PRIVACY POLICY

General

MeteorEx s.r.o., a company duly incorporated in the Czech Republic with registered company number 21270244 and registered office address at Rohanske nabreži č.p. 678, č.o. 23, Karlin, 186 00 Prague 8 (‘MeteorEx’, ‘us’, ‘we’, ‘our’) is committed to protecting its users’ (‘you’, ‘your’, ‘their’) privacy.

In accordance with the European Union General Data Protection Regulation (the ‘GDPR’) and Act No. 110/2019 on Personal Data Processing of the Czech Republic (the ‘Act’) we are responsible to inform you of the manner how we process your personal data.

This Privacy Policy (the ‘Policy’) clearly sets out our data processing practises and informs you on how we achieve safeguarding of your rights.

All your data is lawfully collected and processed either under your consent, for the furtherance or performance of a contract, in accordance with our legitimate interests, or for the sake of complying with our legal obligations. Further you may find a more detailed description of bases on which we rely and purposes for which we process information.

At all times, your personal data which is in our possession is transferred, processed, and collected in accordance with the principles of data protection as stated in the GDPR and the Act. We recognise our responsibility to keep your information confidential and secure. Any personal information which we obtain in connection with rendering our services will be treated in accordance with the highest security standards and best market practices.

The terms used in this Policy have the same meanings as in the GDPR, our General Terms of Services (the ‘Terms’), unless explicitly otherwise defined in this Policy.

How We collect information

Personal data is usually provided to MeteorEx by costumers themselves. Whenever you are signing up for our services or using them and we request to provide certain additional information.

However, some information is collected automatically with the employment of cookies, and some other information can be provided to us by third parties, such as identity verification service providers, fraud prevention agencies, and alike.

All information which we collect about you is treated confidentially and processed under the data protection principles and highest standards in mind.

What information we collect and process

To enable us to provide our services, we need to obtain your personal data including your full name, date of birth, your residential address, your telephone number, your e-mail address, and other relevant details allowing us to provide services to you.

Mostly, the information which we collect can be summarised as follows:

• Personally identifiable information –your name; identity verifying data, address; e-mail address and phone number; financial information; government-issued identification document; other personal information, that you need to provide to register and use our services,
• Information about your visit –URLs; products and services you viewed or searched for; page response times; download errors; length of visits on certain pages; page interaction information; phone number/skype, name/email which you used to reach our customer support,
• Technical information – Internet Protocol (‘IP’) address; browser version; pages of our service that you visit; the time and date of your visit; the time spent on those pages, and other statistics,
• Transaction information – date; time; amount; currencies used; exchange rate; beneficiary details; cardholder’s information; details and location associated with the transaction; IP address of sender and receiver; sender’s and receiver’s name and registration information; messages sent or received with the payment; device information used to facilitate the payment, and the payment instrument used.

The above provides a brief overview of the types of information that we collect. However, it is not an exhaustive list, and we may collect other specific information. For instance, it may happen when you voluntarily supply us with certain other information.

How we use your information

Your personal data will only be processed for specific, explicit, and legitimate purposes in accordance with the data protection principles. The core principles to which MeteorEx adheres are the following:

• lawfulness, fairness, and transparency –we process data only in a lawful manner, which is fair and transparent within its means and aims,
• data minimisation – we do not collect, store, or process more information than is reasonably required to achieve a particular aim,
• accuracy –we keep all data accurate and up-to-date, and where relevant correct any of incorrect information,
• storage limitation – we keep data in a form that allows your identification for no longer than is necessary for the purposes that it was collected,
• integrity and confidentiality – we store and process the data in a manner that ensures appropriate security of the personal data,
• accountability – we are accountable to follow our data protection obligations.

In particular, the information will be processed for the following purposes:

Cookies

A cookie is a small file and holds a certain amount of data, which our website can send to your browser. It may then be stored on your computer’s hard drive and can be accessed by our web server. This cookie data can then be retrieved and can allow us to customise our web pages and services accordingly. It is important to clarify that cookies do not collect any personal data stored on your hard drive or device.

Our website uses these ‘cookies’ to collect information and to improve our services. You have the option to either accept or refuse these cookies. If you choose to refuse our cookies, some of our services may not be available to you.

The cookies used on our website fall into three categories:

• Functional: These cookies are used to enable core website functionality and do not contain any personal information,
• Analytics: These cookies allow us to count page visits and traffic sources, so we can monitor and improve the performance of our website,
• Advertising cookies: We partner with affiliate networks and other websites to help promote MeteorEx. If you use their websites or have come to our site via these affiliates, then their cookies will be sent through our website.

When you enter our websites for the first time, we provide you with an opportunity to accept or decline the usage of cookies. You will have a possibility to granularly accept cookies, meaning that you will have a choice on what type of cookies you will allow. You can also delete and block cookies at any time from this website through your browser. However, note that some features on this website will not function without cookies.

Transfer of data to third parties

In certain instances, we may employ third parties that may be located outside of the European Union (the ‘EU’) and European Economic Area (the ‘EEA’) due to the following reasons:

• To meet regulatory obligations (KYC mandatory checks, identity verification purposes, etc.),
• To facilitate our services,
• To provide the services on our behalf,
• To perform related services,
• To assist us in analysing how our services are used.

Please note that these third parties may have access to your personal data. The reason for such access is that they are performing certain services on our behalf. However, they are obliged not to disclose or use the information for any other purpose apart from that which is assigned to them. Whenever employing such third parties, where relevant, we are putting in place proper contractual agreements that afford you at least the same level of data protection as ours.

We will warn you in advance and obtain your free will consent to transfer your personal data to any third party.

Personal information may be shared with the following third parties:

• Identity verification and other KYC mandatory requirements ensuring service providers,
• Payment service providers, liquidity providers, payment systems and card associations with whom we work together to develop or provide a product or service, to execute transactions, to resolve conflicts and to investigate and prevent fraud,
• Other transaction participants,
• Partners that provide services to us. We may share personally identifiable information with other partners which provide services and functions on our behalf. These partners, for example, provide services to you as defined in our service agreements and/or offer additional functionality which you have requested. Anonymised data and performance analytics that help better understand the use of our services and increase your satisfaction,
• Third parties for our business purposes or as permitted or required by law,
• With relevant authorities/third parties to investigate violations of any agreements or other legal provisions applicable to our services or to enforce legal rights,
• With external consultants, advisors, auditors, and similar persons to meet our contractual obligations and/or regulatory requirements, protect legitimate interests to the extent permitted by applicable law.

Links to Other Websites

Our website may contain links to other websites. If you click on a third-party link, you will be directed to that site. Note that these external sites are not operated by us. Therefore, we strongly advise you to review a privacy policy applicable to those websites. We have no control over and take no responsibility for, the content, privacy policies, or practices of any third-party sites or services.

Storage of Data

We retain personal information so long as required by the applicable laws, regulations, or as needed for our business purposes and legitimate interests.

We retain KYC information about our customers and transactional data for a period of 10 (ten) years after the end of the business relationship or last transaction, whichever occurs last.

Information, which is not a KYC information or transactional data, or supporting information/data of the previously mentioned information and data, shall be retained for a period of 5 (five) years after the end of the business relationship. Such information retention period may be extended only in when it is explicitly allowed by the laws and regulations applicable to us.

Data Protection Rights

Data protection legislation affords you certain rights which you may exercise, and we must respect. Here you may see a brief overview of those rights.

You may request details of personal information which we hold about you.

You may request us to correct, delete, or restrict processing of any information which you believe is incorrect or incomplete.

At all times during our collaboration, you have a right to withdraw your consent and hence not supply us with your information, stop using our services and stop data collection from the third parties.

You can object any of our action or inaction in relation to the handling of your personal information.

If you wish to exercise any of your data protection rights, you may send us an email to [email protected].

If you believe that the processing of your personal data violates the applicable data protection laws or your data protection rights have been violated in any way, you may choose to file a complaint with the Office for Personal Data Protection of the Czech Republic (UOOU), pplk. Sochora 727/27, 170 00 Prague 7 – Holešovice, tel.: +420 234 665 111, https://uoou.gov.cz, email [email protected].

Children’s Privacy

We do not knowingly collect personally identifiable information from or about children under 18 years of age. In the case we discover that a child under 18 has provided us with personal information, we immediately delete this from our servers.

If you are a parent or guardian and you are aware that your child has provided us with personal information, please contact us so that we will be able to take necessary actions.

Security Measures

We are committed to ensure that your information is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information that we process and collect.

All information you provide us is stored on our secure servers within the EU. Our webpage, html application forms, and any payment transactions are encrypted using SSL technology.

You are responsible for keeping website login and passwords credentials confidential and not to share them with anybody.

You should be aware that the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of your information transmitted to our website; any transmission is at your own risk only.

Once we have received your information, we will use encryption and other security technologies to protect information from unauthorized access.

We ensure that information, personal data, and data under our responsibility is properly backed up and that arrangements for recovery processes are in place. Additionally, MeteorEx uses reliable internal data protection mechanisms combined with a robust security system.

Contacting Us

If you have any questions about this Privacy Policy, do not hesitate to contact us via email address [email protected].

Changes to this Policy

This Policy is under regular annual review. We reserve the right to amend this Policy as necessary, for example, due to technical developments or legal changes, or to update it in connection with the offer of new services or products.

The updated Policy will be published on our website and will be applicable from the date of publishing. In case of any material changes, you will be notified accordingly.