Privacy policy

WALTZER PRIVACY POLICY

Please read our Privacy Policy (hereinafter the “Privacy Policy”) carefully to know what personal data Arch Ventures Pty Limited (trade name of Waltzer), incorporated in Australia with company number ACN 660 159 240, and whose registered office is at C/o KPMG, Level 7, 77 Market Street, Wollongong, NSW 2500, Australia, registered as a Digital Currency Exchange by the Australian Financial Regulator, (hereinafter in the text referred to as “Waltzer”).and its Affiliates (hereinafter “we”, “us”, “our”, “Waltzer”, “the Company”) collect about you (hereinafter “you”, “your”) and how we use it.

Arch Ventures Pty Limited is the Data Controller, which independently determines the purposes and means of processing your personal data.

By opening an Account and using the Waltzers’ website http://waltzer.io/ (hereinafter in the text referred to as the “Website”) and/or a link on applications (that can be downloaded free of charge on the iOS and Android AppStores from your mobile device (hereinafter in the text referred to as the “Platform”), you accept this Privacy Policy and our Terms and Conditions and the practices as described in them, and expressly consent to the processing and storage of your personal data as envisaged by this Privacy Policy. You must be of at least the age of majority in your country of residence and accept our Privacy Policy and our Terms and Conditions before you use the Website and/or the Platform and any or our Services. If you do not agree to this Privacy Policy and/or our Terms and Conditions, do not access and use our Services.

1 DEFINITIONS.

Save where defined elsewhere in this Privacy Policy, the following definitions and rules of interpretation apply in this Privacy Policy. Words with capitalised letters in this Privacy Policy shall have meanings as set out in our Terms and Conditions, which be found here [www.waltzer.io/terms-condition] (“Terms and Conditions”), unless otherwise defined in this Privacy Policy.

• "Account" means an account created by a user in order to use our Services;
• "Affiliate" means any person or entity that directly or indirectly, through one or more intermediaries, controls or is controlled by or is under common ownership or control with another person;
• "Applicable Law" means all laws, law-decrees, legislation, legislative instruments, decrees, orders, regulations, rules, directives, circulars, and decisions which are applicable to a party, or the matters contemplated by our policies;
• "Services" means the services provided to you by us through the Platform and/or the Website which include (i) setting up and maintaining your Account, (ii) executing your Trade Instructions;
• "Third Party Providers"means third parties which might be involved via our Services for instance to enable you to make payments for the purposes of the Trades (this may include a payment gateway provider).Please note that any transactions or communications between you and one of our Third Party Providers shall be exclusively between you and that Third Party Provider. By using the Platform and/or the Website you will be connected with Third Party Providers to enable you to execute Trade Instructions. Waltzer does not provide any of the services provided by the Third Party Providers, nor does Waltzer provide any warranty, guarantee or recommendation with regard to the Third Party Providers or the services you receive from the Third Party Providers;
• Trade"Trade" means the buying or selling of a cryptocurrency using our Services;
• "Trade Instruction" means an Instruction to us to (i) convert fiat to a cryptocurrency (buy instruction) or (ii) to sell cryptocurrency in exchange for fiat (sell instruction) or (iii) to convert a cryptocurrency into another cryptocurrency;
• "Website" means the website associated with our Services which is currently http://waltzer.io/.

2 SCOPE OF THIS PRIVACY POLICY.

This Privacy Policy and the Terms and Conditions applies to the personal data we collect from you when you use the Platform, visit our Website or contact us.

The Privacy Policy does not apply to personal data:

• that we receive from third party companies, Third Party Providers or other organizations;
• that we may share with third parties in accordance with this Privacy Policy and our Terms and Conditions to enable you, as part of our Services, to use third party services via our Platform and/or Website, such as Third Party Providers. You should read the privacy policy for any third party company, Third Party Providers, or organisation to whom you provide your personal data to understand how your Personal Data will be treated.

3 WHAT PERSONAL DATA WE COLLECT AND HOW WE COLLECT IT.

3.1 What Personal Data We Collect

The personal data collected by us may include, without limitation:

• Location data from your mobile phone;
• Your device IP address;
• Your usage data (for example pattern recognition);
• Your email address;
• Your biometric data;
• Full name;
• Date of birth;
• Gender;
• Phone number;
• Tax number;
• Document number, date of expiry, date of issue;
• Address; and
• Any data that may be included into the Identification Documents, financial documents (bank statement, tax return, source of funds/source of wealth), employment agreement and any other documents of any kind that you may provide in order to use our Services.

Bank card data. We also process technical information when you use our Platform and/or Website or Services, which may include personal data, as follows:

• City ($ city) - The city of the sender event is parsed from the IP property or the latitude and longitude of the property. Refer to Geo Source ($geo_source) for more information;
• Region ($region) - The region of the event sender, parsed from the IP property or latitude and longitude properties. See Geo Source ($geo_source) for more information;
• Country (mp_country_code) - The country of the event sender, parsed in the IP property or the Latitude and Longitude properties. See Geo Source ($geo_source) for more information;
• Geo Source ($geo_source) is a method for specifying values for the Country, Region, and City properties. If the value is zero, the location properties were defined via the IP property ($ip); If "reverse_geocoding", the location properties were defined using the Latitude ($latitude) and Longitude ($longitude) properties;
• Time Zone ($timezone) - The time zone of the event sender, parsed by IP;
• Browser version ($browser_version) - Browser version number;
• Browser ($browser) - Browser version number (not versioned);/li>
• Initial Referrer ($initial_referrer) - The referring URL on the first entry;
• Initial Referring Domain ($initial_referring_domain) - The referring domain on the first arrival.
• Operating System ($os) - The operating system of the event sender;
• Last Seen ($last_seen) - The last time the User profile property was set or updated (should not be set manually);;
• Device Name ($device) - The name of the event sender's device, if it is on the mobile Internet.
• iOS Device Model ($ios_device_model) - ID of the device model, in the format "iPad 3,4", etc.
• iOS Version ($ios_version) - The current iOS version on the device;
• Device ID ($device_id) - A unique string that identifies the User before the authentication or identification flow. By default, the javascript client-side SDK packages generate $device_id for each unique browser or device. When using the client-side SDKs, $device_id is an event property that requires no additional work. $device_id does not change on the same device.
• Account ID ($device_id) - Waltzer Account number;
• App version ($app_version) - the version of the Platform/Website that the User uses;
• Backup biometric ($backup biometric) - whether the Account access backup procedure was performed using the person's biometric parameters;
• Currency balance ($BTC, ETH, etc.) - the balance of currencies in your Account.

3.2 How We Collect Your Personal Data

We may collect personal data from you through various means. This may include but is not limited to:

• Via the Platform and/or Website when you open an Account or visit or use the Platform and/or Website or any of the Services;
• During any communications you may have with us and our online helplines, which may also be recorded and monitored;
• When you participate in our programs and promotions on social networks;
• When you post a review or comment on one of our social media pages, write a review or other content on our website or mobile service;
• From third parties to help us supplement our records, improve the personalization of our services to you, and detect fraud, including from:
• our Affiliates (companies within our group of companies) who provide services and automated programs to us to support the Platform and/or the Website;
• credit reference, fraud prevention or government agencies;
• payment providers; and
• financial institutions.
• Through first party and third party cookies when you access the Platform or our Website. For more details, please read our Cookie Policy found here [www.waltzer.io/cookie_policy];
• Through automated technologies (services) such as Firebase and Google Analytics. When the Platform and/or Website allow you to use its functions and features, the collection and processing of information is carried out within the framework of these rules and in accordance with the rules of use and policies of the automated technologies (services). You agree to these policies when you use the Platform and/or Website.

4 HOW WE USE YOUR PERSONAL DATA.

By submitting your personal information, you consent to its processing in order for the Company to, for instance, fulfil its obligations to you, to enable you to use the Platform and/or the Website, to keep it secure, to provide you with products and Services, or to personalize our information-sharing relationships.

The personal data which we collect from you may be used for the following purposes (collectively the “Purposes”):

4.1 Necessary Account Administration

It will be necessary for us to use your personal data when you set up your Account and use our Platform and or Website. Examples of such use are as follows:

• To assess and process your application to set up an Account;
• To fulfil any legal obligations we have to you under the Terms and Conditions or otherwise;
• To provide our products and Services to you;
• To provide and administer our Services and your Account throughout your relationship with us, including:
• Opening, setting up or closing your Account;
• Resolving any queries regarding your access to the Platform and/or the Website;
• Contacting you with information relevant to the operation and maintenance of your Account;
• Responding to the feedback and comments you provide to us.

4.2 Legal, Risk and Regulatory Purposes

We may use your personal data to comply with any legal or regulatory requirements on us such as:

• To protect the security and integrity of our Platform and Website, our Services and our business;
• To support our legal functions, such as to execute an agreement to which the personal data subject is a beneficiary, as well as to conclude an agreement under which the personal data subject will be a beneficiary;
• For the purposes of protecting the health or safety of Users.

4.3 For Legitimate Business Interests.

We may use your personal data for legitimate business interests. Examples include:

• To support our business functions, such as performing data analysis, data matching and profiling to support decision-making with regards to our activities;
• To improve our services and for the purposes of staff training (including in particular with regard to recording (as permitted by Applicable Law) conversations and interactions between you and us);
• To perform a contract with you;
  Where it is in our legitimate interests to do so as an organisation, and without prejudicing your interests or fundamental rights and freedoms, to manage our business and financial affairs and to protect our customers, employees and property.

4.4 Marketing.

For example:

• To support our marketing function and send you information about our products, services and promotions;
• To help us personalize our products and service offerings and mobile services.

Please see Section 6 with regard to how you can opt out of such communications.

4.5 Automated Processing.

We may use automated processing. For example, to verify your Account and to set up your Account. Application decisions may be taken based solely on automated checks of information, for example from fraud prevention agencies and our internal records.

Please contact us on as detailed in Section 9 if your application is refused based on such automated processing.

5 HOW LONG WE KEEP YOUR PERSONAL DATA.

We will keep your personal data for as long as is necessary for the Purposes as detailed in Section 4 and in accordance with any legal obligations to which we may be subject. We retain certain personal data after your relationship with us ends (you close your Account) to deal with any post-contractual issues and as required by Applicable Law.

The retention periods we apply to your personal data are determined based on the type of personal data, the nature of the activity for which the personal data is used, the country in which the relevant data subject is located and the applicable local legal or regulatory requirements.

In some cases, we may anonymize your personal data so that you may no longer be identified and such personal data is no longer classified as personal data under the applicable data protection laws.

6 MARKETING.

When you sign up to our newsletter, you will give your consent to hear from us regarding our products and services, news about the cryptocurrency industry or other relevant topics and we will send you information which we believe may be of interest to you by email.

If you change your mind about how you would like us to contact you, or you no longer wish to receive material from us, you can simply unsubscribe from our emails by clicking “unsubscribe” in any emails we have sent.

7 SHARING OF PERSONAL DATA WITH THIRD PARTIES.

We will not sell or rent your personal data. We will not share your personal data with third parties for their own marketing purposes without your permission.

It may be necessary for us to share your personal data with third parties. Examples include:

• Where we use other companies to power our Services or our Platform or our Website. For example to our technology partners who maintain and service our Platform and Website and related technology;
• To the Third Party Providers that may be used through our Platform and/or Website in respect of Trades, such as:
• the third party which is used to transfer your funds;
• the third party which is used to execute your Trade instructions.
• In the event of a merger, sale or reorganization of all or part of our business (including transfers made in bankruptcy proceedings), personal data about you may be transferred to the successor business. We will use reasonable and necessary measures to ensure that any successor business treats your personal data in accordance with this Privacy Policy;
• At your request, we may send a copy of the personal data we process about you to the email address registered in your Account at the time of the request.
• If you ask us to, we will also share your personal data or information with any third party that provides you with account information or payment services. We are not responsible for any such third party’s use of your account information, which will be governed by their agreement with you and any privacy statement they provide to you.

8 CROSS BORDER TRANSFERS

It may be necessary to transfer your personal data or information to our Affiliates, Third Party Providers as well as our service providers who power our Platform and/or Website or provide us with services (for example data storage facilities) who are located outside of the country in which your personal data was collected. Where such transfers are to a country which does not provide an adequate level of protect in accordance with Applicable Law, we shall take such steps as are required under Applicable Law to ensure your personal data is safeguarded.

9 YOUR PERSONAL DATA PROTECTION RIGHTS AND HOW TO CONTACT US

The rights that you have in relation to your personal data will depend upon the data protection regime applicable to you.

You may exercise your rights by contacting us on: DPO@waltzer.io.

When you contact us, be sure to include your full email address as registered against your Account. If you do not include your registered email address, this will delay our ability to respond to your request.

Please ensure that when you contact us your request contains sufficient detail for us to take action. You may be required to provide proof of your identity (to ensure we are dealing with the Account owner) before we can take action.

9.1 Personal Data Portability

In some countries you have a right to personal data portability, meaning that where we have requested your permission to process your personal data or you have provided us with information for the purposes of entering into a contract with us, you have a right to receive the personal data you provided to us in a portable format. You may also request us to provide it directly to a third party, if technically feasible. Where you ask us to transfer your personal data to a third party, we are not responsible for any such third party’s use of your personal data, which will be governed by their agreement with you and any privacy statement they provide to you.

9.2 Personal Data Access, Rectification, Deletion or Update

You can access, rectify, delete or update your personal data, including contact or Account information by:

• Accessing the "account recovery" feature in the Platform or the Website; or
• by contacting us at DPO@waltzer.io .

We will provide you with the requested personal data, make the changes, and/or make the deletion requested, if it is reasonably available/possible, unless it violates the privacy of others and/or it is subject to reasonable restrictions imposed by law, regulations and/or internal procedures.

Please note that in some circumstances we may not be able to provide you with certain information.

We will take reasonable steps to ensure that your personal data is accurate and complete. If you believe that any of the information that we hold about you is inaccurate, please contact us. Please also note that, depending on the nature of your request, we may have to suspend the operation of your Account and/or the products and services we provide to you.

9.3 California residents

Pursuant to the California Consumer Privacy Act of 2018 (CCPA) subject to a submitting a verifiable request to DPO@waltzer.io, if you are a Californian resident you shall have the right to:

• Request that we disclose the categories and specific pieces of personal data we have collected from or about you, as well as, the purpose for which it is collected and categories of third parties with whom that information has been shared;
• Request that we delete any personal data about you which we have collected, unless exceptions apply.

If we sell your personal data, or discloses it for a business purpose to third parties, you have the right to request that we disclose to you the categories of personal data collected, sold or disclosed to third parties.

We shall not sell personal data about a consumer to a third party unless the consumer has received explicit notice and is provided an opportunity to exercise the right to opt-out.

10 HOW WE PROTECT YOUR PERSONAL DATA.

We recognize the importance of keeping our Users' personal data secure. We use reasonable security measures, including physical, administrative and technical security measures to protect your personal data.

We have employees who are responsible for ensuring the security of your information. The measures we take may include access controls or other physical security measures, information security technology and policies, and procedures to help ensure that information is properly deleted.

Here are some examples of security measures we use to protect your personal data:

• Your email address and a login code that will be sent to you by email are required to access your Account;
• An encryption technology called Secure Sockets Layer (SSL) helps protect personal data in certain areas of our Platform/Website during transmission over the Internet. These guidelines may not be present in mobile services that use SSL.

11 LODGE COMPLAINTS.

If you wish to raise a complaint on how we handle your personal data, you can contact our Data Protection Officer in accordance with the procedure set out in Section 9, who will investigate the matter. We hope that we can address any concerns you may have.

However, if you wish to raise a complaint on how we have handled your personal data, you can also contact your relevant government office, for example the Information Commissioner’s Office (ICO - ico.org.uk) if you are a UK customer, or the Federal Trade Commission (FTC) if you are if you are a US customer or contact the State Data Protection Inspectorate ('VDAI') , for Australia contact the Office of the Australian Information Commissioner (OAIC) – oaic.gov.au (if you are an Australian customer).

12 CHILD PRIVACY.

The Company fully recognizes the importance of protecting and respecting the privacy of children, especially in an electronic communication environment. Our Platform and Website are not intended for people under the age of majority. It is our policy never to knowingly collect or maintain the personal data of anyone under the age of majority.

Please contact us if you believe we may have collected personal data from your child through our website by email: DPO@waltzer.io and we will do our best to remove it.

13 HOW WILL YOU KNOW IF THIS PRIVACY POLICY CHANGES?

We reserve the right to change all or part of this Privacy Policy, at any time, by posting a new version of it on our Website or on the Platform itself.

The effective date of the updated Privacy Policy shall be the next business day after the date of publication of the update. The date of publication of the update is specified at the end of this Privacy Policy.

Please check our Website and our Platform periodically for the most recent version of this Privacy Policy. The most current version of this Privacy Policy will be available on our Website and Platform at all appropriate times and will supersede all previous versions of this Privacy Policy. If you provide personal data, information to us, access, or use the Platform or our Website or your Account in any way after this Privacy Policy has been changed, you will be deemed to have unconditionally consented and agreed to such changes.