Privacy & Data Protection

The Data Controller responsible for the processing of personal data on this platform is North West Atlas B Corp, licensed in Sharjah, United Arab Emirates (License #786048). For matters relating to data protection, contact our compliance division.

In the context of the European Economic Area (EEA), where applicable, NWA acts as a data processor for analytical inputs provided by institutional clients, and as a data controller for server logs and platform analytics.

We collect information actively provided by users—such as API keys stored locally in browser settings—and information generated passively through platform usage, including IP addresses, browser fingerprints, and interaction metrics within the Toolkit interface.

No financial data, brokerage credentials, or wallet information is collected, transmitted, or stored by NWA servers. The NWA AI Bubble Analysis Toolkit operates entirely client-side.

Data is utilized strictly for the following purposes: delivering and maintaining the analytical platform, rendering interactive charts and risk models, managing user preferences (e.g., auto-refresh intervals), and ensuring the security of the infrastructure against unauthorized access.

Data will never be sold, rented, or utilized to train machine learning models intended for third-party commercialization.

Processing is conducted based on: (a) Legitimate Interest (art. 6(1)(f) GDPR) for platform security and analytics; (b) Contractual Necessity for providing the services requested by professional counterparties; and (c) Consent where explicitly granted for optional features like localized data storage.

For UAE operations, processing complies with Federal Decree-Law No. 45 of 2021 (UAEDPA) regarding the protection of personal data.

NWA does not share personal data with third parties for marketing purposes. Data may be disclosed solely to: (a) verified sub-processors (e.g., CDN providers) under strict Data Processing Agreements; (b) authorized legal counsel in the event of litigation; or (c) regulatory authorities if legally compelled.

Please note that users who voluntarily input third-party API keys (e.g., Financial Modeling Prep) do so at their own risk, initiating a direct data exchange between their browser and the respective third party, bypassing NWA infrastructure.

Active session data and locally cached analytical queries are retained in the browser's LocalStorage until manually cleared by the user or via platform reset functions. NWA does not maintain historical backups of client-side LocalStorage data on its servers.

Server-side access logs are retained for a maximum of 90 days for cybersecurity forensics before being automatically purged.

Qualified institutional users have the right to request access to, rectification of, or erasure of their personal data. Given the client-side architecture of the Toolkit, users can exercise these rights at any time by clearing their browser's LocalStorage and site data.

To submit a formal data request under GDPR or UAEDPA, please contact the compliance division via the main site inquiries channel.

NWA implements industry-standard cryptographic protocols (TLS 1.3) for data in transit. As the analytical engine operates client-side, sensitive computational data never traverses our network. We conduct regular vulnerability assessments of the static infrastructure delivering this platform.