**I. INTRODUCTION**

Welcome to Instanlite.com (“us,” “we,” or “our”). This Privacy Policy governs the privacy relations between you (“Client” or “you”) and Instanlite, encompassing any affiliated holding companies, subsidiaries, or entities within the Instanlite group (“Instanlite” or “we”). It details how we process and protect your personal data as you utilize the services provided on the Instanlite platform, including the website (https://nexfinance.org/), mobile applications, and other official communication channels. This Privacy Policy constitutes a legally binding agreement (“Agreement”) between the parties. We encourage you to carefully read and understand how we collect, use, and protect the information we gather about you.

This Privacy Policy is regularly reviewed to incorporate new services, updates, and changes to our business practices. Material changes will be communicated through notices on the website or other communication channels. Your continued use of the Instanlite platform after such changes indicates your acceptance of the updated Privacy Policy.

Unless explicitly stated otherwise, references herein shall be made to the Instanlite Services General Terms and Conditions, Instanlite Investment Product General Terms and Conditions, Instanlite Cookies Policy, and any other terms governing relevant Instanlite services (collectively the “Instanlite General Terms”). All defined terms used in this Privacy Policy have the same meaning as those in the Instanlite General Terms, as applicable.

**II. DEFINITIONS**

– **Controller:** Refers to any holding company, subsidiary, or entity within the Instanlite group acting as a personal data controller under this Privacy Policy.

– **Instanlite Platform:** Encompasses any Instanlite website, mobile applications, and official communication channels, including content and services provided through these mediums.

– **Personal Data:** Any information relating to an identified or identifiable natural person (“Data Subject”).

– **Privacy Laws:** Refers to any applicable personal data protection legislation.

– **Processing:** Encompasses any operation or set of operations performed on Personal Data.

**III. INFORMATION WE COLLECT**

Instanlite may collect the following types of Personal Data during your interactions with the Instanlite platform:

1. **User-provided information:**
– Identification information: Full name, date, place and/or country of birth, identification document images, email address, PEP status, social status or official position held.
– Contact and communication information: Permanent and current address, telephone number, social media profiles.
– Labour status: Occupation, industry, employment status.
– Financial information: Bank account number, digital asset wallet, source of funds, transaction history.
– Other information: Any information provided to Instanlite at your discretion.

2. **Information collected automatically:**
– Technical information: Device details, network information, browser details, geolocation.
– Website visit information: URL history, consent to Terms and Conditions and Cookie banner, services searched or viewed.

3. **Information from third parties:**
– Instanlite may obtain information from third parties during account creation, verification, and due diligence processes in compliance with statutory obligations.

Please note that refusal to provide required Personal Data may impact our ability to fulfill contractual obligations, especially those required by law.

**IV. PROCESSING PURPOSES**

Instanlite may process your Personal Data for various purposes in accordance with applicable Privacy Laws and this Privacy Policy. These purposes include but are not limited to:

– Identification and verification.
– Transaction services.
– Recommendations and personalization.
– Continuous improvement of the Instanlite Platform.
– Compliance with applicable legislation.
– Communication.
– Fraud prevention.
– Marketing purposes.
– Purposes for which we seek your consent.
– Other purposes arising from the activities listed above, not prohibited by law.

**V. LEGAL BASIS FOR PROCESSING**

To achieve the specified purposes, Instanlite collects and processes Personal Data in accordance with Privacy Laws, relying on legal bases such as the necessity of contract performance, fulfillment of legal obligations, legitimate interests, and your consent when required.

**VI. AUTOMATED DECISION MAKING AND PROFILING**

Instanlite may use automated decision-making processes, including profiling, for efficiency, consistency, and risk assessment. These processes may involve data provided by you, observed data, and inferred or derived data.

**VII. THIRD PARTIES**

Instanlite may disclose Personal Data to other entities within the Instanlite group and selected third parties outside the group, including but not limited to service providers, banking and payment network service providers, risk assessment providers, and auditors. The platform may also contain links to third-party websites, and users are encouraged to review the privacy policies of these third parties.

**VIII. TRANSFERS**

Personal Data may be transferred, processed, and stored outside your country of residence as specified in this Privacy Policy, the contracts between you and Instanlite, and consents you provide to Instanlite. Transfers will comply with applicable laws and international standards.

**IX. DIRECT MARKETING**

Instanlite may send direct marketing materials to existing clients and subscribed users. Opt-out options are provided in marketing communications, and users can also communicate their preferences to Instanlite’s Data Protection Officer.

**X. DATA SECURITY**

Personal Data collected by Instanlite is stored on secure servers with ISO 27001 certification. Security measures include administrative, technical, personnel, and physical safeguards to protect against unauthorized access, alteration, disclosure, or loss. Instanlite employs network safeguards, encryption, and limits access to Personal Data.

In the event of a security breach, Instanlite will inform affected users promptly, allowing them to take necessary precautions. Personal Data breaches will also be reported to relevant data protection authorities.

**XI. STORAGE AND RETENTION**

Personal Data is stored for varying periods based on data categories and usage. Retention periods adhere

to contractual agreements, industry standards, legitimate business interests, and legal requirements.

**XII. YOUR RIGHTS**

Data Subjects may have rights depending on their jurisdiction, residency, or citizenship. These rights may include access, rectification, deletion, restriction of processing, data portability, objection to processing, objection to automated decision-making, withdrawal of consent, and others. Requests should be sent to Instanlite’s Data Protection Officer.

**XIII. CONTACT US**

For questions, comments, or to exercise your rights under this Privacy Policy, contact Instanlite’s Data Protection Officer at dpo@instanlite.com. Please provide necessary details, including full name, preferred communication channel, country of residence, and a detailed description of your request.

**XIV. MISCELLANEOUS**

Instanlite’s services are not directed to individuals under the age of 18. If inadvertent collection of Personal Data from a child occurs, measures will be taken to remove the information. Parents or guardians discovering such instances should contact Instanlite immediately.