Privacy Policy
LITDAQ Exchange Platform
Effective Date: January 2026
LITDAQ ("we", "us", "our") operates an exchange platform for Litigation-Backed Securities. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website or use our platform services. We are committed to protecting your privacy and handling your data in accordance with the UK General Data Protection Regulation (UK GDPR), the Data Protection Act 2018, and other applicable data protection legislation.
By accessing or using the LITDAQ platform, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, please do not use our services.
For the purposes of applicable data protection legislation, the data controller is LITDAQ, a trading name of Trance Limited, a company registered in the Turks and Caicos Islands. Our UK correspondence address is Enterprise Center, 291-305 Lytham Road, Blackpool, FY4 1EW, United Kingdom.
If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection team using the details provided in Section 14 of this policy.
We collect information you voluntarily provide when registering for an account, completing investor certification, executing transactions, or communicating with us. This includes: identification information (full name, date of birth, nationality), contact details (email address, telephone number, postal address), financial information (bank account details, investment history, source of funds documentation), investor classification documentation (professional investor certificates, high-net-worth declarations), government-issued identification documents for anti-money laundering verification, and any other information you choose to provide.
When you access our platform, we automatically collect certain technical information including: device information (IP address, browser type, operating system), usage data (pages visited, time spent on platform, navigation patterns), location data derived from your IP address, and log files recording platform interactions and transaction activities.
We may receive information from third-party sources including: identity verification services, credit reference agencies, anti-money laundering and sanctions screening databases, publicly available sources and registers, and other financial institutions where relevant to your transactions on our platform.
We process your personal data on the following lawful bases under UK GDPR:
Contractual Necessity: Processing necessary for the performance of our contract with you, including account management, transaction execution, and platform service delivery.
Legal Obligation: Processing required to comply with our legal and regulatory obligations, including anti-money laundering requirements, financial services regulations, tax reporting obligations, and responding to lawful requests from regulatory authorities.
Legitimate Interests: Processing necessary for our legitimate business interests, including fraud prevention, platform security, business analytics, and service improvement, where such interests are not overridden by your rights and freedoms.
Consent: Where we rely on consent, such as for marketing communications, you have the right to withdraw consent at any time without affecting the lawfulness of processing conducted prior to withdrawal.
We use the information we collect for the following purposes: to create, manage, and maintain your account on the LITDAQ platform; to verify your identity and conduct required due diligence checks; to process transactions in Litigation-Backed Securities; to communicate with you regarding your account, transactions, and platform updates; to comply with applicable laws, regulations, and legal processes; to detect, prevent, and investigate fraud, money laundering, and other illegal activities; to maintain the security and integrity of our platform; to analyse platform usage and improve our services; to enforce our terms of service and other agreements; and to respond to your enquiries and provide customer support.
We may share your personal data with the following categories of recipients:
Service Providers: Third parties who provide services on our behalf, including technology providers, payment processors, identity verification services, and professional advisors, subject to appropriate contractual protections.
Regulatory and Legal Authorities: Government bodies, regulators, law enforcement agencies, and courts where required by law or in response to valid legal process, including the Financial Conduct Authority, Information Commissioner's Office, and HM Revenue & Customs.
Transaction Counterparties: Where necessary to facilitate transactions on the platform, we may share relevant information with counterparties, settlement agents, and other parties to the transaction.
Corporate Transactions: In connection with any merger, acquisition, reorganisation, or sale of assets, your personal data may be transferred to the relevant third party, subject to appropriate safeguards.
Your personal data may be transferred to, and processed in, countries outside the United Kingdom. Where such transfers occur, we ensure appropriate safeguards are in place in accordance with UK data protection law. These safeguards may include transfers to countries with adequate data protection laws as determined by the UK Secretary of State, the use of UK International Data Transfer Agreements (IDTAs) or addendums to Standard Contractual Clauses, or transfers to organisations that have implemented binding corporate rules approved by a supervisory authority.
We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy legal, accounting, and regulatory requirements. Specific retention periods include: account and transaction records are retained for a minimum of six years following account closure or the last transaction, as required under anti-money laundering regulations; identity verification documents are retained for five years after the end of the business relationship; marketing preferences and consent records are retained until consent is withdrawn or the data is no longer required; and technical log data is typically retained for twelve months unless required longer for security or legal purposes.
When personal data is no longer required, it will be securely deleted or anonymised in accordance with our data retention procedures.
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. These measures include encryption of data in transit and at rest, secure access controls and authentication procedures, regular security assessments and penetration testing, staff training on data protection and information security, incident response and data breach procedures, and physical security measures for our facilities and systems.
While we take reasonable steps to protect your data, no method of transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security of your personal data.
Under UK data protection law, you have the following rights in relation to your personal data:
Right of Access: You have the right to request a copy of the personal data we hold about you.
Right to Rectification: You have the right to request correction of inaccurate or incomplete personal data.
Right to Erasure: You have the right to request deletion of your personal data in certain circumstances.
Right to Restriction: You have the right to request restriction of processing of your personal data in certain circumstances.
Right to Data Portability: You have the right to receive your personal data in a structured, commonly used, machine-readable format.
Right to Object: You have the right to object to processing of your personal data in certain circumstances, including processing for direct marketing purposes.
Rights Related to Automated Decision-Making: You have the right not to be subject to decisions based solely on automated processing that produce legal or similarly significant effects, subject to certain exceptions.
To exercise any of these rights, please contact us using the details in Section 14. We will respond to your request within one month, though this period may be extended for complex requests. We may request verification of your identity before processing your request. Please note that certain rights may be limited where we have overriding legitimate grounds or legal obligations.
Our platform uses cookies and similar tracking technologies to enhance your experience and collect information about how you use our services. Cookies are small text files placed on your device when you visit our website.
We use the following types of cookies: strictly necessary cookies required for the platform to function and which cannot be switched off; functional cookies that enable enhanced functionality and personalisation; analytical cookies that help us understand how visitors interact with our platform; and marketing cookies that may be set by our advertising partners to build a profile of your interests. You can manage your cookie preferences through your browser settings or through our cookie consent mechanism. Please note that disabling certain cookies may affect the functionality of our platform.
Our platform may contain links to third-party websites, applications, or services. This Privacy Policy does not apply to those third-party sites, and we are not responsible for their privacy practices. We encourage you to review the privacy policies of any third-party sites you visit.
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. When we make material changes, we will notify you by posting the updated policy on our platform with a new effective date, and where appropriate, we will notify you by email or through a notice on the platform. We encourage you to review this Privacy Policy periodically to stay informed about how we protect your data.
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:
Data Protection Officer
LITDAQ
A trading name of Trance Limited
Enterprise Center, 291-305 Lytham Road
Blackpool, FY4 1EW
United Kingdom
Email: info@litdaq.com
If you are not satisfied with our response to your enquiry or believe we are processing your personal data in a manner that is not compliant with data protection law, you have the right to lodge a complaint with the Information Commissioner's Office (ICO), the UK supervisory authority for data protection.
Information Commissioner's Office
Wycliffe House, Water Lane
Wilmslow, Cheshire, SK9 5AF
Website: www.ico.org.uk
Telephone: 0303 123 1113