Skip to content
misc.HOLDINGS
← Compliance index

Privacy Policy

This privacy policy explains how Misc Holdings Ltd. collects, uses, and protects personal data in connection with this website and its corporate activities. It does not govern the operations of independently operated subsidiaries, each of which publishes its own privacy notice.

Document
Privacy
Version
2.0
Effective
1 January 2026
Owner
Compliance & Conduct Committee

1.0Who we are

Misc Holdings Ltd. is a Wyoming profit corporation with its principal office at 228 Park Avenue South, PMB 37100, New York, NY 10003. For the purpose of EU and UK data-protection law, Misc Holdings Ltd. is the data controller in respect of personal data collected through this website and through direct corporate engagement (investor relations, vendor onboarding, hiring).

2.0Personal data we collect

Information you provide

  • Identity and contact details — name, role, employer, email address, phone number, postal address.
  • Business context — nature of your inquiry, your firm's mandate, capacity in which you are corresponding.
  • KYC information you submit voluntarily for counterparty due diligence (only where applicable).

Information collected automatically

  • Standard server logs — IP address, user agent, timestamps, pages requested.
  • Aggregated, non-identifying analytics — see Cookie Notice.

We do not collect special-category personal data through this website, and we do not knowingly collect personal data from minors.

3.0Why we process personal data

  1. To respond to inquiries directed to us through published contact channels (legitimate interests; consent).
  2. To engage with investor and counterparty relationships, including KYC, sanctions screening, and contract administration (legitimate interests; legal obligation).
  3. To recruit and evaluate candidates for roles within the Group, where such roles are publicly advertised by the Group (legitimate interests; consent).
  4. To operate, secure, and improve this website, including the prevention of fraud and abuse (legitimate interests).
  5. To comply with applicable law, including AML, sanctions, tax, and corporate-records requirements (legal obligation).

4.0Legal bases (UK/EU GDPR)

Where processing is subject to UK or EU data-protection law, we rely on the following legal bases: legitimate interests (operating and protecting our business; engaging with counterparties), consent (where you contact us voluntarily), legal obligation (regulatory and tax compliance), and contractual necessity (where we are negotiating or performing a contract with you or your firm).

5.0Sharing

We share personal data only where necessary and with appropriate contractual protections:

  • With professional advisors (legal, audit, tax) bound by professional confidentiality.
  • With service providers acting on our written instructions (hosting, email, analytics, KYC and sanctions data).
  • With operating subsidiaries on a need-to-know basis for legitimate group purposes.
  • With regulators, courts, or governmental authorities where required by law or necessary to protect our legal rights.
  • With successors in interest in connection with a corporate transaction, subject to confidentiality.

We do not sell personal data, and we do not share personal data for cross-context behavioural advertising.

6.0International transfers

Personal data we collect may be transferred to and processed in jurisdictions other than your own, including the United States. Where such transfers are subject to UK or EU data-protection law, we rely on appropriate safeguards including Standard Contractual Clauses and, where applicable, the UK International Data Transfer Addendum or the EU-U.S. Data Privacy Framework.

7.0Retention

We retain personal data only for as long as necessary to fulfil the purpose for which it was collected, to satisfy our legal and regulatory obligations, or to defend legal claims. Indicative retention periods:

  • Inbound inquiries with no follow-on relationship — 24 months.
  • Counterparty and KYC records — 7 years following the end of the relationship.
  • Recruitment records for unsuccessful candidates — 12 months from notification of outcome.
  • Server logs — 12 months on a rolling basis.

8.0Your rights

Depending on your jurisdiction, you may have rights to access, rectify, erase, restrict, or object to the processing of your personal data, to portability of your data, and to withdraw consent. To exercise any of these rights, contact us at the address below. We will respond within the timeframes required by applicable law.

If you are dissatisfied with our response, you have the right to lodge a complaint with your local data-protection authority. In the UK this is the Information Commissioner's Office; in the EU it is the supervisory authority of your habitual residence.

9.0U.S. state privacy rights

Residents of California, Colorado, Connecticut, Virginia, and other U.S. states with comprehensive privacy laws may have rights to know, delete, correct, and opt out of certain processing. To exercise these rights, contact us at the address below. We do not engage in the "sale" or "sharing" of personal information as those terms are defined under the CCPA/CPRA, and we honour opt-out preference signals where required.

10.0Security

We implement reasonable administrative, technical, and physical safeguards designed to protect personal data against unauthorised access, alteration, disclosure, and destruction. No security control is perfect; we do not guarantee absolute security.

11.0Changes

We may update this policy from time to time. The version number and effective date at the top of this document govern. Material changes will be communicated by appropriate means.

12.0Contact

Privacy questions and rights requests should be directed to the Compliance & Conduct Committee at compliance@misc.ltd or to the principal office address at the top of this document.

Questions about this document should be directed to the Compliance & Conduct Committee at compliance@misc.ltd. This policy is reviewed at least annually and may be updated without notice; the version number above governs.