We conduct AML - an audit of client funds to prevent violations of the law
When registering on our website, you can provide data that the service allows users to identify themselves with. This may include an email address, full name, phone number, bank card number, e-wallet, and other similar information. All this data remains on the resource (Fury-exchange.com) for the duration of interaction with the user, since without it, effective data exchange for work is impossible.
All data transferred to the service database can be used to ensure work. The main purpose of their use is the ability to configure the correct functioning of the service and applications. Accordingly, at the first request, clients will receive everything they may need to resolve any issues that arise. Separately, it is worth noting the work of the technical department. Here, personal data of users is required for rational work. This is about the following:
— processing data that will be used to improve the site so that users receive the best possible conditions;
— providing information about innovations in the organization's work;
— working on faster and more correct operation of the resource;
— feedback from users;
— implementation of a system of measures aimed at preventing hacking by fraudsters.
Personal data specified by the user on the resource are considered confidential. Their transfer to third parties is not allowed. The only exceptions are situations provided for by law. These include: a court order, a request from law enforcement agencies, a change in the company structure, its sale (in such situations, the data is received by the new manager).
A cookie is a piece of information that is specified in the browser. It is recorded using the site server. This component ensures interaction between the server and the browser. Using cookies, the resource recognizes the user if he has previously visited it. There are several types of these files. Among them:
— necessary – help to recognize the type of browser, software, serve to provide various services;
— analytical – allow you to recognize specific visitors, collect data regarding the actions performed on the resource;
— technical – make it possible to accumulate information that is then used to find errors, study activities, new characteristics of the system, which in general makes it possible to increase the efficiency of work;
— functional – allow you to navigate through sites more easily and quickly, save selected data transfer parameters, etc.;
— third-party – study new characteristics in the used system, for what statistical data is collected.
Cookies are stored on the user's device and exist as long as necessary to interact with the site. The Yandex service collects data from the files in question to obtain the required error monitoring statistics. Such data can be stored for quite a long time. It all depends on the specific tasks. After the process is completed, deletion occurs automatically.
Personal data collected using cookies is transferred to the Yandex service and third parties. Data may be transferred for advertising purposes so that the user receives offers based on his interests, but this is only possible upon confirmation of the terms of the user agreement.
If the user visits the site for the first time, he is offered to use the files in question by the system. If a ban is issued, a repeated offer is made on a new visit. The visitor can delete cookies independently, for which there are corresponding browser functions.
Ignoring offers leads to the user being disconnected from some functions. There may be pixel tags on the user's PC. They are used by Yandex to obtain data on transactions performed, as well as when collecting information about the features of its sites and services.
The resource administration uses effective measures to protect personal data. Thanks to them, it is not allowed for other people to use personal data, all sorts of barriers are put in place for this. The loss of confidential information is reduced to a minimal risk. At the same time, one can never give a 100% guarantee of security. The user also bears partial responsibility for the safety of their password, the use of complex combinations to reduce the likelihood of selection and hacking. If problems are detected, you should contact the site support.
This Privacy Policy describes how Invictus solutions s.r.o. (also referred to in this Policy as “we,” “our,” or “us”) collects, uses, and shares information related to your use of our products, services, and website. This Policy complies with the requirements of the European General Data Protection Regulation (“GDPR”) and seeks to establish transparent, lawful, fair, and secure processing of personal data of our customers and users.
This Privacy Policy explains what personal data we collect through our website and services, how and why we collect it, how we use it, and what third parties we share it with. It also describes your rights in relation to personal data and how you can exercise them.
Securely storing and processing the funds you entrust to us, and ensuring that the marketplace and your Orders and Transactions are fair, competitive and transparent are our top priorities. We may revise this Privacy Policy from time to time, but we will never do so in a way that does not compromise the importance of our mission. If there are any changes to this Policy (and other policies, including the Terms of Service and Cookie Policy), we will notify you of the changes by email and on this page.
1.1. Personal data
"Personal data" means any information that can be used to identify you as an individual, directly or indirectly. Such information includes your personal name, identification number, location data and any information found on the Internet that could reveal your identity.
1.2. Information about a deceased person
Personal data requires a person to have legal capacity, that is, the ability to exercise their rights, give consent and enter into agreements. This begins at birth and ceases at death. However, we ensure that personal data collected during your lifetime will remain secure and will not be transferred or disclosed outside the provisions of this Policy.
1.3. Controller of your personal data
As defined in the GDPR, Invictus solutions s.r.o. is the Controller of your personal data. This means that we determine what information we collect, how and why we collect it, how it is transferred and what means we use to process it.
1.4. Processing of your personal data
We use certain suppliers and partners who are responsible for the processing of your personal data. For more information, please see Section 8 to find out how your data is processed, which providers we use to process your personal data and which countries we may send your data to for processing.
In order to provide our Services and offer our Products, we must collect information about you.
2.1. Information you provide
This category includes content and information you provide when using our Services and Products. Invictus solutions s.r.o. will never ask you to provide any information related to your racial or ethnic origin, sex life or sexual orientation, political views, philosophical or religious beliefs, biometric or genetic data, or trade union membership.
2.1.1. Account Registration
When you create your personal account, we may ask for your contact information, including your full name, personal address, email address, and phone number. In addition, to verify your identity for compliance purposes, such as the AML/CFT Law, we may collect the following personal information:
— Official identification information: passport, national identity card, driver's license or other relevant documents.
— Financial information: bank account details, payment card information and transaction history.
— Business information: registration certificates, tax numbers, information on ultimate beneficial owners.
— Employment information: job title, employer location.
— Transaction Information: Transaction Amounts and Recipients.
2.1.2. Communications
If you contact us directly, we may ask for additional information such as your name, email address, personal address, and phone number. We will always indicate why this information is needed.
2.1.3. Payment Information
Our Services allow users to select their preferred payment method to complete Orders and Transactions through third-party payment processors. We do not store financial account information managed by the payment processor.
2.2. Cookies
We use cookies to collect information about your interactions with our Services. Cookies may include information about the website features used, frequency of visits, and user preferences. Find out more about cookies at aboutcookies.org.
2.3. Log Files
We store log files to improve the functionality of our website and to provide you with a better service. The information may include IP addresses, browser types, OS, ISP, referring/exit pages, timestamps, and clickstream data.
2.4. Information from Partners and Third Parties
We may receive your personal data from authorized partners, including public databases, identity verification services, blockchain data providers, and marketing or analytics partners. This data helps us verify your identity, prevent illegal activities, and improve our Services.
Public databases, identity verification partners and credit institutions: We collect information from the above partners to verify your identity in accordance with applicable laws and regulations. This includes data such as name, address, employment information, credit history, membership of sanctioned or prohibited groups and other necessary information under the AML/CFT Law. We are required to retain this information to monitor, prevent and detect money laundering and other financial crimes.
Blockchain data: We use publicly available blockchain information to detect and prevent illegal activity and to analyze trends in the blockchain environment.
Marketing partners, advertisers and analytics platforms: We may receive personal data from third-party partners to study how users interact with the site and what services they may be interested in.
According to the GDPR, anonymization is the process of changing personal information to a state in which it is no longer possible to identify the subject. Such data is not subject to direct or indirect identification.
Invictus solutions s.r.o. may use anonymized data to evaluate the quality of service, study customer needs, market research, as well as to ensure security and product development.
We use the information we collect in a variety of ways, including to:
• Provide, operate, and maintain our Services.
• Process payments, fulfill Orders, Transactions, and Transactions in a fair, transparent, competitive, and authentic manner.
• Detect and prevent losses, including fraud and abuse of the Services.
• Ensure compliance with laws and regulations aimed at combating money laundering, terrorist financing, and other crimes.
• Complying with the requirements of the Czech Republic's public authorities, including the Financial and Analytical Office (FAO).
• Communicating with users directly or through partners - for support, notifications, sending important information, and for marketing purposes.
• Sending notifications, reminders, and confirmations by email.
• Improving the quality and reliability of the Services provided.
• Researching and developing new features and products.
• Analyzing user behavior in order to improve the interface and interaction with the platform.
• Maintaining the security, integrity, and safety of the Services, funds, and personal data of users.
We may share the information we collect with third parties in a variety of ways.
5.1. Vendors and Service Providers
We share the information we collect with vendors and service providers who help us operate our business. These vendors include payment platforms, web and mobile analytics services, advertisers, and IT partners such as hosting and software providers.
5.1.1. Service Providers Outside the EU/EEA
Some service providers may be located outside the EU/EEA. For details of how your data is processed when transferred to third parties outside the EU/EEA, please see Section 11 of this Policy.
5.2. Payment Platforms
As a merchant, we share your information with payment services and platforms such as ZEN.COM to process your transaction and fulfill your order. Payment providers such as ZEN.COM collect information specifically to process your transaction: for more information, please visit the relevant page. Invictus solutions s.r.o. may forward your information to payment platforms to complete your order; however, we never store your payment information or use it in any way other than to process your transaction.
5.3. Identity Verification Services
We use third-party verification services, such as SUMSUB, to verify your identity in order to comply with the legal requirements of the AML/CFT Law and to ensure the security, transparency and legality of your activities. Using the services of our verification partners, we compare the personal data that you or other third parties provide to us with information in the verification partners' databases and/or in public records. For information on how SUMSUB collects, stores and uses your personal information in accordance with the purposes of processing, please refer to their privacy notice.
5.4. Advertisers
To ensure that you see ads that may be of interest to you, we work with third-party advertising partners. These partners may receive information from us to personalize advertising according to your interests. They may also collect information about you and use it in accordance with their own privacy policies. We never sell your information to advertisers. In addition, we ensure that the advertisers we select comply with the GDPR and handle your information responsibly.
5.5. Partners who work with us
Due to the nature of our business, we communicate and establish business relationships with various partners in areas such as banking, legal services, compliance, accounting and other relevant sectors. We may share your information with them to ensure the smooth, accurate and complete provision of our Services and to facilitate activities that help us maintain and improve our operations.
5.6. Law Enforcement and Regulatory Compliance
In some cases, we may be required to disclose your personal information in accordance with the law and applicable regulations to law enforcement agencies, government officials or other relevant third parties. This may be necessary in the event of litigation, compliance with court orders or other legal processes, as well as for the purposes of preventing financial crime, money laundering or terrorist financing. Such action is only taken if there are reasonable grounds to believe that any person or entity is involved in or associated with such crimes.
5.7. Business Transfer
In the event of insolvency, bankruptcy, acquisition, transfer of ownership, sale of assets or succession of Invictus solutions s.r.o., your personal information may be disclosed to the new owner, acquirer or successor of the company or other relevant third parties.
At Invictus solutions s.r.o., we understand the importance of maintaining the security of your personal information, as any data breach could have serious consequences for you and your funds. To ensure the integrity, security and confidentiality of your personal data, we use a combination of physical, technical and administrative security measures.
Your personal information is protected using the Transport Layer Security (TLS) protocol, designed to protect your data from unauthorized access and privacy breaches. TLS is primarily used to encrypt information exchanged between our website and servers. We also use TLS to encrypt emails and other communications we exchange. We use the latest and most secure version of TLS (v1.3) and provide quick updates if a more secure version becomes available.
In addition, your transactions and other personal information are stored in encrypted format. This encrypted data is processed using our trusted service providers who maintain strong physical, technical, electronic and administrative security measures. Please note that some of these providers may be located outside the EU/EEA region. To learn more about how your data is collected, stored and processed by these providers, please see Section 11 of this Policy.
Despite the comprehensive security measures we implement, we cannot guarantee absolute protection against unauthorized access, breaches or leaks. Much of the security of your data depends on you. We recommend that you take precautions by creating strong passwords with a combination of letters, numbers and symbols, and by securing your connection (check the lock icon in your browser's address bar). In addition, avoid sending your personal data to unauthorized or fraudulent versions of our website created by malicious users.
If you suspect that your personal data has been misused or feel that we are not processing it securely, please notify us immediately at [email protected].
Your personal data is stored securely for as long as your account remains active. We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, as set out in this Policy. Retention periods may vary depending on the type of personal information and its intended purpose. Below are the general retention periods that we apply:
• Personal information related to our legal obligations to comply with anti-financial crime and money laundering laws and regulations, including the AML/CFT Law, may be retained for as long as required by those laws.
• Contact information used for marketing purposes will only be retained with your consent and will be deleted immediately upon withdrawal of your consent.
• Recordings of telephone calls and other correspondence with us may be retained for up to five years to meet legal and operational requirements.
• Information collected through technical means, such as cookies or log files, will generally be retained for up to one year to improve our services and ensure functionality website.
In some cases, your data may be retained for a longer period if required to do so by legal obligations, resolve disputes or protect our legitimate interests. Once your data is no longer required for its original purpose, it will be securely deleted or anonymized to prevent unauthorized access or misuse.
If you have any questions about our data retention policy or would like to request the deletion of your personal information, please contact us at [email protected].
Our legal basis for collecting, using and sharing your personal data varies depending on the specific context. Below are the main circumstances in which we process your personal data:
When we have your consent: You have read and agreed to our purposes for processing your data by giving your consent. This applies to situations such as marketing notifications, campaigns, or providing your consent to improve your experience on our website and Services.
When we need to perform a contract with you: your information is needed to process and complete your orders, enforce agreements, enforce the terms of this Policy, provide our Services, provide customer support, and maintain the quality of our communications.
When we have a legal obligation to comply: disclosure of data may be necessary to comply with legal requirements imposed by laws or legal regulations.
When we have a legitimate interest: we process your personal data to operate and provide our Services, improve our products, enhance security, and prevent illegal activities. Legitimate interest only applies where it does not override your fundamental rights.
If you have questions about our legal basis for processing your personal data or would like to know more about your rights, please contact us at [email protected].
As a data subject, you have certain rights under the GDPR that you can invoke.
9.1. Accessing, updating, correcting or deleting your information
You have the right to request access to, updating, correcting or deleting your personal information. To do this, you can contact us at any time by email at [email protected].
9.2. Objection to processing and restriction of processing
You can object to the processing of your personal information or request its restriction at any time by contacting us at [email protected].
9.3. Data portability
If you would like to receive all personal information we have collected about you and have it transferred to another controller, you can request this by contacting us at [email protected].
9.4. Opting out of marketing communications
You have the right to opt out of marketing communications at any time. To unsubscribe, click the "unsubscribe" button in our emails or contact us at [email protected].
9.5. Withdrawing your consent
You can withdraw your consent to the processing of your personal data at any time. Please note that the lawfulness of the processing carried out before the withdrawal will remain unaffected.
9.6. Complaint to the Data Protection Authority (DPA)
If you believe that your personal data has been misused, you have the right to lodge a complaint with the Data Protection Authority (DPA) in your country of residence. A list of DPAs, their websites and contact details can be found here.
We may use automated tools to identify risks of fraud or financial crime associated with any Order, Deal, Transaction or Customer. However, we do not make any decisions based solely on automated processing or inferences made by machines without human supervision, assessment and/or intervention. Likewise, we do not use any algorithmic systems to make decisions with serious consequences affecting lives, except as required by relevant data protection regulations.
We are committed to enhancing the security of the personal information you entrust to us. Some of our data processors may be located outside the EU/EEA in countries with different rules regarding personal information. However, we ensure that all partners comply with the requirements and safeguards of the GDPR when processing your personal information.
Transfer to the UK: The European Commission's adequacy decision allows for the free flow of data between the EU/EEA and the UK, as the UK data protection regime is considered equivalent to the GDPR.
Transfers to Relevant Countries: For countries such as Andorra, Argentina, Canada, Faroe Islands, Guernsey, Isle of Man, Israel, Japan, Jersey, New Zealand, Switzerland and Uruguay, we comply with local laws and regulations to ensure secure data transfers.
Transfers to the United States: We no longer rely on the EU-US Privacy Shield, which was overturned in 2020 by the European Court of Justice.
We do not knowingly collect or process any personal information from children under 13. In order to collect and process personal information from a child under 13, we require the explicit consent of their legal representative, such as a parent or guardian.
If you suspect that a child under 13 has provided us with personal information without explicit consent, please contact us at [email protected].
We may change this Policy from time to time to adapt it to changing regulations and new developments. Changes will be posted on our website and we will also notify you of these changes by email.
If you have any questions or concerns about this Policy, your personal data rights, or any other requests regarding your personal information, please contact us:
Address: Na Čečeličke 425/4, Smíchov, 150 00 Prague 5
E-mail: [email protected]