Last update: 27 October 2018
The privacy and security of your personal information is important to us. We implement the privacy concepts provided by the applicable laws and regulations including the General Data Protection Regulation (GDPR) to ensure that your Personal Data (as defined below) will be collected, processed, used and shared in the appropriate manner and in accordance with the purpose we set out as follows.
This Policy covers our collection, processing and treatment of the Personal Data on four (4) main categories:
Data we collect: We need to identify all users using and transacting on our Exchange. In order to do so, we proceed with know your customer procedures by strictly complying with the laws and regulations (related to anti-money laundering, terrorist financing, proliferation of weapons of mass destruction financing and other financial crimes) and our KYC/CDD policy. Therefore, all users must provide us with the following Personal Data before accessing and using our Services:
If you are a corporate user, we will collect your constitutional information (e.g. certificate of incorporation, affidavit, memorandum and articles of association, proof of good standing, list of directors and shareholders) including the Personal Data of the representatives or directors (e.g. their full names, ID cards or passports, registered address and contact addresses
Method of data collection: We collect your Personal Data during our KYC process through documents and information given to us via our website or through Singlesource Limited, our third-party KYC provider (“KYC Provider”).
Data storage, processing and sharing: We verify, process and store the Personal Data provided by each individual on the Company’s protected system in Singapore. Your Personal Data will be disclosed and shared by and between the Company and our KYC Provider to verify your identity. During the identity review process, the Personal Data may also be shared with other service providers engaged by the Company as well as the competent government authorities and similar bodies and organizations if we are required by the applicable laws and regulations.
In case we need to transfer your Personal Data to our service providers other than our KYC Provider, we will ensure that adequate safeguards for protection of your Personal Data is in place.
Data retention: We will keep the Personal Data of each user during the term of the Services and five (5) years after such user closes the account opened on the Exchange with us per our Terms and Conditions. After the that we will promptly delete or destroy such Personal Data from our system.
Your rights: You may email directly to us requesting to access, change or update your Personal Data at our address in section 5 below.
Data we collect: When visiting our website, we will record in our web server logs system of your Personal Data as follows:
For our website visitor analysis systems we will also additionally collect:
Data processing and sharing: Access to the Company’s website is logged to monitor system security as part of our intrusion detection program. We store the Personal Data that we collected for the purpose under this section on Google Data Centers in Singapore.
Access information is also shared with our analytics provider, Google Analytics and Facebook using third party cookies.
Data Retention: The retention of the Personal Data collected for profiling is governed:
Retention of logged access data that only provides IP and browser information of the accessing user, may be kept for one (1) year. Access to logs is strictly controlled and protected.
Your rights: When successfully shown that you are the owner of certain IP addresses at a certain time, we provide you with all information we have about it. You may request erasure of those IP addresses from our logs which we will comply if there is no regulation or obligation requiring it to be kept.
You can delete all site access and conversion data shared with Google anytime from https://myactivity.google.com/myactivity.
Data we collect:
Data processing and sharing:
Profiling: We will use trading information internally to analyse trading behaviours and find suspicious account activities. This is done internally and no information that is a result of this profiling is shared with any third party.
Your rights: You can request anonymization of your transaction and orders on our Exchange that executed more than five (5) years from the transaction date.
As part of our marketing and promotional plan, we may communicate with you through the channels (email, social media platform, telephone number and others) that you shared with us:
Data retention and Sharing: We will retain the contact details and communication information under this section as we deem appropriate, to the extent provided by the applicable laws and regulations, and will not share such information to any persons, except with our affiliate companies.
Your rights: At any time, you may contact us to cease to send and deliver you any marketing and promotional information. We will promptly remove your contact and communication information for such purpose upon your request.
The Company will not share or disclose your Personal Data to any third parties, except:
We do not intend to provide our Services to individuals under the age of eighteen (18). We encourage parents and legal guardians to monitor their children’s internet usage and to help enforce this Policy by instructing their children never to provide their Personal Data through the website or our Services without their permission.
Any claim or dispute arising from or in connection with this Policy shall be resolved by the dispute resolution method available in the Terms and Conditions.
Should you have any suggestions, questions, complaints, or other inquiries in connection with this Policy, please do not hesitate to communicate with our data protection officer at our contact points as follows.
Data Protection Officer
Go Exchange Ltd.
85 St. John Street, Valletta VLT 1165, Malta
At any time, you may request to have your Personal Data maintained by us returned to you or removed by emailing us or use the provided portal (in case of merchants). Requests to access, change, or remove your information or your inquiry will be handled within thirty (30) days. To protect your privacy and security, we may take steps to verify your identity before complying with the request.
The Company may amend this Policy from time to time. Such changes will be highlighted when accessing the Services and you may access to the latest version of our Policy on our website.