Compliance Overview for SilverKrab

Last Updated: 25 april 2025

1. General Compliance Statement

SilverKrab is committed to operating transparently and responsibly while adhering to applicable laws and regulations. As a startup offering AI-driven stock market predictions globally, we outline our compliance obligations below.

2. General Data Protection Regulation (GDPR)

Since SilverKrab operates from France (an EU member state), GDPR governs our data practices. We comply by:

• Lawful Basis for Processing: Collecting user emails and passwords only for account creation and service delivery (Article 6(1)(b) GDPR).
• Data Minimization: Storing only necessary data (email and hashed password).
• User Rights: Allowing users to access, correct, or delete their data via account settings or by contacting us.
• Data Security: Encrypting passwords and securing databases against unauthorized access.
• Breach Notification: Reporting breaches to authorities within 72 hours (if required).
• International Transfers: Using GDPR-compliant third-party vendors (e.g., EU-based hosting providers).

3. Financial Regulations & Disclaimers

SilverKrab is not a licensed financial institution and does not provide investment advice. Compliance measures include:

• Risk Warnings: Prominently disclosing on the website that predictions are AI-generated, not guaranteed, and users assume full responsibility for their investment decisions.
• No Financial Licensing: Avoiding regulated activities (e.g., managing funds, executing trades) to bypass licensing requirements in jurisdictions like the EU (MiFID II) or U.S. (SEC).
• Subscription Clarity: Ensuring subscription terms clearly state the nature of predictions (informational only) and exclude financial guarantees.

4. E-Commerce & Consumer Law Compliance

• EU Consumer Rights Directive:
  • Providing clear terms of service, refund policies, and cancellation rights for subscriptions.
  • Offering a 14-day withdrawal period for EU users (unless service delivery begins immediately).
• Transparency: Disclosing subscription costs, billing frequency, and auto-renewal terms upfront.
• Payment Compliance: Using PCI-DSS-compliant third-party payment processors (e.g., Stripe, PayPal).

5. Cookie Compliance (ePrivacy Directive)

• Consent Management: Only strictly necessary cookies (session cookies) are used without prior consent. If non-essential cookies are added later, explicit user consent will be obtained via a GDPR-compliant banner.
• Cookie Policy Accessibility: Linking the Cookie Policy clearly in the website footer.

6. International Compliance Considerations

• Global Operations: While based in France, SilverKrab will:
  • Avoid targeting jurisdictions where stock predictions require licensing (e.g., U.S. states with strict investment advisor laws).
  • Monitor local laws in key markets (e.g., California’s CCPA, Canada’s PIPEDA).
• Geoblocking (If Needed): Restricting access in regions where services may conflict with local regulations.

7. Data Protection & Security

• Encryption: HTTPS for all data transmissions; hashed passwords ; emails stored on a encrypted disk.
• Session Security: Secure cookies for user sessions.
• Regular Audits: Periodic security reviews to identify vulnerabilities.

8. Transparency & User Rights

• Privacy Policy: Clearly explaining data use, retention, and third-party sharing (e.g., payment processors).
• Account Deletion: Allowing users to delete accounts and associated data permanently.
• Age Restrictions: Prohibiting users under 16 (or the age of digital consent in their country) from subscribing.

9. Risk Disclaimers

• SilverKrab includes the following disclaimers across the website:
  • “Predictions are generated by AI and should not be construed as financial advice.”
  • “Past performance does not guarantee future results. Investing involves risks, including capital loss.”
  • “SilverKrab is not a registered financial advisor, broker, or institution.”

10. Compliance Roadmap

• As a startup, SilverKrab will:
  • Consult legal experts to ensure ongoing compliance as regulations evolve.
  • Implement geoblocking or licensing if expanding into high-risk markets.
  • Train staff on GDPR and financial compliance obligations.

11. Contact Information

For compliance-related inquiries, contact: [email protected]