1. Data Controller
Boom Technologies Ltd is the data controller for personal data processed in connection with the Boom wallet and related services. Our Data Protection Officer can be contacted at privacy@boom.market.
This Privacy Policy explains how we collect, use, store, and protect your personal data when you use the Boom platform. We process personal data in accordance with the UK GDPR, the Data Protection Act 2018, and applicable data protection laws in the jurisdictions where we operate.
2. Information We Collect
Identity & KYC Data
- Full legal name, date of birth, nationality.
- Government-issued identification documents.
- Selfie / facial biometric data used for liveness verification (not stored after verification).
- Residential address and proof of address documentation.
Contact & Account Data
- Email address and phone number.
- Wallet address and account preferences.
Transaction Data
- All transactions conducted through your Boom wallet, including amounts, currencies, timestamps, and counterparty wallet addresses.
Device & Technical Data
- IP address, device type, operating system, and browser type.
- App version, session data, and error logs.
3. How We Use Your Information
- Identity verification: To verify your identity as required by AML/KYC regulations.
- Service delivery: To operate your Boom wallet, process transactions, and provide all platform features.
- Fraud prevention: To detect, investigate, and prevent fraudulent activity and money laundering.
- Regulatory compliance: To comply with applicable laws, regulations, and orders from competent authorities.
- Communications: To send transaction confirmations, security alerts, and service updates.
- Marketing: Only where you have given explicit consent, with an easy opt-out at any time.
4. Legal Basis for Processing (GDPR)
- Contract performance (Article 6(1)(b)): Processing necessary to provide the Services.
- Legal obligation (Article 6(1)(c)): Processing required by AML legislation and KYC requirements.
- Legitimate interests (Article 6(1)(f)): Fraud prevention, platform security, and product improvement.
- Consent (Article 6(1)(a)): For optional processing such as marketing communications.
5. Data Sharing
We do not sell your personal data. We share your data only with: KYC verification partners (subject to strict data processing agreements); law enforcement or regulatory authorities when required by a valid legal order; independent auditors for our sovereign bond attestation process; and Boom group entities for operating and improving the platform.
6. International Transfers
Boom operates globally, and your data may be transferred to countries outside the UK and EEA. Where such transfers occur, we ensure appropriate safeguards are in place, including standard contractual clauses approved by the UK ICO or European Commission.
7. Data Retention
- KYC and identity records: 7 years from account closure, as required by AML regulations.
- Transaction records: 7 years from the date of each transaction.
- Technical logs: Up to 13 months.
- Marketing consent records: Until consent is withdrawn.
8. Your Rights
Under UK and EU GDPR, you have the right of access, rectification, erasure, restriction of processing, data portability, and the right to object to processing. To exercise any of these rights, contact us at privacy@boom.market. We will respond within 30 days. You have the right to lodge a complaint with the UK ICO at ico.org.uk.
9. Cookies
We use essential cookies (required for the platform to function), functional cookies (to remember your preferences), and analytics cookies (anonymised usage data, with your consent only). You can manage cookie preferences through your browser settings or via your Boom account settings.