Privacy
Policy��for app��
Consent
to installation of the App
Under data protection
laws, we are required to provide you with certain information about who we are,
how we process your personal data and for what purposes, and your rights in
relation to your personal data. This information is provided in Privacy
Policy and it is important that you read that information.
Before installation of
this App and using this app provided by us, you indicate your
consent to our processing of your personal data (including your name, contact
details, financial and device information) as described in the policy��
I consent to the
installation of the App for the purposes of PURPOSE OF APP.
How you can withdraw
consent
Once
you provide consent by using this app, you may change your
mind and withdraw consent at any time by contacting us:
[[email protected]], but that will not affect the lawfulness of any processing
carried out before you withdraw your consent.
Consent to processing
Location Data
I consent to processing
of my Location Data ([including details of my current location disclosed by GPS
technology OR OTHER TECHNOLOGY so that location-enabled
Services are activated to PURPOSE OF LOCATION-ENABLED SERVICES.
PumpX (we) are
committed to protecting your personal data and respecting your privacy.
This policy applies to
your use of:
�� PumpX mobile application
software (App) OR hosted on WEB ADDRESS (App Site),
once you have downloaded or streamed a copy of the App onto your mobile telephone
or handheld device (Device).
�� Any of the services
accessible through the App (Services) that are available on the App Site
or other sites of ours (Services Sites). This policy sets out the basis
on which any personal data we collect from you, or that you provide to us, will
be processed by us. This App is not intended for children and we do not
knowingly collect data relating to children. Please read the following
carefully to understand our practices regarding your personal data and how we
will treat it.
Important
information and who we are
PumpX refers to an ecosystem
comprising PumpX app, website and other applications
that are developed to offer PumpX Services (PumpX Group). Including but not limited to:
INITIAL
BLOCKCHAIN TECH PTE., LTD
AUGURE TECHNOLOGY CO., LTD
The service ecosystem
is made up of different legal entities and individuals. When we mention ��PumpX��, we are referring to the relevant company in the PumpX group responsible for processing your data which will
be clear to you when you use our App, INITIAL BLOCKCHAIN TECH PTE., LTD is the
controller responsible for this App.
We have appointed a
data protection officer (DPO). If you have any questions about this
privacy policy, please contact them using the details set out below.
Contact details
Our full details are:
Full name of legal
entity: INITIAL BLOCKCHAIN TECH PTE., LTD
Name or title of data
privacy manager: Xavier Zheng
Email address: [email protected]
Postal address: 9-13 ST
ANDREW STREET, LONDON, UK EC4A 3AF
Telephone number: +44
(0) 7803785431
You have the right to
make a complaint for data protection issues at any time to the Information
Commissioner's Office (ICO) in the UK or other regulators in
jurisdictions that we provide PumpX service.
Changes to the privacy
policy and your duty to inform us of changes
We keep our privacy
policy under regular review.
This version was last
updated on 2022.2.15. It may change and if it does, these changes will be
posted on this page and, where appropriate, notified to you when you next start
the App or log onto one of the Services Sites. The new policy may be displayed
on-screen and you may be required to read and accept the changes to continue
your use of the App or the Services.
It is important that
the personal data we hold about you is accurate and current. Please keep us
informed if your personal data changes during our relationship with you.
Third party links
Our App or Sites may,
from time to time, contain links to and from the websites of our partner
networks, advertisers and affiliates. Please note that these websites and any
services that may be accessible through them have their own privacy policies
and that we do not accept any responsibility or liability for these policies or
for any personal data that may be collected through these websites or services,
such as Contact and Location Data. Please check these policies
before you submit any personal data to these websites or use these services.
We may collect, use,
store and transfer different kinds of personal data about you as follows:
�� Identity Data.
�� Contact Data.
�� Financial Data.
�� Transaction Data.
�� Payment Data.
�� Device Data.
�� Content Data.
�� Profile Data.
�� Usage Data.
�� Marketing and
Communications Data.
�� Location Data
We also collect, use
and share Aggregated Data such as statistical or demographic data for any
purpose. Aggregated Data could be derived from your personal data but is not
considered personal data in law as this data will not directly or indirectly
reveal your identity. For example, we may aggregate your Usage Data to
calculate the percentage of users accessing a specific App feature. However, if
we combine or connect Aggregated Data with your personal data so that it can
directly or indirectly identify you, we treat the combined data as personal
data which will be used in accordance with this privacy policy.
How
is your personal data collected?
We will collect and
process the following data about you:
�� Information you give
us. This
is information (including Identity, Contact, Financial, and Marketing and
Communications Data) you consent to giving us about you by filling in forms on
the App Site and the Services Sites (together Our Sites), or by
corresponding with us (for example, by email or chat). It includes information
you provide when you register to use the App Site, download or register an App,
subscribe to any of our Services, search for an App or Service, make an in-App
purchase, share data via an App's social media functions, enter a competition,
promotion or survey, or OTHER ACTIVITIES COMMONLY CARRIED OUT IN CONNECTION
WITH AN APP and when you report a problem with an App, our Services, or any of
Our Sites. If you contact us, we will keep a record of that correspondence.
�� Information we collect
about you and your device. Each time you visit one of Our
Sites or use one of our Apps we will automatically collect personal data
including Device, Content and Usage Data. We collect this data using cookies
and other similar technologies. Please see our cookie policy for further
details.
�� Location Data. We also use GPS
technology OR OTHER TECHNOLOGY to determine your current
location. Some of our location-enabled Services require your personal data for
the feature to work. If you wish to use the particular feature, you will be
asked to consent to your data being used for this purpose. You can withdraw
your consent at any time by sending written withdraw application to
our [CONTACT DETAILS]
�� Information we receive
from other sources including third parties and publicly available
sources. We may receive personal data about you from various
third parties as set out below:
�� Device Data from the
following parties:
analytics providers;
advertising networks;
and
search information
providers.
�� Contact, Financial and
Transaction Data from providers of technical, payment and delivery services
that have connection with us;
�� Identity and Contact
Data from data brokers or aggregators;
�� Identity and Contact
Data from publicly available sources.
We use cookies to
distinguish you from other users of the App, App Site, the distribution
platform (Appstore) or Services Sites and to remember your preferences. This
helps us to provide you with a good experience when you use the App or browse
any of Our Sites and also allows us to improve the App and Our Sites.
If you would like to
opt-out of the Technologies we employ on the Services, you may do so by
blocking, disabling, or deleting them as your browser or device permits.
However, certain aspects and features of the Services and this Site are only
available through the use of Cookies, so if you choose to disable or decline
Cookies, the Services may not work properly.
Do Not Track (��DNT��) is
a privacy preference that users can set in certain web browsers. You can use
DNT as a way for Users to inform websites and services that they do not want
certain information about their webpage visits collected over time and across
websites or online services. Please note that at this time no formal ��Do Not
Track�� standard has been adopted and we do not respond to or honor DNT signals.
We will only use your
personal data when the law allows us to do so. Most commonly we will use your
personal data in the following circumstances:
�� Where you have
consented before the processing.
�� Where we need to
perform a contract we are about to enter or have
entered with you.
�� Where it is necessary
for our legitimate interests (or those of a third party) and your interests and
fundamental rights do not override those interests.
�� Where we need to comply
with a legal or regulatory obligation.
We will only send you
direct marketing communications by email or text if we have your consent. You
have the right to withdraw that consent at any time by contacting us.
We may also transmit
some of your data to third parties such as payment services, infrastructure,
logistics, and other services providers.
We enter into
contractual arrangements with these third parties to ensure that personal data
they could have to process for the provision of their tasks is adequately
secured and that your privacy is protected. These providers have privacy
policies which you may refer to for information about how they process your
information and how to exercise your data subjects�� rights as provided under
Applicable Laws. All personal data processed by these third parties shall
solely be used to perform the services they provide to us and for the purposes
set out in this Privacy Policy.
In certain
circumstances and only where required by Applicable Laws, we may disclose some
of your data to competent administrative or judicial authorities or any other
authorized third party.
We will stop share your
personal data with any third party for marketing purposes after we get your
express opt-out statement.
Purposes
for which we will use your personal data
We ensure your personal
data is protected by requiring all our group companies to follow the same rules
when processing your personal data. These rules are called "binding
corporate rules".
Many of our external
third parties are based outside the UK or outside the EEA, so their processing
of your personal data will involve a transfer of data outside the UK or the
EEA.
Whenever we transfer
your personal data out of the UK or the EEA, we ensure a similar degree of
protection is afforded to it by ensuring at least one of the following
safeguards is implemented:
�� We will only transfer
your personal data to countries that have been deemed to provide an adequate
level of protection for personal data.
�� Where we use certain
service providers, we may use specific contracts approved by the UK or other
jurisdictions which give personal data the adequate protection.
Please contact us if
you want further information on the specific mechanism used by us when
transferring your personal data out of the UK or the EEA.
All information you
provide to us is stored on our secure servers. Any payment transactions carried
out by us or our chosen third-party provider of payment processing services
will be encrypted. Where we have given you (or where you have chosen) a password
that enables you to access certain parts of Our Sites, you are responsible for
keeping this password confidential. We ask you not to share a password with
anyone.
Once we have received
your information, we will use strict procedures and security features to try to
prevent your personal data from being accidentally lost, used or accessed in an
unauthorised way.
We will collect and
store personal data on your Device using application data caches and browser
web storage (including HTML5).
Certain Services
include social networking, chat room or forum features. Ensure when using these
features that you do not submit any personal data that you do not want to be
seen, collected or used by other users.
We have put in place
procedures to deal with any suspected personal data breach and will notify you
and any applicable regulator when we are legally required to do so.
We notably implement
the following security measures, among others:
�� Payment Data security:
If you provide us with credit card information, such information is encrypted
using a secure Internet Trade Protocol (TLS) and sent directly to our Payment
Service Provider (PSP). This information is never stored on our server.
�� Awareness program and
employee trainings
�� Data encryption in
transit and at rest
�� Data centres routinely audited
�� Data redundancy for
resilience in case of disasters
�� Role-based
authentication
�� Two-factor
authentication of our authorized employees
�� Continuous system
monitoring
�� Industry-standard
security evaluations
�� Independent third-party
security reviews and penetration tests
By law we have to keep
basic information about our customers (including Contact, Identity, Financial
and Transaction Data) for 5 years after they cease being customers.
In some circumstances
you can ask us to delete your data: see [Your legal rights] below for
further information.
In some circumstances
we will anonymise your personal data (so that it can
no longer be associated with you) for research or statistical purposes, in
which case we may use this information indefinitely without further notice to
you.
In the event that you
do not use the App for a period of 5 years then we will treat the account as
expired and your personal data may be deleted.
Under certain
circumstances you have the following rights under data protection laws in
relation to your personal data:
�� Request access to your personal
data (commonly known as a "data subject access request"). This
enables you to receive a copy of the personal data we hold about you and to
check that we are lawfully processing it.
�� Request correction of the personal
data that we hold about you. This enables you to have any incomplete or
inaccurate data we hold about you corrected, though we may need to verify the
accuracy of the new data you provide to us.
�� Request erasure of your personal
data. This enables you to ask us to delete or remove personal data where there
is no good reason for us continuing to process it. You also have the right to
ask us to delete or remove your personal data where you have successfully exercised
your right to object to processing (see below), where we may have processed
your information unlawfully or where we are required to erase your personal
data to comply with local law. Note, however, that we may not always be able to
comply with your request of erasure for specific legal reasons which will be
notified to you, if applicable, at the time of your request.
�� Object to processing of your personal
data where we are relying on a legitimate interest (or those of a third party)
and there is something about your particular situation which makes you want to
object to processing on this ground as you feel it impacts on your fundamental
rights and freedoms. You also have the right to object where we are processing
your personal data for direct marketing purposes. In some cases, we may
demonstrate that we have compelling legitimate grounds to process your
information which override your rights and freedoms.
�� Request restriction of
processing of
your personal data. This enables you to ask us to suspend the processing of
your personal data in the following scenarios:
(a) if you want us to
establish the data's accuracy;
(b) where our use of the
data is unlawful but you do not want us to erase it;
(c) where you need us to
hold the data even if we no longer require it as you need it to establish,
exercise or defend legal claims; or
(d) you have objected to
our use of your data but we need to verify whether we have overriding
legitimate grounds to use it.
�� Request the transfer of your personal
data to you or to a third party. We will provide to you, or a third party you
have chosen, your personal data in a structured, commonly used,
machine-readable format. Note that this right only applies to automated
information which you initially provided consent for us to use or where we used
the information to perform a contract with you.
�� Withdraw consent at any
time where
we are relying on consent to process your personal data. However, this will not
affect the lawfulness of any processing carried out before you withdraw your
consent. If you withdraw your consent, we may not be able to provide certain
products or services to you. We will advise you if this is the case at the time
you withdraw your consent.
If you execute
the abovementioned legal rights, we shall acknowledge the receipt of your
request and, within a maximum one-month period, we shall stop processing your
personal data or erase it from our IT systems, except where PumpX
has legitimate and compelling grounds for processing, or for the purpose of
ascertaining, exercising or defending its legal rights in accordance with the
Applicable Laws. If necessary, PumpX shall inform you
of the legal grounds and reasons why your request could not be satisfied in
whole or in part.
You can exercise any of
these rights at any time by contacting us at [CONTACT DETAILS].
Consent means processing
your personal data where you have signified your agreement by a statement or
clear opt-in to processing for a specific purpose. Consent will only be valid
if it is a freely given, specific, informed and unambiguous indication of what
you want. You can withdraw your consent at any time by contacting us.
Legitimate Interest means the
interest of our business in conducting and managing our business to enable us
to give you the best service/product and the best and most secure experience.
We make sure we consider and balance any potential impact on you (both positive
and negative) and your rights before we process your personal data for our
legitimate interests. We do not use your personal data for activities where our
interests are overridden by the impact on you (unless we have your consent or
are otherwise required or permitted to by law). You can obtain further
information about how we assess our legitimate interests against any potential
impact on you in respect of specific activities by contacting us.
Performance of Contract means processing
your data where it is necessary for the performance of a contract to which you
are a party or to take steps at your request before entering into such a
contract.
Comply with a legal
obligation means
processing your personal data where it is necessary for compliance with a legal
obligation that we are subject to.
Other companies in the PumpX Group acting as joint controllers or processors and
provide IT and system administration services and undertake leadership
reporting].
Service providers who
provide regulated payment service, regulated trading service or other service
that is necessary to PumpX��s business.