BrickxS

Legal

Privacy Policy

Last updated: ·BrickxS operates this platform for qualified users in supported jurisdictions. These documents govern your relationship with us and describe how we handle information and risk.

Information we collect

BrickxS and its affiliates (“BrickxS,” “we,” “us,” or “our”) collect information in three broad categories: (1) information you provide directly, such as when you register, complete know-your-customer (“KYC”) steps, upload documents, correspond with support, or execute agreements; (2) information collected automatically when you use the Platform, including device and log data; and (3) information we receive from third parties, such as identity verification vendors, banks, blockchain analytics providers, credit bureaus where permitted, and publicly available sources used for risk screening.

The scope of collection depends on the products you use. For example, an investor subscribing to a private placement will supply more extensive financial and legal identifiers than a visitor browsing marketing pages without an account.

Personal data

“Personal data” means information relating to an identified or identifiable individual. This may include your name, postal and email addresses, telephone number, date of birth, government identifiers where permitted, employment and income band, tax residency, bank account or wallet identifiers, transaction history on the Platform, and communications metadata (such as timestamps and message subjects).

We process personal data to perform our contract with you, comply with legal obligations (including anti–money laundering and sanctions laws), protect vital interests, pursue legitimate interests that are not overridden by your rights (such as fraud prevention and service improvement), or, where required, based on your consent.

KYC information handling

Identity documents (passports, national IDs, driver licenses), proof-of-address materials, and biometric or liveness captures where used are treated as high-sensitivity records. Access is restricted on a need-to-know basis within BrickxS and our subprocessors, protected by technical controls including encryption in transit and at rest where supported by the underlying systems, and retained only as long as necessary for regulatory compliance and dispute resolution unless a longer period is required by law.

Verification outcomes (e.g., match scores, watchlist hits) may be stored in summarized form even after source imagery is purged according to retention schedules. We may re-run checks periodically or upon triggering events such as large transactions or changes to beneficial ownership.

If you refuse to provide information reasonably required for KYC, we may be unable to open or maintain your account. We do not sell government-identifier fields to data brokers.

Cookies and analytics

We use strictly necessary cookies and in-memory session controls to keep authenticated screens working, measure campaign effectiveness, and understand aggregate usage patterns. Some cookies are strictly necessary; others (such as analytics or marketing pixels) may be optional depending on your jurisdiction and the consent controls we expose in-product or through a cookie banner where required.

You can adjust browser settings to block cookies, but parts of the Platform may not function correctly. Our analytics implementations are configured to reduce unnecessary collection of free-text fields containing sensitive categories of data.

Device information

When you interact with the Platform, we may collect IP address, approximate location derived from IP, device type, operating system, browser version, referral URLs, session identifiers, and diagnostic logs (errors, latency). This supports security monitoring, debugging, capacity planning, and abuse prevention.

Payment information

Fiat payment details are typically tokenized or handled by licensed payment processors; we may receive a truncated account identifier, routing metadata, and confirmation of settlement rather than full card numbers. For digital asset transfers, we process wallet addresses, transaction hashes, and counterparty risk signals as permitted by law.

Proof-of-transfer files you upload (e.g., bank wires, on-chain screenshots) are stored securely and reviewed by operations under dual-control procedures where applicable.

How we use data

  • Onboarding, authentication, and servicing your account
  • Processing investments, distributions, and rental-related workflows you initiate
  • Risk management, fraud detection, and sanctions screening
  • Communications about your holdings, regulatory notices, and service changes
  • Aggregated analytics to improve product design and performance
  • Legal compliance, audits, and responding to lawful requests from authorities

Data sharing

We share personal data with subprocessors under written agreements that impose confidentiality, security, and data-processing obligations consistent with this Policy. Categories of recipients commonly include cloud hosting providers, customer-support tooling vendors, email delivery services, KYC/AML platforms, fund administrators, auditors, and professional advisers bound by confidentiality.

We may disclose information if required by subpoena, court order, or other legal process, or if we reasonably believe disclosure is necessary to protect the rights, property, or safety of BrickxS, our users, or the public. In corporate transactions (e.g., merger or acquisition), personal data may transfer as a business asset subject to safeguards and notice as required by law.

We do not sell personal data for monetary consideration as that term is commonly understood in U.S. state privacy laws. Where “sharing” for cross-context behavioral advertising is regulated, we will honor applicable opt-out rights.

Data security

We implement administrative, technical, and organizational measures designed to protect personal data against unauthorized access, alteration, disclosure, or destruction. These measures include role-based access controls, encryption for data in transit (TLS), logging and alerting, vendor security reviews for high-risk systems, and employee training.

No method of transmission or storage is completely secure. You are responsible for choosing a strong password, enabling multi-factor authentication when offered, and safeguarding devices used to access BrickxS.

Data retention

We retain personal data for as long as your account is active, as needed to provide services, and thereafter for periods dictated by law (for example, books-and-records rules applicable to broker-dealer or investment adviser activities, AML recordkeeping, or tax statutes of limitation). When retention periods expire, we delete or irreversibly anonymize data where feasible.

Your rights

Depending on your location, you may have rights to access, rectify, erase, restrict processing of, or port your personal data, and to object to certain processing or withdraw consent where processing is consent-based. You may also have the right to lodge a complaint with a supervisory authority. Exercising these rights may be limited where BrickxS must retain information to meet legal obligations or establish, exercise, or defend legal claims.

To submit a request, use the privacy request workflow in the Platform or contact us through authenticated support channels. We will verify your identity before fulfilling sensitive requests to prevent unauthorized disclosure.

International data transfers

BrickxS operates globally. Personal data may be processed in the United States and other countries where we or our service providers maintain facilities. When we transfer personal data from the European Economic Area, United Kingdom, or Switzerland, we rely on appropriate safeguards such as the EU Commission Standard Contractual Clauses (with UK and Swiss addenda as applicable) or other mechanisms recognized by applicable law.

Contact information

For privacy-related inquiries, including questions about this Policy or to exercise rights, please use the secure channels available after you sign in. You may also contact your institutional relationship owner if your organization has a direct agreement with BrickxS.

Material changes to this Policy will be reflected in the updated publication date above and, where required, supplemented by direct notice. Related terms governing use of the Platform are found in our Terms of Service.