1. Purpose Of Policy
We respect your privacy and take data security extremely seriously. We ensure we have appropriate security measures to prevent your personal data from being accidentally lost and from unauthorised use and access.
For the applicable data protection legislation, meaning the Data Protection Act 2018, the General Data Protection Regulation, including where and to the extent retained in the laws of England and Wales (the "GDPR") and any legislation which implements any of them (the "Data Protection Legislation"), the data controller is CRYPTO EFX LTD (UK) of 20-22 Wenlock Road, LONDON, N1 7GU.
References in this Privacy and Cookies Policy and on our website to "we" "our" or "us" are references to CRYPTO EFX LTD (UK). References to "you" and "your" mean each person who interacts with us, uses our website, or uses our products and services.
2. Information We Collect and Process About You
- Information You Provide: This includes details given during registration on the website (cryptoefx.com), communication via phone, email, or other means, service subscriptions, participation in surveys and forums, event registrations, project descriptions, feedback, and problem reports. Such information may encompass your name, address, email, phone number, date of birth, identity documents, username, password, job title, company details, and any additional information provided through interactive website features.
- Information Collected During Communication and Service Use: We track details of your interactions with us, including communication methods and usage patterns of our products and services.
- Online and Technical Information: Each interaction with our website or via the internet, including social media, results in the collection of technical information (IP address, browser details, operating system), as well as data about your visit (URLs visited, search history, page interaction).
- Publicly Available Information: We may gather information from public sources like social media and Companies House, depending on your settings and their privacy policies.
- Information from Third Parties: We may receive additional data about you from our partners, suppliers, and other external sources.
- Purpose of Traffic Log Cookies: We utilise traffic log cookies to identify and monitor the use of different pages on our website. This analysis helps us improve our site to better suit customer needs. The information is used solely for statistical analysis and is then removed from our system.
- Benefits of Cookies: Cookies assist us in offering a more effective website experience by tracking which pages are beneficial to you. Importantly, cookies do not grant us access to your computer or any personal information about you, except for the data you opt to share with us.
- Cookie Preferences: You have the option to accept or decline cookies. Most web browsers automatically accept cookies, but you can alter your browser settings to refuse them if preferred. Please note that doing so may limit your experience of our website's full capabilities.
4. Purposes and Legal Basis for Using Your Data
- To Fulfil Service Requests: We process your data to perform our contract with you and provide requested products or services.
Pursuing Legitimate Interests: We use your personal data to support our legitimate interests in delivering and marketing our products and services, enhancing our website and user interactions, and other purposes, including:
- Managing your account and communication through various channels.
- Verifying identity, detecting fraud, and complying with legal or regulatory requirements.
- Providing information on requested or similar products and services.
- Offering information on other relevant products, services, and updates.
- Sharing data with partners for customer validation and fraud prevention (restricted to non-marketing uses).
- Ensuring effective website content and presentation for your device.
- Website administration, including troubleshooting, data analysis, research, and statistical purposes.
- Customising content to match your interests.
- Enhancing service quality and website experience.
- Enabling participation in interactive features.
- Maintaining website security.
- Assessing advertising effectiveness and delivering targeted ads.
- Direct marketing communications (refer to section 6 for details).
- Making personalised product or service recommendations.
- Training, quality assurance, and for evidential purposes in disputes.
- Legal Obligations and Contractual Performance: In some instances, we process your personal data to meet legal obligations or for entering into or performing a contract with you.
5. Who Your Data Can Be Disclosed To
- Disclosure for Service Provision: Your data may be disclosed to various entities to ensure the effective delivery of the products, services, and information you request.
- Connected Entities: Your personal information may be shared within our connected entities, which may include subsidiaries.
Sharing with Third Parties: We may disclose your information to:
- Suppliers, service providers, business partners, and sub-contractors.
- Fraud prevention agencies for crime prevention and tracing.
- Identity verification services for legal or regulatory compliance.
- Analytics and search engine providers for website improvement and optimisation.
- IT and software providers for our IT infrastructure, customer and contact database management, and marketing.
- Event Registration and Participation: If you register or attend our events, including webinars, we may share your contact details with event sponsors or partners for marketing purposes, subject to your explicit consent. These parties are independent data controllers and will process your data under applicable data protection laws. Their privacy policies will govern this processing.
In Case of Business Transfers:
- Your data may be disclosed to potential buyers or sellers if we're involved in a sale or purchase of business assets.
- If CRYPTO EFX LTD (UK) or its connected entities are acquired, customer data will be one of the transferred assets.
- Legal and Contractual Obligations: We may share your data to comply with legal obligations, enforce contracts, or protect our rights, property, or the safety of our business, customers, or others.
- Commitment to Data Protection: We ensure that third-party relationships align with our privacy and security commitments. We comply with Data Protection Legislation in our dealings with these parties to safeguard your information.
6. Direct Marketing and Preference Management
- Direct Marketing Communications: We may send you direct marketing via email, telephone, SMS, or mail. This will only occur if we have your explicit consent where required by law.
Unsubscribing and Managing Preferences:
- You will always be provided with instructions on how to unsubscribe from direct marketing in any communication you receive.
- In email communications, you will have options to set or modify your preferences.
- We may contact you for additional information to process your request effectively.
7. Where We Store and Transfer Your Data
- Data Storage Location: Your information is stored on secure servers located in the UK or the EU.
- Data Transfer Outside the UK/EU/EEA: Sharing information with third parties may involve transferring it to countries outside the UK, the EU, and the European Economic Area (EEA), some of which may not have data protection laws as stringent as those in the UK or EU. In such cases, we will implement the necessary steps as required under Data Protection Legislation to adequately protect your information. For more details, please contact us using the information in the Contact section below.
- Transmission Security: The transmission of information via the internet is not completely secure. While we strive to protect your data, we cannot guarantee its absolute security during transmission to our website; therefore, any transmission is at your own risk. Upon receiving your data, we employ stringent procedures and security features to prevent unauthorised access, loss, or damage.
8. Data Retention Duration
- Retention Based on Purpose: The duration for which we keep your information depends on the specific purpose of use. We retain your data only as long as necessary for the purposes outlined in this Privacy and Cookies Policy and to fulfil our legal obligations. Our retention policy is to keep only what is needed for each purpose.
- Post-Service Retention: For products or services provided, we maintain an archived record of your data for up to 6 years after service termination, or longer if required by law, solely for addressing legal disputes or responding to legal or regulatory inquiries. This data is not used for any other purpose.
- After Opting Out of Direct Marketing: If you request us to stop sending direct marketing communications, we retain only the minimal information (such as your name and email address) needed to comply with your request and prevent future marketing communications.
9. Third-Party Websites
- External Links: Our website and communications, including emails and direct marketing, may contain links to external websites. Following these links may lead to these websites collecting information from you.
- Independent Privacy Policies: These external sites have their own privacy policies. We are not responsible or liable for their policies or practices. We advise reviewing their privacy policies before submitting any personal data to these sites.
10. Your Rights
Data Protection Rights: Under Data Protection Legislation, you have various rights regarding the personal data we hold about you. These rights include:
- Requesting a copy of your stored personal data.
- Requesting correction of inaccurate personal data.
- Requesting erasure or restriction of your data.
- Objecting to our processing of your data.
- Note that these rights may be limited in certain situations, such as if we have a legal obligation or a legitimate reason that overrides your request.
- Exercising Your Rights: To exercise any of these rights, please contact us using the information provided in the Contact section below.
- Right to Complain: If you believe your data has been mishandled, you should contact us first. However, you also have the right to lodge a complaint directly with the Information Commissioner's Office (ICO) in the UK, or your local data protection authority if you are outside the UK.
12. Contact Information