We are Graceful Globe Limited of Hong Kong, and our company registration number is 2274978 (“Graceful Globe Limited”, “we” or “us”). Your privacy is important to us. We are committed to protecting the privacy, confidentiality, and security of the personal data we hold by complying with the requirements under applicable laws and regulations. We are equally committed to ensuring that all our employees, service providers, and agents uphold these obligations. This policy explains how we manage personal data within our organization.
We collect personal data about you in the following ways:
- where you register for an account or to receive emails from us;
- when you order products or services from us
- when you submit a query or request to us
- when you respond to a survey that we run or fill in forms on one of our websites
- by tracking your use of our websites and mobile applications
- from public sources
- from the examination of public and private blockchains
- from third parties who are entitled to disclose that information to us
- when you apply for a job with us
In some cases, we may be required by law to collect certain types of personal data about you.
Where we collect personal data from you, we will do so ourselves. However, in some cases, we may collect personal data from a third party, such as through your representatives, contractors who provide services to us, or third parties who refer you to us because they think you may be interested in our products or services.
Types of personal data we collect
The types of personal data that we collect and hold about you may include:
- identifying information, such as your name and date of birth, as well
- ID documentation such as a passport or other government-issued photo identification and proof of address documentation such as a utility bill or bank statement
- contact information, such as your postal address, email address and telephone number
- social media handles and other social media profile information that you make available to us or to the public
- public financial information, such as credit card, bank account or other payment details, which DO NOT give access to you funds
- blockchain identifiers, such as blockchain addresses and public keys
- emails and passwords that you create when registering for an account with us
- details of any products or services that we provide to you
- information about how you use the products and services we provide
- records of our communications with you, including any messages you send us
Without this information, we may not be able to provide you with our products or services (or with all of the features and functionality offered by our products or services) or to respond to queries or requests that you submit to us.
Purposes for which we use personal data
We use personal data that we collect about you for the following purposes:
- to verify your identity when you are dealing with us
- to determine your eligibility for any of our products or services
- to determine your compliance with the terms and conditions that apply to any of our products or services and applicable law
- to enable us to provide our products and services
- to improve our website based on your information and feedback
- to answer your queries and requests
- to comply with our legal and regulatory obligations
- to carry out market analysis and research
- to monitor use of our products and services
- to assess, maintain, upgrade and improve our products and services
- to carry out education and training programs for our staff
- to manage and resolve any legal or commercial complaints or issues
- to carry out planning and forecasting activities and other internal business processes
- to keep you informed about our activities, including by sending out newsletters
We may from time to time use your personal data to send you marketing materials about products or services that we think you may be interested in (including in some cases products and services that are provided by a third party). We may not use your data unless we have received your consent. You can opt-out of receiving marketing communications from us by contacting us at email@example.com.
We may use your following personal data for direct marketing:
- identifying information, such as your name and date of birth
- contact information, such as your postal address, email address and telephone number
- products and services portfolio information and demographic data held by us from time to time
We may use your personal data to market the following products and services to you:
- creating, purchasing and trading digital assets
- software and hardware wallets for holding digital assets
- other products or services related to digital assets
If we use your personal data in any direct marketing communications, you have the right to request that we provide you with the source of that personal data. There is no fee for requesting this information. We will provide you with the source of the personal data unless it is impracticable or unreasonable to do so.
Please indicate your consent to receiving information relating to the above by contacting us at firstname.lastname@example.org.
We may also use and disclose your information for other purposes under your requests or instructions.
People to whom we disclose personal data
We may share personal data about you with:
- your representatives, advisers, and others you have authorized to interact with us on your behalf
- our staff who need the information to discharge their duties
- related entities within our corporate group
- our business partners, agents and service providers
- prospective purchasers of all or part of our business or shares in our company or a related entity
- professional advisers who we engage to provide advice on our business
- government authorities who request us to disclose that information only due to a related court decision, or to other people as required by law
In some cases, the people to whom we disclose your personal information may be located overseas. Further, we may have servers located overseas. The jurisdictions in which these people and servers are likely to be located include Hong Kong, Georgia, Estonia, Russia, the United States of America, and the United Kingdom. There may not be in place data protection laws, which are substantially similar to or serve the same purposes as the applicable data privacy laws in Hong Kong. This means your personal information may not be protected to the same or similar level in Hong Kong. We will never sell your personal data to any third party.
Storage and security of personal data
We store the personal data that we collect in electronic databases, some of which may be held on our behalf by third party data storage providers. Sometimes we also keep hard copy records of this personal data in physical storage facilities. We use a range of physical and technical security processes and procedures to protect the confidentiality and security of the information that we hold, and we update these from time to time to address new and emerging security threats that you become aware of.
We also take steps to monitor access to and modification of your information by our staff, and ensure that our staff is aware of and properly trained in their obligations for managing your privacy.
The information generated by the cookie about your use of our website (including your IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of evaluating your use of the website, compiling reports on website activity for website operators and providing other services relating to website activity and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google.
Retention of personal data
Your personal data will not be kept longer than required.
We may retain your personal data for 5 years. At our discretion, we may retain personal data for longer than the said period if we consider it necessary or desirable to do so to meet our legal or regulatory obligations.
Access and correction
If you want to access any of the personal data that we hold about you or to correct some aspect of it (e.g., because you think it is incomplete or incorrect), please contact our privacy compliance team using the contact details set out below. To protect the integrity and security of the information we hold, we may ask that you follow a defined access procedure, which may include steps to verify your identity. In certain cases, we may charge you an administration fee for providing you with access to the information you have asked for, but we will inform you of this before proceeding. There may be cases where we are unable to provide the information you request, such as where it would interfere with the privacy of others or result in a breach of confidentiality. In these cases, we will let you know why we cannot comply with your request.
Even if you do not request access to and/or correct your personal data held by us, if we are satisfied that, having regard to the reasons for which we hold your personal data, that personal data is inaccurate, incomplete, out-of-date, irrelevant or misleading, we may take reasonable steps to correct that information.
By using our site, providing personal data and using any of our products or services, you agree that:
- if you have provided personal data to us relating to any other person, you:
- have a right to provide that information;
- each such person has agreed to those terms.
We try to meet the highest standards to protect your privacy. However, if you are concerned about the way in which we are managing your personal data and think we may have breached any applicable privacy laws or any other relevant obligation, please contact our privacy compliance team using the contact details set out below. We will make a record of your complaint and refer it to our internal complaint resolution department for further investigation. We will deal with the matter as soon as we can, and keep you informed of the progress of our investigation.
If we have not responded to you within a reasonable time or if you feel that your complaint has not been resolved to your satisfaction, you are entitled to make a complaint to the Hong Kong Privacy Commissioner for Personal Data.
Changes to this policy
We may make changes to this policy from time to time, to take into account changes to our standard practices and procedures or where necessary to comply with new laws and regulations. The latest version of this policy will always be available on our website.
If you want any further information from us on privacy matters, please contact our privacy compliance team at email@example.com.