Privacy Policy

Last updated: 1 June 2024

This Privacy Policy describes how PePe spol. s r.o. (company ID: 12345678, registered address: Example Street 10, 811 01 Bratislava, Slovak Republic) ("PePe", "we", "us", or "our") collects, uses, stores, shares, and protects personal data of users ("you", "your") who access and use the website pepe-trade.live (the "Site") and related services (collectively, the "Services"). We are committed to protecting your privacy in accordance with applicable data protection laws, including the General Data Protection Regulation (GDPR) (EU) 2016/679 and the Slovak Act No. 18/2018 on Personal Data Protection.

Please read this Privacy Policy carefully. By using our Services, you acknowledge that you have read and understood this policy. If you do not agree with any part of this policy, you should stop using the Services immediately.

1. Definitions

For the purposes of this Privacy Policy:

  • "Personal Data" means any information relating to an identified or identifiable natural person (data subject).
  • "Processing" means any operation performed on personal data, such as collection, recording, organization, structuring, storage, adaptation, retrieval, consultation, use, disclosure, or erasure.
  • "Data Controller" means PePe spol. s r.o., which determines the purposes and means of processing personal data.
  • "Data Processor" means a third party that processes personal data on behalf of the Data Controller.
  • "User" means any individual who accesses or uses the Services.

2. Data Controller

The Data Controller for personal data collected through the Services is:

PePe spol. s r.o.
Address: Example Street 10, 811 01 Bratislava, Slovak Republic
Email: privacy@pepe-trade.live
Phone: +421 905 123 456

If you have any questions about this Privacy Policy or wish to exercise your rights, please contact us using the above details.

3. Types of Personal Data We Collect

We collect personal data that you voluntarily provide to us when you use the Services, as well as data that is automatically collected when you interact with the Site. The categories of personal data we may collect include:

  • Identity and Contact Data: First name, last name, email address, phone number, billing address, postal address, and company name (if applicable).
  • Account Data: Username, password, account preferences, transaction history, trading activity, portfolio details, and payment information (such as bank account details or cryptocurrency wallet addresses).
  • Communication Data: Records of correspondence with our support team, including emails, chat messages, and phone recordings (where permitted by law).
  • Technical Data: IP address, browser type and version, operating system, device type, unique device identifiers, time zone setting, browser plug-in types, and screen resolution.
  • Usage Data: Pages visited, clickstream data, time spent on pages, navigation patterns, referring URLs, and interactions with features on the Site.
  • Marketing and Preferences Data: Your preferences in receiving marketing communications from us, your communication preferences, and responses to surveys or contests.
  • Financial Data: As part of our trade services, we may process transaction data such as trade amounts, currencies used, profit/loss records, and compliance-related financial information.

We do not collect sensitive personal data such as racial or ethnic origin, political opinions, religious beliefs, health data, or biometric data unless required by law and with your explicit consent.

4. How We Collect Personal Data

We collect personal data through various methods:

  • Direct Interactions: You provide personal data when you create an account, fill out forms, subscribe to newsletters, participate in surveys, contact customer support, or interact with our Services.
  • Automated Technologies: As you navigate our Site, we automatically collect technical and usage data using cookies, server logs, and similar tracking technologies. Please refer to our Cookie Policy for more details.
  • Third Parties: We may receive personal data from third-party service providers such as payment processors, identity verification services, analytics providers (e.g., Google Analytics), advertising networks, and social media platforms (if you choose to log in via social media).
  • Public Sources: We may collect information from publicly available sources to verify your identity or comply with regulatory obligations (e.g., anti-money laundering checks).

5. Purposes and Legal Bases for Processing

We process your personal data for specific purposes based on a valid legal basis as outlined below:

  • To Provide and Maintain the Services: We process your account and transaction data to facilitate trading, manage your portfolio, and provide customer support. Legal basis: performance of a contract (Article 6(1)(b) GDPR).
  • To Verify Your Identity and Prevent Fraud: We process identity data and technical data to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) obligations. Legal basis: legal obligation (Article 6(1)(c) GDPR) and legitimate interest (Article 6(1)(f) GDPR) in protecting our business and users.
  • To Communicate With You: We process contact data to send service-related messages (e.g., transaction confirmations, updates, security alerts) and respond to your inquiries. Legal basis: performance of a contract and legitimate interest in effective communication.
  • To Improve Our Services: We analyze usage data to enhance user experience, develop new features, and optimize the Site. Legal basis: legitimate interest in improving our offerings.
  • To Send Marketing Communications: With your consent, we may send newsletters, promotional offers, and news about our Services. Legal basis: consent (Article 6(1)(a) GDPR). You can withdraw consent at any time.
  • To Comply With Legal Obligations: We process data to comply with applicable laws, court orders, or regulatory requirements, including tax reporting. Legal basis: legal obligation (Article 6(1)(c) GDPR).
  • To Protect Rights and Security: We may process data to investigate and defend legal claims, enforce our terms of service, and protect the security of our systems and users. Legal basis: legitimate interest in safeguarding rights and security.

6. Cookies and Tracking Technologies

Our Site uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and provide personalized content. Cookies are small text files stored on your device. We use essential cookies for the Site to function (e.g., authentication cookies) and non-essential cookies for analytics and marketing (e.g., Google Analytics, Facebook Pixel). You can manage your cookie preferences through our cookie consent banner or your browser settings. For more details, please see our Cookie Policy. Withdrawing consent for non-essential cookies may affect certain features of the Site.

7. How We Share Your Personal Data

We may share your personal data with the following categories of third parties:

  • Service Providers: We engage trusted third-party companies to help us operate the Services, such as hosting providers (e.g., AWS), payment processors (e.g., Stripe, PayPal), identity verification services (e.g., Onfido), analytics providers (e.g., Google Analytics), and customer support platforms.
  • Professional Advisors: We may share data with legal advisors, auditors, and accountants where necessary to comply with legal obligations or defend legal claims.
  • Regulatory and Law Enforcement Authorities: We may disclose personal data to authorities such as the Slovak Data Protection Authority (Úrad na ochranu osobných údajov), financial regulators, or law enforcement agencies if required by applicable law or to protect our legal rights.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, personal data may be transferred to the acquiring entity. We will notify you of any such change.
  • With Your Consent: We may share data with third parties for purposes you have expressly consented to.

We do not sell your personal data to third parties for their own marketing purposes. All third parties we engage are contractually bound to process data only on our instructions and to implement appropriate security measures.

8. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA), including the United States, where our service providers may be located. We ensure that any such transfers are subject to appropriate safeguards as required by GDPR, such as Standard Contractual Clauses (SCCs) adopted by the European Commission, or reliance on adequacy decisions (e.g., the UK, Canada, Japan). If you would like a copy of the safeguards in place, please contact us.

9. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable law. Specifically:

  • Account Data: Retained for the duration of your account plus a period of 5 years after account closure to comply with legal obligations (e.g., tax, AML).
  • Transaction Records: Retained for 10 years after the transaction, as required by Slovak accounting and tax laws.
  • Communications Data: Retained for 3 years after the last interaction to handle any disputes.
  • Marketing Data: Retained until you withdraw consent or until we decide to stop sending marketing communications.
  • Technical and Usage Data: Retained for 2 years for analytics and security purposes.

When data is no longer needed, we securely delete or anonymize it.

10. Your Rights Under GDPR

If you are a resident of the EEA or United Kingdom, you have the following rights regarding your personal data:

  • Right to Access: You can request a copy of the personal data we hold about you and obtain information about how we process it.
  • Right to Rectification: You can ask us to correct inaccurate or incomplete personal data.
  • Right to Erasure (Right to be Forgotten): You can request deletion of your personal data where there is no compelling reason for continued processing.
  • Right to Restrict Processing: You can request that we limit the processing of your data in certain circumstances (e.g., while disputing accuracy).
  • Right to Data Portability: You can receive your personal data in a structured, commonly used, and machine-readable format and have it transmitted to another controller.
  • Right to Object: You can object to processing based on legitimate interests, including direct marketing and profiling.
  • Right to Withdraw Consent: If processing is based on consent, you can withdraw it at any time without affecting the lawfulness of prior processing.
  • Right to Lodge a Complaint: If you believe we have violated your data protection rights, you can file a complaint with the Slovak Data Protection Authority (Úrad na ochranu osobných údajov, address: Hraničná 12, 820 07 Bratislava 27) or your local supervisory authority.

To exercise your rights, please contact us at privacy@pepe-trade.live. We will respond to your request within one month, which may be extended by two months for complex requests. We may require proof of identity and additional information to verify your request.

11. Data Security

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit via TLS (SSL) certificates
  • Encryption of sensitive data at rest using AES-256
  • Access controls and authentication mechanisms (multi-factor authentication)
  • Regular security audits and vulnerability scanning
  • Staff training on data protection practices
  • Data backup and disaster recovery procedures
  • Secure data centers with physical security controls

Despite these measures, no transmission of data over the internet is completely secure. We cannot guarantee absolute security, and you are responsible for maintaining the confidentiality of your account credentials.

12. Third-Party Links

Our Site may contain links to third-party websites, plugins, or services (e.g., social media buttons). This Privacy Policy does not apply to those third parties. We are not responsible for the privacy practices of such third parties. We encourage you to read their privacy policies before providing any personal data.

13. Children's Privacy

Our Services are not directed to individuals under the age of 18. We do not knowingly collect personal data from minors. If you become aware that a minor has provided us with personal data without parental consent, please contact us immediately, and we will take steps to delete such information.

14. Automated Decision-Making and Profiling

We may use automated systems to process your data for purposes such as fraud detection, risk assessment, and personalized recommendations. These decisions are based on predefined algorithms and may affect your ability to use certain features. You have the right to object to automated decision-making and request human intervention where such decisions have legal or significant effects. We will inform you if automated decision-making is used and provide a way to contest the decision.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. Any changes will be posted on this page, and the "Last updated" date will be revised. For material changes, we will notify you by email or a prominent notice on the Site. We encourage you to review this Privacy Policy periodically.

16. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or the processing of your personal data, please contact us:

Data Controller: PePe spol. s r.o.
Address: Example Street 10, 811 01 Bratislava, Slovak Republic
Email: privacy@pepe-trade.live
Phone: +421 905 123 456

You may also contact our Data Protection Officer (DPO) at dpo@pepe-trade.live, if appointed.

For complaints, you can contact the Slovak Data Protection Authority: Úrad na ochranu osobných údajov, Hraničná 12, 820 07 Bratislava 27, email: dozor@pdp.gov.sk, website: www.dataprotection.gov.sk.

17. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Slovak Republic and applicable EU data protection regulations. Any disputes arising from this policy shall be subject to the jurisdiction of the courts of the Slovak Republic.

This Privacy Policy is provided in English for your convenience. In case of any conflict between the English version and a translated version, the English version shall prevail.

We use cookies to enhance your browsing experience and provide personalized content. By continuing to use our site, you agree to our use of cookies.