Effective as of June 22, 2020
This Privacy Policy informs and explains to you how we collect, store, and process any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for your identification or identifiability (hereinafter the “Personal Data”) at Atomic Protocol Systems OÜ (hereinafter – “Atomic”, “we”, “our”). Privacy and data protection are core principles on which we have our website https://atomicwallet.io and any of our AppStore or Google Play applications “Atomic Wallet” (hereinafter the “Application”).
We have implemented various technical and organizational measures to be compliant with applicable personal data, privacy, and data security legislation in the countries where we operate or where the applicable law applies to us.
This Privacy Policy sets forth the basic rules and principles by which we process your Personal Data, and mentions our responsibilities while processing your Personal Data according to transparency obligations. We do not intend to collect personal data of children or persons under the age of 13 (thirteen) years old.
Contact details and Questions
Any questions about this Privacy Policy, the processing of Personal Data or data subject’s requests shall be directed to:
Atomic Protocol Systems OÜ (registry code 14519622)
Address: Harju maakond, Tallinn, Kesklinna linnaosa, Viru väljak 2, 10111
Email: [emailprotected]
1. Principles
Our Application is based on principles relating to the processing of the Personal Data and we commit to the following principles relating to the processing of the Personal Data:
– we process your Personal Data lawfully, fairly and in a transparent manner by providing this Privacy Policy and showing legal bases for the processing of your Personal Data;
– we collect the Personal Data for specified, explicit and legitimate purposes mentioned in this Privacy Policy;
– we process Personal Data that is adequate, relevant and limited to what is necessary in relation to the purposes for which it is processed, especially we don’t require you to register or log in, we don’t have access to your funds (private keys), we don’t require your name or email address.
– we collect accurate and, where necessary, kept up to date Personal Data when applicable and relevant;
– we store your Personal Data for no longer than is necessary for the purposes for which the Personal Data are processed;
– we use and ensure appropriate security of the Personal Data
2. Registration/Login Not Required
Atomic does not require you to register or log in.
3. Private Keys Stay on Device
Your private keys will stay on your device.
4. Categories of Collected Personal Data
We collect the following categories of your Personal Data:
– Your identification information necessary for your identification such as nickname and email. This information is necessary for your identification when you subscribe to our newsletters or leave a comment on the Application.
– Device Information. We may collect information about the device you use to access our Application, including the hardware model, operating system and version, unique device identifiers, and mobile network information. This information will never be communicated to third parties unless you provide prior specific consent.
– Analytical Information that includes information about how you use the Application.
– Information you may provide to us. Your email address, virtual currency addresses, and any other information you choose to provide will never be communicated to third parties unless you provide prior specific consent.
5. Processed Personal Data
We process personal data when you interact with the Application or use our services, especially when:
– you use our services;
– you browse any page or section of the Application;
– you communicate with us or leave a query;
– you leave a comment on the Website;
– you subscribe to our newsletters/updates;
– you receive notification from us;
– we need to share your personal data with the authorized third-parties to provide the services; and
– we measure or analyze the Application’s traffic.
6. Purposes and Legal bases for the Processing of Your Personal Data
We process your Personal Data for the following purposes:
– Providing services. We need to provide services via the Application. Legal basis: contract.
– Performing transactions. Legal basis: contract.
– Providing newsletters/offers/updates which may be interesting to you. Legal basis: consent for newsletters; legitimate interests for offers and updates.
– Compliance with applicable regulatory rules. Legal basis: legal obligation.
– Keeping the Application running (managing your requests, remembering your settings, hosting, and back-end infrastructure). Legal basis: legitimate interests.
– Preventing frauds, illegal activity, or any violation of the terms or Privacy Policy. We may disable access to the Application, erase or correct personal data in some cases. Legal basis: legitimate interests.
– Improving the Application (testing features, interacting with feedback platforms, managing landing pages, heat mapping the Application, traffic optimization, and data analysis and research, including profiling and the use of machine learning and other techniques over your Personal Data and in some cases using third parties to do this). Legal basis: legitimate interests.
– Customer support (notifying you of any changes to the Application, services, solving issues, any bug fixing). Legal basis: legitimate interests.
7. Blockchain Transactions
Your blockchain transactions may be relayed through servers or nodes and will be publicly visible due to the public nature of distributed ledger systems.
8. Secure Communication with our Servers, Confidentiality, and Security Measures
We have security and organizational measures and procedures to secure the data collected and stored and to prevent it from being accidentally lost, used, altered, disclosed, or accessed without authorization. All of our servers support HTTPS. We allow disclosure of your personal data only to those employees and companies who have a business need to know such data. They will process the Personal Data on our instructions and they are obliged to do it confidentially under confidentiality agreements.
You acknowledge that no data transmission is guaranteed to be 100% secure and there may be risks. You are responsible for your login information and password. You shall keep them confidential. In case if your privacy has been breached, please contact us immediately. We have procedures in place to handle any potential data breach and we will inform a regulator of a breach if we are legally required to do so.
9. Communication with Third-Party Servers
Exchange rates, balances, transactions, and other blockchain information may be read from or related to third-party servers. We cannot guarantee the privacy of your Internet connection.
10. Location of the Processing of Personal Data and Third-Party Services
The Personal Data is collected and processed by the company incorporated in Estonia.
The Application contains links to third-party sites. The Privacy Policy does not cover the privacy practices of such third parties. These third parties have their own privacy policies and we do not accept any responsibility or liability for their sites, features or policies. Please read their privacy policies before you submit any data to them.
There are the following third parties:
– third parties providing exchanges services such as Changelly, ChangeNOW, and Simplex
– email service providers to notify you and for direct marketing purposes such as Kickoff and SendGrid;
– website analytics companies to analyze data and improve our services and the Application such as Yandex Metrics and Google Analytics;
– platforms which we use for the support services such as Telegram;
– social media companies to promote and be present in social media such as Twitter, YouTube, Telegram, GitHub, medium.
11. Cookie Policy
Our Cookies Policy is available here.
12. Aggregate Usage Statistics
We may collect Atomic services usage information in order to improve function or UI, but will only use this information in an aggregated, anonymized fashion, and never in association with your name, email, or other personal data.
13. Optional Extra Personal Data
You may choose to provide us with the Personal Data in order to participate in certain programs, activate features, or obtain other benefits but you will always be able to use the basic features of Atomic without providing personal data. If you provide us with the Personal Data then, notwithstanding any part of this Privacy Policy, we may use that information in order to provide you with services or to improve the functioning or UI of Atomic.
14. Your Rights as Data Subject
You can exercise the following rights by contacting us.
You have the right to access information about you, especially:
– the categories of Personal Data;
– the purposes of the processing of the Personal Data;
– third parties to whom the Personal Data disclosed;
– how long the Personal Data will be retained and the criteria used to determine that period;
– other rights regarding the use of your Personal Data.
You have the right to make us correct any inaccurate Personal Data about you.
You can object to using your Personal Data for profiling you or making automated decisions about you. We may use your Personal Data to determine whether we should let you know the information that might be relevant to you.
You have the right to the data portability of your Personal Data to another service or website. We will give you a copy of your Personal Data in a readable format so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the Personal Data to the other service for you.
You have the right to be “forgotten”. You may ask to erase the Personal Data about you if it is no longer necessary for us to store the data for purposes of your use of the Application.
You have the right to lodge a complaint regarding the use of your Personal Data. You can address a complaint to your national regulator (the list of the regulators are accessible via https://edpb.europa.eu/about-edpb/board/members_en).
Once we receive any of your requests we will consider and decide on it within one month unless there is a justified requirement to provide such information faster. This term may be extended according to the applicable law.
We may request specific information from you to confirm your identity when necessary and reasonable. This is a security measure to ensure that the Personal Data is not disclosed to any person who has no right to receive it.
You do not need to pay a fee to access information or other rights but we may charge a reasonable fee if your request is clearly unfounded, repetitive, or excessive or refuse to comply with your request in these circ*mstances.
15. Support Requests
If you contact support then as part of the support request we may incidentally collect your personal data but we will endeavor to keep that information secure and confidential. Support information may be managed using a third-party service and further terms of that service may apply to your support request.
16. Retention Policy
We store the Personal Data as long as we need it and the retention practice depends on the type of data we collect, regulatory burden, and how we use the Personal Data. The retention period is based on criteria that include legally mandated retention periods, pending or potential litigation, tax and accounting laws, intellectual property or ownership rights, contract requirements, operational directives or needs, and historical archiving.
In some circ*mstances, we may anonymize your Personal Data for research or statistical purposes in which case we may use this information indefinitely without further notice to you.
17. Changes to the Privacy Policy
Atomic reserves the right to change this Privacy Policy at any time. Any changes will be posted so that you are always aware of what information we collect, how we use it, and under what circ*mstances we disclose it. We will inform you about the changes when it is possible.
As an expert in data privacy and security, I bring a wealth of knowledge and experience to the table. I have a deep understanding of the principles and regulations surrounding the protection of personal data, and I am well-versed in the technical and organizational measures required for compliance. My expertise extends to various aspects of privacy policies, including the lawful and transparent processing of personal data, secure communication protocols, and the implementation of measures to prevent data breaches.
Now, let's dive into the key concepts and components mentioned in the provided Privacy Policy:
1. Effective Date and Introduction:
- Effective Date: June 22, 2020.
- Entities: Atomic Protocol Systems OÜ, referred to as "Atomic."
2. Principles:
- Processing of Personal Data must be lawful, fair, and transparent.
- Personal Data is collected for specified, explicit, and legitimate purposes.
- Data collection is limited to what is necessary for the stated purposes.
- Emphasis on accuracy, relevance, and limited storage duration of Personal Data.
- Implementation of security measures to protect Personal Data.
3. Registration/Login Not Required:
- Users are not required to register or log in to use Atomic services.
4. Private Keys Stay on Device:
- Users' private keys remain on their devices for added security.
5. Categories of Collected Personal Data:
- Identification information (nickname and email).
- Device information.
- Analytical information.
- User-provided information (email address, virtual currency addresses).
6. Processed Personal Data:
- Outlines various scenarios when Personal Data is processed, including service usage, browsing, communication, and more.
7. Purposes and Legal Bases for Processing:
- Providing services and performing transactions.
- Sending newsletters/offers/updates.
- Compliance with regulatory rules.
- Application maintenance, fraud prevention, and improvement.
- Customer support.
8. Blockchain Transactions:
- Acknowledges the public visibility of blockchain transactions.
9. Secure Communication with Servers:
- Security measures for data protection during transmission.
- User responsibility for login information.
10. Communication with Third-Party Servers:
- Acknowledges the interaction with third-party servers.
- Lists third-party services utilized.
11. Location of Processing and Third-Party Services:
- Personal Data is processed in Estonia.
- Mentions third-party services and their privacy policies.
12. Cookie Policy:
- Refers to a separate Cookies Policy.
13. Aggregate Usage Statistics:
- Collection of usage information for improvement, with a focus on anonymity.
14. Optional Extra Personal Data:
- Users may provide extra Personal Data for specific benefits.
- Basic features can be used without providing extra data.
15. Rights as Data Subject:
- Outlines user rights, including access, correction, objection, data portability, and the right to be forgotten.
16. Support Requests:
- Incidental collection of personal data during support requests.
17. Retention Policy:
- Details the retention period based on various criteria.
- Mention of anonymization for research or statistical purposes.
18. Changes to the Privacy Policy:
- Atomic reserves the right to change the Privacy Policy with notifications about such changes.
This comprehensive overview demonstrates the commitment of Atomic to privacy and data protection, outlining the principles, practices, and rights associated with the handling of Personal Data.
