Мы проводим AML — проверку средств клиентов для предотвращения нарушений закона. Если в вашей транзакции, будут обнаружены нарушения, обменный пункт будет вынужден приостановить обменную операцию, до проведения полной проверки. Возврат средств будет осуществлён, после проверки
обработка данных, которые будут применяться для улучшения сайта, чтобы пользователи получали максимально качественные условия;
Личные данные, указанные пользователем на ресурсе, считаются секретными. Не допускается их передача третьим лицам. Исключение составляют только ситуации, предусмотренные в законодательстве. К ним относятся: судебное предписание, запрос правоохранительных органов, смена структуры компании, ее продажа (в таких ситуациях данные получает новый руководитель).
Куки хранятся на устройстве пользователя и существуют столько, сколько нужно для взаимодействия с сайтом. Сервисом Яндекс собираются данные с рассматриваемых файлов, чтобы получить требуемую статистику наблюдения за ошибками. Такие данные могут сохраняться достаточно долго. Все зависит от определенных задач. После завершения процесса удаление происходит в автоматическом режиме.
Личные данные, собранные при помощи куки, передаются сервису Yandex и третьим лицам. Допускается передача данных для рекламных целей, чтобы пользователь получал предложения на основе его интересов, но это возможно только при подтверждении условий пользовательского соглашения.
Если пользователь впервые посещает сайт, то ему поступает предложение использовать рассматриваемые файлы системой. В случае запрета при новом посещении поступает повторное предложение. Посетитель может удалять cookie самостоятельно, для чего есть соответствующие функции браузера.
Игнорирование предложений приводит к тому, что пользователь может оказаться отключенным от некоторых функций. На ПК пользователя могут быть пиксельные теги. Они используются Яндексом для получения данных о проведенных операциях, а также при сборе сведений об особенностях работы своих сайтов и служб.
Для защиты личных данных со стороны администрации ресурса применяются эффективные меры. Благодаря им не позволяется использовать личные данные другим лицам, ставятся для этого всяческие преграды. Потеря конфиденциальных сведений сводится к минимальному риску. В то же время никогда нельзя давать 100 % гарантию безопасности. Пользователь также несет частичную ответственность за сохранность своего пароля, использование сложных комбинаций, чтобы уменьшить вероятность подбора и взлома. При обнаружении проблем следует связаться с поддержкой сайта.
This Privacy Policy describes how Invictus solutions s.r.o. (also referred to in this Policy as “we”, “our” or “us”) collects, uses, and shares information related to your use of our products, services, and the website. This Policy complies with the requirements of the European General Data Protection Regulation (“GDPR”) and seeks to establish the transparent, lawful, fair, and secure handling of personal data of our customers and users.
This Privacy Policy explains what personal data we collect through our website and services, how and why we collect it, how we use it, and what third parties we share it with. Additionally, it describes your personal data rights and how you may exercise them.
Secure storage and handling of funds you entrust with us, as well as ensuring fairness, competitiveness, and transparency of the market and your Orders and Transactions, are our foremost priorities. We may revise this Privacy Policy periodically, but we will never do so in a manner that compromises the importance of our mission. If any modifications are made to this Policy (and other policies, including Terms of Service and Cookie Policy), we will notify you of the changes via email and on this page.
1.1. Personal Data
"Personal Data" means any information that may be used to identify you as an individual, directly or indirectly. Such information includes your personal name, identification number, location data, and any information found online that may reveal your identity.
1.2. Information about the Deceased
Personal Data requires a person to have legal capacity, meaning they can exercise their rights, give consent, and enter into agreements. This begins at birth and is lost upon death. Nevertheless, we ensure that personal data collected during your life remains secure and is not shared or disclosed outside the terms of this Policy.
1.3. Controller of your Personal Data
As defined in the GDPR, Invictus solutions s.r.o. is the Controller of your personal data. This means we determine what information we collect, how and why we collect it, how it is shared, and what means we use to process it.
1.4. Processing of your Personal Data
We use specific vendors and partners that are responsible for processing your personal information. For more specific information, please check out Section 8 to learn how your data is processed, what vendors we use for processing your personal data, and what countries we may send your data to for processing.
To provide our Services and offer our Products, we must collect information about you.
2.1. Information that You Provide
This category includes content and information that you provide when you use our Services and Products. Invictus solutions s.r.o. will never ask you to submit any information related to your racial or ethnic origin, sex life or sexual orientation, political opinions, philosophical or religious beliefs, biometric or genetic data, or trade union membership.
2.1.1. Account Registration
When you create your personal account, we may ask for your contact information, including your full name, personal address, e-mail address, and phone number. In addition, to verify your identity for compliance purposes under legislative acts such as the AML/CTF Act, we may collect the following personal information:
2.1.2. Communications
If you contact us directly, we may ask for additional information such as your name, e-mail address, personal address, and phone number. We will always state why this information is needed.
2.1.3. Payment Information
Our Services allow users to select a preferred payment method to execute Orders and Transactions via third-party payment processors. We do not store financial account information, which is managed by the payment processor.
2.2. Cookie Files
We use cookies to gather information about your interaction with our Services. Cookies may include information such as website features used, visit frequency, and user preferences. Learn more about cookies at aboutcookies.org.
2.3. Log Files
We store log files to enhance our website functionalities and improve service quality. Information may include IP addresses, browser types, OS, ISP, referring/exit pages, timestamps, and clickstream data.
2.4. Information from Partners and Third Parties
We may receive your personal data from authorized partners, including public databases, identity verification services, blockchain data providers, and marketing or analytics partners. This data helps us verify your identity, prevent illegal activities, and improve our Services.
As defined by the GDPR, anonymization is a technique that alters personal information to the point where it may no longer be directly linked to an individual. Anonymized data cannot be used to identify a specific person directly or indirectly.
Invictus solutions s.r.o. may use anonymized data for conducting research on the quality of our Services, understanding customer needs and demands, conducting marketing, detecting and preventing security vulnerabilities, and other relevant business purposes.
We use the information we collect in various ways, including the following:
We may share the information we collect in various ways with third parties.
5.1. Vendors and Service Providers
We share collected information with vendors and service providers that help us operate our business. These vendors include payment platforms, web and mobile analytics services, advertisers, and IT partners such as hosting and software providers.
5.1.1. Non-EU/EEA Vendors
Some service providers may be located outside the EU/EEA area. For details about how your data is handled when shared with third parties outside the EU/EEA, please refer to Section 11 of this Policy.
5.2. Payment Platforms
As a merchant, we share your information with payment services and platforms such as ZEN.COM, to process your transaction and complete your order. Payment providers like ZEN.COM collect information specifically for the purposes of processing your transaction: for further details, please kindly visit the respective page. Invictus solutions s.r.o. may forward your information to payment platforms in order to finalize your order; however, we never keep your payment information or use it in any way but to process your transaction.
5.3. Identity Verification Services
We use third-party verification services such as SUMSUB to verify your identity for the purposes of complying with AML/CTF Law legal requirements and to ensure safety, transparency, and lawful nature of your activities. By using the services of our verification partners, we compare the personal information you or other third parties provide us with to information in the verification partners’ databases and/or public records. To learn how SUMSUB collects, stores, and uses your personal information in accordance with their purposes of processing, please read their privacy notice.
5.4. Advertisers
To ensure you see ads that may be of interest to you, we work with third-party advertising partners. These partners may receive information from us to personalize ads to fit your interests. They may also collect information about you and use it in accordance with their own privacy policies. We never sell your information to advertisers. Additionally, we ensure that the advertisers we choose comply with GDPR and handle your information responsibly.
5.5. Partners that Work with Us
Due to the nature of our business, we communicate and establish business connections with various partners in fields such as banking, legal services, compliance, accounting, and other relevant sectors. We may provide your information to them to ensure uninterrupted, accurate, and integral provision of our Services and to facilitate activities that help us maintain and improve our operations.
5.6. Law Enforcement and Compliance
In some circumstances, we may need to disclose your personal information in accordance with the law and current regulations to law enforcement authorities, government officials, or other relevant third parties. This may be necessary in the case of court proceedings, compliance with legal orders or other legal processes, and for purposes of preventing financial crime, money laundering, or terrorism financing. Such actions are taken only when there are strong grounds to believe that any individual or entity is involved in or associated with such crimes.
5.7. Business Transfers
In cases of insolvency, bankruptcy, acquisition, transfer of ownership, sale of assets, or succession of Invictus solutions s.r.o., your personal information may be disclosed to the new owner, acquirer, or successor of the company or other relevant third parties.
At Invictus solutions s.r.o., we understand the importance of keeping your personal information secure, as any breach of data could have serious consequences for you and your funds. To ensure the integrity, security, and confidentiality of your personal data, we employ a combination of physical, technical, and administrative safeguards.
Your personal information is secured with the help of the Transport Layer Security (TLS) protocol, designed to protect your data from unauthorized access and privacy breaches. TLS is primarily used to encrypt information exchanged between our website and servers. We also use TLS to encrypt emails and other communications exchanged with us. We employ the latest and most secure version of TLS (v1.3) and ensure prompt updates if a more reliable version becomes available.
Additionally, your transaction and other personal information are stored in an encrypted format. This encrypted data is managed with the assistance of our trusted service providers, who maintain robust physical, technical, electronic, and administrative safeguards. Please note that some of these providers may be located outside the EU/EEA region. To learn more about how your data is collected, stored, and processed by these vendors, refer to Section 11 of this Policy.
Despite the comprehensive security measures we implement, we cannot guarantee absolute protection against unauthorized access, breaches, or leaks. A significant part of data security depends on you. We recommend that you take precautions by creating strong passwords with a mix of letters, numbers, and symbols and by ensuring your connection is secure (check for the lock icon in your browser's URL bar). Additionally, avoid submitting your personal data to unauthorized or fraudulent versions of our website created by malicious actors.
If you suspect any misuse of your personal information or believe your data has not been securely handled by us, please notify us immediately at [email protected].
Your personal information is stored securely for as long as your account remains active. We only retain your personal information for the period necessary to fulfill the purposes for which it was collected, as outlined in this Policy. Retention periods may vary depending on the type of personal information and its intended purpose. Below are the general retention periods we apply:
In certain cases, your data may be retained for longer periods if required by legal obligations, dispute resolutions, or to protect our legitimate interests. Once your data is no longer required for its original purpose, it will be securely deleted or anonymized to prevent unauthorized access or misuse.
If you have questions regarding our data retention policies or wish to request the deletion of your personal information, please contact us at [email protected].
Our legal basis for collecting, using, and sharing your personal data varies depending on the specific context. Below are the key circumstances under which we process your personal information:
If you have questions about our legal basis for processing your personal information or wish to learn more about your rights, please contact us at [email protected].
As a data subject, you have certain rights provided by the GDPR that you may invoke.
9.1. Access, Update, Correct, or Erase Your Information
You have the right to request access to, update, correct, or erase your personal information. To do so, you may contact us at any time by e-mailing [email protected].
9.2. Objecting to and Restricting Processing of Information
You may object to or request restrictions on the processing of your personal information at any moment by contacting us at [email protected].
9.3. Data Portability
If you wish to receive all personal information we have collected about you and transfer it to another controller, you may request this by contacting [email protected].
9.4. Opt-Out of Marketing Messages
You have the right to opt-out of marketing communications at any time. To unsubscribe, click the ‘unsubscribe’ option in our e-mails or contact us at [email protected].
9.5. Withdraw Your Consent
You may withdraw your consent for processing your personal information at any moment. Please note that the lawfulness of processing conducted before the withdrawal will remain unaffected.
9.6. Complaining to a Data Protection Authority (DPA)
If you believe your personal information has been mismanaged, you have the right to file a complaint with the Data Protection Authority (DPA) in your country of residence. A list of DPA representatives, their websites, and contact information can be found here.
We may employ automated tools to determine fraud or financial crime risks associated with any Order, Trade, Transaction, or Customer. However, we do not perform any decision-making based solely on automated processing or conclusions generated by machines without human control, assessment, and/or intervention. Similarly, we do not employ any algorithmic systems to make decisions with serious life-affecting consequences, except for cases laid down by relevant data protection provisions.
We strive to enhance the security of personal information you entrust us with. Some of our data processors may be located outside of the EU/EEA area in countries with different regulations on personal information. However, we ensure that all partners comply with GDPR requirements and safeguards when processing your personal information.
Transfers to the UK: The European Commission adequacy decision allows for the free flow of data between the EU/EEA and the UK, as the UK's data protection regime is considered equivalent to the GDPR.
Transfers to Adequate Countries: For countries like Andorra, Argentina, Canada, Faroe Islands, Guernsey, Isle of Man, Israel, Japan, Jersey, New Zealand, Switzerland, and Uruguay, we comply with local laws and regulations to ensure secure data transfers.
Transfers to the US: We no longer rely on the EU-US Privacy Shield Framework, invalidated in 2020 by the European Court of Justice.
We do not knowingly collect or process any personal information from children under 13 years of age. For the collection and processing of personal information of a child under 13, we require explicit consent from their legal representative, such as a parent or guardian.
If you suspect that a child under 13 has provided us with their personal information without explicit consent, please contact us at [email protected].
We may modify this Policy from time to time to adapt it to changing regulations and new developments. Changes will be posted on our website, and we will also notify you of these changes via email.
If you have any questions or concerns regarding this Policy, your personal data rights, or any other queries about your personal information, please feel free to contact us:
Address: Na Čečeličke 425/4, Smíchov, 150 00 Prague 5
Email: [email protected]