Legal Documents

Personal Data Processing Consent for KYC Verification

Version 1.0Effective from April 1, 2025

KYC (Know Your Customer) verification is a mandatory requirement for full access to the GEXCORE platform. This Consent governs the processing of extended personal data during identity verification and AML compliance.

1. Controller and Processors

The data controller is GEXCORE. During KYC verification, authorized KYC providers (processors) may be engaged, operating under data processing agreements. The list of processors will be disclosed to the user immediately before initiating the verification procedure.

2. Data Scope

Depending on the selected verification method and level, the following data may be processed:

KYC Level 2

Last name, first name, middle name
Date of birth
Citizenship
Document type and number
Document photo
Selfie photo for biometric comparison

KYC Level 3

All Level 2 data
Registered address (supporting document)
Source of funds
Tax identifier (if required)

3. Processing Purposes

User identity verification
AML/CFT regulatory compliance
KYC level assignment and expanded platform access
Fraud prevention and unauthorized access prevention

4. Data Retention

KYC verification data is retained for at least 7 (seven) years from the end of the business relationship, as required by anti-money laundering regulations. After this period, data is deleted or anonymized.

5. Right to Withdraw and Consequences

The User may withdraw this Consent by contacting privacy@gexcore.io. Withdrawal of Consent results in cessation of KYC processing and downgrade of access level to KYC Level 1. Data processed under a legal obligation (AML regulations) will continue to be stored for the legally required period.