Administrator - the administrator of personal data pursuant GDPR, which is BB Trade Estonia OÜ, Harju maakond, Tallinn, Lasnamäe linnaosa, Tähesaju tee 9, 13917 ESTONIA (office no. 10, 2nd floor), registered under the number 14814864;
Client - natural or legal persons, who accepted the Statute of the Website and concluded the agreement for performance of the Service with zondacrypto pay;
GDPR - Regulation of the European Parliament and of the Council (UE) 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/CE (J. o L. UE 2016 it. L119);
Personal Data - Clients' personal data within the meaning of GDPR transferred in connection with using the Service;
Processing of personal data - all operations performed on personal data within the meaning of GDPR
Services - services rendered by zondacrypto pay electronically that consisting in providing the Client with the possibility of accepting payment in crypto currencies for their own services or goods;
Website - website made available through the agency of www.zondacrypto.com/en/pay and subdomains;
All terms written with a capital letter and not defined above ought to be understood in conformity with the definitions included in the Statute of the Website.
II. General Information
The Website performs the functions of obtaining information on the Clients and their behavior as follows:
by entering information into forms;
by storing files (called “cookies”) on terminal devices;
by collecting web server logs and other information occurring in connection with or as a result of functioning of and using of the Service;
by recording and collecting personal data in the form of photo or recording the Client's image obtained via a video communicator (e.g. skype)
III. Principles of Collection of Client's Personal Data
Using Services is connected with the necessity to provide Personal Data by the Client. Failure to provide all Personal Data required by zondacrypto pay can lead to impossibility to provide Services by zondacrypto pay.
The Website collects information provided by the Client.
The Website can moreover record information on the parameters of connection (determination of time, IP address etc.).
Data obtained from the Clients is not made available to third parties unless:
the Client expresses their consent;
it is justified by the provisions of law;
it is necessary for the purpose of providing Services, in particular in the technical scope of services dealing with payments and also of other entities that zondacrypto pay cooperates with by performance of the Service.
IV. Scope of Data Protection and processing
In connection with the performance of the given Service, the Administrator can request that the Client provides Personal Data. In particular in case of:
a natural person: the features of the document stating the Client's identity as well as their name, surname, citizenship, address of residence, country of birth, information on tax residence and occupied exposed political position, telephone number, date of birth and PESEL (Personal Identification Number). In case of foreign Clients who have no PESEL, one should provide the equivalent of such number (the national identification number) (or file a statement on non-possession of PESEL number);
in case of an institutional Client: to send a scan of extract from the Commercial Register, data concerning business activity, a scan of a confirmation of assigning it a NIP [tax identification number] and assigning it a REGON [national business registry number] - unless the given number is shown in the transcript from the Trade Register, as well as, providing the features of the document stating the identity of the person authorized to represent the Client, his/her name, surname, citizenship, address of residence, information on tax residence and occupied exposed political position, telephone number, date of birth and PESEL [personal identity number]. In the case of the person representing the Client who is a foreigner without PESEL [personal identity number], an equivalent of this number (or a statement about not having PESEL [personal identity number]) must be provided. The Client is also obliged to provide the above information regarding all actual beneficiaries of the Client up to the indication of natural persons.
For the purpose of verification of data, the Client must present to the zondacrypto pay employee an identity document or send a scan or photo thereof in the .jpg or .png format by means of the form on the Website. The scan/photo of the identity document must meet the following terms: data on the document must be clearly visible, all edges of the document must be visible, no data can be covered. The file cannot contain any signs of digital remake (e.g. painting over of an element using a graphic program). Placement of a water line is admissible. In addiction in case of doubts zondacrypto pay can ask the Client to send the photo of their identity document made so that both the Client's face and their identity document and page with the date when photo has been done can be seen simultaneously (the so-called selfie) or connect with the Client via a video communicator (e.g. skype) eventually to send additional documents warranted by circumstances;
Confirmation of the Client's or Client's representative's address can take place on the basis of a photo in the .jpg or .png format, a bill (for electricity, water, gas etc.), an agreement with a public trust institution or an official letter with the Client's address data with the name and surname as well as the date of preparation (not older than 6 months).
Personal data is processed pursuant to the provisions of the Regulation of the European Parliament and of the Council (UE) 2016/679 of 27th April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/CE (J. o.L. UE 2016, it. L119) and provisions of the Chapter 373 of the Act on money laundering of September 23, 1994 (CAP 373) and of the Regulation of the Directive (EU) 2015/849 of the European Parliament and of the Council of 20 May 2015 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, amending Regulation (EU) No 648/2012 of the European Parliament and of the Council, and repealing Directive 2005/60/EC of the European Parliament and of the Council and Commission Directive 2006/70/EC.
The basis for the processing of data are the Client's consent or provisions of law that authorize to process personal data.
The provision of data by the Client is voluntary, however indispensable for rendering the services.
Personal data shall not be made available to other entities without the Client's knowledge except for the entities authorized under the provisions of law.
Each Client has the right to inspect their personal data, amendment or removal thereof inasmuch it fails to violate the provisions of law and can be performed from the level of the Client's panel.
The Administrator can deny the performance of the rights indicated in p.8 if it results so from the provisions of law, information is subject to the pending dispute or it is indispensable for explanation of circumstances of Client’s violation of the Statute.
The Administrator has the right to take any actions to increase the security of the Services provided by the Administrator
V. User's Rights
The Client has the right to access the content of Personal Data and amendment thereof.
The Client is authorized to demand supplementation, updating, correction of personal data, temporary or permanent cessation of processing thereof or removal thereof if it is incomplete, outdated, untrue or has been collected contrary to the law or is useless for the performance of the purpose for which it was collected.
In case of amendment of Personal Data, the Client is obliged to perform actions aiming at updating Personal Data on their Account.
The Administrator can deny removal of Personal Data in a justified case, and in particular if the Client:
has not paid all amount due to the Administrator, or
has violated the statute of the Website or of any Service, or
has violated the effective provisions of law,
and the maintenance of Personal Data is indispensable for explanation of such circumstances and determination of the scope of Client's liability. In each case of denial of Personal Data removal, the Administrator shall inform the Client on the reasons of such denial along with the legal grounds thereof.In case of doubts regarding the method of processing Personal Data, the Client can receive explanation from the Administrator and has the right to file an inquiry, a reservation or a complaint to the supervisory body.
The basis for processing data are in particular the effective regulations and provisions of law and the consent if it was given by the Client.
On the basis of the processed Personal Data decisions shall not be made automatically as well as data shall not be used for profiling.
Personal Data will be processed for the duration of the Agreement for rendering the Service.
Contact with the Administrator of Data: [email protected].
VI. Information on cookie filesThe Website uses cookie files
The cookie files (the so-called "cookies") constitute information data, in particular text files, which is stored on the Client's terminal device and is intended for the usage of the Website. Cookies usually contain the name of website they come from, duration of storage thereof on the terminal device and a unique number.
The entity that places the cookie files on the Client's terminal device and receiving access thereto is zondacrypto pay.
The cookie files are used for the following purposes:
creation of statistics that help to understand in what way the Client use website, which allows improvement of structure and content thereof;
up-keeping of the Client's session (after logging in) thanks to which the Client does not have to write again the login and password on each subpage;
definition of the Client's profile for the purpose of displaying to him adjusted materials in advertising networks, in particular in the Google network.
Within the framework of the Website, two basic types of cookies are applied: session cookies and persistent cookies. "Session" cookies are temporary files that are stored on the Client's terminal device until they log out, leave the website or disable the software (web browser). "Persistent" cookies are stored on the Client's terminal device for a period of time stipulated in the parameters of cookies files or until the Client removes them.
Software for browsing websites (web browser) usually by default allows cookies to be stored on the Client's terminal device. The Clients can change settings in this scope. The web browser enables to delete cookies. It is possible to automatically block cookies. Detail information on the subject can be found in the help section or documentation of the web browser.
Limitation of usage of cookies can affect some of the functionality available on the Website.
Cookies files are placed on the Client's final device and can be also used by advertisers and partners that cooperate with zondacrypto pay. We recommend reading the privacy protection policy of these companies and to become acquainted with the principles of using cookie files used in the statistics.
Cookie files can be used by advertising networks, in particular the Google network, to display advertisements matched to the way the Client uses the Website. For this purpose, they can retain information on the Client's navigation path or the time they stay on the page.
In terms of information on the Client's preferences stored by the Google Display Network, the Client can view and edit information derived from cookie files with the tool: [https://www.google.com/ads/preferences/](https://www.google.com/ads/preferences/?rel=nofollow)
VII. Server logs
Information on some actions of the Clients are subject to log into the server layer. This data is only used to administrate the Website and to ensure the most efficient hosting services, also for evidential purposes in connection with committed crimes or due to circumstances connected with seeking claims in civil proceedings.
Browsed resources are being identified by URLs. Moreover, the following data may be stored:
date of request,
time of reply,
name of Client's station - identification carried out by HTTP, HTTPS protocols,
information on errors that occurred during the HTTP, HTTPS transactions,
URL of the page previously visited by the Client (referrer link) - when the transition to the Website took place by reference,
information about the Client's browser,
IP address information.
Some of the above data is not associated with particular Clients using the Website. The Administrator does not associate this data with the Client's Personal Data and does not use it for Client's identification as it is only used for the purpose of server administration.
VIII. Cookie Files Management - how to express and retract permission in practice?
If the Client does not agree to receive cookie files, they can change the browser settings. We reserve that disabling cookies required for authentication, safety, maintenance of Client's preferences may hinder and in extreme cases prevent the use of the Website.
Information on management of cookie settings in the given browser can be found on the website of editor thereof.
The Client can anytime contact the Administrator to obtain information under the following address: [email protected]