Last Updated: 6^th June 2018

Scope

This Privacy Notice explains what you can expect from us and what we need from you in relation to your personal data. Please read this carefully as this Notice is legally binding when you use our Kripter Exchange Services, as defined below.

This Privacy Notice applies to any Kripter Exchange Services, as defined below, regardless of how you access or use them, including through mobile devices.

We may amend this Privacy Notice at any time by posting the amended version on this site including the effective date of the amended version. We will announce any material changes to this Privacy Notice via email.

Definitions

As used herein, the following terms are defined as follows:

1. “Digital Asset” is a digital representation of value (also referred to as “cryptocurrency,” “virtual currency,” “digital currency,” “crypto token,” “crypto asset,” or “digital commodity”), such as bitcoin, litecoin or ether, which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.
2. “Kripter Account” means a user-accessible account offered via the Kripter Exchange Services where Digital Assets are stored by Kripter International Services Pvt Ltd.
3. “Kripter Exchange Services” means Kripter-branded websites, applications, services, or tools operated by Kripter International Services Pvt Ltd group companies.
4. “Kripter International Services Pvt Ltd,” “Kripter,” “We,” and “Us” refers to Kripter International Services Pvt Ltd. and its wholly owned subsidiaries (also referred to collectively as "Kripter International Services Pvt Ltd," "Kripter," "we," or "us").
5. “Personal Information” or “Personal Data” or “your data” refers to any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of you as a natural person.

How do we protect your personal information?

We are serious about guarding the privacy of your Personal Information and work hard to protect Kripter International Services Pvt Ltd and you from unauthorized access to, or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption with TLS/SSL; the availability of two-factor authentication at your discretion, and periodic review of our Personal Information collection, storage, and processing practices. We restrict access of your Personal Information only to those Kripter International Services Pvt Ltd employees, affiliates, and subcontractors who have a legitimate business need for accessing such information. We continuously educate and train our employees about the importance of confidentiality and privacy of customer information. We maintain physical, electronic, and procedural safeguards that comply with the relevant laws and regulations to protect your Personal Information from unauthorized access.

Unfortunately, despite best practices and technical safeguards, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data during transmission, and any acts of transmission are at your own risk.

Information we may collect about you

Information you give us.

When using the Kripter Exchange Services, we may collect and use the following data about you:

1. Full legal name;
2. Home address, including country of residence;
3. Email address;
4. Mobile phone number;
5. Date of birth;
6. Proof of identity (e.g., driver’s license, passport, or government-issued identity card);
7. Social Security Number or any comparable identification number issued by a government;
8. Other Personal Information or commercial and/or identification information – Whatever information we, in our sole discretion, deem necessary to comply with our legal obligations.

Information we collect about you automatically.

1. Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
2. Log Information – Information that is generated by your use of Kripter Exchange Services that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;
3. Account Information – Information that is generated by your Kripter account activity including, but not limited to, instructions regarding funding and disbursement, orders, trades, and account balances;
4. Correspondence – Information that you provide to us in written or oral correspondence, including opening a Kripter account, and with respect to ongoing customer support; and logging of phone numbers used to contact us.

Information we receive about you from other sources.

We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties and may receive information about you from them. For example:

1. The banks you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details;
2. Business partners may provide us with your name and address, as well as financial information;
3. Advertising networks, analytics providers and search information providers may provide us with anonymized or de-identified information about you, such as confirming how you found our website;
4. Credit reference agencies do not provide us with any personal information about you, but may be used to corroborate the information you have provided to us.

General Provisions

Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned. If you are located within the EEA, this Information will not be retained without your consent.

In providing the personal data of any individual (other than yourself) to us during your use of the Kripter Exchange Services, you promise that you have obtained consent from such individual to disclose his/her personal data to us, as well his/her consent to our collection, use and disclosure of such personal data for the purposes set out in this Privacy Notice.

Uses of Personal Data

Below we set forth in a table format, a description of all the ways we use your personal data as stated above, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.

Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at support@kripter.io if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below

1. Legitimate Interest: this means an interest of ours as a business to continue to innovate and improve the Kripter Exchange Services and offer the most secure experience possible. We make sure to consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
2. Fulfilling a Contract: this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
3. Our Legal Obligation: this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to.

Disclosure of your personal information

We may share your personal information with selected third parties including:

1. Affiliates, operational and business partners, suppliers and sub-contractors for the performance and execution of any contract we enter into with them or you;
2. Analytics and search engine providers that assist us in the improvement and optimization of our site; and
3. Our group entities or subsidiaries.

We may disclose your personal information to third parties when:

1. We sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets in order to continue the services for which you have contracted;
2. We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Service and other applicable agreements; or to protect the rights, property, or safety of Kripter International Services Pvt Ltd, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
3. We conduct or cooperate in investigations of fraud or other illegal activity whenever we believe it is reasonable and appropriate to do so;
4. We seek to prevent and detect fraud and crime;
5. We receive a lawful subpoena, warrant, court order, or as otherwise required by law;
6. We seek to protect Kripter International Services Pvt Ltd from financial and insurance risks;
7. We seek to recover debt or in relation to your insolvency; and
8. We seek information necessary to maintain or develop customer relationships, services and systems.

We do not maintain a published list of all of the third parties with whom we share your personal information with, as this would be heavily dependent on your specific use of our Services. However, if you would like further information about who we have shared your personal information with, or to be provided with a list specific to you, you can request this by writing to support@kripter.io

Where we store your personal data

Our operations are supported by a network of computers, servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. We and our third-party service providers store and process your personal data in the European Union, Japan, Singapore, the United States of America, and elsewhere in the world.

Sharing your data

In order to provide our Services to you, it is sometimes necessary for us to transfer your data to the third parties. In these cases, we ensure that both ourselves and our partners take adequate and appropriate technical, physical, and organizational security measures to protect your data. We also ensure we have appropriate contractual protections in place with these third parties.

By using Kripter International Services Pvt Ltd Services, you consent to your Personal Data being transferred to other countries, including countries that have different data protection rules than your country. For more information, please contact us at support@kripter.io

Profiling and automated decision making

We may in some instances use your personal data, such as your country of residence and trade history, in order to better address your needs. For example, if you frequently trade in a specific virtual currency, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected, and we only use anonymous or de-identified data.

We may use Automated Decision Making (ADM) in order to improve your experience, or to help fight financial crime. For example, so that we can provide you with a fast and efficient service, we may use ADM to verify your identity documents, or to confirm the accuracy of the information you have provided to us. None of our ADM processes have a legal effect on you.

Privacy when using digital assets and blockchains

Your funding of bitcoin, litecoin, ether, and other Digital Assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data.

Because blockchains are decentralized or third-party networks which are not controlled or operated by Kripter International Services Pvt Ltd or its affiliates, we are not able to erase, modify, or alter personal data from such networks.

Data Retention

As Kripter International Services Pvt Ltd and its affiliates are subject to various legal, compliance and reporting obligations or national AML requirements (as defined above), we are required by law to store some of your personal and transactional data beyond the closure of your account with us. Your data is only accessed internally on a need to know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.

Cookies

When you use Kripter Exchange Services, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used to visit Kripter Exchange Services. We use Cookies to;

(i) help us recognize you as a customer, collect information about your use of Kripter Exchange Services to better customize our services and content for you, and to collect information about your computer or other access devices as part to ensure our compliance with our AML obligations and;

(ii) ensure that your account security has not been compromised by detecting irregular or suspicious account activities.

We use both session and persistent Cookies. Session Cookies expire when you log out of your account or close your browser. Persistent Cookies remain on your computer or mobile device until deleted or otherwise expire. Most web browsers are set to accept Cookies by default. You are free to decline most of our session Cookies if your browser or browser add-on permits but choosing to remove or disable our Cookies may interfere with your use and functionality of the Kripter Exchange Services.

Your choices

• Email Communications – Subject to applicable laws and regulations, we may from time to time send communications promoting services, products, facilities, or activities to you using information collected from you. When you create a Kripter Account you are agreeing to opt-in to all communications from us. We will provide you with an opportunity to opt-out of newsletter communications.. We will never provide your Personal Information to third parties for direct marketing or other unrelated purposes without your written consent. Unfortunately, we are unable to allow you to opt-out of the emails we send you for certain legal or administrative purposes.
• Cookies – You may decline session cookies if your browser or browser add-on permits but choosing to remove or disable our cookies may interfere with your use and functionality of the Kripter Exchange Services.
• Right of Rectification– You have the right to correct any personal information We hold on you that is inaccurate, incorrect, or out of date.
• Right of Erasure – You have the right to ask us to delete your data when it is no longer necessary, or no longer subject to a legal obligation to which Kripter International Services Pvt Ltd is subject to.
• Location Information – You may be able to stop the collection of location information through your device settings or by following the standard uninstall process to remove our applications from your device; however, because such data is used by us to meet legal requirements, as well as for ongoing fraud and risk monitoring purposes, choosing to remove or disable location services may interfere with your use and functionality of the Kripter Exchange Services.

Access to information

Subject to applicable laws, you may have the right to access information we hold about you. Your right of access can be exercised in accordance with the relevant data protection legislation. For further information, please contact support@kripter.io

Changes to this Privacy Notice

Any changes we may make to our Privacy Notice will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Notice.

Protection of Minors

Kripter Exchange Services are not directed to persons under the age of 18, hereinafter “Minors” and we do not knowingly collect personal information from Minors. If we learn that we have inadvertently gathered personal information from a Minor, we will take legally permissible measures to remove that information from our records. Kripter International Services Pvt Ltd will require the user to close his or her account and will not allow the use of Kripter International Services Pvt Ltd Services. If you are a parent or guardian of a Minor, and you become aware that a Minor has provided personal information to Kripter International Services Pvt Ltd, please contact us at support@kripter.io and you may request to exercise your applicable access, rectification, cancellation, and/or objection rights.

Contact

Any questions, comments and requests regarding this Privacy Notice are welcomed and should be addressed to support@kripter.io