Privacy Policy

At Safa Global ("we," "us," or "our"), we take your privacy seriously. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website, interact with our investment platforms, or otherwise engage with our services. Safa Global operates as the parent entity for Safa Global Capital (SGC) and Safa Global Ventures (SGV).

Scope of This Policy

This Privacy Policy applies to information collected through:

• Our website (safaglobal.com) and associated digital properties
• Investor registration and onboarding processes
• Communications with our team via email, WhatsApp, or contact forms
• Newsletter subscriptions and event registrations
• Interactions with our subsidiary platforms (SGC and SGV)

Our subsidiary entities (Safa Global Capital and Safa Global Ventures) may maintain their own privacy practices. We encourage you to review their respective privacy policies when using those platforms.

Information We Collect

Information You Provide

We collect information you voluntarily provide, including:

• Investor Information: Name, email, phone number, country of residence, investment preferences, accreditation status, and KYC/AML documentation as required by regulation
• Contact Information: Name, email address, phone number, and any message content when you reach out to us
• Newsletter Subscribers: Email address and communication preferences
• Event Participants: Registration details for webinars, investor meetings, and other events

Information Collected Automatically

When you visit our website, we automatically collect:

• Device information (browser type, operating system)
• IP address and approximate location
• Pages visited and time spent on site
• Referring URLs and search terms
• Cookies and similar tracking technologies

How We Use Your Information

We use collected information for the following purposes:

Investment Services

• Process investor registrations and applications
• Conduct required KYC/AML verification
• Provide access to investment opportunities
• Communicate about portfolio performance and updates
• Comply with regulatory requirements (MFSA, MiCA)

Communications & Operations

• Send newsletters, updates, and event invitations
• Respond to inquiries and provide support
• Improve our website and services
• Maintain security and prevent fraud
• Comply with legal and regulatory obligations

How We Share Information

We do not sell your personal information. We may share information in the following circumstances:

• Affiliated Entities: We may share information with our subsidiaries (SGC, SGV) to provide integrated services
• Service Providers: We work with vendors who assist with website hosting, analytics, email delivery, KYC verification, and other operational services
• Regulatory Authorities: We may disclose information to MFSA, tax authorities, and other regulators as required by law
• Legal Requirements: We may disclose information when required by law, regulation, or legal process
• Business Transfers: In connection with any merger, acquisition, or sale of assets, your information may be transferred as a business asset

International Data Transfers

Safa Global is headquartered in Malta (EU) with operations across Europe, North America, Latin America, the Middle East, and Asia. Your information may be transferred to and processed in countries outside your country of residence. We implement appropriate safeguards for international transfers, including standard contractual clauses and adequacy decisions where applicable under GDPR and other data protection laws.

Data Security

We implement technical and organizational measures designed to protect your information, including encryption, access controls, secure data storage, and regular security assessments. As an MFSA-regulated entity, we maintain security standards consistent with financial services regulatory requirements. However, no method of transmission over the Internet or electronic storage is completely secure, and we cannot guarantee absolute security.

Data Retention

We retain your information for as long as necessary to fulfill the purposes described in this policy and to comply with our legal and regulatory obligations. Financial records and investor information may be retained for the periods required by applicable law (typically 5-10 years after the end of the business relationship). You may request deletion of your information subject to our legal retention requirements.

Your Rights

Depending on your location, you may have the following rights regarding your personal information:

• Access: Request a copy of the personal information we hold about you
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information (subject to legal retention requirements)
• Portability: Request your data in a portable format
• Objection: Object to certain processing activities
• Withdraw Consent: Withdraw consent where processing is based on consent
• Restriction: Request restriction of processing in certain circumstances

To exercise these rights, please contact us at privacy@safaglobal.com. We will respond to requests within the timeframe required by applicable law (typically 30 days under GDPR).

Cookies and Tracking

Our website uses cookies and similar technologies to enhance your experience. These include:

• Essential Cookies: Required for basic website functionality and security
• Analytics Cookies: Help us understand how visitors use our site
• Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Disabling certain cookies may affect website functionality.

Children's Privacy

Our services are intended for individuals who meet the legal age requirements for investment activities in their jurisdiction (typically 18 years or older). We do not knowingly collect personal information from children. If we become aware that we have collected information from a minor, we will take steps to delete it promptly.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable laws. We will notify you of material changes by posting the updated policy on our website and updating the effective date. For significant changes affecting your rights, we may also notify you via email. We encourage you to review this policy periodically.

Additional Information for EU/UK Residents

If you are located in the European Economic Area or United Kingdom, our legal bases for processing your personal information include:

• Contract: Processing necessary to perform our agreement with you or take steps at your request before entering into a contract
• Legitimate Interests: Processing for our legitimate business interests, such as improving our services and maintaining security
• Consent: Processing based on your consent, which you may withdraw at any time
• Legal Obligation: Processing necessary to comply with applicable laws, including MFSA and MiCA requirements

You may lodge a complaint with your local data protection authority if you believe your rights have been violated. For Malta residents, the relevant authority is the Office of the Information and Data Protection Commissioner (IDPC).