Polybius Tech OÜ, an Estonian-incorporated company having its registered seat at Tartu maantee 43, 10128 Tallinn, Estonia (Commercial registry number: 14420450), (hereinafter “Polybius”, the “Company” or “We“) collects from persons visiting its website (hereinafter the “Visitor(s)” or “you”), how and why we use your data and your rights to control personal information We hold about you.
The concept of “data” encompasses all the personal data relating to yourself and more specifically any information that allows us to directly or indirectly identify you as a natural person.
The protection of your data and your privacy is of the most utmost importance to us and we therefore ensure to comply with data protection laws including EU Regulation 2016/679 of 27 April 2016 on the protection of personal data (the “GDPR”) and any other implementing act or regulations.
1. Our role as a data controller
The data controller responsible for the processing of Your data is Polybius Tech OÜ.
As a data controller we solely and autonomously determine the purposes of the processing of Your data as well as all corresponding criteria.
For any further information on our data protection practices or concerning your personal data as a Visitor, please contact us at [email protected]
2. What information we collect, for what purposes and on what legal basis?
First, we may collect the information that you submit to us voluntarily when creating an account or registering with one of our services or events, such as your email address, first and last name, company, country, phone number, password, token asset wallet address, personal information related to KYC / AML checks etc. Any of your payment information for its part will be directed to our third-party payment processor. We will not store your financial account information on our systems; however, we will have access to, and may retain information through our third-party payment processor.
Further to that, we may process your personal data as necessary for the performance of an agreement we have with you, or as required by law, or in accordance with your explicit consent for such processing, or in a matter commensurate to our legitimate interest and provided that your fundamental rights and freedoms are safeguarded. Our legitimate interest may include the need to personalize our content or website or other general information, to collect information about your experience with our services in order to improve the latter, or the need to better understand your concerns and needs in order to develop innovative service offerings and further develop our activities.
3. With whom and how do we share your data?
We may disclose your personal information where we are required to do so (i) by applicable law, (ii) by a governmental body, (iii) by a law enforcement agency or (iv) in connection with an investigation of suspected or actual fraudulent or illegal activity.
4. Transfer of personal data outside the European Economic Area (EEA)
We keep your data in the EEA.
We may have to transfer your data to a country outside the EEA, including to countries that would not offer a sufficient level of protection pursuant to the criteria set by the European Union (e.g. a transfer to a subsidiary located outside the EEA). In such an eventuality, we will guarantee an appropriate level of protection for your data by resorting to standard EU contractual clauses or any other means so as to guarantee that your data will be transferred in a secure environment.
5. What are your rights?
5.1 Access, rectification, erasure, portability and objection rights
For all the purposes defined here above, and within the limits provided by applicable data protection laws, you have rights as a data subject. Polybius wants you to be aware of these rights, namely:
- the right to ask us to provide you with copies of personal information that we hold about you at any time, which include the right to ask us: whether we process your personal data, for what purposes; the categories of data; the recipients to whom the data are shared;
- the right to ask us to update and correct any out-of-date or incorrect personal information that we hold about you free of charge;
- the right to withdraw your consent where such consent has been given;
- the right to erasure within the limits afforded by data protection legislation;
- the right to data portability within the limits afforded by data protection legislation.
Where we process your data for our legitimate interests, you have the right to object to the processing of your data. However, according to our legitimate interests, we may continue to process your data after a careful balancing of your interests with the ones of Polybius.
5.2 Objection right to direct marketing
When Polybius processes your data for direct marketing purposes, you always have the right to opt-out, at first request and free of charge, of any direct marketing communications.
You can exercise your objection right by sending us an email to [email protected] or by postal mail at Customer Support, Polybius Tech OÜ, Tartu maantee 43, 10128 Tallinn, Estonia.
5.3 How to exercise those rights?
You may at any time exercise the abovementioned rights in accordance with data protection regulations, by sending us a written request with a copy of your ID card (passport or other proof of identity) by email to [email protected] or by postal mail to Customer Support, Polybius Tech OÜ, Tartu maantee 43, 10128 Tallinn, Estonia, and subject to complying with our reasonable requests to verify your identity.
5.4 Right to lodge a complaint
In the event of a conflict concerning the processing of your personal data, you can contact our Legal department via the following channels: by email to [email protected] or by postal mail to Legal, Polybius Tech OÜ, Tartu maantee 43, 10128 Tallinn, Estonia.
You can also lodge a complaint to the Estonian Data Protection Inspectorate either by post at 39 Tatari St., 10134 Tallinn, Estonia, or by e-mail at [email protected] or by phone at +372 627 4135.
6. How long do we keep your personal data?
We will not store your personal data beyond the time necessary for the performance of the purposes for which the data is processed. Specifically, we distinguish between a retention period and an archiving period:
- The retention period is the maximum period of use of your personal data for specific purposes:
- the data processed for the execution of the contractual relationship is kept for the entire duration of the contract/membership and for the prescription period upon termination of the contract;
- the data processed for other purposes may be retained for a longer period during which we will reassess the need to keep this data and pseudonymize the data where it does not affect the realization of the purposes.
- The archiving period meets our legal obligation as well as the legal need to retain your data beyond the retention period for evidentiary purposes or to respond to requests for information from the competent authorities.
7. How do we protect your personal data?
We take appropriate technical and organisational measures to safeguard and protect your personal data, against unauthorized or unlawful processing and against accidental destruction, loss, access, misuses, damage and any other unlawful forms of processing of the personal data in our possession.
9. How to contact us?
By email to [email protected] or by postal mail to Customer Support, Polybius Tech OÜ, Tartu maantee 43, 10128 Tallinn, Estonia.
Last updated on 3 April 2019
Archived old version of Policy available at: https://polybius.io/old-privacy-policy