Privacy policy MoneySwap OÜ

Introduction

At MoneySwap OÜ (hereinafter -“MoneySwap“, “we”, “us”, or “our”), we are committed to protecting and respecting your privacy. This Privacy Notice sets out key information regarding MoneySwap and how any personal data you provide to us will be processed, collected, used and disclosed.

This notice also informs you about:

For more detailed information on how we use your data and your rights regarding your data, please read our full Privacy Policy and Cookie Policy. For all other information regarding our services, please refer to our Terms & Conditions.

mercuryo.io website is owned and run by MoneySwap OÜ.

Name and Address of the controller

MoneySwap OÜ is the controller and responsible for your personal data.

Name: MoneySwap OÜ
Legal address: Harju maakond, Tallinn, Lasnamae linnaosa, Peterburi tee 47, 11415.
Company Registry Code: 14461101
Email: support@mercuryo.io

If you would like more information about how we collect, use and store your personal data, you can contact us at any time by emailing support@mercuryo.io or writing to the Privacy Team at MoneySwap OÜ dpo@protonmail.com

Minors

The website is not intended for minors and we do not collect personal data relating to minors.

If MoneySwap recognize that MoneySwap have collected Personal Data from a child, MoneySwap will delete that information as quickly as possible. If you suppose that a child under 13 may have provided us Personal data, please contact us at dpo@protonmail.com

Data Protection Officer

Please contact our Data Protection officer with any questions relating to your private information or this Privacy Notice: dpo@protonmail.com

We recognize that information privacy is an ongoing responsibility, and so we will from time to time update this Privacy Policy as we undertake new personal data practices or adopt new privacy policies.

Personal Data We Collect

We may collect information about you when you visit our website or use our services, including the following:

Registration

When you register to use our services by establishing an account, we will collect your email address and telephone number. This is the minimum necessary for us in order to enter into a contractual relationship with you. As you continue to use our services, and your transactions exceed Euro 1,000, we will require:

for the purpose of verifying your identity and AML/KYC due diligence.

When you reach Euro 15,000 threshold, we will ask you to participate in a video identification procedure, which involves making a recording of your physical appearance and voice.

The lawful bases for collecting and processing this personal data are the performance of our contract with you, and our legal obligation to comply with the Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia.

Transaction Information

When you use our services, access our website to make crypto currencies exchange, we collect personal data about the parties to the transaction which may include some or all of the following: bank card information (card number, CVC or CVV, card expire date, card holder Name and Surname) amounts sent and received, amounts paid for services.

Transaction Data includes also details about:

The records related to the transactions retained by Mercuryo for periods of 6 month after bank card expire date.

The lawful bases for collecting and processing this personal data are the performance of our contract with you according to Regulation (EU) 2016/679 Art.6 (1) (b) and our legal obligation to comply with the Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia.

Logging in to our website

If you have registered for an account, we collect:

We will keep records for periods of 3 year after Mercuryo Account will be closed.

The collection and processing of this information is necessary for contract performance and our compliance with legal obligations according to Regulation (EU) 2015/847 and Money Laundering and Terrorist Financing Prevention Act of Estonia.

When You Contact Us

We collect personal data from or about you when you communicate with us by using the “Contact Us” form on our website, request technical or customer support or otherwise communicate. The categories of personal data collected may include your name and email address, as well as any other relevant information contained in the body of your communication. Also we will keep a record of your correspondence for a date three months from the mail date.

This personal data is collected and processed by us for contract performance, or in order to undertake necessary pre-contractual activities.

When You Sign Up for Updates

The processing of personal data collected as a result of your subscription to our newsletter is based on your consent, which you can withdraw at any time by clicking the “unsubscribe” link at the bottom of the email.

When You Visit Our Website

Information collected by cookies and other similar technologies – we use various technologies to collect information which may include saving cookies to users’ computers.

First party cookies – collected by Mercuryo website.

The purpose of collecting first party cookies is to remember information about you, such as your language preference or login information.

The lawful basis for collecting and processing this personal data is based on our legitimate interest to ensure network and information security according to Regulation (EU) 2016/679 Art.6 (1) (f)

Third party cookies - collected by Mercuryo website.

For more detailed information, please read the section Cookie Policy.

Profiling

We are required by the Anti Money Laundering and Counter Terrorism Financing regulations of the Estonia and EU to take appropriate steps to identify and assess the risks of money laundering and terrorist financing to which our company may be subject and take an informed decision on whether we want to enter into a customer relationship with you, and, if positive, to conduct initial and ongoing screening and monitoring.

During such risk assessment, we must consider various factors relating to a customer and relevant transactions, including the customer’s location and behavior, his or her being/connection to Politically Exposed or Special Interest Persons, certain types of transactions, etc.

If a significant risk is identified, we may take such measures as freeze the Mecrcuryo Account, stop the transaction, terminate our contract with the customer, or inform the Estonian Financial Intelligence Unit.

No automated decision-making is involved in the assessment.

How we share information with others

We do not rent or sell your Personal Data to anyone.

Your personal data will be transmitted to third parties that we use to provide our services; these parties have been rigorously assessed and offer a guarantee of compliance with the legislation on the processing of personal data. These parties have been designated as data processors and carry out their activities according to the instructions given by us and under our control.

The third parties in question belong to the following categories: banking and payment operators, internet providers, companies specialising in IT and SMS services; companies that carry out KYC/AML database checks and fraud database checks.

We may also be required to share your personal data with various financial institutions and/or enforcement or court authorities to comply with Anti-Money Laundering, Terrorist Financing and Transfer of Funds laws, prevent fraud, enforce an agreement we have with you, or to protect our rights, property or safety, or the rights, property or safety of our employees or others.

Additionally, we may reveal your personal data to third-parties:

Transfer of personal data to third countries

In order to provide you with services, we also share your personal data outside the European Union:

Your Rights

The European Union’s General Data Protection Regulation and other countries’ privacy laws provide certain rights for data subjects.

If you wish to confirm that Mercuryo is processing your personal data, or to have access to the personal data it may have about you, please contact us at dpo@protonmail.com.

You may also request information about:

Your rights:

Reasonable access to your personal data will be provided at no cost upon request made to Mercuryo at dpo@protonmail.com. If access cannot be provided within a reasonable time frame, we will provide you with a date when the information will be provided. If for some reason access is denied, we will provide an explanation as to why access has been denied.

Security of Your Information

To help protect the privacy of personal data you transmit through the use of our website, we maintain physical, technical and administrative safeguards. We update and test our security technology on an ongoing basis. We restrict access to your personal data to those employees who need to know that information to provide services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your data. We commit to taking appropriate disciplinary measures to enforce our employees' privacy responsibilities.

Data Storage and Retention

In case of records relating to Customer Due Diligence measures and financial transaction records required by Anti Money Laundering and Counter Terrorism Financing regulations of the UK and EU, we keep such information for a minimum of three year from the date of the termination of your relationship with us (which would typically arise from the closure/de-registration of your account on the Platform), but no longer than five years.

For more information on where and how long your personal data is stored, and for more information on your rights of erasure and portability, please contact us at dpo@protonmail.com.

Third Parties or Publicly Available Sources

We may also obtain information from other sources and combine that with information we collect through our Services. For example, we may collect information about you from third parties, including but not limited to social media platforms and publicly available sources.

We may also receive personal data about you from various third parties and public sources: Identity, Contact, AML / KYC Data from publicly available sources such as public court documents, the RoC and the company houses and registers of other jurisdictions, and from electronic data searches, online KYC search tools (which may be subscription or license based), anti-fraud databases and other third party databases, sanctions lists, outsourced third-party KYC providers and from general searches carried out via online search engines (e.g. Google).

Third-Party Links

Our Site may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy notices, statements or policies.

We encourage you to read the Privacy Policy of every website you visit.

Changes and Updates to the Privacy Policy

As our organization and services change from time to time, this Privacy Policy is expected to change as well. We reserve the right to amend it at any time, for any reason, without notice to you, other than the posting of the amended Privacy Policy on this site. We may email periodic reminders of our notices and terms and conditions and will email users of material changes thereto, but you should check our site frequently to see the current Privacy Policy that is in effect and any changes that may have been made to it. The provisions contained herein supersede all previous notices or statements regarding our privacy practices and the terms and conditions that govern the use of this site.

By using Mercuryo’s website and services, you agree to the terms and conditions contained in this Privacy Policy and any other agreement we might have with you. If you do not agree to any of these terms and conditions, you should not use this site or any Mercuryo services.

Questions, concerns or complaints

Contact Mercuryo’s Support team support@mercuryo.io

Send an email to Mercuryo’s Data Protection Officer, dpo@protonmail.com.

Submit a complaint with our supervisory authority

Estonian Data Protection Inspectorate
39 Tatari St., 10134 Tallinn
telephone +372 627-41-35
e-mail info@aki.ee