Privacy Policy

1. Introduction and contact details of the controller

1.1 We are pleased that you are visiting our website and thank you for your interest. Below, we inform you about how we handle your personal data when you use our website. Personal data is all data that can be used to identify you personally.

1.2 The controller for data processing on this website within the meaning of the General Data Protection Regulation (GDPR) is:

Ragheed Al-Saifi
BORA Finance by Ragheed Al-Saifi
Waldstraße 25, 90763 Fürth, Germany
Tel: +49 176 80654394
Email: ragheed.al-saifi@bora-finance.com

2. Data collection when visiting our website

2.1 When you use our website for purely informational purposes (i.e. without registering or providing information), we only collect the data that your browser transmits to the server (so-called server log files):

• The website visited
• Date and time of access
• Amount of data sent (in bytes)
• Source/reference from which you accessed the site
• Browser used
• Operating system used
• IP address (anonymized, where applicable)

Processing is based on Art. 6(1)(f) GDPR, from our legitimate interest in ensuring the stability and functionality of the website. This data is not passed on or used for other purposes, except if illegal use is suspected.

2.2 To protect your data and confidential content, this website uses SSL or TLS encryption. You can recognize it by the "https://" prefix and the padlock symbol in your browser.

3. Cookies

We use cookies to improve your experience. Some cookies are deleted after closing your browser (session cookies), others remain (persistent cookies). You can manage cookie settings in your browser.

If personal data is processed through cookies, it is done under:

• Art. 6(1)(b) GDPR (contract execution)
• Art. 6(1)(a) GDPR (with consent)
• Art. 6(1)(f) GDPR (legitimate interest)

Blocking cookies may limit website functionality.

4. Contacting us

4.1 WhatsApp Business

You may contact us via WhatsApp (WhatsApp Ireland Ltd., Dublin). We use the business version of the app. If you reach out regarding a transaction, we process your WhatsApp number and name (if provided) under Art. 6(1)(b) GDPR. For general inquiries, we rely on Art. 6(1)(f) GDPR.

We do not share this data. WhatsApp may access our contact list, but only includes contacts who have contacted us first.

More information: WhatsApp privacy policy.

Meta (USA) complies with the EU–US Data Privacy Framework.

4.2 Contact form or email

If you contact us via form or email, we use your data to respond. Legal basis:

• Art. 6(1)(f) GDPR (legitimate interest)
• Art. 6(1)(b) GDPR (contract-related inquiries)

Your data will be deleted after the matter is resolved unless legal obligations prevent this.

5. Rights of the data subject

You have the following rights under GDPR:

• Right to information (Art. 15)
• Right to rectification (Art. 16)
• Right to erasure (Art. 17)
• Right to restrict processing (Art. 18)
• Right to notification (Art. 19)
• Right to data portability (Art. 20)
• Right to withdraw consent (Art. 7(3))
• Right to lodge a complaint (Art. 77)

5.2 Right to object

If your data is processed based on our legitimate interest, you can object at any time (Art. 21 GDPR). If you object, we will stop processing unless we can demonstrate compelling legitimate grounds.

If your data is used for direct marketing, you can object at any time and we will immediately stop processing for that purpose.

6. Duration of storage of personal data

Retention depends on:

• The legal basis
• The purpose of processing
• Applicable statutory retention periods

- Consent-based data (Art. 6(1)(a)): stored until withdrawn.
- Contract-related data (Art. 6(1)(b)): deleted after statutory periods.
- Legitimate interest (Art. 6(1)(f)): stored until objection.
- Marketing purposes (Art. 6(1)(f)): stored until objection.

Data is deleted once it is no longer needed, unless otherwise stated.