Privacy Policy
1. INTRODUCTION
1.1. This POLICY (“Policy”) applies to all personal data of Users that the SwapGate Platform (“Platform”) may receive from Users during their use of the Platform.
1.2. Using the Platform, including registering an account on the Platform, means the User’s unconditional consent to this Policy and the terms of data collection and processing specified therein; in case of disagreement with these conditions, the User must refrain from using the Platform. By using the Services, you accept the terms of this Policy and our Terms of Use, and consent to the collection, use, disclosure and storage of your information as described in this Policy. If you have not already done so, please also review the Terms of Use. The Terms of Use contain provisions that limit our liability to you and require that you resolve any disputes with us on an individual basis and not in any class or representative action. IF YOU DO NOT AGREE WITH ANY PORTION OF THIS PRIVACY POLICY OR OUR TERMS OF USE, THEN PLEASE DO NOT USE THE SERVICES.
2. TERMS AND DEFINITIONS
2.1. Personal data – any information relating directly or indirectly to a specific or identifiable individual (Personal Data User), including standard data automatically received by the http server when accessing the Platform and subsequent actions of the User (host IP address, type of User’s operating system, pages of the Site visited by the User).
2.2. Terms of Use – an agreement between the User and the Operator, containing all the necessary and essential conditions for using the Platform, providing access to the Platform and using the Platform by the User, while this Policy is an integral part of the Terms of Use.
2.3. User (Personal Data User, User) is an individual who visits, downloads, registers an Account on the Platform or otherwise uses the Platform, regardless of whether he actually uses the functions of the Platform.
2.4. Operator – Momentum Digital LTD, registration number 239957, registered in Seychelles, which manages the Platform and is the owner of the Platform.
2.5. Platform means the SwapGate Platform, including the website www.swapgate.io, and associated ecosystems through which SwapGate provides certain cryptocurrency-related functionality to Users.
2.6. Account – a User’s account on the Platform, containing the User’s data and a set of access rights to the functionality of the Platform.
2.7. Cookies are a piece of data as part of an HTTP request, intended for storage on the User’s device and used by the Operator to authenticate the User, store the User’s personal preferences and settings, track the state of the User’s access session and maintain statistics on Users.
2.8. Destruction of personal data – actions as a result of which it becomes impossible to determine the ownership of personal data to a specific User of personal data without excessive financial and organizational costs.
2.9. Processing of personal data – any action (operation) or set of actions (operations) performed with or without automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, changing), extraction, use, transfer (distribution, provision, access), depersonalization, blocking, deletion, destruction of personal data.
3. GENERAL PROVISIONS
3.1. The Policy governs the processing of personal data when the Operator interacts with the User in connection with the User’s use.
3.2. The policy has been developed in accordance with the requirements of:
3.2.1. Applicable Law;
3.2.2. Agreements concluded by the Operator;
3.2.3. Other regulatory documents taking into account modern requirements in the field of personal data protection.
3.3. This Policy is published on the Platform.
4. CATEGORIES OF PERSONAL DATA PROCESSED
4.1. The Operator may process the following personal data of Users:
4.1.1. the User’s name, including last name, first name, patronymic, if this information is indicated as the User’s name;
4.1.2. Floor;
4.1.3. Citizenship;
4.1.4. E-mail address;
4.1.5. Phone number;
4.1.6. Identity document details;
4.1.7. Date and place of birth;
4.1.8. Registration address (according to passport/temporary registration) and actual residence address;
4.1.9. Login to use the Platform;
4.1.10. Password for using the Platform;
4.1.11. Financial information, including certificates of origin of funds, documents on the use of funds, etc., requested in order to comply with global industry regulatory standards, local regulatory standards, including anti-money laundering (AML) procedures, know your customer (KYC);
4.1.12. IP address of the device through which the Platform is accessed, information about the operating system, access time, location;
4.1.13. Type and version of browser used;
4.1.14. History of transactions made on the Platform;
4.1.15. Data from cookies;
4.1.16. Data about the content posted on the Platform, data about activity on the Platform.
5. PURPOSE OF PROCESSING PERSONAL DATA
5.1. Personal data of Users obtained when using the Platform may be processed for the following purposes:
5.1.1. Providing the capabilities of the Platform, as well as identifying the User;
5.1.2. Collection and analysis of statistical data on the operation of the Platform;
5.1.3. Protecting User accounts and archiving data;
5.1.4. Improving the performance and functionality of the Platform;
5.1.5. Compliance with the requirements of current legislation;
5.1.6. Informing Users about products, features and updates to the Platform (including any sales, marketing or events), as well as sending important communications regarding the operation of the Platform;
5.1.7. Communication with the User on the operation of the Platform through the official channels of the Operator, processing User requests, responding to User requests;
5.1.8. Maintaining a high level of User satisfaction by measuring systems performance;
5.1.9. Planning of commercial/business strategies;
5.1.10. Maintaining product website security;
5.1.11. Modeling, reporting, evaluation, risk monitoring, research of current or new products and identification of potential customers;
5.1.12. Preparation of reporting documents on the basis of which financial transactions are carried out;
5.1.13. Complying with the retention, reporting and disclosure obligations established by competent government authorities under relevant legislation, and ensuring compliance with requests or decisions made by those authorities;
5.1.14. Sending notifications to the competent government authorities for the purpose of investigating, detecting and preventing offenses;
5.1.15. Settlement of current and potential legal disputes and claims;
5.1.16. Ensuring the security of the User account and system security;
5.1.17. Fulfillment of obligations in accordance with the legislation on combating the legalization of proceeds from crime, legislation in the field of preventing corruption, fraud, terrorism and other offenses;
5.1.18. Reporting and providing information about contracts concluded by us with third parties (service providers, agents, credit institutions, etc.);
5.1.19. Development of a marketing strategy, studying consumer demand, posting advertising materials on the Platform and selling marketing materials.
5.2. The processing of personal data is limited to the achievement of specific, pre-defined and legitimate purposes. Processing of personal data that is incompatible with the purposes of collecting personal data is not permitted.
5.3. The transfer of personal data to third parties may be permitted to a minimum extent and only to perform tasks consistent with the purposes of processing this data.
5.4. The Operator may entrust the processing of the User’s personal data to third parties only with the consent of the User of the personal data, on the basis of applicable law and (or) in pursuance of an agreement with the User.
5.5. When entrusting the processing of personal data to a third party, the Operator must determine the list of actions (operations) with personal data that this person will carry out and the purposes of processing, the obligation of such person to maintain the confidentiality of personal data and ensure the security of personal data during their processing, the requirements must also be specified to the protection of processed personal data.
5.6. When transferring the User’s personal data, the Operator allows access to personal data only to specially authorized persons, and these persons must have the right to receive only those personal data that are necessary to perform their official functions.
6. PROCESSING METHODS
6.1. The Operator receives and processes your personal data on the basis of and in connection with the receipt and/or execution of:
6.1.1. Agreements, statements and other documents concluded in connection with the execution of the Terms of Use;
6.1.2. Notices from Users;
6.1.3. Communication with call center and technical support;
6.1.4. Data of third-party service providers, subsidiaries, branches and partner companies of the Operator.
6.2. When collecting and processing personal data, the Operator ensures recording, systematization, accumulation, storage, clarification (updating, changing), and retrieval of the User’s personal data.
6.3. In the process of processing personal data, the Operator carries out the following actions: collection, recording, systematization, accumulation, storage, clarification, extraction, use, transfer, depersonalization, blocking, deletion, destruction of information and other actions in order to comply with the Terms of Use and provide access to the Platform.
6.4. Personal data is stored on electronic media.
6.5. Personal data must be stored in such a way as to prevent its loss or misuse. The storage of personal data is carried out in a form that makes it possible to identify the User of personal data, no more than required by the purposes of processing personal data, unless the storage period for personal data is established by current legislation or the Terms of Use.
6.6. All confidentiality measures in the collection, processing and storage of personal data apply to both paper and electronic (automated) media.
6.7. The processing of personal data by the Operator can be carried out in the following ways:
6.7.1. manual processing of personal data;
6.7.2. automated processing of personal data;
6.7.3. transmission of received information via the Operator’s internal network (information is available only to strictly defined Operator employees);
6.7.4. transmission of received information using public information and telecommunication networks;
6.7.5. lack of transmission of received information;
6.7.6. mixed processing of personal data.
6.8. The Operator does not make decisions based solely on automated processing of personal data that give rise to legal consequences in relation to the User of personal data or otherwise affect his rights and legitimate interests.
6.9. A decision that gives rise to legal consequences in relation to the User of personal data or otherwise affects his rights and legitimate interests can be made on the basis of exclusively automated processing of his personal data only with the consent in writing of the User of personal data or in cases provided for by regulatory legal acts that measures have also been established to ensure compliance with the rights and legitimate interests of the User of personal data.
7. USER RIGHTS
7.1. The user has the right:
7.1.1. Get acquainted with information regarding personal data processed by the Operator using the Account, including information about the purposes and methods of processing;
7.1.2. Independently make changes and clarifications to your own personal data, delete personal data posted in your personal account on the Platform;
7.1.3. Request changes or clarification of personal data from the Operator;
7.1.4. Require notification of all persons to whom incorrect or incomplete personal data has previously been provided;
7.1.5. Receive from the Operator information about third parties to whom the Operator transferred personal data;
7.1.6. Receive information from the Operator about the processing of your personal data within the powers of the Operator and in accordance with the procedure adopted by the Operator;
7.1.7. Receive personal data provided to the Operator in a structured, generally accepted and machine-readable format and transfer this data to other operators;
7.1.8. Request the deletion and/or destruction of all or part of your personal data, the imposition of restrictions on the processing of your personal data, as well as the withdrawal of consent to the processing of personal data;
7.1.9. Demand compensation for damages in the event of harm resulting from illegal processing of personal data.
7.1.10. The user should keep in mind that deletion of personal data or withdrawal of consent to data processing may lead to the inability to use all or some functions of the Platform.
8. CHILDREN’S PERSONAL INFORMATION
The Operator and the Platform are not directed to persons under 18 years of age, and we do not knowingly solicit or collect any information from persons under 18 years of age. If you are under 18 years of age, please do not provide any personal information through the Operator Platform. If a User providing personal information is suspected of being under 18 years of age, the Operator will require the relevant User to close their account and will take steps to delete their information as quickly as possible.
9. INFORMATION ABOUT PERSONAL DATA PROTECTION REQUIREMENTS
9.1. When processing personal data, the Operator takes the necessary legal, organizational and technical measures and ensures their adoption to protect personal data from unauthorized or accidental access to it, destruction, modification, blocking, copying, provision, distribution of personal data, as well as from other unlawful actions in in relation to personal data, which in particular (but not limited to) include:
9.1.1. Appointment of the person responsible for the processing of personal data;
9.1.2. Limiting the number of employees who have access to personal data;
9.1.3. Software identification of Users and recording of their actions;
9.1.4. Implementation of anti-virus control and other measures to protect against the effects of malicious software;
9.1.5. Implementation of backup and recovery tools;
9.1.6. Regular updating of software used in the processing of personal data to ensure the security of the processed data;
9.1.7. Introduction of encryption when transmitting personal data on the Internet;
9.1.8. Taking measures related to the admission of only appropriate persons to the installation sites of technical equipment;
9.1.9. Use of storage locations for physical storage media of personal data.
10. PRIVACY
The Operator undertakes to keep confidential information disclosed to it in strict confidence and takes all necessary measures necessary to ensure the confidentiality of the information and prevent its unlawful disclosure or unauthorized use.
11. COOKIES POLICY
11.1. The Operator uses cookies and similar technologies when you visit the Operator Platform, or marketing emails. This explains what these technologies are and why we use them, as well as your rights to control our use of them.
11.2. Cookies are small files, usually consisting of letters and numbers, that are downloaded to your computer or mobile device when you visit certain websites. When you return to those sites or visit other sites that use the same cookies, the sites recognize those cookies and your browsing device. Cookies cannot read data from your hard drive or read cookies set by other websites.
11.3. We use first and third party cookies to recognize you as a SwapGate User, customize SwapGate services, content and advertising, measure advertising effectiveness, and collect information about your computer or other access device to reduce risk, prevent fraud and build trust. and safety.
11.4. We may place cookies from third party service providers who may use information about your visits to other websites to target advertisements for products and services offered by the Operator.
11.5. The operator does not control the types of information collected and stored by these third-party cookies. The user should check the third party’s website for more information about how it uses cookies.
11.6. Types of cookies we use:
11.6.1. Necessary cookies. These cookies are necessary for the functioning of the Platform and cannot be disabled. They are typically set only in response to User actions that constitute a request for services, such as setting the User’s privacy preferences, logging in, or filling out forms. These also include cookies, which the Operator may rely on to prevent fraud. The User can set the browser to block or warn the User about such cookies, but then some parts of the site will not work;
11.6.2. Analytical cookies. These cookies allow the Operator to count visits and traffic sources so that the Operator can measure and improve the performance of the Operator Platform. They help us know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If the User does not allow these cookies, the Operator will not know when the User has visited the Operator’s website and will not be able to monitor its performance.
11.6.3. Functional cookies. These cookies allow the Operator to remember the choices made by the User and adapt the Operator Platform so that the Operator can provide relevant content to the User. For example, functional cookies may remember the User’s preferences.
12. DESTRUCTION OF PERSONAL DATA
12.1. The destruction of the User’s personal data is carried out in the following cases:
12.1.1. Upon achieving the goals of their processing or in case of loss of the need to achieve them, within a period not exceeding thirty days from the moment the goal of processing personal data is achieved, unless otherwise provided by the agreement to which the User is a party, or another agreement between the Operator and the User (his representative);
12.1.2. In case of unlawful processing of personal data or lawful revocation of personal data within a period not exceeding ten working days from the date of discovery of such a case;
12.1.3. In the event of expiration of the personal data storage period, determined in accordance with applicable law and organizational and administrative documents of the Operator, including withdrawal of consent to the processing of the User’s personal data;
12.1.4. In case of an order from the authorized body for the protection of personal data rights or a court decision.
12.1.5. The parties agree and agree that the Operator has the right, at its discretion, to destroy copies of personal data, including in cases of unauthorized access of third parties to personal data.
13. TRANSFER TO THIRD PARTIES
13.1. The operator may transfer personal data to the following persons, taking into account the purposes of processing:
13.1.1. To its employees, as well as to the Platform developers;
13.1.2. Partners, consultants, lawyers, auditors, courts and/or law enforcement agencies, as well as government agencies and organizations to conduct legal and financial reviews;
13.1.3. Persons, institutions, organizations that have grounds for obtaining access to personal data by virtue of the provisions of the law;
13.1.4. Hosting, web analytics and technical support providers, as well as marketing service providers;
13.1.5. Subsidiary, affiliated, interdependent structures of the Operator;
13.1.6. Credit organizations;
13.1.7. Other third parties that are specified in the User’s Consent to the processing of personal data.
14. CROSS-BORDER TRANSFER OF PERSONAL DATA
14.1. The User consents to the cross-border transfer of personal data to the territory of other countries for the processing of personal data at the location of the Copyright Owner for the purposes specified in Section 5 of this Policy.
14.2. The Operator may carry out cross-border transfer of personal data for the purposes specified in Section 5 of this Policy on the territory of other states, both providing and not providing reliable protection of the rights of Personal Data Users.
14.3. Before starting the cross-border transfer of personal data, the Operator is obliged to make sure that the foreign state to whose territory it is intended to transfer personal data provides reliable protection of the rights of Personal Data Users.
14.4. Cross-border transfer of personal data to the territory of foreign states that do not meet the above requirements can only be carried out with the User’s written consent to the cross-border transfer of his personal data and/or execution of an agreement to which the User is a party.
14.5. The Operator undertakes to make reasonable efforts to ensure that third parties gaining access to personal data through cross-border transfers take the necessary technical and administrative measures to protect the transferred personal data.
15. USER REQUESTS
15.1. Users have the right to send their requests to the Operator by email: help@support.swapgate.io regarding the use of personal data.
15.2. The Operator undertakes to review and respond to the User’s request within thirty (30) days from the date of receipt of the request.
15.3. All correspondence received by the Operator from Users (written or electronic requests) is confidential information and is not subject to disclosure without the written consent of the User. Personal data and other information about the User who sent the request cannot be used without the special consent of the User for any purposes other than responding to the request, except in cases expressly provided by law.
16. THIRD PARTY RESOURCES
16.1. The Operator may provide links to third party websites within the Platform, which may redirect Users to these third party websites. The Operator is not responsible for the collection, processing and deletion of Users’ personal data by such third parties or for the content of these sites. For more information, please review the privacy policies of such third parties, which can be accessed through these links.
17. FINAL PROVISIONS
17.1. The period for processing personal data processed by the Operator is equal to the period for fulfilling the Operator’s obligations or until the User withdraws consent or terminates the Operator’s activities.
17.2. Withdrawal of consent is carried out by sending the User or his representative a written application to the Operator, drawn up in free form, in a way that allows one to reliably identify the person who signed and sent the application, as well as the grounds for the authority of the representative.