We reserve our right to change and update this Privacy Policy from time to time, therefore, you should regularly check for any changes in our Privacy Policy. We will notify all users of any material changes to this Privacy Policy and the Privacy Policy document will also indicate the date of Last update for user’s convenience. Your continued access to or use of our Online Platforms and services after the date of the update in Privacy Policy constitutes your acknowledgment and agreement that you have read, understood and accepted the terms of the updated Privacy Policy. If you do not agree to the updated Privacy Policy, you must stop accessing or using Our Platform and/or our Services.
If you are a resident of the European Economic Area (EEA) or UK, please also review Section I & J of this Privacy Policy.

We may collect and process the following data about you:

• You may be required to give us sensitive personal data about yourself before, during or after creating an Account, or while corresponding with us through any means of communications. Sensitive personal data that you will voluntarily provide us may include information such as your name, photograph, postal address, e-mail address, phone number, details/copy of Govt. Issued National Identity documents (i.e. Passport, Aadhaar Card etc.), details/copy of documents used as proof of address (i.e. Driving license, utility bills, bank passbook etc.), details/copy of your Tax Identification Details (i.e. Permanent Account Number – PAN card) and other identification documents.
• Your financial and credit card information, details of your Linked Bank Account, location details or other information requested by us to detect and protect against frauds and similar criminal activity and such other information required by us from time to time for providing the Services.
• Details of your trading activities, all transactions performed on or through our Online Platforms including transactions relating to buy order, sell order, swap orders, deposits, withdrawals, staking, sending or receiving any Virtual Digital Assets and other transactions or activities performed on our Online Platforms from time to time.
• Technical information, including the Internet protocol (IP) address used to connect your device to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, material or information that you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-hovers), and methods used to browse away from the page and any phone number used to call our customer service number.
• Cookies: Our Online Platforms use Cookies and tracking technology in order to distinguish you from other Users of our Online Platforms and enables us to serve you better and provide you a customised and personalised user experience. Cookie and tracking information collected by Us may be shared with third-parties which directly support our advertising/promotional activities and are involved in development/updation of our Online Platforms.

1. to verify, maintain, update and retain your personal details and details relating to your identity, address, financial information and other aspects as may be required as per our Company’s policy or to comply with applicable laws and regulations;
2. to facilitate and provide the services offered through the Online Platforms;
3. to inform you of our products, services, promotions, offers, surveys and events which may be of interest to you;
4. to carry out update, upgrade, maintenance, customization and other changes in our products and services to serve you better;
5. to provide you with the information and Services, that you request from us;
6. to enhance the security and user experience of our Online Platforms;
7. to provide, manage or access digital wallets for holding digital assets;
8. to track and remember information and details relating to the transactions executed by You on or through our Online Platforms;
9. to prevent and identify suspicious / other illegal transactions in order to mitigate risks relating to money laundering and other illegal activities;
10. to provide you, or permit Selected Third Parties to provide you, with information about Services we feel may interest you or for the purposes of verification and authentication of your identification documents;
11. to send you Service related notices or emails and other non-essential promotional material (you will be provided an option to unsubscribe to such email or other communications);
12. for KYC verification, ourselves or through a Selected Third Party, of the details of Tax Identification and other Identification documents provided by you. You understand that in order to verify that such information belongs to you, we may send you a verification emails/one-time password.

1. We reserve the right to share any Information that we collect from you, as prescribed above with Selected Third Parties. Your personal data may be processed and stored in a foreign country or countries. In this regard, we will take such necessary measures to ensure that such overseas recipients are bound by legally enforceable obligations to ensure that these overseas recipients will provide a standard of protection to your personal data so transferred or shared that is at least comparable to the protection to your personal data under the applicable law of that jurisdiction. Under those circumstances, the governments, courts, law enforcement, or regulatory agencies of that country or those countries may be able to obtain access to your personal data under relevant foreign laws. You acknowledge that the privacy standards of those countries may be lower than those followed in your country of residence.
2. We further reserve the right to share your personal data to any third party when we are under obligation to share such information under applicable laws or under the order of any competent authority/court. We may also disclose and share your personal data with third parties to detect, prevent or investigate any actual or potential occurrence of identity theft, fraud, money laundering, abuse of Services and other illegal acts.
3. We may share your personal data with selected business partners, service providers and third parties including Banks, payment processing companies, KYC verification service providers and Third party crypto exchanges (“Selected Third Party”).
4. The Company reserves the right to share current and historical bids, asks, and market prices; historical average returns, high–low prices; trade prices; estimated and actual trade volumes; and other aggregate data and information related to the Digital Assets trades executed by or through our services using our Online Platforms.

We may assign, novate, or transfer any or all rights and obligations that accrued in our favour under the Privacy Policy, at our sole discretion, to our subsidiaries, affiliated entities, or any other third party and for our users, to offer them a full suite of services in globally through our subsidiaries or affiliates.

1. Personal data means data, whether true or not, about an individual who can be identified (i) from that data, or (ii) from that data and other information to which the organisation has or is likely to have access. Your personal data is accessible only by our authorized employees and Selected Third Parties, and is otherwise kept secure.
2. We have in place appropriate technical and security measures to prevent unlawful access to or accidental loss of information collected including those prescribed under applicable laws. We have taken the following steps to ensure data security:
• All the user information can only be accessed by authorized users;
• Users need to authenticate themselves with a username-password combination; and
• All data is hosted on the servers of Digital Ocean servers located in India, Singapore or United States of America. Please refer the details of the security standards and compliance policies of Digital Ocean at: https://www.digitalocean.com/security
3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee, give no warranties, and shall not be liable for breach of the security of your data transmitted through the Online Platforms due to malicious attacks, errors, commission or omissions not willfully initiated by us. Any transmission is at your own risk. Once we have received your information, we will use reasonable standards and practices to strict physical, electronic, and procedural safeguards to try to prevent unauthorised access.

1. We may, at our sole discretion, retain any information and/or data provided by you for as long as your Account is active, and even subsequently as allowed under applicable laws, for resolution of disputes, for the purpose of investigations or ongoing prosecutions or in case of any suspicious/ illegal transactions, for enforcement of any agreements, and/or as necessitated under applicable laws.
2. We make no warranties and shall not be liable regarding non-availability or non-retention of any information and/or data provided by you beyond the deletion of your Account.

1. The right to access – You have the right to request our Company for copies of your personal data. We may charge you a small fee for this service.
2. The right to rectification – You have the right to request that our Company correct any information you believe is inaccurate. You also have the right to request our Company to complete the information you believe is incomplete.
3. The right to erasure – You have the right to request that our Company erase your personal data, under certain conditions.
4. The right to restrict processing – You have the right to request that our Company restrict the processing of your personal data, under certain conditions.
5. The right to object to processing – You have the right to object to our Company’s processing of your personal data, under certain conditions.
6. The right to data portability – You have the right to request that our Company transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you.

1. What is personal data?
   As per EU General Data Protection Regulation (GDPR), ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2. Special categories of personal data
   Certain types of sensitive personal data are subject to additional protection under the legislation applicable to you. They are called “special categories” of personal data. The special categories are: 
   • Personal data revealing racial or ethnic origin.
   • Political opinions.
   • Religious or philosophical beliefs.
   • Trade union membership.
   • Genetic data and biometric data processed for the purpose of uniquely identifying a natural person.
   • Data concerning health.
   • Data concerning a natural person’s sex life or sexual orientation.

   We will only use special categories of personal data for specific purpose based on lawful basis requirements.

3. International transfers of personal data
   We share your personal data with our Affiliates and Selected Third Parties. This will involve transferring your personal data outside the European Economic Area (EEA) or the UK. Many of our external third parties are based outside the EEA or the UK so their processing of your personal data will involve a transfer of data outside the EEA or the UK. Whenever we transfer your personal data out of the EEA or the UK, we ensure a similar degree of protection is afforded to it by ensuring

    

   1. a specific contractual obligation requiring Selected Third Parties to comply with level of data protection standards as per your applicable laws. 
   2. We use Digital Ocean as our Selected Third Party to store customer data and you can access their Data Processing Agreement at https://www.digitalocean.com/legal/data-processing-agreement.
   3. EU’s Standard contractual clauses have been incorporated in this Data Processing Agreement by reference. 
   4. The contact details and other details as required under the Standard contractual obligation are also available at the above mentioned link. 
4. Data retention period
   We are obliged to retain your personal data for a period of 5 years after the end of the relationship between us as a company and you as a customer. This period may be further extended in certain cases as per applicable laws.
5. Lodging a complaint with a data protection authority
   Should you wish to report a complaint or if you feel that Our Company has not addressed your concern in a satisfactory manner, you may contact the relevant Information Commissioner’s Office in your country.