en

This GDPR & Privacy Policy constitutes a part of CRUZEUM Z O.O Terms and Conditions (the “T&C”). The Terms and Conditions in this Privacy Policy shall have the same meanings as in the T&C except as otherwise provided herein.

This GDPR & Privacy Policy explains how CRUZEUM, use, process, disclose, share, transfer, and protect personal information obtained through CRUZEUM and its partners. The terms “we,” “us,” and “our” refer to CRUZEUM. When we ask for certain personal information from users, it is because we are required by applicable laws or government orders to collect such information or it is relevant for our specified purposes.

Please carefully read the full content of this GDPR & Privacy Policy. When visiting CRUZEUM , regardless of whether or not you register for or log in the CRUZEUM account, you acknowledge, understand, and consent to all articles described in this GDPR & Privacy Policy.We will not use your personal information for any purpose not covered in this GDPR & Privacy Policy or the T&C without prior notification to you and your consent.

This Privacy Policy has incorporated elements from the General Data Protection Regulation (GDPR) as we act in accordance with its personal information processing rules within the European Economic Area (EEA). We utilize standard contract clauses, rely on the European Commission's adequacy decisions about certain countries, as applicable, and obtain your consent for these data transfers to third countries if required by applicable laws.


1. INFORMATION WE COLLECT

The followings are the types of information we collect when you register for and use CRUZEUM services:

1.1 Information You Provide to Us When Registering

When you create a CRUZEUM Account, you provide us with your email address, name, date of birth, nationality, country code, gender, signature, utility bills, home address, password, and other information to help us identify you (“Identification Information”).


1.2 Information We Collect to Comply with Regulatory Policies

To comply with global industry regulatory standards, local industry regulatory standards, and government orders in different aspects such as Anti-Money Laundering (AML), Know-Your-Client (KYC), and Counter-Terrorist Financing (CTF), CRUZEUM is required to collect personal information in addition to Identification Information, such as identity documents (including passport, driver's license, national identity card, state ID card, tax ID number, passport number, driver's license details, national identity card details, visa information, etc.), proof of address, source of fund declaration, purposes of fund documents, and source of wealth (“Regulation Information”). We will explain to you the content and requirements of such personal information each time we collect information, and we reserve the right to change the content and requirements of the collected information as the global industry regulatory standards, local regulatory standards or government orders change. This provision applies to both personal and corporate CRUZEUM Accounts.


1.3 Information We Collect as You Use CRUZEUM Services

  1. Service Usage Information
    Through your access to and use of CRUZEUM Services, we may monitor and collect tracking information related to usage including but not limited to your phone number, access date and time, device type and device identification, operating system and hardware setting, browser type, and information derived from SIM card, network operator, IP address, GPS, base station and WLAN (“Service Usage Information”). This information may be directly obtained by CRUZEUM or through third-party service providers. The collection of Service Usage Information helps our systems to ensure that our interface is accessible for users across all platforms and can aid during criminal investigations.
  2. Transaction Information
    For all personal and corporate user accounts, we may collect transaction information as you use CRUZEUM Services, including but not limited to deposit snapshots, account balances, trade history (such as transaction initiation, payment method, price, quantity, time, withdrawal and authorization information), order activity, and distribution history (“Transaction Information”). We collect such transaction information to monitor suspicious trading activity for user fraud protection, legal case resolution, and any other purposes disclosed in this GDPR & Privacy Policy.
  3. Communication Information
    You agree that, for the purposes disclosed in this GDPR & Privacy Policy, we are entitled to collect and use the information contained in or related to the communication that you send to us or generated through your use of CRUZEUM Services (“Communication Information”), which includes:
    • all messages, requests or other information you send in the course of your contact with CRUZEUM;
    • all communications and file attachments in connection with your transactions with other users or other data generated primarily through your communications with them.
  4. Financial Information
    You agree that, for the purposes disclosed in this GDPR & Privacy Policy, we are entitled to collect and use the information contained in or related to your financial information when you use CRUZEUM Services, including without limitation, bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification. We collect such financial information to monitor suspicious financial activity for user fraud protection, legal case resolution, and any other purposes disclosed in this GDPR & Privacy Policy.


2. How we collect information

2.1 Information CRUZEUM Automatically Collects

Most of the personal information that we collect is directly provided by you. In the following situations, we will collect and process the information about you:

  1. where you register for, log in or visit CRUZEUM, or use any service of CRUZEUM ;
  2. where you voluntarily complete any user survey or provide feedback to us via email or any other channel;
  3. where you use cookies of the browser or software in visiting or using our website or APPs;
  4. other situations where we may automatically collect your information as mentioned in this GDPR & Privacy Policy or our T&C (including the CRUZEUM Platform Rules, the same below).


2.2 Information Collected from the Third-party Sources

We may collect information about you from third-party sources, including but not limited to, the following channels:

  1. public databases, credit bureaus and ID verification partners;
  2. blockchain data;
  3. marketing partners and resellers;
  4. advertising partners and analytics providers.


2.3 Anonymized and Aggregated Data

Anonymization is a data processing technique that removes or modifies personal information so that it cannot be associated with a specific individual. Except for this section, none of the other provisions of this GDPR & Privacy Policy applies to anonymized or aggregated personal data (i.e. information about our Users that we combine together so that it no longer identifies or references an individual User).

We may use anonymized or aggregate customer data for any business purpose, including to better understand Users’ needs and behaviours, improve our products and services, conduct business intelligence and marketing, and detect security threats. We may perform our own analytics on anonymized data or enable analytics provided by third parties.



3. How we use the information we collect

We use the information we collect about you for the following purposes or in the following ways:

3.1 To Provide and Maintain CRUZEUM Services

We use the information collected to deliver, maintain and provide better CRUZEUM Services (including but not limited to processing transactions) and verify Users’ identities.

We use the IP address and unique identifiers stored in your device’s cookies to help us authenticate your identity and activities and provide CRUZEUM Services. Given our legal obligations and system requirements, we cannot provide you with all or some of CRUZEUM Services without data like Identification Information, Supervision Information, Service Usage Information, Communication Information, and Transaction Information.


3.2 To Protect Our Users

We use the information collected to protect our platforms, Users’ accounts, and archives.

We use IP addresses and cookies to protect against automated abuse such as spam, phishing, and Distributed Denial of Service (DDoS) attacks.

We analyse trading activities with the goal of detecting suspicious behaviours as early as possible to prevent potential fraud and loss of funds to bad actors.


3.3 To Comply with Legal and Regulatory Requirements

With respect to the privacy and security of personal information, we will use the information in compliance with our legal obligations, government requests, and reasonable user-generated inquiries. In cases where it is strictly necessary, such as to protect the vital interests of the Users or other natural persons, to fulfil the purpose of public interest, to pursue our reasonable interests (but not to damage the interests of the Users), we may process your personal information without your consent. Except for the situations stated in this GDPR & Privacy Policy or the T&C, we will not disclose or provide any of your personal information to third parties without a review from our legal team and/or prior consent from the User.


3.4 For Measurement, Research and Development Purposes

We actively measure and analyse data to understand the way you use and interact with CRUZEUM Services. This review activity is conducted by our operation teams to continually improve our Platforms’ performance and to resolve issues with the user experience. In addition, we use such information to customize, measure, and improve CRUZEUM Services and the content and layout of our websites and apps, and to develop new services.

We continuously monitor activity information within our systems and our communications with users to look for and quickly fix problems.


3.5 To Communicate with You

We use personal information collected, like your phone number or email address to interact with you directly when providing customer support on a ticket or to keep you informed on logins, transactions, account security and other aspects. Without collecting and processing your personal information for confirming each communication, we will not be able to respond to your submitted requests, questions, and inquiries. All direct communications are properly kept at CRUZEUM or the service provider designated by CRUZEUM, to be reviewed for accuracy, to be kept as evidence, or to be used to perform other statutory or contractual obligations.


3.6 To Enforce Our T&C and Other Agreements

The collected information is also used to continually and actively enforce our T&C and other agreements with our Users, including but not limited to reviewing, investigating, and preventing any potentially prohibited or illegal activities that may violate the foregoing provisions, or disclose the relevant information to a third party in accordance therewith.

CRUZEUM reserves the right to suspend or terminate provision of any CRUZEUM Services to any User found to be engaged in activities that violate our T&C and other agreements with our Users.


3.7 To Facilitate Corporate Acquisitions, Mergers, or Transactions

We may process any information regarding your CRUZEUM Account and use of CRUZEUM Services as is necessary in the context of corporate acquisitions, mergers, or other corporate transactions.


3.8 For Marketing and Advertising

We may share your personal information with our marketing partners for the purposes of targeting, modeling, and/or analytics as well as marketing and advertising.


3.9 For Rebates

We may share the information collected, including but not limited to your Identification Information and Transaction Information, with your referrer for the purposes of rebates and other benefits.


3.10 For Any Other Purpose

We may disclose your personal information for any other purpose you consent to.



4. Marketing

If we think you may like specific CRUZEUM Services or products and services of our partners, we hope to keep you informed about such products or services.

If you agree to receive the above marketing information, you can choose to receive it at any time in the future.

You have the right to ask us at any time to stop contacting you for marketing purposes or to send relevant information to you. If you do not want to be contacted for marketing purposes in the future, please click on the unsubscribe link in the bottom of the marketing email and submit your request to unsubscribe.


5. How we store and protect user data

CRUZEUM has kept your personal information safe using fault-tolerant secured storage with industry standard encryption and implemented a number of security measures to ensure that your information is not lost, abused, or altered, including, but not limited to:

5.1 Physical Measures

Materials containing your personal information will be stored in a locked place.


5.2 Electronic Measures

Computer data containing your personal information will be stored in the computer systems and storage media that are subject to strict log-in restrictions.


5.3 Management Measures

Only authorized employees are permitted to come into contact with your personal information and such employees must comply with our internal confidentiality rules for personal data. We have also imposed strict physical access controls to buildings and files.


5.4 Technical Measures

Encryption technology such as PCI Scanning and Secured Sockets Layered Encryption may be used to transmit and store your personal information. We use various currently available general security technologies and supporting management systems to minimize the risks that your information may be disclosed, damaged, misused, accessed without authorization, disclosed without authorization, or altered.


5.5 Other Measures

Our web server is protected by the “firewall”.

Please note that it is impossible to guarantee 100% security of information. As such, we request that you understand the responsibility to independently take safety precautions to protect your own personal information. You agree that we shall not be liable for any information leakage and other losses not caused by our intention or gross negligence, including but not limited to hacker attack, power interruption, or unavoidable technical failure, to the maximum extent permitted by law.

If you suspect that your personal information has been compromised, especially account and/or password information, please lock your CRUZEUM Account and immediately contact CRUZEUM Customer Support team: support@cruzeum.com

Unless otherwise stipulated by law or the T&C, you agree that we have the right to retain all the collected personal information for the duration of your CRUZEUM Account for 5 or more years after the account is closed.



6. Transfers of personal information

You understand that we have the right to have all or some of the collected personal information transferred to or stored in other countries or regions than your country of nationality, your country of residence, or the country where the server is, without your specific consent, under the following circumstances:
  1. if it is necessary to protect, process, analyze, reasonably use the personal information;
  2. if it is necessary to enforce the T&C and other agreements with our Users;
  3. if it is necessary for the public interest;
  4. if it is necessary to establish, exercise or defend the rights of us, our partners, or other Users;
  5. other circumstances required by law or government orders.


7. Cookies

7.1 What Are Cookies?

Cookies are small amounts of data that are sent to your browser and stored on your computer’s hard drive to collect standard internet log information and visitor behaviour information. When you visit CRUZEUM, we can automatically collect information from you through cookies or similar technologies.


7.2 How Do We Use Cookies?

We use cookies in a range of ways to make your experience on our Platforms more enjoyable, including but not limited to:

  1. to keep you signed in;
  2. to record your habits and preferences when browsing CRUZEUM;
  3. to record our performance and verify the effectiveness of online advertising through Google Stats with cookies.


7.3 What Types of Cookies Do We Use?

We use different types of cookies, including but not limited to:

  1. Functional Cookies
    We use such cookies to help us identify you and remember your previous preferences and settings, which may include your device, your operating system, your preferred language, your location, and other session data. We use a mix of first-party and third-party cookies.
  2. Marketing Cookies
    We use these cookies to collect information about your visit to CRUZEUM, the content you view, the links you follow, and other information about your browsers, devices, your IP addresses and referral URLs. We sometimes share certain parts of the collected information with third parties for marketing purposes. We may also share online data collected through cookies with our marketing partners. This means that when you visit another website, you may also be shown advertisements based on your browsing patterns on CRUZEUM.


7.4 How to Manage Cookies?

Most browsers are present to accept cookies. You can adjust your browser setting to prevent cookies or to notify you as soon as cookies are loaded. However, stopping all cookies might mean that you cannot access or use some features of the CRUZEUM .



8. DATA PROTECTION RIGHTS THAT YOU ENJOY

We hope to ensure that you are fully aware of the data protection rights that you enjoy. Unless otherwise required by law or government orders, each User has the following rights:

8.1 Right of Access

You have the right to access or obtain copies of your personal information. We may charge a reasonable fee for providing the access service.


8.2 Right to Rectification

You have the right to correct your personal information that you deem inaccurate. You also have the right to ask us to complete the personal information that you deem incomplete within a reasonable limit.


8.3 Right to Erasure (Right to be Forgotten)

You have the right to request the erasure of your personal data under certain circumstances.


8.4 Right to Restriction of Processing

Under certain circumstances as required by law or as specifically reminded by us, you have the right to request us to restrict the processing of your personal information; however, you understand that such restriction of the processing may prevent us from providing you with some of CRUZEUM Services.


8.5 Right to Object

Under certain circumstances as required by Law or as specifically reminded by us, you have the right to object to the processing of your personal information; however, you understand that such objection of the processing may prevent us from providing you with some of CRUZEUM Services.


8.6 Right to Data Portability

Under certain circumstances as required by Law or as specifically reminded by us, you have the right to request us to transmit the personal information that we collect to another body, or directly to you. We may charge a reasonable fee for providing the transmission service.



9. PRIVACY POLICIES OF OTHER WEBSITES

9.1 Privacy Policies of Non-CRUZEUM Websites

If you visit other third-party platforms or partner’s websites, apps via the links on CRUZEUM, you should agree with and abide by their separate and independent privacy policies. We are not responsible for the content or the activities therein.


9.2 Privacy Policies of CRUZEUM

This Privacy Policy applies to all platforms, websites, and departments of CRUZEUM .com and CRUZEUM ecosystem. If you visit any link to any sub-platforms of CRUZEUM, you should agree with and abide by the separate and independent privacy policies of such sub-platforms. If the privacy policy of any sub-platform conflicts with this Privacy Policy, the privacy policy of such sub-platform shall prevail.



10. CHANGES TO THIS PRIVACY POLICY

From time to time, CRUZEUM may revise this GDPR & Privacy Policy to reflect changes in Law or our personal-data collection, processing, and use practices. You shall regularly review the GDPR & Privacy Policy and pay attention to its revisions. If you do not agree with the revised content, you shall stop accessing CRUZEUM immediately. When an updated version of the GDPR & Privacy Policy is released, your continued access to CRUZEUM means that you agree to the updated content and agree to abide by the updated GDPR & Privacy Policy.

11. CONTACT US

We are committed to respecting the freedoms and rights of all our CRUZEUM Users. Should have any questions or concerns regarding this GDPR & Privacy Policy, or if you would like to file a data protection request, please send us request to support@cruzeum.com