Duality Banx Privacy Policy

Duality Banx is committed to protecting individual’s safety and privacy, and takes its responsibilities regarding the security of individual’s personal data very seriously. This privacy policy explains what personal data we collect about individuals, how and why we use it, who we disclose it to, and how we protect your privacy.

1. This policy

This policy (and any documents referred to in it) sets out the basis on which we process data about individuals including anyone who visits our website (“Website Visitors”).

Duality Banx reserves the right to make amendments to this policy from time to time. Any changes to this policy will be posted on this page. Please check back frequently to see any updates or changes to our privacy policy.

2. Who is responsible for your data

References in this Privacy Policy to “Duality Banx”, “we”, “us” or “our” mean Duality Banx Limited (a company registered in England and Wales with registration no 10759318 and registered office at 6 Heatherlands Heathfield Avenue, Ascot, England, SL5 0AN). We control the ways your personal data are collected and the purposes for which your personal data are used by Duality Banx. Duality Banx is the “data controller” for the purposes of the UK Data Protection Act 2018, the General Data Protection Regulation (EU) 2016/679 (the “GDPR”) (each as amended or replaced) and other applicable European data protection legislation (together the “Data Protection Legislation”).   

Our Privacy Policy applies to the personal data that Duality Banx collects and uses.

3. Personal data we collect about you

When using the term “personal data” in our Privacy Policy, we mean information that relates to you and allows us to identify you, either directly or in combination with other information that we may hold. Your personal data may include for example your name, your contact details and date of birth.

4. How we collect data about you

We gather data about Website Visitors from our website.

We collect data from Website Visitors in two main ways: (1) the data that you give to us on any forms on the website; and (2) the data we collect about you using cookies and similar technologies (see below).

5. Categories of data we collect

The categories of data that we collect about you include your first name, last name, email address, phone number and survey data such as how much (in currency transfers) do you transfer per year and at what frequency, ‘currency pairs of interest’, and whether you would like a service allowing you to convert at an exchange rate of your choice and earn interest.

The lawful basis for this processing of data is that you have either consented for us to process it or it is within our legitimate interest to collect information about customers who may be interested on our products and communicate with them and market directly to them. 

6. Special categories of data

Duality Banx does not collect any “Special Categories of data” that could reveal information such as racial or ethnic origin, sexual orientation, political opinions physical or mental health, religious or philosophical beliefs, trade union membership or genetic or biometric data).

7. Disclosure of your personal information

We may disclose your personal data, in various ways and for various reasons, with the following categories of people:

• tax, audit or other authorities, when we believe in good faith that the law or other regulation requires us to share this data (for example, because of a request by a tax authority or in connection with any anticipated litigation);

• we may disclose your personal information to any member of our group, which means our subsidiaries, our ultimate holding company and/or its subsidiaries;

• a third party who acquires us or substantially all of our assets;

• third party service providers who perform functions on our behalf (including professional advisors such as lawyers, auditors, accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems);

• our cloud based storage provider and other IT systems (e.g. Amazon Web Services, G-Suite).  

8. Transferring your information internationally

Duality Banx may need to transfer your information globally. We want to make sure your information is stored and transferred in a way which is secure. We will therefore only transfer data outside for the European Economic Area (“EEA”) (i.e. the member states of the European Union, together with Norway, Ireland and Liechenstein) where it is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your data, for example:

• By way of data transfer agreement, incorporating the current standard contractual clauses adopted by the European Commission for the transfer of personal data by controllers in the EEA to controllers and processors in jurisdictions without adequate data protection laws;

• By signing up to the EU-US Privacy Shield Framework for the transfer of personal data from entities in the EU to entities in the USA or any equivalent agreement in respect of other jurisdictions; or

• Transferring your data to a country where there has been a finding of adequacy by the European Commission in respect of that country’s levels of data protection via its legislation; or

• Where it is necessary for the conclusion or performance of a contract between you and us or the implementation of pre-contractual measures taken at your request; or

• Where you have consented to the proposed transfer, after having been informed of the possible risks of such transfers.

9. Retaining/Deleting your information

We only keep your information for as long as it is necessary to fulfil the purpose for which it was collected.

We use the following criteria to determine how long we need to keep your data:

• Whether the purpose has been fulfilled, e.g. you are no longer a customer or interested in our products;

• To comply with company record keeping obligations including keeping of accounting records;

• To represent our interactions with you in the event that a complaint is made against us; and

• Whether we consider the data may need to be retained for legal or regulatory purposes.

10. Security

We will use technical and organisational measures to safeguard your information, for example we rely on the security measures provided by G-Suite, AWS and we use password protection where necessary.

11. Cookies, Pixels, Local Storage and other similar technologies

We have outlined below the individual cookies we use and why we use them:

Cookie Name	Expiry Period	Purpose	More Information
ga	2 years	Used by Google Analytics to distinguish users.	Google Analytics Cookie Usage
_gat	10 minutes	Used by Google Analytics to throttle request rate.	Google Analytics Cookie Usage
__cfduid	2 years	Used by Cloudfare to distinguish users	Cloudfare Cookie Policy
n/a	2 years	Used by Mixpanel for user analytics	Mixpanel Privacy Policy

12. Third Party Properties

Our platform and website may contain links to and from the online properties of third parties. If you follow a link to any of these online properties, please note that these online properties have their own privacy policies and that we cannot and do not accept any responsibility or liability for these policies or for any personal data that may be collected through these online properties. Please check these policies carefully before you click on any links and/or submit any personal data to these online properties.

13. Your rights

You have the following rights in relation to your information:

• 13.1 Right to request a copy of your information.
  You can request a copy of your information which we hold (this is known as a subject access request).
• 13.2 Right to correct any mistakes in your information.
  You can require us to correct any mistakes in your information which we hold.
• 13.3 Right to request we stop processing your information.
  In certain circumstances, you may request that we cease processing your information.
• 13.4 Right to request deletion of your information.
  You can ask us to erase your information (also known as the “right to be forgotten”) in certain circumstances.
• 13.5 Right of data portability.
  You have the right to transfer your personal data between data controllers in certain circumstances.

If you would like to request any of the above, please contact us at admin@dualitybanx.com to make any such requests. We will comply with the Data Protection Legislation in responding to any such requests.

14. Right to lodge a complaint

If you have any complaints about the way in which we collect, store and use your information, you can contact the supervisory authority in the United Kingdom, the Information Commissioner’s Office: https://ico.org.uk/concerns

Policy last updated: July 1^st 2019