BYEBNK’S PRIVACY, CONFIDENTIALITY AND DATA PROTECTION POLICY
January 16, 2022
1. INTRODUCTION
1.1. By accessing and using the platform (“PLATFORM”) of BYEBNK BYEOND THE SEAS LTD (“BYEBNK”), the user (“USER”) fully agrees with this Privacy, Confidentiality and Data Protection Policy (“POLICY”).
1.2. Agreement with this POLICY assumes the previous reading and agreement with BYEBNK’s terms of use (“TERMS OF USE”), of which this is a part.
1.3. This POLICY applies to all areas of the relationship between the USER and BYEBNK, excluding any and all interactions between the USER and any other organizations, even if such interactions take place by virtue of the relationship between the USER and BYEBNK and/or from a nominal reference or link on the PLATFORM.
2. DEFINITION OF PERSONAL DATA
2.1. According to the Brazilian General Data Protection Act, all information related to an identified or identifiable individual is considered personal data.
3. SOURCES OF PERSONAL DATA
3.1. BYEBNK may collect personal data from the USER from any legitimate sources, which include, especially, the following:
(a) BYEBNK’s website browsing by the USER;
(b) registration of the USER in the PLATFORM;
(c) operations performed by the USER on the PLATFORM;
(d) useful or necessary information provided by the USER to BYEBNK, necessary for the relationship between them;
(e) contact made by the USER, through whatever means, with BYEBNK;
(f) permission given by the USER to BYEBNK to access the USER’s profile, website or repository of personal data in any virtual environment, including social media, and
(g) lawful sharing with BYEBNK by any individual or business entity that controls the USER’s personal data.
3.2. Individuals not registered at the PLATFORM, but who, for whatever reason, browse BYEBNK’s website or make use of any means to contact BYEBNK may have their personal data collected, provided that such data are voluntarily given.
3.3. BYEBNK reserves the right to use, on its website, its own application software and, on its PLATFORM, such technologies as its own or third parties’ cookies, pixel tags, local storage or other identifiers of desktop or mobile devices for the purpose of virtual identification, authentication, improvement of services, customization and general announcements.
3.4. BYEBNK reserves the right to collect information about the USER, at any time, regardless of any fact, by means of identity verification entities and data offices specialized in the detection of possible fraud, as well as credit protection and analysis services.
4. COLLECTABLE PERSONAL DATA
4.1. The USER, by registering at BYEBNK, browsing the PLATFORM or using any of BYEBNK’s services or features, agrees with this POLICY and hereby authorizes the collection of:
(a) identification data: full name, names of the parents, date and place of birth, taxpayer ID (CPF) and identity card numbers, recent photograph, personal identification documents such as identity card (RG, RNI and special/professional ones), driver’s license or passport;
(b) contact details: telephone numbers, email addresses, home and business addresses with their respective proof documents;
(c) financial data: monthly or annual income, with respective proof documents; banking data (account and branch numbers); data and history of transactions made in the PLATFORM; API keys of negotiations and encrypted wallet address;
(d) credentials: cryptographic hashes of passwords, secure words, security PIN and necessary security information chosen by the USER for the process of authentication, access to accounts and transactions;
(e) investor profile data: assets invested, investment profile (long or short term), routines of investment and withdrawal, including those associated with external events;
(f) usage data: general user profile, including page viewing, duration of each access, browsing path, access device characteristics, browser used for each access and steady use of the same browser;
(g) access data: IP address with the date, time and geographic origin, bandwidth and internet service provider (ISP), operating system, device manufacturer, carrier, model, Wi-Fi networks, phone number, device data, device identification (IMEI/MEID), mobile carrier and country of registration and settings; location data extracted from the records of any satellite navigation systems, mobile communication towers, Wi-Fi access points or IP location.
(h) interaction data: the whole interaction of the USER with BYEBNK may be recorded, including communications made by telephone and chat;
(i) demographic data: gender, school education, income, as well as preferences, loyalties and associations, except for those of political, philosophical or religious nature;
(j) relationship data: only with the USER’s express consent and to the extent defined when the collection is requested.
5. USE OF THE PERSONAL DATA COLLECTED
5.1. BYEBNK will use personal data collected from the USER for the following purposes:
(a) providing access to the PLATFORM, operations in the PLATFORM and the handling of the WALLET, as defined in the TERMS OF USE;
(b) active contact, including telephone, email and letter, for the purpose of information security;
(c) active contact, including telephone, email and letter, for the purpose of relationship management, including the avoidance or mitigation of consequences in case of suspicious or illegal activity or violation of the terms, conditions and policies by the USER or third parties;
(d) active contact, including telephone, email and letter, for the purpose of transmission of announcements and communications about changes in the parameters of relationship between the USER and BYEBNK, such as alterations of or in the tools, functionalities, conditions and policies;
(e) active contact, including telephone, email and letter, for the purpose of advertisement, and the USER may request, at any time, the suppression of active telephone contact;
(f) active contact, including telephone, email and letter, for the purpose of offering new services provided by BYEBNK or its partners that have synergy with investments in cryptoassets, and the USER may request, at any time, the suppression of active telephone contact;
(g) analysis of the USER’s behavior, tendencies and usage preferences;
(h) development, improvement, modification and innovation of internal processes, including those of promotional and advertising scope, as well as BYEBNK services;
(i) content customization and assistance/monitoring, including prudential, of the USER’s investments and prudential or educational advice for the USER;
(j) consultation, surveying and knowledge dissemination or grouping campaigns;
(k) general, sector or individual analysis of performance, access tendencies and statistics, use and page viewing of the PLATFORM, including verification and compilation of the USER’s means to reach it;
(l) assessment and monitoring of security, legal and regulatory risks; and
(m) compliance with legal and regulatory obligations and requirements.
5.2. BYEBNK does not send electronic messages requesting confirmation of personal data, passwords, credit card numbers, encrypted wallet address, not even electronic messages with executable attachments or links to downloadable material.
5.3 The USER authorizes BYEBNK to use, copy, reproduce, handle, share and translate to other languages any and all recorded comment, opinion, report, impression or suggestion made by the USER on BYEBNK’s website, app, PLATFORM or social media profiles, without compensation by BYEBNK.
5.4 BYEBNK will handle the USER’s personal data for as long as the contractual relationship lasts, and reserves the right to keep them for up to 20 years after the contractual relationship is over, considering the possibility of being required to share them with government authorities for the purpose of prevention of money laundering and countering the financing of terrorism, as well as analysis and communication of new services, conditions, terms and promotions, and other cases under which those data must be kept in accordance with the applicable law, especially the Brazilian General Data Protection Act and the Brazilian Internet Civil Framework.
5.5 For the purposes of the previous item, BYEBNK may classify the USER’s personal data as “core data”, in the case of data that individualize the USER and show the history of the USER’s relationship with BYEBNK, and “extra data” for the other cases, with the possibility of adopting a different time for keeping each type of data, observing the maximum time of 20 years after the termination of the contractual relationship.
6. USERS’ RIGHTS AND OBLIGATIONS
6.1. USERS’ rights include:
(a) having access to their personal data handled by BYEBNK;
(b) rectifying, at any time, any of their personal data;
(c) requesting the blocking, exclusion or erasure of personal data considered unnecessary, excessive or handled without compliance with the Brazilian General Data Protection Act. The request’s validity must be judged by BYEBNK, considering, especially, its duties to keep the data for the applicable legal time;
(d) demanding the portability of personal data, and BYEBNK must make them available to the USER in an interoperable format within thirty (30) business days;
(e) receiving information, through simple request, about the sharing of personal data. BYEBNK must make the sharing report available within thirty (30) business days;
(f) not providing personal data and revoking, at any time, without retroactive effect, the consent for the handling of previously provided data, aware that the exercise of such right may result in the impossibility of use of the PLATFORM and, consequently, the discontinuity of the contractual relationship.
6.2. By receiving a communication from the USER with respect to the exercise of any of the rights stated above, in a situation under which BYEBNK is a carrier, but not the controller of the USER’s personal data, BYEBNK shall inform the USER about this relationship status and the controller’s identity, if BYEBNK knows who the controller is, and the controller is responsible for looking into the situation and taking appropriate action.
6.3. The USER has duties, specified in the TERMS OF USE, related to the security of the USER’s personal data, such as keeping the secrecy of access information (username and password) and being careful with the access devices and networks, and, especially, immediately reporting to BYEBNK any suspicious or non-authorized activity in the USER’s account.
7. POLICY OF COOKIES AND SIMILAR TECHNOLOGIES
7.1. BYEBNK reserves the right to use its own cookies to control, monitor and track down occasional vulnerabilities and risks of information security incidents, and to act preventively, as well as to use third parties’ cookies for statistical analysis of browsing data.
7.2 Agreement with this POLICY includes the consent for the use of cookies. USERS who do not agree with the use of cookies must cancel their BYEBNK account.
8. SHARING OF PERSONAL DATA
8.1. BYEBNK is allowed to share the USER’s personal data, metadata and browsing data with companies of its own present or future corporate group for purposes of registration, processing of operations of purchase and sale of cryptoassets, enabling of operational routines and special functionalities, as well as the development and rendering of services.
8.2 The USER only authorizes the sharing of the USER’s personal data with third parties that are not part of BYEBNK’s corporate group under the circumstances and conditions below:
(a) partners or service providers, for the rendering of the service contracted by the USER;
(b) partners or service providers, for the development and rendering of services by BYEBNK or production of statistical data;
(c) in auditing processes for corporate operations;
(d) with identity verification entities and data offices specialized in the detection of possible fraud, as well as credit protection and risk analysis services, provided there is a reasonable and duly documented cause;
(e) with relevant authorities and other entities, in the context of the development, improvement, modification and execution of Policies of Compliance, Prevention to Money Laundering and Countering the Financing of Terrorism;
(f) with public authorities, in the event of court sentence or legal request.
8.3. BYEBNK may perform international transfers of the USER’s personal data, either by virtue of contracts with technological service providers located abroad, or by virtue of request by data protection authorities or foreign government entities, provided it is made in compliance with the Brazilian General Data Protection Act.
9. PRINCIPLES OF PERSONAL DATA HANDLING
9.1. BYEBNK adopts the following principles when handling the USER’s personal data:
(a) Confidentiality.
(i) The USER’s personal data are confidential.
(ii) Only authorized personnel may have access to the USER’s personal data.
(iii) The sharing of the USER’s personal data, in authorized circumstances, does not imply consent for disclosure, but only the transfer of the duty of confidentiality.
(iv) Whenever possible, the USER’s personal data will become anonymous or, at least, receive a pseudonym for their handling, especially those that are shared with third parties.
(v) Third parties with whom the USER’s personal data are shared will be required, through legally valid and effective means, to protect them under the Brazilian General Data Protection Act.
(b) Security
(i) The USER’s personal data will be kept in a secure environment, with rigorous access control.
(c) Transparency and free access
(i) The USER must have easy and free access to the USER’s personal data.
(ii) The USER must have easy access to the handling of the USER’s personal data.
(d) Sufficiency
(i) The collection of the USER’s personal data must not exceed the scope sufficient for the appropriate conduction of the contractual relationship, taking into account the principle of reasonability and the appropriate model for that service and type of activity.
10. MISCELLANEOUS
10.1. This POLICY will be governed by the Brazilian laws and is part of the TERMS OF USE.
10.2. In case of alteration of this POLICY to ensure its compliance with the laws and the regulations of the Brazilian National Data Protection Agency (ANPD) or by virtue of alteration of technological paradigm, the USER will be duly notified.
10.3. BYEBNK may set up specific rules for some services, which will prevail, in case of distinction, over this POLICY.
11. DATA PROTECTION OFFICER
11.1. BYEBNK’s DPO (Data Protection Officer) is Mr. Matheus Giaretta Cansian; his e-mail address is [email protected].
Nassau, jan 16, 2022
Comentários post