This is the Privacy Statement of BOTS (“Bots”, “we”, “us” and “our”), and it applies to us as long as we process Personal Data that belongs to individuals (“you”).
You share different types of personal data with us when you use the services provided by BOTS, install the BOTS App, make an account, execute transactions, view our website, and contact our support department.
In our Privacy Statement you can read about how we handle your personal data. You will also find information about what personal data we process and what we do with it. In addition, you can read about your privacy rights; for example, the right to access information, the right to rectification and various forms of right to object.
We update this Privacy Statement regularly to ensure that any new obligations and technologies, as well as any changes to our business operations and practices are taken into consideration, as well as that we remain ahead of the changing regulatory environment.
2. Purpose of this Privacy Statement
We, at BOTS, understand that your personal data is important for you. Through this Privacy Statement we aim to explain in a clear way what data we collect, why we collect it, how we use it, process it, store it and protect it.
The Privacy Statement applies to all Clients of BOTS, these are all individuals that either are using, have used or have expressed a desire to use the services provided by BOTS.
3. How does BOTS obtain your personal data?
BOTS collects the personal data of its Clients through:
A) direct interactions (such as when you register for the BOTS App or make a purchase);
B) data from third parties (such as information on third-party websites or other information Clients may have made publicly available, or information provided by third party sources, such as government entities);
C) automated tracking technologies (such as information automatically collected about Clients’ interaction with the BOTS App and Website).
4. Why does BOTS collect your personal data?
BOTS collects Client data on the basis of its legal obligations according to Art. 6(1)(c) GDPR: BOTS identifies all of its Clients and obtains from them various sources of personal data, such as their name, date of birth, address and a copy of their ID document in order to conduct customer due diligence and to prevent fraudulent conduct or behavior that contravenes international sanctions and to comply with regulations against money laundering, terrorism financing and tax fraud.
BOTS also collects Client data on the basis of its performance obligation stemming from the Agreement between BOTS and the Client, according to Art. 6(1)(b) GDPR: We collect information from you that is needed in order for us to be able to provide you with our services.
Any additional sources of data that are collected on the basis of Clients’ consent according to Art. 6(1)(a) GDPR, which Clients are free to give or refuse. By registering for the BOTS Platform, the Client agrees with the right of BOTS to store and process their data according to the GDPR regulation.
5. What kind of personal data is collected by BOTS?
When registering for the BOTS App, Clients provide BOTS with (some of) the following data, which BOTS stores and processes.
A) First and last name as written in their Passport;
B) Copy of the passport or identity card;
C) E-mail address;
D) Phone number;
E) Residential address;
F) Date and Place of Birth;
G) A visual image of the face of the Client with a handwritten note with the current date;
H) A visual image of the Client’s identity document;
I) The answers to a series of questions regarding the Client’s source of wealth;
J) Additional information on the source of funds of Transactions;
K) A declaration from the Client’s bank account that they will use in connection to BOTS’ services is their own personal bank account;
L) The payment to BOTS from an account opened in the Client’s name in a credit institution registered or having a place of business in an EEA Member State;
M) Additional documents, data, or information that may be necessary to establish a Client’s identity and their verification.
N) Information that is obligated to collect concerning the Know You Customer process (which can also contain information on possible fraud that has been committed).
A) Number of their Chamber of Commerce registration;
B) Statutory name;
C) Legal Form;
D) Registered address;
E) Country of Establishment;
F) Legal Entity Identifier and Regulator (if applicable);
G) Company situation;
H) Identity of UBO(s);
I) Answer to a PEP verification question;
J) Answer to a Source of Funds and Area of Activity question;
L) Organization chart of the company going up all the way to the natural person owners (UBO(s));
M) Chamber of Commerce extract;
N) Passport copies of the UBO(s);
O) Proof of the powers of representation of the representatives;
P) Additional documents, data, or information that may be necessary to establish a Client’s identity and their verification.
Furthermore, BOTS stores and processes with regards to its clients, (some of) the following data:
A) Fiat-cryptocurrency transfer history;
B) Trade history;
C) GPS location;
D) IP address;
E) Bank account number/IBAN, BIC number;
F) Appstore/Google Playstore account information of its Clients;
G) Information about devices, operating system, online behavior and preferences data: such as the IP address of your mobile device or computer, the type, version and brand of device used to visit the Bots App and bots.io, the operating system and browser version you use, your cookie settings, your mobile advertising ID and the pages you visit on the Bots App and bots.io.
H) Data about your interests and needs that you share with us, for example when you contact our support team or contact us/address us in any way such as through social media (Facebook, Twitter, Instagram, Google+ and Youtube). We follow public messages, posts, likes and responses to and about Bots on the internet.
6. Your duty to provide data
In some cases, we are legally required to collect personal data or your personal data may be needed before we may perform certain services and provide certain products.
We undertake to request only the personal data that is strictly necessary for the relevant purpose. Failure to provide the necessary personal data may cause delays in the availability of certain products and services.
7. What we do with your personal data?
The personal information collected is used for the purposes which Clients have provided it for, and might be further used for statutory or other legitimate purposes only. BOTS uses Clients’ personal data in the following ways:
A) administering the relationship with Clients, such as providing and managing their access to and use of the BOTS Platform and Website (this processing is necessary for the performance of the Agreement between BOTS and the Client);
B) improvement of BOTS’ services and development of new products, such as personalizing Clients’ experience with the BOTS Platform (this processing is necessary for the purposes of BOTS’ legitimate interests);
C) marketing, such as providing Clients with marketing or advertising communications BOTS considers as relevant for them (this processing is based on Clients’ given consent and/or on BOTS’ legitimate interests);
D) providing online chat rooms, message boards & other communication channels to Clients (this processing is based on Clients’ given consent and/or on BOTS’ legitimate interests)
E) other general business support purposes, including but not limited to procurement, financial and fiscal management, risk and compliance management, and external reporting (this processing is necessary for compliance with a legal obligation to which BOTS and its exchange provider partners are subject to, or that is otherwise lawful under the applicable data protection laws or for BOTS’ legitimate interests).
8. Who we share your data with and why?
To be able to provide the best possible services and further its business operations, BOTS may share certain Client data internally or with selected third parties incorporated inside or outside of the European Union. Some of these parties are incorporated in the United States. Parties BOTS might share data with include:
A) service providers; e.g. for managing or hosting services and/or underpinning technology for the services BOTS provides;
B) business partners; e.g cryptocurrency exchange provider partners (such as BANXA), payment service providers, etc.
C) other parties, e.g. as needed for external audits, compliance, risk management, corporate development and/or corporate governance-related matters; or
D) governmental authorities and regulators, as required under the applicable law.
Whenever we share your personal data externally with third parties in countries outside of the European Economic Area (EEA) we ensure the necessary safeguards are in place to protect it. For example, we rely upon, amongst others:
- Requirements based on applicable local laws and regulations;
- EU Model clauses, when applicable, we use standardised contractual clauses in agreements with service providers to ensure the processing of personal data transferred outside of the European Economic Area complies with the GDPR.
9. Your Rights and how we respect them
As your personal data is processed, you also have privacy rights.
To the extent provided under the GDPR, your rights include the following:
A) Right of access (‘an overview of your personal information’): the right to get an overview of your personal information that we process.
B) Right to rectification (‘correct your personal information’): if your personal information is inaccurate or incomplete, the right to ask us to rectify or complete your personal information.
C) Right to erasure (‘right to be forgotten’): the right to request that we delete your personal information to the extent permitted by the applicable law.
D) Right to data portability (‘transfer your personal information’): the right to ask us to transfer your personal information directly to you. This applies to certain personal information if processed by automated means and with the Client’s consent, or based on an agreement with BOTS.
E) Right to restrict processing: the right to request that we restrict or stop the processing of your personal information held by us for a certain period of time, or for an indefinite period.
F) Right to object: the right to object to the processing of your personal information. The reasons for an objection should relate to your particular situation, and be related to processing based on the legitimate interest condition.
G) Withdrawal of Consent: the right to withdraw your consent to the processing of your personal information at any time; for instance, after you consented to us keeping you informed about our Services, you have the right to withdraw this consent at any time.
Clients may exercise the rights above by contacting the help desk of BOTS via email, phone or the help chat in the Bots Platform. For more information please visit https://en.bots.io/support/help.
We aim to respond to your request as quickly as possible. In some instances this could take up to one month (if legally allowed). Should we require more time to complete your request, we will let you know how much longer we need and provide reasons for the delay.
If you are still unhappy with our reaction to your question or complaint, you can escalate it to Data Protection Officer of BOTS via firstname.lastname@example.org.
You can also contact the data protection authority via email@example.com.
10. How long we keep your personal data?
Clients’ personal information will be processed to the extent necessary for the performance of BOTS’ obligations, and for the time necessary to achieve the purposes for which the information is collected, in accordance with BOTS’ data retention policies and the applicable data protection laws. When BOTS no longer needs your personal information, BOTS will take all reasonable steps to remove it from our systems and records or take steps to properly anonymize it so that Clients can no longer be identified from it.
11. How we protect your personal data?
We take appropriate technical and organisational measures (policies and procedures, IT security etc.) to ensure the confidentiality and integrity of your personal data and the way it's processed. We apply an internal framework of policies and minimum standards across all our business to keep your personal data safe. These policies and standards are periodically updated to keep them up to date with regulations and market developments.
In addition, BOTS limits access to personal information by our employees, business partners, service providers, and third-party service providers to a ‘need-to-know’ basis. Furthermore, BOTS employees are subject to confidentiality obligations and may not disclose your personal data unlawfully or unnecessarily. To help us continue to protect your personal data, you should always contact BOTS if you suspect that your personal data may have been compromised.