Skip to Content

Privacy Policy


Effective Date: September 2025

Passo Global Consulting Limited

Gibraltar Company Registration Number 125866

Registered Office: Suite 4, Second Floor, The West Wing - Montarik House, 3 Bedlam Court, Gibraltar


This Privacy Policy explains how Passo Global Consulting Limited ("we," "us," "our," or "the Company") collects, uses, processes, and protects your personal information when you use our services or visit our website.

1. CONTROLLER INFORMATION

1.1 Passo Global Consulting Limited is the data controller for the personal information we collect and process.

1.2 We are incorporated in Gibraltar and operate under Gibraltar data protection laws, which align with the UK General Data Protection Regulation (UK GDPR).

1.3 Contact Details:

Company: Passo Global Consulting Limited
Address: Suite 4, Second Floor, The West Wing - Montarik House, 3 Bedlam Court, Gibraltar

2. INFORMATION WE COLLECT

2.1 Personal Information:

  • Full name, date of birth, nationality, and identification documents
  • Contact information (address, phone, email)
  • Financial information (bank statements, source of funds documentation)
  • Professional background and business activities
  • Passport and government-issued identification
  • Proof of address and residence documentation
  • Beneficial ownership and corporate structure information
2.2 Sensitive Personal Data:

  • Financial records and tax information
  • Business activities and corporate relationships
  • Source of wealth and funds documentation
  • Information required for Know Your Client (KYC) and Anti-Money Laundering (AML) compliance

2.3 Technical Information:

  • IP addresses and device information
  • Browser type and operating system
  • Website usage data and cookies
  • Log files and access records
  • Platform interaction data and uploaded documents

2.4 Third-Party Information:

  • Information from service providers, legal professionals, and regulatory authorities
  • Public records and corporate registries
  • Sanctions and watch list screening results

3. HOW WE USE YOUR INFORMATION

3.1 We process your personal information for the following purposes:

3.1.1 Service Provision:

  • Facilitating offshore entity incorporation and compliance
  • Coordinating with third-party service providers
  • Preparing documentation for legal and regulatory filings
  • Managing ongoing client relationships and communications

3.1.2 Legal and Regulatory Compliance:

  • Conducting KYC and AML due diligence
  • Sanctions and watch list screening
  • Meeting reporting obligations to regulatory authorities
  • Preventing money laundering and terrorist financing

3.1.3 Business Operations:

  • Processing payments and managing accounts
  • Providing customer support and responding to inquiries
  • Improving our services and website functionality
  • Internal record keeping and audit purposes

4. LEGAL BASIS FOR PROCESSING

4.1 We process your personal information based on:

4.1.1 Contractual Necessity: To perform our services under our agreement with you

4.1.2 Legal Obligations: To comply with KYC/AML laws, financial services regulations, and court orders

4.1.3 Legitimate Interests: For business operations, fraud prevention, and service improvement, where not overridden by your privacy rights

4.1.4 Consent: Where specifically obtained for particular processing activities (which you may withdraw at any time)

5. SHARING YOUR INFORMATION

5.1 Third-Party Service Providers:
We share your information with authorized professionals and service providers, including:

Licensed attorneys and law firms in relevant jurisdictions
Certified public accountants and tax professionals
Corporate service providers and registered agents
Banking institutions and financial service providers
Government registries and regulatory authorities

5.2 Legal Requirements:
We may disclose your information when required by:

Court orders, subpoenas, or legal process
Regulatory authorities and law enforcement agencies
Compliance with sanctions, AML, or tax reporting obligations
Protection of our legal rights and interests

5.3 Business Transfers:
In the event of a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

5.4 We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. INTERNATIONAL TRANSFERS

6.1 Your personal information may be transferred to and processed in countries outside Gibraltar, including:

  • Brazil (for tax compliance and regulatory purposes)
  • Offshore jurisdictions where entities are incorporated (BVI, Panama, Cayman, Bahamas etc.)
  • Other jurisdictions where service providers are located

7. DATA RETENTION

7.1 We retain your personal information for as long as necessary to:

Provide our services and maintain our business relationship
Comply with legal and regulatory obligations
Resolve disputes and enforce our agreements

7.2 Specific Retention Periods:

  • Client Records: Minimum 7 years after termination of services (regulatory requirement)
  • KYC/AML Documentation: 7 years from last transaction or account closure
  • Financial Records: 7 years for tax and audit purposes
  • Communication Records: 7 years for legal protection
  • Technical Logs: 2 years unless required longer for security purposes
7.3 After the retention period expires, we securely delete or anonymize your personal information.

8. YOUR RIGHTS

8.1 Under Gibraltar data protection law, you have the right to:

8.1.1 Access: Request copies of your personal information we hold

8.1.2 Rectification: Correct inaccurate or incomplete information

8.1.3 Erasure: Request deletion of your personal information (subject to legal obligations)

8.1.4 Restriction: Limit how we process your information in certain circumstances

8.1.5 Portability: Receive your information in a machine-readable format

8.1.6 Object: Object to processing based on legitimate interests

8.1.7 Withdraw Consent: Where processing is based on consent

8.2 To exercise these rights, contact us using the details in Section 1.3.

8.3 We will respond to your request within one month (extendable by two months for complex requests).

8.4 You have the right to lodge a complaint with the Gibraltar Regulatory Authority or your local data protection authority.

9. SECURITY MEASURES

9.1 We implement appropriate technical and organizational measures to protect your personal information, including:

  • Encryption of data in transit and at rest
  • Access controls and authentication systems
  • Regular security assessments and updates

9.2 While we strive to protect your information, no method of transmission or storage is 100% secure. You acknowledge the inherent risks in electronic communication and data storage.

10. COOKIES AND TRACKING

10.1 Our website uses cookies and similar tracking technologies to:

Enable website functionality and user authentication
Analyze website usage and improve our services
Remember your preferences and settings
Provide security features and fraud prevention
10.2 You can control cookies through your browser settings, though this may limit website functionality.

10.3 We use the following types of cookies:

Essential Cookies: Required for website operation
Analytics Cookies: To understand how you use our website
Security Cookies: To protect against fraud and unauthorized access

11. THIRD-PARTY LINKS

11.1 Our website may contain links to third-party websites or services that have their own privacy policies.

11.2 We are not responsible for the privacy practices of these third parties and encourage you to review their policies.

12. CHILDREN'S PRIVACY

12.1 Our services are not intended for individuals under 18 years of age.

12.2 We do not knowingly collect personal information from children. If we become aware of such collection, we will delete the information promptly.

13. AUTOMATED DECISION-MAKING

13.1 We may use automated systems for:

  • Initial KYC/AML screening and sanctions checking
  • Risk assessment and client onboarding
  • Document processing and data extraction

13.2 You have the right to request human review of automated decisions that significantly affect you.

14. DATA BREACH NOTIFICATION

14.1 In the event of a data breach that poses a high risk to your rights and freedoms, we will notify you within 72 hours of becoming aware of the breach.

14.2 We will also notify relevant supervisory authorities as required by law.

15. CHANGES TO THIS PRIVACY POLICY

15.1 We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements.

15.2 We will notify you of material changes by email or prominent notice on our website.

15.3 Your continued use of our services after such changes constitutes acceptance of the updated policy.

16. CONTACT INFORMATION

16.1 For questions about this Privacy Policy or to exercise your rights, please contact us through the website or the contact details at the bottom of this page.

ACKNOWLEDGMENT

By using our services or website, you acknowledge that you have read and understood this Privacy Policy and consent to the collection, use, and processing of your personal information as described herein.