We comply with the Data Protection Act, 2021 of the British Virgin Islands and, to the extent applicable, the data protection laws of other jurisdictions, including but not limited to, the European General Data Protection Regulation (hereinafter the “GDPR”) and that we process your Data lawfully, fairly and transparently.
If you are younger than 18 years old, you are not allowed to use our Website/Platform/App without the permission of your parents or legal guardian.
We take confidentiality and privacy issues very seriously. We therefore ensure that your personal information is secure; we communicate our privacy and security guidelines and practices to all our employees and service providers and strictly enforce privacy safeguards within our company.
1. DEFINITIONS AND INTERPRETATION
Data: all information that you submit to us via our Website.
Personal Data: all information making you directly or indirectly identifiable (e.g. your name, first name, address, phone number or email address but also the IP address of your computer, for example, or the information relating to your browsing of our Website).
Data Controlling: The processing of any Personal Data provided or collected on the Website is carried out under the supervision of NFTfi Genesis Ltd, E-Mail: firstname.lastname@example.org
GDPR: The "General Data Protection Regulation" (EU Regulation 2016/679), as well as any national legislation adopted in accordance therewith.
- The singular includes the plural and vice versa;
- A reference to a person includes firms, companies, government entities, trusts, and partnerships;
- "Including" means "including but not limited to";
- A reference to any legislative provision includes all amendments thereto;
3. RESPONSIBLE PERSON / CONTACT DETAILS
Responsible for the Personal Data collected is our privacy officer with business address at NFTfi Genesis Ltd, Unit 8, 3/F Qwomar Trading Complex, Blackburne Road, Road Town, Tortola, British Virgin Islands (hereinafter the “Responsible Person”). For any matters relating to data protection you may contact email@example.com by e-mail or by letter to the following address:
NFTfi Genesis Ltd
Unit 8, 3/F Qwomar Trading Complex
Blackburne Road, Road Town,
British Virgin Islands
4. DATA PROCESSING IN CONNECTION WITH OUR WEBSITE
- IP address (automatically collected);
- Web browser type and version (automatically collected);
- Operating system used by accessing the Website (automatically collected);
- Your browsing history to and from the Website;
- The date and time of access to the Website;
- Transaction details, including but not limited to, particulars of the transacting parties, transaction history, the subject of the transactions, the transaction amounts and timestamps; and
- Any other similar data and information that may be used in the event of attacks on our information technology systems.
The collection and processing of this technical data is for the purpose of
- Enabling the use of our Website:
- Further developing our products, the contents of our Website and services;
- Continuously improving our Website and offering you a more enjoyable and efficient experience.
- For internal statistical purposes
This is our legitimate interest in the processing of Data in the sense of Art. 6 Par. 1 lit. f. GDPR, to the extent applicable.
4.2. Contact Possibility via the Website
The Website may contain a contact form that enables a quick electronic contact to NFTfi, as well as direct communication with us, which also includes a general address of the e-mail address. If you contact us by e-mail or via contact form, the Personal Data transmitted by you is automatically stored.
Such Personal Data, transmitted on a voluntary basis by you to us, is stored for the purpose of processing or contacting you and to handle your request and provide you the service or support you requested. The legal basis for the data processing for these purposes lies in the fulfillment of an agreement in accordance with Art. 6 Par. 1 lit. b GDPR and you have provided consent in accordance with Art. 6 Par. 1 lit. a GDPR, to the extent such provisions of the GDPR are applicable.
4.3. Use of Website Cookies:
You may prevent the setting of cookies through our Website by means of a corresponding setting of the Internet browser used, and may thus permanently deny the setting of cookies. Furthermore, previously set cookies may be deleted at any time via an Internet browser or other software programs. This is possible in all popular Internet browsers. If you deactivate the setting of cookies in the Internet Browser used, it may not be possible to use all the functions of our Website.
Two types of cookies may be used on the Website - "session cookies" and "persistent cookies". Session cookies are temporary cookies that remain on your device until you leave the Website. A persistent cookie remains on your device for much longer or until you manually delete it (how long the cookie remains on your device will depend on the duration or "lifetime" of the specific cookie and your browser settings).
The table below summarizes the different types of cookies we use on the Website, together with their respective purpose and duration (i.e. how long each cookie will remain on your device).
Cookies used on the Website:
Cookies that are essential to making the Website work correctly. They enable visitors to move around our Website and use our features. Examples include remembering previous actions (e.g. entered text) when navigating back to a page in the same session.
These cookies do not identify you as an individual.
If you do not accept these cookies, it may affect the performance of our Site.
Cookies that help us understand how visitors interact with our web properties by providing information about the areas visited, the time spent on the Site and any issues encountered, such as error messages. They help us improve the performance of our Website, alert of any concerns and more.
These cookies don’t identify you as an individual. All data is collected and aggregated anonymously.
Cookies that allow our web properties to remember the choices you make (such as your user name, language or the region you are in) to provide a more personalized online experience.
The information these cookies collect may include personally identifiable information that you have disclosed, such as a username, for example. We shall always be transparent with you about what information we collect, what we do with it and with whom we share it.
If you do not accept these cookies, it may affect site performance and functionality and may restrict access to web content.
Cookies that are used to deliver content, which is more relevant to you and your interests. They may be used to deliver targeted advertising or to limit the number of times you see an advertisement. They also help us measure the effectiveness of advertising campaigns on the Site.
Among other others the following services are used:
Most types of these cookies track consumers via their IP address so will collect some personal data.
Your dates, sessions and interactions can be allocated across several devices to one pseudonymous user ID and therefore analyse the activities of a user on several devices by the correspondent web analysis services and the companies who provide these services.
The information sent to the companies through this analysis service permits the anonymous evaluation of the use of our Website as well as the establishment of reports on the Website activities.
5. RETENTION OF PERSONAL DATA
The retention period of Personal Data processed by NFTfi may vary depending on common practice, and considered in accordance with the legal obligations and the applicable limitation rules. In any case, NFTfi will process and store the Personal Data only for the period necessary to achieve the purpose of storage or as far as this is granted by the applicable laws or regulations.
If the storage purpose is no longer applicable, or if the storage period prescribed by the applicable laws and regulations expires, the Personal Data is routinely erased in accordance with legal hold requirements.
6. PERSONAL DATA SECURITY
Personal Data security is of great importance to NFTfi. In order to protect your Personal Data, we have implemented appropriate physical, electronic and organizational procedures to safeguard and secure the Personal Data collected via our Website in order to ensure its integrity and confidentiality. Our security measures are continuously being improved in line with technical developments.
If a password is required to access certain sections of our Website, you are responsible for keeping this password confidential.
We endeavor to do all we can to protect your Personal Data. However, the transmission of information on the Internet is not fully secure and remains your sole responsibility. We cannot ensure the security and accept no liability of the transmission of your Data to our Website.
7. OTHER PARTIES WHO HAVE ACCESS TO INFORMATION WE COLLECT
With the exceptions described in this section, we do not make your Personal Data available to third parties unless you have expressly consented to it, if we are legally obligated to, or if this is necessary to enforce our rights concerning a contractual relationship.
We transmit your Data only to our employees who are authorized to process them as part of their duties.
We may grant access to Personal Data about you to service providers and agents appointed by us for the purposes given. These are companies in the categories of IT services, logistics, printing services, telecommunications, advice and consulting, and sales and marketing and translation services in relation to the Website on our behalf, and we ensure that they provide for the necessary guarantees pursuant to the Data Protection Act, 2021 of the British Virgin Islands and, to the extent applicable, the data protection laws of other jurisdictions, including but not limited to the GDPR. The transfer of data is for purpose of providing and maintaining the functionality of our Website. This is our legitimate interest in the sense of Art. 6 Par.1 lit. b and lit. f of the GDPR, to the extent applicable.
In principle, we process your Data in the British Virgin Islands or as otherwise mentioned in this Privacy
Policy. In case it is necessary to transfer your Data to third parties outside the British Virgin Islands and the EU, the Data will only be transferred to countries and/or parties that provide an adequate level of protection in accordance with the British Virgin Islands’ and European standards.
If the level of data protection in a country where a service provider is located does not correspond to the British Virgin Islands’ and European data protection level, we contractually ensure that the protection of your Personal Data corresponds to that in the British Virgin Islands and the EU at all times, by concluding agreements using the standard contractual clauses complying with the GDPR.
We are not responsible for these third parties’ acts and omissions, except as provided by the applicable laws.
8. LINKS TO OTHER WEBSITES
9. YOUR RIGHTS REGARDING YOUR PERSONAL DATA
Please note that some of the rights mentioned below are subject to limitations in some situations, and that the exercise of these rights may affect, restrain or render impossible our ability to continue a business relationship with you.
a) Right to confirmation
b) Right to access
You have the right to obtain free information from NFTfi about your Personal Data stored at any time, and a copy of this information. Furthermore, you will have access to the following information:
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients or categories of recipients to whom the Personal Data has been or will be disclosed, in particular recipients in third countries;
- where possible, the envisaged period for which the Personal Data will be stored, or, if not possible, the criteria used to determine that period;
- the existence of the right to request from NFTfi rectification or erasure of Personal Data, or the restriction of the processing of Personal Data concerning you, or to object to such processing;
- the existence of the right to lodge a complaint with a supervisory authority;
- where the Personal Data is not collected directly from you, any available information as to their source; and
- the existence of automated decision-making, including profiling, referred to in Article 22(1) and (4) of the GDPR, to the extent applicable, and, at least in those cases, meaningful information about the logic involved, as well as the significance and envisaged consequences of such processing for you.
c) Right to rectification
You have the right to obtain from NFTfi, without undue delay, the rectification of inaccurate Personal Data concerning you. Taking into account the purposes of the processing, you shall have the right to have incomplete Personal Data completed, including by means of providing a supplementary statement.
d) Right to erasure (right to be forgotten)
You have the right to request from NFTfi the erasure of Personal Data concerning you as soon as possible, and NFTfi shall have the obligation to erase Personal Data without undue delay where one of the following grounds applies:
- The Personal Data is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
- You withdraw consent to which the processing is based according to point (a) of Article 6(1) of the GDPR, or point (a) of Article 9(2) of the GDPR, to the extent applicable and where there is no other legal ground for the processing;
- The data subject objects to the processing pursuant to Article 21(1) of the GDPR and there are no overriding legitimate grounds for the processing, or the data subject objects to the processing pursuant to Article 21(2) of the GDPR, to the extent such provisions of the GDPR are applicable;
- The Personal Data has been unlawfully processed;
- The Personal Data must be erased for compliance with a legal obligation, in accordance with the applicable law to which NFTfi is subject; and/or
- The Personal Data has been collected in relation to the offer of information society services referred to in Article 8(1) of the GDPR, to the extent applicable.
e) Right to restriction of processing
You have the right to obtain the restriction of processing from NFTfi where one of the following applies:
- The accuracy of the Personal Data is contested by you, for a period enabling NFTfi to verify the accuracy of the Personal Data;
- The processing is unlawful and you oppose the erasure of the Personal Data and request instead the restriction of their use;
- NFTfi no longer needs the Personal Data for the purposes of the processing, but they are required by you for the establishment, exercise or defense of legal claims; and/or
- The data subject has objected to processing, pursuant to Article 21(1) of the GDPR, to the extent applicable, pending the verification whether the legitimate grounds of NFTfi override those of the data subject.
If any one of the aforementioned conditions is met, and you wish to request the restriction of the processing of Personal Data stored by NFTfi, you may at any time contact NFTfi’s Responsible Person. The Responsible Person will arrange the restriction of the processing.
f) Right to object
You have the right to object, on grounds relating to your particular situation, at any time, to the processing of Personal Data concerning you, which is based on point (e) or (f) of Article 6(1) of the GDPR, to the extent applicable. This also applies to profiling based on these provisions.
NFTfi shall no longer process the Personal Data in the event of the objection, unless NFTfi can demonstrate reasonable grounds for the processing, which override your interests, rights and freedoms, or for the establishment, exercise or defense of legal claims. In order to exercise the right to object, you may contact the Responsible Person directly.
g) Right to data portability
You have the right to receive the Personal Data concerning you, which was provided to NFTfi, in a structured, commonly used and machine-readable format. You shall have the right to transmit those data to another controller without hindrance from NFTfi to which the Personal Data has been provided, as long as the processing is based on consent, pursuant to article 6 (1) GDPR or point (a) of article 9 (2) GDPR, or on a contract pursuant to point (b) of article 6 (1) GDPR, to the extent that such provisions of the GDPR are applicable, and the processing is carried out by automated means, as long as the processing is not necessary for the performance of a task carried out in the public interest.
Furthermore, in exercising your right to data portability pursuant to article 20 (1) GDPR, to the extent applicable, you shall have the right to have Personal Data transmitted directly from one controller to another, where technically feasible and when doing so does not adversely affect the rights and freedoms of others.
In order to assert the right to data portability, you may at any time contact the Responsible Person according to section 3.
h) Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision (1) is not necessary for entering into, or the performance of, a contract between you and NFTfi, or (2) is not authorized by the applicable law and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or (3) is not based on your explicit consent.
Due to legal and regulatory requirements, we are required to combat money laundering, terrorism financing, fraud and assess risks and offences that pose a danger to assets. Automatized data assessments are also carried out for this purpose. At the same time, these measures also serve to protect you.
Furthermore, we use assessment tools in order to be able to specifically notify you and advise you about our products. These allow communications and marketing to be tailored as needed, including market and opinion research.
If the decision (1) is necessary for entering into, or the performance of, a contract between you and NFTfi, or (2) it is based on your explicit consent, NFTfi shall implement suitable measures to safeguard your rights and freedoms and legitimate interests, at least the right to obtain human intervention on the part of the controller, to express their point of view and contest the decision.
If you wish to exercise the rights concerning automated individual decision-making, you may, at any time, contact the Responsible Person.
i) Right to withdraw data protection consent
You have the right to withdraw your consent to processing of your Personal Data at any time.
If you wish to exercise the right to withdraw the consent, you may at any time directly contact the Responsible Person as stated in section 3.
j) Manifestly unfounded or excessive use of rights
While the exercise of any individual rights mentioned above will be free of charge, a reasonable fee may be exceptionally charged if such requests are manifestly unfounded or excessive. NFTfi may refuse to comply with the request under such circumstances.
Unless otherwise agreed, no delay, act or omission by a party in exercising a right or remedy will be deemed a waiver of such right, or of another right or remedy.
If our company is the subject of a corporate transaction such as an acquisition or merger with another company, your information may be transferred to the new owners so that we can continue to sell our products to you.
MORE INFORMATION ABOUT PRIVACY REGULATIONS
Last updated: August 25, 2022