Nestor Exchange
    Sign InGet Early Access

    Privacy Notice – Nestor Exchange

    This notice explains how Nestor Exchange ("Nestor", "we", "our") handles personal data for website visitors, waitlist sign-ups, investors, partners, and other contacts.

    1. Who we are

    • Controller: Nestor Exchange OÜ, Tallinn, Estonia
    • Contact: info@nestor.exchange
    • Applicable law: EU/EEA GDPR and ePrivacy rules, as applied in Estonia.

    2. Data we process

    • You provide: name, email, organization, role, country, investor type, preferred range, interests, timeline, accredited status (self-attested), messages, consents, and related notes.
    • Automatically: IP address, device, browser type, pages viewed, referrer, cookies, and similar technologies.
    • From third parties: referrals, public profiles, and lawful AML/KYC or compliance data.

    We do not intentionally collect sensitive data unless required for compliance and permitted by law.

    3. Why we use it

    • To provide and improve our services and website
    • To manage waitlists, onboarding, and investor relations
    • To communicate about opportunities, updates, and events
    • For compliance, due diligence, AML/KYC, fraud prevention, and security
    • For legal, tax, and regulatory reporting
    • For analytics and performance measurement

    Legal bases: contract necessity, legitimate interests, consent (e.g., for non-essential cookies or certain marketing), and legal obligations.

    You can withdraw consent or opt out of marketing at any time.

    4. Sharing

    We share data with service providers (hosting, analytics, communications, security, compliance), professional advisers, and authorities when required by law.

    Certain partners (e.g., AML/KYC providers) act as processors under our instructions and contracts.

    We do not sell personal data.

    5. International transfers

    Where data is transferred outside the EEA, we rely on adequacy decisions or EU Standard Contractual Clauses and apply appropriate safeguards.

    6. Retention

    We keep data only as long as necessary for the purposes above and legal requirements, then delete or anonymize it.

    7. Your rights

    You may have rights to access, correct, delete, restrict or object to processing, port your data, and withdraw consent.

    To exercise these rights, email info@nestor.exchange with the subject "Privacy Request – Nestor Exchange".

    You may also contact the Estonian Data Protection Inspectorate.

    8. Cookies

    We use both essential and non-essential cookies. In the EEA, consent is obtained for non-essential cookies through our cookie banner.

    You can change or withdraw your preferences at any time. Some site features may not function without certain cookies.

    9. Security

    We use appropriate technical and organizational measures to protect personal data.

    No method of storage or transmission is completely secure, but we continuously review our security practices.

    10. Children

    Our services are not directed to children. Please contact us if you believe a child has provided data.

    11. Changes

    We may update this notice periodically. The "Last updated" date below indicates the current version.

    Material updates will be communicated where appropriate.

    Last updated: October 2025

    © Nestor Exchange OÜ