Privacy Policy
1. Data Controller
The data controller is [COMPANY_NAME], registration number [COMPANY_REGISTRATION_NUMBER], jurisdiction [JURISDICTION]. Privacy contact: [CONTACT_EMAIL].
2. Data We May Process
- Identification data: name, date of birth, citizenship, documents, selfie/liveness, address.
- Contact data: email, phone, address for notices.
- KYC/AML data: source of funds, source of wealth, PEP/sanctions status, beneficial ownership, tax residency.
- Wallet and blockchain data: wallet address, tx hash, proof of wallet ownership, screening results.
- Technical data: IP address, device data, cookies, logs, security events, consent records.
- Participation data: accepted document versions, payment details, recognized balance, refund or conversion status.
3. Purposes
Data is processed to enter into and perform the Public Offer, conduct KYC/AML, sanctions screening, wallet verification, fraud prevention, maintain participant records, treasury reporting, notices, refund, conversion, tax/compliance reporting, protect Company rights, and comply with law.
4. Recipients
Data may be shared with KYC/AML providers, wallet screening providers, exchanges, banks, payment institutions, legal/tax/compliance advisers, auditors, cloud/security providers, smart-contract or registry providers, public authorities, courts, and other persons where needed for a lawful purpose.
5. Retention
Data is retained for the period necessary for participation, KYC/AML, legal obligations, rights protection, audit trail, limitation periods, and dispute resolution. KYC/AML records may be retained longer if required by law or compliance policy.
6. User Rights
Depending on applicable law, a user may have rights of access, correction, deletion, restriction, objection, data copy, or complaint to a competent authority. Some rights may be limited by KYC/AML, sanctions, tax, audit, or legal hold requirements.
7. Security
The Company applies reasonable technical and organizational security measures. No system is completely secure, and the user is responsible for securing their wallet, private keys, devices, email, and credentials.
8. International Transfers
Data may be processed or transferred outside [JURISDICTION] where needed for KYC/AML, cloud, payment, legal, technical, or operational purposes. The Company applies contractual and organizational safeguards where required.