Compliance

Effective Date: June 1, 2026

1. Data Protection

CEXRES AI operates in compliance with the General Data Protection Regulation (GDPR), the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong, and the California Consumer Privacy Act (CCPA). All personal data is processed lawfully, fairly, and transparently.

2. Data Processing

We act as a data controller for user account information and as a data processor for client campaign data. Data is stored on Vercel (SOC 2 Type II certified) infrastructure with AES-256 encryption at rest and TLS 1.3 in transit.

3. AI Transparency

All AI-generated insights, recommendations, and reports are clearly labeled as such. We do not present AI outputs as human-authored expert opinions. Users can opt out of AI processing at any time.

4. Cookie Policy

Our cookie consent system provides granular control over Essential, Analytics, and Marketing cookies. No cookies are set without explicit user consent, in compliance with ePrivacy Directive requirements.

5. Payment Compliance

Payment processing complies with PCI DSS requirements. Cryptocurrency payments (USDT TRC-20) are processed through verified wallets. PayPal transactions follow PayPal's Merchant Agreement terms.

6. Right to Erasure

Users may request complete deletion of their personal data by contacting privacy@cexres.com. Deletion is processed within 30 days.

7. Contact

CEXRES AI — privacy@cexres.com