BITLISH PRIVACY POLICY

Last Updated August 15, 2018

  1. Introduction
  2. Sources we use to collect
  3. Types of personal information
  4. How we use the information we collect
  5. Disclosure of personal information
  6. Your rights
  7. Children’s Privacy
  8. Security of your information
  9. Retention of your information
  10. Amendments to Privacy Policy
  11. Contact Details

INTRODUCTION

We have updated our Privacy Policy, in line with the new General Data Protection Regulation (GDPR) which came into force across the EU on 25th May 2018.

As used herein, “Bitlish” refers to the company Bitlish Limited, including without limitation thereby, its owners, directors, investors, employees or other related parties. Depending upon context, “Bitlish” may also refer to the services, products, Site, content or other materials (collectively, “Materials”) provided by Bitlish. Bitlish and its affiliates (hereinafter, “Bitlish”, “we”, “us” or “our”) are committed to protecting and respecting your privacy whilst providing the best possible service.

This Privacy Policy (together with our Terms of Service) governs our collection, processing and use of your Personal Information. If you subscribe to or have downloaded our mobile apps, purchased Biltlish’s products and services online, and visit our website, this Privacy Policy forms a part of your contract with Bitlish.

Data Protection Officer

We have appointed a data protection officer (“DPO”). Our DPO is responsible for:

  • Raising awareness of data protection issues, training of Bitlish staff and conducting internal audits;
  • Monitoring Bitlish’s compliance with the GPDR and other data protection laws; and
  • Cooperating with supervisory authorities such as Information Commissioner’s Office (ICO) on our behalf.

“Personal Information” consists of information which may directly or indirectly identify you. The purpose of this Privacy Policy is to inform you of:

SOURCES WE USE TO COLLECT PERSONAL INFORMATION ABOUT YOU

We may collect personal information from various sources when you:

  • Apply for our products and services;
  • Talk to us on the phone;
  • Register and use an account with us, or perform any transaction on Bitlish platform;
  • Report any problem with our website in emails or website;
  • Data from third parties we work with: public information sources such as Companies House, card associations and payment service providers, fraud prevention agencies, identity verification agencies.

TYPES OF PERSONAL INFORMATION WE COLLECT

Personal Data type
Description

  • Documents
passports, driving licenses, proof of address you have supplied to us

  • Contact
information about you and where you live

  • Financial
your financial position, status and history

  • Demographic
information relating to your profession

  • Transactional
payment and transactional history from your account

  • Contractual
agreements of products and services we provide to you

  • Technical
information from devices when connecting or using online services

  • Third parties
data enrichment services such as Companies House

  • Consent
contact preferences you have expressed

  • Relationships
people you have paid or named as part of a product or service

  • Communication
general communication and correspondence

USE OF PERSONAL INFORMATION

We will process your personal information only for the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract, and for other purpose(s) for which such information has been provided to us as listed above.
Your information, whether public or private, will not be sold, exchanged, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of providing our services to you.
Other relevant document used for the purpose of your identification and/or verification of financial information and transaction processing and authorization and also in cases governed by EU laws.

We may use your Personal Information for the following purposes:

  • To personalize your experience (your information helps us to better respond to Your individual needs);
  • To improve our website (we continually strive to improve our website offerings based on the information and feedback we receive from You);
  • To analyse use of our Site;
  • To improve customer service (your information helps us to more effectively respond to your customer service requests and support needs;
  • To process transactions. Your information, whether public or private, will not be sold, exchanged, or given to any other company for any reason whatsoever, without your consent, other than for the express purpose of delivering the purchased product or service requested by the customer;
  • To send periodic emails. The email address you provide for order processing, may be used to send you information and updates pertaining to Your order or request, in addition to receiving occasional company news, updates, promotions, related product or service information, etc.;
  • To administer a contest, promotion, survey or other site feature.

For more information, please refer to our Cookie Policy which explains how we(Bitlish) use cookies and those set by other parties (third parties).

DISCLOSURE OF PERSONAL INFORMATION

Local (within EEA) transfer and disclosure of personal information
We may disclose your Personal Information to third parties as follows:

  • Any third party that receives or has access to Personal Information is required to protect such Personal Information and use it only to carry out the services they are performing for you or for Bitlish, unless otherwise required or permitted by law. We shall ensure any such third party is aware of our obligations under this Privacy Policy and we enter into contracts with such third parties by which they are bound by terms no less protective of any Personal Information disclosed to them than the obligations we undertake to you under this Privacy Policy or which are imposed on us under applicable data protection laws;
  • Vendors and other service providers - We may disclose any and all information specified in section 4 of this Policy to our suppliers or subcontractors as reasonably necessary for providing our services to You;
  • Business partners - We will disclose your transactional information to our payment services providers only to the extent necessary for the purposes of processing your payments, refunding such payments and dealing with complaints and queries relating to such payments and refunds;
  • Compliance with laws - We will disclose your Personal Information to our partners, governmental bodies and regulatory authorities, judicial bodies, our associates, agents, attorneys or other representatives for compliance with legal obligations to which we are subject or for the establishment, exercise or defence of legal claims, whether in court proceedings or in an administrative or out-of-court procedure;
  • With your consent - We may disclose your personal information for other purposes with your consent.

International Transfer and disclosure of Personal Information
In certain circumstances we may transfer your personal information to countries outside the European Economic Area (EEA) as follows:

  • Our main subcontractor for the services, LLC “Blockchain Solutions” is a Russian Company incorporated in the Russian Federation. We will transfer your Personal Information to that subcontractor solely for the purposes of providing our services to you and only on as need to know basis. Each transfer will be protected by appropriate safeguards of the relevant legally binding obligations of the recipient to protect and handle Your Personal Information in accordance with this Privacy Policy, GDPR and Data Protection Act;
  • The hosting facilities for our website are situated in the Russian Federation. The Russian law provides strict requirements and strong protection of confidentiality of the Personal Information at the level no less beneficial for You than the level provided by GDPR. Moreover, each transfer will be protected by appropriate safeguards of the relevant legally binding obligations of the recipient to protect and handle Your Personal Information in accordance with this Privacy Policy, GDPR and Data Protection Act;
  • Bitlish is a fast-growing Company, and our current or future partners may be located around the world including outside of the EEA. We aim at providing you with the best innovative services in the industry and in order to do that we might have to provide your information to other third parties besides those listed in 4.2(a) and (b) above for business, customer service, marketing or other purposes related to providing our services to You. You acknowledge and agree that the regulation applicable to Personal Information in the countries of residence of such partners may be different from GDPR or Data Protection Act. We will ensure that such partners comply with this Policy and their legal obligation to protect and not to abuse your Personal Information.

YOUR RIGHTS WITH RESPECT TO PERSONAL INFORMATION

You have the rights with respect to your Personal Information described in this Policy. You may exercise any of those rights by sending an email at [email protected] or by using technical tools and features of the interface of your Account. Please note, that some of your rights related to your Personal Information are quite complex, and you are advised to read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.

The right to confirmation. You have the right to confirm that we process your Personal Information and to access such Personal Information together with the details of the purposes of the processing, the categories of Personal Information concerned and the recipients of your Personal Information.

The right to be informed. You have the right to be provided with clear, transparent and easily understandable information about how we use your information and your rights. This is why we are providing you with the information in this Policy.

The right of access. You have the right to obtain access to your information (if we are processing it), and certain other information (similar to that provided in this Privacy Policy). This is so you are aware and can check that we are using your information in accordance with data protection law.
You can request and receive a copy of your Personal Information that we have subject to compliance with the applicable laws. You can access your Personal Information by logging into your Account and checking the relevant section in the Account interface.

The right to rectification. You have the right to rectify any inaccurate Personal Information about you and, depending on the purposes of the processing, to complete any incomplete Personal Information about you. You can request that we rectify any errors in information that we hold by sending an email at [email protected].

The right to erasure. This is also known as ‘the right to be forgotten’. You have the right to demand erasure of your Personal Information without undue delay if:

  • The Personal Information is no longer necessary in relation to the purposes for which it was collected or otherwise processed;
  • You withdraw consent to consent-based processing;
  • The processing of your Personal Information is done for direct marketing purposes only; and
  • Your Personal Information have been unlawfully processed.

Please note, that we may refuse your request for erasure of your Personal Information if it is processed for exercising the right of freedom of expression and information, compliance with a legal obligation or establishment, exercise or defence of legal claims.

The right to restrict processing. You have rights to ‘block’ or supress further use of your information. When processing is restricted, we can still store your information, but will not use it further. We keep lists of people who have asked for further use of their information to be ‘blocked’ to make sure the restriction is respected in the future. You have the right to restrict processing of your Personal Information in the following cases:

  • You contest the accuracy of the Personal Information;
  • Processing is unlawful, but you oppose erasure;
  • We no longer need the Personal Information for the purposes of our processing, but you require Personal Information for the establishment, exercise or defence of legal claims; and
  • You have objected to processing, pending the verification of that objection, in which case we may continue to store your Personal Information, but we will only otherwise process it: (I)with your consent; (II)for the establishment, exercise or defence of legal claims; (III)for the protection of the rights of another natural or legal person; or (IV)for reasons of important public interest.

The right to Object to Processing. You have the right to object to our processing of your Personal Information by any reason to the extent that the legal basis for the processing is that the processing is necessary for: the performance of a task carried out in the public interest or in the exercise of any official authority vested in us; or the purposes of the legitimate interests pursued by us or by a third party. Please note, that:

  • We will cease processing your Personal Information if such processing was done for direct marketing purposes;
  • In all other cases we may disregard your objection if we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms, or the processing is for the establishment, exercise or defence of legal claims.

Data Portability. To the extent that:

  • The legal basis for our processing of your Personal Information is (i) your consent; or (ii) a necessity to perform a contract to which you are party or to satisfy your request prior to entering into a contract; and
  • Such processing is carried out by automated means, you have the right to receive your Personal Information from us in a structured, commonly used and machine-readable format.

However, we may refuse to provide you with your Personal Information if it would adversely affect the rights and freedoms of third parties.

The right to lodge a complaint. If you consider that our processing of your Personal Information violates applicable laws and regulations, you have a legal right to file a complaint with the U.K. Information Commissioner by following the instructions provided at https://ico.org.uk/concerns/ or otherwise as may be convenient for you.

The right to withdraw consent. If you have given your consent to anything we do with your information), you have the right to withdraw your consent at any time (although if you do so, it does not mean that anything we have done with your personal data with your consent up to that point is unlawful). You can withdraw your consent to the processing of your information at any time by contacting us

To the extent that the legal basis for our processing of your personal information is consent, you have the right to withdraw that consent at any time. Withdrawal will not affect the lawfulness of processing of your Personal Information before the withdrawal.

CHILDREN’S PRIVACY

This site is not intended for use by children under the age of 18. Bitlish does not knowingly collect or solicit personal information from children under the age of 18. If you are under the age of 18, you should not register or provide information any Bitlish Application (e.g. website, Apps etc). If we learn that a user is under the age of 18, we will take steps to remove that user’s information from our systems where your rights do not apply. If you believe we might have any information from or about a child under the age of 18, please notify us by email ([email protected]).

SECURITY

Your Personal Information will be processed confidentially, applying the technical and organizational measures set out in the legislation to prevent improper or unauthorized access, modification or loss, and will not be transferred to any third party without Your express consent except when allowed or required by Law, when required by any competent authority or when necessary to perform a Transaction.
We implement a variety of security measures to maintain the safety of Your personal information when You submit a request, place an order or access Your personal information. These security measures include: password protected directories and databases to safeguard Your information, SSL (Secure Sockets Layered) technology to ensure that Your information is fully encrypted and sent across the Internet securely or PCI Scanning to actively protect our servers from hackers and other vulnerabilities. We offer the use of a secure server. All supplied sensitive information is transmitted via Secure Socket Layer (SSL) technology and then encrypted into our Database to be only accessed by those authorized with special access rights to our systems and are required to keep the information confidential.
Only authorized personnel of Bitlish have access to your Personal Information, and these personnel is required to treat the information as confidential. The security measures in place will, from time to time, be reviewed in line with legal and technical developments.
In accordance with the recommendations of Payment Card Industry Security Standards Council, customer card details are protected using Transport Layer encryption — TLS 1.2 and application layer with algorithm AES and key length 256 bit.

RETENTION OF YOUR INFORMATION

We will keep your information only for as long as is for the purposes set out in this Privacy Policy and to fulfil our legal obligations. Where you are a customer this is usually at least for as long as you remain a customer, to be able meet our legal and contractual obligations to you, and if necessary, to resolve any disputes. We will not keep more information than we need.

We only retain your information for as long as is necessary for us to use your information as described above or to comply with our legal obligations. However, please be advised that we retain some of your information after you cease to use our services, for instance if this is necessary to meet our legal obligations, such as retaining the information for tax and accounting purposes or for Anti Money Laundering obligations.

When determining the relevant retention periods, we will take into account factors including:

  • Our contractual obligations and rights in relation to the information involved;
  • Legal obligation(s) under applicable law to retain data for a certain period of time (for example, our obligations under anti money laundering laws);
  • Guidelines issued by relevant data protection authorities; and
  • Statute of limitations under applicable law(s);
  • (Potential) disputes;
  • Our legitimate interests, where we need to consider retaining information to meet any other obligations.

Otherwise, we securely erase your information once this is no longer needed.

AMENDMENTS TO PRIVACY POLICY

We may update this policy from time to time by publishing a new version on bitlish.com. You should check this page occasionally to ensure you are happy with any changes to this policy. We may notify you of changes to this policy via email, interface of your Account or through messaging on our website.

CONTACT DETAILS

The website (www.bitlish.com) and mobile application (Bitlish)are owned by Bitlish Ltd, and any services provided through them are provided by Bitlish Ltd with or without use of the services of its suppliers and subcontractors.
Bitlish Ltd is registered in England under registration number 9564930 and has its principal place of business is at 161 - 165 Farringdon Road, Farringdon, EC1R 3AL, England.
You can contact us by post at the address given above or via email at [email protected].
In order to ensure effective and legal handling of our customers’ Personal Information we have appointed a Data Protection Officer. You can reach our Data Protection Officer by sending an email at [email protected].
You also have the right to complain to the Commissioner’s Office. If you are unhappy with our response, you can contact the office or the Information Commissioner at:
Email: [email protected]
Tel: +44 (0)303 123 1113
Website: https://ico.org.uk/global/contact-us/