Release date: 2023-06-18.
This Privacy Policy (hereinafter referred to as the Policy) defines the policy regarding the processing of personal data, contains information about the implemented requirements for the protection of personal data of the Operator.
1. Terms and definitions
1.1. The data subject is an individual who has reached the age of majority, using the Website on the Internet "Fenesy" for financial transactions with electronic, digital or fiat currency.
1.2. Cookies - a fragment of data as part of an HTTPS request intended for storage on the Subject's end device and used by the Operator to identify the Subject.
1.3. The website is a set of programs for electronic computers and other information in the information — telecommunication network —Internet », designed to be displayed in a browser and accessed using the Operator's domain name. In the context of the Operator's activity, the Fenesy website is used
1.4. Registration data — the list of information specified by the Operator during registration on the Fenesy website, and in the future when they change during the execution of the contract.
1.5. Processing of personal data - any action (operation) or a set of actions (operations) performed with or without the use of automation tools with personal data, including collection, recording, systematization, accumulation, storage, clarification (updating, modification), extraction, use, transfer (distribution, provision, access), blocking, deletion, destruction of personal data.
2. General provisions
2.1. The Policy regulates the processing of personal data when the Operator carries out economic activities, including the provision of services for the purchase/sale for the User and on behalf of the User of electronic and/or digital or fiat currency.
2.2. The requirements for the security of the transferred personal data between the Operator and the Subjects are provided for by the contract (User Agreement) concluded between them in accordance with the current legislation.
2.3. In a situation where personal data is received from a Personal data Subject, the latter is responsible for specifying false personal data.
2.4. This Policy applies to personal data received both before and after the entry into force of this Policy.
2.5. The Operator is obliged to adhere to the following principles when processing personal data:2.5.1. the processing of personal data must be carried out on a legal and fair basis;
2.5.2. the processing of personal data should be limited to achieving specific, predetermined and legitimate goals. Processing of personal data incompatible with the purposes of personal data collection is not allowed;
2.5.3. it is not allowed to combine databases containing personal data, the processing of which is carried out for purposes incompatible with each other;
2.5.4. only personal data that meet the purposes of their processing are subject to processing;
2.5.5. the content and volume of the processed personal data must correspond to the stated processing purposes. The processed personal data should not be redundant in relation to the stated purposes of their processing;
2.5.6. when processing personal data, the accuracy of personal data, their sufficiency, and, if necessary, relevance to the purposes of personal data processing must be ensured.
2.5.7. the storage of personal data must be carried out in a form that allows determining the subject of personal data, no longer than the purposes of personal data processing require, unless the period of personal data storage is established by federal law, an agreement to which the subject of personal data is a party, beneficiary or guarantor. The processed personal data is subject to destruction or depersonalization upon achievement of the processing goals or in case of loss of the need to achieve these goals, unless otherwise provided by federal law.
2.5. This Policy is published on the Internet on the Fenesy website.
3. Categories of personal data subjects
3.1. The Operator processes the personal data of all Data Subjects who are Users of the Fenesy website.
4. Purposes and grounds for processing personal data
4.1. The personal data of the Subjects regarding the use of the Site are processed to achieve the following purposes:
4.1.1. familiarization of the User with the Operator's services;
4.1.2. conclusion of an agreement between the User and the Operator and for the purpose of its execution;
4.1.3. Notifying Users about changes in the operation of the Operator's Service,
4.1.4. providing support and service to Users of the Service;
4.1.5. to monitor the use of the Service
4.2. The personal data of the Subjects are processed in connection with the performance of purchase/sale services for the User and on behalf of the User of electronic and/or digital or fiat currency.
4.3. Personal data may be used for other purposes if it is mandatory in accordance with the provisions of the current legislation.
4.4. The processing of personal data is limited to the achievement of specific, predetermined and legitimate goals. Processing of personal data incompatible with the purposes of personal data collection is not allowed.
5. Composition of information about personal data subjects
5.1. The Operator has the right to process the following categories of personal data of Subjects: name, age, passport data, bank card number, electronic payment system account number, cryptocurrency wallet address, e-mail, phone number, address (house, street, locality, country), cookies.
5.2. The term of storage of personal data is determined by the contract or by the nature of another basis for processing.
5.3. The period of processing of personal data of Subjects until the end of the provision of services for the purchase / sale for the User and on behalf of the User of electronic and / or digital or fiat currency.
5.4. The period of processing of personal data of Subjects after the provision of the services specified in clause 5.3 for 3 years.
5.5. Storage of material carriers of personal data is carried out separately for each category of personal data subjects.
6. Storage and processing of personal data
6.1. The Operator may process personal data in personal data information systems, ensuring their proper protection.
7. Rights of the Subject
The subject of personal data has the right to:
7.1. Apply for changes to the personal data provided or for their deletion.
7.2. To send to the Operator requests concerning the processing of his personal data, within the competence of the Operator.
7.3. To exercise other rights provided for by the current legislation.
7.4. Apply for changes to the personal data provided or for their deletion. To send to the Operator requests concerning the processing of his personal data within the competence of the Operator. To exercise other rights provided for by the current legislation.
8. Information about the implemented requirements for the protection of personal data
8.1. When processing personal data, the Operator takes the necessary legal, organizational and technical measures and ensures that they are taken to protect personal data from unauthorized or accidental access to them, destruction, modification, blocking, copying, provision, dissemination of personal data, as well as from other illegal actions with respect to personal data, which are in particular (but not limited to):8.2. Appointment of the person responsible for the processing of personal data.
8.3. Limitation of the number of employees who have access to personal data.
8.4. Software identification of Subjects, employees of the Operator and accounting of their actions. 8.5. Implementation of anti-virus control and other measures against malicious software and mathematical effects.8.6. The use of backup and recovery tools.
8.7. Software update in the presence of security fixes from manufacturers.
8.8. Implementation of encryption when transferring personal data on the Internet. 8.9. Taking measures related to the admission of only proper persons in the places of installation of technical means. 8.10. The use of technical means of protection of premises in which technical means of personal data information systems are located, and places of storage of material carriers of personal data. 8.11. The Operator ensures the security of personal data, in particular by using them: