Pursuant to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (“GDPR”).
- Our Data Protection Policy
Capitalised terms not defined in this Data Protection Policy shall have the meanings set out in the User Agreement, available at https://fumbi.network/en/user-agreement/.
This Data Protection Policy governs the collection, use, retention and deletion of your personal data by us and provides you with information about your rights under the GDPR.
For the purposes of the GDPR, the controller of any personal information we hold about you is FUMBI NETWORK j. s. a., a simple share company established in the Slovak Republic, with its registered office at: Mlynské nivy 5, 821 09 Bratislava, ID No.: 52 005 895, registered in the Commercial Register of the Municipal Court Bratislava III, Section: Sja, Entry No.: 57/B.
Each action involving the processing of personal data is carried out in accordance with the GDPR and this Data Protection Policy. Please read this Data Protection Policy carefully so that you understand our view on and our procedures with respect to your personal data and how we deal with them.
- The Data Protection Principles We Abide
We process your personal data in accordance with the following principles set forth by the GPDR:
(a) Lawfulness, fairness and transparency
We process your personal data lawfully, fairly and in a transparent manner.
(b) Purpose limitation
We collect your personal data for specified, explicit and legitimate purposes and do not further process your personal data in a manner that is incompatible with those purposes.
(c) Data minimisation
Personal data which we process is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed.
We keep your personal data accurate and update it where necessary.
(e) Storage limitation
We keep your personal data in a form which permits your identification for no longer than is necessary for the purposes for which we process your personal data.
(f) Integrity and confidentiality
We ensure appropriate security of your personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage.
We carry out any processing of your personal data in a responsible fashion and in compliance with the GDPR.
- Sources and Scope of Personal Data We Process
We primarily collect your personal data directly from you. During the process of opening your Account, you provide us with your log-in and password to your Account.
After the opening of your Account and prior to our provision of any Services to you, we will ask you to provide us with additional information for the purposes of verification of your identity, assessing your business risk, detection of fraud, money laundering, terrorist financing, or any other financial crime. In this respect, we will ask you to provide us with Identification Data, e.g. on provision of you name, surname, your residency address for the purpose of our statutory obligations, mainly pursuant provisions arising from AML Act.
We collect and process payment information at the time when you make a payment to us. If you give us bank your account details, we use it solely for the purpose of collection of your payment and facilitation of our payments to you.
Pursuant to the terms of the User Agreement in order to comply with our obligations pursuant AML Act, other laws or internal directives we may require you to provide us with additional information for the purpose of verification of your we may ask you to provide us with additional information for the purpose of verification of Your identity and assessment of business risk pursuant, for example, copy of (i) identification document; in case of legal person also identification documents of members of the statutory body and ultimate beneficial owners of such legal person; (ii) documentation confirming your permanent or temporary residency address (e.g. utilities bill or the extract from the bank account evidencing identification information conforming information, extract from registry of persons, extract from the Commercial or similar public register; (iii) photo of your face including legible data of your identity card, and (iv) information on origin of funds that are subject of the Deposit pursuant to the User Agreement.
We may also collect certain information about you from public registers and other publicly accessible sources for the purposes of verification of your identity, assessing your business risk, detection of fraud, money laundering, terrorist financing, or any other financial crime.
If you visit FUMBI Platform, we may automatically collect information about you using Google Analytics in order to understand how you engage with FUMBI Platform. Such information is collected and provided to us by Google LLC, as our data processor. If you don’t want Analytics to be used in your browser, you can install the Google Analytics browser add-on. You can learn more about Google Analytics and privacy here.
- Processing of Your Personal Data
Compliance with our Data Protection Policy
We use your personal data in compliance with this Data Protection Policy. We will never sell your personal data to any third party, unless you give us your explicit consent with such sale.
Use of Personal Data
We may use your personal data on the basis of the following legal bases:
(a) Performance of the User Agreement
We will process your personal data where it is necessary for the conclusion, performance, amendment and termination of the User Agreement. In this respect, we process your name, surname, address, telephone number, e-mail address and your bank account details. The conclusion and performance of the User Agreement is only possible after the opening of your Account and therefore we also process your log-in and password to your Account.
The term of processing your personal data is determined by the term of the User Agreement. We may continue to process your personal data even after the termination of the User Agreement based on a different legal basis where applicable.
(b) Compliance with Statutory Obligation
We will process your personal data where it is necessary for compliance with a legal obligation to which we are subject. We will process your personal data for the purpose of our compliance with applicable legislation on detection of fraud, prevention of money laundering and terrorist financing, or any other financial crime. In this respect, we may ask you to upload a copy of your identification document and fill out the Identification Data or other information pursuant to User Agreement.
We may disclose your personal data where it is necessary to comply with a law, court order, or similar legal requirement. The term of processing your personal data is determined by the duration of the respective legal obligations.
(c) Legitimate Interests
We may also process your personal data where it is necessary for the purposes of our legitimate interests, except where such interests are overridden by your interests or fundamental rights and freedoms. Our legitimate interests include the following:
• Protection of our rights
We may store your personal data where it is necessary for the protection of our rights under the User Agreement or applicable law. We will only hold such personal data for a necessary period of time which will not exceed 10 years after the termination of User Agreement.
• Prevention of fraudulent behaviour
We may store your personal data where it is necessary for the purpose of preventing fraud that may harm us and our interests for a period of up to 5 years after the termination of User Agreement.
• Enforcement of claims
We may store your personal data where it is necessary for the enforcement of claims that we may have against you. We will only hold such personal data until the applicable limitation periods expire.
• Direct marketing
We use your name and e-mail address to provide you with information about our products andservices. In order to provide you with such information we will send you an e-mail newsletter, unless you have objected to this or you will object at any time in future.
• Recommendations and rewards
We store information about each recommendation made by the User if the New User joins FUMBI on the basis of a recommendation, for the purpose of assessing eligibility to receive a reward under the Referral System. This information is stored in relation to the User who referred the New User and also to the New User who joined FUMBI under the terms of the Referral System.
We use “cookies” to help you personalise the use of the FUMBI Platform. A cookie is a text file that is placed on your hard disk by a web server. Cookies are uniquely assigned to you and can only be read by a web server in the domain that issued the cookie to you. One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalise pages on the FUMBI Platform, cookies will help us to refresh your specific information on each subsequent visit to this site. When you return to the same website, the information you previously provided can be retrieved, so you can easily use the customised features.
Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the FUMBI Platform.
6. Recipients and Processors of Your Personal Data
We may appoint third parties – processors – to carry out certain tasks related to processing of your personal data under a data processing agreement. We will appoint only processors providing sufficient guarantees to implement appropriate technical and organisational measures in such a manner that processing will meet the requirements of the GDPR and ensure the protection of your rights.
We use the following data processors, who may receive and process your personal data on our behalf:
- Google LLC (“Google”), 1600 Amphitheatre Parkway, Mountain View, CA 94043, The United States of America;
- Liquid Web, LLC, 2703 Ena Dr., Lansing, MI 48917, The United States of America;
- Mailgun Technologies, Inc., 535 Mission St., Fl 14, San Francisco, CA 94105, The United States of America;
- Fintegence, s.r.o., Staromestská 3, 811 03 Bratislava – Old Town district, Slovakia
- Fireblocks Ltd, Derech Menachem Begin 150, 6492105 Tel Aviv, Israel
- SUM AND SUBSTANCE LTD, 30 St. Mary Axe, London, England, EC3A 8BF.
We may transfer your personal data to processors or other recipients in third countries but only (i) where the European Commission has decided that the third country, a territory or one or more specified sectors within that third country in question ensures an adequate level of protection or (ii) where the processor has provided appropriate safeguards, and on condition that enforceable data subject rights and effective legal remedies for data subjects are available.
If you provide the reference code of the FUMBI Partner who recommended you to enter into the User Agreement when registering on the Platform, or if your registration on the Platform is carried out directly by a FUMBI Partner with your consent, we will also provide your personal data to the relevant Partner in order to enable the provision of customer support by that Partner. Such provision of personal data is limited in time by the duration of the User Agreement with you and also by the duration of the Partner Agreement between FUMBI and the relevant Partner, in which the Partner undertakes to comply with all obligations arising from the GDPR and the Data Protection Act in the processing of personal data and not to disclose it to any third parties, unless, with your consent, otherwise agreed. Subject to the terms and conditions agreed in the relevant Partner Agreement, the Partner may disclose your personal data to the company with which it cooperates as a so-called Partner subject to the Superpartner, while this company is not entitled to disclose it to any other person and is obliged to handle it in accordance with the relevant data protection legislation.
- Your Rights
Pursuant to the GDPR, you have the following rights related to processing of your personal data:
(a) The right to be informed
You have the right to be informed about processing of your personal data. We provide you with the information about such processing in this Data Protection Policy.
(b) The right to access your personal data
Contact us if you wish to access the personal data we store about you.
(c) The right to rectification
If the personal data we hold about you is inaccurate or incomplete, you have the right to ask for its rectification. If that personal data has been passed to a third party with your consent or for legal reasons, then we must also ask them to rectify the data.
(d) The right to erasure (“the right to be forgotten”)
You have the right to ask us to erase all your personal data. However, we are not obligated to erase your personal data if we have a legal reason to process it or if the processing is necessary for the performance of the User Agreement.
(e) Right to restriction of processing
You have the right to ask us to restrict the way we process your personal data if:
- you object to the accuracy of your personal data (in which case the processing of your personal data will be restricted for the period necessary to verify its accuracy);
- you object that the processing of your personal data is unlawful and request the restriction of its use instead of its erasure;
- we no longer need your personal data for the purpose of processing, but you need it to establish, exercise or defend your legal claims;
- you have objected to the processing of your personal data pursuant to (g) below (in which case the processing of your personal data will be restricted while we verify whether the legitimate grounds on our side outweigh the legitimate grounds of you as the affected person).Where processing has been restricted pursuant to any of the above points, such personal data may, with the exception of storage, only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the European Union or its member states.(f) The right to data portability
We are obligated to allow you to obtain and reuse your personal data for your own purposes across services in a safe and secure way without this affecting the usability of your data.
(g) The right to object
You have the right to object to processing of your personal data if it is based on our legitimate interests. Unless we demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or for the establishment, exercise or defence of legal claims, we will no longer process your personal data.
(h) The right to withdraw consent
If you give us your consent to the processing of your data but later change your mind, you have the right to withdraw your consent at any time. If you revoke your prior consent, we will stop processing your data. However, in general, we do not process your personal data based on your consent but according to the concluded User Agreement.
(i) The right to complain
You have the right to complain to a competent data protection authority if you feel that we are processing your personal data in a manner inconsistent with the GDPR or if you feel that we do not respect your rights. Contact details of the all EU member states’ data protection authorities are available at: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
You can exercise any of the above rights (except the right to complain, which should be exercised by contacting the competent data protection authority directly) by submitting the appropriate request with us. Please contact us by email at: firstname.lastname@example.org
- Links to Other Websites
FUMBI Platform may contain links to and from websites of our partners, advertisers, social media sites etc. If you follow a link to any of these websites, please note that these websites may have their own privacy notices and that we do not accept any responsibility or liability for any such notices.
Please check these notices, where available, before you submit any personal data to these websites.
- How we Secure your Personal Data
We use a variety of security technologies and procedures to help protect your personal data from unauthorized access, use or disclosure. We secure your personal data on computer servers in a controlled, secure environment, protected from unauthorised access, use or disclosure. When sensitive information (such as a bank account details and/or geo-location data) is collected on the FUMBI Platform and/or transmitted to other websites, it is protected through the use of encryption, such as the Secure Socket Layer (SSL) protocol.
Even though we strive to provide the most secure environment for the processing of your personal data, we cannot completely rule out a possibility of unauthorised access, use or disclosure. In the case of such a personal data breach, we will inform the competent supervisory authority without undue delay and act swiftly to address the situation. If the personal data breach is likely to harm you, we will also inform you about the personal data breach without undue delay.
- Changes to Our Data Protection Policy
We may amend this Data Protection Policy from time to time in which case we will always provide you with the amended version of the Data Protection Policy.
If you have any questions about this Data Protection Policy, you can contact us at: email@example.com