Privacy policy

1.1. These Privacy Rules (hereinafter referred to as the "Rules") establish the procedure for obtaining, storing, processing, using, and disclosing personal (including personal and contact) data of users of the AEXchanger service. These Rules apply to any services provided by the Service.

1.2. AEXchanger is an online platform/system for providing virtual asset exchange services to fiat currencies. The Service’s website is https://aexchanger.com/. The Service is owned by EX Rock s.r.o., identification number 193 14 850, with a registered office at Roháčova 145/14, Žižkov, 130 00 Prague 3, Czech Republic, registered with the Municipal Court in Prague, Section C, Insert 384567.

1.3. By registering with the Service, the User must familiarize themselves with the terms and confirm their agreement with these Rules by checking the appropriate box in the registration form. If the User refuses to comply with the terms of these Rules, they must cease using the Service.

1.4. The personal data of Users during registration, placement, receipt, and transmission of information in the Service is collected by EX Rock s.r.o., identification number 193 14 850, with a registered office at Roháčova 145/14, Žižkov, 130 00 Prague 3, Czech Republic, registered with the Municipal Court in Prague, Section C, Insert 384567.

1.5. This Policy has been developed in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), as amended by subsequent regulations, which includes the protection of individuals concerning the processing of personal data and unrestricted transfer of personal data.

2.1. To provide Users with access to the Service's services and the proper use of its functionality, the Service collects the following information from Users:

• 2.1.1. Mandatory information required during registration to receive services, such as:
  • First and last name;
  • Gender;
  • Citizenship;
  • Identification document number, date of issue, and validity period;
  • Identification number and taxpayer number;
  • Place of residence, mailing address;
  • Other personal information typically included in identification documents;
  • User account login and password;
  • Bank account details;
  • Electronic wallet details;
  • Email address;
  • Phone number;
  • IP address.
• 2.1.2. The Service will be unable to provide services if the User does not provide this information, and as a result, the User will be unable to use the Service's services.
• 2.1.3. Cookies to identify the User’s browser and provide services dependent on it. Detailed information on the use of cookies can be found in the Cookie Policy.
• 2.1.4. User responses to any surveys or questionnaires, such as feedback on services, feedback on transaction completion, etc. This information may be used for analytical purposes and to understand the User's interests.
• 2.1.5. Records of any correspondence with the Service.
• 2.1.6. Information that the Service may request from the User when the latter reports technical issues, such as details regarding the User's inquiry to customer support;

2.2. All information is collected "as is" and is not modified during the data collection process.

2.3. When Users contact customer support, the Service may collect personal information necessary to fulfill the User's request and provide feedback. The Service may also contact the User using the existing account contact information provided for this purpose.

2.4. By using the Service's tools and services, the User consents to the processing of their personal data.

3.1. Information collected from Users is used solely to provide the Service's offerings and improve the Website and Services. The User's personal information is utilized for the following purposes:

• 3.1.1. To maintain our Service and offerings. We use personal information to ensure the proper functioning of our services;
• 3.1.2. To improve our Service and Services. Personal data helps our systems ensure the availability of our interface to Users across all platforms;
• 3.1.3. To comply with our legal obligations. In many jurisdictions, we are required to collect certain information about our users to have the legal right to provide services (e.g., Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations). We must obtain personal information to assist in criminal investigations;
• 3.1.4. To protect your assets, we may use information to identify you and your assets to ensure access to your accounts and prevent fraud. Transaction information allows us to track suspicious activity and protect you from fraud and scams;
• 3.1.5. For periodic notifications. We may use information we receive from you when you register or use certain other features of the site. This could be done for security reasons, to seek your feedback on the Service, or to keep you informed about any changes in the services provided by the Service. We may also periodically send notifications with news and updates about the Services or use this information to contact you via chat;
• 3.1.6. To resolve disputes and enforce our agreements to the extent necessary and sufficient to protect your interests or the interests of other users.

3.2. As part of its activities, the Service has the right to post information about the User, to the extent necessary for the conclusion of agreements between Users, for sending messages, and facilitating communication between users, processing payments, and the like.

3.3. When providing services, we may also use third-party tools and resources (independent service providers) (hereinafter referred to as "Service Providers"). The Service may enter into agreements with third parties that need to receive personal information to the extent necessary to provide services. To provide us with contractual services, these third-party service providers are required to adhere to this Policy. The software used by the Service is owned by Guardance UAB. Users can review the privacy policy and the process for handling user data on the company's website at https://guardarian.com/. All our Service Providers ensure sufficient security for your personal data to prevent unauthorized or accidental access or other misuse, and all our Service Providers are bound by confidentiality obligations and must not use your personal data for any purpose other than that for which the data was provided to them.

3.4. Notwithstanding any provisions of this Policy to the contrary, we may retain or disclose your information if we believe it is reasonably necessary to comply with the law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud, security, or technical issues; or to protect our rights or the property of our users.

3.5. Users are responsible for all information they post on the Service.

3.6. Personal information provided for the purpose of creating and managing a User account, as well as for entering into or fulfilling Agreements, will be retained for as long as necessary for the purposes outlined in this policy. The Service retains User information only to the extent necessary to fulfill legal obligations, resolve disputes, and enforce our agreements.

3.7. A User may request the deletion of their personal data. In such cases, user requests may be fulfilled by deleting personal data to the extent permitted by applicable laws and regulations. In some instances, we are required by law to retain your information.

3.8. Upon the expiration of the periods specified in clause 3.7, the Service shall, within ten (10) days, delete (irreversibly destroy) any and all relevant personal data of the User on all devices and media, except where deletion is impossible (e.g., personal data stored in a digital wallet account) or where further retention is required by European Union legal norms.

According to current legislation, the Service or, where required by law, the Payment System must retain records about its Users and their transactions to provide quality services and assist authorities and courts in the event of legal proceedings. The Service or, where required by law, the Payment System must retain records for five years after the termination of the Business Relationship (or after the completion of any investigation conducted by authorities concerning the User) regarding: Data obtained during the User's due diligence process; Copies of official identification documents; All necessary transaction records sufficient to reconstruct individual Transactions; The service provision agreement; Financial documentation related to the User and transactions. For 10 years after a transaction or the termination of the business relationship, the Service or, where required by law, the Payment System retains:

• a) Identification and other data obtained during the client's identification or collected in accordance with directly applicable European Union Regulations governing information accompanying the transfer of funds;
• b) Copies of documents submitted for identification purposes, if such copies were made;
• с) Information and copies of documents obtained as part of the client’s due diligence process
• d) The original or notarized copy of a power of attorney or the decision number appointing a guardian in cases of representation.

4.1. In accordance with applicable laws, the User has the right to manage personal information, including, for example:

• 4.1.1. The right to access and modify personal information stored by the Service. The User has the right to request a copy of personal information held by the Service. The User also has the right to correct or update their personal information at any time.
• 4.1.2. Right to Delete Personal Information. The User may request the deletion of personal data. If the User no longer wishes to use the Service or wants their data deleted, they can ask the Service to permanently delete their account. Such requests may be fulfilled by deleting personal data to the extent allowed by applicable laws and regulations. In some cases, the Service is required to retain information in compliance with legal requirements.
• 4.1.3. Right to Restrict Processing. The User has the right to ask the Service to restrict the processing of their Personal Information. When processing is restricted, the Service is allowed to store the User's information but cannot use it further.
• 4.1.4. Right to Object to Processing. The User has the right to object to the Service's use of their Personal Information for its own purposes at any time. The User may withdraw their consent to the Service's processing of their Personal Information. To exercise this right, the User must contact the Service. This right also includes the ability to object to the processing of Personal Information for marketing and advertising purposes.
• 4.1.5. Right to Data Portability. The User has the right to receive Personal Information that has been provided and stored by the Service in a "commonly used machine-readable format." This allows the User to obtain and reuse the information for their purposes across different services.
• 4.1.6. Right to Lodge a Complaint with a Supervisory Authority.

4.2. If the User wishes to exercise their rights, they must send a request to the Service.

4.3. In some cases, the User may be denied access to Personal Information if providing the information would result in the disclosure of another person's Personal Information or if the Service is legally prohibited from disclosing such information. Additionally, if certain data is required to maintain the operation of the Service or is mandated by law, the data may be retained for the period necessary or required, even if the User withdraws their consent or deletes their account. Such information will not be considered eligible for deletion.

5.1. Disclosure of personal data without the consent of the User or their authorized representative is permitted in cases specified by law and only in the interests of national security, economic well-being, and human rights, including but not limited to reasonable requests from governmental authorities with the right to request and receive such data.

5.2. The Service may provide personal data of users upon requests from competent authorities, in accordance with the requirements of applicable laws.

5.3. According to the Privacy Policy, the Service undertakes not to rent or sell any personal data of the User. In the event that the business or part of this business is sold or reorganized, and the Service transfers all or part of its assets to the new owner, the Users' personal data may be transferred to the buyer to ensure continuity of service.

5.4. The Service is entitled to transfer certain anonymized information (data that does not allow for the identification of Users individually) to third-party service providers and trusted partners to improve the overall quality and effectiveness of services.

6.1. The Service reserves the right to update this Privacy Policy. The new version of the Privacy Policy takes effect upon publication.

6.2. Users agree to periodically review these terms to stay informed about how the Service protects their information.

6.3. If the Service makes any changes to the Privacy Policy that the User does not agree with, the User must stop using the services.

6.4. Continuing to use the Service confirms the User's consent and acceptance of the new version of the Privacy Policy.

6.5. The Service is not responsible for any damages or losses incurred by the User or third parties resulting from the User's misunderstanding or failure to understand the terms of this Privacy Policy, instructions, or guidelines on how to use the Service, how to post data, and other technical issues.

7.1. If any provision of this Privacy Policy, including any proposal, clause, or part thereof, is found to be contrary to law or invalid, the other provisions not contrary to law shall remain in force and valid, and any invalid or unenforceable provision shall be deemed amended, modified to the extent necessary to ensure its validity and enforceability.

7.2. The User has rights provided by Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons concerning the processing of personal data and on the free movement of such data.

7.3. This Privacy Policy applies to the User from the moment they agree to its terms when submitting their Personal Data while using the Service and remains in effect as long as the Service retains any information about the User, including personal data.

7.4. The User may contact the Service electronically using the tools available on the Service or via the support email address: [email protected]. Any electronic message is considered delivered once we confirm its receipt.