Otterhällegatan 1, 411 18 Gothenburg, Sweden +46 31 10 23 60

Privacy Policy

Keypasco Data Protection Policy

 

  1. Introduction

The purpose of this document (“Policy”) is to inform you of how we, Keypasco Pte. Ltd. (hereinafter referred to as “Keypasco”, “we”, “us”, or “our”) collect, use or disclose your personal data in accordance with the Personal Data Protection Act 2012 of Singapore (the “PDPA”) and the EU General Data Protection Regulation (“GDPR”).

We may from time to time update this Policy to ensure that it is in line with any future developments in the business climate and/or changes in the regulatory requirements. We will notify you of any material changes to our Policy through our website and/or through electronic mail notification. You agree to be bound by the prevailing terms of the Policy as updated from time to time should you access our website and/or app and/or use our services after we have notified you of these changes. If you do not wish to comply with any updated terms of our Policy, then please do not use our website and/or app and/or services.

This Policy is divided into 3 parts. If you are a non-EU citizen, Parts A and B would apply to you. If you are an EU citizen, Parts A and C would apply to you.

Part A – For everyone  

  1. Personal Data

The personal data that we collect are:

a) Data collected directly from you. This may be collected through our website, our app (where applicable), or by email. These data consists of personal information that can be used to identify an individual, like your name, gender, country of residence, date of birth, or identification number, and includes, but is not limited to:

i. Contact information, such as mailing address, or email address;

ii. Cryptocurrency address of your public Ethereum wallet address or Keypasco wallet address;

iii. Information we receive from any of our forms that you fill;

iv. Information we receive from your submission of a job application, or any comment, question or feedback to us; and

v. Other personal data you choose to provide.

b) Data collected by automated means. When you use our website and/or app and/or our services, we automatically collect information from your devices. These data are:

i. Server log information: We collect server log information when you use our website, which may include (but is not limited to) your login details, the date and time of visits, the pages viewed, your IP address, time spent at our website, the websites you visit just before and just after our website, the domains you come from;

ii. Device information: We collect information about the computer or mobile device you use to access our website, including the hardware model, operating system and version, the web browser you use, and other device identifiers;

iii. Usage information: If you use our website, we will collect metadata about the files you upload for storage and we will record instances in which you have used your private key to authenticate communications;

iv. Information collected by cookies:

A. We and our service providers use cookies to collect information when you interact with our website.

B. Cookies are small data files that are stored on your device when you visit a website, which enable us to collect information about your device identifiers, IP address, web browsers used to access the website, pages or features viewed, time spent on pages, mobile app performance and links clicked.

C. If you leave a comment on our website you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

D. If you have an account and you log into our website, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

E. When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

F. If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after one day.

v. Embedded content from other websites: Articles on our website may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

vi. Information from comments: When you leave comments on our website, we collect the data shown in the comments form, and also your IP address and browser user agent string. An anonymised string created from your email address (also called a hash) may be provided to Third Party Service Providers (defined under Section 5) assisting us with the operation of our website and/or app to see if you are using it. After approval of your comment, your profile picture will be visible to the public in the context of your comment.

  1. Collection of Personal Data

Generally, we, or Third Party Service Providers (defined under Section 5) on our behalf, will collect your personal data when you:

a) register and create an account with us to subscribe to Keypasco’s tokens, KEYOTO (the “Tokens”);

b) leave a comment on our website,

c) provide us with personal data in the comments form;

d) indicate that you want information emailed from us;

e) create and account with us;

f) send us any enquiries, questions, feedback or other types of communications; and

g) apply for a job through our website.

You have no obligation to provide any of the personal data requested by us. However, depending on the circumstances, it may be the case that if you do not provide the requested personal data, we may not be able to assist you or you may not be able to use our website and/or app and/or our services which we may be providing, or otherwise interact or engage with us, where these depend on the collection, use or disclosure of your personal data.

  1. Purpose of collection, use and disclosure of personal data

We,or Third Party Service Providers (defined under Section 5) on our behalf, will collect, use or disclose your personal data that we have collected from you for the following purposes:

a) To provide our services;

b) to verify your identity and perform due diligence on you should you apply to purchase the Tokens, including but not limited to assessing any risks against money laundering or terrorist financing;

c) for promotional and publicity purposes, including telling you about our products and services or other related products and services offered by us, and recording or taking photographs of participants / attendees at events organized by or participated by us;

d) to respond to your customer service enquiries, feedback, suggestions, complaints and comments;

e) to manage our website and/or app, products and services, as well as our administrative and business operations;

f) the day-to-day operation and maintenance of accounts and services;

g) to understand our customers and their needs and improve our products and services;

h) to investigate suspicious activities or acts of fraud, misconduct, unlawful actions or omissions;

i) record keeping;

j) complying with internal policies and procedures;

k) facilitating and/or organizing events;

l) if you apply for a job through our website, to administer and process any request for information or job application. We may disclose your information to external parties, such as recruitment companies, where it is clearly stated in the job advertisement;

m) if you have indicated that you want information emailed from us, the name, email address and company name you provide will be stored by us to be used to send relevant information to you via our email system. You can cancel these messages whenever you want by unsubscribing via a link in the email or by contacting us below;

n) hosting our website and maintenance services, processing online transactions, responding to online inquiries, and analyzing our website traffic;

o) ensuring your security including, without limitation, risk management to prevent potential attacks and frauds on internet, and spam detection;

p) investigating or preventing illegal activities or suspected fraud, or to enforce or apply our rights and property;

q) circumstances may arise where, whether for strategic or other business reasons, we decide to sell, buy, merge or otherwise reorganize businesses or business units in some countries. Such a transaction may involve the disclosure of personal information to prospective or actual purchasers, or the receipt of it from sellers;

r) disclose your personal data to third parties in order to comply with applicable laws, regulations and industry requirements. This includes disclosures to legal, regulatory, governmental, tax and law enforcement authorities. In addition, we may disclose information in order to investigate, prevent, or take action regarding illegal activities or suspected fraud, or to enforce or apply our agreements;

s) aggregating statistics about your visit to our website to help us improve the performance of our website;

t) To implement anonymization techniques in compliance with the PDPA on your personal data to remove identifying information such that the remaining data cannot be used to identify you and to use such anonymized data to create reports and/or produce statistics and research and/or data mining purposes so as to enable us to enhance our website or app performance and marketing reach and such anonymized data may be used by third party providers who provide necessary services to us.

(collectively referred to as the “Purposes”)

We collect, use and disclose personal information only for the Purposes. We will request your consent before we use or disclose your information for any other purposes. In addition, unless specifically described above, consent may be obtained in any legally sufficient method.

  1. Disclosure of Personal Data

We may also be disclosing the personal data you have provided to us to third party service providers (the “Third Party Service Providers”) who provide necessary services to us, such as service providers and data processors working on our behalf, and these Third Party Service Providers may also be collecting, using and/or disclosing your personal data on our behalf, for the following reasons:

a) to facilitate your purchase of the Tokens from us;

b) to facilitate the provision of our services by us to you;

c) for them to provide our services on our behalf;

d) for them to perform other services ancillary to our services;

e) for them to assist us in analyzing how our services are being used; or

f) to comply with applicable laws, regulations and industry requirements. This includes disclosures to legal, regulatory, governmental, tax and law enforcement authorities. 

  1. Consent

By using our website and/or app and/or services or when you otherwise engage or interact with us, you are deemed to have agreed to, consented to, and authorized the collection, use, disclosure and/or transfer of your personal data by us in accordance with this Policy, as well as the collection and use of your personal data by Third Party Service Providers to which we disclose or transfer your personal data to, for any one or more of the Purposes.

You may withdraw your consent for the collection, use and/or disclosure of your personal data in our possession or under our control at any time, or update your personal data stored with us, by submitting your request to the contact details set out in the relevant Sections below (depending on whether you are an EU citizen or a non-EU citizen). In such a case, we will process your request within a reasonable time from such a request for withdrawal of consent being made, and will thereafter refrain from collecting, using and/or disclosing your personal data in the manner stated in your request. A withdrawal of your consent to our collection, use and/or disclosure of your personal data may however mean that we are unable to provide you with a subscription of our Tokens or access to certain parts of our website and/or app and/or the provision of our services.

Part B – Only for Non-EU citizens

  1. Sharing your personal data with other users of our website and/or our app

Our website and/or app may have functionalities that allow you to share your personal data with other third parties such as other users of our website and/or our app. You are responsible for your choice(s) and are deemed to have provided consent for any sharing of your personal data in the manner provided by the website and/or app.

  1. Accuracy

You warrant and represent to us that the personal data that you disclose to us is accurate and complete. We will use our reasonable efforts to maintain the personal data accurately and protect the personal data against manipulation and errors. To help us maintain the accuracy of the personal data, we encourage you to inform us when there are changes to the personal data which you have provided to us.

  1. Security

We value your trust in providing us your personal data, thus we are striving to use commercially acceptable means of protecting it. We will implement security features to ensure that your personal data is adequately protected and secured and to prevent the unauthorized release of or access to the personal data. We take appropriate security measures to protect against unauthorized access to or unauthorized alteration, disclosure or destruction of data. These include, but are not limited to, internal reviews of our data collection, storage and processing practices and security measures, including appropriate encryption and physical security measures to guard against unauthorized access to systems where we store personal data. But remember that no method of transmission over the internet, or method of electronic storage is 100% secure and reliable, and we cannot guarantee its absolute security.

We restrict access to personal information to our employees, contractors and agents who need to know that information in order to process it on our behalf. These individuals are bound by confidentiality obligations and may be subject to discipline if they fail to meet these obligations.

  1. Breach notification

In the case of data breaches, we will inform the relevant authorities as soon as possible of any data breaches that might cause public concern or where there is a risk of harm to a group of affected individual.

If the breach is a high-risk breach, then Keypasco will also endeavour to immediately inform the individuals who are impacted.

  1. Hyperlinks and third-party sites

Our website may contain links to other third party websites that may collect personal information about you, including through cookies or other technologies. If you link to another website, you will leave our website and this Policy will not apply to your use of and activity on those other websites. You should consult these other websites’ privacy policies as we have no control over them and are not responsible for any information that is submitted to or collected by these third parties.

  1. Rights over Personal Data

You have certain rights under the PDPA in relation to the personal data we hold about you. These rights are detailed below.

Access: You have the right to request to have access to the personal data that is in our possession or under our control, as well as the information about the ways in which that personal data has been disclosed by us within a year before the date of your request. Further, if you have an account on our website and/or app, or have left comments on our website and/or app, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. Prior to responding to any request by you to access your personal data, we will have the right to exercise due diligence and adopt appropriate measures to verify your identity. In the event where a third party is making an access request on behalf of you, please ensure that such third party furnishes to us satisfactory documentation evidencing that he or she has the legal authority to validly act on your behalf. We will endeavour to respond to an access request as soon as reasonably possible, or within 30 days after receiving the request, whichever is the earlier. In the event we are unable to provide you with the required documents within 30 days from the date of your request, we will inform you in writing of the same. Where permitted by law, we reserve the right to charge a reasonable administrative fee for this service.

Erasure: You may request for us to erase any personal data we hold about you at any time. We will respond to deletion requests within 28 days. Do note however that if you choose to request for us to erase any of our records of your personal data at any time, you may not be entitled to use our website and/or our app and/or our services or any part thereof. In the absence of any request by you to erase our records of your personal data, we will cease to retain any documents containing your personal data, or remove the means by which the personal data can be associated with you, as soon as it is reasonable to assume that the Purpose for which that personal data was collected is no longer served by retention of the personal data, and retention is no longer necessary for legal or business purposes.

Correction: You have the right to correct any personal data held about you that is inaccurate.

Retention of personal data:If you leave a comment, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue. If you register on our website or app, we also store the personal information you provide in your user profile. You will be able to see, edit, or delete your personal information at any time (except that you cannot change your username). Our website and/or app administrators will also be able to see and edit that information.

Feedback and complaints: Please let us know if you have any concerns, feedback or complaints relating to the personal data or our Policy.

Withdrawal of consent: Please be notified that you may opt-out of our collection process at any time by contacting our data officer at the contact details specified below under this Section. We will respond to opt-out requests within 28 days. Do note however that if you choose to withdraw your consent for us to collect, use and disclose your personal data, you may not be entitled to use our website and/or our app and/or our services or any part thereof.

However, this does not include any data we are obliged to keep for administrative, legal, or security purposes.

If you wish to exercise any of your rights under this Section, please contact us through the following person, indicating your name and country of residence in your correspondences with us:

Name: Keypasco AB
Email: support@keypasco.com
Telephone: +46 31 10 23 60
Address: Att: Support, Otterhällegatan 1, SE-411 18, Gothenburg, Sweden

  1. Minimum age requirement

Our website and/or app and/or services are not targeted to persons under the age of 18 (or such minimum age required for you to be able to enter into a contract with us under the laws of your jurisdiction) (the “Minimum Age”) and we do not intentionally collect personal information from persons under the Minimum Age. Any user who attempts to submit information revealing their age to be under the Minimum Age will be blocked and their information deleted.

Part C – Only for EU Citizens

  1. Further purposes for which we collect, use or disclose your personal data

We may cooperate with government and law enforcement officials or private parties to enforce and comply with applicable laws and regulations. We may disclose any information about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: to respond to claims, legal process, subpoenas; to protect our intellectual property, rights and safety and the property, rights and safety of a third party or the public in general; and to stop any activity we consider illegal, unethical or legally actionable activity.

  1. Storage of your personal data

It is important to note that some or all of your personal information provided to Third Party Service Providers may be held in countries other than your own. You acknowledge and understand that your personal information will be subject to the applicable laws of each such jurisdiction, which may not provide for the same protection as your country of residence. If you have questions about our policies and practices with respect to service providers outside your jurisdiction, including the collection, use, disclosure or storage of such personal information by our service providers worldwide, you may contact us through the following person, indicating your name and country of residence in your correspondences with us:

Name: Keypasco AB
Email: support@keypasco.com
Telephone: +46 31 10 23 60
Address: Att: Support, Otterhällegatan 1, SE-411 18, Gothenburg, Sweden

For users with accounts located in the European Economic Area (EEA), your data is stored and processes in the EEA.

  1. Protection of confidentiality and security of your personal information

We maintain reasonable GDPR compliant physical, electronic, and procedural safeguards to protect your personal data. We have a data protection audit and recovery system in place. We track and maintain strict records for all of our data processing activities. We place your account information on the secure portion of our website, using firewalls and other security technology to protect our network and systems from external attacks, and we require you to enter a unique and confirmed email and password to access your account information online. Our servers are enabled with Secure Sockets Layer (SSL) technology to prevent unauthorized parties from viewing the personal information that you provide or access during a secure session (look for the padlock icon on your browser). In addition, if you access information online, we use digital certificate services to authenticate that you are transacting with our website and not the website of an impostor.

  1. Your personal data rights

When you provide personal data to our website or app, you retain the right to be informed of how your personal data is used, right of access to your personal data, right to rectification of your personal data, right to erasure or your personal data, right to restrict processing of your personal data, right to data portability, right to object and right to not be subject to profiling with your personal data.

Please be notified that you may opt-out of our collection process at any time and request for access to your data records and request changes to your data at any time by contacting our data officer at the following contact details:

Name: Keypasco AB
Email: support@keypasco.com
Telephone: +46 31 10 23 60
Address: Att: Support, Otterhällegatan 1, SE-411 18, Gothenburg, Sweden

We will respond to opt-out and deletion requests within 28 days.

  1. Retention and deletion of data

We will not retain data longer than is necessary to fulfil the purposes for which it was collected or as required by applicable laws or regulations. If you have an active account, you have the ability to request that we delete your personal data at any time. When you make a request to have your account deleted and all data deleted, all personal data collected through our website or our app or any other way will be deleted, as required by applicable law.

  1. Controlling your data

We want to make it clear to you that you have control of your data. If you wish to have your personal data edited, deleted, or audited please contact us anytime at the contact details under Section 17 and our data collection officers will be able to accommodate your requests.

  1. Minimum age requirement

Our website and/or app and/or services are not targeted to persons under the Minimum Age and we do not intentionally collect personal information from persons under the Minimum Age. Any user who attempts to submit information revealing their age to be under the Minimum Age will be blocked and their information deleted.