Xcapit understands the importance of maintaining the confidentiality of all data that may be collected and respects the Personal Data Protection Law No. 25.326 applicable to them, as well as the RGPD (General Data Protection Regulation, or better known as GDPR for its acronym in English General Data Protection Regulation) which is a rule of the European Union. Thus, it is made known that Xcapit and those involved in any phase of the processing of personal data are bound to professional secrecy regarding them.
When you provide us with any personal data, we have legal obligations towards you in the way we use that data. We must collect the information fairly and explain to you how we will use it.
1. What information we collect
2. How and why we use/share your information
3. How long we keep your information
5. International data transfers
6. Your rights
7. Contact details
1. INFORMATION WE COLLECT
What is personal data?
How and what types of data we collect from you when you use the application
When you use the App to register an account, complete forms provided on the App, subscribe to our services (such as ‘Xcapit Wallet’) or report a problem with the App, we may collect, store and use certain personal information that you provide to us.
The information we collect from you includes your IP address, email address, feedback and login information.
IP address information is collected at the logging level only and is not directly related to the user making the request.
Please refer to your device’s help material to learn what controls you can use to delete cookies or block cookies. If you do this, it may affect your use of a website or application.
We may also partner with third parties who may collect anonymous statistical or usage data through your use of the application (including, for example, subcontractors in technical, payment and/or delivery services, business partners, advertising networks, analytics providers).
If you have any questions about our use of this technology, please contact us (firstname.lastname@example.org).
Cookies are small data files that a web server stores in a browser when a web page is visited. The purposes of these files are varied, including collecting information about the user’s browsing habits and activity within the web. They also enhance the browser experience by remembering that you are logged in and thus make using our websites more enjoyable for you.
The types of cookies used on our website are:
Necessary cookies help make a website usable by enabling basic functions such as page navigation and access to secure areas of the website. The website cannot function properly without these cookies.
Preference cookies allow the website to remember information that changes the way the site behaves or looks, such as your preferred language or the region you are in.
Statistical cookies help understand how visitors interact with web pages by gathering and providing information anonymously.
Marketing cookies are used to display relevant and engaging advertisements to visitors on web pages.
Session cookies collect information only while the visitor remains on our website, after which they are deleted.
Third-party cookies are used to tell us how a visitor uses our website, for example, which pages they visit and how long they spend on them. This helps us better understand how people use our site and how they access it, which helps us create better campaigns.
Within the scope of the GDPR, the data processed by cookies for the above purposes is justified to protect our legitimate interests and those of third parties in accordance with art. 6 para. 1 sentence 1 letter f GDPR.
Most browsers accept cookies automatically. However, you can set your browser so that no cookies are stored on your computer or a message always appears before a new cookie is created. However, the complete deactivation of cookies may result in you not being able to use all the functions of our website.
3. USE OF DATA
a) Legal basis for processing your information
We will only use your personal data where we are permitted to do so by law. Generally, we will use your personal data in the following circumstances:
Where you have asked us to do so, or have given your consent for us to do so;
2. Where we need to do so in order to perform a contract we have entered into with you;
3. Where it is necessary for our legitimate interests (or those of a third party) and your fundamental rights do not override those interests; and
4. Where we need to comply with a legal or regulatory obligation.
5. Marketing: you will receive marketing emails from us if you have given us your consent to do so or if you have provided feedback on our app and have not opted out of receiving marketing emails. (To unsubscribe from marketing emails at any time, click the unsubscribe link at the bottom of any marketing email and update your account preferences. You may also contact us to let us know if you do not wish to receive any marketing materials from us).
Depending on how and why you provide us with your personal information, we may share it in the following ways:
1. We may share your personal information with any member of our group, which means our subsidiaries, and our holding company.
2. With selected third parties, including business partners, suppliers and subcontractors for the performance of any contracts we enter into with them or with you (see “Service Providers” below); or
3. With analytics that assist us in improving and optimizing the app.
We may also disclose your personal information to third parties in the following events:
1. If we sell or buy any business or assets, in which case we may disclose your personal information to the prospective seller or buyer of such business or assets;
2. If Xcapit or substantially all of its assets are acquired by a third party, in which case personal information held by us about our customers will be one of the transferred assets; or
3. If we are under a duty to disclose or share your personal information in order to comply with any legal obligation or to protect the rights, property, or safety of our company, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction.
b. Links to Third Party Sites
4. RETENTION PERIOD OF YOUR DATA
We will retain your personal information on our systems only for as long as is necessary to provide you with the products and services you have requested, including for the purpose of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal data for a longer period in the event of a complaint or if we reasonably believe that there is a prospect of litigation with respect to our relationship with you.
You may ask us to delete your data: see “Your Rights” below for more information.
In some circumstances, we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes, in which case we may use this information indefinitely without notice.
Xcapit responsibly ensures the protection of your information. We have implemented appropriate physical, electronic and administrative security measures to prevent your personal data from being lost, used or altered, disclosed or accessed in an unauthorized manner.
In this sense, all your data will be stored in a database owned by Xcapit which is registered in the National Registry of Personal Data Protection. To ensure the security of the personal data you provide to Xcapit, we will apply the same criteria and the same degree of diligence that Xcapit applies to safeguard its own information.
In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal data on our instructions and are bound by a duty of confidentiality.
We have implemented procedures to deal with any suspected personal data breaches and will notify you and any applicable regulator of a breach where we are legally obliged to do so.
6. INTERNATIONAL TRANSFER OF DATA
Please note that some of our service providers may be based outside of Argentina. These service providers may work for us or for one of our suppliers and may be involved in, among other things, fulfilling your request for information, products and services. When we transfer your data to a service provider, we seek to ensure that adequate safeguards are in place to ensure that your personal data is held securely and that your rights as a data subject are respected. Transfers of personal data are made:
To a country recognized as providing an adequate level of protection;
To a country that does not provide adequate protection, but whose transfer has been governed by contractual clauses that guarantee the implementation of other cross-border transfer solutions to provide adequate protection.
By submitting your personal information, you agree to this transfer, storing or processing. If you would like more information about the mechanism through which your personal data is transferred, please contact email@example.com.
7. USER RIGHTS
As a data subject, you have a number of rights in relation to your personal data. Below, we describe the various rights you have and how you can exercise them.
a) Right of access
You may, at any time, request access to the personal data we hold that relates to you. Please note that this entitles you to receive a copy of the personal data we hold about you so that you can check that it is correct and ensure that we are processing that personal data lawfully. It is not a right that allows you to request personal data about other people, nor is it a right to request specific documents from us that do not relate to your personal data. You may exercise this right at any time by writing to us using the contact details set out here and telling us that you are making a subject access request. It is not necessary to complete a specific form to make this type of request.
b) Right to rectification and deletion.
You may, at any time, request that we correct personal information we hold about you that you believe to be incorrect or inaccurate. Please note that we may ask you to verify any new information you provide to us and we may take our own steps to verify that the new information you have provided to us is correct.
You may also ask us to delete personal data that we control if you no longer believe we should hold it (you may have heard this right described as the “right to be forgotten”). While we will do our best to honor your request and your personal data, it may not always be possible to delete all of your personal data, as there may be legal requirements to keep certain personal data or technical limitations to the data we can delete; for example, we cannot honor requests to delete records and information recorded on the blockchain, including but not limited to your chosen username, transaction history, and account balance.
There may also be legitimate interests in retaining certain data, including, but not limited to, if the data is necessary for the application to function. If this is the case, we will continue to process this data.
You may exercise this right at any time by using the contact details detailed here and requesting that your personal data be rectified or erased and on what basis you request this. If you would like us to replace inaccurate data with new data, you must tell us what this new data is. You do not need to complete a specific form to make this type of request.
c) Right to restrict processing
Where we process your personal data on the basis of a legitimate interest, you have the right to ask us to stop processing it in that way if you believe that continuing to do so would affect your fundamental rights and freedoms or if you believe that those legitimate interests are not valid.
d) Right to stop receiving notifications
You may ask us to stop sending you various types of communications, advertisements, etc.
e) Withdrawal of consent
Where we rely on consent to process your personal data, you may withdraw consent at any time. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide you with certain products or services. If this is the case, we will notify you at the time you withdraw your consent.
f) Exercising Your Rights
When you write to us to exercise your rights, we have the right to ask you to prove that you are who you say you are. We may ask you to provide copies of relevant identification documents to help us verify your identity.
It will help us process your request if you clearly indicate what right you wish to exercise and, if applicable, why you are exercising it. The clearer and more specific you can be, the more quickly and efficiently we will be able to deal with your request. If you do not provide us with sufficient information, we may delay action on your request until you have provided us with additional information (and where this is the case, we will tell you).