We are hereby concerned with protecting the privacy of any personal information that you may choose to provide to us (“Personal Information”), and are committed to providing a safe, responsible and secure environment. It is our goal to ensure that the use of your Personal Information is compliant with the General Data Protection Regulation (EU) 2016/679 (“GDPR”). Accordingly, we issued this policy to inform you of our use of your Personal Information.
1.4.1 “You” means the user who is using our services.
1.4.2 “Personal Data” means information that specifically identifies an individual or that is linked to information that identifies a specific individual.
1.4.3 “Visitor” means an individual other than a user, who uses the public area, but has no access to the restricted areas of the Site or Service.
This policy is based on the following data protection principles:
The processing of personal data shall take place in a lawful, fair and transparent way;
The collecting of personal data shall only be performed for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes;
The collecting of personal data shall be adequate, relevant and limited to what is necessary in relation to the purpose for which they are processed;
The personal data shall be accurate and where necessary, kept up to date;
Every reasonable step shall be taken to ensure that personal data that are inaccurate having regard to the purposes for which they are processed, are erased or rectified without delay;
Personal data shall be kept in a form which permits identification of the data subject for no longer than it is necessary for the purpose for which the personal data are processed;
All personal data shall be kept confidential and stored in a manner that ensures appropriate security;
Personal data shall not be shared with third parties except when necessary in order for them to provide services upon agreement;
Data subjects shall have the right to request access to and rectification or erasure of personal data, or restriction of processing, or to object to processing as well as the right of data portability.
- The information we collect
2.1 As part of providing you with the Services, we collect your Personal Information on registering an account. “Personal Information” means any information from which you can be personally identified.
(a) we may collect, store and use information about your computer, mobile device or other item of hardware through which you access the Website and your visits to and use of the Website (including without limitation your IP address, geographical location, browser/platform type and version, Internet Service Provider, operating system, referral source/exit pages, length of visit, page views, website navigation and search terms that you use;
(b) to the extent that we collect and process documentation on behalf of our contributing companies to assist them with complying with various statutory requirements including without limitation anti-money laundering, KYC procedures, we may collect a copy of your passport, director and shareholder information, driving licence and evidence of proof of address. These documents contain various elements of personal and company information.
(c) you may be given opportunities to provide us with other information from time to time;
(d) when you choose to subscribe to our service, and/or contact us by email, telephone or through any contact form provided on the Website, we may ask you to provide some or all of the following information:
(i) your name (first name and last name);
(ii) your address;
(iii) your IP address;
(iv) your email address;
(v) your phone number; and/or
(vi) details about your balance and/or sales status;
(vii) details of any search effected by you and/or any transaction executed by you with any partner.
2.4 Not all the personal information we hold about you will come always directly from you. We may also collect information from third parties such as our partners, service providers and publicly available websites (i.e social media platforms), to comply with our legal and regulatory obligations, offer Services we think may be of interest, to help us maintain data accuracy and provide and enhance the Services.
- How we will use your Personal Information
3.1 We will process your Personal Information in accordance with the GDPR and to provide you with the Services. We will process your Personal Information to enable us to:
(a) to provide our services to you;
(b) to assist third party companies with providing their services to you;
(c) to enable you to use our services;
(d) to send you relevant and targeted promotional communications;
(e) to notify you of changes we have made or plan to make to the Website and / or our services;
(f) to send you emails as necessary;
(j) to analyze and improve the services offered on our Website.
3.2 If at any time you wish us to stop processing your Personal Information for the above purposes, then you must contact us via e-mail and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed.
3.3 In the event that the purposes for processing change, then we will notify you as soon as practicable and seek any additional consent that may be required.
- Disclosing your Personal Information
4.1 Except as described in this Policy, we will not intentionally disclose the Personal Data that we collect or store on the Service to third parties without your prior explicit consent. We may disclose information to third parties in the following circumstances:
4.2 Except to the extent required by any applicable law or governmental or judicial body, we will only disclose such of your personal information to our third party companies as is required for us or them to perform our or their services to you.
4.3 We will use all reasonable endeavors to ensure that any companies to whom we disclose your confidential information is compliant with the Data Protection Act 1998 (or an equivalent standard) as regards its use and storage of your personal information.
4.4 In the event that we sell or buy any business or assets, we may disclose your personal data and transaction data to the prospective seller or buyer of such business or assets. If substantially all of our assets are acquired by a third party, personal data and transaction data held by it about its customers will be one of the transferred assets.
4.5 We will disclose your personal information if we are under a duty to disclose or share your personal data and transaction data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions and other agreements; or to protect the rights, property, our safety, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
4.6 If at any time you wish us to stop processing your Personal Information for the above purposes, then you must contact us and we will take the appropriate steps to stop doing so. Please note that this may mean that your Account will be closed.
- Data Subject Rights
5.1 We respect your privacy rights and provide you with reasonable access to the Personal Data that you may have provided through your use of the Services. Your principal rights under the GDPR are as follows:
- the right for information;
- the right to access;
- the right to rectification;
- the right to erasure; the right to be forgotten;
- the right to restrict processing;
- the right to object to processing;
- the right to data portability;
- the right to complain to a supervisory authority; and
- the right to withdraw consent.
5.2 If you wish to access or amend any other Personal Data we hold about you, or to request that we delete any information about you, you may contact us by sending an email. We will acknowledge your request within seventy-two (72) hours and handle it promptly. We will respond to these requests within a month, with a possibility to extend this period for particularly complex requests in accordance with Applicable Law. We will retain your information for as long as your account is active, as needed to provide you services, or to comply with our legal obligations, resolve disputes and enforce our agreements.
5.3 You may update, correct, or delete your Account information and preferences at any time by accessing your Account. Please note that while any changes you make will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
5.4 You may decline to share certain Personal Data with us, in which case we may not be able to provide to you some or all of the features and functionality of the Service.
5.5 At any time, you may object to the processing of your Personal Data, on legitimate grounds, except if otherwise permitted by applicable law.
5.6 In accordance with Applicable Law, we reserve the right to withhold personal data if disclosing it would adversely affect the rights and freedoms of others.
5.7 We may use your personal data for the purposes of automated decision-making when displaying your activity and offers based on your trends and interest. When such processing takes place, we will request your explicit consent and provide you with the option to opt-out. We may also use automated decision making in order to fulfill obligations imposed by law, in which case we will inform you of any such processing. You have the right to object to the processing of your personal data for automated purposes at any time by contacting us via e-mail.
- Minors and Children’s Privacy
7.1 Protecting the privacy of minors is especially important. Our Service is not directed to children under the age of 18, and we do not knowingly collect Personal Data from children under the age of 18. If you are under 18 years of age, then please do not use or access the Service at any time or in any manner. If we learn that Personal Data has been collected on the Service from persons under 18 years of age, then we will take the appropriate steps to delete this information. If you are a parent or guardian and discover that your child under 18 years of age has obtained an Account on the Service, then you may alert us via e-mail and request that we delete your child’s Personal Data from our systems.
8.1 We take appropriate security measures to protect against loss, misuse and unauthorized access, alteration, disclosure, or destruction of your information. We have taken steps to ensure the ongoing confidentiality, integrity, availability, and resilience of systems and services processing personal information, and will restore the availability and access to information in a timely manner in the event of a physical or technical incident.
8.2 No method of transmission over the Internet, or method of electronic storage, is 100% secure. We cannot ensure or warrant the security of any information you transmit to us or store on the Service, and you do so at your own risk. We also cannot guarantee that such information may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or organisational safeguards. If you believe your Personal Data has been compromised, please contact us via e-mail.
8.3 If we learn of a security systems breach, we will inform you of the occurrence of the breach in accordance with applicable law.
- Privacy Settings
9.1 Although we may allow you to adjust your privacy settings to limit access to certain Personal Data, please be aware that no security measures are perfect or impenetrable. Additionally, we cannot control the actions of other users with whom you may choose to share your information. We cannot and do not guarantee that information you post on or transmit to the Service will not be viewed by unauthorized persons. We have taken the necessary steps to protect your personal information as much as possible in transit by using technical and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure and alteration of personal data. Some of the safeguards we use are firewalls and very strict data encryption which include: 3 level of encryptions, physical access controls on every network point, and information access authorization controls. Such protection is currently obtained by using: database encryption aes-256 algorithms, physical access controls (PAC), and information access authorization controls.
- Data Retention and International Transfers
10.2 All information you provide to us is stored on our secure servers.
10.3 Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted through our Website; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.
10.4 We transmit personal information using secure software which encrypts information you input. Further, to the extent that we collect any credit card or bank account information from you, we will only reveal the last four digits of your credit card number when confirming an order. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personally identifiable customer information. Our security procedures mean that we may occasionally request proof of identity before we disclose personal information to you.
- Data Protection Officer
11.1 We have appointed a Data Protection Officer (“DPO”) who is responsible for matters relating to privacy and data protection. Our DPO can be reached via e-mail.