AML Crypto
Policy on the Processing and Protection of Personal Data
(Privacy Policy)
Last updated: July 17, 2024
INTRODUCTION
This Privacy Policy explains how AML Crypto LLC, TIN 9 731 092 966 / PSRN 1 227 700 289 695 (the "Company", "we", "us", "our" or the "Operator") collects, uses, discloses and otherwise processes your Personal Data, and sets out your rights in relation to Personal Data.
We provide you with access to our website at https://amlcrypto.io/ (the "Website"), as well as products, services and any supporting materials available on the Website, including Risk Assessment, Fraud Investigation and any other products and services (each a "Service" and collectively the "Services" or the "Service"). While using the Services or interacting with us in any way (for example, by communicating with us by email), you may provide us with your Personal Data. This Privacy Policy explains how we process and protect your Personal Data.
"Personal Data" means information that relates to you, describes you or identifies you. This may include your name, date of birth or email address, as well as other information.
This Privacy Policy applies to your use of our Services. You agree to comply with this Privacy Policy by accepting it through any of the following actions: clicking an acceptance button, checking a checkbox, directly using the Services, visiting the Website, or accepting and/or fulfilling a separate order. If the User does not agree with this Policy, the User must stop using the Website.
Capitalized terms shall have the same meaning as defined in the Terms of Use available at btrace.amlcrypto.io/ru/terms_of_use.
Relations associated with the processing of Users' personal data are governed by Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (the "Personal Data Law"), as well as other regulatory legal acts of the Russian Federation in the field of personal data and applicable international legal acts.
In addition to this Policy, the User and the Operator also enter into a User Agreement containing all necessary and material terms for granting access to and using the service (the "User Agreement"). The User Agreement is available at: amlcrypto.io/ru/terms_of_use
Personal data is processed in compliance with the following principles:
"Personal Data" means information that relates to you, describes you or identifies you. This may include your name, date of birth or email address, as well as other information.
This Privacy Policy applies to your use of our Services. You agree to comply with this Privacy Policy by accepting it through any of the following actions: clicking an acceptance button, checking a checkbox, directly using the Services, visiting the Website, or accepting and/or fulfilling a separate order. If the User does not agree with this Policy, the User must stop using the Website.
Capitalized terms shall have the same meaning as defined in the Terms of Use available at btrace.amlcrypto.io/ru/terms_of_use.
Relations associated with the processing of Users' personal data are governed by Federal Law No. 152-FZ dated July 27, 2006 "On Personal Data" (the "Personal Data Law"), as well as other regulatory legal acts of the Russian Federation in the field of personal data and applicable international legal acts.
In addition to this Policy, the User and the Operator also enter into a User Agreement containing all necessary and material terms for granting access to and using the service (the "User Agreement"). The User Agreement is available at: amlcrypto.io/ru/terms_of_use
Personal data is processed in compliance with the following principles:
- lawfulness and fairness;
- limiting the processing of personal data to the achievement of specific, predetermined and lawful purposes (as well as preventing the processing of personal data incompatible with the purposes for which the personal data was collected; preventing the combination of databases containing personal data whose processing is carried out for mutually incompatible purposes; and processing only personal data that meets the purposes of its processing);
- ensuring that the content and scope of processed personal data correspond to the stated purposes of processing (as well as preventing the processing of personal data that is excessive in relation to the stated purposes of processing);
- ensuring the accuracy, sufficiency and relevance of personal data in relation to the purposes of personal data processing;
- storing personal data no longer than required by the purposes of processing (as well as destroying or anonymizing personal data upon achievement of the purposes of processing or if the need to achieve those purposes is lost, where it is impossible for the Operator to remedy violations of personal data, unless otherwise provided by federal law).
INFORMATION WE MAY COLLECT
When you use or access the Services, send us a message and/or your Fraud Investigation request, participate in telephone calls with us and/or take part in the process of providing the Services, you may enter Personal Data into the Service and/or transfer it directly to us.
We collect the following categories of data about you, your requests and the situations that are the subject of fraud-related investigations, voluntarily provided by you:
The Operator does not process:
Based on the above, we ask you to refrain from providing us with information concerning racial or ethnic origin, sexual orientation, religious or other similar beliefs, as well as physical or mental health, including information concerning disability.
The Operator does not verify the accuracy of personal data provided by the User and is not able to assess the User’s legal capacity.
The Operator does not control and is not responsible for third-party websites that the User may access through links available on the Operator’s Website.
We record, store and process Personal Data of users accessing the Service from Russian IP addresses on the territory of the Russian Federation.
We collect the following categories of data about you, your requests and the situations that are the subject of fraud-related investigations, voluntarily provided by you:
- Profile information, which may include full name, date of birth, gender, email address, postal address and telephone number.
- Supporting information, which may include the content of requests or correspondence that we may receive from you during technical support related to the provision of the Services.
- Feedback information, which may include information provided to us for the publication of reviews of the Services or received during participation in an optional survey.
- Other information that you enter, post, forward or send on our Service or through other communication methods (photos and videos, third-party usernames and information contained in messages you send to us by email or in any other form).
The Operator does not process:
- special categories of personal data;
- personal data concerning racial or ethnic origin, political opinions, religious or philosophical beliefs, health status, or intimate life of a personal data subject;
- biometric personal data, meaning data concerning a person’s physiological and biological characteristics on the basis of which that person can be identified and which is used by the Operator to identify the User.
Based on the above, we ask you to refrain from providing us with information concerning racial or ethnic origin, sexual orientation, religious or other similar beliefs, as well as physical or mental health, including information concerning disability.
The Operator does not verify the accuracy of personal data provided by the User and is not able to assess the User’s legal capacity.
The Operator does not control and is not responsible for third-party websites that the User may access through links available on the Operator’s Website.
We record, store and process Personal Data of users accessing the Service from Russian IP addresses on the territory of the Russian Federation.
WHAT WE DO WITH PERSONAL DATA
As the Operator, we process personal data — that is, we perform any action (operation) or a set of actions (operations) with personal data. Processing is carried out both with and without the use of automation tools. Personal data processing includes:
The Operator processes personal data both with and without the use of automation tools (a mixed method).
The Operator collects personal data:
The period of processing and storage of personal data is limited by:
- collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, anonymization, blocking, deletion and destruction of personal data;
The Operator processes personal data both with and without the use of automation tools (a mixed method).
The Operator collects personal data:
- when the User registers (creates an account);
- when the Website and the service are used, either automatically or when the User, on the User’s own initiative, provides additional personal data while using the Website.
The period of processing and storage of personal data is limited by:
- achievement of the purposes of personal data processing and storage; or
- the term of the User’s consent to personal data processing — including consent given for the processing of personal data for the purpose of informing the User about new products and services, special offers and various events related to the Operator’s activities.
Information Received from Third Parties
We may receive information about you from other users, third-party services, publicly available social networks, blockchain transactions or publicly available databases. For example, social networks may display your mailing address, email address or telephone number.
Information Collected Automatically
Some information is collected automatically when you use or visit our Service. This information does not reveal your identity (for example, your name or contact information), but may include information about your device, its use and other technical information. This information helps us maintain security, optimize the Services to your needs and simplify customer support.
The tracking technologies we use to collect this information include cookies, web beacons, flash cookies, embedded scripts, location-detection technologies, pixel images and other similar technologies.
Tracking technologies automatically collect the following categories of data:
The tracking technologies we use to collect this information include cookies, web beacons, flash cookies, embedded scripts, location-detection technologies, pixel images and other similar technologies.
Tracking technologies automatically collect the following categories of data:
- Browser information: information automatically sent by your browser when you use the Services, including IP address, browser type, browser language, settings and ways in which the Services are used.
- Device information: information about the device you use, which may include the type, model and manufacturer of the device, the brand and model of the device’s operating system, the device hard drive, operating system version, and information about the location of your device.
- Usage information: information about your use of the Services, including patterns, time and date of use of the Services.
- Analytics information: general information about traffic and areas of use of the Services.
Purposes for Which We Use Personal Data
We use Personal Data collected through our Service for the following purposes:
- entering into and performing agreements to which the User is a party, beneficiary or guarantor, as well as entering into agreements at the User’s initiative;
- using the Website in accordance with its functional purpose, creating an account, fulfilling User requests, sending notices and information related to the use of the Website in response to User requests, providing the User with effective customer and technical support when issues arise in connection with the use of the Website, and identifying behavior patterns and areas of use;
- providing Risk Assessment and Fraud Investigation Services at your request;
- conducting marketing communications, including sending marketing emails that we believe may be of interest to you; informing you of changes to the Services; sending messages about new features or promotions that may interest you;
- ensuring security; identifying, preventing and responding to potential or actual security incidents; and protecting against other unlawful actions;
- processing User requests for access to personal data, requests to clarify or destroy personal data, other requests and inquiries, and performing other obligations of the Operator;
- for the purposes of exercising the rights and legitimate interests of the Operator or third parties, including determining the User’s location to ensure security, prevent fraud, and confirm the accuracy and completeness of personal data provided by the User.
DISCLOSURE OF PERSONAL DATA
Disclosure of Personal Data to Third Parties
We do not sell, transfer or otherwise disclose your Personal Data, except in the following cases:
The Operator uses third-party services that may process Users' personal data. The services are used to improve the quality of the Operator’s services and service experience, the Website and its usability, and to develop new functionality, including through analysis of usage results.
The Operator does not plan or carry out cross-border transfer of Users' personal data.
- to protect our rights and the rights of users, to prevent a crime, or when disclosure of Personal Data is permitted in communications with public authorities and third parties during the conduct of a Fraud Investigation — to public authorities and third parties;
- to Service providers, when they require access to your Personal Data to provide services to us, which may include web hosting, debugging, payment processing, email and performance improvement;
- upon obtaining the User’s separate consent — to marketing partners, including advertising and social networks, retargeting partners and marketing communications providers, for the purpose of informing you about and offering you our products and services.
The Operator uses third-party services that may process Users' personal data. The services are used to improve the quality of the Operator’s services and service experience, the Website and its usability, and to develop new functionality, including through analysis of usage results.
The Operator does not plan or carry out cross-border transfer of Users' personal data.
Disclosure of De-Identified Information
We may disclose de-identified information to any third party without notice. De-identified information means information that does not allow an individual user to be identified, such as aggregated, anonymized or de-identified information about the use of the Services. Such information is not Personal Data.
YOUR RIGHTS IN RELATION TO PERSONAL DATA
Withdraw Consent to Personal Data Processing
Consent to personal data processing for advertising purposes (for the purpose of informing about new products and services, special offers and various events related to the Operator’s activities) may be withdrawn by the User at any time.
The User may send a withdrawal of consent to the Operator at legal@amlcrypto.io, indicating "Personal Data" in the subject line. The User may also withdraw consent by another method.
When the Operator receives a withdrawal of consent to personal data processing, the Operator loses the right to continue processing the User’s personal data, except in cases where the Operator is required to continue processing personal data in accordance with legal requirements. The Operator loses the right to process personal data within the scope specified in the User’s consent.
The User may send a withdrawal of consent to the Operator at legal@amlcrypto.io, indicating "Personal Data" in the subject line. The User may also withdraw consent by another method.
When the Operator receives a withdrawal of consent to personal data processing, the Operator loses the right to continue processing the User’s personal data, except in cases where the Operator is required to continue processing personal data in accordance with legal requirements. The Operator loses the right to process personal data within the scope specified in the User’s consent.
Access Personal Data
The User has the right to receive information concerning the processing of the User’s personal data, including information containing:
To obtain information concerning Personal Data processing, the User must send the Operator a request for access to personal data.
The request must specify:
A request for access to Personal Data shall be sent to legal@amlcrypto.io.
The Operator responds to the request at the email address from which the request was received.
- confirmation of the fact of personal data processing;
- legal grounds and purposes for personal data processing;
- the purposes and methods of personal data processing applied by the Operator.
To obtain information concerning Personal Data processing, the User must send the Operator a request for access to personal data.
The request must specify:
- the series and number of the document identifying the User;
- information about the date of issue and the authority that issued the document identifying the User;
- information confirming the fact of personal data processing.
A request for access to Personal Data shall be sent to legal@amlcrypto.io.
The Operator responds to the request at the email address from which the request was received.
Clarify or Destroy Personal Data
If Personal Data is:
Users have the right to:
If unlawful processing of personal data is identified, the Operator must stop the unlawful processing and destroy the unlawfully processed personal data.
Requests to clarify or destroy personal data must be sent to legal@amlcrypto.io.
The Operator responds to requests concerning clarification or destruction of personal data at the email address from which the request was received.
- incomplete, outdated or inaccurate;
- unlawfully obtained;
- not necessary for the stated purpose of processing.
Users have the right to:
- independently change personal data about themselves through their personal account on the Website (where applicable);
- send the Operator a request to clarify or destroy personal data.
If unlawful processing of personal data is identified, the Operator must stop the unlawful processing and destroy the unlawfully processed personal data.
Requests to clarify or destroy personal data must be sent to legal@amlcrypto.io.
The Operator responds to requests concerning clarification or destruction of personal data at the email address from which the request was received.
DESTRUCTION OF PERSONAL DATA
Upon achievement of the purposes of processing, the Operator stops Processing and ensures the destruction of Personal Data within the period established by:
The Operator stops Processing personal data if the fact of unlawful processing is discovered, within 3 business days from the date of discovery.
If the User withdraws consent to Personal Data Processing and the Operator has no other grounds, the Operator stops processing and ensures the destruction of personal data.
If the User withdraws consent to personal data processing, the Operator immediately stops processing personal data collected for advertising purposes (promotion of goods, works and services on the market through direct contact with a potential consumer using communication means).
Destruction of personal data means deletion of personal data from the Operator’s servers in the case of automated processing and/or destruction of physical media in the case of non-automated processing, as a result of which restoration of the content of personal data becomes impossible.
- the Operator’s internal documents;
- consents to personal data processing.
The Operator stops Processing personal data if the fact of unlawful processing is discovered, within 3 business days from the date of discovery.
If the User withdraws consent to Personal Data Processing and the Operator has no other grounds, the Operator stops processing and ensures the destruction of personal data.
If the User withdraws consent to personal data processing, the Operator immediately stops processing personal data collected for advertising purposes (promotion of goods, works and services on the market through direct contact with a potential consumer using communication means).
Destruction of personal data means deletion of personal data from the Operator’s servers in the case of automated processing and/or destruction of physical media in the case of non-automated processing, as a result of which restoration of the content of personal data becomes impossible.
DATA SECURITY
The Operator takes organizational and technical measures aimed at ensuring the security of Users' personal data, including:
The personal data collected and processed is located on servers in the territory of the Russian Federation. This ensures the Operator’s compliance with the requirements of legislation on the localization of personal data of citizens of the Russian Federation within the territory of the Russian Federation.
- identifying threats to the security of personal data during its processing;
- adopting local regulations and other documents governing relations in the field of personal data processing and protection;
- appointing persons responsible for ensuring the security of personal data in the Operator’s structural divisions and information systems;
- creating the necessary conditions for working with personal data;
- organizing the accounting of documents containing personal data;
- organizing work with information systems in which personal data is processed;
- storing personal data under conditions that ensure its preservation and prevent unauthorized access to it;
- organizing training for the Operator’s employees who process personal data.
The personal data collected and processed is located on servers in the territory of the Russian Federation. This ensures the Operator’s compliance with the requirements of legislation on the localization of personal data of citizens of the Russian Federation within the territory of the Russian Federation.
CHILDREN'S PRIVACY
You must be at least 18 years old to register for and use the Services. Our Services are not intended for persons under 18 years of age, and we do not intend to collect or request personal information from such persons. If you are under 18, please do not use the Services or otherwise provide us with any personal information, whether directly or by other means. If a person under the age of 18 has provided us with personal information, we recommend that the person’s parents or guardians contact us and request that we delete the personal information from our systems. If we learn that any personal information we collect was provided by a person under the age of 18, we will promptly delete that personal information.
CHANGES TO THE PRIVACY POLICY
This Privacy Policy may be updated from time to time. Please check the latest version of the Privacy Policy periodically. If any material changes are made to the Privacy Policy, we will notify you of this. Your use of the Services after any changes to this Privacy Policy are made constitutes your acceptance of any such changes.
QUESTIONS OR CONCERNS?
If you have any questions regarding this Privacy Policy, your privacy or the protection of Personal Data that we store about you, you may contact us at Legal@AMLcrypto.io.