Last Revised: May 22nd, 2019
SimplexCC Ltd. and Simplex Payment Services, UAB (collectively “Simplex”, “Company” “we” or “us”) respects the privacy of the users of our platform (the “Platform”) and/or our website at: simplexcc.com or simplex.com (the “Site”), and is committed to protect the personal information that users share with us in connection with the use of our Platform and/or Site (collectively – the “Service”).
- Your Consent
- What Information we collect on our users
- How do we collect information on our users
- What are the purposes of the collection of Personal Information
- What are the Conditions for Processing of Personal Information
- Sharing Information with Third Parties
- Retention of Personal Information
- Cookies & Local Storage
- Your Right
- Third Party Websites
- Have any Questions?
1. Your Consent (PLEASE READ CAREFULLY!)
2. Which information may we collect on our users?
We collect two types of information from our Users:
- The first type of information is un-identified and non-identifiable information pertaining to a User(s), which may be made available or gathered via the User’s use of the Service and/or the transactions carried out in connection with the Service, including through an exchange’s website carrying the Service (“Exchange“), as applicable (“Non-Personal Information”). We are not aware of the identity of the User from which the Non-personal Information was collected.
- Non-Personal Information which is being collected consists of technical information and aggregated usage information, and may contain, among other things, the User’s operating system, type of browser, screen resolution, browser and keyboard language, the User’s ‘click-stream’ on the Service and activities on the Service, the period of time the User visited the Service and related timestamps, etc.
- Non-Personal Information shall be gathered by us in order to perform preliminary examinations of the users’ transactions before enabling such users to use the Service.
- For the avoidance of doubt, any Non-personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such connection or linkage exists.
- The second type of information is information that identifies or may identify an individual with reasonable efforts (“Personal Information”). Personal Information which is being gathered may consist of the following:
- The User’s IP address, as well as other persistent device identifiers, which is automatically recorded from the User’s device and used mainly for enhancing the User’s experience and for geolocation, personalization, security and fraud prevention purposes, as further detailed below.
- In the event that following the preliminary examinations of Non-personal Information as noted above, such user is determined as qualified to use the Service (as shall be determined in our sole discretion), then after clicking the Service button the User will be requested to fill out the registration form available on the Service, and such User will be required to provide certain information such as his/her contact details, including the following:
- Full name
- Physical address
- E-mail address
- Copy of a government-issued ID (such as a passport or driver’s license) – this is collected as means for official proof of identity
- Details regarding the government-issued ID, such as the number, issuing country and expiration date;
- Country of residence
- Date of birth
- Billing address
- Wallet ID (if applicable)
- Credit card details – however, please note that such data is transmitted directly to our trusted third party payment processors. We do not retain the full details of the credit card.
- Any additional required information in order to render the Service.
- Kindly note that without providing the above information you may not be able to complete the transaction.
- In addition, we also collect the User’s publicly-available social network information, provided that the User has an existing third-party social network account (namely, a Facebook, Twitter, LinkedIn or Google+ account) (“SN Account”) registered under the same name and/or e-mail provided by User when registering to the Service.
- In the event a User registers to the Service or otherwise grants us with certain access permissions to his/her SN Account, the third-party social network(s) operating such SN Account(s) may provide us with certain information about the User, as is stored in and/or made available by the User through his/her SN Account and in accordance with the permissions granted to us by the User. For example, such information may consist, as applicable and/or made available by the User, of the User’s name, public profile picture URL address, SN Account User ID, e-mail address, date of birth, gender, occupation or work information, education and other information which the User made public.
- In addition, we also collect the behavior of the User on our Services, which includes keystrokes, recording of mouse movements and other activities in our Services.
- Any Personal Information provided voluntarily by the User via its use of the Service, such as the User’s e-mail address in order to be contacted (and any additional information related to such contacts), User responses to customer surveys about how we can improve our product(s) and service(s), transaction details provided through use of the Service, and/or other actions performed by the User in connection with the Service.
- We also collect additional data from third-party sources regarding the User. This includes the User’s credit rating and other information available through publicly available credit card blacklists and official limited bank account lists, as well as non-public information provided by credit rating agencies, banks or other organizations.
Kindly note that the Personal Information we collect is required in order for us to contractually provide the Services, as well as for us to meet our regulatory requirements (such as Anti-Money Laundering and Know-Your-Customer regulations), and to safeguard our legitimate interests. In the event that you will not provide such information, we may not be able to provide our Services.
3. How Do We Collect Information on Our Users?
We use the following methods of collection:
- We collect Non-Personal Information through your use of the Service and/or the transactions carried out in connection with the Service. In other words, when you are using the Service, including when you browse an Exchange, we may be aware of it and may gather, collect and record the information relating to such usage, either independently or through the help of third-party services as detailed below.
- We receive Personal Information from the Exchange. For example, when you return to an Exchange, such Exchange may provide us with your contact information (such as name, address and date of birth), as well as usage information regarding your previous visits to its website(s) (for example, the User’s balance, previous logins and previous transactions).
- We collect Non-Personal Information and Personal Information through publicly available sources. For example, we collect certain information about you through your publicly available SN Account(s) information, publicly available credit card blacklists and official limited bank account lists, and other online public information.
- We obtain Personal Information from third-party services and from the Exchange. For example, we use third-party services to receive and enhance the User’s information.
- We collect Personal Information which you provide us voluntarily. For example, we collect Personal Information required to use the Service by completing the registration form and/or contacting us directly.
We store the Personal Information either independently or through the help of our authorized third-party service providers as detailed below.
4. What are the Purposes of the Collection of Information?
We collect Non-Personal Information and Personal Information in order to:
- Provide and operate the Service, including for risk analysis, billing, and other aspects relating to carrying out the transactions performed by the Users (such as identity authentication, payment processing, and charge-backs);
- Analytics, statistical and research purposes;
- Detect, prevent, or otherwise address fraud, security or technical issues (such as identity theft or financial fraud);
- Meet our regulatory requirements, such as Know Your Customer (“KYC”) and Anti-Money Laundering (“AML”) regulatory requirements.
- Enable us to further develop, customize and improve the Service based on Users’ common preferences and uses;
- Create and provide our business partners and affiliates with aggregated statistical data;
- Direct marketing purposes – we may use the contact details you provided us to send you promotional offers or communications; you may withdraw your consent via sending a written notice to Simplex by email to the following address: [email protected] or on the same manner as the advertising was transmitted to you (e.g. via phone text message), or by following the unsubscription instructions on the promotional offer or communication.
- Respond to User’s support requests;
- Satisfy any applicable law, regulation, legal process, subpoena or governmental requests;
- Enable us to provide our Users with a better user experience, with more relevant Content, features, and functionalities, and with technical assistance and support; and
- Protect the rights, property, or personal safety of Simplex, any of its Users, or the general public;
- Abide by any applicable law.
5. What are the Conditions for Processing of Personal Information?
We will process your Personal Information for a variety of reasons, each of which is prescribed by relevant data protection laws.
- Fulfillment of a contract, compliance with a legal obligation – it is necessary for us to process your Personal Information where it is necessary for the performance of a contract (such as for the TOU) or in order for us to comply with our various legal and/or regulatory responsibilities, including, but not limited to, complying with any AML and KYC legislation).
- Legitimate interests – we also process your Personal Information where we deem such processing to be in our (or a third party’s) legitimate interests and provided always that such processing will not prejudice your interests, rights and freedoms. Examples of us processing in accordance with legitimate interests would include: (i) where we disclose your Personal Information to any one or more of our associate/subsidiary companies following a restructure or for internal administrative purposes; (ii) processing for the purposes of ensuring network and information security, including preventing unauthorized access to our electronic communications network; (iii) safeguarding the integrity of our Service by combating, reporting and sharing information related to fraudulent activities; (iv) adhering to regulatory and statutory requirements; (v) sharing personal information with our advisers and professional services providers (such as auditors) for ensuring our compliance with regulatory requirements and industry best practices.
- Consent – our processing of your Personal Information will primarily be necessary for us to provide you with the Service. However, on certain occasions we may ask for your consent to processing Personal Information. In these instances your Personal Information will be processed in accordance with such consent and you will be able to withdraw this consent in writing at any time.
- Special Categories of Personal Data – our processing of your Personal Information may also involve special categories of personal data, such as your racial or ethnic origin (as defined under Article 9 of the GDPR). We will process such information, as well as disclose it to competent authorities (such as law enforcement bodies), where it is necessary for the following purposes (to the extent permissible by applicable law): (i) prevention or detection of an unlawful acts, (ii) safeguarding your (or others’) economic well-being.
6. Sharing Information with Third Parties
Simplex discloses Personal Information in the following cases:
- With the merchants and operators’ of the Exchanges;
- With acquiring and card issuing banks;
- With third-party authentication vendors (such as identity verification vendors) and other data sources (such as geo-location services);
- With our service providers (such as cloud computing companies);
- In order to fulfill the purposes stated above, including to satisfy any applicable law, regulation, legal process, subpoena or governmental request;
- In order to respond to claims that any content available on the Service violates the rights of third-parties;
- When Simplex or any of its affiliates is undergoing any change in control, including by means of merger, acquisition or purchase of all or substantially all of its assets.
7. Retention of Personal Information
Simplex will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations, such as for KYC and AML purposes.
If for any reason you wish to delete your Personal Information stored with us and identifying to you, please send us an e-mail to [email protected], and we will make reasonable efforts to address your request.
To use the Service, you must be over the age of eighteen (18). Simplex does not knowingly collect Personal Information from children under the age of eighteen (18) and does not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of eighteen (18) are not using the Service. In the event that it comes to our knowledge that a person under the age of eighteen (18) is using the Service, we will prohibit and block such User from accessing the Service and will make all efforts to promptly delete or effectively anonymize any Personal Information stored with us with regard to such a user.
9. Cookies & Local Storage
When you access or use the Service, we may use industry-wide technologies such as “cookies” or similar technologies, which stores certain information on your computer (“Local Storage”) and which will allow us to enable automatic activation of certain features, and make your Service experience much more convenient and effortless.
We may also use certain third-party tracking technologies. These are a different kind of cookies, stored on your computer by third parties, rather than by us. This kind of tracking technology is deployed or used each time you visit the Service, and also when you visit certain websites or applications that use similar cookies.
10. Your Rights
You may contact us at any time at [email protected], and request:
- To access (including asking for supplementary information), delete, change or update any Personal Information relating to you (for example, if you believe that your personal information is incorrect, you may ask to have it corrected or deleted);
- That we will restrict or cease any further use of your Personal Information;
- That we will provide the Personal Information you volunteered to us in a machine-readable format.
- To withdraw your consent to our processing activities (provided that such processing activities rely on your consent, and not on a different legal basis);
- To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such processing is necessary for the performance of the contract between you and us, or it is based on your explicit consent, as provided hereunder.
Please note that these rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations (such as KYC and AML regulations).
If you have any general questions about the Personal Information that we collect about you, how we use it, please contact us at [email protected].
We take a great care in implementing and maintaining the security of the Service, and our Users’ Personal Information. The Personal Information is hosted on Amazon Web Services, which provides advanced security features. Simplex employs industry standard procedures and policies to ensure the safety of its Users’ Personal Information, and prevent unauthorized use of any such information. In addition, in order to safeguard the privacy expectation of the Users, Simplex is Payment Card Industry Data Security Standards (“PCI DSS”) certified. Please note that while we take reasonable measures to safeguard your personal data, we cannot fully guarantee its security.
12. Third Party Websites
14. Have any questions?
4 Ariel Sharon St.
You can also reach us through our EU representative:
Simplex Payment Services, UAB
Antakalnio g. 17,
Attn: Data Protection Officer
We will make an effort to reply within a reasonable timeframe. Please feel free to reach out to us at any time. If you are unsatisfied with our response, you can reach out to the applicable data protection authority:
The State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija in Lithuanian, website available at http://ada.lt/)
A. Juozapavičiaus str. 6
LT-09310 Vilnius Lithuania
T +370 5 279 1445
F +370 5 261 9494