Privacy Protection Provisions
Data Protection Provision of B52 Holding GmbH, a private company limited by shares incorporated and registered in Switzerland with company number whose registered office is at Charmerstrasse 44, 6331 Hühnenberg, Switzerland (“B52”) and it’s website https://bank52.com/ (“website”).
Thank you for your interest in the services of B52. The protection of your privacy and thus the protection of your (personal) data is our highest priority. The following declaration is intended to provide you with comprehensive information on (i) what data we collect, (ii) how we deal with it, and (iii) what rights you have. At the same time, we therewith fulfil our duties imposed by the Data Protection Act (Switzerland) and other statutory data protection regulations, such as the General Data Protection Regulation of the European Union (the “GDPR”), enforceable from 25 May 2018.
Data protection laws are generally relevant in case any processing of personal data is concerned. The terms used within the scope of this data protection declaration are defined in and by the GDPR. As such, the wide definition of “processing” of personal data means any operation or set of operations performed on personal data, such as, but not limited to, recording, organization, storage, alteration, and transmission of personal data. Any information allowing us or third parties to potentially identify you in person can be considered personal data. This terminology may also apply to IP addresses as long as they allow e.g. Internet Service Providers such identification.
We collect information and personal information from you because it helps us to learn and better understand your needs, so we can constantly improve our offers and communication with you, for the purpose of fulfilling contractual obligations, and as well as we are obliged to do so in the frame of the “Know Your Customer” (KYC) process and other legitimate interests. We know that the protection of your personal information is particularly important to you. The protection of your data is therefore of special concern to us. Your data will therefore be processed solely based on legal provisions. This guideline is intended to help you understand how we collect, use, modify, share and protect your personal information.
- Definition of personal information
Personal information includes information about your identity. This comprises: your name, address, phone number, e-mail address, date of birth, verified copy of a travel document, portrait photos, and service-related information such as bank and credit card details, device ID, and IP address. Furthermore, this also includes information based on which your identity can not be determined (non-personal data). These is, for example, information without a link to your name, such as the gender, age, education or place of residence (not the address). In the following, the terms “anonymization” and “aggregation” may be used.
Anonymization means removing the information about personally identifiable characteristics, and aggregation means that the information will be concentrated or segmented, for example, by age group or by gender.
- Data storage when contacting us
When contacting us by the form on our website or by e-mail, your data will be stored with us for six months to be able to process your request and to be able to answer possible follow-up questions. We will not share this information without your consent.
- Why is your data recorded?
We need your personal information to differentiate and to contact the users of our offers and services. The data provided by you are required to fulfil the contract or to carry out pre-contractual measures. Without these data, a contract with you is not possible. The data for identification purposes remain stored as long as the user is registered with us. However, if the user purchases B52 Tokens through our website, it is necessary to store these data beyond that, due to legal regulations.
We point out that, for the purpose of a simpler shopping process and for the subsequent processing of the contract, both the IP data of the connection holder, as well as the data listed in point 2 are stored by way of using cookies. A data transfer to third parties is not being performed, unless this is necessary for the fulfilment of the contract. By underwriting the Token Purchase Agreement you expressly give consent and accept this possible disclosure.
Example: If, at a later date, it should be necessary to accept credit card payments in the course of the fulfilment of the contract, we must forward the credit card data to the processing bank / payment service provider for the purpose of debiting the contracted amount.
The data collected and stored by us will also be used for the following purposes:
- to fulfil legal and regulatory requirements;
- for the implementation of anti-money laundering measures, fight against terrorist financing and related controls;
- for the prevention and detection of fraud or other criminal offenses;
- for the support of law enforcement, judicial and other government agencies;
- for security and risk management purposes;
- for information to you about service and security issues;
- for the carrying out of internal audits; and
- for market analysis.
- Creation of personal profiles
Information about the use of our offers are pseudonymised (no reference to personal data) by us or by third parties. Because of this anonymization of the obtained data, your privacy will always be protected as no conclusions to certain persons can be made.
We confirm that we will never use your personal information for purposes other than those we have conveyed to you, or which are permitted under applicable laws and regulations.
- Technique and data security
B52 will protect processed data adequately against unauthorized access (of third parties) in accordance with the provisions of the legal framework of Switzerland as well as the European Union. We will only process data which are essential to provide our services. Measures are taken with regard to (i) the quantity of data collected, (ii) the extent of data processing, (iii) the storage time as well as (iv) the accessibility of data. Data will not be used or stored by other means than set out in this Privacy Protection Provision and are made accessible only to a restricted and necessary number of persons, whereby any processing of personal data is strictly limited to the specified and legitimate purpose. All employees of B52 have been informed about applicable data protection provisions as well as data security measures and are bound to our privacy practices. Our website and other systems are adequately protected by a variety of security mechanisms.
Highest safety standards are particularly important to us. Every access to our data processing systems by our employees is exclusively transmitted via encrypted access (SSL). This requires additional authorization. Every access to our data processing systems which occurs on unauthorized ports is blocked. Only necessary ports and services are open. Our data processing systems are located on servers in safe countries which are equipped with the highest possible security standards. Data center staff have no access to the servers.
B52 will not transfer any of your personal data to third parties without legal grounds or without explicit prior consent. However, if processing of personal data in the future should be carried out on behalf of B52 by a so-called processor (a third party), this processing will be governed by specific contracts obliging the processor to comply with our Privacy Protection Provision, to effectively ensure the protection of your rights as described below.
- Your rights
Generally, you have the right to ask for information, correction, deletion, restriction of processing of the data stored about your person free of charge. Furthermore, you can revoke the use and transfer of your personal data at any time. In such a case, your request must enable a sufficient identification of your person and thus a clear assignment of the data to your person. However, we reserve the right to provide you with these data in an electronic form. If you believe that the processing of your data violates data protection laws, or that your privacy rights have otherwise been violated in any way, you are fee to complain to the respective supervisory authority or contact us directly at firstname.lastname@example.org.
- Web Analysis
Our website uses functions of the web analysis service Google Inc. (Google Analytics, which is a so-called tracking software). Cookies are used (see also point 6.), which are stored on the user’s computer. Through these cookies, which allow an user-related analysis of the website, specific user profiles are created. These are transferred to the server of the provider and stored there, and are also used to provide other services related to the use of the website. In this process, your IP address is made unrecognizable and thus anonymized. With this software neither we nor the operator of the analysis tools can collect personal data which reveal the identity of the user.
You can block this procedure by setting up your browser in a way that no cookies are stored.
To learn about your cookie management options with the most common browsers, please use the following links:
- Internet Explorer™: https://support.microsoft.com/en-gb/help/17442/windows-internet-explorer-delete-manage-cookies
- Edge™: http://www.thewindowsclub.com/allow-or-block-cookies-in-microsoft-edge
- Safari™: https://support.apple.com/kb/PH21411?locale=de_DE&viewlocale=en_US
- Chrome™: https://support.google.com/chrome/answer/95647?hl=en&hlrm=en
- Firefox™: https://support.mozilla.org/en-US/kb/enable-and-disable-cookies-website-preferences
- Opera™: http://www.opera.com/help/tutorials/security/privacy/
We have concluded a corresponding data processing contract with the provider.
- Social Media Plugins
Our website uses services and plugins provided by the social media network of Twitter Inc., 1355 Market St, Suite 900, San Francisco, CA 94103, USA (“Twitter”) in order to provide important information by embedding our official Twitter account. The timeline is integrated as list template and allows users to directly share or like tweets on Twitter.
Our website also features a Plugin of the social media network Facebook Inc., 1601 S. California Ave, Palo Alto, CA 94304, USA (“Facebook”). The timeline is also integrated as list template and allows users to directly share, like or comment postings on Facebook.
The third Plugin the website provides for is the social media network Telegram Messenger LLP, 71-75 Shelton Street, Covent Garden, London, UK (“Telegram”). This allows users to communicate on Telegram.
By accessing one of these three websites (“social networks”), your browser will instantly communicate with the servers of the respective social media network in the USA or UK. Thereby, certain data will be transferred and stored. If you are not logged in to the respective network or do not have an account, the information solely refers to your IP address and the fact that the website has been visited. If you are logged in to the respective network, this information can be associated with your account and thus your person. If you do not want the network to allocate such collected data to your account, you must log out of your profile before visiting the website. When using the liking/sharing function, information will be transmitted and be visible on the respective network as well.
However, as an alternative, you can force your browser not to load the respective timelines by installing add-ons, for example, the script blocker “NoScript” available under http://noscript.net/or log out of your network account prior to visiting our website.
Please further note that Facebook and Twitter have been certified to the EU-US Privacy Shield Framework, which stipulates that the companies are obliged to adhere to the agreement and permanently maintain a level of data protection corresponding to the European data protection standards. The EU-US Privacy Shield – as subject to an adequacy decision of the European Commission – has been classified to carry a sufficient level of data protection. Data transfers to certified companies within the USA are thus to be considered in line with the legal framework. The certifications under the EU-US Privacy Shield can be examined under https://www.privacyshield.gov/list
- Links to websites of third parties
As far as the website contains external links, we hereby indicate that these third-party websites are not subject to the influence and control of B52. We disclaim all liability for losses or obligations related to the use of these third-party websites. We are not responsible for the contents, availability, correctness, or accuracy of these websites, nor for their offerings, links, or advertisements.
We may amend or revise this policy at any time due to changes in legislation, but also without such reason. In the event of such a change, you will be notified by email in due time to the address provided by you. You will be asked to agree to these changes. If you do not agree to such changes, you will be prohibited from further use of our services.
In such a case we remain committed to protecting your information and data. Of course, we stay open to you about our privacy practices.
You can reach us at any time via email at email@example.com