Company Name - Octo Liquidity OÜ Reg number - 14829050
An application that is distributed by the Company through AppStore or Google Play.
A website that is operated by the Company and available at https://swaps.app.
Collective name that can refer to both the Mobile and Website Platform.
Collective name that can refer to both the Platform and the Company.
When you use our services, access our website to make crypto currencies exchange, we collect personal data about the parties to the transaction which may include some or all of the following: bank card information (card number, CVC or CVV, card expire date, card holder Name and Surname) amounts sent and received, amounts paid for services. Transaction Data includes also details about:
Swaps uses Secure Socket Layer (SSL) technology to encrypt and protect the data you send us over the internet. If SSL is enabled, you will see a padlock at the topof your browser and you can click on this to find out more information about the SSL digital certificate registration. The Client will also notice that when you look at the URL at the top of the browser you will see that it begins with ‘https’ instead of ‘http’. This means that you are in secure mode.
Swaps store and transmit payment card data in accordance with the basic standards of confidentiality and security of credit and debit cards according to the PCI DSS.
Payment card data is not requested and is not used for any purpose not related to payment services offered by Swaps.
Payment card data is not stored on the server.
The records related to the transactions retained by Swaps for periods of 6 month after the bank card expire date.
The lawful bases for collecting and processing this personal data are the performance of our contract with you according to Regulation (EU) 2016/679 Art.6 (1) (b) and our legal obligation to comply with the Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia.
The Client, when using Company services, has no right to:
The Client shall reimburse all direct damages, fines and other monetary sanctions applied to Swaps due to failure to observe or violation due to the fault of the Client.
Access the Services from a country, where Services are not provided by Swaps. Use an anonymous account.
An individual Customer from an age of 18+ or a legal entity that has read and agreed to the Customer Agreement of Swaps and uses services of the company provided through the Mobile or Website Platforms.
The General Data Protection Regulation (EU) 2016/679.
Documents that are requested by Swaps from the Customers in order to identify the Customer and comply with applicable laws.
The Policy is meant for use by Customers of Swaps.
Swaps is a company registered in Estonia that has developed and governs the Platform and the services, products and content that is accessible and offered on the Platform.
The company is compliant with the applicable Estonian and International laws for the Prevention of Money Laundering and Terrorist Financing, the General Data Processing Regulation as well as other legislations applicable in Estonia.
This policy aims to provide Company’s Customers with information on what type of information Company collects, how it is used and the circumstances where it could be shared with third parties.
Through this document, Customer’s data may be called either “ personal data” or “personal information”. Company may also sometimes collectively refer to handling, collecting, protecting and storing Customer’s personal data or any such action as “ processing” of such personal data. For the purposes of this Customer An individual Customer from an age of 18+ or a legal entity that has read and agreed to the Customer Agreement of Swaps and uses services of the company provided through the Mobile or Website Platforms. GDPR The General Data Protection Regulation (EU) 2016/679. KYC or Due Diligence Documents that are requested by Swaps from the Customers in order to identify the Customer and comply with applicable laws. policy, personal data shall mean any information relating to Customer, which identifies or may identify a Customer and which includes, for example, Customer’s name, address and identification number.
The Company shall collect information necessary to fulfil legal obligations for the provision of services and to improve our service to you.
Swaps will gather information and documentation to identify, contact or locate Customers and may gather information from third parties and or other sources, which will help us to offer our services effectively.
According to the Estonian and International laws for the Prevention of Money Laundering and Terrorist Financing, as well as in order to enhance Customer support, Customer’s personal data will be used for specific, explicit and legitimate purposes.
The personal data collected from Customers is used to verify Customer’s identity for Due Diligence purposes, to manage Customer’s account with the Platform, to process Customer’s transactions, to provide Customers with post-transaction information, to inform Customers of additional products and/or services relevant to Customer’s profile, to produce analysis and statistical data which will help the Company improve its products and services, and for Platform enhancement purposes.
The Company needs to perform its Due Diligence measures and apply the principles of KYC (Know-Customer’s-Customer) before entering a business relationship with any Customer in order to prevent actions, such as money laundering or terrorist financing, and to perform other duties imposed by law. Company collects from its Customers’ identity verification information (such as copies, images, scans of Customer’s government issued national ID card or International Passport, or other governmental proof of identification) or other authentication information. Swaps also requests its Customers to provide the Company with a recent Utility Bill in order to verify Customer’s residential address. Further to this, the Company can use third parties to carry out identity checks on its behalf.
There are a number of legal obligations emanating from the relevant laws to which the Company is subject to, as well as other statutory requirements. Such obligations and requirements impose on Swaps are necessary personal data processing activities for credit checks, identity verification, compliance with court orders, tax law or other reporting obligations and anti-money laundering controls.
Swaps may suspend, restrict, or terminate your access to any or all of the Swaps and/or deactivate or cancel your Swaps Account, without reason by giving you one months’ notice. You acknowledge that our decision to take certain actions, including limiting access to, suspending, or closing your Swaps Account, may be based on confidential criteria that are essential for the purposes of our risk management and security protocols. You agree that we are under no obligation to disclose the details of its risk management and security procedures to you.
Company processes personal data to safeguard the legitimate interests pursued by Swaps or by a third party. A legitimate interest is when Swaps has a business or commercial reason to use Customer’s information. Even then, it must not unfairly go against what is right and best for the Customer. Examples of such processing activities include: Initiating court proceedings and preparing our defence in litigation procedures, Means and processes we undertake to provide for the Company’s IT and system security, preventing potential crime, asset security, admittance controls and anti-trespassing measures, Measures to manage business and for further developing products and services, The transfer, assignment (whether outright or as security for obligations) and/or sale to one or more persons and/or charge and/or encumbrance over, any or all of the Company’s benefits, rights, title or interest under any agreement between the Customer and the Company.
The Company may use Customer data, such as location or transaction history to deliver any news, analysis, research, reports, campaigns and training opportunities that may interest the Customer, to their registered email address. Customer always has the right to change the option if he no longer wishes to receive such information.
Swaps and any agents that it engages for the purpose of collecting, storing and processing personal data and any third parties acting on Company’s behalf, may collect, process and store personal data provided by the Customer. For the purpose of processing and the storage of personal data provided by the Customer in any jurisdiction within the European Union or outside of the European Union, the company can confirm this will be done in accordance with applicable laws. Authorized Processor The GDPR sets out what needs to be included in the contract which the company has adhered to, the below is not an exhaustive list of the obligations of all relevant parties: Such third parties must only act on the written instructions of the our company (unless required by law to act without such instructions); Ensure that people processing the data are subject to a duty of confidence; Take appropriate measures to ensure the security of processing; The rights of Customers will not be impaired in meeting with GDPR requirements; The security of processing, the notification of personal data breaches and data protection impact assessments will not be impaired; Deletion or return of all personal data as requested at the end of the contract; Such providers will provide various services as agreed with the Company. Swaps has a regulatory obligation to supervise and effectively oversee the outsourced functions and to act appropriately when it determines that the service provider is not performing the said functions effectively and in accordance with the applicable legislation. Swaps may use or disclose personal information without Customer’s consent only in certain circumstances: if required by law or by order of a court, administrative agency, or other government entities; if there are reasonable grounds showing disclosure is necessary to protect the rights, privacy, property, or safety of Customers or others; if we believe the information is related to a breach of an agreement or violation of the law, that has been, is being, or is about to be committed; if it is necessary for fraud protection, risk reduction, or the establishment or collection of funds owed to us; if it is necessary to enforce or apply the Terms and Conditions and other agreements, to pursue remedies, or to limit damages to our company; for other reasons allowed or required by law; if the information is public. When the Company is required or permitted to disclose information without consent, Company will not disclose more information than necessary to fulfil the disclosure purpose. Swaps informs all Customers to maintain confidentially and not to share with others its Customer names and private passwords or as provided by the Company. The Company bears no responsibility for any unlawful or unauthorized use of Customers’ personal information due to the misuse or misplacement of Customers’ access codes (i.e. passwords/ credentials), negligent or malicious, however conducted.
The Company may process Customer’s personal data to inform Customers about products, services and offers that may be of interest to them. The personal data that Swaps processes for this purpose consists of information Customers provide to the Company and data Swaps collects and/or infers when Customer uses services of the Platform, such as information on Customer’s transactions. Company studies all such information to form a view on what is needed or what may be of interest to Customers. In some cases, profiling may be used. Profiling is a process when Customer’s data is being automatically processed with the aim of evaluating certain personal aspects and to further provide Customers with targeted marketing information on products. Company’s site uses technologies of third-party partners to help Company recognize Customer’s device and understand how Customer uses Company’s site so that Swaps can improve its services to reflect Customers interests and serve advertisements about the services that are likely to be of more interest to Customer. Specifically, these partners collect information about Customer’s activity on Company’s site to enable Company to: measure and analyze traffic and browsing activity on Company’s site; show advertisements for Company’s services to Customer on third-party sites; measure and analyze the performance of Company’s advertising campaigns; Company may share data, such as hashed email derived from emails or other online identifiers collected on Company’s site with Company’s advertising partners. This allows Company’s partners to recognize and deliver ads to Customer across devices and browsers. Swaps can only use Customer’s personal data to promote its products and services to Customers if Swaps has Customer’s explicit consent to do so – by clicking on the tick box during the account opening form – or in certain cases, if the Company considers that it is in their legitimate interest to do so. Further, Customers have the option to choose whether they wish to receive marketing related emails (company news, information about campaigns, the company’s newsletter, the company’s strategic report, etc.) to Customer’s provided email address by clicking the relevant tick box during the account opening form. Company’s partners may use non-cookie technologies that may not be impacted by browser settings that block cookies. Customer’s browser may not permit to block such technologies. For this reason, Customer can use the following third party tools to decline the collection and use of information for the purpose of serving Customer interest based advertising:
The NAI’s opt-out platform: http://www.networkadvertising.org/choices/
The EDAA’s opt-out platform: http://www.youronlinechoices.com/
The DAA’s opt-out platform: http://optout.aboutads.info/?c=2&lang=EN
Customers have the right to object at any time to the processing of Customer’s personal data for marketing purposes or unsubscribe to the provision of marketing related emails by the Company, by contacting at any time Company’s Customer support department via the following ways:
By Email: support@Swaps.com
Customer support via the platform Period of keeping Customer’s personal information The Company will keep Customer’s personal data for:
As long as a business relationship exists with the Customer, either as an individual or in respect of our dealings with a legal entity Customer is authorized to represent or are a beneficial owner of
Once the business relationship with Customers has ended, Company is required to keep Customer’s data for a period of five years to meet regulatory and legal requirements. In some cases, this period may be extended. When Company no longer needs personal data, it will securely delete or destroy it.
Customer has the right to request copies of his/hers personal data. Information must be provided without delay and at the latest within one month of receipt. The company will be able to extend the period of compliance by a further two months where requests are complex or numerous. If this is the case, we will inform Customers within one month of the receipt of the request and explain why the extension is necessary. Swaps must provide a copy of the information free of charge. However, the Company can charge a “reasonable fee” when a request is manifestly unfounded or excessive, particularly if it is repetitive. The fee if applied will be based on the administrative cost of providing the information and for delivery expenses, if Customer requests to deliver this information in hard copy. If at any time we refuse to respond to a request, we will explain why to the Customer, informing them of their right to complaint to the supervisory authority and to a judicial remedy without undue delay and at the latest within one month.
As a general rule, the Customer data is processed within the European Union/European Economic Area (EU/EEA), but in some cases it is transferred to and processed in countries outside the EU/EEA. The transfer and processing of Customer data outside the EU/ EEA can take place provided there are appropriate safeguards in place and the actions are made based on a legal basis only. Upon request, the Customer may receive further details on Customer data transfers to countries outside the EU/EEA.
Swaps uses appropriate technical, organizational and administrative security measures to protect any information it holds in its records from loss, misuse, and unauthorized access, disclosure, alteration and destruction. Unfortunately, no company or service can guarantee complete security. Unauthorized entry or use, hardware or software failure, and other factors, may compromise the security of Customer information at any time. Among other practices, Customer’s account is protected by a password for Customer’s privacy and security. Customers must prevent unauthorised access to Customer’s account and Personal Information by selecting and protecting Customer’s password appropriately and limiting access to Customer’s computer or device and browser by signing off after you have finished accessing Customer’s account. Transmission of information via regular email exchange is not always completely secure. The Company however exercises all possible actions to protect Customers’ personal data, yet it cannot guarantee the security of Customer data that is transmitted via email; any transmission is at the Customers’ own risk. Once the Company has received the Customer information it will use procedures and security features in an attempt to prevent unauthorised access. When Customers email the Company (via the “Contact Us” page), or using the Live Chat feature, a person may be requested to provide some additional personal data, like their name or email address. Such data will be used to respond to their query and verify their identity. Emails are stored on Company’s standard internal contact systems which are secure and cannot be accessed by unauthorised external parties.
Customer has the right to be confident that Swaps handles Customer’s personal information responsibly and in line with good practice. If a Customer has a concern about the way the Company is handling Customer’s information, or for example if a Customer feels we may not be;
keeping Customer’s information secure;
holds inaccurate information about you;
has disclosed information about you;
is keeping information about you for longer than is necessary; or
has collected information for one reason and is using it for something else;
We take all concerns seriously and will work with you to resolve any such concerns.
Any concerns and/or requests can be raised to the appointed Data Protection Officer whose contact details are below:
If the Customer is not satisfied with any responses provided by the Company, the Customer has a right to raise such matters with the Estonian Data Protection Inspectorate:
E-mail address: firstname.lastname@example.org
39 Tatari St., 10134 Tallinn, Estonia
Phone: +372 627 4135
The Customer has the right go to court or to escalate their complaint to the data protection regulator in their jurisdiction for the protection of rights, unless the applicable laws prescribe a different procedure for handling such claims.
The Company reserves the right to modify or amend this Privacy Statement unilaterally at any time in accordance with this provision.
If any changes are made to this privacy statement, we shall notify you accordingly. The revision date shown on at the end of this page will also be amended. We do however encourage you to review this privacy statement occasionally so as to always be informed about how we are processing and protecting Customer’s personal information.
The Company will monitor on a regular basis the effectiveness of this Policy and, in particular, the execution quality of the procedures explained in the Policy and, where appropriate, it reserves the right to correct any deficiencies. In addition, the Company will review the Policy at least annually. A review will also be carried out whenever a material change occurs that affects the ability of the Company to continue to the best possible result for the execution of its Customer Orders on a consistent basis using the venues included in this Policy. The Company will inform its Customers of any material change to this Policy by posting an updated version of this Policy on its Website(s).