Privacy policy

Last updated: April 9, 2026

1. Introduction

BBBG REAL ASSETS LIMITED (registration number HE295431), with registered address at 3 Dimitrakopoulou Street, Office 203, Nicosia 1090, Cyprus (“Company”, “we”, “us”, or “our”), is committed to protecting and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website at https://bbg.ua or otherwise interact with us. It has been prepared in accordance with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and applicable Cypriot data protection legislation.

Please read this policy carefully. By using our website or our services, you acknowledge that you have read and understood this Privacy Policy.

2. Data Controller

The data controller responsible for your personal data is:
BBG REAL ASSETS LIMITED
Registration number: HE295431
Registered address: 3 Dimitrakopoulou Street, Office 203, Nicosia 1090, Cyprus
Website: https://bbg.ua
Contact email: ea@bbg.ua
Representative: Yevheniya Dubinska

3. Information We Collect

We may collect and process the following categories of personal data:

3.1 Information you provide to us directly:

  • Full name and contact details (email address, phone number)
  • Company name and business information
  • Correspondence and communications you send to us
  • Information submitted through contact or inquiry forms on our website

3.2 Information collected automatically:

  • IP address and browser type
  • Pages visited and time spent on our website
  • Referring URLs and device information
  • Cookies and similar tracking technologies (see Section 8)

3.3 Payment and transaction data:

  • Where payment processing is involved, payment data is processed by our payment service provider. We do not store full payment card details on our systems.

4. How We Use Your Information

We use the personal data we collect for the following purposes:

  • To respond to your inquiries and provide requested services
  • To perform and manage contractual obligations
  • To process payments through our payment service provider
  • To comply with legal and regulatory obligations
  • To improve our website, products, and services
  • To send you information about our services where you have given consent or where we have a legitimate interest to do so
  • To detect and prevent fraud or other illegal activity The legal bases for our processing activities are: (i) the performance of a contract; (ii) compliance with a legal obligation; (iii) our legitimate interests; and (iv) your consent, where applicable.

5. Disclosure of Your Information

We may share your personal data with the following categories of recipients:

5.1 Service providers and processors:

  • Payment processing services. Processes payment data in accordance with its own Privacy Policy and PCI-DSS standards.
  • IT and hosting service providers who support the operation of our website
  • Professional advisors including lawyers, accountants, and auditors

5.2 Legal and regulatory authorities:

We may disclose your personal data to competent authorities, regulatory bodies, or law enforcement agencies when required to do so by applicable law, court order, or regulatory obligation.

5.3 Business transfers:

In the event of a merger, acquisition, or sale of all or part of our assets, personal data may be transferred as part of that transaction. We will notify affected individuals in advance. We do not sell, rent, or trade your personal data to third parties for their own marketing purposes.

6. Method of Disclosure

Personal data is disclosed to third parties through the following means:

  • Encrypted API connections (HTTPS/TLS) when sharing data with payment processors and technology providers
  • Secure electronic transfer for professional advisors and legal authorities
  • Anonymised or aggregated data may be shared for analytics purposes where no individual can be identified

All third parties with whom we share personal data are required to process it in accordance with applicable data protection laws and to maintain appropriate technical and organisational security measures.

7. Security Practices

We take the security of your personal data seriously and have implemented appropriate technical and organisational measures to protect it against unauthorised access, accidental loss, destruction, or disclosure. These measures include:

  • Use of HTTPS/TLS encryption for all data transmitted through our website
  • Restricted access to personal data on a need-to-know basis
  • Regular review of our security policies and procedures
  • Use of reputable and security-certified third-party providers (including PCI-DSS compliant payment processors)
  • Password protection and access controls for internal systems

While we take all reasonable precautions, no method of transmission over the internet is completely secure. In the event of a data breach, we will notify the relevant supervisory authority and affected individuals as required by law.

8. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience and to collect analytical data about website usage. Types of cookies we use:

  • Strictly necessary cookies — required for the website to function
  • Analytical/performance cookies — to understand how visitors use our website
  • Functionality cookies — to remember your preferences

You can control and manage cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

9. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes for which it was collected, including to satisfy any legal, accounting, or reporting obligations. As a general guideline:

  • Contact and inquiry data: up to 3 years from the date of last contact
  • Contractual data: up to 7 years following the end of the contractual relationship, in accordance with Cypriot commercial law
  • Payment transaction records: as required by applicable financial regulations

After the applicable retention period, personal data is securely deleted or anonymised.

10. Your Rights Under GDPR

As a data subject under the GDPR, you have the following rights:

  • Right of access — to obtain a copy of the personal data we hold about you
  • Right to rectification — to request correction of inaccurate data
  • Right to erasure — to request deletion of your personal data in certain circumstances
  • Right to restriction of processing — to request that we limit how we use your data
  • Right to data portability — to receive your data in a structured, machine-readable format
  • Right to object — to object to processing based on legitimate interests or for direct marketing
  • Right to withdraw consent — where processing is based on consent, to withdraw it at any time

To exercise any of these rights, please contact us at: ea@bbg.ua
You also have the right to lodge a complaint with the Office of the Commissioner for Personal Data Protection in Cyprus (www.dataprotection.gov.cy) or with the supervisory authority in your country of residence.

11. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data outside the EEA, we ensure that appropriate safeguards are in place, such as Standard Contractual Clauses approved by the European Commission, or that the recipient country has been recognised as providing an adequate level of data protection.

12. Third-Party Websites

Our website may contain links to third-party websites. This Privacy Policy applies only to our website and services. We are not responsible for the privacy practices of third-party websites and encourage you to review their privacy policies.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The updated version will be posted on our website with a revised “Last updated” date. We encourage you to review this policy periodically. Continued use of our website or services after any changes constitutes your acceptance of the updated Privacy Policy.

14. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us:
BBG REAL ASSETS LIMITED
Address: 3 Dimitrakopoulou Street, Office 203, Nicosia 1090, Cyprus
Email: ea@bbg.ua Website: https://bbg.ua