Privacy Policy

Last updated: February 1, 2026

Introduction

CommBridge Ltd (“we”, “us”, “our”) is committed to protecting your privacy and safeguarding your personal data. This Privacy Policy explains how we collect, use, disclose, and protect your information when you use the CommBridge commodity trading platform (“Platform”). By accessing or using our Platform, you acknowledge that you have read and understood this Privacy Policy.

1. Information We Collect

We collect the following categories of information to provide, maintain, and improve our services:

Personal Information

  • Full name and contact details (email address, phone number)
  • Identity verification documents (passport, national ID, driver's license)
  • Residential and business address
  • Date of birth and nationality

Company Information

  • Company registration documents and legal entity details
  • Financial statements and creditworthiness information
  • Beneficial ownership structure
  • Business licences and trade certifications

Transaction Data

  • Records of purchases, sales, and escrow transactions
  • Payment details and banking information
  • Invoices, contracts, and shipping documents

Usage Data

  • Pages visited, features used, and search queries
  • Timestamps, session duration, and click patterns
  • Referral sources and navigation paths

Device Data

  • IP address, browser type, and operating system
  • Device identifiers and screen resolution
  • Language preferences and time zone settings

2. How We Use Your Information

We process your data for the following purposes:

  • i.Account Management — Creating, maintaining, and securing your user account and profile.
  • ii.KYC/AML Compliance — Verifying your identity and conducting due diligence in compliance with Know Your Customer and Anti-Money Laundering regulations.
  • iii.Transaction Processing — Facilitating trades, escrow services, payment processing, and order fulfilment.
  • iv.Communication — Sending transaction updates, platform notifications, and responding to your inquiries and support requests.
  • v.Platform Improvement — Analysing usage patterns to improve functionality, user experience, and service reliability.
  • vi.Fraud Prevention — Detecting and preventing fraudulent activity, unauthorized access, and other security threats.

3. Data Sharing

We may share your information with the following parties, strictly on a need-to-know basis:

  • Third-party Verification Services — Identity verification and background check providers to fulfil our KYC/AML obligations.
  • Payment Processors — Trusted financial institutions and payment service providers for processing transactions and escrow payments.
  • Legal Authorities — Government agencies, law enforcement, or regulatory bodies when required by law, court order, or to protect our legal rights.

We do not sell, rent, or trade your personal data to any third party for marketing or commercial purposes.

4. Data Security

We implement robust technical and organisational measures to protect your data:

  • Encryption — All data is encrypted at rest using AES-256 and in transit using TLS 1.3.
  • Regular Audits — We conduct periodic security audits, vulnerability assessments, and penetration testing to identify and address potential risks.
  • Access Controls — Strict role-based access controls, multi-factor authentication, and audit logging ensure that only authorised personnel can access sensitive data.

5. Data Retention

We retain your data only for as long as necessary to fulfil the purposes outlined in this policy, subject to the following:

  • Account Data — Retained for the lifetime of your account plus 7 years after account closure, in accordance with regulatory requirements.
  • Transaction Records — Retained as required by applicable financial regulations, tax laws, and anti-money laundering legislation (typically 5–10 years).

6. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • 1.Right of Access — Request a copy of the personal data we hold about you.
  • 2.Right to Rectification — Request correction of inaccurate or incomplete personal data.
  • 3.Right to Deletion — Request erasure of your personal data, subject to legal retention obligations.
  • 4.Right to Portability — Receive your data in a structured, commonly used, machine-readable format.
  • 5.Right to Objection — Object to certain types of processing, such as direct marketing.

To exercise any of these rights, please contact us at privacy@commbridge.com.

7. International Data Transfers

Your personal data may be processed in the European Union and the United States. Where data is transferred outside the European Economic Area (EEA), we ensure appropriate safeguards are in place, including the use of EU Standard Contractual Clauses (SCCs) and adequacy decisions, to provide a level of data protection consistent with the GDPR. For further details on our cross-border data transfer practices, please refer to our GDPR Compliance page.

8. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Team:

CommBridge Ltd — Privacy Team

Email: privacy@commbridge.com

Terms of Service|Cookie Policy|GDPR Compliance