Last updated on “29” April 2024
PRIVACY POLICY
This Privacy Policy (also referred as ‘Policy’) constitutes the Agreement between NovaCyber Ltd (hereinafter also referred as the ‘Company’) and User to set out rules under which we can operate with Your personal data in order to provide You with our Services. The Company takes Your personal data security and privacy seriously and we do all actions to ensure transparency and high-security level in processing your personal information. You must understand that using our Services inevitably leads to acceptance of our Terms of Service, Anti-Money Laundering and Terrorist Financing Policy, Cookie Policy and this Privacy Policy. Together these documents are the rules which thoroughly describe requirements, processes, risks and details of the Services, obligations and rights of the Company and You. Please, read all documents carefully, and if you fully or partly disagree with any of them, leave our Website and stop using any of our Services. If you have any questions regarding this Policy, other Policies, or any part of them, please, contact us at support@apato.estate.
This privacy notice applies to all information collected through our Services (which, as described above, includes our Website), as well as, any related services, sales, marketing or events. This privacy notice applies to all information collected through our Services (which, as described above, includes our Website), as well as, any related services, sales, marketing or events.
- LEGISLATION BASE
To ensure that all rights and obligations in this Policy are developed under the law, and to provide you with a high level of data processing, different legislation. Our relations undergo rules of following jurisdictions:
- For all Users except mentioned above — General Data Protection Regulation (GDPR).
For the operational purposes, we process information about you collected by the company as permitted by applicable law and in accordance with the terms and conditions.
Personal information
We collect personal information that you voluntarily provide to us when you register on the Website, express an interest in obtaining information about us or our products and Services, when you participate in activities on the Website or otherwise when you contact us.
The personal information that we collect depends on the context of your interactions with us and the Website, the choices you make and the products and features you use. The personal information we collect may include the following:
Personal Information Provided by You. We collect app usage; data collected from surveys; and other similar information.
Payment Data. We may collect data necessary to process your payment if you make purchases, such as your payment instrument number (such as a credit card number), and the security code associated with your payment instrument. All payment data is stored by Stripe. You may find their privacy notice link(s) here: https://_____________.
All personal information that you provide to us must be true, complete and accurate, and you must notify us of any changes to such personal information.
Information collected automatically
We automatically collect certain information when you visit, use or navigate the Website. This information does not reveal your specific identity (like your name or contact information) but may include device and usage information, such as your IP address, browser and device characteristics, operating system, language preferences, referring URLs, device name, country, location, information about how and when you use our Website and other technical information. This information is primarily needed to maintain the security and operation of our Website, and for our internal analytics and reporting purposes.
Like many businesses, we also collect information through cookies and similar technologies (like web beacons and pixels) to access or store information. Specific information about how we use such technologies and how you can refuse certain cookies is set out in our Cookies Policy.
Privacy Rights
If you are a resident in the EEA or UK and you believe we are unlawfully processing your personal information, you also have the right to complain to your local data protection supervisory authority. You can find their contact details here: http://ec.europa.eu/justice/data-protection/bodies/authorities/index_en.htm.
If you are a resident in Switzerland, the contact details for the data protection authorities are available here: https://www.edoeb.admin.ch/edoeb/en/home.html.
Rights of the User
Under the GDPR, User has the following rights related to his personal information:
- Right to be informed: Your right to be informed is met by the provision of this privacy notice, and similar information when we communicate with you directly – at the point of contact.
- Right of access: You have the right to obtain a copy of personal data that we hold about you and other information specified in the GDPR, although there are exceptions to what we are obliged to disclose.
- Right to rectification: You have the right to ask us to rectify any inaccurate data that we hold about you.
- Right to erasure (‘right to be forgotten’): You have the right to request that we erase personal data about you that we hold. This is not an absolute right, and depending on the legal basis that applies, we may have overriding legitimate grounds to continue to process the data.
- Right to restriction of processing: You have the right to request that we restrict processing of personal data about you that we hold. You can ask us to do this, for example, where you contest the accuracy of the data.
- Right to data portability: This right is only available where the legal basis for processing under the GDPR is consent, or for the purposes of a contract between you and the Company. For this to apply the data must be held in electronic form. The right is to be provided with the data in a commonly used electronic format.
- Rights in relation to automated individual decision-making including profiling: You have the right to object to being subject to a decision based solely on automated processing, including profiling. Should we perform any automated decision-making, we will record this in our privacy notice, and ensure that you have an opportunity to request that the decision involves personal consideration.
- Right to complain to the Information Commissioner: You have the right to complain to the Information Commissioner if you are not satisfied with any aspect of how the Company processes your personal data or believe that we are not meeting our responsibilities as a data controller.
Please note that mentioned rights are not absolute and may be limited in order to complete regulatory requirements and Company`s legal interest. If you have any questions about rights above, please contact us at support@apato.estate.
Please note that we may request that you provide some details necessary to verify your identity when you request to exercise a legal right regarding your personal data.
Based on the applicable laws of your country, you may have the right to request access to the personal information we collect from you, change that information, or delete it in some circumstances. To request to review, update, or delete your personal information, please submit a request to support@apato.estate.
Types of Data We Collect
According to our Anti Money Laundering and Counter Terrorist Financing Policy, during the Due Diligence Processes and to serve you in a most appropriate way, avoiding technical and legal obstacles, we will need further data from you in order to provide you with our services:
- full name (full legal name), email address, home address (registered or business address), date of birth and gender, nationality, phone number;
- documents national identity cards, passports, driving licenses or other forms of identification documents, tax ID number, visa information, utility bills, proof of legal formation (e.g. Articles of Incorporation), personal identification information for all material beneficial owners, and/or any other documents deemed necessary to comply with our legal obligations under financial or anti-money laundering laws;
- transaction history, and/or tax identification, source of funds and related documentation, other information that is needed to complete CDD procedures;
- address of your wallet;
- nature and details of employment;
- the customer’s source of funds, i.e. where the funds or assets that will be used for the business relationship or transaction were derived (e.g. income, business profits, investments, dividends, inheritance, property sale, business sale, etc.);
- the customer’s source of wealth, i.e. how the customer derived his or her or its wealth, particularly in higher risk scenarios (e.g. income, business profits, investments, dividends; inheritance, property sale, business sale, etc.) and level of wealth (i.e. the total value of a applicant for business’ or customer’s wealth);
- data, whether the customer has a criminal record or is a known associate of criminals or criminal organizations; and
- whether the customer is a PEP;
- chat messages with Customer Support, chat attachments which may include screenshots, photos, videos etc., survey responses.
Please take into account that the volume of documents which include information about the types of data mentioned above will be determined depending on results of our risk assessment before entering into business relationships with You.
Please take into account, in case of rejecting Company’s request on receiving additional information from Customer, the Company may not provide Customer with Services. As the Company adds new features and Services, Customers may be asked to provide additional information.
Also the Company collects some sort of information automatically while you are using our Services and interacting with our Website to the extent permitted by applicable legislation. This information can be set in following categories:
- Usage data: information about how you use the Website and Services, and other offerings made available by us, including:
- device download time,
- install time,
- interaction type and time,
- event time, name and source.
- Marketing data: your preferences in receiving marketing from us or third parties.
- Online Identifiers: geo location/tracking details, browser fingerprint, operating system, browser name and version, and/or personal IP addresses.
We may also automatically receive and record the following information on our server logs:
- how you came to our Website and use the Services;
- device type and unique device identification numbers;
- device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL);
- how your device interacts with our Website and Services, including pages accessed and links clicked;
- broad geographic location (e.g. country or city-level location); and
- other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser;
- chat messages with Customer Support, chat attachments which may include screenshots, photos, videos etc., survey responses;
- data, whether the customer has a criminal record or is a known associate of criminals or criminal organizations.
We do not knowingly solicit data from or market to children under 18 years of age. By using the Website, you represent that you are at least 18 or that you are the parent or guardian of such a minor and consent to such minor dependent’s use of the Website. If we learn that personal information from users less than 18 years of age has been collected, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any data we may have collected from children under age 18, please contact us at support@apato.estate.
Ways of Gathering Personal Data
Usually, User personally provide us with their data by directly interacting with the Company via:
- visiting our Website or Services;
- applying for our Services;
- creating an account;
- making use of any of our Services;
- requesting marketing to be sent to User, for example, by subscribing to Company’s newsletters;
- giving us feedback or contact us.
We will also use third parties and/or publicly available sources to obtain data related to you. We may use the following sources:
- fraud and crime prevention agencies;
- publicly available information on the Internet;
- public blockchain.
Data Processing
In order to process your data as fast as we can, we have the right to use services of third parties. The Third Party in this case will be Sum And Substance Ltd (UK) (“SumSub”). SumSub is a trusted partner of the Company for collecting and processing Customers data on behalf of the Company (please follow the link to learn more about them). SumSub is an experienced identity verification company that will process data of Customers for the purposes of the necessary KYC/AML procedures.
In order to serve You and your counteragent in a most appropriate way, we can use services of, who are responsible for legal, economic and property checking (real estate agents and other parties, which conduct such expertise) in order to eliminate any chances of decisive behavior between parties of a future property contract. The Company is not responsible for the ways of processing your data by real estate agents and other specialists. To avoid legal dispute between You and the Company, please check their Privacy Policies.
The Company keeps your personal data for as long as it remains necessary for the identified purpose or as required by applicable law, which may extend beyond the termination of our relationship with you. The Company may retain certain data as necessary to prevent fraud or future abuse, or for legitimate business purposes, such as analysis of aggregated, non-personally-identifiable data, account recovery, or if required by law.
We may process or share your data that we hold based on the following legal basis:
- Consent: We may process your data if you have given us specific consent to use your personal information for a specific purpose.
- Legitimate Interests: We may process your data when it is reasonably necessary to achieve our legitimate business interests.
- Performance of a Contract: Where we have entered into a contract with you, we may process your personal information to fulfill the terms of our contract.
- Legal Obligations: We may disclose your information where we are legally required to do so in order to comply with applicable law, governmental requests, a judicial proceeding, court order, or legal process, such as in response to a court order or a subpoena (including in response to public authorities to meet national security or law enforcement requirements).
- Vital Interests: We may disclose your information where we believe it is necessary to investigate, prevent, or take action regarding potential violations of our policies, suspected fraud, situations involving potential threats to the safety of any person and illegal activities, or as evidence in litigation in which we are involved.
Disclosure
The Company may share User’s personal data with third-party service providers, agents, subcontractors and other associated organizations, our group companies, and affiliates in order to complete tasks and provide the Services to User on Company’s behalf.
The Company may share your personal data with:
- companies that we plan to merge with or be acquired by (should such a combination occur, we will notify you and will require that the newly combined entity follow this Privacy Policy with respect to your personal data);
- law enforcement, government officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure; or we believe in good faith that the disclosure of Personal Data is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of any of our policies;
- identity verification agencies to undertake required verification checks;
- fraud or crime prevention agencies to help fight against crimes including fraud, money-laundering and terrorist financing;
- our vendors and agents, hired by us to provide you with the Services;
- transaction processors (for the purpose of ensuring transaction performance and their operation).
Our Website may, from time to time, contain links to and from the website of our partner networks, advertisers, transaction processors, etc. If you follow a link to any of these websites, please note that these websites that may be accessible through them have their own privacy policies and that we do not accept any responsibility or liability for these policies or for any information, including personal data that may be collected through these websites, such as contact and location data. Please check these policies before you submit any information or personal data to these Website/Apps or use these Services.
Account Information
If you would at any time like to review or change the information in your account or terminate your account, you can:
- Log into your account settings and update your user account.
Upon your request to terminate your account, we will deactivate or delete your account and information from our active databases. However, we may retain some information in our files to prevent fraud, troubleshoot problems, assist with any investigations, enforce our Terms of Use and/or comply with applicable legal requirements.
Changes
The Company reserves the right to modify this Privacy Policy at any time. All Changes will be shown on our Website, which will be indicated by changing the date at the top of this page. If you do not accept a new edition of the Privacy Policy, you must stop using the Website and Services.
In case of including material changes to this Policy, Users will be asked to agree with new terms of this Policy in order to let the Company provide its Services. If User disagrees to accept a new version of Policy, they shall immediately stop using Company’s Services.