Политика конфиденциальности и защита данных
for AML Quppy Bot Website (
https://quppyaml.com/
)
INTRODUCTION
-
The Company is committed to being a responsible custodian of the
information you provide to us and the information we collect in the
course of operating our business. This Privacy Policy describes how the
Company may collect and process information received by us in association
with the operation of the AML Quppy Bot Website (
https://quppyaml.com/
) and the provision of Services outlined in the
Terms of Use
. This Policy is addressed to the Company’s clients as well as to
those individuals who will provide their personal data for processing
(hereinafter – Data Subjects).
-
Your Personal Data is processed in accordance with the
General Data Protection Regulation
(Regulation EU 2016/679, further - “the GDPR”), the
Data Protection Act 2018
and other relevant legislation with respect to the accepted principles of
good information handling (collectively referred to as the “Data
Protection Legislation”).
-
This Privacy Policy shall be governed by the laws of Hong Kong.
-
For all intents and purposes, the English language version of this
Privacy Policy will be the original, governing instrument. In the event
of any conflict between the English language version of this Privacy
Policy and any subsequent translation into any other language, the
English language version will govern and control.
DEFINITIONS
“Company” means QUPPY PAY LIMITED, a company registered in
Hong Kong with registration number 3148041, having its registered office
at Room 747, 7/F Star House 3, Salisbury Road Tst, Hong Kong (the
“Company”, “We”), which operates AML Quppy Bot
website available at https://quppyaml.com/ (referred to as
“we” and “us” hereinafter);
-
“Website” means the AML Quppy Bot website operated by the
Company and available at https://quppyaml.com/ ;
-
“Privacy Policy” means the latest version of the
Company’s Privacy Policy which describes our policies and
procedures pertaining to the collection, use, and disclosure of your
Personal Data;
-
“Personal Data” means any information relating to the User,
which identifies or may identify the User;
-
“User” means an individual or a legal entity that has read
and agreed to the Terms of Use and the Privacy Policy and uses the
services of AML Quppy Bot provided by the Company through the Website
(referred to as “you” or “yours” hereinafter);
-
“Services” means the services of AML Quppy Bot provided by
the Company and available to Users via the Website as set out in detail
in the Terms of Use.
SCOPE OF THE POLICY
The purpose of this policy is to ensure that the QUPPY PAY’s staff
shall comply with the provisions of Hong Kong law and the EU GDPR when
processing personal data. Any serious infringement will be treated
seriously and may be considered under disciplinary procedures. The company
adheres to the principles of data protection as laid down by the EU GDPR.
In accordance with those principles personal data shall be:
-
Processed fairly and lawfully and in a transparent manner in relation to
the data subject;
-
Processed for specified, explicit and legitimate purposes only and not
further processed in a manner that is incompatible with those purposes;
-
Adequate, relevant and limited to what is necessary in relation to the
purposes for which they are processed;
-
Accurate and up to date;
-
Kept in a form which permits identification of data subjects for no
longer than is necessary for the purposes for which the personal data are
processed;
-
Not kept longer than necessary;
-
Processed in a manner that ensures appropriate security of the personal
data;
-
Not transferred outside the countries of the European Economic Area or
the EU without adequate protection.
RESPONSIBILITIES
(a) QUPPY PAY responsibilities. QUPPY PAY is responsible for establishing
policies and procedures in order to comply with the EU GDPR.
(b) Data Protection Officer’s responsibilities. Data Protection
Officer holds responsibility for:
-
drawing up guidance and promoting compliance with this policy in such a
way as to ensure the easy, appropriate and timely retrieval of
information;
-
the appropriate compliance with subject access rights and ensuring that
data is processed in accordance with the Data Protection Act 2018 and the
EU GDPR;
-
ensuring that any data protection breaches are resolved, catalogued and
reported appropriately in a swift manner;
-
investigating and responding to complaints regarding data protection
including requests to cease processing personal data.
(c) Staff responsibilities. Staff members who process personal data must
comply with the requirements of this policy. Staff members must ensure
that:
-
all personal data is kept securely;
-
no personal data is disclosed either verbally or in writing, accidentally
or otherwise, to any unauthorised third party;
-
any queries regarding data protection, including subject access requests
and complaints, are promptly directed to the Data Protection Officer;
-
any data protection breaches are swiftly brought to the attention of the
Governance Team and that they support the Data Protection Officer in
resolving breaches;
-
where there is uncertainty around a Data Protection matter advice is
sought from the Data Protection Officer.
Software and network security
The Company holds regular vulnerability scans against our full
infrastructure. We also have external, independent, penetration tests
conducted on a periodic basis.
-
Our dashboard supports several regimes of secrecy, so that our clients
could monitor the status of processing without learning any personal data
of the their customers.
-
Code changes are always peer reviewed and static source code reviews are
performed systematically and at a high frequency.
-
All engineering and development operations staff are regularly trained on
system, application and network security.
-
Our IT and container infrastructure is continuously monitored and audited
for change.
-
Critical systems and information are protected with strong authentication
mechanisms.
-
All networks connections are protected by firewalls and are monitored by
cyber security solutions to detect intrusions and suspicious activity.
-
Machine learning is used to discover malicious behaviour of network
endpoints and applications.
-
All our computers, laptops and servers utilise full disk/volume
encryption and are installed with antivirus/malware protection which is
automatically updated to the latest version and signatures available.
INFORMATION WE COLLECT
When you engage with us, we collect and process your Personal Data, which
includes as follows:
-
Personal identification information, including: name, e-mail address,
phone number, country, full address, date of birth, registered address,
banking details;
-
Data collected in connection with “Know Your Customer” (KYC)
compliance, “Anti-Money Laundering” (AML) compliance and
“Counter-Terrorist Financing” (CTF) compliance;
-
Device and website usage data, including: IP addresses; language
preferences and other device identifiers; information relating to your
access to the Platforms, such as device characteristics, date and time.
-
The Company subjects the personal data to automated reading, verification
of the authenticity and other automated processing of photos and scanned
copies of documents and with further check against the data in multiple
databases, including inter alia International politically exposed persons
(PEPs) and Sanctions, Country Specific Sanctions Lists, Criminal Lists
and Financial Lists. Once the personal data is not any more necessary for
the purposes of applicable compliance rules, the Company shall erase the
data completely off its servers without leaving any backup copies or,
based on the same condition, transfer the data to the relevant
Controller.
HOW WE COLLECT YOUR DATA
-
We collect Personal Data directly from you when you use our Website or
services, communicate with us, or interact directly with us. For example,
when you complete the contact form on our Website, Application or when
you contact us via email.
-
We use industry standards for automatically collecting certain
information about visitors to our Website. We collect information about
you, or information collected by cookies and similar technologies, when
you use, access, or interact with our Website. We shall ensure that
processing is proportionate and that we have carried out a legitimate
interest impact assessment. To the extent that the use of cookies or
similar technologies requires your consent, we may also process your
Personal Data based on your consent.
-
We also may collect information about you from third-party sources,
including but not limited to, the following channels:
-
5.3.1. marketing partners and resellers;
-
5.3.2. advertising partners and analytics providers;
-
5.3.3. public databases, credit bureaus and ID verification partners;
-
5.3.4. social networks (for example, Twitter).
-
We protect the Personal Data obtained from third parties according to the
practices described in this Privacy Policy and we also apply additional
restrictions imposed by the source of data.
DATA SUBJECT’S RIGHTS
Each Data Subject providing his/her personal data to the Company has the
following rights that the Company fully respects:
-
Right to obtain confirmation as to whether or not his or her personal
data are being processed (Article 15 EU GDPR);
-
Right to obtain rectification of inaccurate personal data without undue
delay (Article 16 EU GDPR);
-
Right to erase personal data or “right to be forgotten”
(Article 17 EU GDPR);
-
Right to restrict data processing, in particular when the accuracy of the
data is contested (Article 18 EU GDPR);
-
Right to receive communications as to rectification or erasure of
personal data or restriction on processing (Article 19 EU GDPR);
-
Right to receive personal data in the form that is machine-¬readable
and ready for transmission to another controller (Article 20 EU GDPR);
-
Right to object data processing (Article 21 EU GDPR);
-
Right not to be subject to a decision based solely on automated
processing (Article 22 EU GDPR).
THE PURPOSES OF COLLECTING YOUR PERSONAL DATA
-
The Company collects your Personal Data for the following purposes:
-
to enable you to use our Website and the Services provided through them,
to create an account or profile, to process information you provide via
our Website (including verifying that your email address is active and
valid) in accordance with
Article 6(1)(a) GDPR
;
-
to detect and prevent potentially prohibited or illegal activity
relating to the Company’s services in accordance with
Article 6(1)(b),(c) and (f) GDPR
;
-
to tailor content, recommendations, and advertisements that we and third
parties display to you, both on the Platforms and elsewhere online in
accordance with
Article 6(1)(a) GDPR
;
-
to contact you in response to your inquiries, comments and suggestions
in accordance with
Article 6(1)(b) GDPR
;
-
with your consent, to provide you with information, products, or
services that we otherwise believe will interest you, including special
opportunities from us and our third-party partners in accordance
with
Article 6(1)(a) GDPR
;
-
to contact you with administrative communications and, in our
discretion, changes to our Privacy Policy, Terms of Use, or any of our
other policies in accordance with
Article 6(1)(c) GDPR
;
-
for internal business purposes, such as to improve our Website or
Application in accordance with
Article 6(1)(b) GDPR
;
-
to issue invoices and collect fees in accordance with
Article 6(1)(f),(b) GDPR
;
-
to comply with our policies and obligations, including, but not limited
to, disclosures and responses in response to any requests from law
enforcement authorities and/or regulators in accordance with any
applicable law, rule, regulation, judicial or governmental order in
accordance with
Article 6(1)(c),(b) GDPR
.
-
Your Personal Data, whether public or private, will not be sold,
exchanged, transferred, or given to any other company for any reason
whatsoever, without your consent, other than for the purpose of
delivering the requested services and improving our services.
PROVIDING YOUR PERSONAL DATA TO THE THIRD PARTIES
-
As a general principle, we collect and process Personal Data in order to
facilitate or improve the Company’s services or offers. We do not
sell your Personal Data or share it with third parties, except to the
extent stated in this Privacy Policy.
-
For behaviour statistics and business intelligence we use the services of
Google LLC (“Google Analytics”), a company located in the
United States. Your Personal Data that we may provide to Google Analytics
may include your IP address, and that data is used by Google Analytics to
generate information about your usage of our service.
-
We may share your Personal Data with the following third parties:
-
Third-party vendors providing services on our behalf, including
advertising, analytics, research, customer service, service support,
data storage, validation, security, fraud prevention, and legal
services. Such third-party vendors have access to perform these services
but are prohibited from using your Personal Data for other purposes;
-
8.3.2. External services or authorities when such disclosure is
necessary for compliance with a legal obligation to which we are
subject, or in order to protect your vital interests and/or the vital
interests of a third-party;
-
8.3.3. Other third parties subject to your consent.
-
When we disclose your Personal Data to a third party, we take all
reasonable steps to ensure that those third parties are bound by
confidentiality and privacy obligations with respect to the protection of
your Personal Data. The disclosure is conducted in compliance with legal
requirements, including entering into data processing agreements with the
relevant third parties, to ensure that Personal Data is only processed in
accordance with our instructions, applicable laws and regulations and for
the purpose specified by us and to ensure adequate security measures.
STORAGE AND DELETION OF PERSONAL DATA
-
The Company will retain your Personal Data for as long as we deem it
necessary to enable you to use the Website and to provide Services to
you, to comply with applicable laws (including those regarding document
retention), resolve disputes with any parties and otherwise as necessary
to allow us to conduct our business.
-
The legal basis for retaining your Personal Data is the Company’s
legitimate interest under
GDPR Article 6(1)(f)
to protect our rights in the light of potential legal disputes during the
limitation period under law.
-
If we have collected your Personal Data in relation to your inquiry to
us, we retain your Personal Data for up to three (3) years from
collection, unless the other provided by this Privacy Policy.
-
Notwithstanding anything to the contrary in this Section, we may retain
your Personal Data where such retention is necessary for compliance with
a legal obligation to which we are subject to, or in order to protect
your vital interests or the vital interests of another natural person in
accordance with
GDPR Article 6(1)(c)
.
-
When the Company no longer needs to keep your Personal Data, it will
securely delete or destroy it.
PROTECTION OF PERSONAL DATA
-
Your Personal data integrity is of high concern to us. We follow the
standard practices within the industry to protect the Personal Data that
we collect and maintain, including using Transport Layer Security (TLS)
to encrypt information as it travels over the internet. We have therefore
implemented technology and security policies and procedures intended to
reduce the risk of accidental destruction or loss, or the unauthorized
disclosure or access to, such information, reasonably appropriate to the
nature of the data concerned; unfortunately, however, no data
transmission over the Internet can be guaranteed to be 100% secure.
-
We implemented a number of additional security measures to ensure that
your Personal Data is not lost, abused, or altered, including, but not
limited to:
-
Physical measures, which means that materials containing your Personal
Data will be stored in a locked place.
-
Electronic measures, which means that computer data containing your
Personal Data will be stored in the computer systems and storage media
that are subject to strict log-in restrictions.
-
Management measures, which means that only authorized employees are
permitted to come into contact with your Personal Data and such
employees must comply with our internal confidentiality rules for
Personal Data. We have also imposed strict physical access controls to
buildings and files.
-
Technical measures.
-
If you suspect that your Personal Data has been compromised, please
immediately contact our Customer Support Team at
info@quppyaml.com
.
USER’S RIGHTS
-
Users residing in certain countries, including the EU, are afforded
certain rights regarding their personal information:
-
the right to access: you have the right to confirmation as to
whether or not we process your Personal Data and, where we do, to access
the Personal Data. Providing that the rights and freedoms of others are
not affected, we will supply to you a copy of your Personal Data. The
first copy will be provided free of charge, but additional copies may be
subject to a reasonable fee;
-
the right to object to processing: you have the right to object to us
processing your Personal Data, citing personal reasons; however,
understand that we may still process your Personal Data if we have
lawful grounds to do so, but only if our interests in processing your
Personal Data are not overridden by your rights, interests, or freedoms;
-
the right to rectification: you have the right to have any inaccurate
Personal Data about you rectified and, taking into account the purposes
of the processing, to have any incomplete Personal Data about you
completed;
-
the right to data portability: you have the right to obtain and reuse
your Personal Data for your own purposes across different services. It
allows you to move, copy or transfer Personal Data easily from one IT
environment to another in a safe and secure way, without hindrance to
usability;
-
the right to erasure: you have the right to request that the Company
erase your Personal Data under certain conditions;
-
the right to restrict processing: you have the right to request that the
Company restrict the processing of your Personal Data under certain
conditions;
-
the right to withdraw consent: to the extent that the legal basis for
our processing of your Personal Data is consent, you have the right to
withdraw that consent at any time. However, withdrawal will not affect
the lawfulness of processing of your Personal Data before the
withdrawal.
-
You may exercise any of your rights in relation to your Personal Data by
contacting our Customer Support. You must note that prior to accessing
and making changes to your Рersonal Data, we will need to verify your
identity properly.
-
We will aim to respond to your requests regarding your Personal Data
within 1 (one) month of receipt of any such request.
INTERNATIONAL TRANSFER OF PERSONAL DATA
-
We may need to transfer your Рersonal Data to countries which are located
outside the European Economic Area (“EEA”), for the purpose
of providing the Services to you. You may be located in a country outside
of the EEA and therefore we may have no choice but to transfer your
Personal Data outside of the EEA.
-
Any transfer of your personal information outside of the EEA will be
subject to a GDPR-compliant guarantee (such a Model Contract Clause
approved by the European Commission) that will safeguard your privacy
rights and give you remedies in the unlikely event of a security breach.
COOKIES POLICY
-
We use cookies and similar technologies like pixels, tags, and other
identifiers in order to remember your preferences, to understand how our
Website is used, and to customize our marketing offerings.
-
A cookie is a small data file containing a string of characters that is
sent to your computer when you visit a website. When you visit the
websites again, the cookie allows that site to recognize your browser.
The length of time a cookie will stay on your computer or mobile device
depends on whether it is a “persistent” or
“session” cookie. For further information regarding cookies,
visit
allaboutcookies.org
.
-
We use the following types of cookies on our Website:
-
Strictly necessary cookies: these are essential for you to browse our
Website and use its features. Without these cookies, some online
services cannot be provided.
-
Performance cookies: these collect information about how you use our
Website. This data may be used to help optimize our Website and make it
easier for you to navigate.
-
Functional cookies: these allow our Website to remember the choices you
make while browsing the Website and to personalize your
experience.
-
Third-party cookies: these are placed by websites and/or parties other
than us. These cookies may be used on our Website to improve our
services or to help us provide more relevant advertising. These cookies
are subject to the respective privacy policies for the relevant external
services.
-
Analytics cookies: these are offered by services like Google Analytics,
to help us understand how long a visitor stays on our Website, what
pages they find most useful, and how they arrived at
https://quppyaml.com//
.
-
Most web browsers allow you to control cookies through their settings
preferences. However, if you limit the ability of our Website to set
cookies, you may impair your overall user experience, as it will no
longer be personalized to you.
-
In addition to cookies, we sometimes use small graphics images known as
pixels (also known as web beacons, clear GIFs, or pixel tags). We use
pixels in our email communications to you (if you have selected to
receive such communications) to help us to understand whether our email
communication has been viewed. We also use third-party pixels (such as
those from Google, YouTube, and other networks) to help us provide
advertising that is relevant to your interests.
CHANGES TO THE PRIVACY POLICY
We may update this Privacy Policy from time to time and we encourage you
to periodically review this page. If we make any material changes in the
way we collect, use, and/or share your Personal Data, we will notify you
by posting notice of the changes in a clear and conspicuous manner on the
Wallet Checker Website at
https://quppyaml.com/
.
CONTACT INFORMATION
Should you have any questions regarding this Privacy Policy, please do not
hesitate to contact us at
info@quppyaml.com