Data privacy policy

Who we are

Regtify Limited (hereinafter referred to as “Regtify”, “we”, “us” or “our”) is a private company registered in the Republic of Cyprus under Company Registration Number HE355806.

We provide regulatory technology solutions to regulated entities on a global level, enabling our clients to operate, compete, and grow on a level playing field alongside international organisations.

Purpose of this Privacy Statement

This Privacy Statement sets out how we collect, use, disclose, and protect personal data. We are legally obliged to provide this information and are committed to safeguarding the privacy and security of personal data.

Last updated: 7 February 2026

References to “you”, “your”, or “yours” refer to the natural person whose personal data may be processed as described in this Privacy Statement.

This Privacy Statement applies to the categories of individuals described below.

Useful definitions

Personal Data

Any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified directly or indirectly, including by reference to a name, identification number, location data, online identifier, or factors specific to physical, physiological, genetic, mental, economic, cultural, or social identity.

Special categories of personal data

Personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, genetic data, biometric data used for identification, health data, or data concerning a person’s sex life or sexual orientation.

Controller

Where we act as controller, we determine the purposes and means of processing your personal data.

Processor

Where we act as processor, we process personal data on behalf of another controller and strictly in accordance with their instructions.

Processing

Any operation performed on personal data, whether automated or not, including collection, recording, organisation, storage, use, disclosure, restriction, erasure, or destruction.

Data Protection Legislation

The General Data Protection Regulation (EU) 2016/679 (“GDPR”), Cyprus Law 125(I)/2018, and any other applicable data protection laws and guidance.

Whose personal data we process

We may process personal data relating to:

  • Individual clients, prospective clients, and former clients;
  • Individuals connected to individual clients (e.g. authorised representatives, agents, or employees);
  • Individuals connected to corporate or other non-individual clients, including shareholders, directors, officers, employees, authorised representatives, legal counsel, auditors, and associates (collectively, “Client Entities”);
  • Other individuals connected to services provided to our clients;
  • Employees, contractors, and job applicants;
  • Business partners, service providers, and associates; and
  • Visitors to our website.

Categories of personal data we process

Depending on the nature of our relationship with you, we may process:

  • Identification and contact details (e.g. name, address, email, phone number, ID or passport details);
  • Due diligence and KYC information required by law;
  • Professional, transactional, and business relationship data;
  • Financial and billing information;
  • Employment and recruitment data; and
  • Any other personal data provided to us in the course of our engagement.

We do not intentionally collect special categories of personal data. However, where legally required (e.g. identity verification), we may process such data, including biometric data contained in official identification documents.

How we collect personal data

We collect personal data directly from you, from clients and their representatives, from service providers and associates, from public and governmental sources, and through your use of our website, including via cookies.

Legal basis and purposes of processing

We process personal data where necessary to perform or enter into contracts, comply with legal and regulatory obligations, pursue legitimate business interests, protect legal rights, or where you have provided consent.

Where special categories of personal data are processed, we rely on your explicit consent or another lawful basis permitted under applicable law.

Data sharing and recipients

Personal data may be shared with employees, associates, service providers, third parties involved in delivering services, and governmental or regulatory authorities where legally required. All sharing is conducted in accordance with applicable data protection legislation and internal security standards.

International data transfers

Where personal data is transferred outside the European Economic Area, appropriate safeguards are implemented to ensure an adequate level of protection.

Data retention

Personal data is retained only for as long as necessary for the purposes for which it was collected.

Your rights

You have rights under data protection legislation, including the right of access, rectification, erasure, restriction, objection, data portability, and the right to lodge a complaint with the Cyprus Data Protection Commissioner.

Automated decision-making

We do not engage in automated decision-making or profiling.

Security and confidentiality

We implement appropriate technical and organisational measures to protect personal data. While we take all reasonable precautions, electronic transmission of information cannot be guaranteed to be fully secure.

Cookies

Where required by law, cookies are used only with your consent to improve website functionality and user experience.

Contact details

For questions or to exercise your rights, please contact us at info@regtify.com.

External links

Our website may contain links to third-party websites. This Privacy Statement does not apply to those websites.

Updates to this Privacy Statement

We may update this Privacy Statement from time to time. The most current version will always be published on our website.