Privacy Policy and Data Protection – Vast Vermstein
Version 4.0 – Last updated: April 27, 2026
Article 1: Identification of the data controller
This Privacy Policy defines the strict data processing protocols maintained by Vast Vermstein ("the Platform", "we", "us"), headquartered at Kunstlaan 56, 1000 Brussels, Belgium. We act as a data controller in accordance with the General Data Protection Regulation (GDPR) and the Belgian law of 30 July 2018. To ensure absolute data integrity, we have appointed a Data Protection Officer (DPO), reachable via: [email protected].
Article 2: Categories of personal data processed
To provide institutional-level analytical services and maintain a secure environment, we collect the following data:
Identity data: Full name, date of birth, nationality, and official identification required for mandatory KYC (Know Your Customer) and AML (Anti-Money Laundering) verification.
Financial telemetry: Information on the origin of funds, transaction history, and risk profiles linked to our technical interfaces.
Digital footprint: IP addresses, device specifications, geographical location data, and detailed logs of interaction with our systems.
Article 3: Legal basis and purposes of processing
The processing of your data is based on the following legal grounds:
Performance of the contract: Necessary to manage your account and provide our technical services.
Legal obligations: Compliance with Belgian legislation, including the Anti-Money Laundering Act and tax reporting requirements.
Legitimate interests: Necessary for proactive cybersecurity, fraud prevention, and technical optimization of the platform.
Consent: For sending market analyses and using non-essential cookies.
Article 4: Data security and sovereignty
Vast Vermstein uses enterprise-grade security architecture:
Encryption: All sensitive data is stored with AES-256 encryption and transmitted via TLS 1.3.
Hosting: Data is stored exclusively on strictly secured servers within the EEA (European Economic Area), guaranteeing full protection under European rules.
Article 5: Your rights
You have the right to access, rectification, erasure ("right to be forgotten"), restriction of processing, and data portability. Requests can be sent to [email protected]. You also have the right to lodge a complaint with the Belgian Data Protection Authority (GBA).