Cryptology

Data Privacy Policy

Last updated: October 25th, 2018

1. Data Privacy Policy.

    1. This Data Privacy Policy governs the collection, processing and use of your personal information and any other information that is submitted to Cryptology by using the Website, the Platform, registering for an account and/or submission of additional information and/or documents as part of any verification processes.

    2. The main objective of this Data Privacy Policy is to appropriately inform you of the purpose for the collection and processing of the information we may request from you; to inform you of your rights and obligations in this regard; and, to comply with the Personal Data Protection Act of 2012 (“PDPA”) of Singapore and/or where you are a resident or national of the European Union, to comply with the Regulation (EU) 2016/679 General Data Protection Regulation (“GDPR”).

    3. Should you have any questions regarding this Data Privacy Policy or the handling of your data, including any request to exercise your legal rights please contact us at info@cryptology.com or through our online customer support.

2. Definitions:

    1. Personal data: means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location, data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

    2. Processing: any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation, alteration, retrieval, consultation, use , disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

    3. Consent: any freely given, specific, informed and unambiguous indication of the user’s (data subject or you) wishes by which he or she, by statement or a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.

3. Collection and processing of your information.

    1. Cryptology collects information necessary to fulfill legal obligations in regards to the services provided to you and to engage into a contract for our services with you (. When registering on Cryptology’s Website or mobile applications (collectively, the “Platform”), you will be required to input personal identifiable information. Cryptology collects this information for the purpose to comply with “Know Your Customer” (“KYC”) and “Anti-Money Laundering” (“AML”) policies, standards, and regulations. The information that Cryptology collects from you in this sense is further detailed on the AML Policy.

    2. The information collected for the purpose of identifying you is processed by Cryptology, including, but not limited to, its officers, employees, associates and/or affiliates. The information collected for KYC and AML compliance may be referred to third party contractors that provide risk management, due diligence, and/or compliance services, depending on the relationship nature with you, your country of origin, and volume of deposits or transactions. Likewise, suspicious or abnormal activity on the Platform may be subject to enhanced compliance measures that may include the transferring of information to third party contractors.

    3. In accordance with the previous paragraph, Cryptology may seek to obtain information about you from third party sources as long as this information is publicly available; where the collection is necessary for any investigation or proceedings; and/or where the collection is necessary for evaluative purposes, in accordance with the Second Schedule of the PDPA.

    4. Under no circumstances will Cryptology collect or process personal information revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a nature person, data concerning health or data concerning your sex life or sexual orientation.

4. Consent.

    1. By accepting this Data Privacy Policy you acknowledge and agree to have been appropriately informed in accordance with §20 of the PDPA. You acknowledge and agree that you are providing express consent to the collection and processing of your personal data and information. The continuous use of our services, the creation of an account and the voluntary submission of information and documentation to our Platform will constitute deemed consent in accordance with §15 of PDPA.

    2. Withdrawal of consent §16. Your personal data will be deleted as far as it is not needed to comply with applicable law. Upon your withdrawal of consent or closing of your account, Cryptology will only maintain information necessary to comply with the current AML regulations in Singapore.

    3. Cryptology has a regulatory obligation to effectively comply with AML regulations and other applicable laws of Singapore, in that sense, Cryptology may disclosure of personal data without your consent in accordance with the Fourth Schedule of the PDPA.

5. Your rights:

    1. You have the right to request Cryptology for the personal data about you that is in Cryptology’s possession or control. However, Cryptology reserves the right to deny your request on the grounds of §21(3) of the PDPA. Cryptology will provide you with the information in writing by electronic means within one month from receiving the request.

    2. You have the right to request Cryptology to correct an error or omission in your personal data, unless Cryptology is not satisfied on reasonable grounds that the correction should be made and shall be treated in accordance with §22(5) of the PDPA. Moreover, if your request to correct your personal data falls within the categories of the Sixth Schedule of the PDPA, Cryptology may not allow a correction on your personal data.

    3. You have the right to request Cryptology to delete the information or personal data concerning you, where you will no longer use our services or access to the Platform or your account. However, Cryptology will maintain information or personal data for a period of 5 years from the date of termination of the relationship between you and Cryptology, to comply with any requirement from governmental authorities.

6. Cryptology’s obligations.

    1. Cryptology is committed to protecting any information or personal data that is submitted by you on its Website and mobile applications. Cryptology has implemented security arrangements to prevent unauthorized access, collection, use, disclosure, copying, modification, disposal or similar risks. We have a “Two Factor Authentication” (2FA) mechanism in our website and we have put in place appropriate security measures to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. In addition, we limit access to your personal data to some employees, agents, contractors and other third parties who do not require to process your personal data.

    2. We have put in place procedures to deal with any suspected personal data breach and will notify you and any applicable regulator of a breach where we are legally required to do so.

    3. Cryptology will implement reasonable effort to ensure that the personal data is accurate and complete.

    4. When transferring your data to authorized external processors for KYC or AML purposes, Cryptology has adhered to commit these third party contractors to only act on the written instructions of Cryptology; ensure that people processing the data are subject to a duty of confidence; take appropriate measures to ensure the security of the processing; your rights will not be impaired; the security of processing, the notification of data breach and data protection impact will not be impaired; deletion or return of all data as requested at the end of the contract with such third party.

7. Marketing purposes.

    1. Cryptology may use your data, such as location or transaction history to deliver any news, analysis, research, reports, campaigns and training opportunities that may be of your interest, to their registered email address. You shall always have the option to opt-out to receive such information.

8. Cookies.

    1. Cryptology’s Platform uses small files known as cookies to enhance its functionality and improve your experience. Cryptology does link the information it stores in cookies to any personally identifiable information you submit while on our Platform. Cryptology uses both session ID cookies and persistent cookies. A session ID cookie does not expire when you close your browser. A persistent cookie remains on your hard drive for an extended period of time. You can remove persistent cookies by following directions provided in your Internet browser's “help" file. Cryptology sets persistent cookies for statistical purposes. Persistent cookies also enables Cryptology to track and target the location and interests of users and to enhance the experience of Cryptology’s services on the Platform. If you reject cookies, you may still use the Platform.

9. Dispute Resolution

    1. You hereby agree to submit any disputes related to this Data Privacy Policy to mediation. The Mediation shall be governed by the Mediation Model Agreement of the Singapore Mediation Centre in conjunction with the Mediation Act of 2017.