February 17, 2018
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
2. Collection and use of information
The following sections cover the specifics of each of the two groups from which data is collected: website Visitors and Users of our Services.
2.2 Website Visitors and collection of Visitors Data
If you are a Visitor to our website only, and not a User of our Services or the AXNET platform otherwise, then this section is relevant for you. If you do not agree with the Terms set out herein, we ask you to not visit this website www.ax.net. In cases when required by the applicable law, we will ask for your explicit consent to process Personal Data, which shall be collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible or may be limited.
AXNET may add information collected by way of page view activity. Furthermore, AXNET may collect and process Personal Data that you voluntarily and with your consent give to AXNET in our website’s forms, such as when you sign up for information and newsletters. You can unsubscribe from the newsletter by opening the one of AXNET e-mail, which you received, and clicking “unsubscribe” at the bottom of page. You can also send us an e-mail to [email protected] and ask us to unsubscribe you. If you provide AXNET with your social media details, AXNET may retrieve publicly available information about you from social media. AXNET uses such information for a better user experience, enabling user to make a login to our website with the users’ Facebook profile.
Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in AXNET services as well as information as to the type of relationship that exists between AXNET and yourself. The information is collected for the purpose of improved user experience.
AXNET gathers data about visits to the website, including numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where Visitors came from.
2.2.1 Purpose of processing personal data
AXNET uses the collected data to communicate with Visitors, to customize content for Visitors, to show ads on other websites to Visitors, and to improve its website by analyzing how Visitors navigate its website. AXNET will process all Data in order to monitor and improve website and Services.
2.2.2 Sharing and storing personal data
AXNET may also share such information with service vendors or contractors in order to provide a requested service or transaction or in order to analyze the Visitor behavior on its website.
The data that we collect from you is stored within the territories of the European Union. Automatically collected data (Google Analytics) by third parties may be stored outside EU.
2.2.4 Links to other websites
2.2.5. Geographical location of collection and storing Personal Data
The website AXNET runs on servers in European data regions. A AXNET “Data Region” is a set of data centers located within a defined geographical area where User data is stored. Personal Data is not transmitted to another Data Regions. For AXNET website visitors, all Personal Data of visitors are located in AXNET European Data Region, all Personal Data is processed in the EEA.
In order to provide services to its Users, AXNET collects certain types of data from them. This section will describe how Users` data is collected and used by AXNET. Data entered or transferred into AXNET by Users such as texts, questions, contacts, media files, etc., remain the property of the User and may not be shared with a third party by AXNET without express consent from the User.
AXNET will process your account data you provide when you open AXNET account, perform transactions on the AXNET platform, or use other AXNET Services. This information may include:
• Contact information, such as name, home address, email address, date and place of birth, mobile phone number.
• Account information, such as username and password.
• Financial information, such as bank account numbers, bank statements, and trading information.
• Identity verification information, such as image of your government issued ID, passport, national ID card or driving license, and under special conditions also a social security number (US residents)
• Residence verification information, such as utility bill details, phone bill or similar document.
• The source of the account data is user who opens an account. The account opening data will be used and processed for the purposes of performing a detailed Know Your Customer (Hereinafter: KYC) procedure according to necessary Anti-Money Laundering and Anti-Terrorist Regulations. Users are visitors of the AXNET website and therefore their Personal Information are collected as described in the previous section. These Personal Information will be used for operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with Users.
2.4.2 Collection of User data
During a User’s registration at AXNET exchange platform, Users provide information such as name, company name, email, address and nationality (registered seat of the legal entity), bank account, ID number and image of the ID document, date and place of birth, personal picture, phone number, utility bill and other relevant data.
The Users Data shall be collected and processed by a third party – JUMIO 21 Worship Street London, EC2A 2DW United Kingdom who is a trusted partner of AXNET for collecting and processing Users data on behalf of AXNET.
Jumio is an experienced identity verification company that will process Personal Data for the purposes of the necessary KYC/AML procedures. Jumio will obtain and process all the above stated Personal Data and run KYC/AML procedures and ensure the compliance with the relevant AML legislation.
For the purposes of the maintaining users’ accounts and reviewing users for the purposes of KYC/AML compliance, AXNET will collect and process the same that Jumio will collect in the process of User verification (KYC) procedure. AXNET will use some of those information also for personalizing
If you wish to stop receiving marketing communications from us, please contact us at [email protected] to opt-out.
Users of AXNET services can at any time access and edit, update or delete their contact details by logging in with their username and password to AXNET platform and use “Delete User Account” setting. AXNET will not retain User data longer than is necessary to fulfill the purposes for which it was collected or as required by the applicable laws and regulations.
2.4.3. Geographical location of processing Personal Data
All Personal Data, which will be collected and processed within KYC procedure by Jumio and AXNET are stored on servers in European data regions. Such Personal Data is not transmitted to another Data Regions. AXNET has servers in European data regions. A AXNET “Data Region” is a set of data centers located within a defined geographical area where User data is stored. Personal Data is not transmitted to another Data Regions. For AXNET Users, all accounts are located in AXNET European Data Region, all Personal Data is processed in the EEA.
It has to be noted that AXNET is a platform that offers buying, selling and storing virtual currencies. Trading virtual currencies takes place on the blockchains (Ethereum, Bitcoin, etc.) which are decentralized databases software platforms for virtual assets. Blockchains are a list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of the previous block, a timestamp and transaction data. By design, a blockchain is inherently resistant to modification of the data. Therefore Data cannot be modified or deleted, since there are no servers involved. Data are dispersed among computer all around the world in encrypted version.
If you trade virtual currencies you agree that your Personal Data may be collected, stored, processed and that you will not be able to delete it or invoke the right to be forgotten. Your data are encrypted, meaning they are coded (anonymized). Note that also encrypted personal data that is your e.g. crypto wallet address with AXNET can still be traced back to a person if enough effort is put into it by experts or someone holds the key to decryption. With trading virtual assets via AXNET platform you expressly agree to give you.
Personal Data on the (public) blockchain that these Data (even though encrypted) cannot be deleted and that Personal Data may be transferred outside European territory.
You acknowledge and expressly agree that by the nature of the technology it is not possible to delete personal data from the blockchain and invoke the right to be forgotten. You also agree that by the nature of the technology it is not possible to keep personal data within the EU borders.
188.8.131.52 Processing in accordance with General Data Protection Regulation
The processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and our processing will take place in accordance with the GDPR.
AXNET processes Personal Data as a Controller, as defined in the Directive and the GDPR:
AXNET Ltd. which you as a Visitor entered an agreement with when using AXNET’s platform as a Visitor, will be the Controller for Visitors data, as outlined above in “Collection of Visitor data” section.
For Users data, as outlined in the “Collection of Users data” section, the AXNET will be the Controller in accordance with GDPR. The Users Data shall be processed by a third party Processor – JUMIO London, 40 Long Acre, Covent Garden WC2E 9LG, to Collect and process Users data on behalf of AXNET. Jumio is an experienced identity verification company that will process Personal Data for the purposes of the necessary KYC/AML procedures. Jumio will obtain and process users: name, surname, address, residency, date and place of birth, ID number, copy ID, users’ picture, email, phone number, utility bill and other personal information. JUMIO is a certified ID verification company having sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of the rights of the data subject.
AXNET has a data processing agreements in place with its providers, ensuring compliance with GDPR. All hosting is performed in accordance with the highest security regulations. All transfers of data internally is done in accordance with this data processing agreement.
AXNET adheres to the Directive of 1995 and the GDPR from May 25th, 2018. Consequently, AXNET processes all data provided by its Users with accounts in its European Data Region, in the European Union, EGS and Switzerland only.
3. Retention and deletion of Personal Information
AXNET will not retain data longer than is necessary to fulfill the purposes for which it was obtained for or as required by applicable laws or regulations. When a users’ account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law. Every user or visitor can invoke the right be right to be forgotten at any time. Users and visitors can request a list of his or hers personal data. In case you wish to obtain such data send an e-mail to [email protected] You will receive the list within one month from receiving your request by AXNET.
4. Acceptance of these Conditions
5. Legal Obligation to Disclose Personal Information
5.1. Disclosure to third parties
5.2. Disclosure to prevent damage and disclosure to legal authorities
We will reveal user’s personal information without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to AXNET or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required and when the competent authorities have required to present them with such Personal Information.
6. Data Protection Officer
AXNET has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following email: [email protected]
7. Security of Personal Information
We use a variety of security measures to ensure the confidentiality, integrity, availability and privacy of your Personal Information and to protect your Personal Information from loss, theft, unauthorised access, misuse, alteration or destruction. These security measures include, among others:
• Password protected directories and databases.
• Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely.
• Vulnerability Scanning to actively protect our servers from hackers and other vulnerabilities.
• Regular penetration testing.
• Secure coding principles.
• Encryption of sensitive data during transfer and at rest.
• 2 factor authentication.
• Logging of activities performed in the platform.
• Access controls and
• other measures to mitigate risks identified during risk assessment process.
All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorised AXNET personnel are permitted access to your Personal Information, and these personnel are required to treat the information as highly confidential. The security measures will be reviewed regularly in light of new and relevant legal and technical developments.
8. Access right to your personal information
You have the right to access your Personal Information to correct, update, and block inaccurate and/or incorrect data. To exercise this right, contact us at [email protected]
9. Information, Complaints and Contact
AXNET has a “Data Protection Officer” who is responsible for matters relating to privacy and data protection. This Data Protection Officer can be reached at the following email: [email protected] you have any further questions regarding the data AXNET collects, or how we use it, then please feel free to contact us by email at: [email protected] or in writing at: Asset Exchange Network OÜ, Harju maakond, Tallinn, Lasnamäe linnaosa, Peterburi tee 47, 11415
You have a right to lodge a complaint with a supervisory authority, to enforce your rights, as specified above. You can find out how to do this at the Estonian Data Protection Inspectorate (AKI) http://www.aki.ee/en/ inspectorate or European Data Protection Supervisor https://edps.europa.eu/.