Privacy Policy
Clinical data protection for the digital financial age. We prioritize your privacy through mathematical verification and institutional transparency.
1. Institutional Mandate
The European Financial Crime Agency (EFCA) is an independent EU executive body established to combat financial crime across all 27 member states. Our mandate involves the detection, freezing, and recovery of criminal assets. In fulfilling this role, we are committed to the highest standards of data protection and privacy.
Follow the flow. Not the person.
Our core philosophy prioritizes behavioral patterns over personal identity. We use advanced technology to secure the financial system while minimizing the collection of unnecessary personal data.
2. Data Protection by Design
EFCA integrates privacy into the core of its technology stack. We utilize three interlocking layers to ensure your data remains secure and your privacy is respected:
- Zero-Knowledge Proofs (ZKPs): We verify the legitimacy of transactions and wallet addresses without accessing or storing the underlying private data.
- End-to-End Encryption: All reports and communications between victims and EFCA are encrypted using NIST post-quantum standards.
- DLT Audit Logs: Every access to personal data by an investigator is immutably logged on a permissioned blockchain, ensuring full accountability.
3. Categories of Data Processed
EFCA processes data only when necessary for the performance of its tasks. The categories include:
| Category | Data Types | Purpose |
|---|---|---|
| Case Reports | Hashed IDs, evidence files, transaction details | Investigation and asset recovery |
| Identity Verification | National digital ID, biometric liveness mathematical hashes | Ensuring reports are filed by genuine victims |
| Technical Metadata | Obfuscated IP addresses, device signatures | AI triage and fraud detection |
4. Legal Basis for Processing
Under the General Data Protection Regulation (GDPR) and the EFCA Data Protection Framework, we process data based on the following:
- Public Interest (Art 6(1)(e)): Processing is necessary for the performance of a task carried out in the public interest—specifically, the protection of the EU financial system.
- Legal Claims (Art 9(2)(f)): Processing is necessary for the establishment, exercise, or defense of legal claims during the prosecution of financial crimes.
5. Your Rights
As a data subject, you have the following rights under EU law:
- Right of access to your personal data.
- Right to rectification of inaccurate data.
- Right to erasure ('right to be forgotten') in specific circumstances.
- Right to restrict or object to processing.
- Right to data portability.
6. Contact Information
If you have any questions regarding your data or wish to exercise your rights, please contact our Data Protection Officer (DPO):
Email: dpo@efcanews.eu
Address: EFCA Data Protection Office, European Quarter, Brussels, Belgium