Terwilliger
PRIVACY POLICY

Last updated: 02/03/2026

This Privacy Policy explains how Terwilliger s.r.o. (“Terwilliger”, “we”, “our”, or “us”), with registered office at Děčínská 552/1, Střížkov, 180 00 Praha 8, Czech Republic, registration number 22293191, collects and processes personal data in connection with:

  • your access to or interaction with our website (https://www.terwilliger.io) (“Website”), and
  • our legally required anti-money-laundering (AML) due-diligence activities involving counterparties on third-party P2P platforms.

This policy complies with the EU General Data Protection Regulation (GDPR).

If you have any questions about this Privacy Policy or your personal data, you may contact us at: info@terwilliger.io

1. DEFINITIONS

1.1 PERSONAL DATA
“Personal Data” means any information that identifies or can identify a natural person.

1.2 CONTROLLER
Terwilliger s.r.o. is the Controller of personal data processed through the Website and through AML/KYC due-diligence performed on counterparties to trades on third-party platforms.

1.3 COUNTERPARTY
A person or entity engaging in a specific transaction with Terwilliger on an external P2P platform. Counterparties are not customers, and Terwilliger does not provide services to them.

1.4 KYC (KNOW-YOUR-COUNTERPARTY)
Information that Terwilliger may be legally required to request from a counterparty solely for AML/CFT compliance.

1.5 DATA PROCESSORS
External vendors who process certain data on our behalf (see Section 7).

2. INFORMATION WE COLLECT

Terwilliger operates only as a proprietary trader and does not onboard users or collect customer data through the Website.

We collect only the following categories of data:

2.1 INFORMATION PROVIDED VOLUNTARILY VIA THE WEBSITE

If you choose to contact us (email, contact form, Telegram), we may collect:

  • name
  • email address
  • telephone number
  • contents of your message

Terwilliger does not request identity documents, financial information, or sensitive personal data from Website visitors.

2.2 AML/KYC INFORMATION FROM COUNTERPARTIES ON P2P PLATFORMS

Terwilliger is legally required to comply with Czech and EU AML/CFT laws.

During a P2P transaction, Terwilliger may collect:

  • full name
  • date of birth
  • address
  • identity document details
  • proof of address
  • information on the purpose of the transaction
  • source-of-funds/source-of-wealth documentation
  • any other information required by law

This information is requested only during a specific transaction and does not create a customer relationship.

We do not collect sensitive personal data (racial or ethnic origin, political opinions, etc.).

2.3 COOKIES (WEBSITE ONLY)

We use cookies to:

  • maintain basic Website functionality
  • analyze traffic
  • ensure security

Users may disable cookies through their browser.

We do not use cookies to track users across websites or for advertising.

2.4 LOG FILES (WEBSITE ONLY)

We automatically collect minimal technical logs, including:

  • IP address
  • browser type
  • operating system
  • referring/exit pages
  • time stamps

Logs are used exclusively for Website security and performance.

3. HOW WE USE YOUR INFORMATION

Terwilliger uses collected personal data only for the following lawful purposes:

3.1 AML/CFT COMPLIANCE (COUNTERPARTIES ONLY)

To meet obligations under Czech Act No. 253/2008 Coll. and EU AML regulations, including:

  • verifying identity
  • assessing transaction purpose
  • confirming origin of funds
  • screening against sanctions lists
  • filing suspicious-activity reports when required

3.2 COMMUNICATION

We use contact information you voluntarily provide to respond to inquiries.

3.3 WEBSITE OPERATION AND SECURITY

We use cookies and logs to ensure:

  • Website functionality
  • cybersecurity monitoring
  • prevention of abuse or attacks
4. SHARING YOUR INFORMATION

Terwilliger may share personal data only under the following conditions:

4.1 AML COMPLIANCE

With:

  • law-enforcement authorities
  • the Czech Financial Intelligence Unit
  • regulators
  • courts
  • when we are legally obliged to do so

4.2 SERVICE PROVIDERS (DATA PROCESSORS)

These may include:

  • cloud hosting providers
  • IT and security service providers

identity verification services (used only for AML counterparty checks)

All processors operate under GDPR-compliant contracts.

4.3 CORPORATE RESTRUCTURING

In case of a merger, acquisition, or corporate reorganization, data may be transferred to a successor entity under strict confidentiality and GDPR safeguards.

5. SECURITY MEASURES

We apply appropriate technical and organisational measures, including:

  • TLS encryption (1.3 or higher)
  • secure storage of AML data
  • restricted employee access
  • monitoring for unauthorized access
  • encryption and hashed storage where applicable

However, no system is 100% secure, and users should exercise caution when sharing information.

If you suspect unauthorized access, notify us at: info@terwilliger.io

6. DATA RETENTION

Terwilliger retains data only for lawful purposes:

6.1 AML/KYC COUNTERPARTY DATA

Retained for the duration required by law: 5 years from the completion of the relevant transaction (or longer where legally required).

6.2 WEBSITE LOGS AND COOKIES

Retained for up to 1 year, unless needed for security investigations.

6.3 EMAIL COMMUNICATIONS

Retained for as long as necessary to respond to your inquiry, then deleted or archived according to our retention schedule.

7. INTERNATIONAL DATA TRANSFERS

If personal data is transferred outside the European Economic Area (EEA), we ensure compliance through:

  • EU adequacy decisions
  • Standard Contractual Clauses
  • other lawful GDPR mechanisms
8. YOUR RIGHTS UNDER GDPR

You have the right to:

  • access your personal data
  • request correction or deletion
  • request restriction of processing
  • object to processing
  • request data portability
  • withdraw consent (where processing is based on consent)
  • lodge a complaint with your local Data Protection Authority

To exercise these rights, contact: info@terwilliger.io

Note: AML laws may restrict our ability to delete certain data during the statutory retention period.

9. AUTOMATED DECISION-MAKING

Terwilliger does not use automated decision-making that produces legal or significant effects on individuals.

All AML decisions include human oversight.

10. CHILDREN’S PRIVACY

This Website is not intended for minors under the age of 13.

If you believe we have collected data from a minor, notify us immediately.

11. CHANGES TO THIS POLICY

We may update this Privacy Policy from time to time.

The latest version will always be posted on the Website.

12. CONTACT INFORMATION

Terwilliger s.r.o.
Děčínská 552/1, Střížkov, 180 00 Praha 8, Czech Republic
Email: info@terwilliger.io
Website: https://www.terwilliger.io