Privacy Policy

Introduction

Qommodity is a company incorporated with limited liability in the Republic of Georgia with company number 406285684 Registering Authority LEPL National Agency of Public Registry and registered address at 88 Avtomshenebeli Street, 4600 Kutaisi, Republic of Georgia.

Your privacy is important to us. We are committed to protecting the privacy, confidentiality and security of the personal data we hold by complying with the requirements under applicable laws and regulations. We are equally committed to ensuring that all our employees, service providers and agents uphold these obligations. This policy explains how we manage personal data within our organisation, including how we process the personal data of the users of our website and on the Qommodity Platform https://qommodity.io (the “Qommodity Services”).

Prior to providing you our products and services or collecting your personal data, we always refer to this Privacy Policy. Therefore, by using the Qommodity Services, providing personal data and/or using any of our products or services, you agree that:

you understand and agree to our personal data processing practices as described in this Privacy Policy, as updated from time to time; and

if you have provided personal data to us relating to any other person, you:

have a right to provide that information;

if you have provided personal data have provided a copy of this privacy policy, as updated from time to time, to that person; and to us relating to any other person, you:

each such person has agreed to those terms.

How we collect personal data

We collect personal data about you in the following ways:

you provide us your personal data yourself (e.g. by registering for a Qommodity Account or our newsletter on the website; by submitting a query, a request or an (job) application to us; by responding to our surveys; by using our products and services).

your personal data is provided to us by third parties who are entitled to disclose that information to us.

we collect your data from public sources (e.g. by examination of public blockchains; from public registries; from your public social media profile)

we collect your personal data by automatic means (e.g. tracking your use of our websites and mobile applications). See also below in our Cookie Policy how we use cookies and other similar technologies on our Website.

In some cases, we may be required by law to collect certain types of personal data about you.

Where we collect personal data from you, we will generally do so ourselves. However, in some cases we may collect personal data from a third party, such as through your representatives, contractors who provide services to us, or third parties who refer you to us because they think you may be interested in our products or services.

Kind of personal data we collect and purposes and legal basis for the processing of personal data

We process your personal data on the following legal bases and for the following purposes:

Processing on the basis of the performance of the contract between us. We mainly process your personal data to provide our products and services to you on the basis of the agreement we have concluded with you. This also includes providing customer support and contacting you otherwise as regards the Website or our products and services and taking steps prior to entering into an agreement with you (e.g. identifying you on the basis of your personal data we require and verify that you are allowed to use our products and services under our Qommodity Services Terms of Use and any other relevant terms as set out by Qommodity from time to time). For the foregoing, we process the personal data including the following:

Personal identification information (e.g. full name [first, any middle and second first and second last and last], date of birth, gender, ID documentation, passport numbers, Non-Signature IDs, utility bills, nationality, signature, photographs, employer, job title and tax ID number);

contact details (e.g. e-mail address, phone number, home and work address);

financial information (e.g. credit and debit card numbers, PANs, IBANs, bank account numbers and details, sort codes and other payment details, payslips);

communication data (e.g. records of our communications with you, including any messages you send us);

blockchain-related information (e.g. blockchain identifiers, such as blockchain addresses and public keys);

transaction information (e.g. transactions you make on our platform, including the name of the recipient, the amount of the transaction and the time stamp);

account log-in and usage data (e.g. emails and passwords that you create when registering for a Qommodity Account, details of any products or services that we provide to you, survey responses, information provided to our support team, public social networking posts, authentication data, security questions, user IDs, click-stream data and other data collected via cookies and similar technologies);

online identifiers (e.g. geolocation, IP address, browser fingerprint, browser name and version and OS); and

other information that may be present on documentation that we may ask you to provide for the purposes of proving your identity.

Without this information, we may not be able to provide you with our products or services (or with all the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.

Processing on the basis based on our legal obligation. We may also process your personal data to fulfil our obligations arising from the law, our AML and CTF obligations (e.g. properly identifying you, monitoring your use of our website, products and services, and transmitting data to supervisory authorities).

Processing based on our legitimate interest. We process the data received from your use of the Qommodity Services (e.g. information about how you move around on and use our website) to improve the user experience in using the website and the products and services. Improving our website, products and services includes carrying out market analysis and research, education and training programs for our staff and planning and forecasting business activities and other internal business processes. The legal basis for this is our legitimate business interest to improve the Qommodity Services and the user experience and our business as a result thereof. Considering the nature of the data and that we use the data in an aggregated manner, your interests or fundamental rights and freedoms do not override our legitimate interest.

We may also process your personal data to safeguard our rights (e.g. establishing, exercising and defending legal claims, debt collection). The legal basis for this is our legitimate interest to protect our legal rights and ensure the performance of the agreement concluded between us. In such case, your interests or fundamental rights and freedoms do not override our legitimate interests.

To the extent required by applicable data protection regulation, you have the right to object to the processing of your personal data, which is based on legitimate interest (see also section “Your rights” below).

Processing on the basis of your consent. We may also process your personal data based on your consent (e.g. for direct marketing purposes, including sending you our newsletter). When processing is based on consent, you can withdraw your consent at any time by clicking on the ‘unsubscribe’ link at the end of each e-mail. Please note that withdrawing consent does not affect the lawfulness of processing based on consent before its withdrawal. For specifications about how we use your personal data for direct marketing purposes, please see section “Direct marketing” below.

Direct marketing and profiling for marketing purposes

If you have given us your consent to provide you with materials about our and our partner’s products or services, from time to time we may use your personal data for direct marketing purposes. We send you materials and offerings that, in our opinion, would be of interest of you. You can opt-out of receiving marketing communications from us any time by clicking on the ‘unsubscribe’ link at the bottom of each e-mail or contacting us at support@qommodity.io.

In order to find out which offerings would interest you, we draw up your profile based on the following information:

identifying information, such as your name and date of birth

contact information, such as your postal address and email address

products and services portfolio information and demographic data held by us from time to time

We may use your personal data to market the following products and/or services to you:

creating, purchasing and/or trading digital assets;

software and hardware wallets for holding digital assets; and

other products or services related to digital assets

People to whom we disclose personal data

We only share your personal data when we have a valid reason for it and when we are legally permitted to do so.

Data processors

We use carefully selected service providers (data processors) in processing your personal data. We only use service providers that provide sufficient guarantees to implement appropriate technical and organizational security measures to protect your personal data. We have concluded appropriate data processing agreements with the service providers and shall remain responsible for their actions in respect of the processing of your personal data.

The data processors we use include the following: e-mail service providers, website analytics service providers, liquidity providers and data hosting service providers. Should you require more detailed information as regards the data processors we use (e.g. their names and location) please contact us via the contact details below.

Third parties. In some circumstances, we also share your personal data with third parties who act as independent data controllers as regards your personal data. We only share your personal data with third parties if stipulated herein, if required under the applicable law (e.g. when we are obliged to share personal data with the authorities), or with your consent.

We also may need to share your personal data with third persons in relation to our need to protect our legal rights (e.g. attorneys and debt collection agencies). The legal basis for this is our legitimate interest to protect our legal rights and ensure the performance of the agreement. In such case, your interests or fundamental rights and freedoms do not override our legitimate interests.

We may disclose your personal data to an acquirer, successor or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. The legal basis for this is our legitimate interest to exercise our right to business. In such case, we make sure that your rights and conditions as a data subject shall not be decreased, in which case your interests or fundamental rights and freedoms do not override our legitimate interests.

Additionally, we may share your personal data with other third persons in order to fulfil our legal obligations (e.g. auditors, authorities). The legal basis for such sharing is compliance with our legal obligations.

Furthermore, we will share your data with your representatives, advisers and others you have authorised to interact with us on your behalf. Please note, that we consider such authorisation as your consent and therefore your request for such an activity must be present to us in a written form.

We will never sell your personal data to any third party!

Security

We take the appropriate technical and organisational security measures in protecting your personal data, taking into account (i) the state of the art, (ii) costs of implementation, (iii) nature, scope context and purposes of the processing, and (iv) risks posed to you.

Retention of personal data

We retain your personal data for as long as is necessary for the purposes they were collected for, as long as necessary to safeguard our rights, or as long as required by the applicable law. We may retain your personal data for a number of years after the end of our relationship if it is necessary to safeguard our rights or required under the applicable law. If your personal data is being processed for several different purposes, the longest retention period shall apply.

In general, we store your personal data as follows:

information on legal transactions between us is retained for as long the agreement between us is valid and for a period of 10 years as of when a claim falls due unless otherwise provided by law, asking you occasionally to update your personal data;

billing information is retained for 7 years as of the end of the financial year in which the information was provided to us;

cookies’ information is retained according to our Cookie Policy below;

all other data is retained for 5 years.

Access, correction and your other rights

To the extent required by applicable data protection regulations, you have all the rights of a data subject as regards your personal data. Such rights include the following:

request access to your personal data;

obtain a copy of your personal data;

rectify inaccurate or incomplete personal data;

erase personal data;

restrict the processing of personal data;

portability of personal data;

object to processing of personal data which is based on legitimate interest and personal data which is processed for direct marketing purposes.

Please note that your rights as a data subject are not absolute and are subject to such considerations as allowed under the applicable law.

In order to exercise your rights, please contact us on the contact details below. Please note that you can exercise some rights (e.g. review and update your personal data) already by logging into your account. To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity. In certain cases, provided it is allowed under the applicable law, we may charge you an administration fee for providing you with access to the information you have asked for, but we will inform you of this before proceeding. There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy of others or result in a breach of confidentiality. In these cases we will let you know why we cannot comply with your request.

Complaints

We try to meet the highest standards in order to protect your privacy. However, if you are concerned about the way in which we are managing your personal data and think we may have breached any applicable privacy laws, or any other relevant obligation, please contact our privacy compliance team using the contact details set out below. We will make a record of your complaint and refer it to our internal complaint resolution department for further investigation. We will deal with the matter as soon as we can, and keep you informed of the progress of our investigation.

In addition to the foregoing, you also have the right to lodge a complaint with the Estonian data protection authority (Georgian Data Protection Inspectorate) or the court.

Changes to this policy

We may make changes to this policy from time to time to take into account changes to our standard practices and procedures or where necessary to comply with applicable new laws, regulations, case-law and guidelines issued by competent authorities. Should the changes be material to you, we will notify you by e-mail and pop-up on the website. The latest version of this policy will always be available on our website.

Governing law

If you are a data subject in the European Union or the processing of your personal data takes place in the context of an agreement you have concluded with Qommodity of Georgia, the processing of your personal data shall be governed by the laws of the Republic of Georgia.

Contact details

If you want any further information from us on privacy matters or you would like to exercise your rights as a data subject, please contact our privacy compliance team at info@qommodity.io.

This Qommodity Privacy Policy is valid from 01.07.2019

Qommodity Cookie Policy

This Cookie Policy explains which cookies and similar technologies Qommodity uses on the Website https://qommodity.io and https://assetbench.io

Cookies

Cookies are small text files that are installed on your device from websites that you visit. Cookies enable to recognise and distinguish your device when visiting websites.

Websites use cookies for a variety of purposes, including to provide a browsing experience that is unique to you, for example so that a website can remember your log-in details and language preferences. Cookies are also used to learn how you interact with the website’s content and to improve your experience when visiting the website. Cookies also allow to serve you specific content, such as videos and share content on social networks. Cookies are also used to deliver advertisements, to make them more relevant and meaningful, and to track the efficiency of advertising campaigns.

Types of cookies

The following types of cookies can generally be used:

Strictly necessary / technical cookies which are essential in order to enable you to move around the website and use the features of the website you have chosen.

Functionality cookies which allow the website to remember your settings and preferences (such as language) to provide more personal ways to use the website.

Performance / analytics cookies which collect information about how you use the website, for instance which pages you go to most often and which error messages from web pages you receive. These cookies are used to improve how the website works. In our case, these cookies are limited to aggregated statistical purposes.

Targeting / advertising / behaviourally targeted advertising cookies which enable to show you personalised advertisements and conduct market research and analysis by using the data about your behaviour and interests received from the website. These cookies can remember that your device has visited a site or service and may also be able to track your device’s browsing activity on other sites or services. The data received may be shared with advertising networks and advertising service providers.

Multimedia cookies which store the technical information necessary for performing video or audio material.

Social plug-ins to share content. Many social networks offer social plug-in modules, which allow users of social networks to share content. Such plug-ins store cookies in the user’s terminal and have access to it for the social network to be able to identify its members who interact with these plug-ins.

First-party and third-party cookies

First-party cookies are cookies that belong to the owner of the website. Third-party cookies are cookies that another party place on your device through the website. Third-party cookies may be placed on your device by someone providing a service for the owner of the website, for example to help them understand how their website is being used. Third-party cookies may also be placed on your device by other third parties so that they can use them to advertise products and services to you elsewhere on the Internet.

Persistent and session cookies

The length of time a cookie will stay on your device depends on whether it is a persistent or session cookie. Session cookies will only stay on your device until you stop browsing. Persistent cookies stay on your device until they expire or are deleted.

Consent

If the cookie is strictly necessary for the service requested by you, your consent for the use of such cookie is not required.

We also use cookies to personalise content and to provide you with an improved user experience. By using the Qommodity Services you consent to the deployment of cookies. You can control and manage cookies using your browser (see below). Please note that removing or blocking cookies can impact your user experience and some functionality may no longer be available. If the cookie is strictly necessary for the service requested by you, your consent for the use of such cookie is not required.

Google Analytics

Our Website uses Google Analytics, a web analytics service provided by Google, Inc. (“Google”). Google Analytics uses cookies to help the Website analyse how users use our website.

The information generated by the cookie about your use of the website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage.

Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.

You may refuse the use of cookies by selecting the appropriate settings on your browser, however please note that if you do this you may not be able to use the full functionality of our website. By using our website, you consent to the processing of data about you by Google in the manner and for the purposes set out above.

Changing your cookies’ settings

You can change your cookies’ setting and delete cookies through the settings of your web browser (Internet Explorer, Firefox, Chrome and others):

Internet Explorer: http://support.microsoft.com/kb/278835

Chrome: https://support.google.com/chrome/answer/95647?hl=en

Firefox: http://support.mozilla.org/en-US/kb/Clear%20Recent%20History

Opera: http://www.opera.com/browser/tutorials/security/privacy

Safari: http://support.apple.com/kb/PH5042

This Qommodity Cookie Policy is valid from 01.07.2019