Privacy Policy – intimate.io Ltd

This Privacy Policy (together with the Cookie Policy, the Terms & Conditions, and any other documents referenced therein) sets out the basis on which we process your personal data through your use of [website] (the ‘Website’). This website is not intended for persons under the age of 18, and we do not knowingly collect data relating to such persons.

It is important that you read this Privacy Policy together with any other privacy notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This Privacy Policy supplements the other notices and is not intended to override them.

Unless otherwise defined within this Privacy Policy, capitalised terms used henceforth shall have the meaning as set out in the Terms & Conditions.

Data Protection

We are bound by the Data Protection Act (the ‘Act’), Chapter 440 of the Laws of Malta. We will protect your personal information and respect your privacy in accordance with best business practices and applicable laws at all times.

Data Controller

For the purposes of the Act, the data controller is intimate.io Limited, a company existing under the laws of Malta, with company registration number C 86006 and having its registered address at Level G (Office 2/1017), Quantum House, Abate Rigord Street, Ta’ Xbiex XBX 1120, together with its parent company, subsidiaries and affiliates, (“Company”, “us”, and “intimate”).

Your Rights

Your privacy is very important to us. We understand you want to remain in control of your personal information and that we must earn and retain your trust.

‘personal data’ or ‘personal information’ means any information relating to an identified or identifiable natural person (also known as the ‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

In short, personal information includes information that is attributable to a specific individual, such as name, address, telephone number, email address and payment details, as well as other information that may be used, alone or together with other data, to identify a person.

We have created this privacy statement to show our commitment to the responsible handling and protection of your personal information. We can assure you that we keep your information confidential and do not sell or rent our customers’ personal information to third parties. We will only disclose your personal data to third parties as explained in this Privacy Policy, or where we are subject to a legal obligation or public duty to disclose such data.

This Privacy Policy sets out our policies regarding the collection, utilisation and protection of the personal information of those using our website. It also serves to inform you, as data subject, of your rights pursuant to data protection law. In brief, you are entitled to the following rights and remedies:

  • Access to your personal data – We are happy to provide you with access to the personal information we process about you. However, we may need to verify your identity prior to doing so. We may ask you for proof of identity, as well as sufficient information about your interactions with us so that we can locate the relevant data. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Rectification of your personal data – It is important that the personal data we hold about you is accurate and current. If at any time during the term of our business relationship you realise that certain data we hold about you is not accurate or up-to-date, we kindly ask you to contact us to correct such data. We may ask for further documentation from you to verify certain details, if this is necessary. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Erasure of your personal data – As a data subject, you have a right to request the erasure of your personal data (the right to be forgotten). However, this right is not absolute, and so it may not always be possible for us to erase your data immediately as we are subject to certain legal obligations which may prevent us from doing so. We will always inform you when we are unable to process your request for such reasons. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Restriction of processing your personal data – This means that you may ask us to suspend the processing of your personal data in the following situations: (a) if you want us to ensure the data’s accuracy, (b) where we are using your data unlawfully, but you do not wish for us to erase it, (c) where you need us to hold on to your data even when we no longer need it, as you may need it to establish, exercise, or defend legal claims, or (d) where you have objected to our use of your data, but we need to verify whether we have any overriding legitimate grounds to use it. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Objection to process your personal data - Where we rely on our legitimate interest (or those of a third party) to process your personal data, and you wish to object to us processing your data on this ground as you feel it impacts on your fundamental right and freedoms, you may exercise your right to object to the processing. The right to object to processing may also be exercised where we are processing your data for direct marketing purposes. In some cases, we may be able to demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Right to data portability – You may request us to transfer your personal data to you or another third party. We will provide to you, or a third party of your choice, your personal data in a structured, commonly used, machine-readable format. This right only applies to automated information which you initially provided consent for us to use, or where we used the information to fulfil our obligations under our contract with you. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Opting-out of receiving marketing and promotional material – Where we are relying on your consent to process such personal data, you may withdraw your consent at any time. However, ‘opting out’ or withdrawing your consent will not affect the lawfulness of any processing carried out before you withdraw your consent. Please contact us on kyc@intimate.io to exercise your right in this manner.
  • Right to file a complaint with the Authorities – If you are not satisfied with the way we are managing your personal data, it is your right to make a complaint at any time to a data protection authority of your choice. We would, however, appreciate the chance to deal with any concerns you may have before you approach a Supervisory Authority. Kindly contact us on kyc@intimate.io with any concerns you may have, and we will do our utmost to address your concerns in a satisfactory manner.

What data do we process, and how do we use it?

In general, you do not need to provide us with any of your personal data when casually browsing the Website. The provision of personal information is requested and required only if and when you register with the Website. In order for you to participate in the ICO and use the ITM Tokens in the manner as prescribed in the Terms & Conditions, we may need to collect the following data:

A. Information you provide us with: your first and last name, your nationality, your country of residence, proof of your identification, proof of your residence, your email address; B. Information we collect about you: Like many other professional websites, we use cookies to improve your experience when using our Website. When you visit our Website we may automatically collect information about your computer, your IP address, geographical location, information about your visit and how you interact with our site. For more information on how we use cookies to improve your experience, see our Cookie Policy; C. Information we receive from third parties: We may process additional personal data on you which we receive from our partner service providers such as advertising networks, search engine providers, analytics and social networking sites, in order to help us understand visitor behaviour patterns, which we use to help us improve our service and the Website.

In addition to the above purposes, we will use your personal data for the following purposes:

  1. To verify and administer your account – this includes ensuring that your payments are successful;
  2. To send you service emails – upon registration, we may send you an initial email to confirm your registration. We may also send you further emails if there are any changes to our Terms & Conditions, or if we need to contact you regarding your account. You cannot opt out of receiving such emails, however we can assure you that we will only send you such emails when absolutely necessary;
  3. Where you wish for us to do so; to send you promotional materials – as our customer, you may opt in at any time to receive updates from us that may be of interest to you via email. If you have opted in to receive marketing messages, we will use your personal data to keep you informed on current and forthcoming products, services, offers or promotions that may be of interest to you. You may opt out of receiving such communications at any time, either by unsubscribing through the link provided in the email communication, or through the opt out feature in your account settings found on the Website’s home page;
  4. Service providers – from time to time, we may share your personal data with third party service providers who are entrusted to perform certain data processing activities on our behalf (‘Data Processors’). Whenever we engage our Data Processors, we do our utmost to ensure that these Data Processors process your data in compliance with all data protection laws, and in a secure and confidential manner, following the best business practice standards. We currently use Data Processors to assist us with the following data processing activities:
    1. For Know Your Customer (‘KYC’) checks;

Transfers of Personal Data

Our partners or Data Processors may be based in countries which do not form part of the European Economic Area (‘EEA’). The data that we collect from you may therefore be transferred to, and stored at, a destination outside the EEA. It may also be processed by employees located outside the EEA who work for us or for one of our suppliers. This includes staff engaged in, among other things, the processing of your KYC data or the collection of statistical information concerning you. We will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and all applicable law.

Whenever we transfer your personal data out of the EEA, we ensure that a similar degree of protection is afforded to it by ensuring that at least one of the following safeguards is implemented:

(a) We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission;

(b) Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe;

(c) Where we use providers based in the United States of America, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the European Union and the United States.

We do not trade your personal information to third parties for marketing purposes without your express consent.

How long do we keep your data?

We only retain your personal data for as long as is necessary for the purpose that we originally collected it for and as authorised by applicable laws. Where we are not bound by any law to retain your data for a specified period of time, we will retain such data for the whole duration of our business relationship, unless you exercise your right to erasure, in which case we are duty bound to erase your data.

Security

We are committed to protecting our users’ information. Your password protects your user account, so you should use a unique and strong password, limit access to your computer and browser, and log out after having used the Website.

We have put in place appropriate security measures to prevent your personal data from being accidentally lost, used, or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need-to-know. They will only process your personal data on our instructions, and are subject to a duty of confidentiality.

While we take data protection precautions, no security measures are completely secure, and we cannot fully guarantee the security of user information.

Compliance

From time to time, we may transfer your personal and/or financial information to other companies in order to perform or improve our services, or to help our security, credit risk or fraud protection activities. As mentioned above, we may also send your personal information to our partners. By submitting your details, you understand that your personal information may be transferred for the purposes set out in this paragraph. Any transfer of information will take place in accordance with this Privacy Policy and as permitted and/or required by law.

You should be aware that in addition to the circumstances described above, we may disclose your financial or personal information if required to do so by law, court order, as requested by other government or law enforcement authority, or in the good faith belief that disclosure is otherwise necessary or when we have reason to believe that disclosing the information is necessary to identify, contact or bring legal action against someone who may be causing interference with our rights or properties, whether intentionally or otherwise, or when anyone else could be harmed by such activities.

All information you provide to us is stored on our secure servers located within the European Union. Any payment transactions are encrypted using SSL technology.

Effectiveness and Changes to Privacy Policy

This policy was last updated on May 24th 2018. Any material changes in the way we use personal information will be described in future versions of this Privacy Policy.

Governing Law

This Privacy Policy is subject to the laws of Malta and to the exclusive jurisdiction of the Maltese courts.

Contact

Questions, comments and requests regarding this Privacy Policy are welcomed and should be addressed to alex@intimate.io.