Privacy Policy
by Zemoon.

This Privacy Policy explains how ZEMOON FINTECH LTD. collects, uses, stores, processes and discloses personal data obtained through the Website and in connection with the provision of the Services.

This Privacy Policy describes the categories of personal data we may collect, the sources from which such data may be obtained, the purposes for which such data is processed, the conditions under which it may be shared with third parties, and the periods for which it may be retained.

This Privacy Policy also sets out the rights available to Users in relation to their personal data and the general principles applied by the Company in connection with data privacy and protection.

We collect and process personal data in order to comply with legal and regulatory obligations applicable to us as a Money Services Business, to provide and administer the Services, and to improve the functionality, security and quality of our Website and Services.

Personal data may be collected directly from you, automatically through your use of the Website or Services, and, where applicable, from third-party partners, service providers or verification sources involved in the provision of the Services.

The categories of personal data we may collect include:

We may collect and use personal data for the following purposes:

Before establishing a business relationship with a potential User, the Company may carry out know-your-customer and due diligence procedures for the purposes of identity verification, risk assessment and compliance with applicable legal and regulatory requirements.

Such procedures form part of the Company’s measures aimed at detecting, preventing and mitigating money laundering, terrorist financing, fraud and other unlawful or prohibited activities.

As part of these procedures, we may collect and review identification documents and verification materials, including, for example, a passport, national identity card, proof of address and other supporting documents. Depending on the circumstances, risk profile, jurisdiction or applicable legal requirements, we may request additional information, documents or clarifications.

The Company may also engage third-party service providers, verification partners or other authorized counterparties to carry out or support KYC, screening and due diligence procedures on the Company’s behalf.

We may disclose or make available your personal data to third parties that provide services to us or on our behalf, where such disclosure is necessary for the provision of the Services, compliance with legal obligations, protection of our legitimate interests, or operation of our business.

Where personal data is disclosed to such third parties, access is limited to the information reasonably necessary for the relevant purpose, and such third parties are expected to use the disclosed data only for the specific services or functions for which they are engaged, subject to applicable legal and contractual safeguards.

Where we outsource certain functions or rely on third-party service providers, we may take reasonable steps to oversee and monitor such arrangements in order to ensure that delegated services are performed in an appropriate and secure manner.

We may also disclose personal data without your prior consent where such disclosure is permitted or required by applicable law, including, for example, in the following circumstances:

In the event of any disclosure made without your prior consent, we will seek to ensure that the personal data disclosed is limited to what is reasonably necessary for the relevant purpose.

Please note that the Company shall not be responsible for any unauthorized, improper or unlawful use of personal data resulting from your failure to maintain the confidentiality and security of your Account credentials, passwords or other access details, including where such information is disclosed by you to third parties.

We may process certain personal data, including your e-mail address, location data and transaction-related information, in order to provide you with information about news, updates, campaigns, research, products or Services that may be relevant to you.

For these purposes, we may use such information to better understand your interests, preferences and potential business needs, and to provide communications and offers that are more relevant to your use of the Services.

We may also use limited profiling techniques, which may involve automated processing of certain personal data in order to assess general preferences, interests or patterns relevant to the delivery of marketing communications relating to our Services. Such profiling shall be carried out in accordance with applicable law.

You are not required to receive marketing communications from us and may opt out of such communications at any time by contacting User Support or by using any unsubscribe or opt-out mechanism made available in the relevant communication.

Personal data is stored on secure servers and protected by appropriate technical and organizational measures designed to reduce the risk of unauthorized access, disclosure, alteration, misuse or loss.

Where appropriate, we may use encryption, SSL and other security measures in connection with the storage and transmission of personal data.

We retain personal data for as long as it is reasonably necessary for the purposes for which it was collected, including for the duration of our business relationship with you and for any additional period required or permitted under applicable law, regulation, recordkeeping obligations or legitimate business needs.

Following the termination of the business relationship, we may continue to retain personal data for a period required to comply with legal and regulatory obligations applicable to the Company, including obligations relating to record retention applicable to Money Services Businesses. Unless a longer retention period is required or permitted by applicable law, such period will generally not exceed 5 (five) years after the end of the relevant relationship.

Once the applicable retention period expires, we may securely delete, destroy, anonymize or otherwise dispose of the relevant personal data in accordance with applicable law and the Company’s internal retention procedures.

We implement a range of technical, organizational and administrative measures designed to protect personal data against unauthorized access, disclosure, misuse, loss, alteration, destruction or other unlawful processing, with particular attention given to data that may be more sensitive in nature.

At the same time, no method of storage, transmission or electronic processing can be guaranteed to be completely secure or free from risk. As a result, while we take reasonable steps to protect personal data, the Company cannot guarantee absolute security of any data transmitted to us or stored by us. To the extent permitted by applicable law, any transmission of information via the internet, including by e-mail, is carried out at your own risk.

You also play an important role in protecting your personal data. In particular, you should use strong and unique passwords, keep your credentials confidential, restrict access to your Account and devices, log out when appropriate, and carefully manage your security and privacy settings.

Subject to applicable law, Users may have the following rights in relation to their personal data:

The availability and scope of these rights may depend on the nature of the personal data, the purpose of processing, and the legal basis under which such data is processed.

If you have any concerns, questions or complaints regarding the way we collect, use, store, process or disclose your personal data, you may contact us and submit the relevant request or complaint.

We are committed to handling personal data in good faith and in accordance with applicable legal, regulatory and internal data protection standards. If you have concerns regarding the security of your personal data, the lawfulness of its processing, the length of its retention, or the circumstances of its disclosure, we will review your request and use reasonable efforts to address your concern appropriately.

Please note that the Company may decline, limit or defer the handling of a request or complaint where there are reasonable grounds to believe that such request is fraudulent, manifestly unfounded, impracticable, excessive, contrary to applicable law, or may adversely affect the rights, freedoms or security of other Users or third parties.