OWNR WALLET OÜ collects Personal Data (as defined below) in compliance with the applicable law and regulations, in particular the General Data Protection Regulation (EU/2016/679) (‘GDPR’).
The term ‘We’, ‘Us’, ‘Our’ refers to OWNR WALLET OÜ (registration code - 14555701), registered at Harju maakond, Tallinn, Kesklinna linnaosa, Väike-Ameerika tn 8-421, 10129. If We, or a fraud prevention agency, determine that You pose a fraud, money laundering or other criminal risks, We may refuse to provide the Services You have requested, or We may stop providing existing Services to You.
OWNR is a multi-asset cryptocurrency wallet, the basic functionality of which includes storing, sending and receiving digital assets, exchanging digital assets to other digital assets, and exchanging fiat currency to digital assets. OWNR WALLET OÜ is a private limited company registered in Estonia at Harju maakond, Tallinn, Kesklinna linnaosa, Väike-Ameerika tn 8-421, 10129, and holding the license FVT000406 for providing services of exchanging a virtual currency against a fiat currency and providing a virtual currency wallet service. Any information stored on the Website and/or Software is treated as confidential. All information is stored securely and is accessed by authorized personnel only. OWNR implements and maintains appropriate technical, security and organizational measures to protect Personal Data from unauthorized or unlawful processing and use, and from accidental loss, destruction, damage, theft or disclosure.
OWNR does not require You to register or log in when You use Our Wallet Software as User as described in p.2 Services > Software of our Terms.
OWNR does not store Your private keys, seed phrases, pass phrases, PINs or other authentication methods and does not have access to Your funds.
We do not use Your camera images. Neither do We copy them to Our servers. Camera images are only used for reading QR codes.
We process Your data in an appropriate and lawful manner, in accordance with the Estonian Personal Data Protection Act, as may be amended, and the General Data Protection Regulation (Regulation (EU) 2016/679).
Secure Communication with Our Servers
All of Our servers support HTTPS. Please ensure that HTTPS is present in the URL bar when accessing Our Website.
Exchange rates, balances, transactions and other blockchain information may be taken from or relayed to third-party servers. We do not bear responsibility for the security of Your Internet connection.
The Information We Collect and Its Purposes
The following sections cover the specifics of each of the two groups from which data is collected: those who use the Website and those who use the Software.
OWNR collects Personal Data using different ways:
- Via the Website We may collect data which include:
- Technical data, such as information about the device You use (mobile or desktop)
- Usage data, which includes information about how You use the Website
- Via the Software We may collect data which include:
- Technical data, such as information about the mobile device You use to access Our Software including the operating system and its version, screen size, time-zone setting, geolocation of Your mobile application store
- Usage data, which includes information about how You use the Software
We use this information for Our inner analytics only so that We can adjust OWNR Services better to Your needs. These details have an aggregated, anonymized form, and are not associated with Your name, email or other personally identifying information.
The source of the usage data is Google analytics tracking system. This usage data may be processed for the purposes of analysing the use of the Website and/or Software and Services and improving users’ experience, performance and future development of Our Services. The legal basis for this processing is Our legitimate interest for monitoring and improving Our Website, Software and Services.
When You create an Account You will be asked to provide:
- e-mail address to communicate with You, allowing You to open and operate an Account with OWNR, for marketing purposes. For example, by subscribing to Our newsletter, You will receive announcements straight to Your email address;
- phone number to be able to confirm that You are a certain Client and to communicate with You;
We will also ask You to provide some or all of the following documents to verify Your identity, address and jurisdiction, amount and source of funds:
- Proof of identity (National ID (both sides) / International ID (double page) / Driver’s License (both sides)) to perform Our contractual obligations towards You, to provide You with Our Services, for KYC and AML purposes;
- Proof of Address (Utility Bill (issued within 3 months) Bank Statement (issued within 3 months) to perform Our contractual obligations towards You, to provide You with Our Services, for KYC and AML purposes;
- Credit card information (including name, surname, birthdate, address) to perform Our contractual obligations towards You, to provide You with Our Services, to be able to execute Your Orders.
Depending on the Services You wish to use, We may additionally collect the following types of information:
- Identity information, such as name, title, place and date of birth, gender, nationality, organization name and position, and information from photographic identity documents such as driver’s license or passport information;
- Contact data, such as address and email, personal and business telephone details;
- Financial and/or employment information including business activities and source of funds. If You ask us to provide You with specific legal services, We may also ask You for further information relating to Your employment;
- Details in respect of political exposure or any actual or alleged criminal convictions;
- Information about the origin of Your assets.
Our Website is not intended for storing of 'special categories' of personal data, such as details about Your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, health information.
Links to other websites
The Website and/or Software may contain links to websites maintained by third parties, whose information and privacy practices are different than ours. We are not responsible or liable for the information or privacy practices employed by such third parties. We encourage You to read the privacy statements of all third party websites before using such websites or submitting any personal data or any other information on or through such websites.
- Via the Website We may collect data which include:
How We Collect Client Data
We may collect personal identification information from You automatically:
- As You use the Website, We will collect certain technical data including Your information about the device You use to access Our Website and Your usage habits, patterns and preferences.
- As You use the Software We will collect technical data including the operating system and version, screen size, time-zone setting, geolocation of Your app store and Your usage habits, patterns and preferences.
We use Google Analytics to help us analyse Client habits while visiting Our Website and/or Software. The data gathered from cookies may be transmitted to Google servers in the European Union. The information will be used by Google only for the purpose of evaluating Website use, creating Website activity reports, and other services relating to Website activity and internet usage on behalf of the OWNR.
We use the following cookies:
- Google Analytics (Website analytics)
- cs_lng (determination of language)
- visited_buy (notification operating)
- hide_buy_notify (notification operating)
You can remove cookies from Your computer through the settings on Your browser, but be aware that this may impact Your ability to make use of some features on this and other websites. Management of cookie settings varies from one browser to another.
During the process of creating the Account with OWNR, Clients provide information such as email address, telephone number (optional), image of the ID document, utility bill, credit card details and other relevant data.
The Clients data shall be collected and processed by a third party Company, who is a trusted partner of OWNR for collecting and processing Clients data on behalf of OWNR. The Company is an experienced identity verification company that will process Personal Data for the purposes of the necessary KYC/AML procedures. The Company will obtain and process all the above stated Personal Data and run KYC/AML procedures and ensure the compliance with the relevant AML legislation.
For the purposes of the maintaining Clients’ Accounts and reviewing Clients for the purposes of KYC/AML compliance, OWNR will collect and process the same that The Company will collect in the process of Client verification (KYC) procedure. The Personal Data shall be processed also by European Consulting Consultant OÜ.
We, upon receiving Your consent, may provide You with promotional messages and other information about products, events and Services of ours, Our affiliates, notices and other information related to the Service and Your interests.
By selecting the checkbox “I agree to subscribe to promotional messages and other information about products and Services of OWNR”, You consent that We may send all such aforementioned materials and information to Your email.
You may unsubscribe from these messages anytime by selecting the checkbox “Unsubscribe from the promotional materials” and, as a result, You will no longer receive such aforementioned materials to Your email. Please note that even if You unsubscribe from Our promotional messages, We may continue to send You service-related updates and notifications, or reply to Your queries and feedback You provide us with.
How We Use Your Personal Data
We will only use Your Personal Data when the law allows us to. Most commonly, We will use Your Personal Data in the following circumstances:
Where it is necessary for Our legitimate interests (or those of a third party) and Your interests and fundamental rights do not override those interests.
It is Our interest to conduct and manage Our business affairs appropriately and responsibly, to protect the reputation of Our business, and to provide You with the best possible Services of the Website and/or Software with a secure experience. We do not use Your Personal Data for activities where Our interests are overridden by the impact on You (unless We have Your consent or are otherwise required or permitted to by law).
We will use Your technical information to:
- provide and make improvements to the Website and/or Our Software, system maintenance, support, reporting and hosting of data, and troubleshooting;
- ensure that the Website and/or Software are secure;
- analyse how You interact with the Website.
We may also use any or all of the information above to administer and manage Our business in general. If You feel that Your interests and fundamental rights outweigh Our business purposes, and that We should therefore stop processing Your data, please let us know.
To perform the Agreement. It means processing Your data where it is necessary for the performance of the agreement which You are a party of, or to take steps at Your request before concluding an agreement. This includes Our Terms of Services.
Marketing. Collecting Personal Data for marketing purposes, We are able to improve Our services and expand the functionality offered. This is how We then decide which of Our Services may be relevant or of interest to You.
Where We need to comply with a legal or regulatory obligation.
In certain circumstances, We may need to retain or use Your data to comply with regulations and/or the law, especially AML laws and regulatory investigations.
We will only retain these data for as long as is necessary to fulfill the purposes for which it was collected or to comply with legal, regulatory or internal policy requirements.
Transfer and share information
We may share information with government authorities and/or law enforcement officials if required for the purposes above, if mandated by law or if required for the legal protection of its own legitimate interests in compliance with applicable laws. We will only use and share Your information where it is necessary for us to lawfully carry out Our business activities e.g. with companies to be able to conduct transactions with clients. The legal basis for this data processing is Our legitimate interest and Our legal obligation.
We will reveal Client’s Personal Data without their prior permission only when We have reason to believe that the disclosure of this information is required to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to OWNR or to others who could be harmed by the Client’s activities. We are permitted to disclose Personal Data when We have good reason to believe that this is legally required and when the competent authorities have requested to present them with such Personal Data.
We require all affiliated entities and third-party service providers to respect the security of Your Personal Data and to treat it in accordance with the law. We do not allow them to use Your Personal Data for their own purposes and only permit them to process Your Personal Data for specified purposes and in accordance with Our documented instructions.
International Data Transfers
We store Your information primarily within the European Economic Area.
However, some features and requirements of the Services may involve transferring Your information to third-party service providers outside the European Economic Area when it may be necessary to process Your transactions, subscriptions, purchases and/or trading activity:
- Provide the requested Services,
- Exercise and enforce Our contractual rights and Terms of Service,
- Comply with Our legal and/or regulatory obligations or assert, file or exercise a legal claim
We will only transfer Your Personal Data to countries that have been deemed to provide an adequate level of protection for Personal Data by the European Commission. In the absence of an adequacy decision, We will use specific contracts approved by the European Commission which give Personal Data the same protection it has in Europe.
How We Store and Secure Collected Information
For OWNR Users and Clients, all Personal Data is processed in the EEA. It has to be noted that OWNR is a cryptocurrency wallet service and provides you with the possibility to interact with the public blockchain networks of virtual currencies. Public blockchain networks (Ethereum, Bitcoin, etc.) which are decentralized database software platforms for virtual assets. Blockchains are a list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of the previous block, a timestamp and transaction data. By design, a blockchain is inherently resistant to modification of the data. Data are dispersed among nodes all around the world in encrypted version. If You trade virtual currencies You agree that Your Personal Data may be collected, stored, processed and that You will not be able to delete it or invoke the right to be forgotten. Your data are encrypted, meaning they are coded (anonymized). With trading virtual assets via OWNR You expressly agree to give Your Personal Data on the public blockchain that these data (even though encrypted) cannot be deleted and that Personal Data may be transferred outside European territory.
OWNR takes the security of the data that it collects very seriously. OWNR has implemented a number of technical, organizational and administrative measures to ensure the confidentiality, integrity, availability and privacy of Your Personal Data and to protect Your Personal Data from loss, theft, unauthorized access, misuse, alteration or destruction which are generally accepted by the industry to protect the Personal Data in its possession.
You should never disclose Your private keys, seed phrases, pass phrases, PINs and other means of authentication to unauthorized parties. We use certain security measures to help keep Your personal information safe, but We cannot guarantee that these measures will stop any users try to get around the privacy or security settings on the Website and/or Software through unforeseen and/or illegal activity.
Processing in Accordance with General Data Protection Regulation
The processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and Our processing will take place in accordance with the GDPR.
Retention and Deletion of Personal Data
Personal data that We process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes
We will retain and delete Your Personal Data as follows:
- Your technical data will be stored in an aggregated, anonymized form without term’s limitations.
- Contact data (e-mail address, telephone number) will be removed 1 year after You close the Account.
- Identity information (proof of identity, proof of address) will be removed 1 year after You close the Account and terminate legal relationships with OWNR.
- Credit card information (including name, surname, birthdate, address) will be removed 1 year after You close the Account and terminate legal relationships with OWNR.
To use the Services, You must be over the age of eighteen (18). OWNR does not knowingly collect Personal Information from children under the age of eighteen (18). We do not process any Personal Information of children under this age. We reserve the right to request proof of age at any stage so that We can verify that minors under the age of eighteen (18) are not using the Services. In the event that it comes to Our knowledge that a person under the age of eighteen (18) is using the Services, We will prohibit and block such Client from accessing the Services and will make all efforts to promptly delete or effectively anonymize any Personal Data stored with us with regard to such a Client.
Your principal rights under data protection law are:
Request access to Your Personal Data. This enables You to receive a copy of the Personal Data We hold about You and to check that We are lawfully processing it if it is possible to identify the Client.
You may send an email to email@example.com requesting information as the Personal Data which We process.
Request erasure of Your Personal Data. This enables You to ask us to delete or remove Personal Data where:
- There is no good reason for us continuing to process it;
- You have successfully exercised Your right to object to processing (see below);
- We may have processed Your information unlawfully; or
- We are required to erase Your Personal Data to comply with local law.
Note, however, that We may not always be able to comply with Your request of erasure for specific legal reasons which will be notified to You, if applicable, at the time of Your request. These may include instances where the retention of Your Personal Data is necessary to:
- comply with a legal or regulatory obligation to which We are subject; or
- establish, exercise or defend a legal claim.
Request correction or rectification of the Personal Data that We hold about You. This enables You to have any incomplete or inaccurate data We hold about You corrected and/or updated, though We may need to verify the accuracy of the new data You provide to us. As mentioned, it is in Your interest to keep us informed of any changes or updates to Your Personal data which may occur during the course of Your relationship with us.
Object to processing of Your Personal data where We are relying on a legitimate interest (or those of a third party) and there is something about Your particular situation which makes You want to object to processing on this ground as You feel it impacts on Your fundamental rights and freedoms. You also have the right to object where We are processing Your Personal Data for direct marketing purpose.
In some cases, We may demonstrate that We have compelling legitimate grounds to process Your personal information that override Your rights and freedoms.
Request restriction of processing of Your Personal Data. This enables You to ask us to suspend the processing of Your Personal Data in the following scenarios:
- if You want us to establish the data's accuracy;
- where Our use of the data is unlawful but You do not want us to erase it;
- where You need us to hold onto the data even if We no longer require it, as You need it to establish, exercise or defend legal claims; or
- where You have objected to Our use of Your Personal data, but We need to verify whether We have overriding legitimate grounds to use it.
Request the transfer of Your Personal Data to You or to a third party. We will provide to You, or a third party You have chosen, Your Personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which You initially provided consent for us to use or where We used the information to perform a contract with You.
Request to withdraw Your consent at any time where We are relying on consent to process Your Personal data (which will generally not be the case). This will not however affect the lawfulness of any processing which We carried out before You withdrew Your consent. Any processing activities that are not based on Your consent will remain unaffected.
If You have any further questions regarding the data OWNR collects, or how We use it, then please feel free to contact us by email at: firstname.lastname@example.org.
Last updated on 18 September 2020