(applies from September 1, 2018)
We assure you that we take special care to protect your personal data, and in particular we ensure that the data we collect is processed in accordance with the law, only for specified, legally permitted purposes and is not subjected to further processing contrary to these purposes. In addition, we care that the data collected by us is substantively correct and adequate in relation to the purposes for which it is processed and stored in a form that allows identification of persons to whom they relate, no longer than it is necessary to achieve the purpose of processing.
The Administrator of user personal data is EUROTOKEN OU [further also referred to as the Administrator] – a company registered in Estonia at Harju maakond, Tallinn, Kesklinna linnaosa, Roosikrantsi tn 2-K468, 10119; registered under the number 14454785.
You may contact the Administrator via mail sending a letter to the address provided above, via e-mail at [email protected] or sending a message in the tab “Contact” available on the Website.
In order to take care of your data even effectively we also appointed a Personal Data Inspector to who you can turn with any questions or requests in all matters concerning your personal data. You can contact him/her at: [email protected]
We need to collect such a wide range of information not only to be able to provide our services “technically”, but also to fulfil the binding legal provisions regarding the obligation to identify the client, to monitor, combat and assess the risks of fraud, money laundering, financing of terrorism. Therefore, if you do not provide the data requested during the registration and verification, or if the data proves to be false, or if you object to its processing, we will not be able to continue to provide you with our services.
Due to the above-described obligations, in order to verify the accuracy of the data provided by you and to assess the risk of fraud, we also monitor your transaction history by analyzing the course, volume, currency and type of transactions.
If you express a wish to use additional services offered by us, we will process your data which we collected in order to provide them, in compliance with their description contained in the Regulations or provided to you separately. These services may include among others: newsletter, contests, sending information messages, etc.
During your visit to our Website, certain data about your activity on the Website will be collected automatically. In this way, we collect and store information such as: your IP address, request URL, domain name, device ID, browser type, browser language, number of clicks, amount of time spent on individual pages, date and time of using the Website, type and version of the operating system, screen resolution, data collected in the server logs, and other similar information - to develop statistical data for the optimization of services rendered, including displaying content that complies with your preferences.
When you contact us in order to perform various activities or obtain information (e.g. to submit a complaint) using the Website, telephone or e-mail, we will again require you to provide us with your personal data to confirm your identity and the possibility of return contact. This applies to the same personal information you previously provided. However, it may happen that due to the nature of your request, we will have to collect other data from you. Provision of the above data is not mandatory, but it is necessary to perform activities or obtain information that interests you. We will process the above-mentioned data in order to perform the actions requested by you or to provide you with the information that you requested - depending on which situation takes place.
The services we offer are not intended for children under 16 years of age. For these reasons, we would like to inform you that if we find out that we have been provided with personal details of persons under 16 years of age, we will remove them without undue delay.
To the extent that the processing is made on the basis of your consent, the data you provide is used only for the purposes covered by your consent. On this basis, we will primarily carry out information and marketing campaigns. Remember that at any time you can change your mind and withdraw your consent - just send us an e-mail.
We will also process your data to execute the agreement we entered into with you (primarily as a result of registration and acceptance of the Terms and Conditions for an account on our Website) to be able to properly provide you with the services you want.
We will also have to process your data due to the need to comply with our legal obligations. These will be situations in which, for example, we must store data resulting from transactions made for tax and accounting reasons; as well as situations where we are obliged to verify and analyse your data (including your actions taken on the Website) in accordance with applicable anti-money laundering and terrorist financing regulations.
Your personal data may also be processed if it is necessary upon request of an authorized law enforcement or regulatory authorities whose jurisdiction affects our operations. Based on our legitimate interest, we will process your data for the purpose of publishing ads of our goods and services, as well as for the purposes of claiming our rights and defending ourselves against claims, for evidentiary and archival purposes. On the same basis, we will also process your personal data collected automatically in the Website in order to ensure the security of the session, ensure quality of the session and provide all the functions of the Website. On this basis, we will also process your personal data for analytical purposes, which will involve the examination and analysis of traffic on our Website.
In the case of registration and verification of an account, we process only the data without which the agreement concluded with you cannot be executed for "technical" reasons or for legal reasons. Not providing us with the required data will result in the fact that we will not be able to set up or keep your account, let alone carry out transactions within it.
Giving us your consent to the processing of your personal data is voluntary. If you do not give us your consent (or withdraw it), then we will not take any actions that a given consent applies to.
We always transfer only data that is necessary to perform a given task or task and only for the time needed to complete them, nothing more than that.In compliance with the above, we share your personal data with:
Sharing your personal data we make sure that the entities we cooperate with ensure the implementation of technical and organizational measures to ensure proper security and protection of the transferred data and to process it in accordance with applicable regulations, including the provisions of the GDPR.
The period of storage of your personal data is related to the purposes and the basis of its processing. This means that we store and process your data only as long as it is necessary for the purpose for which it was obtained.If the basis for processing your data is:
Notwithstanding the foregoing, the storage of your data, to the extent that the regulations allow it, ends when you request it (as discussed in more details in Section VIII below).Due to the fact that our services are subject to, among others regulations of the European Parliament and Council Directive (EU) 2015/849 of 20 May 2015 on the prevention of the use of the financial system for money laundering or terrorist financing, we are obliged to keep it for at least five years from the end of our economic relations with you (i.e. from the final closing and settlement of the account), among others:
The periods of storage of your data required by law may change as the applicable provisions of the law are amended.
After the indicated time periods expire, your personal data will be deleted or anonymized in a way that prevents the data from being attributed to you.
You can submit a statement regarding the exercise of any of your rights in any form, but it will be the best for you to send us an email. We will send you, without undue delay, confirmation of the impact of your statement via e-mail.
Withdrawing your consent or objecting to the processing of data, if you do not formulate any other objections, will affect all our services and Websites and the entities entrusted with the processing of your data.
Profiling involves automated processing of personal data allowing the assessment of personal factors of a natural person, and in particular analysing or forecasting aspects related to the economic situation, personal preferences or interests, credibility or behaviour of the data subject.
On our Website we process your personal data, including your activities on the Website, to assess the possibility of offering you our services. Our profiling boils down to two aspects: determining your preferences and needs in order to better adapt the Website to your needs; verifying the accuracy of the information provided by you and estimating the risk of money laundering or terrorist financing in order to fulfil the obligations imposed on us by the Directive of the European Parliament and of the Council (EU) No. 2015/849 of 20 May 2015.
Based on our profiling, in accordance with our internal procedures for estimating the risk of money laundering or terrorist financing, we evaluate which transactions you have commissioned we can carry out, and what information we are forced to obtain from you to fulfil our obligations of due diligence in the prevention of fraud in accordance with the Directive referred to above. This process is carried out mostly automatically, however, our employees or external entities from the Compliance sector always supervise it.
Cookies are small text information in the form of text files, sent by the server and saved on a device of the person visiting the Website (e.g. on the hard drive of the computer, laptop or on the smartphone's memory card - depending on which device you use). Detailed information about cookies as well as the history of their creation can be found among others here.The Administrator may process data contained in Cookies when users use the Website for the following purposes:
As a standard, most web browsers available on the market accept cookies by default. Everyone has the possibility to define the terms of using cookies through their own browser's settings. This means that you can, for example, partially restrict (e.g. temporarily) or completely disable the option of saving cookies - in the latter case, however, it may affect some of the Website's functionalities (for example, it may not be possible to pass the sales offer path due the failure to remember data during the subsequent stapes of submitting offers).Detailed information on changing cookies settings and their removal in the most popular web browsers is available in the help section of the web browser and on the following pages (just click on the link):
The Administrator also processes anonymized operational data related to the use of the Website (so-called logs, domain) to generate statistics helpful in administering the Website. For this purpose, we use services of third parties. Data processed by these entities is aggregate and anonymous, i.e. it does not contain features identifying visitors of the Website.
We store, use and transfer your data in a manner that ensures its proper protection, including protection against unauthorized or unlawful processing and accidental loss, destruction or damage, by means of appropriate technical and organizational measures.
We have implemented a number of security measures to ensure that your information will not be lost, used or changed. Our data security measures include, among others: PCI scanning, encryption, pseudonymization, data backup, regular testing, measuring and assessing the effectiveness of security measures used, restrictions on access to internal data and strict physical controls of access to buildings and files.
Access to data processed by us is carried out through an internal network, secured by our certificates and keys, thus excluding third party access "from outside" as well as "our" unauthorized persons.
In order to secure your data, we have developed and are constantly improving our own original script that encrypts data.
When we store your data on internal servers, we do it through entities that guarantee security of the infrastructure offered (PCI-DSS certification, ISO / IEC 27001 certification, SOC 1 TYPE II and SOC 2 TYPE II certificates, etc.), who have a good opinion, and their services are used by other entities processing personal data of special importance. For this reason, the servers used by us are located in several places in Europe (none of them are located in Cyprus).
Regardless of the above, please remember that it is impossible to guarantee 100% secure data transmission over the Internet or electronic data storage methods. Therefore, we ask that you also take reasonable precautions to protect your personal data. If you suspect that your personal information has been compromised, in particular the account or password information has been disclosed, contact us immediately.