1. Introduction
   
   

1. We would like to welcome you to our platform and thank you for taking the time to read and familiarize yourself with the contents presented below. By registering through this website you will be able to gain access to cryptocurrency-related services consisting of:

   1. Self-custody wallet service; and

   2. Integrated credit card facility designed for seamless cryptocurrency spending.

2. This Privacy Policy governs the relationship between you and us from the perspective of data provider and data controller. All services available on the Platform, as detailed in the General terms and Conditions, are provided to you by: 

Kryptonim Technologies Limited a private company limited by shares, organized and incorporated under the laws of Hong Kong, registered after registration number: 76352801, with registered address located at: RM 1406, 14/F Solo Building, 41-43 Carnarvon Rd Tst, Hong Kong (the "Company") and any holding company, subsidiary and/or entity belonging to the Company (jointly "Kryptonim”, "we", "our" and/or "us”).

This present Privacy Policy in combination with:

1. General Terms and Conditions – (the “Terms”);

2. Card Terms and Conditions - if attached to and/or distributed to you with the Card (the “Card Terms”); and 

3. the Tariff Table (the “Tariff Table”); and 

4. the Limits Table (the “Limits Table”); and 

5. Apple Pay Terms and Conditions (the “Apple Pay Terms”); or Google Pay Terms and Conditions (the “Google Pay Terms”)

constitute a legally binding agreement (the “Agreement”) between you (the “Client” or “you”) and Kryptonim (jointly the “Parties” or separately as the respective “Party”) that becomes applicable and effective upon your access to the Platform. If you do not agree, please refrain from using the Platform and its services.

2. Personal Information
   
   

1. We carefully safeguard your personal data (the “Personal Information”) and, in particular, the Personal Information required during the User registration procedure according to the Terms. All and any sensitive data we process and transmit on your behalf, such as but not limited to name, surname, personal identification number, date of birth, address, e-mail address, telephone number, facial image, live video recording, identity document data and a copy of the document, transaction data, available balance, IP address, citizenship, employment, other applicable data required by money laundering and terrorist financing prevention legislation, will be secured according to the applicable legislation and best industry practices. The Data Controller and Administrator of all personal data related and necessary for providing the services is Kryptonim. If you wish to contact us about the processing of your Personal Information, please contact us at contact@support.kryptonim.com. Subject to your explicit consent, we may transfer your Personal Information to third parties, also explaining the intended use of the transferred Personal Information. When you provide your consent to such transfer, Krypronim will guarantee that the standards related to data privacy protection will be followed and kept by these third-party providers. You can withdraw your consent at any time using the Platform. 

2. You have a right of access to your Personal Information and you can correct (rectify) that Personal Information at any time. However, you are obliged to provide us with the most recent information. 

3. Use of Personal Information 
   
   

1. We use Personal Information for security, identity verification, to communicate with you and to comply with the law.

2. Specifically, if it is compliant under the applicable law, the Card Issuer and us may use the Personal Information to pursue our legitimate and contractual interests:

   1. To provide the Services;

   2. to carry out regulatory checks and meet our obligations to our regulators;

   3. to prevent and detect fraud, money laundering and other crime (such as identity theft);

   4. to tell you about products and services which may be of interest to you (direct marketing) – if we do so we will provide you with a method to notify that you wish to opt out of such communications, and we will honour your instructions;

   5. to develop and improve our Services through assessment and analysis of the Personal Information including credit and/or behavioural scoring, market and product analysis, and market research.

3. We will never pass the Personal Information to a third party for them to use in their own direct marketing without your consent.

4. Who we can share the Personal Information with 
   
   

1. We will keep the Personal Information confidential, but we may share it with other entities (who are also bound to keep it secure and confidential) if we have a duty to disclose it, if it is required for the provision of our Services to you, or for legitimate purposes including business purposes and where your rights or freedoms are not infringed. Where we rely upon ‘legitimate purposes’ as a justification for our processing of the Personal Information, we will carry out an assessment, called a ‘Legitimate Interests Assessment’ and keep a record of it.

2. In particular, if this is compliant with applicable law, we may share the Personal Information with:

1. other Card Issuer and/or Kryptonim Group companies, including to fulfil our obligations to identify you;

2. our service providers and agents (including their sub-contractors) such as providers of data centre, cards processor, cards bureau (if we issue a physical card for you), SMS messaging service providers;

3. to other third parties (including their sub-contractors) who perform part of the Services or support your transactions, such as VISA and/or partner banks;

4. anyone to whom we transfer or may transfer our rights and duties under the Terms;

5. Hong Kong and other regulators and authorities in connection with their duties (such as crime prevention, transaction monitoring, etc.);

6. fraud prevention agencies, in particular, we will always tell fraud prevention agencies if you give us false or fraudulent information. They will also allow other organisations, including law enforcement agencies, to access this information to prevent and detect fraud, money laundering or other crimes;

7. any third party after a restructure, sale or acquisition of any Card Issuer and/or Kryptonim Group company, provided that they use the Personal Information for the same purposes as it was originally given to us and/or processed by us.

5. Transfer of Personal Information
   
   

1. We may process the Personal Information abroad, provided we comply with the applicable laws and regulations. Where we are sharing the Personal Information with organisations, we will ensure they agree to apply equivalent levels of protection as we do. We use legal mechanisms, such as standard contractual clauses to implement the cross-border transfer of your personal data; or implement security measures like anonymization on the data before the cross border data transfer. 

6. Requirement to update your Personal Information
   
   

1. You must notify us immediately of any and all data and circumstances that have changed with regard to the data required for the Services, or the documents submitted to us (e.g., changes in personal or contact details, residency or tax residency, loss or theft or other reason for change of an identity document) as well as of any and all circumstances that may affect the fulfilment of your obligations towards us (e.g., commencement of bankruptcy procedures of a natural person). We may request documentary evidence of the changes, which you must provide. This notification obligation applies even if the above changes have been made public (e.g., registered in a public register or published through the mass media). If you fail to fulfil the notification obligation, Kryptonim and/or the Card Issuer is entitled to assume the correctness of the data provided at our disposal, unless otherwise prescribed in the jurisdiction of your residency.

7. Data Processing 
   
   

1. Your Personal Information will be processed for the purposes described in the Terms, including for contractual reasons, in order to provide you with the Services e.g., to produce cards for use with the Wallet/Card Services and to provide you with Service related communications, for purposes where we have a legal right or a legal obligation including for tax and accounting reasons, or for fraud and money laundering detection and for marketing where you consent to this.

2. We will process the Personal Information which you provided to us during the registration process. The Personal Information you provide at registration is both a statutory requirement and necessary for us to provide you the Services. Providing your Personal Information to us is voluntary; if you do not provide us with the necessary information and documents, we will not be able to perform the Services. You have a right to ask us to restrict processing or to erase your Personal Information and where you make this request we will apply your instructions to any third parties who are processing your Personal Information on our behalf, and we will consider your request in the light of our legitimate interests. 

3. You also have a right to object to the processing of your Personal Information, provided it is processed based on public interest or our legitimate interests. Furthermore, you may also ask us to provide your Personal Information in machine-readable form back to you, for onward sharing with another data controller or to provide this data to a third party for their use, at your direction.

4. Where you have given us your explicit consent for the processing of Personal Information, you also have the right to withdraw this consent at any time by contacting us at contact@support.kryptonim.com.  However, such withdrawal will not affect the lawfulness of the processing carried out before the withdrawal was submitted and may result in our and/or Card Issuer inability to provide the Services.

8. Data Storage
   
   

1. If you cancel or we decline your registration or you decide not to go ahead with it, we will keep the Personal Information for as long as we are obliged to under applicable law and for legitimate business purposes, to help prevent fraud and other financial crime, and for other legal and regulatory reasons. In general, this period shall be 5 (five) years after the closure of the account, however, this might be subject to changes.