Definitions and interpretation
Data controller means a person who (either alone or jointly or in common with other persons) determines the purposes for which and the manner in which any personal data are, or are to be, processed.
Data processor, in relation to personal data, means any person (other than an employee of the data controller) who processes the data on behalf of the data controller.
You, your or data subject means:
- Visitors to our website
- Subscribers to any service we offer through our site
- Prospective or existing clients corresponding with us by phone, email or otherwise
- Job applicants
Data controller, we, us and our means Etna Development OÜ and its data processors;
Personal data means any information relating to an identifiable person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. The definition incorporates, where applicable, the definitions provided in the General Data Protection Regulation (EU 2016/679).
Sensitive personal data: The GDPR refers to sensitive personal data as “special categories data”. Please see “Special categories data”.
Special categories data means personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.
Criminal offence data: personal data relating to criminal convictions and offences.
Who we are (Identity of the data controller)
For the purpose of the General Data Protection Regulation and European privacy laws the data controller is Etna Development OÜ with company registration number 14477355 and the registered address at Harju maakond, Tallinn, Lasnamäe linnaosa, Osmussaare tn 8, 13811, Estonia.
Personal data we may collect from and about you
Most of the personal information we process is provided to us directly by you for the following reasons:
- We collect the information provided by you to operate effectively and provide you the best experiences with our Website, products and services.
- We collect information required by our Rules of procedure and internal audit rules compiled pursuant to the Money Laundering and Terrorist Financing Prevention Act, which were approved by the Financial Intelligence Unit of Estonia, and according to Estonian Money Laundering and Terrorist Financing Prevention Act.
- You provide some of this information voluntarily by filling forms on our web site, creating an account at our website or by corresponding with us by phone, email or otherwise. This includes information you provide if you subscribe to any service we offer through our site, send us a query or feedback, sign up for information on events, upload a document with your enquiry, make via the website, participate in discussion boards or other social media functions on our site, promotion or survey, provide your postcode to help us to find our nearest branch to your location, or when you report a problem with our Website.
The information that we collect from you includes:
- Full name, residential address and contact details (e.g. email address, telephone number, fax etc.);
- Addresses on blockchains you use to make transactions
- Date of birth, place of birth, gender, citizenship;
- Bank account information, credit card details, including details about your source of funds, assets and liabilities, and OFAC information;
- Trading account balances, trading activity, your inquiries and our responses;
- Information on whether you hold a prominent public function (PEP);
- Verification information, which includes information necessary to verify your identity such as a passport, driver’s licence or Government-issued identity card);
- Other Personal Information or commercial and/or identification information – Whatever information we, in our sole discretion, deem necessary to comply with our legal obligations.
Information we collect about you automatically includes:
- Information that is automatically collected via analytics systems providers to determine your location, including your IP address and domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
- Information that is generated by your use of our website that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;
We obtain information about you in a number of ways through your use of our services, including through any of our websites, the account opening process, sign-up forms, event subscribing, news and updates subscribing, and from information provided in the course of on-going support service communications. We also receive information about you from third parties such as your payment providers, online identification providers and through publicly available sources.
Information we receive about you from other sources:
- The banks, EMIs or payment systems you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details;
- Your business partners may provide us with your name and address, as well as financial information;
- Advertising networks, analytics providers and search information providers may provide us with anonymized or de-identified information about you, such as confirming how you found our website;
- Identity verification providers may provide us with your name, email, citizenship, age or birthdate, public keys / public keys certificates
Personal Information you provide during the account creation process will be retained for one year, even if your registration is incomplete or abandoned.
Criminal offence data
By the nature of our activities and the purposes of processing the data, the services hereunder are not intended for processing of criminal offence data (please check the paragraph Definitions and interpretation). If you provide any information or documents containing this type of data, you are hereby notified that any input of such information will be solely at your risk and responsibility, we will destroy such data if we receive it accidentally.
We do not sell any products or services for purchase by children. If you are under 18, you may use our Website only with the involvement of your holder of parental responsibility
We do not knowingly collect personal information from children below 18 without the consent of the child’s holder of parental responsibility.
Information you provide about others
In providing personal data about other persons, you confirm that you have notified them of (i) the purposes for which information will be used (ii) the recipients of their personal data and (iii) how they can access and correct the information. You further represent that You have obtained all necessary consents from them.
When you visit our website, we may assign your computer one or more cookies to facilitate access to our site and to personalize your on-line experience. Through the use of a cookie, we also may automatically collect information about your on-line activity on our site, such as the web pages you visit, the links you click, and the searches you conduct on our site.
A cookie is a small text file that is stored on a user’s computer for record keeping purposes. Cookies can be either session cookies or persistent cookies. A session cookie expires when you close your browser and is used to make it easier for you to navigate our website. A persistent cookie remains on your hard drive for an extended period of time.. We may store your unique data in a cookie for automatic sign-in. This cookie is removed when you sign-out. For security purposes, we will encrypt the unique data and any other user or member account-related data that we store in such cookies. In the case of sites and services that do not use a user or unique data, the cookie will contain a unique identifier.
We might use the following cookie types to recognize you when you visit our site or use our Services, remember your preferences, and give you a personalized experience:
AUTHENTICATION COOKIES. If you’re signed in to our website, these cookies will help us show you the right information and personalize your experience.
SESSION COOKIES. These cookies store the ID of a user’s session. The cookie is set when a user signs in and is used to restore the session without entering the personal data.
PREFERENCE, FEATURES AND SERVICES. These cookies help us to customise your preferences, such as which language you prefer and what your communications preferences are or to fill out forms on our faster.
THIRD-PARTY COOKIES. We may allow our authorized service providers to serve cookies from our website to allow them to assist us in various activities, such as doing analysis and research on the effectiveness of our site, content and advertising.
We are also using Google analytics cookies on this website which might register a unique ID that is used to generate statistical data on how the visitor uses the website, and cookies sending data to Google Analytics about the visitor’s device and behaviour which track the visitor across devices and marketing channels.
We may use standard Internet technology, such as web beacons and other similar technologies, to track your use of our site. We may also include web beacons in promotional email messages or newsletters to determine whether messages have been opened and acted upon. The information we obtain in this manner enables us to customize the services we offer our website visitors to deliver targeted advertisements and to measure the overall effectiveness of our on-line advertising, content, programming or other activities. Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the on-line movements of web users or to access cookies. Unlike cookies, which are stored on the user’s computer hard drive, web beacons are embedded invisibly on the web pages (or in email) and are about the size of the period at the end of this sentence. Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns. We also may receive an anonymous identification number if you come to our site from an online advertisement displayed on a third-party website.
What can you do if you don’t want cookies to be set or want them to be removed
Most browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies. If you choose to decline cookies please note that you will not be able to sign in and use most of the features offered on our website.
Browser manufacturers usually provide help pages relating to cookie management in their products. Please see below for more information:
For other browsers, please consult the documentation that your browser manufacturer provides.
You may opt-out of third party cookies from Google Analytics on its website.
You can opt out of interest-based targeting provided by participating ad servers through the Digital Advertising Alliance.
In addition, on your iPhone, iPad or Android, you can change your device settings to control whether you see online interest-based ads.
Social media features and widgets
Our Website might include certain Social Media features and widgets, such as the “Facebook Like”, “Facebook Share”, “Facebook Pixel” “Telegram”, “Twitter Tweet” features, buttons or other interactive mini-programs (“Social Media Features”). These Social Media Features may collect information such as your IP address or which page you are visiting on our Website, and may set a cookie to enable them to function properly. Social Media Features are either hosted by a third party or hosted directly on our Website. Please be aware that if you choose to interact or share any Personal Information via such widgets, you are in fact providing it to these third parties and not to us. Your interactions with these third parties are managed by these Social Media policies and not ours. For example, you will not be able to use the “Facebook Like” button if you are not logged in to your Facebook account. Once you use the button this will be associated with your Facebook history, but we will not process this information.
WHERE DO WE STORE YOUR INFORMATION?
We take users confidentiality and security very seriously. We are committed to protecting the Personal Data you share with us. We use a combination of industry-standard security technologies, procedures, and organizational measures to help protect your Personal Data from unauthorized access, use or disclosure.
The data processing consisting in hosting provider services (storage and maintenance of databases containing your personal data, protected by password) is performed on our behalf and under written confidentiality agreements by our authorized data processors. Once this contract is terminated, data processors will return data to us or transmit to another processor appointed by us, and erase any copy in its possession. However, the processor may keep the data locked to address possible administrative or jurisdictional responsibilities.
Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data
We have partnered with a number of authorized service providers (data processors), whose services and solutions complement, facilitate and enhance our own under written confidentiality agreements that guarantees that the requirements of the GDPR will be met and the rights of data subjects are protected. Data processors only act on behalf of our documented instructions. They have direct responsibilities under the GDPR and may be subject to fines or other sanctions if they don’t comply.
These might include communications and content delivery networks (CDNs), data and cybersecurity services, web analytics, email distribution and monitoring services, session recording and remote access services, performance measurement data optimization and marketing services, content providers, and our legal and financial advisers.
Such data processors may receive or otherwise have access to your identifiable or non-identifiable personal data, in its entirety or in part – depending on each of their particular roles and purposes in facilitating and enhancing our Services and business, and may only use it for such purposes.
We will keep your personal data only during the performance of obligations of applicable law, or a collective agreement, for as long as necessary for compliance with our legal obligation and the establishment, exercise or defence of legal claims . We will use reasonable endeavours to ensure your data is maintained and up-to-date.
The user must take into account that, given the legal obligations of the company under the Money Laundering and Terrorist Financing Prevention Act and other relevant laws Company should may personal information of the users even after the user profile was removed.
HOW WE USE THE INFORMATION WE COLLECT AND THE LAWFUL BASIS FOR PROCESSING
We do the best according to the law and best practice in this area. We may use information that we collect about you to:
- deliver the products and services that you have requested;
- manage your account and provide you with customer support;
- perform research and analysis about your use of, or interest in, our products, services, or content, or products, services or content offered by others;
- communicate with you by email, postal mail, telephone and/or mobile devices about products or services that may be of interest to you either from us or other third parties;
- enforce our terms and conditions;
- manage our business and perform functions as otherwise described to you at the time of collection.
We may use financial information or payment method to protect against or identify possible fraudulent transactions, and otherwise as needed to manage our business.
We may share your personal information with our authorized service providers that perform certain services on our behalf. These services may include fulfilling orders, processing credit card payments, delivering packages, providing customer service and marketing assistance, performing business and sales analysis, supporting our website functionality, and supporting contests, sweepstakes, surveys and other features offered through our website. These service providers may have access to personal information needed to perform their functions but are not permitted to share or use such information for any other purposes;
We also may disclose your information:
- in response to a subpoena or similar investigative demand, a court order, or a request for cooperation from a law enforcement or other government agency;
- to establish or exercise our legal rights;
- to defend against legal claims;
- when we believe disclosure is appropriate in connection with efforts to investigate, prevent, or take other action regarding illegal activity, suspected fraud or other wrongdoing;
- to protect and defend the rights, property or safety of our company, our users, our employees, or others;
- to comply with applicable law or cooperate with law enforcement;
- to enforce our website terms and conditions or other agreements or policies;
- in connection with a substantial corporate transaction, such as the sale of our business, a divestiture, merger, consolidation, or asset sale, or in the unlikely event of bankruptcy;
- or as otherwise required by law.
Disclosure of information to third parties
We do not rent, sell, or share personal information about you with other people or non-affiliated companies without your consent except to provide products or services you’ve requested, when we have your permission, or under the following circumstances:
We provide the information to trusted partners who provide us services under confidentiality agreements as described in Paragraph “Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data. These companies do not have any independent right to share this information.
We also collect information that is provided to us by job candidates (“Applicants”), when they apply to any of the open positions published at our website via the relevant position application form on our website by sending us an e-mail or otherwise (see paragraph Personal Data you provide us voluntarily).
Your contact details and CV (“Applicants Information”) might include your: first name, surname, residential address, email address, telephone number, employment and educational history, language proficiencies and other work-related skills, date of birth, gender, national insurance number, citizenship and work authorization status, references as well as their contact information, resume or any document you may choose to upload to our website as part of your application, qualifications for employment, work and salary expectations.
Sensitive information and special categories data
With your application you might provide us some sensitive information or special category data related to your disability status, racial or ethnic origin (please check the paragraph Definitions and interpretation). Submission of this type of information is strictly voluntary. We will obtain your consent to process special category data if you wish to share it with us on our later communication regarding your application. If this is not possible we will destroy such data and erase any copy in our possession.
Criminal offence data
By the nature of our activity and the purposes of processing the data, the services hereunder are not intended for processing of criminal offence data (please check the paragraph Definitions and interpretation). If you provide any information or documents containing this type of data, you are hereby notified that any input of such information will be solely at your risk and responsibility, we will destroy such data if we receive it accidently.
We may retain submitted Applicants Information even after the applied position has been filled or closed. This is done so we could re-consider Applicants for other positions and opportunities; so we could use their Applicants Information as reference for future applications submitted by them; and in case the Applicant is hired, for additional employment and business purposes related to his/her work. As a data subject you have rights related to maintenance, storage and processing of your personal data. Please see paragraph ‘Your rights’.
You can find detailed information related to data location in paragraphs ‘Where Do We Store Your Information?’ and ‘Trusted partners (data processors) who work on our behalf under confidentiality agreements and might store, maintain or process your data’
LAW ENFORCEMENT, LEGAL REQUESTS AND DUTIES
We may disclose or otherwise allow others access to your Personal Information pursuant to a legal request, such as a subpoena, legal proceedings, search warrant or court order, or in compliance with applicable laws, if we have a good faith belief that the law requires us to do so, with or without notice to you. Your details may also be disclosed to the police and law enforcement agencies for the purpose of fraud detection, crime prevention and national security.
In some jurisdictions you may have the following rights concerning our processing of your personal data:
You have a right to request a copy of the information that we hold about you. You have the right to have any inaccuracies corrected.
You may also have the right to have your personal information erased; to restrict our use of your personal data; to object to our processing of your personal data; and to obtain and reuse your personal data for your own purposes across different services (‘data portability’).
You may also have rights in relation to automated decision making and profiling.
You have the right to complain to the national authority on the use of information, which in Estonia is the Estonian Data Protection Inspectorate (www.aki.ee)
You can exercise your rights by contacting us at email@example.com