HXR Privacy Policy
Privacy Policy
This Privacy Policy is effective as of July 20, 2022
1. INTRODUCTION
HXR QUANT HOLDINGS LIMITED (“HXR”, “we”, “us” or “our”) provides software as a service, which allows you to utilize
several functionalities for managing their cryptocurrency holding across different accounts, including SmartTrade
Terminal and automated Trading Bots. This Privacy Policy explains the principles on how HXR QUANT HOLDINGS LIMITED as
the personal data controller collects and processes your (“you”) personal data when you visit the
website https://hxr.com (“Website”) and in relation to the provision of the Software. In case you act as the Signals
Provider, please see our privacy notice for signals providers.
Capitalised terms used in this Privacy Policy are used in the meaning given to them in the Terms of Use unless otherwise
expressly set out herein.
2. DATA WE COLLECT
We have set out in the table below the categories of personal data we collect and use about you:
| | | |
| --- | --- | --- |
| | Category of personal data | Data collected |
| When you visit our Website or contact with us | Technical Data |
Upon visiting our Website, we process technical data related to your usage of the Website, including but not limited to
IP address, device name, operating system version, the configuration of the app when utilizing our Service, the time and
date of your use of the Service, referring URL, access tokens, session key, amount and state of transferred data, and
other statistics. This information can be related to you, therefore, Personal Identification Information can be
processed as well. These data may also be processed as anonymized statistical data.
|
| Cookie Data |
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to
your browser from the websites that you visit and are stored on your device’s internal memory.
We apply cookies on the Website, for optimising the Website and its functionalities.
|
| Communication Data |
In case you interact with us via our Website live chat, e-mails and sign-up forms, HXR Facebook page, HXR Youtube
channel, HXR Twitter page, HXR Telegram group, HXR Telegram channel or any other official social media account, we
process, in addition to Personal Identification Information (limited in case of contacting via social media), also the
contents of your message.
|
| When you use the Software | Personal Identification Information |
Name, e-mail address, 2FA key, IP address, KYC token, language, Gravatar image, if you choose to sign up via Facebook,
we collect your Facebook UID, Facebook profile name, Facebook e-mail.
|
| Financial and Transaction Data |
Exchange Account username, API key, API secret, passphrase, transaction data (date/time/amount of transaction),
transaction request/response, Referral status.
|
|
When you visit our Website or contact with us or use the Software via the Google OAuth
|
Personal Identification Information
|
For login request we need collect your Google Gmail address.
|
|
Technical Data
|
Upon visiting our Website, we process technical data related to your usage of the Website, including but not limited to
IP address, device name, operating system version, the configuration of the app when utilizing our Service, the time and
date of your use of the Service, referring URL, access tokens, session key, amount and state of transferred data, and
other statistics. This information can be related to you, therefore, Personal Identification Information can be
processed as well. These data may also be processed as anonymized statistical data.
|
|
Cookie Data
|
Cookies are files with a small amount of data that are commonly used as anonymous unique identifiers. These are sent to
your browser from the websites that you visit and are stored on your device’s internal memory.
We apply cookies on the Website, for optimising the Website and its functionalities.
|
|
Communication Data
|
In case you Login our Website or use the Software via the Google OAuth then interact with us via our Website live chat,
e-mails and sign-up forms. We process, in addition to Personal Identification Information, also the contents of your
message.
|
|
Financial and Transaction Data
|
Exchange Account username, API key, API secret, passphrase, transaction data (date/time/amount of transaction),
transaction request/response, Referral status.
|
The personal data we process is collected from one of the following sources:
- he data is disclosed by you directly to us;
- we receive the data from your Exchange Account provider due to you connecting your Exchange Accounts to the Client
Account;
- we receive the data from social media service provider due to you registering or contacting with us via your
existing social media account;
- we receive the data from the payment service provider due to you concluding the Purchase Agreement and paying for
the Subscription;
- we receive Technical Data automatically from your browser, our servers and systems;
- Google OAuth. For login request we need collect your Google Gmail address when you use Google OAuth to login our
Website or use our Software. For more information, please visit Google API Services User Data Policy, All apps that
access Google APIs must follow this Policy.
3. What we use your personal data for
We have set out in the table below the reasons why we process your personal data:
| | | |
| --- | --- | --- |
| Purpose for processing | Category of personal data processed | Legal basis |
| Client authentication | Personal Identification Information | Performance of the Terms of Use |
| Client identity verification (KYC) for recovery | Personal Identification Information | Performance of the Terms of
Use |
| Client’s transaction history | Financial and Transaction data | Performance of the Terms of Use |
| Responding to your enquiries and requests submitted via the website, sign-up forms, live chat or e-mail or any social
media platforms | Communication Data, however, depending on the nature of your enquiry we can process all the data
indicated in Section 2 above | In case your question clearly relates to matters connected to the Terms of Use, Client
Agreement or Purchase Agreement we process the data for the performance of the Contract. In other cases, we rely on our
legitimate interests in ensuring effective relations management with all the interested parties in our Software and
services |
| Client invoicing for the Purchase Agreement or for mediating your payments to Signals Providers (no personal data are
shared with Signals Providers) | Personal Identification Information, Financial and Transaction Data | Performance of
the Purchase Agreement or our legitimate interest in performing the Signaller Agreement concluded with the Signals
Provider |
| Transfer of funds from a payment service provider to your Client Account and making out payments upon your withdrawal
request via payment service provider | Financial and Transaction Data, Personal Identification Information | Performance
of the Terms of Use |
| Enabling your use of the Trial | Personal Identification Information | Performance of the Trial Terms |
| Enabling the Software and its functionalities | Personal Identification Information, Financial and Transaction Data |
Performance of the Terms of Use and if relevant performance of the Purchase Agreement |
| Sending newsletters to your e-mail | Personal Identification Information | Consent |
| Providing you with notifications via your chosen channel (for example, mobile app, e-mail, Website, Telegram Bot) |
Personal Identification Information | Consent given for the specific notification channel |
| Direct marketing campaigns - Client marketing campaigns in relation to the Software, its functionalities and products
already provided to you | Personal Identification Information, Financial and Transaction Data (mainly the transaction
activity) | Our legitimate interest in providing you with information relating to the services and products you have
previously sourced from us |
| Processing data for predictive analytics and insights, improvement and development of the Software | All of the data
categories indicated in Section 2 above | Our legitimate interest in improving and developing the Website and the
Software within the course of our business activities or performance of the Terms of Use |
| Diagnosing and repairing technical issues related to the Software and the Website | Technical Data | Our legitimate
interest in providing data security and preventing fraudulent actions related to the Software and the Website; ensuring
the functioning of the Software and the Website |
| Storing information containing personal data in backup systems | All of the data categories indicated in Section 2
above | Our legitimate interest in ensuring the security of data processing operations |
| Data disclosures to potential acquirers of HXR business, including legal advisors, auditing service providers in case
of a merger, acquisition or selling the whole or part of our business | All of the data categories indicated in
Section 2 above | Our legitimate interest in ensuring proper due diligence process and business continuity |
| Data disclosures to our service providers | All of the data categories indicated in Section 2 above | Our legitimate
interest in utilising the information technology infrastructure and services provided by our co-operation partners |
| Mandatory disclosures to law enforcement and data protection authorities | All of the data categories indicated in
Section 2 above | Performance of our legal obligation |
4. SHARING YOUR PERSONAL DATA
Any data you provide will not be publicly displayed or shared to other Website visitors or clients. Certain employees of
HXR have access to personal data to the extent necessary for the performance of their work duties.
We use third party processors and separate data controllers to help provide our service. They will have access to your
personal data as reasonably necessary to perform these tasks on our behalf and are obligated not to disclose or use it
for other purposes.
We have set out in the table below the reasons why and with whom we share your personal data:
| | | |
| --- | --- | --- |
| Categories of Recipients | Reason for sharing | Type of recipient |
| Service providers | We work with service providers that work on our behalf which may need access to certain personal
data to provide their services to us. These companies include those we have hired to operate the technical
infrastructure that we need to provide service, assist in protecting and securing our systems and services, and help
market our service. Standard contractual clauses, or other applicable means, are applied to ensure the safeguard of the
transfer. | Data processors |
| Advertising partners | We work with advertising partners to enable us to customize the advertising content you may
receive. These partners help us deliver more relevant ads and promotional messages to you, which may include
interest-based advertising (also known as online behavioral advertising), contextual advertising, and generic
advertising. We and our advertising partners process certain personal data to help us understand your interests or
preferences so that we can deliver advertisements that are more relevant to you. Standard contractual clauses, or other
applicable means, are applied to ensure the safeguard of the transfer.We also provide you promotional e-mail campaigns
related to our services (educational videos etc.) by using e-mail campaign service provider. In order to do this we may
transfer your e-mail address to such service provider so that they can send you the materials. | Data Processors |
| Professional advisors (legal advisors, accounting etc. bound to confidentiality) | In case not operating as data
processors, the legitimate interests in conducting and supporting our regular business activities. | Data Processors |
| Potential business acquirers and business transferee(s) | If necessary and required for successfully transferring our
business or for the purposes of mergers and acquisitions, your Personal data may be disclosed to the specified acquirers
and their representatives and / or legal counsels.This is done based on our legitimate interests to sell and reorganize
our business activities. | Separate data controllers |
In addition to the information provided in the table above, in some cases, we may transfer your personal data. We shall
opt to use special personal data protection safeguards, in order to ensure the safety of your personal data, and all the
transfer or sharing must be under the law.
5. ENSURING THE SECURITY OF PERSONAL DATA
We have taken necessary technical and organizational security measures to protect your personal data against accidental
or unlawful destruction, loss or alteration and against the unauthorized disclosure, abuse or other processing in
violation of applicable law. We also encourage you to take measures to ensure the safety of your personal data. In
particular, we advise you not to share your personal data with us or any of our partners via any public forums or other
public channels, unless you acknowledge and accept that relevant data will be publicly accessible.
6. RETENTION AND DELETION OF PERSONAL DATA
Your personal data (all data categories mentioned in Section 2) shall be stored insofar as reasonably necessary to
attain the objectives stated in Section 3 above, or until the legal obligation stipulates that we do so. To determine
the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal
data, the potential risk of harm from unauthorised use or disclosure of your personal data, the processing purposes and
whether we can achieve these purposes through other means, and applicable statutory obligations. Whilst retaining the
personal data, we take into account the viable need to resolve disputes and enforce the contract between us or anonymize
your personal data and retain this anonymized information indefinitely.
In case any of the data stipulated in Section 2 above is needed for purposes of protection against ongoing or threatened
disputes, we shall retain the related data as long as the dispute is solved.
After the expiry of the retention period determined above or the termination of the legal basis for processing purpose,
we may retain the materials containing the personal data in the backup systems, from which the respective materials will
be deleted after the end of the backup cycle. We ensure that during the backup period appropriate safeguards are applied
and the backed-up materials are put beyond use.
7. YOUR RIGHTS AND PREFERENCES
Under data protection law, you have rights including:
- 1. Right to be informed and to access. You may get information regarding your personal data processed by us.
- 2. Right to data portability. You have the right to receive your personal data from us in a structured, commonly
used and machine-readable format. Moreover, you may request that the personal data is transmitted to another
controller. Bear in mind that these can only be done if that is technically feasible.
- 3. Right to erasure. You the right to have personal data we process about you erased from our systems if the
personal data are no longer necessary for the related purposes.
- 4. Right to object and restrict. You have the right to object to the processing of your personal data and restrict
it in certain cases.
- 5. Right to rectification. You have the right to make corrections to your personal data in certain cases.
- 6. Right to withdraw consent. When you have given us consent to process your personal data, you may withdraw said
consent at any time.
- 7. Right to contact the supervisory authority. If you are not satisfied with our response to your request in
relation to Personal Data or you believe we are processing your Personal Data not in accordance with the law, you
can submit your claim to the relevant authorities in the British Virgin Islands.
To exercise any of the abovementioned rights, please contact our customer support team via e-mail indicated in Section 8
below.
Please note that in case you are requesting to use the above described rights or any other rights related to our
services, on someone elses name (legal representative, close relative of deceased customer etc), we have the right to
ask additional information from you to prove the authorization for such request (signed authorization from customer,
requestor ID, death certificate etc.).
Such additional information is required to protect our customers’ personal data and financial interests.
8. OTHER IMPORTANT INFORMATION
Changes to This Privacy Policy
We may update our Privacy Policy from time to time. Thus, you are advised to review this page periodically for any
changes. We will notify you of any changes by posting the new Privacy Policy on this page.
This policy is effective as of 2022-07-20
Newsletter, notifications and direct marketing campaigns
With your explicit consent, you may be subject to direct marketing campaigns, we may send you our newsletter or provide
you with notifications. You may opt out of the direct marketing campaigns, newsletters and notifications on your account
settings. We may also provide you with news, special offers and general information about other goods, services and
events which we offer that are similar to those that you have already purchased or enquired about unless you have opted
not to receive such information.
Dispute resolution
If you have questions, please contact us at support@hxr.com. Disputes relating to the processing of personal data are
settled through our customer support. We may amend or modify this Privacy Policy from time to time to reflect changes in
the way we process personal data.
Age limitations
We do not knowingly collect any information from individuals under 18 years of age. If we discover a user of being
younger than 18 years old we will require the user to close their account and we will take steps to delete any collected
information as soon as possible.
HXR QUANT HOLDINGS LIMITED