Privacy Policy
(last update on 10.28.2022)
Introduction.
Your privacy is important to Eliantus. We believe that you should always be aware of what data we collect from you and how we use it. This Privacy Policy is designed to help you understand how Eliantus (“Eliantus.”, “we”, “the company” or “the Controller”) collects, uses, processes and discloses the information and personal data that you provide. when accessing, using its website, www.elientus.com, or using the services that Eliantus provides to you through its website.
The treatment of personal data of Eliantus is articulated around two principles for you as a user:
Transparency. We will always keep you informed of our practices in the privacy environment of your personal data.
Security. While we cannot promise perfection, we have implemented security tools designed to protect your information in accordance with industry standards and as required by applicable law.
Responsible for personal data processing.
The person in charge of the Treatment of Personal Data is the commercial entity Eliantus, S.L., provided with the CIF B87485983
Eliantus takes the privacy and security of its Users very seriously, guaranteeing the confidentiality of the Personal Data to which it has access. The processing of personal data will always be carried out in accordance with this Privacy Policy and the privacy and data protection legislation applicable at all times.
The Person Responsible for the Treatment of Personal Data guarantees Users that it will always apply the applicable technical and organizational security measures established in current legislation, given the nature of the Personal Data processed and the circumstances of the processing, as well as those that are advisable given the state of technology, guaranteeing the integrity, security and confidentiality of Personal Data.
Object and general information.
Both access to and use of the website www.eliantus.com, and access to and use of the application will be governed by the provisions of this Privacy Policy, as well as by the General Legal Conditions of Use and the Cookies Policy, which The User accepts and agrees to respect, and by the applicable privacy and data protection legislation at all times.
Please read all three documents carefully before using the website or application.
1.- Personal data processed.
Eliantus will collect and process the Personal Data of users, registered or not on the website or in the application, in accordance with the provisions of this Privacy Policy, as well as under the specific data protection clauses for certain products or services that may be applicable in each case
1.1.- Complaints
You have the right to lodge a complaint about the way we process your personal data with a supervisory authority. If you reside in an EEA Member State, you have the right to lodge a complaint about the way we process your personal data with the supervisory authority of the EEA Member State of your habitual residence, place of work or place of alleged infringement.
However, we would appreciate the opportunity to address your concerns before you approach a data protection regulatory authority, so please do not hesitate to contact us in the first instance.
1.2.- Our duties and your duties in case of changes
We keep our Privacy Notice under regular review. This version was last updated on the date indicated above. Check periodically the new versions of the Privacy Notice. We will also further inform you of material changes to this Privacy Notice in a way that will effectively draw your attention to the changes. It is important that the personal data we hold about you is accurate and up to date. Please keep us informed if your personal data changes during your relationship with us.
1.3.- Third party links
The Site and any applicable web browser, Application or application programming interface required to access the Services (“Applications”) may include links to third party websites, plug-ins and applications (“Third Party Sites”). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these Third Party Sites and are not responsible for their privacy statements and policies. When you leave our Site or Applications, we encourage you to read the notice or privacy policy of each Third Party Site you visit or use.
2.- What data we collect about you
2.1.- Personal information
Personal data or personal information means any information relating to an identified or identifiable living person. This is a broad definition that includes the specific personal data that we have described below. It does not include data that cannot be used to identify an individual person, such as a company registration number.
A “data subject” is an individual who can be identified, directly or indirectly, by personal data. This is usually by reference to an identifier such as a name, identification number, location data, an online identifier, or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person.
The different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data. It does not include data where the identity has been removed (anonymous data).
Depending on whether and how you use our Services, or the Site, we will collect, use, store and transfer different types of personal data about you which we have grouped into categories as follows:
|
Category of personal data |
Examples of specific personal data |
|
Identity data |
|
|
Social identity data |
|
|
Contact details |
|
|
Financial data |
|
|
Transactional data |
|
|
Technical data |
|
|
Profile data |
|
|
Usage Data |
|
|
Marketing and Communications Data |
|
2.2.- Special categories of personal data
Certain types of sensitive personal data are subject to additional protection under the laws applicable to you. These are called “special categories” of personal data. The special categories are:
- Personal data that reveals racial or ethnic origin.
- Political opinions.
- Religious or philosophical beliefs.
- Union membership.
- Genetic data and biometric data processed for the purpose of unequivocally identifying a natural person.
- Data related to health.
- Data relating to the sexual life or sexual orientation of a natural person.
We will only use special categories of personal data for a specific purpose and if we are able to satisfy the legal basis requirements set out below, as well as at least one of the following additional conditions:
- You have given your explicit consent.
- Processing concerns personal data that you manifestly make public.
- Processing is necessary for the establishment, exercise of defense of legal claims.
- Processing is necessary for reasons of substantial public interest based on EU or EU Member State law. We are subject to the EU Anti-Money Laundering Directives and the laws of the relevant EU Member States implementing them, which require us to process, for example, information from your identity documents, including a photograph of you and a visual image of your face (so-called “life check”).
2.3.- If you refuse to provide personal data
Where we need to collect personal data by law, or under the terms of a contract we have with you, and you refuse to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you. you, for example, to provide Services to you. In this case, we may have to cancel a product or service you have with us, but we will notify you if this is the case at the time.
3.- How we collect your data
We use different methods to collect information from and about you, including through:
3.1.- Direct interactions. You can provide us with your Identity Data, Social Identity Data, Contact Data, Financial Data, [Profile Data](#profile -data) and Marketing and Communications Data by interacting directly with us, including by filling in forms, providing a visual image of yourself through the Service, by email or otherwise. This includes personal data you provide when:
- visit our Site or Application;
- request our Services;
- create an account;
- make use of any of our Services;
- request marketing to be sent to you, for example by subscribing to our newsletters;
- participate in a contest, promotion or survey, including through social media channels;
- give us your opinion or contact us.
3.2.- Technologies or automated interactions. As you interact with us through our site or app, we will automatically collect technical data about your equipment, browsing actions, and patterns. We collect this personal data through the use of cookies, server logs and other similar technologies. We will also collect transactional data, investment data and usage data. We may also receive Technical Data and Marketing Data and communications about you if you visit other websites that use our cookies. You can find more information about how we use cookies through the Cookie Policy.
3.3.- Third parties or publicly available sources. We also obtain information about you, including social identity data, from third parties or publicly available sources. These sources may include:
- fraud and crime prevention agencies,
- a client who recommends you,
- public blockchain,
- publicly available information on the Internet (websites, articles, etc.)
4.- How we use your data
4.1.- Legal basis
We will only use your personal data when applicable law allows us to. In other words, we have to make sure that we have a legal basis for such use.
In general, we will use your personal data in the following circumstances:
We will only use your personal data when the law allows us to. In general, we will use your personal data in the following circumstances:
- performance of a contract: means processing your data where it is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into such a contract; we use this basis for the provision of our Services;
- legitimate interests: means our interests (or those of a third party), where we ensure to use this basis to the extent that your individual interests and rights do not override those interests;
- compliance with a legal obligation: means processing your personal data where we need to comply with a legal obligation to which we are subject;
- consent: means the freely given, specific, informed and unequivocal indication of your wishes by which you, by means of a statement or clear affirmative action, express your agreement to the processing of personal data relating to you; in specific circumstances, this consent must be explicit; if this is the case, we will request it accordingly.
5.- Purposes for which we will use your personal data.
We have set out below, in table format, a description of all the ways we plan to use your personal data, and on which legal bases we rely to do so. We have also identified what our legitimate interests are in your case.
Please note that we may process your personal data for more than one legal ground depending on the specific purpose for which we are using your data. Please contact us if you require details of the specific legal ground we are relying on to process your personal data where more than one ground has been set out in the table below:
|
Object and/or activity |
Categories of personal data |
Legal basis for processing |
|
To register as a new customer |
|
|
|
To carry out and comply with anti-money laundering requirements |
|
|
|
To process and provide you with our Services and any features of the Application, including executing, managing and processing any instructions or orders you place. |
Identity data
|
|
|
To prevent abuse of our Services and promotions |
|
|
|
To administer our relationship with you, including asking you to leave a review, conducting a survey, or keeping you informed about our company’s product and business development. |
|
|
|
To administer, process, collect and transfer payments, fees and charges, and to collect and recover payments owed to us |
|
|
|
To ensure proper handling of our payments, fees and charges, and the collection and recovery of payments belonging to us |
|
|
|
To manage risk and crime prevention, including anti-money laundering, counter-terrorism, sanctions detection, fraud and other background checks, detection, investigation, reporting and prevention of financial crime broadly, compliance with laws and regulations that apply to us and response to complaints. and solve them |
– data that can be revealed by KYC or other background checks (for example, because it has been reported in the press or is available in public records); – data that is disclosed incidentally by photo identification, although we do not intentionally process this personal data |
|
|
To allow you to enter a sweepstakes, contest or complete a survey |
|
|
|
To collect market data to study customer behavior, including their preferences, interests, and how they use our products/services, determine our marketing campaigns, and grow our business. |
|
|
|
To administer and protect our business, our site, apps and social media channels, including banning, troubleshooting, data analysis, testing, system maintenance, support, reporting, data hosting. |
|
|
|
To deliver relevant website content and advertisements to you and to measure or understand the effectiveness of the advertising we serve to you. |
|
|
|
To use data analysis to improve our website, products/services, marketing, customer relations and experiences |
|
|
|
To make suggestions and recommendations about goods or services that may be of interest to you |
|
|
|
To use the services of social media platforms or advertising platforms, some of which will use the personal data they receive for their own purposes, including marketing purposes. |
|
|
|
Use the services of financial institutions, crime and fraud prevention companies, risk measurement companies, which will use the personal data they receive for their own purposes in their capacity as independent controllers |
|
|
|
To record voice calls for compliance, quality assurance, and training purposes |
|
|
5.1.- Marketing
We may use your Identity Data, Contact Data, Technical Data, Transactional Data, Investment Data, Usage Data and Profile Data to form an idea of what we think you may want or need, or what may be of interest to you. . This is how we decide which products, services and offers may be relevant to you (we call this marketing).
You will receive marketing communications from us if you have requested information from us and consented to receive marketing communications, or if you have purchased from us and have not opted out of receiving such communications. We will use your marketing and communications data for our respective activities.
5.2.- Marketing of third parties
We will obtain your consent before sharing your personal data with third parties for marketing purposes.
5.3.- Opting out
You can ask us to stop sending you marketing messages at any time by following the opt-out links in any marketing message we send you.
In addition, you can tell us directly that you prefer not to receive any marketing messages by sending an email to info@eliantus.com.
When you opt out of receiving marketing messages, this will not apply to service messages that are directly related to the use of our Services (for example, maintenance, change in terms and conditions, etc.).
5.4.- Cookies
You can set your browser to refuse all or some browser cookies, or to alert you when websites set or access cookies. If you disable or reject cookies, please be aware that some parts of the Services or the Site may become inaccessible or may not function properly. For more information about the cookies we use, see the Cookie Policy.
5.5.- Change of purpose
We will only use your personal data for the purposes for which we collected it, unless we reasonably believe that we need to use it for another reason and that reason is compatible with the original purpose. If you would like an explanation of how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your personal data for an unrelated purpose, we will notify you and explain the legal basis that allows us to do so.
5.6.- Sale or transfer of business
We may also need to process your data in connection with or during the negotiation of any merger, financing, acquisition, bankruptcy, dissolution, transaction or proceeding involving all or any part of our shares, business or assets. This will be based on our legitimate interests to carry out such a transaction or to comply with our legal obligations.
6.- Disclosure of your data
We share your personal data with our third party service providers, agents, subcontractors and other partner organizations, our group companies and affiliates (as described below) to complete tasks and provide the Services and use of the application. When using third party service providers, they are required to respect the security of your personal data and to treat it in accordance with the law.
We may pass your personal data to the following entities:
- companies and organizations that help us process, verify or refund transactions/orders you place and provide any of the Services you have requested;
- identity verification agencies to perform required verification checks;
- fraud or crime prevention agencies to help fight crimes such as fraud, money laundering and terrorist financing;
- anyone to whom we transfer or may lawfully transfer our rights and obligations under the relevant terms and conditions governing your use of any of the Services;
- any third party due to any restructuring, sale or acquisition of our group or any affiliate, provided that any recipient uses the information from him or her for the same purposes that we originally provided and/or used; Y
- regulatory and law enforcement authorities, whether outside or within the EEA, where we are permitted or required by law to do so.
7.- Data security
While there is inherent risk in any information shared over the Internet, we have put appropriate security measures in place to prevent your personal data from being accidentally lost, used, damaged or accessed in an unauthorized or unlawful manner, modified or are disclosed. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a legitimate business need to know. They will only process your personal data following our instructions and are subject to a duty of confidentiality.
Depending on the nature of the risks presented by the proposed processing of your personal data, we will implement the following appropriate security measures:
- organizational measures (including, but not limited to, staff training and policy development);
- technical measures (including, but not limited to, physical data protection, pseudonymization, and encryption); Y
- ensuring continued availability, integrity and accessibility (including, but not limited to, ensuring that adequate backup copies of personal data are maintained).
We have put in place procedures to deal with any suspected personal data breach and will notify you and any relevant regulator of a breach where we are legally required to do so.
8.- Data conservation
To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether you can achieve those purposes through other means, and applicable legal, regulatory, tax, accounting or other requirements.
Here are some exemplary factors that we generally consider when determining how long we need to retain your personal data:
- in case of complaint;
- if we reasonably believe that there is a possibility of litigation in relation to our relationship with you or if we believe that we need to retain the information to defend ourselves against possible future legal claims (for example, email addresses and content, chats, letters will be kept for up to 10 years after the end of our relationship, depending on the statute of limitations applicable in your country);
- to comply with applicable legal and/or regulatory requirements with respect to certain types of personal data:
- under EU anti-money laundering legislation (Anti-Money Laundering Directives), we are required to retain your personal data for a period of 5 years after the end of the relationship between us as a company and you as a company. client; This period may be extended in certain cases if so provided and in accordance with the applicable legislation;
- if information is needed for audit purposes etc.;
- in accordance with relevant industry standards or guidelines;
- in accordance with our legitimate business need to prevent abuse of the promotions we run. We will retain a customer’s personal data during the time of the promotion and for a certain period after its completion to prevent the occurrence of abusive behavior.
Please note that under certain conditions you can ask us to delete your data – see your legal rights below for more information. We will honor your deletion request ONLY if the conditions are met.
9.- Your legal rights
You have rights of which we must inform you. The rights available to you depend on our reason for processing your personal data. If you need more detailed information or wish to exercise any of the rights set forth below, please contact us.
Can:
- request access to your personal data, which allows you to obtain confirmation of whether we are processing your personal data, to receive a copy of the personal data we hold about you and information about how we use your personal data;
- request rectification of your personal data by asking us to rectify information you believe is inaccurate and to complete information you believe is incomplete, although we may need to verify the accuracy of the new data you provide to us;
- request deletion of your personal data by asking us to delete the personal data we hold about you; Please note, however, that we may not always be able to comply with your erasure request for specific legal reasons that will be notified to you;
- object to the processing of your personal data, where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation that makes you want to object to the processing on this ground, as you believe it affects your rights and fundamental freedoms; in some cases, we may demonstrate that we have compelling legitimate grounds for processing your information that override your rights and freedoms; You also have the right to object where we process your personal data for direct marketing purposes;
- require that decisions be reconsidered if they are made solely by automated means, without human involvement; we use automated tools to ensure that you are eligible to be our client based on our interests and legal obligations; if these automated tools indicate that you do not meet our acceptance criteria, we will not onboard you as our client;
- request the restriction of the processing of your personal data, which allows you to ask us to suspend the processing of your personal data, if you want us to establish the accuracy of the data; when our use of the data is unlawful, but you do not want us to delete it; where you need us to keep the data, even if we no longer need it, as you need it to establish, exercise or defend legal claims, or if you have objected to our use of your data, but we need to verify whether we have an overriding legitimate right and grounds for use it;
- request the transfer of your personal data to you or a third party, and we will provide you, or a third party you have chosen (where technically feasible), your personal data in a structured, commonly used and machine-readable format; Please note that this right only applies to automated information that you initially consented to us using or where we use the information to perform a contract with you;
- withdraw consent at any time where we are relying on consent to process your personal data; however, this will not affect the lawfulness of any processing carried out before you withdraw your consent; if you withdraw your consent, we may not be able to provide you with certain products or services, but we will inform you if this is the case at the time you withdraw your consent;
- complain to the IDPC, ICO, DPC or any relevant authority about any perceived infringement and seek damages in court.
9.1.- Generally no fee is required
You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is manifestly unfounded or excessive. Alternatively, we may refuse to comply with your request in these circumstances.
9.2.- Deadline to respond to a legitimate request
The legal period under GDPR for us to respond to a legitimate request is one month. Said term may be extended by two more months if necessary, taking into account the complexity and number of requests.
Please note that we may ask you to provide certain details necessary to verify your identity when you request to exercise a legal right in respect of your personal data.
10.- Changes and updates in the Privacy Policy
This Privacy Policy is effective as of the effective date set forth above. Eliantus reserves the right to change this Privacy Policy always in accordance with the applicable laws regarding Data Protection in Spain and Europe. If we make changes to this Privacy Policy, we will notify you through a notice on our website or also, if applicable, through a communication via e-mail or notification in your user area.
In any case, the heading of this Privacy Policy will contain the date of the last update.
By continuing to access or use the Eliantus Services after such changes or updates have been made, you agree to be bound by the revised Privacy Policy.
11.- Contact
If you have questions about this Privacy Policy or about the use of your personal data, or if you wish to correct or delete data, please send an email to info@eliantus.com.