The final update time of this document is 4th June,2018
Types of Personal Data we collect
• Individual Customer – We attempt to collect, verify, and authenticate the following Personal Data:
We may collect personal identification information from Users in a variety of ways, including, but not limited to, the following:
(a) when Users visit our Site;
(b) register on the Site; and
(c) fill out a form,and in connection with other activities, services, features or resources we make available on our Site, You may be prompted to provide the following:
(a) your name;
(b) your residence address and mailing address (if different);
(c) your telephone and/or fax numbers;
(d) a valid email address;
(e) your date and place of birth;
(f) a copy of a valid photo ID (such as a driver's license, passport, armed forces identification card or alien identification card);
(g) proof of residence; and
(h) your government issued identification number (e.g., passport number, social security number, employee identification number or taxpayer identification number),and any other personal information necessary to verify your identity and your Bitcoin addresses and other related information (personal information) which may lead to your identification. In doing so, you expressly consent to TrustExc collecting such Personal Data. Users may, however, browse our Site anonymously. Institutional Customer – We attempt to collect, verify, and authenticate the following Personal Data:
We may collect Institutional identification information from Institutional Users in a variety of ways, including, but not limited to, the following:
(a) when Institutional Users visit our site;
(b) register on the site; and
(c) fill out a form,and in connection with other activities, services, features or resources we make available on our Site, Institutional Users may be prompted to provide the following:
(a) legal name of the Institutional User;
(b) full legal name (of all account signatories and beneficial owners);
(c) email address (of all account signatories);
(d) mobile phone number (of all account signatories);
(e) address (principal place of business and/or other physical location);
(f) unique entity number, employer identification number or any comparable identification number issued by a government;
(g) proof of legal existence (e.g., state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument, or other comparable legal documents as applicable; contract information of owners; principals, and executive management (as applicable); and
(h) proof of identity (e.g., driver’s license, passport or government-issued ID) for each individual beneficial owner that owns 15% or more of the institutional customer entity, as well as all account signatories.
In doing so, you expressly consent to TrustExc collecting such Personal Data.
Personal Information for each entity beneficial owner that owns 15% or more of the institutional customer entity (see the “Individual Customer” section above for details on what Personal Information we collect for individuals). Please note that we do not collect more Personal Data than is necessary for the purposes for which they are collected.
Non-Personal Identification Information we collect
We may collect non-personal identification information about Users whenever they interact with our Site. Nonpersonal identification information may include the following
(a) browser name;
(b) the type of computer and technical information about the Users’ means of connection to our Site, such as the operating system and the Internet service providers utilized by such Users;
(c) location information (information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us);
(d) log information that generated by your use of TrustExc that is automatically collected and stored in our server logs;
(e) account information that is generated by your account activity including, but not limited to, trading activity, order activity, deposits, withdrawals, and account balances; and
(f) correspondence information that you provided to use in correspondence, including opening an account, and with respect to ongoing customer support and other similar information.
Web Browser Cookies
How we use and share personal information we collect
We may collect and use a User’s Personal Data for the following purposes:
(a) To improve customer service: Information you provide helps us respond to your customer service requests and support needs more efficiently.
(b) To personalize user experience: We may use information in the aggregate to understand how our Users as a group use the services and resources provided on our Site.
(c) To improve our Site: We may use feedback you provide to improve our products and services.
(d) To conduct customer identification and anti-money laundering reviews and compliance and to comply with applicable law.
(e) To send periodic e-mails on updates and promotions.
(f) Non-personal and aggregate information, such as that collected passively, is used in order to customize Our marketing efforts or to customize the efficient use of Our Site for an aggregate group of customers.
(g) For any other purposes permitted by applicable law.
How We Protect Your Information
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. We limit access to your Personal Data to those employees or third parties who have a legitimate business need to access such information.
Sensitive and private data exchange between the Site and its Users happens over a SSL secured communication channel and is encrypted and protected with digital signatures. Our Site is also in compliance with PCI vulnerability standards in order to create as secure of an environment as possible for Users. We are unable to guarantee that our security is one hundred percent (100%) breach-proof. You assume the risk of such breaches to the extent that they occur despite our reasonable security measures. Our security procedures shall nevertheless continuously be revised based on new technological developments.
If your Personal Data is compromised as a result of a breach of our security measures, we will promptly notify you of such a breach.
TrustExc will never send you an email asking you for your login information. In general, you can protect yourself against phishing by never providing personal or login information via a link contained in an email; instead, go to the Site directly.
Sharing Your Personal Information
We do not sell, trade, or rent our Users’ personal identification information to third parties. We do not, without your permission, share your personal information to third parties for their marketing purpose. We may share generic aggregated demographic information not linked to any personal identification information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined above.
We may share your personal data with law enforcement or other government agencies as required by law or for the purposes of limiting fraud. We reserve the right to disclose your personally identifiable information when we believe that disclosure is necessary to protect our rights or to comply with a judicial proceeding, court order or legal process. We further reserve the right to disclose any of your personal information that we believe, in good faith, appropriate or necessary to take precautions against liability, to investigate and defend against any third-party claims or allegations, to assist government enforcement agencies, to protect the security or integrity of the Site, or to protect the rights, property or personal safety of TrustExc, its Users, or any other person.
Links to Third Party Websites
Our services are not directed at persons under the age of 16. If you are a parent or guardian and you become aware that your child has provided us with personal data without your consent, please contact us. We will only process Personal Data of a child under the age 16 only where consent is given or authorized by the child’s parent or guardian. If we become aware that a child under the age of 16 has provided us with personal data without consent, we will delete such information from our files, including any accounts that may have been created.
Access to information:
The GDPR gives you the right to find out whether we are processing your Personal Data and, where that is the case, to receive a copy of the Personal Data we process and information on:
(a) why we are processing it;
(b) the categories of personal data we process about you;
(c) the recipients or categories of recipient to whom the personal data has been or will be disclosed;
(d) where possible, how long we plan to keep your personal data or the criteria we use to determine that period;
(e) information on your rights under the GDPR;
(f) information on where we received your personal data from if we did not receive it directly from you, and
(g) details of the appropriate safeguards we have used to protect your personal data and uphold your personal data protection rights.
We will not charge you for complying with your request and providing you with a first copy. Any further copies may be subject to a reasonable administrative fee. Where your personal data is inseparable from the Personal Data of others, we reserve the right to withhold your Personal Data if permitted by applicable law.
Right to request rectification or erasure of personal data:
You have the right to request the amendment of your Personal Data at any time if it is inaccurate. If it is incomplete, you have the right to have such Personal Data rectified. You also have the right to require us to delete your Personal Data as soon as possible where one of the following applies:
(a) the Personal Data is no longer necessary for which they were collected or otherwise processed;
(b) the Personal Data has been unlawfully processed;
(c) the Personal Data must be erased for compliance with a UK or EU legal obligation on us;
(d) the Personal Data relates to a child under the age of 16; or
(e) you withdraw your consent to us processing your Personal Data and we have no other legal grounds for processing it.
Right to restrict personal data:
You have the right to request the restriction of processing of Personal Data if you think that is inaccurate, that we are processing it illegally, or that we no longer need it for the purposes for which it was collected. While we consider your request, we will stop processing your Personal Data within a reasonable time from the date we receive your request. We will notify you of our decision and any justifications for continuing to process your Personal Data as soon as we can.
Right to withdraw:
If we process your Personal Data with your consent, you have the right to withdraw your consent at any time. This will not affect the legality of our processing of your Personal Data up until the point at which you withdraw your consent. Please also note that we may still need to process your Personal Data on other grounds, for example to fulfil a contract with you or as required by law.
Right to object
You have the right to object, at any time, on grounds relating to your situation, to the processing of Personal Data. If we cannot demonstrate compelling legitimate grounds to continue processing the Personal Data, processing of such data will cease.
Your Acceptance of These Terms
Data Protection Officer and Accessing Your Rights
If you wish to withdraw your consent to any or all use of your Personal Data, or request amendment, restriction or erasure of such Personal Data, or exercise any other of your rights, please contact our Data Protection Officer – [●], at [email].
Do note that if you withdraw your consent to any or all use of your Personal Data or request for erasure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide our services to you, or administer any contractual relationship already in place. Any withdrawal of consent or request to erase your Personal Data may also result in the termination of any agreements you have with us. Our legal rights and remedies in such event are expressly reserved.