Privacy Policy

UAB “DATAUSE, UAB”, company code 306032837, the company established and operating under the laws of the Republic of Lithuania, the registered office of which is in the Gedimino pr. 20, Vilnius, Lithuania, Republic of Lithuania, as well as or any of our affiliates (we/us/our). We are committed to protecting and respecting your personal data and your privacy. We recognize that your personal data is your property and that you have provided it to us for specific purposes.

 

Unless otherwise required by law and other applicable guidance or best practice, or in order to perform our contract with you, we will only process your personal data in the way we tell you or in the way you or applicable legislation requires us to, and we will give it back to you at any time (if possible).

1. This policy

1.1 This Policy explains how any personal data we collect from you, that you provide to us, or that we receive indirectly from third parties (e.g. persons that may represent you, registers, state authorities, etc.) will be processed by us or any processor on our behalf.

1.2 This Policy is applied together with our internal rules of processing of data subjects personal data (Rules) and other contractual documents used. You are therefore advised to read it carefully. Terms used within it shall have the meaning(s) given in the European General Data Protection Regulation (Regulation), as applicable.

1.3 This Policy apply to your use of the website www.krypten.com (Website) once you have visited or by registering for user account with us (Account) or by getting any of the services accessible through the Website, you accept the practices described in this Policy.

1.4 Any changes we make to this Policy will be posted on Website and you will be notified when you next visit the Website. You are advised to check back frequently as any changes will be binding on you when you continue to use the website after the date of the relevant change.

1.5 For more information relating to your rights under this Policy, please see section 10.

1.6 If you have any queries relating to this Policy, please take a look at our data related FAQs or contact us at [email protected].

2. Who we are

2.1 We operate the website and we process your personal data together with other Datause, UAB group companies (further in this Policy together referred as “we”).

2.2 Your data will be processed on our behalf by subcontractors that we use for carrying out our activities and provision of services that you requested (for example, performance identity verification and KYC/AML compliance checks, payment services, hosting a website and an information technology system, partner credit institutions for protecting funds or carrying out payment operations, etc.) (Subcontractors). The subcontractors process your data only exclusively in the framework of the latter’s activities. The Subcontractors are not authorized to use your personal data for their own behalf. We contractually impose on Subcontractors to comply with the obligations of security and confidentiality, to implement appropriate technical and organizational measures so that data processing is carried out in a manner that complies with applicable regulations and guarantees the protection of your rights.

2.3 Data controllers may provide us services related to data processing from time to time. We will operate on the terms of a written agreement with these data controllers relating to your personal data.

3. Your main personal data processing conditions

3.1 By registering for Account and/or otherwise using the Website, you:

3.1.1 provide us and our Subcontractors with the personal data necessary to allow you to use the Website and make transactions through it or to get any of the services accessible through the Website;

3.1.2 confirm that you are aware that the processing of your personal data may be performed by us and/or Subcontractors, and or other data controllers, and/or those specifically listed third parties, in accordance with this Policy; and

3.1.3 confirm that you are aware that your personal data may be transferred to those third parties listed in this Policy, for the reasons specified.

3.2 You may object to your data processing under Clause 3.1 at any time. However, where the objection prevents us or our Subcontractors from verifying your identity or otherwise monitoring who you are, you will be unable to use your Account, payment devices and make transactions through our Website OR You may exercise your rights under Clause 11.1 at any time, which includes your objection to our processing of your personal data. However, where this withdrawal prevents us from performing our contract with you, we may not be able to provide our services to you.

4. What we collect

4.1 We may generally collect all or some of the following categories of data from you:

  • Identification Information. Your full name, surname, identification number, passport / ID card number, date of birth, phone number, mailing address, citizenship, email address, address, postcode, account username, e-wallet account details of the sender and the receiver, password, copies of any documents you have provided for identification purposes, your image in photo or video (provided for Know-Your-Client (KYC)) or other regulatory purposes) and any other information relating to you which you have provided to us in any forms that you may have submitted to us, or in other forms of interaction with you.
  • Usage Information. Information about your use of our website and services, including cookies, IP (internet protocol) address, computer and connection information, device type and unique device identification numbers (e. g. IMEI number, MAC address), bandwidth, mobile network information, mobile operating system and type of mobile browser, statistics on page views, and traffic to and from our websites, and other technical data collected through cookies and other similar technologies that uniquely identifies your browser.
  • Information collected in accordance with the requirements of the laws. Results from Politically Exposed Persons (PEP) Screening & Sanction screening, any additional personal data required for proving Source of Funds (e. g. employment contract, certificate of inheritance, etc.), data on the management structure and business activity, etc.;
  • Transaction Information. Transaction information as you use our services, including deposit snapshots, account balances, trade history, order activity and distribution history, bank account number, identification data of electronic money account, account statement;
  • Employment Information. Your employment history, education background and income levels.
  • Financial Information. Your bank account information, credit card information (including the card number, expiry date and CVC), tax identification number, transaction history and trading data.
  • Correspondence. Responses to promotions and initiatives on our website or app, and interactions with our support team and customer service officers via email, app and/or other communication channels.

4.2 In addition to the above, we will also provide you with your Account Details, which includes your username which is either created by, or assigned to, you. The Account Details should be remembered by you, but will be stored by us in case you forget them.

4.3 Specific categories of processed personal data may also be in separate sections of this Policy.

4.4 All categories of personal data which are collected by us are indicated in procedure for performance and maintenance of records of data processing activities.  

5. How we collect your data

The data listed in Section 4 is collected in the following ways:

5.1 By you registering the Account – this is any information you give to us that we request from you when signing-up for an Account to use our Website or by corresponding to us (e.g. by e-mail or via chat functions on the Website).

5.2 Information collected – each time you visit our Website through a network Subcontractors may automatically collect:

5.2.1 Technical information – your IP address (used by your device to connect to the internet) and any version details; and

5.2.2 Information about your visit – means the links you have clicked on, in the Website; and

5.2.3 Transaction information – including date, time, amount, crypto currencies used, exchange rate, beneficiary details and etc.; and

5.2.4 Content information – information stored on your device, including if you allow to access contact information (e. g. login information, etc.).

5.3  Received from third parties – we and our Subcontractors work closely to verify your eligibility for an Account, payment services, and etc. We will also perform searches in the global and local databases when we are required to do this by law or for business purposes (e. g. PEP or Sanction list, credit ratings, etc.) and get personal data from the state authorities.

5.4 Additional information provided by you directly – this is any information you provide to us related performance of our services and/or based to other purpose (e. g. provision of the queries, phone calls that may be recorded).

6. Cookies

6.1. The Cookie Policy addresses the processing of your personal data using Cookies.

7. What we do with your data

7.1 Your data is primarily necessary to verify who you are when accessing your Account and to ensure you meet our eligibility requirements in order to submit an Application for an account. We or our Subcontractors also will use all or a part of your data for performance of our obligations under Rules and provision of other related services to you and/or for compliance with a legal obligations to which we or our Subcontractors are subject to and performance of internal administration activities.

7.2 Additionally, we will use all or a part of your data you provide us to notify you about:

7.2.1 services of an interest for you; or

7.2.2 changes to our Website or our services.

7.3 We and our Subcontractors use any data we collect about you (as a result of your visit to our Website) to:

7.3.1 personalize and improve our services (including the Website and its security);

7.3.2 deal with your inquiries and requests;

7.3.3 administer and monitor traffic and behaviors on our Website for analysis, testing, research, statistical and survey purposes;

7.3.4 ensure that any part of our Website (including any Content) is presented in the most effective manner for you and your device, and to make improvements (where necessary); and

7.3.5 keep our Website safe and payment devices secure.

7.4 Where we change our services, or any applicable terms and conditions, we will contact you. For more details please see Clause 1.6 of the Policy.

7.5 Any data we obtain about you from third parties (Subcontractors or other data controllers) are used for the purposes of verifying your eligibility to submit an application for Account through our Website and/or to perform payment transactions and/or get any of the services accessible through the Website.

8. How and why we disclose your data

8.1 Subject to the rest of Section 8 of this Policy, we will only disclose your personal data to the third parties which shall be considered as data processors for the following purposes:

8.1.1 credit-checking/reference agencies and fraud prevention agencies – in order to verify your identity, perform transactions you instruct on us or for the purposes of fraud detection or protection, or in other situations involving suspicious or illegal activities. We may as well perform a search of your credit file, if this is necessary and/or required to deliver our services to you;

8.1.2 To process the transactions – in order to allow you to make the payment(s) and/or receive funds through your payment devices and by the Website;

8.1.3 banking, including Electronic Money Institutions, crypto exchanges and financial service partners such as banking intermediaries, international payment services providers and regulated distribution agents – in order to perform our services and payments;

8.1.4 our email provider – in order to be able to send emails to you (please note that only your email address is provided to approved email provider);

8.1.6 other our services providers – in order to ensure the proper functioning and provision of the services (e.g. IT services provider, cloud storage providers, auditor, accounting services provider, etc.). In order to provide a proper service for all of our products, we may disclose data to any member of the Datause, UAB group, so that the data may be provided to any subsidiaries, affiliates or Datause, UAB related entities.

8.2 In addition to the transfers contemplated by part 8.1, we or our Subcontractors may transfer or disclose your personal data to:

8.2.2 comply with any legal obligation required under legal requirement (e. g. to state authorities);

8.2.3 enforce any part of our Rules and/or any other agreements between you and us or to investigate potential breaches; or

8.2.4 protect our rights or our property, or those of our other Account holders. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.

8.3 Any websites which are linked from the Website are not subject of this Policy and are not covered by this Policy. If you access those websites using the links provided, the website operators may collect information from you which will be used by them in accordance with their own privacy policies (if any). These policies may differ from ours, and we cannot accept any responsibility or liability in respect of these.

9. Security

9.1 Each member of the staff can access the systems only by using his unique login credentials. Staff have access to personal data only for the purposes of performing their roles.

9.2 You may have set a password in order to access certain parts of our Website. You are responsible for keeping this password confidential. We ask you not to share a password with anyone.

9.3 We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

9.4. We seek to put in place appropriate technical and organizational measures to help protect your personal information from unauthorized access, use, disclosure, alteration or destruction consistent with applicable Data Protection Laws. Nevertheless, you are responsible for using of the secure internet connection and the transmission of information via third party networks

10. How long we retain your data

10.1. We are obligated to retain personal data about you and your transactions for such time until the retention of your personal data is no longer necessary for any business or legal purpose, i.e. in order to comply with anti-money laundering and countering the financing of terrorism and other obligations applicable to us.

10.2 Once collected, we may retain your data related to financial transactions for up to 8 years following the date of your last transaction or the date you close your Account (whichever is the later). This time limit may be additionally extended if a reasonable ground exists.

10.3 The personal data storage period is set based on the below principles:

10.3.1 Usually, we keep data during the course of the provision of services, during the validity of the contract and 10 years after the expiration of the contract or legal relationships, while executing the requirements set forth in legal acts related to document archiving and in order to declare, execute or defend the legal claims.

10.3.2 If the transaction has not been concluded, we will store personal data for 3 years from the date of its receipt. If a transaction is refused due to the implementation of money laundering and terrorist financing prevention measures, personal data shall be stored for 8 years from the moment of refusal.

10.3.3 According to the requirements of legal acts regulating the prevention of money laundering and terrorist financing, we will process personal data for 8 years from the date of receipt. This time limit may be additionally extended if a reasonable ground exists.

10.3.4 If you revoke your consent for data processing or the data processing term expires (when the data is processed on the basis of your consent), only the data confirming the fact of your consent is retained for 6 years from the end of the consent period or the cancellation of consent in order to declare, execute or defend the legal claims.

11. Your rights

11.1 In relation to all of your personal data, you have the following rights (in addition to any rights you may have under the Regulation and the Law):

11.1.1 to access to your personal data, i.e. this enables you to receive a copy of the personal data we hold about you;

11.1.2 to clarify what data we hold about you, how it was obtained, to whom it has been disclosed and for how long it will be stored;

11.1.3 to amend any inaccurate data we hold about you;

11.1.4 to delete any of your data (where you no longer think we need to hold it or you think we have obtained it or processed it without your consent at any time);

11.1.5 to object to processing of your personal data, i.e. to process your personal data in limited circumstances or for limited purposes (e.g. process your data for direct marketing purposes);

11.1.6 to forward the personal data you provided (in case it is on the basis of consent or contract, and if they are processed by automated means) to another data controller or transferred to you in a structured, commonly used and computer-readable format, if it is technically possible;

11.1.7 to stop the processing of personal data, except if we process personal data due to the legitimate interest of us or other person to whom personal data are provided, and your interests are not more important;

11.1.8 to withdraw consent at any time where we are relaying on consent to process your personal data;

11.1.9 not to be the subject only to automated processing, including profiling;

11.1.10 to submit an appeal on the actions or inactions of the us, related to the implementation of the data subject’s rights to the Lithuanian Data Protection authority that is located in member state of the European Union where you reside; and

11.1.11 you are entitled to compensation, which you must apply for to the competent court that is located in member state of the European Union where you reside, if you have suffered damage as a result of a violation of the data subject’s rights;

11.2 If you wish to exercise any of your rights at any time, please contact us on the details contained at the beginning of this Policy in the first instance. We will require you to verify your identity to us before we provide any personal data, and reserve the right to ask you to specify the types of personal data to which your request relates. We will try to respond to your legitimate requests within one month. Occasionally it may take us longer than one month if request is complex or you have made a number of requests.

11.3 Where you wish to exercise any of your rights, they may be subject to payment of a nominal administration fee (to cover our costs incurred in processing your request) and any clarification we may reasonably require in relation to your request. Such fees may be charged where we consider (acting reasonably) that your request is excessive, unfounded or repetitive.

11.4 Any data provided to you in accordance with your rights will be in a form required under the Regulation.

12. Your responsibilities

12.1. You confirm that you have provided correct data about yourself in every required form and that afterwards, when changing or adding any data at the Website, you will enter only correct data. We will not tolerate invalid, false or otherwise incorrect data and will pursue actions in accordance with its legal obligations. You shall bear any losses that occur with regard to the submission of invalid, false or otherwise incorrect data.

12.2 We draw your attention to the fact that email address and any other contact information you have chosen to link to your Account are used for your identification and communication. You undertake responsibility to protect these instruments and logins to them. You are responsible for password disclosure and for all operations performed after you use the password for a relevant account. We recommend to memorize your passwords and not to write them down or enter anywhere where they may be seen by other persons.