1. Introduction

Caprico Ltd. (“HokoCloud”, “we”, “our”, “us”) is committed to protecting your personal data and respecting your privacy.
This Privacy Policy explains how we collect, use, store, disclose, and protect your data when you use any website, software, application, or service operated by HokoCloud (the “Platform”).

We comply with:

• General Data Protection Regulation (EU) 2016/679 (GDPR)

• Cyprus Data Protection Law (Law 125(I)/2018)

• EU ePrivacy Directive

• Applicable global privacy regulations

By using the Platform, you agree to the practices described in this Privacy Policy.

2. Data Controller

The Data Controller responsible for your personal data is:

Caprico Ltd.
Registration No.: HE 369301
Address: Liana Court, Dikomou Street, Flat 33, 3101 Limassol, Cyprus
Email: [email protected]

3. Personal Data We Collect

We collect personal data in accordance with GDPR’s principles of lawfulness, fairness, transparency, data minimisation, and purpose limitation.

A. Data You Provide Directly

• Full name

• Email address

• Country of residence

• Phone number (optional)

• Broker account numbers (for copy trading setup)

• Support requests and communications

• Payment information (processed via third parties – we do not store card details)

B. Data Automatically Collected

• IP address and location

• Device information and browser type

• Operating system

• Access timestamps

• Pages visited

• Session activity

• Platform interactions (including configuration settings)

C. Trading-Related Data

To enable copy trading and performance analytics, we process:

• Strategy performance analytics

• Historical trading results

• Replication statistics

• VPS usage data

• Execution logs

• Trading account identifiers (but not broker login passwords)

D. Financial & Billing Data

• Wallet transactions

• Fees and billing history

• Payment confirmations

• Refunds and invoice data

E. Data from Third Parties

• Broker integrations (MT4/MT5 trade history, account balance/equity, open trades)

• Affiliates (tracking IDs)

• Analytics services (Google Analytics, Hotjar—if used)

We do NOT receive or store your broker password.

4. Purposes of Data Processing

We use your data for:

A. Service Delivery

• Account creation

• Providing platform functionality

• Copy trading execution

• VPS hosting and maintenance

• Billing and payments

• Strategy analytics

• Customer support

B. Security & Fraud Prevention

• Monitoring suspicious activity

• Preventing market manipulation

• Anti-fraud and risk assessment

• Compliance with sanctions lists

C. Platform Operation

• Improving services

• Troubleshooting and error detection

• Usage analytics and performance metrics

D. Legal & Regulatory Compliance

• Record-keeping

• Responding to lawful requests

• Maintaining tax and accounting records

• GDPR compliance

E. Marketing Communications (Optional)

Only with your consent:

• Product updates

• Promotions

• Educational materials

• Notifications from followed Traders

You may opt-out at any time.

5. Legal Bases for Processing (GDPR)

We process personal data based on:

• Art. 6(1)(b) – Contractual necessity:
  To provide the Platform and services you request.

• Art. 6(1)(c) – Legal obligation:
  Accounting, taxation, regulatory requirements.

• Art. 6(1)(f) – Legitimate interest:
  System security, fraud prevention, service improvement.

• Art. 6(1)(a) – Consent:
  Marketing, cookies, optional data fields.

6. How We Share Your Data

We do not sell or rent personal data.

We may share data with:

A. Essential Service Providers

• VPS hosting providers

• Cloud infrastructure services

• Payment processors (e.g., Stripe, PayPal)

• Email and communications providers

• Analytics tools

All service providers are bound by GDPR-compliant Data Processing Agreements.

B. Broker Integrations

We may share:

• Account identifiers

• Technical data needed to enable copy trading

We do not provide personal identity documents or passwords to brokers.

C. Legal & Regulatory Authorities

We may disclose data if legally required or to:

• comply with applicable law

• protect our rights, users, or property

• assist with regulatory investigations

D. Affiliates

Only pseudonymized tracking IDs may be shared.

7. International Data Transfers

Your data may be processed outside the European Economic Area (EEA).

Where this occurs, we ensure that:

• The recipient country is covered by an adequacy decision, OR

• Standard Contractual Clauses (SCCs) are in place, OR

• Equivalent protection measures are implemented.

You may request a copy of applicable transfer safeguards.

8. Data Retention

We retain your data only as long as reasonably necessary.

Retention periods:

• Account data: active period + 5 years

• Trading data: active period + 5 years

• Billing & financial records: 7 years (legal requirement)

• Support tickets: 3 years

• Marketing consent records: until withdrawal

• Logs & analytics: 12–36 months

When retention expires, data is anonymized or securely deleted.

9. Your Rights Under GDPR

You have the following rights:

A. Right of Access

Request a copy of the personal data we hold.

B. Right to Rectification

Correct inaccurate or incomplete data.

C. Right to Erasure (“Right to be Forgotten”)

Request deletion unless required for legal obligations.

D. Right to Restrict Processing

Limit how your data is used.

E. Right to Data Portability

Receive your data in a structured, machine-readable format.

F. Right to Object

Object to processing based on legitimate interests or marketing.

G. Right to Withdraw Consent

At any time for optional processing (cookies, marketing).

H. Right Not to Be Subject to Automated Decision-Making

We do not make decisions with legal effects solely via automated processing.

To exercise your rights, contact:
[email protected]

10. Security Measures

We implement:

• End-to-end encryption

• Firewalls and DDoS protection

• Secure data centers

• Regular security audits

• Access control and authentication

• Encrypted backups

• Monitoring systems

• Principle of least privilege

No Internet-based system is 100% secure, but we take all reasonable measures to protect your data.

11. Cookies & Tracking Technologies

We use cookies to:

• remember login sessions

• improve platform performance

• analyse usage

• personalize content

• ensure security

You may manage cookie preferences or opt-out via your browser settings or through our Cookie Banner.

A full Cookie Policy can be provided separately.

12. Children’s Privacy

The Platform is not intended for individuals under 18.

We do not knowingly process data of minors.
If we learn that a minor has registered, we will delete the account immediately.

13. Third-Party Links

Our Platform may contain links to third-party websites (e.g., brokers, social media).
We are not responsible for their privacy practices.
We encourage you to review their privacy policies.

14. Changes to This Privacy Policy

We may update this Privacy Policy periodically.

• Changes will be posted on our website

• Material updates will be communicated by email

• Continued use of the Platform means you accept the new Privacy Policy

15. Contact Information

Caprico Ltd. – HokoCloud
Email: [email protected]
Telegram: https://t.me/HokoSupport

For GDPR matters, you may contact our Data Protection Officer (DPO):
[email protected] (optional—tell me if you want this created)

You also have the right to lodge a complaint with:

Office of the Commissioner for Personal Data Protection (Cyprus)
Website: https://www.dataprotection.gov.cy