Skip to content
Fränkel-de CubaCapital Advisory

Privacy Policy

Last updated: February 23, 2026

1. Data Controller

Fränkel-de Cuba Capital Advisory ("FDC", "we", "us") is the data controller responsible for your personal data. We are established in Aruba, part of the Kingdom of the Netherlands.

Contact: info@frankeldecuba.com

2. Applicable Law

As Aruba is part of the Kingdom of the Netherlands, FDC processes personal data in accordance with the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Aruba Privacy Ordinance (Landsverordening persoonsregistraties, 2011). Where there is a conflict, we apply the stricter standard.

3. Personal Data We Collect

We collect only the data necessary to provide credit advisory services:

  • Identity data: full name, email address, island of residence
  • Financial data: gross and net monthly income, existing debts, employment type and duration, loan amount, property value, own contribution
  • Documents: identity documents (passport, cedula), income statements, balance sheets, tax returns, bank statements, and other financial records you upload
  • Account data: email address, hashed password, account creation date, consent timestamp
  • Usage data: audit logs of actions taken within the platform (who accessed what, when)

4. Lawful Basis for Processing

We process your data on the following bases:

  • Consent (Art. 6(1)(a) GDPR): You provide explicit consent when creating your account. You may withdraw consent at any time.
  • Contractual necessity (Art. 6(1)(b)): Processing is necessary to provide you with credit advisory services.
  • Legal obligation (Art. 6(1)(c)): We are required to retain financial records for regulatory compliance (AML/CFT, Centrale Bank van Aruba requirements).

5. Purpose of Processing

Your personal data is used exclusively for preparing and managing credit proposals on your behalf. Specifically:

  • Assessing your creditworthiness and financial position
  • Preparing loan proposals for partner financial institutions
  • Tracking the status of your applications through our platform
  • Communicating with you about your credit advisory engagement
  • Complying with regulatory and legal obligations

We do not use your data for marketing, profiling, automated decision-making, or any purpose unrelated to credit advisory services.

6. Data Recipients & Transfers

Your data may be shared with:

  • Partner financial institutions (Guardian Group Fatum, Aruba Bank) — only when you have an active credit proposal submitted to them
  • Supabase Inc. — our database and authentication provider (Data Processing Agreement in place). Data is hosted in the United States (AWS us-east-1), protected by Standard Contractual Clauses for EU-adequate data protection.

We do not sell, rent, or share your personal data with any other third parties.

7. Data Retention

Financial records are retained for a minimum of 7 years from the date of the last transaction, in accordance with Aruba financial regulations and AML/CFT requirements. After the retention period expires, your data will be permanently deleted.

If you request account deletion before the retention period expires, we will delete your account and personal data immediately, except where we are legally required to retain records (in which case the data will be archived securely and deleted at the end of the mandatory retention period).

8. Your Rights

Under the GDPR and Aruba Privacy Ordinance, you have the right to:

  • Access — request a copy of all personal data we hold about you
  • Rectification — request correction of inaccurate data
  • Erasure — request deletion of your personal data ("right to be forgotten")
  • Portability — receive your data in a structured, machine-readable format (JSON)
  • Withdraw consent — withdraw your consent at any time without affecting the lawfulness of prior processing
  • Lodge a complaint — file a complaint with the Autoriteit Persoonsgegevens (Dutch Data Protection Authority) or the relevant Aruba authority

To exercise any of these rights, contact us at info@frankeldecuba.com. We will respond within 30 days.

9. Data Security

We protect your personal data with:

  • AES-256 encryption at rest (database and file storage)
  • TLS encryption in transit (all connections)
  • Row Level Security (RLS) — you can only access your own data
  • Time-limited signed URLs for document access (expire after 1 hour)
  • Audit logging of all data access and modifications
  • Role-based access control for FDC team members

10. Cookies

We use only essential cookies required for authentication and session management. We do not use analytics cookies, advertising cookies, or any third-party tracking. No cookie consent banner is required because we only use strictly necessary cookies.

11. Changes to This Policy

We may update this policy to reflect changes in our practices or legal requirements. We will notify registered users by email of any material changes. The "Last updated" date at the top of this page indicates when this policy was last revised.

12. Contact

For any questions regarding this privacy policy or your personal data, contact:

Fränkel-de Cuba Capital Advisory

Aruba, Kingdom of the Netherlands

Email: info@frankeldecuba.com

Terms of ServiceSign In