1. GENERAL

1.1 This Privacy Policy governs collection, processing and use by the FINANIC OÜ (incorporated in Estonia) (hereinafter separately – the “Company” or “we”, “us”, “our’, etc.) of your Personal Information that you provide us when accessing or using the website www.finanic.io (hereinafter – the “Website”), Platform and other related services provided by the Company via the Website (hereinafter – “Services”). 

1.2 As part of our daily business operations, We collect personal information from our clients and prospective clients in order to provide them with our products and services, and ensure that We can meet their needs when providing these products and services, as well as when providing them with any respective information.

1.3 Your privacy is of utmost importance to us, and it is our policy to safeguard and respect the confidentiality of information and the privacy of individuals. This Privacy Policy sets out how We collects, uses and manages the personal information We receive from you, or a third party, in connection with our provision of services to You or which We collect from Your use of our services and/or our website. The Privacy Policy also informs You of Your rights with respect to the processing of your personal information.

1.4 Our Privacy Policy is reviewed regularly to ensure that any new obligations and technologies, as well as any changes to our business operations and practices are taken into consideration, as well as that it remains abreast of the changing regulatory environment. Any personal information We hold will be governed by our most recent Privacy Policy.

1.5 We may amend this Privacy Policy at any time by posting the amended version on this site including the effective date of the amended version. We will announce any material changes to this Privacy Policy on Our website.

1.6 We are Your personal data controllers within the meaning of the General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”) and other applicable European laws pertaining to data protection. Our contact details are available at  support@finanic.io. 
Contact details of the data protection officer authorized by Us: officer@finanic.io.

1.7 Personal data collected by Us are processed in accordance with the legal requirements, including but not limited to General Data Protection Regulation (EU) 2016/679 (hereinafter referred to as “GDPR”) and other applicable European laws pertaining to data protection. All Our employees, agents and employees who know the secret of personal data must keep it safe even after termination of the employment or contractual relationship.

1.8 For the purpose of the processing personal data, We may engage data processors and/or, at its sole discretion, hire other persons to perform certain functions on behalf of Us. In such cases, We shall take necessary measures to ensure that such data is processed by the personal data processors in accordance with Our instructions and applicable legislation. We shall also require the personal data processors to implement appropriate measures for the security of personal data. In such cases, We shall ensure that such persons will be subject to the non-disclosure obligation and will not be able to use this information for any other purpose, except to the extent necessary to perform the functions assigned to them.

1.9 You can visit this Website not providing any information about yourself, however, if you want to open an account in Platform and/or Website and/or use Our service, We will ask you to provide personal data indicated in the system and to carry out established identification procedures.

1.10 This Privacy Policy is a supplement to the Terms and Conditions, which comes into force together with the Terms and Conditions after you register in the Website. This Privacy Policy provides for basic rules for collecting, storing, processing and retention of your personal data and other information relating to you, as well as the scope of processed personal data, the purposes, sources, recipients and other important aspects of data processing in using Our service. It is therefore recommended to analyze the provisions of this Privacy Policy in detail prior to beginning to use Our services.

1.11 By visiting Our website and/or using information contained therein, and/or the Services, you acknowledge and confirm that you have read the Privacy Policy, understand it and agree with it. 

2. COLLECTION AND USE OF PERSONAL INFORMATION

“Personal Information”- the information that identifies an individual, such as name, address, e-mail address, financial information, and banking details. “Personal Information” does not include anonymized and/or aggregated data that does not identify a specific user. Company is committed to protecting and respecting your privacy. 

1. The purpose of this Privacy Policy is to describe:
1. The types of Personal Information we collect and how it may be used;
2. How and why we may disclose your Personal Information to third parties;
3. The transfer of your Personal Information;

2.1.4   Your right to access, correct, update, and delete your Personal Information;

2.1.5   The security measures we use to protect and prevent the loss, misuse, or alteration of Personal Information; and

1. Company’s retention of your Personal Information.
2. This Privacy Policy also covers some basics of our use of cookies, however, for more details please see also our Cookie Policy;

3. PERSONAL INFORMATION WHAT WE COLLECT 

1. We collect the next Personal Information:
1. Contact information, such as name, home address, and E-mail address.
2. Account information, such as username and password.

3.1.3    Financial information, such as bank account numbers, bank statement, trading activity and history, commissions charged, etc.

1. Identity verification information, such as images of your government issued ID, passport, national ID card, driving license or other documents requested by our compliance department.
2. Residence verification information, such as Utility bill details or similar information.
3. Other information, obtained during our KYC procedures, such as information about your financial state and source of funds.

3.2 We also automatically collect certain computer, device, and browsing information when you access the Website or use of Services. This information is aggregated to provide statistical data about our users’ browsing actions and patterns, and does not personally identify individuals. This information may include:

1. The information about the computer or mobile device you use to access our Website, including the hardware model, operating system and version, the web browser you use, IP addresses and other device identifiers.
2. Website usage information, the server log information, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at our Website and the websites you visit just before and just after our Website.
3. The bandwidth upload and download speeds, the amount of free and used storage space on your device and other statistics about your device.

3.2.4     We may automatically capture, store and otherwise process information about you even if you abandon the completion of an online application or registration form.

4. USE OF YOUR PERSONAL INFORMATION

1. We may use your Personal Information to:

4.1.1 Process your transactions. We will process your Personal Information only for the purpose(s) for which it has been provided to us.

1. Fulfill our legal or regulatory requirements;
2. Verify your identity in accordance with the applicable legislation and the Company’s Anti Money Laundering policy, as well as address other law enforcement needs. We also may share your information with other financial institutions and with tax authorities if such actions are required from us due to any applicable legislation.
3. Detect, investigate and prevent fraudulent transactions or unauthorized or illegal activities;
4. Protect of our rights and property;
5. Personalize your Services experience.
6. Analyze Website usage, and improve our Website and Website offerings. Analyzing and tracking data to determine the usefulness or popularity of certain content and to better understand the online activity of our Website users;
7. Help us respond to your customer service requests and support needs, answer your inquiry or respond to a communication from you;
8. Contact you about Services. The email address you provide may be used to communicate information and updates related to your use of the Services. We may also occasionally communicate technical notices, support or administrative notifications, company news, updates, promotions, and related information relating to similar products and Services provided by Company.
9. Administer a contest, promotion, survey or other features as will be more explained on the Website.
10. Link, connect or combine Personal Information we collect from or about you with other Personal Information; and Carry out any other purpose or reason for which the Information was collected.

We do not perform behavioral tracking of a customer’s activities on our Website or across different Websites, nor do we allow third-party data collection through our services. If you wish to stop receiving marketing communications from us, please contact us at support@finanic.io to opt-out.

5. DISCLOSE AND TRANSFER OF PERSONAL INFORMATION

5.1 We may disclose your Personal Information to third parties and legal and regulatory authorities, and transfer your Personal Information.

5.2 DISCLOSURES TO THIRD PARTIES

5.2.1 In processing your transactions, we may share some of your Personal Information with our third-party service providers who help with our business operations. Your information will not be sold, exchanged, or shared with any third parties without your consent, except to provide Services or as required by law. By using Website or Services you consent to the disclosure of your Personal Information as described in this Privacy Policy. Non-personally identifiable visitor information may be provided to third parties for marketing, advertising, or other uses. Company’s third-party service providers are contractually bound to protect and use such information only for the purposes for which it was disclosed, except as otherwise required or permitted by law. We ensure that such third parties will be bound by terms no less protective those described in this Privacy Policy, or those we are subject to under applicable data protection laws.

5.3 DISCLOSURES TO LEGAL AUTHORITIES

5.3.1 We may share your Personal Information with law enforcement, data protection authorities, government officials, and other authorities when:

1. Compelled by court order, or other legal procedure.
2. We believe that the disclosure is necessary to prevent physical harm or financial loss.
3. Disclosure is necessary to report suspected illegal activity.
4. Disclosure is necessary to investigate violations of this Privacy Policy or any our agreement with you.

5.4 INTERNATIONAL TRANSFERS 

5.4.1 We store and process your Personal Information in data centers around the world, wherever Company facilities or service providers are located. As such, we may transfer your Personal Information between such data centers. Such transfers are undertaken in accordance with our legal and regulatory obligations and are performed only via protected channels.

5.5 OTHER CIRCUMSTANCES 

1. We also can disclose your Personal Information in the following circumstances:

5.5.1.1 with your consent or at your instruction. Certain information you may choose to share may be displayed publicly, such as your username and any content you post when you use interactive areas of our Website like our online forums;

1. with our current or future parent companies, affiliates, subsidiaries and with other companies under common control or ownership with us or our offices internationally. We ensure that listed parties will be bound by terms not less protective those described in this Privacy Policy, or those we are subject to under applicable data protection laws;

5.5.1.3 if the sharing of Personal Information is necessary for protection of our rights and property, or rights and property of the above listed current or future parent companies, affiliates, subsidiaries and with other companies under common control or ownership with us or our offices.

6. USE OF COOKIES AND SIMILAR TECHNOLOGY

6.1 The Website is using cookies- small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently, as well as to provide information to the owners of the site. Cookies are typically stored on your computer’s hard drive.

6.2 Our Website uses cookies to enable you to use the Website, the Services we offer and the materials on the Website. Cookies are also used to distinguish you from other users of our Website. This helps us to provide you with a good experience when you browse our Website and also allows us to improve our Website. For detailed information on the cookies we use and the purposes for which we use them see our Cookie Policy.

7. EXTERNAL WEBSITES

7.1 Occasionally, the Website may provide references or links to other websites (“External websites”). We do not control these External websites third party sites or any of the content contained therein. You agree that we are in no way responsible or liable for External websites referenced or linked from the Company’s Website, including, but not limited to, website content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to, or arising from those sites. External websites have separate and independent privacy policies. We encourage you to review the policies, rules, terms, and regulations of each site that you visit. We seek to protect the integrity of our site and welcome any feedback about External information provided on the Company Website.

8. YOUR RIGHTS 

8.1 You are able to exercise all the right foreseen by legislation, if this does not contradict the legal requirements in relation to the prevention of money laundering and terrorist financing laws, our record keeping obligations, etc.

1. You have the following rights:

8.2.1 the right to be informed about the fact that we’re processing your Personal Information and which data exactly we are processing;

1. the right to data portability. In certain circumstances, you have the right to obtain all your Personal Information we store in a machine-readable format;
2. the right to object the processing of your Personal Information;
3. the right not to be subject to automated decision-making including profiling if it doesn’t intervene in performing the contract between you and us;
4. the right to access your Personal Information, to correct, update, and block inaccurate and/or incorrect data;
5. the right to withdraw your consent of Personal Information processing;
6. the right to erase your Personal Information from our servers upon your justified request (a right to be forgotten);

8.3 To exercise the rights mentioned before, please our data protection officer via e-mail: officer@finanic.io.

8.4 Within 30 days of receipt of your written request we will provide you with your Personal Information, including the purposes for which it was used and to whom it was disclosed to in accordance with applicable legislation. We reserve the right to request additional information from you, that may be necessary in order to provide the duly respond to your request in accordance with applicable legislation and you agree with such our right. Also, if you wish to correct, update, and block inaccurate and/or incorrect data, we have a right to request a confirmation of correct data from you, for example, official documents containing such data.

8.5 Please note that if we are unable to verify your identity by e-mail messages or at your application to the call center, or in the case of reasonable doubts concerning your identity, we may ask you to provide a proof of identity, including by personal appearance in our office. This is the only way we can avoid disclosing your Personal Information to a person who can perpetrate your identity.

8.6 In some cases, we will not be able to change your Personal Information. In particular, such case can include the event when your personal information has already been used during the execution of any agreement or transaction, or is specified in any official document, etc. You have the right of withdrawal of consent to personal data processing. You may also exercise your right to be forgotten and erase your Personal information from our servers. In cases stipulated in Article 17 of GDPR, we will delete your Personal Information we process, except for those Personal Information which we are obliged to store in accordance with the requirements set forth by the applicable legislation.

Please be advised, that in case of realization of your right of withdrawal of consent to personal data processing or right to be forgotten, we will may not be able to provide you our products or services, and we have a special right to terminate all our current agreements with you with the application of legal consequences of such termination, and you irrevocably acknowledge such our right.

8.7 In order to withdraw the consent to personal data processing and/or exercise your rights to be forgotten please contact us at support@finanic.io. Furthermore, in this case, for the purposes of safety, we may request you to present your ID document, including directly at our office.

9. SECURITY 

9.1 We use a variety of security measures to ensure the confidentiality of your Personal Information, and to protect your Personal Information from loss, theft, unauthorized access, misuse, alteration or destruction. These security measures include, but are not limited to: 

9.1.1 Password protected directories and databases; 

9.1.2 Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely;

9.1.3 Limited access to hosting servers using 2FA and traffic encryption.

9.2 All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorized Company personnel are permitted access to your Personal Information, and these personnel are required to treat the information as highly confidential. 

9.3 The security measures will be reviewed regularly in light of new and relevant legal and technical developments.

10. RETENTION 

10.1 We retain Personal Information for as long as necessary to fulfil purposes described in this Privacy Policy, subject to our own legal and regulatory obligations. 

10.2 In accordance with our record keeping obligations, we will retain account and other Personal Information for at least five years after termination of respective agreement.