Updated: July 15, 2018
In this Policy “Services” means our website, any feature provided by us via the website or any local application (mobile desktop or otherwise), including without limitation wallet services or blockchain information services, which are governed by a separate agreement.
1. Collecting of Personal Information
When you access or use the Services, we collect the following information:
Information you may provide to us: You may give us information about you by filling in forms on our website or through our app or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use the Services and when you report a problem with the website or with our app. The information you give us may include your name, email address, virtual currency addresses, business card or other identifying document, mobile phone number, alias, password, mobile PIN code, and any other information you choose to provide.
Information we collect about you: With regard to each of your visits to our website or our app we automatically collect the following information:
Log Information: We log technical information about your use of the Services, including the type of browser and version you use, last access time of your wallet, the Internet Protocol (IP) address used to create the wallet and the most recent IP address used to access the wallet.
Device Information: We collect information about the mobile device you use to access our mobile application, including the hardware model, operating system and version, unique device identifiers and mobile network information, but this information is anonymized and not tied to any particular person.
Address Information: When you create a wallet through our Services, you may choose to generate a public and private key pair. When you log out of the wallet, we collect an encrypted file, that, if unencrypted, would contain these keys, along with your transaction history. When you enable notifications through your Account Settings, we will collect the unencrypted public key in order to provide such notifications. Under no circumstances do we ever collect an unencrypted private key from you, nor can we decrypt any wallet file data.
Information We Collect from Other Sources: We also receive information from other sources and combine that with information we collect through our Services.
2. Use of Personal Data
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organisation, we will use your information to:
Understand and meet your needs and preferences in using our Services;
Develop new and enhance existing service and product offerings;
Manage and develop our business and operations;
Carry out any purposes for which we have received your consent;
Meet legal and regulatory requirements.
We also reserve the right to use aggregated Personal Data to understand how our users use our Services, provided that those data cannot identify any individual.
We use Google Analytics which is a web analytics tool that helps us understand how users engage with the website. Like many services, Google Analytics uses first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our website. This information is used to compile reports and to help us improve our website. The reports disclose website trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all website you use, visit this Google page: https://tools.google.com/dlpage/gaoptout.
We will process your Personal Data legally and fairly and not use it outside the purposes of which we have informed you. So far as we are able we shall ensure that all of your Personal Data is accurate and up to date.
3. Disclosure of Personal Data
We share your information with selected recipients to perform functions on our behalf. All such third parties will be contractually bound to protect data in compliance with our Policy.
We also may share personal information with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganization, dissolution or other sale or transfer of some or all of Rapidz’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Data held by Rapidz is among the assets transferred.
We shall require any third party, including without limitation any government or enforcement entity, seeking access to data we hold to have obtained a Court Order, or proof they are statutorily empowered to access your data and that their request is valid and within their power.
4. Security of Your Personal Data
We protect Personal Data with appropriate physical, technological and organizational safeguards and security measures. Your Personal Data comes to us via the internet which chooses its own routes and means whereby information is conveyed from location to location. As such we cannot give any warranty or assurance that the means where information is conveyed to us are safe, reliable or have integrity. We audit our procedures and security measures regularly to ensure they are being properly administered and remain effective and appropriate. Every member of Rapidz is committed to our privacy policies and procedures to safeguard Personal Data. Our site has security measures in place to protect against the loss, misuse and unauthorized alteration of the information under our control. More specifically, our server uses SSL (Secure Sockets Layer) security protection by encrypting your Personal Data to prevent individuals from reading these Data as they travel over the Internet.
5. Retention of Your Personal Data
The length of time we retain Personal Data outside our back up system varies depending on the purpose for which it was collected and used, as follows:
Data you provide to us when subscribing for our services: while user remains active, stored in HK.
Country Location data: while user remains active, stored in HK.
Data on your preferences: while user remains active, stored in HK.
IP address login: until subsequent login from a new IP, stored in HK.
Push notification tokens: 12 months or until deactivation or expiry, stored in HK.
Except where prohibited by law, this period may extend beyond the end of the particular relationship with us but only for so long as we are contractually bound to do so, or so far as is necessary for audit or other accounting purposes. When Personal Data are no longer needed we have procedures either to destroy, delete, erase or convert it to an anonymous form.
After you have terminated your use of our Services, we reserve the right to maintain your Personal Data as part of our standard back up procedures in an aggregated format.
6. Storage of Personal Data
Rapidz has ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Data.
The information that we collect from you will be transferred to, and stored in, destinations outside of your country and the European Economic Area ("EEA") as described below:
Adequacy Decision: The personal data that we collect from you will be transferred to, and stored at/processed in, HK via encrypted communications channels and stored on hardware owned by Rapidz for the purpose of operation of Services and disaster recovery, which were found to have an adequate level of protection for personal data under Commission Decision 2000/518/EC of 26 July 2000.
Model Clauses: The personal data that we collect from you will be transferred to, and stored at/processed in HK via encrypted communications channels and stored on hardware owned by Rapidz for the purpose of operation of Services and disaster recovery, under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2010/87/EU.
Privacy Shield: The personal data that we collect from you will be transferred to, and stored at/processed by, Rapidz which complies with the US Department of Commerce's EU-US Privacy Shield and Swiss–US Privacy Shield and has certified that we adhere to the EU-US Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. For more information about the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield website.
By using the Services, you signify your agreement to this Policy. Rapidz reserves the right to change this Policy at any time. If we make any material changes to this Policy the revised Policy will be posted here and notified to our users at least 30 days prior to the changes taking effect, so that you are always aware of what information we collect, how we use it and under what circumstances we disclose it. Please check this page frequently to see any updates or changes to this Policy.
8. Questions and Complaints
Any questions about this policy, the collection, use and disclosure of Personal Data by Rapidz or access to your Personal Data which is required by law (or would be so subject had the storage in question taken place in a relevant EU member state if the case may be but not otherwise) to be disclosed should be directed to [email protected].
In the event that you wish to make a complaint about how we process your personal data, please contact us in the first instance at [email protected] and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the country in which you live or work where you think we have infringed data protection laws.