Cold Execution
Log in
Back to home

Privacy Policy

Effective date: 17 July 2026

This Privacy Policy explains how TriCode Michał Powałka (Cold Execution) processes personal data in connection with the service at https://coldexecution.com.

1. Controller

The controller of personal data is TriCode Michał Powałka, Tax ID/NIP 5252761830, address: 72/11 Aleja „Solidarności”, 00-145 Warsaw, Poland, email: contact@coldexecution.com.

2. Categories of data

  • account and contact data: name, email, login data, language and account status;
  • billing data: billing address, country, Tax ID/VAT, transaction identifier and Subscription status;
  • licence data: platform ID (cTrader ID / MetaTrader ID), licence status, activations and change history;
  • technical data: IP address, device, browser, logs, event times, error reports and security data;
  • support data: messages, attachments, ticket history;
  • marketing and cookie data — only to the extent permitted by law and consent where required;
  • affiliate data: partner identifier, clicks, sale attribution and commissions.

3. Purposes and legal bases

  • conclusion and performance of the contract, account, licence, payments, support — performance of the contract (Art. 6(1)(b) GDPR);
  • invoices, taxes and accounting — legal obligation (Art. 6(1)(c) GDPR);
  • security, fraud prevention, defence of claims, error monitoring — legitimate interest (Art. 6(1)(f) GDPR);
  • newsletter and marketing — consent or legitimate interest depending on the channel and law;
  • analytics and marketing cookies — consent where required.

4. Recipients and transfers

Data may be entrusted to providers of hosting, payments, email, analytics, accounting, support, security and licensing tools, and to advisers. The payment provider receives the data necessary for settlement; Cold Execution does not store full card data. A current list of processors is available on request at contact@coldexecution.com.

Where data is transferred outside the EEA, appropriate legal mechanisms are used, e.g. an adequacy decision or standard contractual clauses.

5. Retention

Data is kept for the term of the contract and afterwards for the period needed for settlement, tax obligations (generally 5 years), complaints and defence of claims (until limitation periods lapse). Marketing data is kept until consent is withdrawn or an objection is made, and technical logs for a period proportionate to security and diagnostics.

6. Your rights

Depending on the legal basis and law, you may request access, rectification, erasure, restriction, portability, object, withdraw consent, and lodge a complaint with the President of the Personal Data Protection Office (UODO). Withdrawing consent does not affect the lawfulness of prior processing.

7. Profiling and the obligation to provide data

We do not make decisions producing legal effects solely by automated means. Some systems may automatically detect fraud or attribute affiliate sales. Providing the data necessary for the account, payments and licence is a condition of concluding and performing the contract.