HXR Privacy Policy
This Privacy Policy is effective as of July 20, 2022
1. INTRODUCTION
HXR QUANT HOLDINGS LIMITED (“HXR”, “we”, “us” or “our”) provides software as a service, which allows you to utilize several functionalities for managing their cryptocurrency holding across different accounts, including SmartTrade Terminal and automated Trading Bots. This Privacy Policy explains the principles on how HXR QUANT HOLDINGS LIMITED as the personal data controller collects and processes your (“you”) personal data when you visit the website https://hxr.com (“Website”) and in relation to the provision of the Software. In case you act as the Signals Provider, please see our privacy notice for signals providers.
Capitalised terms used in this Privacy Policy are used in the meaning given to them in the Terms of Use unless otherwise expressly set out herein.
2. DATA WE COLLECT
We have set out in the table below the categories of personal data we collect and use about you:
| Category of personal data | Data collected | |
|---|---|---|
| When you visit our Website or contact with us | Technical Data | |
| Upon visiting our Website, we process technical data related to your usage of the Website, including but not limited to IP address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, referring URL, access tokens, session key, amount and state of transferred data, and other statistics. This information can be related to you, therefore, Personal Identification Information can be processed as well. These data may also be processed as anonymized statistical data. | ||
| Cookie Data | ||
| Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory. | ||
| We apply cookies on the Website, for optimising the Website and its functionalities. | ||
| Communication Data | ||
| In case you interact with us via our Website live chat, e-mails and sign-up forms, HXR Facebook page, HXR Youtube channel, HXR Twitter page, HXR Telegram group, HXR Telegram channel or any other official social media account, we process, in addition to Personal Identification Information (limited in case of contacting via social media), also the contents of your message. | ||
| When you use the Software | Personal Identification Information | |
| Name, e-mail address, 2FA key, IP address, KYC token, language, Gravatar image, if you choose to sign up via Facebook, we collect your Facebook UID, Facebook profile name, Facebook e-mail. | ||
| Financial and Transaction Data | ||
| Exchange Account username, API key, API secret, passphrase, transaction data (date/time/amount of transaction), transaction request/response, Referral status. | ||
| When you visit our Website or contact with us or use the Software via the Google OAuth | ||
| Personal Identification Information | ||
| For login request we need collect your Google Gmail address. | ||
| Technical Data | ||
| Upon visiting our Website, we process technical data related to your usage of the Website, including but not limited to IP address, device name, operating system version, the configuration of the app when utilizing our Service, the time and date of your use of the Service, referring URL, access tokens, session key, amount and state of transferred data, and other statistics. This information can be related to you, therefore, Personal Identification Information can be processed as well. These data may also be processed as anonymized statistical data. | ||
| Cookie Data | ||
| Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to your browser from the websites that you visit and are stored on your device’s internal memory. | ||
| We apply cookies on the Website, for optimising the Website and its functionalities. | ||
| Communication Data | ||
| In case you Login our Website or use the Software via the Google OAuth then interact with us via our Website live chat, e-mails and sign-up forms. We process, in addition to Personal Identification Information, also the contents of your message. | ||
| Financial and Transaction Data | ||
| Exchange Account username, API key, API secret, passphrase, transaction data (date/time/amount of transaction), transaction request/response, Referral status. | ||
The personal data we process is collected from one of the following sources:
- he data is disclosed by you directly to us;
- we receive the data from your Exchange Account provider due to you connecting your Exchange Accounts to the Client Account;
- we receive the data from social media service provider due to you registering or contacting with us via your existing social media account;
- we receive the data from the payment service provider due to you concluding the Purchase Agreement and paying for the Subscription;
- we receive Technical Data automatically from your browser, our servers and systems;
- Google OAuth. For login request we need collect your Google Gmail address when you use Google OAuth to login our Website or use our Software. For more information, please visit Google API Services User Data Policy, All apps that access Google APIs must follow this Policy.
3. What we use your personal data for
We have set out in the table below the reasons why we process your personal data:
| Purpose for processing | Category of personal data processed | Legal basis |
|---|---|---|
| Client authentication | Personal Identification Information | Performance of the Terms of Use |
| Client identity verification (KYC) for recovery | Personal Identification Information | Performance of the Terms of Use |
| Client’s transaction history | Financial and Transaction data | Performance of the Terms of Use |
| Responding to your enquiries and requests submitted via the website, sign-up forms, live chat or e-mail or any social media platforms | Communication Data, however, depending on the nature of your enquiry we can process all the data indicated in Section 2 above | In case your question clearly relates to matters connected to the Terms of Use, Client Agreement or Purchase Agreement we process the data for the performance of the Contract. In other cases, we rely on our legitimate interests in ensuring effective relations management with all the interested parties in our Software and services |
| Client invoicing for the Purchase Agreement or for mediating your payments to Signals Providers (no personal data are shared with Signals Providers) | Personal Identification Information, Financial and Transaction Data | Performance of the Purchase Agreement or our legitimate interest in performing the Signaller Agreement concluded with the Signals Provider |
| Transfer of funds from a payment service provider to your Client Account and making out payments upon your withdrawal request via payment service provider | Financial and Transaction Data, Personal Identification Information | Performance of the Terms of Use |
| Enabling your use of the Trial | Personal Identification Information | Performance of the Trial Terms |
| Enabling the Software and its functionalities | Personal Identification Information, Financial and Transaction Data | Performance of the Terms of Use and if relevant performance of the Purchase Agreement |
| Sending newsletters to your e-mail | Personal Identification Information | Consent |
| Providing you with notifications via your chosen channel (for example, mobile app, e-mail, Website, Telegram Bot) | Personal Identification Information | Consent given for the specific notification channel |
| Direct marketing campaigns - Client marketing campaigns in relation to the Software, its functionalities and products already provided to you | Personal Identification Information, Financial and Transaction Data (mainly the transaction activity) | Our legitimate interest in providing you with information relating to the services and products you have previously sourced from us |
| Processing data for predictive analytics and insights, improvement and development of the Software | All of the data categories indicated in Section 2 above | Our legitimate interest in improving and developing the Website and the Software within the course of our business activities or performance of the Terms of Use |
| Diagnosing and repairing technical issues related to the Software and the Website | Technical Data | Our legitimate interest in providing data security and preventing fraudulent actions related to the Software and the Website; ensuring the functioning of the Software and the Website |
| Storing information containing personal data in backup systems | All of the data categories indicated in Section 2 above | Our legitimate interest in ensuring the security of data processing operations |
| Data disclosures to potential acquirers of HXR business, including legal advisors, auditing service providers in case of a merger, acquisition or selling the whole or part of our business | All of the data categories indicated in Section 2 above | Our legitimate interest in ensuring proper due diligence process and business continuity |
| Data disclosures to our service providers | All of the data categories indicated in Section 2 above | Our legitimate interest in utilising the information technology infrastructure and services provided by our co-operation partners |
| Mandatory disclosures to law enforcement and data protection authorities | All of the data categories indicated in Section 2 above | Performance of our legal obligation |
4. SHARING YOUR PERSONAL DATA
Any data you provide will not be publicly displayed or shared to other Website visitors or clients. Certain employees of HXR have access to personal data to the extent necessary for the performance of their work duties.
We use third party processors and separate data controllers to help provide our service. They will have access to your personal data as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose or use it for other purposes.
We have set out in the table below the reasons why and with whom we share your personal data:
| Categories of Recipients | Reason for sharing | Type of recipient |
|---|---|---|
| Service providers | We work with service providers that work on our behalf which may need access to certain personal data to provide their services to us. These companies include those we have hired to operate the technical infrastructure that we need to provide service, assist in protecting and securing our systems and services, and help market our service. Standard contractual clauses, or other applicable means, are applied to ensure the safeguard of the transfer. | Data processors |
| Advertising partners | We work with advertising partners to enable us to customize the advertising content you may receive. These partners help us deliver more relevant ads and promotional messages to you, which may include interest-based advertising (also known as online behavioral advertising), contextual advertising, and generic advertising. We and our advertising partners process certain personal data to help us understand your interests or preferences so that we can deliver advertisements that are more relevant to you. Standard contractual clauses, or other applicable means, are applied to ensure the safeguard of the transfer.We also provide you promotional e-mail campaigns related to our services (educational videos etc.) by using e-mail campaign service provider. In order to do this we may transfer your e-mail address to such service provider so that they can send you the materials. | Data Processors |
| Professional advisors (legal advisors, accounting etc. bound to confidentiality) | In case not operating as data processors, the legitimate interests in conducting and supporting our regular business activities. | Data Processors |
| Potential business acquirers and business transferee(s) | If necessary and required for successfully transferring our business or for the purposes of mergers and acquisitions, your Personal data may be disclosed to the specified acquirers and their representatives and / or legal counsels.This is done based on our legitimate interests to sell and reorganize our business activities. | Separate data controllers |
In addition to the information provided in the table above, in some cases, we may transfer your personal data. We shall opt to use special personal data protection safeguards, in order to ensure the safety of your personal data, and all the transfer or sharing must be under the law.
5. ENSURING THE SECURITY OF PERSONAL DATA
We have taken necessary technical and organizational security measures to protect your personal data against accidental or unlawful destruction, loss or alteration and against the unauthorized disclosure, abuse or other processing in violation of applicable law. We also encourage you to take measures to ensure the safety of your personal data. In particular, we advise you not to share your personal data with us or any of our partners via any public forums or other public channels, unless you acknowledge and accept that relevant data will be publicly accessible.
6. RETENTION AND DELETION OF PERSONAL DATA
Your personal data (all data categories mentioned in Section 2) shall be stored insofar as reasonably necessary to attain the objectives stated in Section 3 above, or until the legal obligation stipulates that we do so. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the processing purposes and whether we can achieve these purposes through other means, and applicable statutory obligations. Whilst retaining the personal data, we take into account the viable need to resolve disputes and enforce the contract between us or anonymize your personal data and retain this anonymized information indefinitely.
In case any of the data stipulated in Section 2 above is needed for purposes of protection against ongoing or threatened disputes, we shall retain the related data as long as the dispute is solved.
After the expiry of the retention period determined above or the termination of the legal basis for processing purpose, we may retain the materials containing the personal data in the backup systems, from which the respective materials will be deleted after the end of the backup cycle. We ensure that during the backup period appropriate safeguards are applied and the backed-up materials are put beyond use.
7. YOUR RIGHTS AND PREFERENCES
Under data protection law, you have rights including:
-
- Right to be informed and to access. You may get information regarding your personal data processed by us.
-
- Right to data portability. You have the right to receive your personal data from us in a structured, commonly used and machine-readable format. Moreover, you may request that the personal data is transmitted to another controller. Bear in mind that these can only be done if that is technically feasible.
-
- Right to erasure. You the right to have personal data we process about you erased from our systems if the personal data are no longer necessary for the related purposes.
-
- Right to object and restrict. You have the right to object to the processing of your personal data and restrict it in certain cases.
-
- Right to rectification. You have the right to make corrections to your personal data in certain cases.
-
- Right to withdraw consent. When you have given us consent to process your personal data, you may withdraw said consent at any time.
-
- Right to contact the supervisory authority. If you are not satisfied with our response to your request in relation to Personal Data or you believe we are processing your Personal Data not in accordance with the law, you can submit your claim to the relevant authorities in the British Virgin Islands.
To exercise any of the abovementioned rights, please contact our customer support team via e-mail indicated in Section 8 below.
Please note that in case you are requesting to use the above described rights or any other rights related to our services, on someone elses name (legal representative, close relative of deceased customer etc), we have the right to ask additional information from you to prove the authorization for such request (signed authorization from customer, requestor ID, death certificate etc.).
Such additional information is required to protect our customers’ personal data and financial interests.
8. OTHER IMPORTANT INFORMATION
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any changes. We will notify you of any changes by posting the new Privacy Policy on this page.
This policy is effective as of 2022-07-20
Newsletter, notifications and direct marketing campaigns
With your explicit consent, you may be subject to direct marketing campaigns, we may send you our newsletter or provide you with notifications. You may opt out of the direct marketing campaigns, newsletters and notifications on your account settings. We may also provide you with news, special offers and general information about other goods, services and events which we offer that are similar to those that you have already purchased or enquired about unless you have opted not to receive such information.
Dispute resolution
If you have questions, please contact us at support@hxr.com. Disputes relating to the processing of personal data are settled through our customer support. We may amend or modify this Privacy Policy from time to time to reflect changes in the way we process personal data.
Age limitations
We do not knowingly collect any information from individuals under 18 years of age. If we discover a user of being younger than 18 years old we will require the user to close their account and we will take steps to delete any collected information as soon as possible.
HXR QUANT HOLDINGS LIMITED