1.Scope This Privacy Notice explains what you can expect from us and what we need from you in relation to your personal data. Please read this carefully as this Notice is legally binding when you use our Papel Services, as defined below.
This Privacy Notice applies to any Papel Services, as defined below, regardless of how you access or use them, including through mobile devices.
We may amend this Privacy Notice at any time by posting the amended version on this site including the effective date of the amended version. We will announce any material changes to this Privacy Notice via email.
2.Definitions As used herein, the following terms are defined as follows:
2.1.“Digital Asset” is a digital representation of value (also referred to as “cryptocurrency,” “virtual currency,” “digital currency,” “crypto token,” “crypto asset,” or “digital commodity”), such as bitcoin, XRP or ether, which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.
2.2.“Papel Account” means a user-accessible account offered via the Papel Services where Digital Assets
2.3.Papel “We,” and “Us” refers to Papel, Inc. and its wholly owned subsidiaries (also referred to collectively as " Papel" "we" or "us").
2.4.“Personal Information” or “Personal Data” or “your data” refers to any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of you as a natural person.
3.How do we protect your personal information?
We are serious about guarding the privacy of your Personal Information and work hard to protect Papel and you from unauthorized access to, or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption with SSL; the availability of two-factor authentication at your discretion, and periodic review of our Personal Information collection, storage, and processing practices. We restrict access of your Personal Information only to those Papel employees, affiliates, and subcontractors who have a legitimate business need for accessing such information. We continuously educate and train our employees about the importance of confidentiality and privacy of customer information. We maintain physical, electronic, and procedural safeguards that comply with the relevant laws and regulations to protect your Personal Information from unauthorized access.
Unfortunately, despite best practices and technical safeguards, the transmission of information via the internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data during transmission, and any acts of transmission are at your own risk.
4.Information we may collect about you
4.1. Information you give us.
When using the Papel Services, we may collect and use the following data about you:
Full legal name;
Home address, including country of residence;
Mobile phone number;
Date of birth;
Proof of identity (e.g., driver’s license, passport, or government-issued identity card);
U.S. Social Security Number or any comparable identification number issued by a government;
Other Personal Information or commercial and/or identification information – Whatever information we, in our sole discretion, deem necessary to comply with our legal obligations under various anti-money laundering (AML) obligations, such as under the European Union’s 4th AML Directive and the U.K. Bank Secrecy Act (BSA).
4.2. Information we collect about you automatically.
Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
Log Information – Information that is generated by your use of Papel Services that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;
Account Information – Information that is generated by your Papel account activity including, but not limited to, instructions regarding funding and disbursement, orders, trades, and account balances;
Correspondence – Information that you provide to us in written or oral correspondence, including opening a Papel account, and with respect to ongoing customer support; and logging of phone numbers used to contact us.
4.3. Information we receive about you from other sources.
We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties and may receive information about you from them. For example:
The banks you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details;
Business partners may provide us with your name and address, as well as financial information;
Advertising networks, analytics providers and search information providers may provide us with anonymized or de-identified information about you, such as confirming how you found our website;
Credit reference agencies do not provide us with any personal information about you, but may be used to corroborate the information you have provided to us.
4.4. General Provisions
Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned. If you are located within the EEA, this Information will not be retained without your consent.
In providing the personal data of any individual (other than yourself) to us during your use of the Papel Services, you promise that you have obtained consent from such individual to disclose his/her personal data to us, as well his/her consent to our collection, use and disclosure of such personal data for the purposes set out in this Privacy Notice.
5. Uses of Personal Data
Below we set forth in a table format, a description of all the ways we use your personal data as stated above, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are, where appropriate.
Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at firstname.lastname@example.org if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below.
To provide the Papel Services:
To carry out our contractual obligations relating to you; including the fulfillment of your orders and trades, the operation of your Papel account and the provision of our support services.
To comply with legal and/or regulatory requirements; including, but not limited to anti-money laundering requirements. To comply with legal and/or regulatory requirements; including, but not limited to anti-money laundering requirements.
To combat against fraud:
To verify your identity to protect against fraud, comply with financial crime laws, and to confirm your eligibility to use our products and services;
To help us make better decisions about how we manage your Papel Account.
To help Papel to market and provide services that interest you:
- To provide you with information about new functionality, features, or services we offer related to, or similar to, the Papel Services;
- To provide you with information about new functionality, features or services we feel may interest you;
- To make suggestions and recommendations to you and other users of Papel Services;
- To process applications for Papel Accounts services, including making decisions about whether to agree to approve any applications.
To keep the Papel Services available and properly functioning;
- To administer internal operations necessary to Papel Services, including troubleshooting, data analysis, testing, research, statistical, and survey purposes;
- To notify you about changes to our service, changes to our terms and policies, and as part of our efforts to keep the Papel Services, safe and secure
Definitions for Table:
- Legitimate Interest: this means an interest of ours as a business to continue to innovate and improve the Papel Services and offer the most secure experience possible. We make sure to consider and balance any potential impact on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law).
- Fulfilling a Contract: this means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract.
- Our Legal Obligation: this means processing your personal data where it is necessary for compliance with a legal or regulatory obligation that we are subject to
6. Disclosure of your personal information
We may share your personal information with selected third parties including:
Affiliates, operational and business partners, suppliers and sub-contractors for the performance and execution of any contract we enter into with them or you;
Analytics and search engine providers that assist us in the improvement and optimization of our site; and
Our group entities or subsidiaries.
We may disclose your personal information to third parties when:
We sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets in order to continue the services for which you have contracted;
We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms of Service and other applicable agreements; or to protect the rights, property, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
We conduct or cooperate in investigations of fraud or other illegal activity whenever we believe it is reasonable and appropriate to do so;
We seek to prevent and detect fraud and crime;
We receive a lawful subpoena, warrant, court order, or as otherwise required by law;
We seek to protect Papel from financial and insurance risks;
We seek to recover debt or in relation to your insolvency; and
We seek information necessary to maintain or develop customer relationships, services and systems.
We do not maintain a published list of all of the third parties with whom we share your personal information with, as this would be heavily dependent on your specific use of our Services. However, if you would like further information about who we have shared your personal information with, or to be provided with a list specific to you, you can request this by writing to email@example.com
7. Profiling and automated decision making
We may in some instances use your personal data, such as your country of residence and trade history, in order to better address your needs. For example, if you frequently trade in a specific virtual currency, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected, and we only use anonymous or de-identified data.
We may use Automated Decision Making (ADM) in order to improve your experience, or to help fight financial crime. For example, so that we can provide you with a fast and efficient service, we may use ADM to verify your identity documents, or to confirm the accuracy of the information you have provided to us. None of our ADM processes have a legal effect on you.
8. Privacy when using digital assets and blockchains
Your funding of bitcoin, XRP, ether, and other Digital Assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data.
Because blockchains are decentralized or third-party networks which are not controlled or operated by Papel or its affiliates, we are not able to erase, modify, or alter personal data from such networks.
9. Data Retention
Papel is subject to various legal, compliance and reporting obligations, including BSA or national AML requirements (as defined above), we are required by law to store some of your personal and transactional data beyond the closure of your account with us. Your data is only accessed internally on a need to know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.
We use both session and persistent Cookies. Session Cookies expire when you log out of your account or close your browser. Persistent Cookies remain on your computer or mobile device until deleted or otherwise expire. Most web browsers are set to accept Cookies by default. You are free to decline most of our session Cookies if your browser or browser add-on permits but choosing to remove or disable our Cookies may interfere with your use and functionality of the Papel Services.
11. Your choices
Email Communications – Subject to applicable laws and regulations, we may from time to time send communications promoting services, products, facilities, or activities to you using information collected from you. When you create a Papel Account you are agreeing to opt-in to all communications from us. We will provide you with an opportunity to opt-out of newsletter communications.. We will never provide your Personal Information to third parties for direct marketing or other unrelated purposes without your written consent. Unfortunately, we are unable to allow you to opt-out of the emails we send you for certain legal or administrative purposes.
Cookies – You may decline session cookies if your browser or browser add-on permits but choosing to remove or disable our cookies may interfere with your use and functionality of the Papel Exchange Services.
Right of Rectification – You have the right to correct any personal information We hold on you that is inaccurate, incorrect, or out of date.
Right of Erasure – You have the right to ask us to delete your data when it is no longer necessary, or no longer subject to a legal obligation to which Papel is subject to.
Portability – You may have the right to transfer certain of your personal data between data controllers, for example, to move your account details from one online platform to another.
Location Information – You may be able to stop the collection of location information through your device settings or by following the standard uninstall process to remove our applications from your device; however, because such data is used by us to meet legal requirements, as well as for ongoing fraud and risk monitoring purposes, choosing to remove or disable location services may interfere with your use and functionality of the Papel Services.
12. Access to information
Subject to applicable laws, you may have the right to access information we hold about you. Your right of access can be exercised in accordance with the relevant data protection legislation. For further information, please contact firstname.lastname@example.org
13. Changes to this Privacy Notice
Any changes we may make to our Privacy Notice will be posted on this page and, where appropriate, notified to you by email. Please check back frequently to see any updates or changes to our Privacy Notice.
14. Protection of Minors
Papel Services are not directed to persons under the age of 18, hereinafter “Minors” and we do not knowingly collect personal information from Minors. If we learn that we have inadvertently gathered personal information from a Minor, we will take legally permissible measures to remove that information from our records. Papel will require the user to close his or her account and will not allow the use of Papel Services. If you are a parent or guardian of a Minor, and you become aware that a Minor has provided personal information to Papel, please contact us at email@example.com and you may request to exercise your applicable access, rectification, cancellation, and/or objection rights.
Any questions, comments and requests regarding this Privacy Notice are welcomed and should be addressed to firstname.lastname@example.org
If you feel that we have not addressed your questions or concerns adequately, you may contact your data controller.