TO THE MOON PAYMENTS

Privacy Policy

 

Version: 1.01

Last updated: November 4, 2020

 

This Privacy Policy (“Policy”) constitutes an integral part of the To The Moon Payments Terms of Use (“Terms”), which is a legally binding agreement between the users of To The Moon Payments services (“You”, “User”) and btc2wire OÜ (“Company”, “We”), a private company incorporated under the laws of Estonia.

This Policy describes how the Company collects and uses your Personal Data when providing the Services to you.

Terms and definitions in this Policy have the same meaning as in the Terms unless stated otherwise.

We may update this Policy from time-to-time by posting a new version on the Website. We advise you to check this page occasionally to ensure you are happy with any changes. However, we will endeavour to provide you with an announcement about any significant changes.

 

You can contact the Company at: [email protected].

 

I. Overview

Your privacy is important to us. We are not going to misuse your data. 

Due to the nature of the Services, we collect some personally identifiable information (“Personal Data”) from you when you open a User Account. 

Additionally, the Company may collect some of the Personal Data from you when you contact the Company and during your use of the Services.

 

II. Information We May Collect from You

2.1. Account Information

When you open the User Account with the Company, you provide us with your Personal Data.

To open the User Account and verify your identity, we ask you to provide the following information: email address (which will be your username (login), phone number (for restoring account access and verifying your identity), full name (to verify your identity and fraud prevention), date of birth (to verify that you are of Acceptable Age), your address, your profession, citizenship and gender (to verify your identity and financial crime prevention), and you will have to come up with the password.

We use/store your email address:

(a) to verify your identity when you log in to your account;

(b) to contact you regarding your User Account or work and updates of the Company (support emails); and

(c) to comply with our legal obligations. For more info, please refer to our AML/KYC Policy.

After you register the User Account, you will be able to sign in with your User Account information (email that is your login and your password). 

We store passwords secured against unauthorized access by using a password hashing function. We encourage you to create a strong password and avoid sharing with other persons for the safety of your User Account and Card Account. 

If you want to participate in our referral program, you can share a unique referral link or code with your friends, which we will process to give you a reward for references. Referral information you share allows identifying your User Account.

 

2.2. Wallet Information

To enable the deposit of funds to the Card Account, we collect and process relevant wallet information from you depending on the type of virtual asset you would like to deposit.

We store your wallet information in an encrypted form and do not use this information for any purpose except to provide you with the exchange services and to comply with our legal obligations.

 

2.3. Security Information

To secure your use of the Cards, each Card has a PIN. We do not collect nor process this PIN and therefore cannot help with its retrieval. 

Please keep your PIN secure.

The Company will never ask you to share your PIN with the Company, its directors, employees, agents, or officers.

 

2.4. Usage Date

We collect information about your experience – the history of transactions, number of your assets, device and browser, information, IP-address, date, time, and duration of use of the Website, links by which you were addressed to the Website.

We store your information about your history of transactions, buy and sell orders, and the number of your assets to:

(a) enable you to manage it on the Website and see your history (please also see Sections 16 and 17 of the Terms);

(b) comply with financial law requirements.

We use other usage data to:

(a) give you the control over User Account active session (give information about logged-in devices, history of orders, etc.) and prevent fraudulent activities; and

(b) conduct our marketing research.

We also collect the information about the language of interface you chose on the Website to keep the interface in that language when you log in next time.

Usage data is collected in an anonymized and aggregated way to improve the Website and Services usability and for marketing purposes. Learn more about it in the section “Analytics” of this Policy.

 

2.5. Communication

If you need technical support, have a privacy request, or any other inquiry, you can contact us and leave your message by proceeding to our technical support by contacting us at [email protected] or using the chat on the Website. 

In this case, we will receive some portion of the information from you (your name and/or email). We will use this information to provide you with the help you might need, fix our Services, and analyze the Website’s efficiency.

 

2.6. AML/KYC

To comply with the laws on the prevention of money laundering and terrorist financing, we are required to collect, keep, and analyse the information and documents that identify you, contact details, history of transactions, verification data, including from third-party sources (e.g., consumer reporting agencies, public databases, commercial registries, and sanction lists), and other types of information prescribed by law.

We will ensure the confidentiality of the collected information and will not use the data from your AML/KYC profile for any other purposes.

For more information on the AML/KYC procedure and types of information collected for this purpose, please refer to our AML/KYC Policy.

 

III. How We Collect Information from You

3.1. Overview

We collect information from you when:

a) you use the Website and the Services;

b) when you open the Website (including when opening a Referral Link) and access your User Account; and

c) when you contact the Company.

 

3.2. Information we collect automatically

The following information is collected automatically: the number of your assets, device information, IP-address, date, time, and duration of use of the Website; information about transactions made with your Cards.

 

IV. Legal Base for Processing

4.1. Provision of Services

We use account information, wallet information, and usage data to provide our Services. Without this information, we will be unable to provide you with the Services we offer.

 

4.2. Compliance

As discussed above, we are required to store certain types of information for compliance with laws (e.g. AML/KYC obligations). We will make sure that this information will be treated strictly in accordance with relevant laws, and we will not use this information for other purposes (except as provided in this notice).

 

4.3. Customer Support

We use the information we receive when you contact us to help you with your inquiry. 

 

4.4. Legitimate Interest

For marketing purposes, we process your statistics of activity on the Website and your usage data. These data help us to understand our target groups and conduct marketing research.

We can also send you occasional emails with To The Moon Payments updates or new products/services, and other emails for the information purpose.

Account information, and usage data is processed for the purposes of identity fraud prevention.

You can opt-out from the email subscription by clicking the appropriate button in our emails to you.

 

V. Acceptable Age

We do not intend to collect nor knowingly process the children’s (under 18 years old) personal data. Only individuals, who are already 18 years old, may use the Services and provide information to us.

 

VI. Third-party Access 

Except as provided in this Policy, we will not sell, share, or rent your information to third parties.

6.1. Analytics

To analyse our efficiency and conduct marketing research, we use the services of analytics providers. When using the analytics services, we can share anonymized and aggregate details of using our Services, including, but not limited to traffic data, location data, length visit, other communication data.

This information does not allow to identify any certain person, so it is considered non-personally identifiable information.

Non-Personally Identifiable Information is collected and processed, among other services in an anonymized and aggregated way to improve the Website and Services’ usability and for marketing purposes using Google Analytics.

Google Analytics is a web analytics service that tracks and reports traffic on the Website. Google. Analytics uses the data collected to track and monitor the use of our Website. This data may also be shared with other Google services.

For more information on the privacy practices of Google, you can check its Policies at  www.google.com/analytics/policies/.

If you want to opt-out of being tracked by Google Analytics, please visit https://tools.google.com/dlpage/gaoptout

 

6.2. Third-party services

We may share some of your information with third parties, whose services are integrated with our Services solely for the purposes of the provision of such services, and only if you intend to receive such services.

Please see Section 18 of the Terms for additional information.

 

6.3. KYC and Email notifications

We are using third-party services to:

(а) conduct KYC procedure;

(b) send our notifications by email.

Such third parties may only use information about you to perform services on our behalf. They are not allowed to use it for their own purposes, and we take all reasonable and required measures to ensure their compliance with data protection requirements.

 

6.4. Other disclosures 

In addition to the disclosures for the purposes identified before, we may disclose information about you:

(a) if we are required to do so by law, in connection with any legal proceedings or to establish, exercise, or defend our legal rights; and

(b) in case we sell, license, or otherwise assign our Company, corporate rights, To The Moon Payments or its separate parts or features to third parties.

 

VII. Data Retention 

We retain your data for as long as you use our Services. We will delete most of the information when you stop using our Services (upon expiration of your Card if you have not ordered another Card from the Issuer and closing your Account), excluding some of the usage data that we may retain longer for analytical purposes.

Please note, that in order to comply with our legal obligations, we will have to store the KYC/AML information for 5 years after termination of the relationship with you.

We retain the information you provide us with when you contact us to provide you with customer support and do not store it afterward.

 

VIII. Information Security 

Your information is being stored and processed on the servers of the cloud provider inside the EU. These servers have technical measures to store the data securely and protected against unauthorized access.

To keep the processing, we may transfer the information outside the EU, e.g., for the purposes of technical maintenance. In this case, we will ensure that the necessary safeguards to process the information are met in accordance with applicable privacy regulations. We do not transfer personally-identifiable information to the U.S.

We take necessary and sufficient measures, including hashing and encryption of certain information, to protect your information from unauthorized or accidental access, destruction, modification, blocking, copying, distribution, as well as from other illegal actions of third parties.

Immediate access to some amount of the data is only allowed to our authorized employees involved in maintaining operations of the Company and its information infrastructure. Such employees keep strict confidentiality and prevent unauthorized third-party access to personal information.

 

IX. Cookies 

We use cookies. A cookie is a small text file that is downloaded onto your ‘terminal equipment’ (e.g. a computer or smartphone) when you access the Website. It allows the Website to recognize your device and store some information about your preferences or past actions.

There are two main kinds of cookies: session cookies and persistent cookies. Session cookies are erased when you close your browser. Persistent cookies remain on your device for a predefined period.

Strictly necessary cookies do not require user consent as they are always placed on your device by default.

Performance and targeting cookies are placed on your device by third-party providers on our behalf. Those providers, such as Google Analytics are engaged to provide us with analytics and access to the advertisement networks. For performance and targeting cookies, we will ask for your consent first.

You can manage and disable cookie settings at any time using Cookie Settings on the Website. Furthermore, you may manage your cookie settings in your browser settings at any time.

Please keep in mind that simply disabling all cookies or all of our cookies in your browser settings may lead to certain sections or features of our Website not working. Therefore, we recommend using the Cookie Settings on our website instead of disabling all cookies in your web browser.

 

X. Data Rights & Requests 

If you want to file a request or exercise any of your information rights under the applicable law, please contact us at [email protected].

To control our data protection activities, you may exercise certain rights regarding your information processed by us. In particular, you have the right to:

10.1. Object to the processing of your information. If we process your information in our legitimate interests, you can object against it. We will consider your request and, if there are no legal grounds to refuse it (e.g., public interest), stop the processing for such purposes;

10.2. Access your information. You have the right to:

(a) learn if we process your information;

(b) obtain disclosure regarding certain aspects of the processing; and

(c) obtain a copy of the information undergoing processing.

10.3. Verify your information and seek rectification. If you find that we process inaccurate or out-of-date information, you can verify the accuracy of your information and/or ask for it to be updated or corrected;

10.4. Restrict the processing of your information. When you contest the accuracy of your information, believe we process it unlawfully, or want to object against the processing, you have the right to temporarily stop the processing of your information to check if the processing was consistent.

In this case, we will not process the information for any purpose other than storing it or for legal compliance purposes until the circumstances of restriction cease to exist;

10.5. Ask us to delete/destroy/otherwise remove the information about you. If we are not obliged to keep the data for legal purposes, we will remove your information upon your request.

Please note, that the deletion of your information may affect your experience on the Website or lead to close of relationships between you and us if the information was strictly necessary for the provision of Services; and

10.6. Ask us to transfer your information to another organization.