When you use our services, you trust us your personal information. In the company Bitnik d.o.o. (hereinafter referred to as the “Bitnik” or “we” or “us”), we are aware that this is a big responsibility and we respect your privacy, so we deal with your personal data with care and in accordance with Regulation (EU) 2016/679 of the European Parliament and Of the European Council of 27.04.2016 on the protection of personal data and on the free movement of such data, and repealing Directive 95/46 / EC (hereinafter: the General Data Protection Regulation) and in accordance with the applicable regulations in the Republic of Slovenia.
1. Information about the controller and contact
The data controller is Bitnik d.o.o., Letaliska 3, 1000 Ljubljana, Slovenia. For all questions, we are available by e-mail: email@example.com.
2. Collection and use of your data
2.1. When do we get your personal information?
With Bitnik we collect and store personal information that we collect from you when:
you use our Bitnik bitcoin machines,
you enter with us the Exchange Contract,
you are using our website,
Otherwise, when you contact/visit us.
2.2. When using the Bitnik bitcoin machines
When using the Bitnik bitcoin machines we collect and process personal information about you that we need to implement a contractual relationship in which you enter with us using the Bitnik bitcoin machine for the operation of these devices and providing access to our services.
We collect and process the following data in the Bitnik bitcoin machine:
transaction data (your e-wallet address, valid exchange rate, transaction amount, date and time of transaction execution),
your telephone number (in so far as this is necessary for identification before the transaction is executed),
device usage data (location, time and date of access).
2.3. At the conclusion of the Exchange Contract with Bitnik
At the conclusion of the Exchange Contract, you must complete the “Application for establishing a business relationship” and “Questionnaire for determining the status of a politically exposed person”. This means that you need to provide us with the personal information that we need to identify and verify your identity, as bound by the applicable law, or that are necessary for the implementation of a contractual relationship between you and the Bitnik.
When concluding the Exchange Contract, we collect and process the following data:
identification data (personal name, nationality, date and place of birth, address of permanent and temporary residence, tax number and number, type, name of the issuer and date of validity of official identity document),
information on the purpose and nature of the business relationship (the purpose of establishing a business relationship, employment status and activity),
information on the origin of the funds,
information about your political exposure,
transaction information (your bank account number, your e-wallet address, transaction amount, date and time of transaction execution),
contact information (in particular phone number and e-mail address).
Insofar as you enter into the Exchange Contract on behalf of the legal person, in accordance with the provisions of the applicable law, we collect and process the above personal data on the legal representative of this legal entity, as well as information on the actual owners of the legal entity (personal name, citizenship, address of residence, tax number, about the relationship with the legal entity).
In duly justified cases, other personal data may also be collected and processed, which, on the basis of our judgment, we consider that we are obliged to collect them for legitimate business in accordance with the obligations imposed by the applicable legal regulations, especially in the field of money laundering prevention.
If this information is not provided to us in full, Bitnik can, at its sole discretion, deny the conclusion of the Exchange Contract with you.
2.4. When visiting our website
Whenever you visit Bitnik’s website at https://bitnik.eu/, the web server where the website is hosted is automatically logged in certain information about visitor such as IP number, browser version, time of visit, and similarly. The data collector does not process the data collected separately and does not link them with other data.
2.5. If you communicate with us via different channels
You can also contact Bitnik through various channels, especially via the phone or email address published on our website. In these cases, decide voluntarily what personal information you want to trust. Bitnik will further process your identification and contact information (for example, first name, phone number, e-mail address, etc.) and records of mutual communication, including conversations (if the conversation is recorded, you will be notified in advance, the recording will only be performed by your consent) in accordance with the content of mutual communication and taking into account the nature of the relationship, on the basis of our legitimate interest, in particular for the purposes of:
processing your requests,
Proof that we received and processed your request,
records of your requests so that we can check their regular and timely fulfillment.
2.6. Acquisition of personal data from third parties
Mostly personal information is obtained from you yourself within the framework of the preceding items of defined positions, but in certain cases, depending on the case, they can also be obtained from third parties or government authorities.
In so far as this is necessary in connection with the implementation of the concluded contract, we may receive additional information about your orders from banks or other persons involved in the implementation of a business relationship between you and the Bitnik, for example information about your account number, successful transactions or receipt fulfillment.
3. Purpose and legal basis for processing your data
Processing of personal data means any act or set of actions that is carried out in relation to personal data or sets of personal data with or without automated means such as collection, recording, editing, structuring, storing, adjusting or modifying, recalling, inspecting, using , disclosure through the transmission, dissemination or otherwise provision of access, customization or combination, limitation, deletion or destruction.
3.1. Implementation of a contractual relationship
Bitnik processes personal data of individuals in the framework and for the purpose of concluding and executing contracts concluded between you and Bitnik, inter alia for purposes such as:
to provide you with the services, products and information you request from us, including the proper execution of transactions and the provision of support,
to manage business relationships and to negotiate contracts and their implementation,
to provide general services and customer support,
to process your requests and to prove that we have received and processed your request, checking their regular and timely fulfillment,
to communicate with you on various matters.
3.2. Legal legal basis of data processing
Bitnik also processes personal data of individuals insofar as processing is necessary for fulfilling the legal obligations that apply to us. We thus process some personal information about you on the basis of the Anti-Money Laundering and Terrorist Financing Act (ZPPDFT-1, Official Gazette of the Republic of Slovenia, No. 68/16) for purposes such as the implementation of customer knowledge measures, the retention of personal data and the transmission of personal data individuals who fall into the obligation to report to the Slovenian Office for the Prevention of Money Laundering and Terrorist Financing.
3.3. Data processing on the basis of legitimate interests
In Bitnik, personal data is also processed in certain cases in order to protect legitimate interests, such as:
prevention and detection of abuses, fraud and other unlawful acts,
for the purpose of protecting and securing assets and employees in the company and managing business risk,
ensuring network and information security,
enforcing their own legal claims against individuals in court,
for the purpose of demonstrating the existence and implementation of a business relationship,
improvement and upgrading of Bitnik’s services,
cases of any merger, sale, joint venture, allocation, transfer or other type of sale of all or part of the property of the Bitnik (including cases of insolvency proceedings and forced expulsion procedures),
because of the implementation of our internal administrative purposes.
In the above-mentioned cases, we are obliged to carry out a careful assessment or over such legitimate interests Bitnik is overridden by the interests or fundamental rights and freedoms of the data subject, including taking into account, among other things, the reasonable expectations of the individuals to whom the data relate.
3.4. Data processing based on consent
In certain cases, Bitnik may ask you to consent to the processing of your personal data for pre-defined purposes. In these cases, the processing of personal data takes place in the context of your statement of the permissible scope of personal data, purpose and method, until such consent is revoked.
You can revoke your consent to process your personal data at any time, temporarily or permanently, by e-mail: firstname.lastname@example.org. The cancellation of the consent does not affect the lawfulness of the processing that was carried out on the basis of the consent until its cancellation.
3.5. Processing of data for other purposes
When such processing is compatible with the purposes for which personal data were originally collected, we may process your personal information for other purposes than those for which personal data were originally collected.
4. With whom we share your information
4.1. With our contracted processors
For selected operations of the processing of personal data we engage contractors who perform a part of the services on our behalf, and with such contracted personal data processors we enter into an appropriate statutory contract for the processing of personal data in which we commit ourselves to the same personal data protection standard as if these extracted parts of the processing of personal data were carried out by themselves. At the same time, these contractor processors process data only for the purpose of performing contractually defined services and for no other purpose, nor may they use them for their own purposes or for the purposes of third parties.
Contractual processors include, among others:
Cloud computing providers and other technology vendors and support providers (for example, Google Drive, Netis d.o.o.)
External communication operators, in particular communication via SMS messages (Telekom, Telemach, A1).
4.2. With third parties
As a rule, we do not transfer your personal information to third parties. Occasionally Bitnik must pass on your personal information to certain external users if they show a legitimate interest in obtaining your information. Such users are, as a rule, different government bodies that need your personal information in the context of the official procedures they run, or individuals, if they request access to data through the court or prove another appropriate legal basis.
We may also share your personal information with third parties in cases where this is justified on the basis of our legitimate interest, especially in the event that this is necessary to prevent significant financial or other damage, whether directly or indirectly incurred by Bitnik, for enforcing their own legal claims against individuals in the court, preventing or detecting fraud or criminal offenses, or protecting the rights, property or security of the company Bitnik, our clients or other persons. We may disclose personal information to selected third parties or give them access to them even in the event of any merger, sale, joint venture, assignment, transfer or other kind of sale of all or part of our property.
4.3. Transferring data to third countries
Bitnik may also entrust individual activities to the processing of personal data to processors and managers outside the territory of the Member States of the European Union and the European Economic Area (EEA), while guaranteeing that in such cases the same level of protection of personal data will be ensured as if the processing was carried out by itself, and all the requirements of the regulations relating to the transfer of personal data to third countries will be respected.
5. Safekeeping of your data
We store your personal information that we process on the basis of your consent and for the purposes specified in the consent, until the realization of these purposes or the withdrawal of consent from your site or your objection to the processing.
6. Your rights regarding the processing of personal data
In accordance with the applicable legal regulations, a number of rights are provided to you, including, inter alia, the latter:
The right to be informed about the processing of your personal information.
The right of access to personal data – you have the right to receive confirmation from us that personal data are processed and, if so, access to such personal information and some additional information.
The right to a correction – you have the right to reach to complete any defects or to correct any inaccurate personal information relating to you.
Right to Delay (“right to forget”) – you have the right to obtain personal information about you when the conditions are met. The right to the cancellation does not belong to you in the case of personal data that we process for the fulfillment of our legal obligations or in cases where processing is necessary for the enforcement, implementation or defense of legal claims.
The right to limit processing – you have the right to limit the processing of your data if you challenge the accuracy of the data, or if you have made an objection or if the processing is illegal or if the processing is no longer necessary for the controller, but for enforcing, ruling or defending legal claims.
The right to object – when the basis for the processing of your personal information is solely our legitimate interests, you may object to any processing of such personal information at any time.
The right to data portability – when: (i) processing is based on the consent of an individual or contract, and (ii) when processing is carried out by automated means, you have the right to request the receipt of your personal data in a structured, widely used and machine-readable form, and the right to transfer information to another controller.
You can claim the above mentioned rights by submitting a written request to the address: Bitnik doo, Letaliska 3, 1000 Ljubljana, Slovenia, or at email@example.com, where you can also get additional information regarding your rights.
We will complete your request as soon as possible, but in any case within one month. In exceptional cases, especially when it comes to more complex claims, we have the right to extend this period by two additional months. Under certain conditions, we can refuse your request or charge a reasonable fee, or require you to provide additional information necessary to verify your identity. Enforcing the above rights may affect, restrict or disable the (continued) use of our services.
7. Right to file a complaint concerning the processing of personal data
Any complaint regarding the processing of personal data can be sent to the following e-mail address: firstname.lastname@example.org.
If you believe that your rights or the rules on the protection of personal data are violated, you have the right to appeal to the competent national authority. In the Republic of Slovenia, this is the Information Commissioner of the Republic of Slovenia (Zaloška 59, 1000 Ljubljana, e-mail: email@example.com).
© Bitnik (May 2018)