Introduction

Thank you for visiting Freedx. Your privacy is important to us, and we want you to feel comfortable with how we collect, use and share your personal information. Freedx (FREEDX, S.A. DE C.V., Registration number: 11 of book 4900, Tax identification number: 0623-120724-114-1, Address: Avenida La Revolución, Plaza Presidente, Local 12, Colonia San Benito, San Salvador, San Salvador Centro, El Salvador, Tax Identification Number: 0623-120724-114-1, BTC Service Provider Registration Number: 6701682f9c3ab49e3172dc50, Digital Asset Service Provider Registration Number: PSAD-0043) (the “Freedx”, “we”, “us” or “our”) together with the various parties it works with to provide you with its products and services are committed to protecting and respecting your privacy.

This policy sets out the basis on which any personal data which we will collect from you, or collected about you, on freedx.com website or on our mobile application (collectively, the “Freedx Platform”) or when you communicate with us by our online help chat function, email, telephone or post will be processed. This policy also explains when and why your data is collected, how it is used and disclosed and how it is kept secure.

The products and services referred to in this policy relate to those offered by Freedx and any other third parties we work with to offer our suite of services (together, the “Services”).

Please read the following carefully to understand our views and practices regarding your personal data and how it will be treated.

Freedx will act as a data controller of your personal data which: -

1. You provide to us (see ‘When you create a Freedx account’ and ‘Additional Information’ below) and;
2. Which we may automatically collect about you – for example, details of your browser and operating system, the website from which you visit the Freedx Platform, the pages that you visit on Freedx Platform, the date of your visit, and, for security reasons such as to identify attacks on Freedx Platform, the Internet protocol (IP) address assigned to you by your internet service, location information, etc. We may use Google Analytics to collect tracking information about you.
   

This means that at Freedx, we are responsible for deciding how we hold and use personal data about you, and we are required to notify you about what data we collect and its usage in this policy.

Information we collect about you and how it will be used

When you create a Freedx account

When you sign up for an account on the Freedx Platform, we will need to collect (and in some cases store) some or all of the following details about you:

• Personal identification details such as name, residential addresses (current), date of birth, email address, telephone number(s), tax number (if applicable), ID document such as passport, driving licence or ID card, image or photo of you;
• Corporate details such as legal name, registration details, tax number (if applicable), address, business description, and beneficial owner information;
• Details about your transactions on the Freedx Platform, such as the name of the sender, the name of the recipient, the amount, currency preferences, and payment method;
• Financial details such as credit/debit card numbers and bank account information, income/net assets/wealth verification statements;
• Information required under the applicable laws;

• Other details such as IP address and geolocation.

  We will use this information for the purposes of processing your application. If your application is approved, we will also use this information to create and manage your Freedx account and provide the Services you have requested. If you have consented, we may also provide you with information about our products and services that may be of interest to you, from ourselves and third parties, and future announcements by email.

You will not be able to create a Freedx account or order Services from us without providing this information.

Additional Information

We may also collect additional information from you, including any information you provide through communications with our Customer Support team or when interacting with our chatbots.

Ensuring the lawful use of your personal data

Your personal data will only be used by us or the parties we work with in order to provide you with the Services we are lawfully able to offer. The purposes for which we will use your personal data include:

• Where it is necessary for the performance of the contract with you or to take steps to enter into it. For example, when we need to verify your identity, to provide you with Services, communicating with you, to provide you with updates on the status of your account, complaints handling, and dealing & notifying you of any changes to this statement.
• It is necessary for our legitimate interests or that of a third party. This includes:
  • to to enhance and personalise your visitor experience and otherwise improve our Services;
  • to identify you when you contact us and to correspond and communicate with you;
  • for market research in order to continually improve the Services that we offer and deliver to you;
  • to verify the accuracy of data that we hold about you and create a better understanding of you as a client or visitor;
  • creating a profile of you, which enables us to identify and personalise what products and services to offer to you for marketing purposes;
  • to administer our site, for website analysis and for internal operations, including troubleshooting, testing, statistical purposes;
  • for network and information security in order for us to take steps to protect your information against loss or damage, theft or unauthorised access;
  • for the detection and prevention of abuse, fraud, unauthorized use of the Services, violations of our terms or policies, or other harmful, illegal and criminal activities;
  • to protect our contractual or other legal rights and resolve disputes;
  • for general administration including managing your queries and to send service messages to you.
• It is necessary for compliance with a legal obligation. This includes, but is not limited to, when you exercise your legal rights under data protection law, to verify your identity and comply with anti-money laundering or sanctions laws/ regulations, for the establishment and defence of our legal rights and for compliance with our legal and regulatory responsibilities, law enforcement, governmental, and other legal requests, court orders or for disclosure to tax authorities.
• You have given us your consent to use your personal data in certain ways, including when you request that we disclose it to a third party and for direct marketing communications (by us and the third parties named when we asked for your consent).
• In order to process your Freedx account creation we may need to perform Fraud and money laundering checks before and whilst we continue to provide Services to you. This may involve sharing your personal data with fraud prevention agencies who will also process your personal data, but only on the basis that we have a legitimate interest in preventing fraud and money laundering, and to verify identity, in order to protect our business and to comply with laws that apply to us. We, and fraud prevention agencies, may also enable law enforcement agencies to access and use your personal data to detect, investigate and prevent crime.

You have the right at any time to ask us, or the third parties we work with, to stop contacting you or passing your details to others for marketing purposes. Please contact us for further information.

How and why we disclose your personal data

We work with third parties to help us provide the Services, and for this purpose, we need to share certain information with these third parties if we believe that sharing your personal data is in accordance with, or required by, any contractual relationship with you and us, applicable laws, regulations, or legal process. We may share your personal data with the following third parties:

• Freedx Affiliates: Your personal data that we collect, and process may be transferred between Freedx companies as a normal part of conducting business or offering Services to you.

• Industry Partners and Government Authorities: We may share your personal data with regulators, courts, tax authorities, law enforcement, government agencies to (i) comply with our information sharing and reporting obligations under the Travel Rule, (ii) respond to court orders, law enforcement and regulatory requests as prescribed by the applicable laws and regulations, (iii) detect, investigate, prevent violations, abuse, fraud or other illegal activity or security or technical issues, (iv) protect the rights and safety of our clients, Freedx and Freedx Affiliates.

• Third-Party Service Providers: We collaborate with third party-service providers who assist in providing our Services. The services of such third parties include, but are not limited to, identity verification, fraud prevention, payment processing, analytics, advertising, and promotions. Any personal data that we share with them is limited to the purpose of performing their contractual obligations and must be processed in accordance with our instructions and applicable data protection regulations.

• Corporate Reorganization: In case we enter into transactions for the sale or acquisition of any business or assets, we may need to transfer and/or share client personal data to the prospective buyer or seller.

International transfers

To facilitate our operations, Freedx may transfer your personal data to its Affiliates and third-party service providers throughout the world. These third parties are contractually obliged to protect the confidentiality and security of your personal data, in compliance with the applicable data protection regulations.

Freedx undertakes appropriate technical, organizational measures and contractual safeguards to ensure that such transfer complies with the applicable data protection regulations.

Automated decisions

As part of the processing of your personal data, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if:

• our processing reveals your behaviour to be consistent with that of known fraudsters or money launderers; or is inconsistent with your previous submissions; or
• you appear to have deliberately hidden your true identity.

You have rights in relation to automated decision-making: if you want to know more, please contact us using the details in Section 14 below.

Consequences of processing

If we, or a fraud prevention agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the Services you have requested, or we may stop providing existing Services to you.

A record of any fraud or money laundering risk will be retained by the fraud prevention agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us on the details in Section 14 below.

Other than the automated processing set out above, we shall not carry out solely automated decision-making using your personal data.

When you contact us

When you contact us, we will need to collect personal data about you to verify your identity before we disclose any information to you for data security purposes. We will be unable to deal with your query unless you provide the information we request. We may also collect any other personal data you choose to provide to us when communicating with us. We will only use that personal data for the purposes of dealing with your enquiry.

Change of purpose

We will only use your personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal data for an unrelated purpose, we will usually notify you and we will explain the legal basis which allows us to do so.

Protecting your information

We protect your data by using reasonable physical, technical, and administrative security measures to ensure information security, including encryption of the Freedx Platform communications; required two-factor authentication; periodic review of our personal data collection, storage, and processing practices; and restricted access to your personal data on a need-to-know basis for our employees and vendors who are subject to strict contractual confidentiality obligations.

Use of Cookies

Cookies are small text files that are placed on your device (e.g. computer, mobile device) when you visit a website and give permission for that site to recognise your device. Cookies store information about a user’s visit, which may include the content viewed, language preference, time and duration of each visit to the website.
Cookies are widely used in order to make websites work more efficiently, such as letting you navigate between pages efficiently, remembering your preferences, as well as providing information to the website owner. We may use cookies to enhance your experience on our website, identify users, remember user preferences, as well as to collect and analyze website usage data related to users and patterns.

Future changes

Any changes we make to our policy will be made available on the Freedx Platform and, where appropriate, notified to you by e-mail. Please check for updates from time to time.

Retention of your Data

We will retain your personal data for as long as you continue to use our Services. Thereafter, we may retain your information for an additional period as is permitted or required under applicable laws to comply with our legal obligations, such as compliance with AML/KYC laws, financial regulatory obligations, information preservation requirements, and other purposes communicated to you.

Your rights

Data protection laws provide you with the following rights:

• Right to access: This enables you to receive a copy of the personal data we hold about you and to check that we are lawfully processing it.
• Right to rectification: This enables you to have any incomplete or inaccurate information we hold about you corrected.
• Right to erasure: This enables you to ask us to delete or remove personal data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your personal data where you have exercised your right to object to processing (see below). However, we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you.
• Right to object or restrict: This enables you to object to the processing of your personal data where we are relying on a legitimate interest and there is something about your situation which makes you want to object to the processing on this ground. You also have the right to object where we are processing your personal data for direct marketing purposes.
• Right to withdraw consent: This enables you to withdraw your consent at any time, to the extent that processing of your personal data is based on your consent. The lawfulness of our processing of your personal data before you withdraw your consent will not be affected by such withdrawal.
• Right to portability: This enables you to request a copy of your personal data which you have provided to us, in a structured, commonly used and machine-readable format and to transfer it, or to require us to transfer it directly, to another controller.
• Right to lodge a complaint: This enables you to lodge a complaint about our practices with respect to your personal data with the State Cybersecurity Agency of El Salvador or the data protection authority in the location in which you reside or believe a data breach has occurred.

You will not have to pay a fee to access your personal data (or to exercise any of the other rights above). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal data is not disclosed to any person who has no right to receive it.

If you are unhappy about how your personal data has been used, please refer to our complaints procedure which is available by contacting us.

Contacting us

If you have any questions about this policy, you can contact us in the following ways:

By post at:

Av La Revolucion, Apto. Local 12, Colonia San Benito, Distrito San Salvador, Municipio De San Salvador Centro, Departamento De San Salvador

By email at: [email protected]

Changes to this Privacy Policy

We may change this Privacy Policy from time to time. Any changes to this Privacy Policy will be posted on our website. The date the Privacy Policy was last updated is identified at the top of this policy.