Privacy Policy
1. General Provisions
This Privacy Policy is designed to inform users about how we process personal data when providing services for the purchase / sale for the User and on behalf of the User of electronic and / or digital or fiat currency.
1.1. Data Controller Information:
Company: GLOBAL FINEX SPÓŁKA OGRANICZONA ODPOWIEDZIALNOŚCIA
Address: Regus Equal Park 28, Wielicka street, Krakow, Poland 30-552
Email: info@globalfinex.io
KRS Registration Number: 0001108484
VASP ID: RDWW-1339
The website privacy policy describes how GLOBAL FINEX (hereinafter referred to as the Company, Data Controller) collects and processes your personal data using the site https://www.globalfinex.io/.
Ensuring unlimited access to the Website Privacy Policy is implemented by publishing it on the Company's website at https://www.globalfinex.io/privacy-policy/.
1.2. Terms and definitions used:
-
Cookies - a piece of data as part of an HTTPS request, intended for storage on the Subject's end device and used by the Controller to identify the Subject.
-
Site - a set of programs for electronic computers and other information in the information and telecommunications network "Internet", designed to be displayed in a browser and accessed using the domain name of the Controller. In the context of the activities of the Controller, the site https://www.globalfinex.io/ is used.
-
Registration data - a list of information specified by the Controller when registering on the site https://www.globalfinex.io/, and later when they change during the execution of the contract.
-
Consent of the data subject is a voluntary, specific, informed and unambiguous declaration of intent in which the data subject, by means of a statement or a clear affirmative action, consents to the processing of his personal data.
-
A data controller is any natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing personal data.
-
A processor is a natural or legal person, public authority, agency or other body that processes personal data on behalf of and on behalf of the controller.
-
Data subject – a natural person who can be identified directly or indirectly during the processing of personal data.
-
Personal data is any information relating to a data subject, i.e. an identified or identifiable natural person.
-
A breach of personal data security is a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorized disclosure of, or unauthorized access to, transmitted, stored or otherwise processed personal data.
-
Processing is any action (operation) or a set of actions (operations) performed with personal data using automation tools or without the use of such tools, including collection, recording, organization, structuring, accumulation, storage, adaptation or modification, downloading, viewing, use, disclosure by transmission, distribution or otherwise making available, matching or combining, reducing, deleting or destroying.
2. Processing of Personal Data:-
2.1. What personal data we process:
-
Name;
-
age;
-
e-mail;
-
phone number;
-
address (house, street, town, country);
-
cookie data.
2.2. Principles of personal data processing:
When working with personal data, the Company is guided by the principles specified in Article 5 of the GDPR.
Personal data must:
-
be processed lawfully, fairly and transparently for the data subject.
-
collected for specific, distinct and legitimate purposes and not further processed in a manner incompatible with those purposes; further processing for archival purposes in the public interest, for historical or scientific research purposes or for statistical purposes, in accordance with Article 89(1), shall not be considered incompatible with the original purposes (“limitation to purpose”).
-
be adequate and relevant to what is necessary in relation to the purposes for which they are processed, as well as limited to this.
-
be accurate and, where necessary, kept up to date; all reasonable steps must be taken to ensure that personal data that is inaccurate in the light of the purposes for which it is processed are immediately deleted or corrected.
-
stored in a form that allows the identification of data subjects for no longer than is necessary for the purposes for which the data is processed; personal data may be kept for a longer period, as long as they are processed solely for archival purposes in the public interest, for historical or scientific research purposes, or for statistical purposes in accordance with Article. 89(1), provided that the appropriate technical and organizational measures provided for in this Regulation are implemented in order to protect the rights and freedoms of the data subject.
-
processed in a manner that ensures the appropriate security of personal data, including protection against unauthorized or unlawful processing, as well as against accidental loss, destruction or damage, using appropriate technical and organizational measures.
-
The Company in its activities proceeds from the fact that the data subject provides accurate and reliable information during interaction with the Company, notifies the Company's representatives about changes in his personal data.
-
Only employees who have passed a certain admission procedure are allowed to process personal data in the Company.
-
With regard to the personal data of the subject, their confidentiality, integrity and availability are ensured by taking organizational and technical measures to ensure their safety and exclude unauthorized access to them.
-
All documents containing personal data must be destroyed in accordance with the established procedure upon achieving the stated purposes of data processing, in the event of the expiration of the data processing period established during the collection of personal data, as well as in the event of withdrawal of the consent of the data subject, if there are no other legal grounds for processing personal data.
-
The Company undertakes to respond to any requests from data subjects wishing to exercise their rights.
2.3. Legal basis for the processing of personal data
To the extent that we use personal data to fulfill contractual obligations or requests made by you in connection with a contract, the legal basis for our processing is Article 6(1)(b) of the General Data Protection Regulation (“GDPR”).
To the extent that we use personal data in order to comply with legal obligations under EU or EU law, the legal basis for our processing is Article 6(1)(c) of the GDPR.
2.4. Other data processing:
-
In order for the Website to operate as efficiently as possible, the Data Controller uses cookies and IP addresses.
-
Your personal data may be disclosed in cases not specified in this Notice.
-
We inform you that within the framework of judicial proceedings and for security purposes, an authorized court, a public prosecutor, an investigating authority, an anti-crime authority, an administrative authority, as well as other persons in accordance with the law may contact the Data Controller for the provision of information or documents .
-
The Data Controller provides personal data to the authorities only if the authority specifies the exact purpose and scope of the data, and only to the extent necessary to achieve the purpose of the request.
3. Rights of the data subject:
-
The right to withdraw consent;
-
Right to information;
-
Right to rectification;
-
The right to erasure;
-
Right to restriction of processing;
-
The right to move;
-
Right to object to processing;
-
The right to compensation and damages;
-
The right to judicial protection;
-
Right to contact the Data Protection Authority.
4. Final provisions
Our service is constantly evolving, as is this Privacy Policy. You should check our website periodically to see the latest changes. The current version of the document can always be found on the website https://www.globalfinex.io/privacy-policy.
If you have any questions about the Privacy Policy, please contact us at info@globalfinex.io