1. What is Personal Data?
2. Personal Data That We Collect
Ozeety collects personal data if we have reasons to do so. For example, we collect personal data, when you:
- As a visit and browse our Website;
- use our Services;
- fill in registration and other forms;
- provide information during KYC/AML verification;
- send us an email with personal data;
- contact us with any enquiries;
- chat with our customer support on the Website or via email; conduct any transaction on the Website;
- submit any content, including User Content;
- open a dispute or become a party to a dispute with other User; provide any information to Ozeety using other methods; subscribe or unsubscribe to our newsletters.
Result, Ozeety collects the following personal data:
- information provided by the user during account registration, including, user name, name and surname, phone number, postal address and email address;
- your ID/passport and other documents necessary for AML/KYC verification;
- financial information, including, without limitation, payment method, bank account details, transaction details, etc;
- information that you provide to Ozeety and/or our employees; any other personal data which you directly provide to Ozeety;
- any other personal data requested or required by the Website.
We also collect some information automatically:
- the type of browser and operating system you have used;
- the IP (Internet Protocol) address of the device which has accessed it (example PC, tablet);
- the date and time of your visit to the Website;
- the pages accessed and documents downloaded;
- your top-level domain name (for example .com, .io, .eu, etc.);
- the address of your server;
- the previous website visited;
- the average duration of page view;
- the navigation behaviour and preferences of the user;
- other information from cookies and similar technologies.
3. How and Why We Use Personal Data
Personal data will be collected, held, used and disclosed for the following purposes jointly and/or severally:
- to provide you with Services;
- to identify you;
- to further develop and improve our Services;
- to monitor and analyse trends and better understand how users interact with our Services;
- to communicate with you and keep you updated about our Services;
- to monitor and prevent any risks with our Services;
- to process any requests;
- to resolve disputes;
- to the extent permissible or necessary by law, for any other purpose as may be deemed reasonably necessary by Ozeety in the circumstances.
4. What Are the Legal Grounds for Collecting and Using Personal Data?
Ozeety collects and uses personal data under Estonian and EU data protection laws.
The legal grounds for use and collection of personal data are based on the following:
- when you have given consent (e.g. for newsletter subscription);
- the use is necessary for protection of your or other users’ vital interests;
- the use is necessary under a legal obligation;
- when we use our personal data in order to fulfil our commitments to you;
- when we have legitimate interests in using your information (e.g. to provide you with the Services, improve our Services, communicate with you, monitor and prevent any problems).
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
Ozeety does not knowingly provide Services and collect personal information from anyone under 18 years of age. Our Services are available only to the users over 18 years old. If we learn that we have collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
6. Sharing your Personal Data
We do not sell our users’ personal data or share your personal data with any third parties except for the purpose of provision of the Services. When we provide you with the Services, we may share your personal data as described below.
Ozeety may share your information with:
- our employees and independent contractors who reasonably need to access your personal data to deliver some Services;
- legal and regulatory authorities, as required by applicable laws and regulations;
- our auditors, lawyers, accountants, consultants and other professional advisors, where it is reasonably necessary for obtaining advice, professional services, or managing legal disputes;
- business transfers in connection with any merger, sale of company assets, or acquisition of all or a portion of our business by another company.
7. Sensitive Data
We do not collect or request your sensitive data (including, but not limited to, information about your religious or political beliefs, opinions). Where you have provided it to us voluntarily, you shall be solely responsible for security of any sensitive data, and we do not intend to use this data for any purpose, nor share this data with any third parties. Please do not post or add sensitive and other personal data that you would not want to be publicly available.
8. Users’ Rights in relation to its Personal Data
You may access your personal data held by us to correct, update and remove inaccurate or incorrect data. You have the following rights:
- delete some or all personal data that we held about you;
- change or correct your personal data that we held about you;
- object to, or limit or restrict, use of your personal data;
- right to access and/or take your personal data: you can ask us for a copy of your personal information in machine readable form;
- ask not to use your personal data for marketing purposes;
- access information we hold about you.
9. Security of Personal Data
We use certain technologies to ensure the confidentiality of your personal data. Ozeety uses several security measures, including, without limitation, SSL method, two-faction authentication, PCI scanning and internal data access restrictions to protect your personal data.
However, no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal data, we cannot guarantee absolute security of your personal data.
10. Data Retention
We process information both inside and outside of the European Union and European Economic Area and rely on legally-provided mechanisms to lawfully transfer information across borders. Countries where we process information may have laws which are different, and potentially not as protective, as the laws of your own country.
We retain your personal data for as long as your account is in existence or necessary to fulfil the purposes for which we collect it or as needed to provide you with the services, except if required otherwise by law. However, when your account is terminated for any reason, we will delete your personal information entirely.
In some cases we may determine the period of data retention based on the period we need to access the data for the provision of services, receiving payment, resolving your customer support issues or for any other auditing or legal purposes. Retention periods may be changed from time to time based on regulatory requirements.
The email notifications sent by Ozeety are of two types:
- system notification sent by the Website via email (examples of such emails may include registration confirmation, verification emails, or any other emails that are required to operate your account);
- product and service notifications that you directly subscribed to.
It should be noted that you may not unsubscribe from system notification emails as these emails contain important user information and are sent for your legitimate interests. You may unsubscribe from product and service notifications any time by visiting an opt-out page. Such notifications contain information about our Website updates, new services and products added as well as other notifications for information use only.
13. Data Controller Person
To communicate with our Data Protection Officer, please contact us at [email protected].
Please put “DPO” in the subject of your email.