Global Privacy Policy

Latest update: August 1, 2022

Swipelux (defined below under “Our relationship to you”) is committed to protecting the privacy of visitors and customers. This Privacy Policy describes how we handle your personal data when you access our services, which include content on any website located at swipelux.com, swipelux.com/buy or another site owned by us including but not limited too (collectively, the "Site(s)"), or any Swipelux API, as well third party applications relying upon such APIs & related service (referred to collectively hereinafter as "Services"). If you have any questions about this Policy, please send them to privacy@swipelux.com.

Our Relationship to you

Swipelux operates internationally through entity (together “Swipelux”, “we”, “us”, “our”) in Estonia in order to provide Services to our customers.

Registry code: 16205129 Name: Swipelux OÜ Address: Harju maakond, Tallinn, Mustamäe linnaosa, Vinkli tn 13, 12618 Value Added Tax identification number: EE102373402

Personal Information we collect

Personal information means any data which relates to a living individual and can be used for identity authentication or regulation, such as an email address. This includes factual details but also opinions about them expressed in third party surveys done by Swipelux (or their representatives). The definition of "personal information" depends on where you live and the relevant law applicable!

Information you provide to us

We collect information necessary to create an account and access our Services. This information is either required by law (for example, to verify your identity) or necessary to provide the requested services (e.g. you will need to provide your bank card details if you would like to buy digital assets), or is relevant for our legitimate interests described in greater detail below.

The kind of personal information we might ask for will depend on the nature of our Services, but may include: • Identification Information: Full name, date of birth, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email. • Formal Identification Information: Government issued identity document such as Passport, Driver's License, National Identity Card, State ID Card, Tax ID number, passport number, driver's license details, national identity card details, visa information, and/or any other information deemed necessary to comply with our legal obligations under financial or anti-money laundering laws. • Institutional Information: Employer Identification number (or comparable number issued by a government), proof of legal formation (e.g. Articles of Incorporation), personal identification information for all material beneficial owners. • Financial Information: Bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification. • Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp. • Employment Information: Office location, job title, and/or description of role. • Correspondence: Survey responses, information provided to our support team or user research team.

Information we collect automatically or generate about you

By using our Website and Services, you agree that we may collect personal information from your use. This includes any data automatically collected during web browsing sessions such as what pages are visited and when they were accessed; this helps us provide better service for all customers by preventing fraudsters from fraudulent access attempts with their account info. Information collected automatically includes:

  • Online Identifiers: Geo location/tracking details, operating system, browser name and version, and/or personal IP addresses.
  • Usage Data: Authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies and similar technologies. Please read our Cookie Policy for more information.

Information collected from third parties

This includes information we may obtain about you from third party sources. The main types of third parties we receive your personal information from are: • Public Databases, Credit Bureaus & ID Verification Partners in order to verify your identity in accordance with applicable law. ID verification partners such as Experian use a combination of government records and publicly available information about you to verify your identity. Such information may include your name, address, job role, public employment profile, credit history, status on any sanction’s lists maintained by public authorities, and other relevant data. • Blockchain Data to ensure parties using our Services are not engaged in illegal or prohibited activity and to analyze transaction trends for research and development purposes. • Marketing Partners & Resellers so that we can better understand which of our Services may be of interest to you.

Anonymized and aggregated data

In order to better serve our customers and provide a safe digital environment for everyone clients, we may need some data about you which doesn't have any meaning individually but can be useful when analyzed as part of bigger trends or patterns such as transaction history, click-stream data, fraud indicators or performance metrics from website visits.

How we use your personal information

We may use your information in the following ways and for the following purposes: • Your personal information, including your name and address is processed in order to maintain legal compliance. In addition we may use service providers who act on behalf of us or verify identity when linking bank accounts for you. These measures help protect against fraud but also allows Swipelux keep an eye out for any unusual activity that could indicate account compromise or funds loss. If you do not provide personal information required by law, we will have to close your account; • Swipelux’s Services include certain processing of your personal information to provide a high-quality experience. For example, when you want store funds on our platform we require certain information such as your identification, contact and payment informatioт which enable us help prevent fraud in accordance with industry best practices for safety purposes. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. The consequences of not processing your personal information for such purposes is the termination of your account. • To provide communications and customer services according to your preferences and in compliance with applicable law, marketing emails are being sent to communicate with customers about events, share offers & promotions. If you do not want us to send you marketing communications, please go to your account settings to opt-out or submit a request via privacy@swipelux.com. We may send you service updates regarding administrative or account-related information, security issues, or other transaction-related information. These communications are important because we want to make sure that the information you receive from us is as accurate and up-to date possible that may affect how you can use our Services. We are legally bound to provide you with critical service communications that is why you cannot opt-out of receiving critical service communications. When you contact us, we process your personal information to resolve any questions or disputes. We also use this time as an opportunity for improvement service. We want to ensure that your use of our services is hassle-free and safe. That's why we'll be sending you emails with important updates from time to time, including any new features or functionality introductions on the site. • In our legitimate business interests sometimes the processing of your personal information is necessary for our legitimate business interests, such as: • quality control and staff training; • to enhance security, monitor and verify identity or service access, and to combat spam or other malware or security risks; • to enhance your experience of our Services and Sites; or • to facilitate corporate acquisitions, mergers, or transactions. • research and development purposes;

Legal bases for processing your information

For individuals located in the European Economic Area, United Kingdom or Switzerland at time their information is collected we rely on legal bases for processing under relevant data protection legislation. These means that we will only process your data where we are legally required to, or if it is necessary for us perform any contracts entered with you (or to take steps at your request prior to entering into a contract with you), for our legitimate interests to operate our business, to protect Swipelux’s or your property rights, or where we have obtained your consent to do so. We also take care not use any of this info outside what's been shared before without explicit consent from user.

Disclosing your personal information to third parties

Your personal information is safe with us. We only share the data when it's necessary for a third party to do their job and have no intention of selling or renting your details out without explicit consent from you. We will only share your personal information with the following types of third parties: • Identity verification services to prevent fraud. This allows Swipelux to confirm your identity by comparing the information you provide us to public records and other third party databases. • Financial institutions which we partner with to process payments you have authorized. • Service providers and professional advisors under contract who help with parts of our business operations. Our contracts require these service providers to only use your information in connection with the services they perform for us and prohibit them from sharing your information with anyone else. • Companies or other third parties in connection with business transfers or bankruptcy proceedings. • Companies or other entities that purchase Swipelux assets. • We may disclose your information to law enforcement, regulators or any other third parties when we are compelled by applicable laws. We also have a good faith belief that such use is reasonably necessary including for protection of our rights property safety as well public integrity. Enforce our terms and other agreements; or detect or otherwise address security, fraud, or technical issues.

Third-party sites and services

Third-party applications that connect to your Swipelux account may have access to information you provide when creating an account or using our services. We will not authorize these third parties for any reason other than facilitating transactions between them and yours, so please be sure they stick within the boundaries of what is acceptable in terms privacy policies. Examples of account connections include: • Merchants: When you use your Swipelux account to conduct transactions with third party merchants, the Merchants may provide data about yourself and those transactions to us. • Your financial services providers: When you send us funds from your bank account, the receiving party will need to know not only where those money are coming in order for them complete transaction but also what type of information should be included so that no one trying fraudulently uses this opportunity.

How we protect and store personal information

The right security measures are in place to protect our customers' personal information. Customer files are protected with safeguards according to the sensitivity of the relevant information. Swipelux has implemented various reeling protocols that ensure the safety and confidentiality of all customer data, which cannot be accessed without permission or abuse from an authorized employee.

By using our services, you are consenting to have your personal information collected and processed globally. We maintain physical, electronic, and procedural safeguards in compliance with the applicable laws to protect it against unauthorized access or misuse as well as any other risks that could arise from its use by third parties who may seek vulnerabilities within these security measures for their own purposes.

Swipelux is committed to the protection and privacy of all its employees. All staff must follow laws, including data protection standards; inappropriate use or disclosure can result in disciplinary action.

When you contact a Swipelux employee about the status or contents on file for one reason or another (perhaps to fix something), they may ask for some personal details like name and address before allowing access; this is done solely out precaution so only those who should have direct knowledge can get at what's stored within these walls - don't let anyone else find out how vulnerable their data could be! Don’t reveal it to any third-parties and immediately notify us if you become aware of any unauthorized access to or use of your account.

Retention of personal information

Personal information is held for as long you need it.

The retention period will be determined by the following criteria: • The purpose for which we are using your personal information - to provide services, carry out obligations under contract with you and others who have given permission to use it in this way; • Legal obligations may require that the law sets a minimum period during which an individual’s records must be kept.

If you have further questions about our data retention practices, please contact us at privacy@swipelux.com

By anonymizing your personal information so that it can no longer be associated with you, we are able to use this without further notice.

Children's personal information

Swipelux does not knowingly request personal information from any person under the age of 18. If you suspect that an individual submitting their own data may be younger than 18, please notify us immediately so we can take action and delete all legal copies of this sensitive info within 24 hours.

Cross border transfers

Your information is important to us, which is why we will never export or transfer any of your data outside the European Economic Area (EEA) and other supported countries. We follow strict guidelines for transferring personal details across borders and make sure that all internal procedures are in compliance with local laws before exporting them.

Your privacy rights

Depending on applicable law of where you reside, you may be able to assert certain rights related to your personal information. These rights include: • The right to know how your information is being processed and have access, if you so desire; • You have the right to withdraw your consent at any time. However, if we need personal information for a legitimate reason like compliance with law or you have given us permission in some other manner and it is not optional then this will still be processed though perhaps less extensively than before; • The right to requesting that we transmit your data in a structured, commonly used and machine-readable format applies only when you have provided us with personal information. This does not apply for any other type of communication made through Swipelux's platform such as social media posts or emails which can be accessed directly by clicking on links within those messages without having given out sensitive details beforehand; • The right to know that your information is accurate and up-to date; • In certain circumstances, you have the right to ask that we erase your personal information. However there may be times when our retention of this data is legally mandated and cannot contravene any applicable law or regulation in force globally; • If you object to our processing of your personal information for certain purposes but we are legally entitled to continue with the request, then we will do so; In some instances where people have asked us not only restrict their data however also requested a deletion all together which is something they own full rights we are legally entitled to refuse that request; • You have a right to lodge a complaint with the relevant data protection regulator if you think that any of your rights are being infringed by us.

You can exercise your rights by contacting us using the details listed below. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction.

How to contact us

If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, please contact us at privacy@swipelux.com.