logo

Registration
logo

Privacy Policy

Last updated: 24 March 2026

Fidusol Ltd trading as Real Estate Exchange Europe ("Rexe", “we”, “our”, “us”) respects your privacy and is committed to protecting your personal information.

Fidusol Ltd trading as Real Estate Exchange Europe (“REXE”, “we”, “our”, “us”) respects your privacy and is committed to protecting your personal information. This Privacy Policy explains how we collect, use, retain, and protect personal data in connection with our services.
This Policy is designed to comply with the EU General Data Protection Regulation (GDPR, Regulation (EU) 2016/679), the Cyprus Personal Data Protection Law, and all applicable financial services and regulatory obligations to which Fidusol Ltd is subject.

1. Scope

This Privacy Policy applies to:

  • visitors to our website and platform at pilot.rexe.ai;
  • users of the REXE digital escrow and settlement platform;
  • clients, partners, lawyers, advocates, certifying officers, banks, real estate agents, engineers, valuers, and other service providers engaged in transactions processed through REXE.

By accessing or using our services, you confirm that you have read and understood this Privacy Policy.

2. Information We Collect

We may collect and process the following categories of personal information:
Personal Identification Information:

  • full name, email address, telephone number;
  • identity documents (e.g. passport, national ID), tax identification number, residential address.

Transaction Information:

  • property details, title documents, and transaction contracts;
  • settlement and disbursement instructions;
  • bank account details provided for escrow or payment purposes.

Professional Information:

  • firm or company name, professional role, and regulatory registrations.

Technical Information:

  • IP address, browser type, device identifiers, cookies, and platform usage data.

Communication Records:

  •  correspondence with our team, support tickets, and feedback submitted through the Platform.

3. How We Use Your Information

We use your personal information for the following purposes:

  • enabling property settlements, escrow arrangements, and related transactions through the Platform;
  • conducting KYC (Know Your Customer) and AML (Anti-Money Laundering) verification and ongoing monitoring in accordance with applicable law;
  • managing, preparing, and executing legal and transactional documentation;
  • facilitating communications between buyers, sellers, legal professionals, and other transaction participants;
  • providing customer support, training, and operational assistance;
  • sending updates regarding product developments, compliance obligations, or pilot programme participation, where you have consented or where we have a legitimate interest in doing so;
  • meeting our legal, regulatory, and tax obligations under Cyprus and EU law.

We process your personal data on the following lawful bases under Article 6 of the GDPR:

  • Performance of a Contract – to complete property transactions, escrow arrangements, and related services you have engaged us for.
  • Legal Obligation – to comply with applicable law, including AML/CTF obligations, financial services regulation, and tax reporting requirements.
  • Legitimate Interests – to improve our Platform, ensure its security, prevent fraud, and engage with clients and professional partners in connection with our services.
  • Consent – where you have expressly agreed to processing, for example in connection with marketing communications. You may withdraw consent at any time without affecting the lawfulness of prior processing.

5. Disclosure of Information

We may share your personal information with the following categories of recipient, where necessary in connection with providing our services:

  • Lawyers and Advocates – for contract drafting, execution, and settlement coordination.
  • Banks and Financial Institutions – for escrow management, mortgage processing, and payment execution.
  • Engineers and Valuers – for compliance certificates and property valuations where required as a condition of settlement.
  • Insurance and Utility Providers – where you have chosen to use referral services available through the Platform.
  • Regulators and Authorities – including the Cyprus Bar Association, the Cyprus Anti-Money Laundering Authority (MOKAS), the Central Bank of Cyprus, and other competent authorities, where required by law.
  • Technology Partners – including KYC providers, e-signature platforms, and cloud hosting providers (e.g. Microsoft Azure, DocuSign, Sumsub), each of whom is bound by appropriate data processing agreements.

We will never sell your personal data to third parties for commercial purposes.

6. International Transfers

Where personal data is transferred outside the EU/EEA (for example, to support clients in the Australian or wider diaspora market), REXE ensures that appropriate safeguards are in place in accordance with GDPR requirements. These may include Standard Contractual Clauses approved by the European Commission, adequacy decisions, or equivalent mechanisms.

Details of any such transfer mechanisms are available on request from our Data Protection Officer.

7. Data Security

We implement industry-standard technical and organisational security measures to protect your personal information against unauthorised access, disclosure, alteration, or destruction. These include:

  • encrypted document storage (Microsoft Azure Blob Storage);
  • segregated, secure escrow accounts held with EU-regulated credit institutions;
  • role-based access controls limiting data access to authorised personnel only;
  • comprehensive audit logging of all user activity on the Platform;
  • regular independent cybersecurity audits and penetration testing; and
  • data breach detection, response, and notification procedures in accordance with GDPR Articles 33 and 34.

In the event of a personal data breach that poses a risk to your rights and freedoms, we will notify the Office of the Commissioner for Personal Data Protection (Cyprus) within 72 hours of becoming aware, and will inform affected individuals where required.

8. Data Retention

We retain personal data only for as long as is necessary for the purposes for which it was collected, or as required by applicable law. Our standard retention periods are:

  • Transactional and settlement records – retained for the applicable statutory period under Cyprus and EU law, which is typically a minimum of five (5) years following the end of the transaction or business relationship.
  • KYC and AML documentation – retained for a minimum of five (5) years following the end of the business relationship, or longer where required by applicable AML legislation or regulatory direction.
  • Marketing communications and consent records – retained until you opt out or withdraw consent, after which they are deleted or anonymised.
  • Technical and platform usage data – retained for the period necessary to ensure platform security and operational continuity, and reviewed periodically.

Upon expiry of the applicable retention period, personal data is securely deleted or anonymised in accordance with our Data Retention and Archiving Policy.

9. Your Rights (GDPR & Greek Law)

Subject to applicable law, you have the following rights in relation to your personal data:

  • Right of Access – to request a copy of the personal data we hold about you.
  • Right to Rectification – to request correction of inaccurate or incomplete data.
  • Right to Erasure – to request deletion of your personal data, subject to our legal and regulatory retention obligations.
  • Right to Restriction – to request that we restrict processing of your data in certain circumstances.
  • Right to Object – to object to processing based on legitimate interests or for direct marketing purposes.
  • Right to Data Portability – to receive your data in a structured, commonly used, and machine-readable format.
  • Right to Withdraw Consent – where processing is based on consent, to withdraw it at any time without affecting prior processing.

To exercise any of these rights, please contact our Data Protection Officer using the details in clause 12. We will respond within one calendar month of receiving your request.

If you are not satisfied with our response, you have the right to lodge a complaint with the supervisory authority:

  • Office of the Commissioner for Personal Data Protection (Cyprus) – www.dataprotection.gov.cy

10. Cookies & Tracking

Our website and Platform use cookies and similar tracking technologies for the following purposes:

  • Site functionality – to enable core features and ensure the Platform operates correctly.
  • Security and fraud prevention – to protect the integrity of the Platform and detect suspicious activity.
  • Analytics – to understand how users interact with our Platform and improve the user experience.

You can manage your cookie preferences through your browser settings at any time. Please note that disabling certain cookies may affect the functionality of the Platform.

Where required by law, we will obtain your consent before placing non-essential cookies on your device.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal obligations, or regulatory requirements. Any material changes will be communicated via our website or by direct notification where appropriate, and the “Last updated” date at the top of this document will be revised accordingly.

We encourage you to review this Policy periodically. Continued use of our services following notification of material changes constitutes acceptance of the updated Policy.

12. Contact Us

If you have any questions, concerns, or requests relating to this Privacy Policy or our data processing activities, please contact our Data Protection Officer:

 

Data Protection Officer

Fidusol Ltd t/a REXE

Tseriou Avenue & Naxou 1 Street, 1st Floor, Office 103

Strovolos 2043, Nicosia, Cyprus

 

Email: compliance@rexe.ai

Telephone: +357 22 222777

Platform: pilot.rexe.ai