Revision from 01.11.2020.
At MoneySwap OÜ and MoneyTea LTD (hereinafter -“Mercuryo“, “we”, “us”, or “our”), we are committed to protecting and respecting your privacy. This Privacy Notice sets out key information regarding Mercuryo and how any personal data you provide to us will be processed, collected, used and disclosed.
This notice also informs you about:
mercuryo.io website is owned and run by MoneySwap OÜ.
Mercuryo OÜ is the controller and responsible for your personal data.
Name: MoneyTea LTD
Legal address: registration address: 22 Worcester Road Industrial Estate, Chipping Norton, England, OX7 5XW; registration number: 12166965.
Company Registry Code: 12166965
If you would like more information about how we collect, use and store your personal data, you can contact us at any time by emailing firstname.lastname@example.org or writing to the Privacy Team at MoneySwap OÜ email@example.com
The website is not intended for minors and we do not collect personal data relating to minors.
If Mercuryo recognize that Mercuryo have collected Personal Data from a child, Mercuryo will delete that information as quickly as possible. If you suppose that a child under 13 may have provided us Personal data, please contact us at firstname.lastname@example.org
Please contact our Data Protection officer with any questions relating to your private information or this Privacy Notice: email@example.com
We may collect information about you when you visit our website or use our services, including the following:
When you register to use our services by establishing an account, we will collect your First name, Last name, DOB, country information, email address, and telephone number – it is a first step of KYC procedures. As you continue to use our services, you should verify your account, for this purpose, we will require:
for the purpose of verifying your identity and AML/KYC due diligence.
When you reach Euro 15,000 threshold, we can ask you to participate in a video identification procedure, which involves making a recording of your physical appearance and voice.
The lawful bases for collecting and processing this personal data are the performance of our contract with you, and our legal obligation to comply with the Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia and Transfer of Funds (Information on the Payer) Regulations of UK.
When you use our services, access our website to make crypto currencies exchange, we collect personal data about the parties to the transaction which may include some or all of the following: bank card information (card number, CVC or CVV, card expire date, card holder Name and Surname) amounts sent and received, amounts paid for services.
Transaction Data includes also details about:
The records related to the transactions retained by Mercuryo for periods of 6 month after bank card expire date.
The lawful bases for collecting and processing this personal data are the performance of our contract with you according to Regulation (EU) 2016/679 Art.6 (1) (b) and our legal obligation to comply with the Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia.
If you have registered for an account, we collect:
We will keep records for periods of 3 year after Mercuryo Account will be closed.
The collection and processing of this information is necessary for contract performance and our compliance with legal obligations according to Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia and Transfer of Funds (Information on the Payer) Regulations of UK.
We collect personal data from or about you when you communicate with us by using the “Contact Us” form on our website, request technical or customer support or otherwise communicate. The categories of personal data collected may include your name and email address, as well as any other relevant information contained in the body of your communication. Also we will keep a record of your correspondence for a date three months from the mail date.
This personal data is collected and processed by us for contract performance, or in order to undertake necessary pre-contractual activities.
The processing of personal data collected as a result of your subscription to our newsletter is based on your consent, which you can withdraw at any time by clicking the “unsubscribe” link at the bottom of the email.
Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.
First party cookies – collected by Mercuryo website.
The purpose of collecting first party cookies is to remember information about you, such as your language preference or login information.
The lawful basis for collecting and processing this personal data is based on our legitimate interest to ensure network and information security according to Regulation (EU) 2016/679 Art.6 (1) (f)
Third party cookies - collected by Mercuryo website.
We are required by the Anti Money Laundering and Counter Terrorism Financing regulations of the Estonia and EU to take appropriate steps to identify and assess the risks of money laundering and terrorist financing to which our company may be subject and take an informed decision on whether we want to enter into a customer relationship with you, and, if positive, to conduct initial and ongoing screening and monitoring.
During such risk assessment, we must consider various factors relating to a customer and relevant transactions, including the customer’s location and behavior, his or her being/connection to Politically Exposed or Special Interest Persons, certain types of transactions, etc.
If a significant risk is identified, we may take such measures as freeze the Mecrcuryo Account, stop the transaction, terminate our contract with the customer, or inform the Estonian Financial Intelligence Unit and UK Financial Conduct Authority.
No automated decision-making is involved in the assessment.
We do not rent or sell your Personal Data to anyone.
Your personal data will be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed and offer a guarantee of compliance with the legislation on the processing of personal data. These parties have been designated as data processors and carry out their activities according to the instructions given by us and under our control.
The third parties in question belong to the following categories: banking and payment operators, internet providers, companies specialising in IT and SMS services; companies that carry out KYC/AML database checks and fraud database checks.
We may also be required to share your personal data with various financial institutions and/or enforcement or court authorities to comply with Anti-Money Laundering, Terrorist Financing and Transfer of Funds laws, prevent fraud, enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others.
Additionally, we may reveal your personal data to third-parties:
In order to provide you with services, we also share your personal data outside the European Union:
The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects.
If you wish to confirm that Mercuryo is processing your personal data, or to have access to the personal data it may have about you, please contact us at firstname.lastname@example.org.
You may also request information about:
Reasonable access to your personal data will be provided at no cost upon request made to Mercuryo at email@example.com. If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason access is denied, we will provide an explanation as to why access has been denied.
To help protect the privacy of personal data you transmit through the use of our website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your data. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.
In case of records relating to Customer Due Diligence measures and financial transaction records required by Anti Money Laundering and Counter Terrorism Financing regulations of the UK and EU, we keep such information for a minimum of three year from the date of the termination of your relationship with us (which would typically arise from the closure/de-registration of your account on the Platform), but no longer than five years.
For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at firstname.lastname@example.org.
We may also obtain information from other sources and combine that with information we collect through our Services. For example, we may collect information about you from third parties, including but not limited to social media platforms and publicly available sources.
We may also receive personal data about you from various third parties and public sources: Identity, Contact, AML / KYC Data from publicly available sources such as public court documents, the RoC and the company houses and registers of other jurisdictions, and from electronic data searches, online KYC search tools (which may be subscription or license based), anti-fraud databases and other third party databases, sanctions lists, outsourced third-party KYC providers and from general searches carried out via online search engines (e.g. Google).
Our Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy notices, statements or policies.
Contact Mercuryo’s Support team email@example.com
Send an email to Mercuryo’s Data Protection Officer, firstname.lastname@example.org.
Estonian Data Protection Inspectorate
39 Tatari St., 10134 Tallinn
telephone +372 627-41-35
UK Information Commissioner's Office
Telephone: 0303 123 1113
Fax: 01625 524510