By ticking the checkbox at registration, you confirm your freely given, specific, informed, and unambiguous consent to the processing of your personal data in accordance with this document.

1. Data Controller

Merivo Fund Contact: [email protected] | merivo.fund

2. What Data We Collect

The Fund processes the following categories of your personal data:

  • Identity Data: full legal name, date of birth, nationality, identity document details.
  • Contact Data: email address, telephone number (if provided), residential address.
  • Financial Data: ERC20 wallet address, investment and transaction history, details of selected Investment Strategies, source of funds.
  • KYC Documentation: copies of identity documents and proof of residential address.
  • Technical Data: IP address, browser and device data, activity logs.

3. Purposes of Processing

Your personal data is processed solely for the following purposes:

  1. Account Management — registration, verification, and maintenance of your Platform account.
  2. KYC/AML Procedures — identity verification and compliance with anti-money-laundering legislation.
  3. Investment Management — processing investments, calculating, and distributing returns.
  4. Communication — sending service notifications, responding to enquiries, and (subject to your consent) informational and marketing materials.
  5. Security — protecting the Platform and preventing fraudulent activity.
  6. Legal Compliance — fulfilling requirements under applicable laws and regulatory bodies.

4. Legal Bases for Processing

  • Performance of contract — for account and investment management purposes.
  • Legal obligation — for KYC/AML and regulatory compliance purposes.
  • Legitimate interest — for Platform security purposes.
  • Your consent — for marketing and informational communications.

5. Disclosure to Third Parties

Your data may be disclosed to the following categories of recipients:

  • Supabase Inc. — data storage provider (servers located in the EU, Frankfurt, Germany);
  • KYC providers — identity verification services;
  • Government authorities — solely in cases required under applicable law.

The Fund does not sell or transfer your data to third parties for commercial purposes.

6. Data Retention Periods

| Data Category | Retention Period | |---------------|-----------------| | Account data | For the duration of the account relationship | | KYC documentation | 5 years from the end of the relationship with the Fund | | Financial records | 7 years from the date of the last transaction | | Technical logs | 12 months |

Upon expiry of the applicable retention period, data is deleted or anonymised.

7. Your Rights

You have the following rights in respect of your personal data:

  • Access — obtain a copy of your data.
  • Rectification — request correction of inaccurate data.
  • Erasure — request deletion of your data (subject to legal limitations).
  • Restriction of processing — request that processing be suspended.
  • Data portability — receive your data in a machine-readable format.
  • Objection — object to processing based on legitimate interest.
  • Withdrawal of consent — withdraw this consent at any time.

To exercise your rights, please submit a request to: [email protected]

Please note: withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal. Withdrawing consent for the processing of data required for the performance of the contract or the Fund's legal obligations may result in the Fund being unable to continue providing Platform services to you.

8. Data Storage and Security

Your data is stored on secure Supabase servers in the European Union (Frankfurt, Germany) and is protected by AES-256 encryption (at rest) and TLS 1.2+ (in transit). Data processing is carried out in compliance with GDPR requirements.

9. Complaints

If you believe your personal data rights have been violated, you have the right to lodge a complaint with the data protection supervisory authority in your country of residence.

Consent Text (for display at registration)

I have read the Privacy Policy and the Personal Data Processing Consent of Merivo Fund, understand their content, and give my consent to the processing of my personal data for the purposes specified therein. I understand that I may withdraw my consent at any time by submitting a request to [email protected].

Terms of ServicePrivacy PolicyRisk DisclosurePersonal Data Consent