Privacy policy & Data protection

Who we are?

Digital Assets d.o.o., ((hereinafter “Digital Assets”, “us”, “ours”) thanks you for your visit to our webpage, as well as for your interest in our company and services. Protection of your personal data is important to us and we want you to feel comfortable while visiting our pages.

Here we will inform you which of your data are being stored while you're using our webpage and how are these data used. If our page contains links which lead you to some other webpages of other providers, our privacy policy is not applied.

Acceptance of this privacy policy means acceptance of collection, processing and use of your personal data by the company Digital Assets, respecting the Personal Data Protection Act / General Data Protection Regulation (GDPR) and the following conditions.

Please, take sufficient time to read these regulations carefully.

Controller

Controller is the main person responsible for the processing of your personal data, who decides on the purpose and intention of processing of your personal data. In this case the controller is:

Digital Assets d.o.o.Hrvatske mornarice 1/C, 21000 Split, CroatiaVAT ID: 37096783668MBS: 060297216Kontakt broj: +385 21 209 851E-Mail: info@bitcoin-store.hr

You can contact our data protection officer at the e-mail address info@bitcoin-store.hr.

If you object that Digital Assets collects, processes or uses your personal data in accordance with the Personal Data Protection Act, you can send us a complaint on the e-mail address stated above. It can result in inability to use the service. Your complaint terminates the use of webpage due to technical reasons.

Your rights

You have the right to receive your precise personal data which the company Digital Assets has stored on you.

Besides that, you have the right to the following:

  • Right of access - right of access to information on the data collected on you and the way in which they are processed
  • Right to rectification - right to request the amendment of personal data if they were not renewed
  • Right to erasure - right to request erasure of your personal data
  • Right to restriction of processing - right to request restriction of processing of personal data
  • Right to transfer data - right to transfer personal data in a machine-readable format
  • Right to object - right to withdraw a given consent or object to processing of personal data
  • Right to submit a complaint to a competent authority - right to bring action against the company Digital Assets to a competent authority, which can be any competent authority within the EU.
  • You can also submit the complaint to the competent authority in your place of residence or work. If you wish to exercise any of the mentioned own rights you can contact us using the data stated above in the text.

Personal data which we use while visiting our webpage

Information regarding the device - ID of the device, operating system and corresponding version and other data regarding the device

Information regarding the connection - time, date and duration of the use of the page, source, corresponding IP address and other data regarding the protocol

We collect this information so we could display the visited page to you. We also limit ourselves to what is absolutely needed in order to act in accordance with the law regulating data processing, especially data mitigation.

Personal data we collect during visits to our webpage and registration

If you don't wish only to visit our webpage, but also to register, for instance to see the history of your transactions, we collect the following personal data:

Access data - E-mail address, User ID, Password

Personal data - Name and surname

Information regarding the device - ID of the device, operating system and corresponding version and other data regarding the device

Information regarding the connection - Time, date and duration of use of the webpage, source, corresponding IP address and other data regarding the protocol

Other information - Data which you agree to share with us voluntarily by using our webpage, application or similar activities

If you are sharing the personal data of another person with us, you have to have a prior consent of that person. In that case you have to inform these persons regarding the way in which we process personal data in accordance with our privacy protection.

Personal data which we collect during the visits to our webpage, registration and verification

If you wish additionally to verify your identity, along with the registration, so you could use additional conveniences while trading, we collect the following personal data:

Access data - E-mail address, User ID, Password

Personal data - Name and surname

Additional personal data (required to confirm your identity) - Address, phone or mobile phone number

Identification documents (required to confirm your identity) - Photograph of the front side of your identity card, photograph of the back side of your identity card, your selfie with the identity card in hand

Information regarding the device - ID of the device, operating system and corresponding version and other data regarding the device

Information regarding the connection - Time, date and duration of use of the webpage, source, corresponding IP address and other data regarding the protocol

Other information - Data which you agree to share with us voluntarily by using our webpage, application or similar activities

Personal data which we collect when you visit our webpage and make a transaction

In order to use all possibilities which we offer you, you can login and make a buy or sale of a cryptocurrency (transaction). As you can expect, more data is collected in accordance with the information you are sharing. The fields which have to be filled out so the transaction can be processed are marked under “obligatory”. Without this information we cannot process your transaction. All other information which are not marked under obligatory are provisional. If you share this information with us voluntarily, you will improve our service. However, leaving out this information has no adverse effects towards you. The possibility depends on the information you share. However, basic information are as follows:

Information regarding the account (needed for the service of buying) - Wallet address of the cryptocurrency you are buying, e-mail address

Information regarding the account (needed for the service of selling) - Bank account number (IBAN), name and surname, address, e-mail address

Information regarding the device - ID of the device, operating system and corresponding version and other data regarding the device

Information regarding the connection - Time, date and duration of use of the webpage, source, corresponding IP address and other data regarding the protocol

Other information - Data which you agree to share with us voluntarily by using our webpage, application or similar activities

What is the defined purpose and legal grounds

As we previously informed you, we collect those personal data when it is necessary and when the purpose is legal and predefined. Information in (brackets) is the legal basis on which we base corresponding processings. You can find more information on the purpose and legal basis below:

When you contact our Customer Service in order to receive an information or submit a complaint, we store that information shared with us. For instance, the reason for contact, should you cancel a transaction or get information regarding it. Personal data can vary depending on the reason of contacting. As we wish to improve our service towards you, we store communication in your account. In this way we can answer your questions faster and better.

The process of cryptocurrency buying or selling

Personal data categories:
  • Access data
  • Information regarding the account
  • Data regarding the communication
  • Other information
Legal basis:

This information is needed in order to fulfill our obligation of cryptocurrency buying or selling and sending the funds to you. However, it is also our business interest to provide the best possible delivery to you (legitimate interest).

After you made the transaction, some processes are happening in the background. We transfer your transaction to your user account, depending on the fact are you a registered user or a guest.

When do we delete your data

We generally delete your data after the purpose is fulfilled. The exact rules are defined pursuant to our regional deletion concepts. Different deletion rules are applied, depending on the purpose of processing. Within our deletion concepts we have defined different data groups and determined the rules of deletion periods. A collected data gets a remark of deletion rule. When the retaining period expires, stored data will be deleted.

We will delete your personal data either according to your wishes in a manner that you contact us or three years after the collection of your data. If your account has not been active for three years, we will delete it. Prior to deletion, you will be notified in due time by an electronic mail which you used to register to this account.

Other then our deletion rules there are other rules of retaining periods which we need to observe. For instance, tax data have to be kept for six to ten years or even longer in some cases. These special rules on retaining periods depend on local legal conditions.

Therefore, despite your possible requests for the deletion of your data, we are obliged to store some of your data as legal regulations require. In this case we will still require limitation of further data processing.

With whom do we share your personal data

In this section we wish to inform you with whom do we share your personal data and under which conditions. However, our goal is to be transparent regarding the countries to which we transfer your data.

Which third parties have access to your personal data

We will never forward your data to unauthorized third persons. However, within our work we receive services from certain service providers and give them a limited and strictly monitored access to some of our data. Despite that, prior to forwarding personal data to those affiliate companies instead of us for processing, each company will individually be revised. All data recipients have to fulfill conditions of legal data protection and prove their level of data protection with valid proof.

To which countries do we transfer your data

We process your information exclusively and only within the European Union (EU) and European Economic Area (EEA). Still, some of our service providers mentioned above in text are located outside the EU and EEA area. GDPR sets strict conditions for data transfer to third countries. All our data recipients have to comply with those conditions. Before we transfer your data to a service provider in third countries, firstly the level of data protection is assessed with every service provider. Only if they can prove adequate level of data protection will they be taken into account as service providers.

Regardless of whether our service providers are based within the EU/EEA or in third countries, each service provider has to sign an agreement on data processing with us. Those providers who are located outside the EU/EEA have to comply with additional conditions. Pursuant to Article 44 ff of the General Data Protection Regulation, personal data can be transferred to those service providers who comply with at least one of the following conditions:

a) The Commission has brought the decision that a third country has to confirm an adequate level of protection (i.e. Israel and Canada)
b) Standard data protection clauses adopted:
These are the clauses of an agreement which cannot be amended by the parties to an agreement, in which they are obliged to ensure adequate level of data protection.
c) Approved confirmation mechanisms:

Pursuant to international agreements companies can be authorized pursuant to defined criteria. One of those confirmations is the EU-U.S. Privacy Shield. You can see authorized companies on this link: https://www.privacyshield.gov/welcome

We will transfer your data to a service provider which complies with at least one of three conditions. If we transfer data to third countries, those are mainly companies with registered seats in the U.S. or Israel

Cookie information

Definition of cookies and which cookies we use.

In order to make the visit to our page and application as attractive as possible and to ensure the use of some functions, we use the so-called cookies on different pages. Cookies are small text files stored on your devices. Some of the cookies we use are deleted after the browser session expires, i.e., after your browser closes (so-called Session Cookies). Other cookies remain on your devices and enable us or authorized third parties to recognize your browser during the next visit (Permanent Cookies). You can set your browser to inform you on cookie settings and decide for yourself do you wish to accept or turn off accepting of cookies for certain situations in general. If you do not accept cookies, it can limit the functionality of our webpage or application.

Which cookie categories exist?

Necessary cookies are needed because they enable you to navigate the webpage or application and use their features. Without these cookies the functionality cannot be guaranteed, as for instance steps while visiting the webpage (e.g. Text Entry), even while navigating between pages.

Functional cookies enable the webpage or application to save information which have already been entered earlier (as for instance Username, language selection or location) and to improve user's ability to offer personal details. These cookies collect anonymous information and cannot trace those steps on other webpages.

Performance cookies collect information on the use of web or application - e.g. which pages does a visitor visit most frequently and does he receive error messages from the page. These cookies do not store information on user identification. Collected information are summarized (grouped) and anonymous. These cookies are used exclusively to improve site operation, and thus user experience.

Marketing cookies are used for the purpose of targeted advertising, important for the user and adapted to his interests. They are used to limit advertisement frequency and measure the efficiency of advertising campaigns. They register your visit to the webpage/application. This information cannot be shared with third parties (e.g. Advertisers).For the purpose of improvement of targeting and advertising, cookies are often connected to third parties functionality.

Objections to the use of cookies

If you do not wish that Digital Assets collects and analyzes information on your visit, you can object to it for any future moment (opt-out). If you wish to file an objection (if you object), please contact using contact details stated above.

Exemption cookie will be set in your browser if you wish to technically implement that objection. This cookie is used exclusively for the purpose of mapping of your exemption. Please, pay attention on the way exemption cookies are used only from a browser on which they were set. If you delete cookies or use other browsers or a device, you will have to disable them again.

Right to alteration

We retain the right to alteration of this data protection declaration pursuant to legal provisions. We will certainly inform you on all important changes, such as change of purpose or new purposes of processing.

Last alteration: 6/6/2018