This Privacy and Data Protection includes the Company’s Terms and Conditions in respect of the processing of data (hereafter “Privacy Terms”). These Privacy Terms apply to Users and to any visitor of the Cryptosaurs Website or Platforms. They govern any processing of personal data in relation to the Services, Website or Platforms. The processing of personal data under this Agreement is also subject to the provisions of the General Data Protection Regulation (GDPR)
ENTITY RESPONSIBLE FOR PROCESSING USER’S PERSONAL DATA
Company is, when it collects and processes User’s personal data, the controller for the processing of this data.
DATA BEING PROCESSED.
The following information may be collected, processed and stored by the Company: Directly identifying information may be processed by Company if User has provided Company with this information (for example, by communicating with Company). User is not obliged to provide Company with this information or to agree with the processing thereof. However, in certain cases, such communication will need to take place to ensure proper service provision or to comply with applicable laws. In this context, Company: a1) will process information required for the performance of the contract, such as the User’s surname and first name, address, and nationality. User’s email address, User’s phone number, User’s VAT number, User’s financial information. a2) may process personal information required by law in the context of its “know your customer” obligations. In case User is a natural person: its surname, first name; date and place of birth, address; nationality; a copy of user’s identity card or passport. In case User is a legal person, the following personal information may be processed: for each member of the board of directors, the above-listed personal data for natural persons and for each ultimate beneficiary person(s), the above-listed personal data for natural persons. a3) may process information voluntarily provided by User and used by Company to increase security and verify user’s identity, including for example, a copy of user’s utility bills. Company may process certain information in the course of visits to the Website, Platform or other internet-based Services, in particular: b1) information concerning the pages that were consulted and the activities User’s have undertaken via the Website, Platform or Wallet. b2) identification information Users have provided voluntarily (for example, by registering on the Website, Platform or subscribing to newsletters); b3) certain non-directly identifying data, such as the type of browser or operating system that is used, the IP address or the technologies used for accessing the Website or Platform.
PURPOSES OF THE PROCESSING
Company can process personal data for (one of) the following purposes, based on one or more legal grounds: To ensure the provision of the Services, User’s information will be used to create his account and his Wallet, to verify his identity and his status as contract party in the course of his use of the Wallet and Platform (in particular in case of recovery of his private key or to reset his login or pin code) or for performing our Services in the context of Transactions (and amongst others when you contact our service desk). Company processes this data based on the legitimate interest it has in providing the Services in compliance with the agreement. To comply with “know your customer” obligations imposed by law, the information under (A) above may be processed with a view to performing know your customer obligations imposed by law and any related reporting obligations. Company processes this data based on the legitimate interest it has in complying with the law. To ensure the technical and functional management of the Website and Platform and the provision of the ordered Services, the information under B) may be processed to ensure the good functioning of the Website, Platform and the Services and to enhance their use. Company processes this data based on the legitimate interest it has in providing a good functioning Website and Services. To inform Users about our events, about developments related to subjects that might be of interest to Users and about our services, or for direct marketing purposes, Company processes the data under (A) and (B) based on his explicit consent and Company’s legitimate interest to keep its clients informed of its activities and services. To answer the User’s questions and job inquiries, Company processes the data under (A) or (B) based on User’s explicit consent, User’s contractual relationship with us or his request to take steps prior to entering into a contract.
THIRD-PARTY ACCESS TO USER’S PERSONAL DATA
PROTECTION AND STORING OF USER’S PERSONAL DATA
Company undertakes to implement the security measures, which can reasonably be expected in order to protect User’s personal data from destruction, loss, modification or any other unauthorized processing. In particular, the Company will, amongst others, implement the following security measures: A) Technical security measures User data is stored on a server with no public IP address. Only specific servers are able to contact this server in a separate private network. SSH connection to public servers can only be done from the (virtual) private network of Forj. User passwords are always hashed (not stored in plain text). User data is stored in a database with access control, and all user data (which is inside the database) is encrypted at rest. B) Operational security measures. Access to user data is restricted to certain team members and can be revoked at any time. Company will not store any of User’s personal data any longer than is necessary for the specific purposes for which it is stored, taking into account Company’s contractual and legal obligations with regard to this data and Company’s mission to correctly answer customer questions and to provide the Services in compliance with the Agreement.
EXERCISE OF PERSONAL RIGHTS RELATED TO USER’S PERSONAL DATA
User has the following rights in respect of User’s personal data being processed by Company: – the right to request free access to the personal data processed; – the right to request the correction or removal of User’s data; – the right to request a restriction of the processing; – the right to request the portability of User’s data; and – the right to object to the processing of User’s personal data (in the case of direct marketing without any substantiation). In case the processing of your personal data is based on your consent, User has the right to revoke this consent at any time. However, such a revocation does not affect the lawfulness of any processing prior to this revocation. If User intends to use any of its above-mentioned rights, please do so by directing User’s request to info@Forj.network or by a letter to Company (see address below). Company cannot handle User’s request without proof of User’s identity, and the applicable legislation may impose conditions on exercising the above rights. Company will request a copy of User’s identification document as proof that User is indeed concerned by the personal data and thus entitled to rights mentioned above. Company will use its best efforts to respond to User’s request without undue delay after receipt of User’s request. User should bear in mind that Company will not always be obliged to comply with a request for access, correction, removal or transfer, taking into consideration the requirements related to the establishment, exercise or substantiation of a legal claim or the legitimate exercise of the right of freedom of expression and/or information. User also has the right to file a complaint with the Data Protection Authority. Such a complaint can be filed either by post directed at Rue de la Presse 35, 1000 Brussels or through an e-mail firstname.lastname@example.org
Company may use “cookies” when You visit the Website. A cookie is information sent from a web-server to your web-browser and which is placed on your hard-drive. Cookies permit our website to recognize future visits using your computer. Cookies enhance the convenience and use of our website. You may choose to decline cookies if your browser permits, but doing so may affect your use of the Website and your ability to access or use certain web features. We will use the following cookies: A) Functional cookies Company uses functional cookies, Keycloak, which save the session ID as well as the information consulted during the session. They are necessary to ensure the adequate functioning of our website. These cookies make sure You will be timely and correctly provided with the information desired each time You will visit the Website. We do not request Your consent for using of these functional cookies. The information gathered through these functional cookies shall not be passed on to any third party.
Analytical cookies, the _ga and _gid cookies of Google Analytics, enable Company to analyze the use that is being made of the Website. They allow us, for example, to register how frequently the Website is being visited by different visitors, through which pages users access the Website and which pages of the website are visited most. The device You use to visit the Website is accorded a randomly generated identification number, which is used by Google’s servers to compute the statistics. Google will not use the generated identification number for its own purposes and will not link it to other data in its possession. Company shall not install tracking cookies without requesting Your prior consent. C)Tracking cookies: Tracking cookies allow Company to monitor your online activities on the Website. They enable Companies and advertisers to provide You with personalized online advertisements and tailor-made content based on your online activities on the Website. Company shall not install tracking cookies without requesting Your prior consent. D)Social media plug-in cookies: Social media plug-in cookies are used to enable Company to display content of social media on the Website. Company shall not install social media cookies without requesting Your prior consent. Please consult the applicable cookie and privacy policies and settings of the respective social media providers you give consent to.
For any questions regarding this policy or your rights hereunder, please email: email@example.com