preloader icon
Accept cookie for this site

Privacy policy

  • Home
  • Privacy policy

Privacy Policy

Veriwealthfinance Privacy Policy

The current version of this Privacy Policy is: May 2023

1. About this Privacy Policy

Privacy and the security of transactions are core elements of cryptocurrencies, blockchain technology and its whole global movement. Veriwealthfinance ltd really appreciates the trust Clients have in us when trading cryptocurrencies and other digital assets on our platform. 

For this reason, privacy and data security have an enormously high priority for the Veriwealthfinance . It is very important to us that you feel safe during your visit to our website and while using our services as well as over the course of all other business transactions with us. As soon as you make use of products and/or services of Veriwealthfinance , you entrust us with the processing of your personal data. Veriwealthfinance ltd wants to give you the best possible experience with our platform to ensure that you enjoy the usage of our products and services now and in the future. That’s why we want to understand the user behavior on our platform in order to continuously improve it. 

Therefore, in this Privacy Notice, we want to transparently inform you which personal data we collect from you and why and who might receive it. Furthermore, we would like to inform you which precautions we take to protect your personal data, which rights you have in this context and to whom you can turn for data protection concerns.

Regarding the terms used in this Privacy Notice, such as “Processing” or “Controller”, we refer to the definitions of the.

This Privacy Notice is drafted in English and German. In case of conflict the English version shall be the binding version.

2. Applicability To whom does this Privacy Policy apply? 

Veriwealthfinance GmbH and its direct and indirect subsidiaries (hereinafter referred to as "Veriwealthfinance" or "Veriwealthfinance"  or "we") offer via its websites (e.g.: www.veriwealthfinance .com,) and its mobile applications (“Mobile App”) (together hereinafter referred to as "website" or “platform”) services and products related to buying and selling cryptocurrencies and other digital assets as well as payment and IT services.

Descriptions of the provided services and the legal entities providing them can be found in Section 4 of the Veriwealthfinance  General Terms and Conditions. In order to keep this Privacy Policy neat and easy to read, we want to provide a brief overview (the specifics will depend on the user’s location and the used product). Concerning our Platform, the following entities are the “main actors”: 

  • Veriwealthfinance  GmbH: has its business address at Stella-Klein-Löw Weg 29, 1200 Vienna, Austria, registered in the commercial register of the Commercial Court of Vienna and is the content provider of the Platform as well as responsible for the offer of cryptocurrencies on it;

  • Veriwealthfinance  Customer Care GmbH: has its business address at Stella-Klein-Löw Weg 17, 1020 Vienna, Austria, is registered in the commercial register of the Commercial Court of Vienna under FN 523486 h and acts as a service provider in regards to the Helpdesk for the Veriwealthfinance  (except for Veriwealthfinance  Custody).

3. Minors: Are minors allowed to use Veriwealthfinance ’s services?

No, the products and services of Veriwealthfinance  are not directed to people under the age of 18 years. Only persons of legal age are permitted to use the services of Veriwealthfinance  and register for an account. Therefore, we are not knowingly collecting personal data from minors. So, if you are under the age of 18 years, please do not use Veriwealthfinance ’s platform and do not provide us with any personal data.

4. Controller:  Who is responsible for the data processing and who can you contact?

Veriwealthfinance  is aware that both the protection and the careful handling of your personal data are very important. Veriwealthfinance  will solely use the Personal Data provided by you in compliance with the applicable data protection laws and this Privacy Notice.

Generally, each company of the Veriwealthfinance  is a Controller pursuant to Art 4 para 7 GDPR and therefore responsible for the processing of personal data in connection with the services provided by the specific company (for the different services see Point 2). In some cases, entities of Veriwealthfinance  might act as Processor pursuant to Art 4 para 8 GDPR on behalf of each other. 

Due to the high data security standards in the Veriwealthfinance Veriwealthfinance  considers it necessary to implement a group-wide uniform data protection strategy. Thus, Veriwealthfinance  acts as a central point of contact for all data protection issues concerning all services offered by the Veriwealthfinance  via the platform or the Mobile App.

5. Data categories and sources:  Which personal data do we process and from which sources does the data originate?

We process the personal data that we receive from you within the scope of the business relationship and your usage of our Website or Mobile App (Platform). Furthermore, we might process data we receive within the Veriwealthfinance  and data we have received from credit agencies, debtor directories, business analysis providers and from publicly accessible sources (e.g.: commercial register, register of associations, land register, media, sanctions lists).

When using Veriwealthfinance 's services or interacting with Veriwealthfinance , the following personal data might be processed:

  • Contact and general account creation data: when creating a new user account or communicating with Veriwealthfinance , we might process for example: name, address, telephone number, email, date of birth, photo for the account, etc.;

  • Verification data: when an account is verified, we might process for example: screenshots/photos of national identity documents (e.g.:passport, driving licence, ID card) and identification data from these documents, utility bill details for residence verification, data about status of politically exposed persons, video data from the video authentication process, biometric data for verification (see point 7), etc.;

  • Financial data for facilitation of transactions: e.g.: bank details (IBAN, BIC), payment service provider information, payment details, transaction-ID, etc.;

  • Log data on the website: e.g.: IP-address, transaction data, deposit and withdrawal address, computer or mobile device information, frequency, time, operating system, browser type, device type, unique device identification number, identification cookies (e.g. for the Affiliate and Tell-a-Friend programme), optionally form data, crash reports, performance data, interactive chat (for Veriwealthfinance  Custody), third-party cookies, etc.;

  • Mobile app data: e.g.:IP-address, transaction data, deposit and withdrawal address, mobile device information, frequency, time, operating system, browser type, device type, unique device identification number, optionally form data, crash reports, performance data and only with your explicit consent, data from: camera, microphone, storage, telephone (read SMS confirmation);

  • Company details in case of business accounts: e.g.: commercial register reports, data of/or concerning beneficial owners, records or additional information on recent, past or planned business activities, other data necessary to determine/validate the structure, the beneficial ownership or any power of attorney of the company, etc;

  • Details to and proof of funds, if necessary: e.g.: banking statements or any other details provided by banks or financial institutions, contracts of sales or contracts in general, or any other suitable data to prove or determine the origin of funds. In order to determine Client's purpose for using the above-mentioned services or trading volume additional information on recent, past or planned business or personal activities of business or private Clients or other data to determine the Client’s intentions, if necessary, can be processed, as requested byVeriwealthfinance  or provided by the Client;

  • Personal data provided by you in requests to our Support or other employee;

  • Marketing data: if you visit our website or social media sites or during the usage of the Mobile App, we might process statistical and marketing data for example: number of visitors, frequency, clicks, time, places, target groups, data from cookies and similar technologies, consumer’s behaviour, interests and preferences, data about market research and target groups surveys, etc.; for social media see also point 11 and for cookies our Cookie Policy.

  • Research data: if you, inter alia, participate in any discussion boards, panels, etc. provided by Veriwealthfinance  or take part in one of our research initiatives and provide data via forms (which you might receive separate information about if you voluntarily agree to participate);

  • Photo, video and audio data from events or fairs or interviews: e.g.: photo, video and audio data. 

  • Data concerning experience and investing which is derived from Cash Plus appropriateness test .

For users of Veriwealthfinance  Custody, we want to point out two specific data categories: 

  • Blockchain data: your private blockchain key that will be managed and used to verify and carry out transactions you make online through the App/site;

  • Background check data: might also include credit checks.

6. Purpose and legal basis for using personal data:  For which purposes and on what legal basis do we process your personal data?

All processing is performed in accordance with applicable data protection legislation. This includes, inter alia, the EU General Data Protection Regulation (GDPR), the E-Privacy Directive and the national implementing acts (e.g. the Austrian Data Protection Act). We process your personal data: 

6.1. For the performance of contractual obligations (Art 6 para 1 lit b GDPR):

Processing of personal data might be necessary for the performance of the contract with you or in order to take steps at your request prior to entering into a contract. The following data processing operations, for example, are covered by such contractual obligations:

  • general performance of our services, all tasks necessary for the operation, performance and administration of Veriwealthfinance  and its platform;

  • video authentication process if you register for an account (validation of identity);

  • account management (e.g. continuous updating of Client data); 

  • execution of your orders (e.g. payment processing, chargebacks, proof of purchase and selling);

  • data processing and data transmission to precious metals vendors for the transferral of ownership of precious metals to you in accordance with your order; 

  • Client service and support request;

  • performance of the Affiliate programme and the Tell-a-Friend programme; 

  • application processing and data transmission for the Veriwealthfinance  Debit Card (see point 8.4.).

6.2. For compliance with legal obligations (Art 6 para 1 lit c GDPR):

Processing of personal data might also be necessary for complying with various legal obligations (e.g. 5. AMLD, ZaDiG 2018, GewO 1994, etc.). The following data processing operations, for example, are covered by such legal obligations:

  • contract management, accounting and invoicing;

  • compliance and risk management;

  • Know-Your-Customer measures like video authentication process (validation of identity) and proof of funds;

  • monitoring for prevention of fraud, misuse (e.g. for illegal purposes), money laundering and terrorist financing;

  • providing information to fiscal criminal authorities in the context of fiscal criminal proceedings or to prosecution in accordance with official orders;

  • consultation of credit agencies to determine creditworthiness and default risks.

  • appropriateness test. 

6.3. To protect legitimate interests (Art 6 para 1 lit f GDPR):

Where necessary, data processing might take place beyond the performance of the contract in order to maintain the legitimate interests of Veriwealthfinance  or a third party. The following data processing operations are covered by such a legitimate interest:

  • prevention of fraud, misuse (e.g. for illegal purposes), money laundering and terrorist financing;

  • processing inquiries from authorities, lawyers, collection agencies in the course of legal prosecution and enforcement of legal claims in the context of legal proceedings;

  • risk management and risk minimization e.g. through enquiries to credit agencies, debtor directories or providers of business analysis;

  • data transmission within the Midvenandbarnes ltd for internal administrative purposes;

  • account management and handling general Client requests and inquiries;

  • testing and optimization of procedures and models for analyzing requirements, business management, product development and direct customer engagement;

  • process and quality management measures;

  • analysis and improvement of the platform's quality and the general user experience (e.g. performance tracking on the platform);

  • market research, business management and continuing development of services and products;

  • processing statistical data, performance data and market research data via the website, the Mobile App or social media platforms;

  • direct marketing and advertising (e.g. performance of marketing strategies, targeting of Clients, dispatch of vouchers, advertisement from Midvenandbarnes ltd and its partner companies);

  • use of audio, video and photo data from public spaces (e.g. public events, fairs, etc.) for marketing and other representation purposes on our social media channels or our website;

  • performance tracking of the Affiliate programme and the Tell-a-Friend programme;

  • processing Client preferences (e.g. language, region) via cookies on our website (see also our Cookie Policy;

  • identification and examination of potentially defective or suspicious business cases and accesses to our websites (e.g. website analysis);

  • measures for protecting our Clients and Partners, as well as safeguarding network and information security; also measures to protect our employees, Clients and property of Midvenandbarnes ltd e.g. through video surveillance (erasing cycle 72 h) and from external data centres and service providers;

  • data security and IT-security on our website and safeguarding our network (e.g. prevention of identity theft and defective or suspicious accesses to our websites).

  • Processing data for appropriateness test (Cash Plus).

6.4. Based on your consent (Art 6 para 1 lit a GDPR):

If you have given us your consent to process your personal data, processing will only take place in accordance with the defined purposes and to the extent agreed in the declaration of consent. Given consent may be withdrawn at any time without giving reasons and with future effect, if you no longer agree to the processing. For example, with your consent we are processing data for the following purposes:

  • for the use of all functions of the Mobile App (e.g. telephone permission to read SMS confirmation, camera to scan barcodes, microphone for commands, etc.);

  • direct marketing and advertising (e.g. Client satisfaction surveys, newsletters, sweepstakes and other advertising communications);

  • website analysis and tracking for advertising purposes (see also our Cookie Policy);

  • certain uses of audio, video and photo data (e.g. commercials, interviews, etc.) for marketing and other representational purposes via various channels;

  • auto-ident procedures for verifying your account (validation of identity) (see point 7).

Please note that the withdrawal of the consent does not affect the lawfulness of processing based on consent before its withdrawal.

6.5. Processing for other purposes: 

As a general principle of Midvenandbarnes ltd, we only process personal data for the purposes for which they were collected. In exceptional cases, however, we might process your personal data which we have collected for one specific purpose for another purpose. In this case, we will inform you before the intended processing about this purpose, the period for which your personal data will be stored, the exercise of data subject rights, the option to withdraw consent, the existence of the right to file a complaint with the data protection authority, whether provision of the data was necessary on legal or contractual grounds and what the consequences would be if it were not provided, and whether automated decision-making or profiling is carried out.

7. Special categories of personal data:  Does Midvenandbarnes ltd process special categories of personal data?

This term stems from Art 9 GDPR and includes data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic and biometric data (Art 9 para 1 GDPR). In general, Midvenandbarnes ltd does not process such categories of personal data, with twofold exceptions being for the purposes of identity verification, and fraud prevention as per Art 9 para 2 lit g GDPR and §21 (6) FmGwG the Financial Market Money Laundering Act (FmGwG) respectively. 

During your onboarding you may be asked to complete identity verification via auto-ident procedures in which, in addition to the actual verification data (e.g. screenshots of ID documents and identification data from these, residence, status of politically exposed persons, video data, etc.), biometric data (e.g. personal data resulting from specific technical processing in connection with the physical, physiological or behavioural characteristics of a person and enabling the unique identification of a person, e.g. facial images, dactyloscopic data) is also collected. Such processing of biometric data takes place on the basis of your express consent, which you may revoke at any time, and on the basis of substantial public interest as outlined in Art 9 GDPR. Therefore, we also process and store the provided biometrical data on the grounds of public interest for the purposes of fraud prevention (§21 (6) FmGwG). 

The biometric data will be processed solely by our service providers and will be erased completely within six months after performing the identification. Midvenandbarnes ltd only receives the positive or negative verification result alongside other verification data and does not process biometric data from Clients itself at any time.

8. Recipients of personal data:  Who receives your personal data?

In order to protect your personal data, we will never sell it and we in general limit the recipients to the following four groups: 

8.1. Data transfer within the Midvenandbarnes ltd:

Within the Midvenandbarnes ltd, your personal data will be shared between companies: if there is a legal basis as described above. Our employees treat your data with the highest security standards and also only have access on a need-to-know basis.

8.2. Data transfer to Processors 

To a limited extent, we also transmit personal information to Processors. Such include, inter alia, service providers for video authentication services, IT services, Client support, improvement of our website, monitoring of defective business cases, application management. Processors may only use or disclose this data to the extent necessary to perform services for us or to comply with legal requirements. We contractually oblige these Processors to ensure the confidentiality and security of your personal data that they process on our behalf. 

8.3. Data transfer to public bodies and institutions:

We might also transfer your personal data might be disclosed to public bodies and institutions (i) if we are required to do so by law or in the context of legal proceedings, (ii) if we believe that disclosure is necessary to prevent damages or financial loss, or (iii) in connection with an investigation into suspected or actual fraudulent or illegal activities.

8.4. Data transfer to other third parties:

Midvenandbarnes ltd will only share your personal data with other third parties if a legal basis applies. This may be due to our contract with you, our legitimate interests, a legal obligation or your prior consent (withdrawable at any time).

We want to especially highlight four types of third parties that we might have to share data with: 

  • Card Provider: if you use the Midvenandbarnes ltd debit card, we will send your personal data as required to our partner Contis. Your personal data might be processed (this may include verification data, contact data and financial data) to issue the Midvenandbarnes ltd debit card; 

  • Whitelabel Partner: if you are a Midvenandbarnes ltd user via one of our Whitelabel Partners (please see point 16), we might share personal data with them.. Please see their respective Privacy Policies as linked below;

  • Payment gateway provider: if you are a Midvenandbarnes ltd Custody user, payments made on the website or via the App are made through such entrusted third party. Such partner will not share your payment card details with Midvenandbarnes ltd and processing is subject to their own privacy policy and terms and conditions; 

  • Content managing system: the Midvenandbarnes ltd Custody website is hosted in Hubspot who has their own Cookie Policy.  

9. International data transfer: Is data transferred to third countries or international organisations?

Midvenandbarnes ltd will process your personal data in general within the European Economic Area. In some circumstances it might be the case that it is processed also outside the European Economic Area. If this is the case, we will rely on appropriate data transfer mechanisms according to Art 44 et seq GDPR. This might be, inter alia: 

  • an adequacy decision by the European Commission;

  • standard contractual clauses as published by the European Commission; 

  • binding corporate rules. 

Regardless of where your personal data is processed, it will be processed in accordance with the provisions in the Privacy Notice, including the technical and organisational measures outlined in point 17. 

10. Social Media presence:  Is your data processed on social media platforms and who is responsible in such cases?

Midvenandbarnes ltd maintains social media presence on different platforms (see below) in order to communicate with its active Clients, prospective Clients and interested social media users about Midvenandbarnes ltd’s services, products and other news. For your own use of such social media platforms, the general terms and conditions, as well as the privacy policies and practises (e.g. processing outside of the European Economic Area) of these operators, apply. We would like to point out that user data may also be processed outside the European Union. This can result in risks for users due to different legal frameworks (e.g. it could make it more difficult to enforce data subject rights).

Social media platforms might track your behaviour (e.g. what content you clicked on or what websites you opened) when you are logged in to your account. To prevent such associations, you may want to log out of your social media accounts. Midvenandbarnes ltd has no control and no responsibility over the general activities of social media platforms and your behaviour and will therefore not assume any liability for damages incurred by them using your personal data. For more information regarding tracking, cookies and similar technologies as well as opt-out possibilities in Midvenandbarnes ltd’s own services and associated services, have a look at our Cookie Policy.

Contrary to what was said about the general practices of social media platforms, Midvenandbarnes ltd is responsible for the processing of personal data gathered by communicating directly with us via such platforms (e.g. likes, direct messages, comments). At the same time, this personal data will also be processed by the social media platform itself according to their own practices and privacy policy and we have no influence on this. For a detailed explanation of the respective processing and the possibilities of exercising data subject rights and opting out of tracking with providers of social media networks, we refer to the respective privacy notices of the providers. 

Our social media pages and channels and links to their privacy policies: 

Our social media pages and channels

Privacy Policy

Instagram

Link

Facebook

Link

Twitter

Link

 

Facebook Insights: Midvenandbarnes ltd maintains a Facebook Fanpage (“Fanpage”) and uses the associated analytic tool “Facebook Insights”. With this tool, Midvenandbarnes ltd receives anonymous statistical evaluations about its Fanpage (e.g. number of visitors, frequency, target groups, etc.). For the processing of personal data in this context Midvenandbarnes ltd and Facebook Ireland Limited (“Facebook”) are joint controllers (Art 4 para 7 GDPR) and therefor jointly responsible for the data processing. A corresponding agreement is in place between Midvenandbarnes ltd and Facebook in accordance with 26 para 1 GDPR. However, Midvenandbarnes ltd does not store any of this data, the data is solely stored by Facebook and processed via Insights.

11. Newsletter: What is the legal basis for electronic notifications and how to unsubscribe?

If you would like to receive more information in regards to our existing product, related news or new launches, you might want to read our newsletter.We will only send newsletters and other electronic notifications to you if you are subscribed. This will only be the case: 

  • with your express consent after having subscribed for it (double opt-in); where we will validate that the email address you disclosed is actually yours by asking you to confirm your subscription; or

  • after voluntarily subscribing during registration for a Midvenandbarnes ltd account; or

  • subscribing while signed into your account via the Mobile App or the website; or

  • in compliance with a different legal basis (e.g. Art. 107 para 3 of the Austrian Telecommunications Act [TKG]). 

Our newsletter might contain trackers for us to better understand our Clients’ interactions with the newsletter. 

If you need a break from our newsletter or do not want to receive it anymore, you may unsubscribe at any time. This, you can either do via your Midvenandbarnes ltd account or via an unsubscribe link at the end of a newsletter email.

12. Retention and deletion periods: For how long is my personal data processed (stored) and when will it be deleted?

We retain and process your personal data only as long as absolutely necessary. This means for the duration of the entire business relationship (from initiation through performance to termination of a contract), and after that for how long applicable legal retention periods stipulate. 

Statutory retention periods applicable to Veriwealthfinance  are, inter alia:

  • the Austrian Enterprise Code (UGB) and the Federal Tax Code (BAO) that foresee a retention period of seven years,

  • the Financial Market Money Laundering Act (FM-GWG) that foresees a retention period often years,

  • in certain cases, the limitation period according to the Austrian General Civil Code (ABGB) that foresees a retention between three and thirty years ;e.g. if data is required as evidence for legal disputes or for as long as there are other legitimate interests in retention.

Therefore, your personal data will only be kept as long as absolutely necessary per the conditions above, after which it will be erased from our systems. 

13. Data subject rights: What rights do I have under the GDPR?

Right of access (Art 15 GDPR)

You have the right to request confirmation from us as to whether we are processing personal data concerning you and to receive a copy of the personal data concerning you which is undergoing processing. This right can also be exercised directly from either the web or mobile application from our Privacy and Terms section. 

Right to rectification (Art 16 GDPR)

You can at any time request to rectify incorrect data and provide supplementary information to an incomplete record. 

Right to erasure (Art 17 GDPR)

You can at any time ask us to delete the personal data we have stored about you, which we will act upon unless there is an overriding exception. We will not be able to comply with your request if we still need to process the data in relation to the purposes for which we collected them in the first place (e.g. you are still in an active business relationship with us). Another case where we might deny your request is if you withdraw your consent on which the processing was based but there is another legal basis or overriding legitimate interest on our side for that. The most important case where we cannot delete your data is when we are required to retain it for compliance with a legal obligation under European Union or Member state law that we are subject to. In any other case, we will gladly follow-up on your request. 

Right to restriction of processing (Art 18 GDPR)

You have the right to ask us to restrict the processing of your personal data where one of the following conditions applies:

  • you contest the accuracy of the personal data (the restriction shall be put in place for a period which enables Midvenandbarnes ltd to verify the accuracy of the personal data);

  • the processing of your personal data was unlawful, and you oppose the erasure of your personal data and request instead the restriction of their use;

  • Veriwealthfinance  no longer requires your personal data for the purposes of the processing, but you require them for the assertion, exercise or defence of legal claims; or

  • you have objected to processing of your personal data and it has not yet been determined whether the legitimate grounds of Veriwealthfinance  ltd override your own.

Right to data portability (Art 20 GDPR)

You have the right to receive the personal data concerning you which you have provided to us in a structured, commonly used and machine-readable format. You shall also have the right to request that we transfer these data directly to another controller, designated by you, where this is technically feasible and does not adversely affect the rights and freedoms of others. The right to data portability may only be exercised where the basis of the processing is either your consent or a (pre)contractual necessity, and where the processing is carried out by automated means. The right to data portability does not apply to processing which is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller.

Right to object (Art 21 GDPR)

You have the right to object on grounds relating to your particular situation to the processing of your personal data at any time if the processing is based on our legitimate interests. We will stop processing your data for this purpose unless we can demonstrate compelling legitimate grounds for the processing which override your interests, rights and freedoms or unless the processing is for the assertion, exercise or defence of legal claims. 

In regards to personal data processed for direct marketing purposes, you can object at any time by contacting us via the listed contact points. 

Your objection does not affect the lawfulness of processing your personal data based on legitimate interests before your withdrawal

Right to withdraw consent (Art 7(3) GDPR)

You have the right to at any time withdraw your consent for processing, upon which we will stop processing your personal data based on this legal basis unless a different legal basis is applicable. The withdrawal does not affect the lawfulness of processing your personal data based on legitimate interests before your withdrawal.

Right to not be subject to automated decision-making (Art 22 GDPR)

Veriwealthfinance.com does not use personal data for automated decision-making including profiling within the meaning of Art 22 GDPR (e.g. decisions producing legal effects concerning data subjects, or otherwise significantly affecting them, based solely on automated processing of personal data, including profiling).

 

To exercise one of the above-mentioned rights you can approach us either via our Support or simply send an email to privacy@veriwealthfinance.com or a letter to Veriwealthfinance  GmbH, Stella-Klein-Löw Weg 17, 1020 Vienna, Austria. Please note that for such requests we require further identification data from you (e.g. copy of Passport, ID card, etc), in order to ensure that your personal data is only shared with you.

14. Automated decision-making: Does Veriwealthfinance  use my personal data for automated decision-making including profiling?

Veriwealthfinance  does not use personal data for automated decision-making including profiling within the meaning of Art 22 GDPR (e.g. decisions producing legal effects concerning data subjects, or otherwise significantly affecting them, based solely on automated processing of personal data, including profiling).

15. Supervisory authority With which supervisory authority can I file a complaint?

You have the right to file a complaint to the competent supervisory authority, if you think your rights have been violated under the GDPR. In Austria, this is the Data Protection Authority (Datenschutzbehörde).

16. White Label Solution (only applicable for customers of White Label Solution Partners)

Veriwealthfinance  offers its own white label solution. This allows the offer of Veriwealthfinance  products to customers of certain partners. For this, the infrastructure of Veriwealthfinance  is used. Furthermore, to provide the service it is necessary that personal data is transferred between Veriwealthfinance  and their partners. Point 16 is only applicable to the data processing of customers of white label solution partners. 

What categories of personal data will be processed and exchanged?

Veriwealthfinance will receive any personal data which is necessary to open a verified account and process them in its role as Controller. Among this data will be name, address, verification data and KYC data (please refer to point 5 and 6). Furthermore, Veriwealthfinance is required to share personal data with the concerned White Label partner, when it is necessary for providing the service (please refer to point 8).

What’s the purpose of it and what’s the legal basis? 

For the fulfilment of the service, it is necessary to process personal data for the performance of the contract. Furthermore, the processing of, for example, KYC data is necessary due to a legal obligation (please refer to point 6).

What data do we not get?

We won’t receive any data which is not necessary for providing the services of Veriwealthfinance . In other words, all data, which is solely necessary for the main service of the partner, won't be transferred to Veriwealthfinance.

 

17. Data Security: How is my personal data protected?

The security of data is very important to Veriwealthfinance and we are committed to protecting data we collect. We maintain comprehensive administrative, technical and physical measures designed to protect your personal data against accidental, unlawful or unauthorised destruction, loss, alteration, access, disclosure or use. These measures meet the highest international safety standards and are regularly reviewed regarding their effectiveness and suitability for achieving the intended safety objectives.

We have implemented the following technical and organisational measures for example:

  • SSL encryption on our websites from which we transfer personal data;

  • two-factor authentication (2FA) for our platform; 

  • ensuring the confidentiality, integrity, availability and resilience of our systems and services;

  • use of encrypted systems;

  • pseudonymisation and anonymisation of personal data;

  • entry, access and transfer control for our offices and systems;

  • measures for rapid recoverability of the availability of personal data in the event of a physical or technical incident;

  • measures for privacy by design and default on our platform like e.g. prevention of user enumeration;

  • implementation of procedures for regular review, assessment and evaluation of the effectiveness of the technical and organisational measure to ensure the security of the processing like e.g. our bug bounty programme;

  • internal IT security guidelines and IT security trainings; 

  • incident-response management.

Please also make sure that you use the two-factor authentication (2FA) for your Veriwealthfinance  account, keep your access data confidential and protect your computer against unauthorised access.

18. Updates of this Privacy Policy: How will I find out about changes to this Privacy Policy?

We, Veriwealthfinance, are committed to upholding the principles of data protection up to date. For this reason, we regularly review and update our Privacy Policy. This is to ensure that it is correctly and clearly displayed on our website, contains appropriate information about your rights and our processing activities (also with regard to technical changes or business development) and is implemented in accordance with applicable law, thus complying with data protection requirements. We update this Privacy Policy from time to time when required, in order to take current circumstances into account. If we make significant changes to this Privacy Policy, we will notify you after the login into your account and provide you with the updated version of the Privacy Policy. If it is required by applicable law, Veriwealthfinance will obtain your express consent to significant changes.

19. How to contact us?

Thank you for reading our Privacy Policy! 

If you have any further questions about this Privacy Policy or the processing of your personal data, please contact our privacy team: privacy@veriwealthfinance.com 

Investor from Nepal
recently Invested $125 1 hour ago   Verified User