Privacy Policy

Last updated: 15 January 2026

Introduction

CobalStride d.o.o. ("we", "our", or "us") is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website cobaltstride.world and use our peer-to-peer lending platform services.

Data Controller

CobalStride d.o.o. is the data controller for the purposes of the General Data Protection Regulation (GDPR). Our registered office is at Prešernov trg 18, 2022 Maribor, Slovenia. Registration Number: 5421879365, VAT Number: SI54823197.

Data Collection

The data we collect from you includes personal information that you provide directly to us and information that we collect automatically when you use our services. We collect the following types of personal data:

  • Contact information (name, email address, phone number, postal address)
  • Financial information (income, employment details, credit history, banking information)
  • Identity verification documents (passport, driving licence, utility bills)
  • Transaction data and investment/borrowing history
  • Technical data (IP address, browser type, device information, usage data)
  • Communications data (correspondence, support enquiries)

How We Use Your Information

We use your personal data for the following purposes, based on legitimate business interests and legal requirements. We process your information to provide our peer-to-peer lending services, including how we use your information for:

  • Processing loan applications and investment opportunities
  • Conducting credit assessments and risk evaluations
  • Facilitating transactions between borrowers and investors
  • Complying with legal and regulatory obligations
  • Providing customer support and responding to enquiries
  • Preventing fraud and ensuring platform security
  • Improving our services and website functionality
  • Marketing and promotional communications (with your consent)

Legal Basis for Processing

Under GDPR, we process your personal data based on the following legal grounds: performance of a contract, compliance with legal obligations, legitimate interests in operating our business, and your explicit consent where required. We ensure that our processing activities are proportionate and necessary for the stated purposes.

Cookies and Tracking Technologies

We may use cookies and tracking technologies for analytics, advertising, and remarketing purposes, including Google Ads. These technologies help us measure campaign effectiveness, deliver relevant advertisements, and improve our services. You can manage your cookie preferences at any time through our cookie consent banner. For detailed information about our use of cookies, please see our Cookie Policy.

Data Sharing and Disclosure

We may share your personal data with trusted third parties including credit reference agencies, regulatory authorities, payment processors, legal advisors, and technology service providers. We ensure that all third parties are bound by appropriate confidentiality and data protection obligations. We do not sell your personal data to third parties.

Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, comply with legal obligations, and resolve disputes. Financial records are typically retained for seven years in accordance with regulatory requirements. We regularly review our retention periods and securely delete data when it is no longer required.

Your Rights

Under GDPR, you have the following rights regarding your personal data:

  • Right of access to your personal data
  • Right to rectification of inaccurate data
  • Right to erasure (right to be forgotten)
  • Right to restrict processing
  • Right to data portability
  • Right to object to processing
  • Rights related to automated decision-making
  • Right to withdraw consent

Data Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, alteration, disclosure, or destruction. Our security measures include encryption, secure servers, access controls, and regular security assessments. However, no internet transmission is completely secure, and we cannot guarantee absolute security.

International Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area. Where such transfers occur, we ensure adequate protection through appropriate safeguards such as Standard Contractual Clauses or adequacy decisions by the European Commission.

Contact Information

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us:

Email: privacy@cobaltstride.world

Phone: +386 21411939

Address: CobalStride d.o.o., Prešernov trg 18, 2022 Maribor, Slovenia

Business Hours: Monday-Friday: 9:00 - 18:00

Supervisory Authority

You have the right to lodge a complaint with the Slovenian Information Commissioner (Informacijski pooblaščenec) if you believe that our processing of your personal data violates GDPR. Contact details: Dunajska cesta 22, 1000 Ljubljana, Slovenia.

Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the updated policy on our website and updating the "Last updated" date. We encourage you to review this policy periodically.

Additional Information

For more information about our services and terms of use, please refer to our Terms of Service and Cookie Policy. If you have any questions or concerns, please do not hesitate to contact us using the contact information provided above.