Privacy Policy

Last updated: Jul 24, 2024

1. INTRODUCTION

Thank you for visiting 1key.so / onekey.so (the “Site”) or the OneKey app (the “App”). 

OneKey, as a data controller, provides this Privacy Policy Statement (“Privacy Policy”) to describe our practices regarding the collection, storage, use, disclosure, and other processing of Personal Data (defined below). By visiting, accessing, or using the Site and associated application program interfaces or mobile applications, you (a) acknowledge that you have the right, capacity, and authority to accept this Privacy Policy; (b) acknowledge that you have read and understand this Privacy Policy; and (c) consent to the policies and practices outlined in this Privacy Policy. So please read them carefully to understand what we do.

This Privacy Policy explains what data we collect, why we collect it, how such data is used and stored, how such data may be shared by us, rights you may have, and how you can contact us about our privacy practices. If you do not wish for your Personal Data (as defined below) to be used in the ways described in this Privacy Policy, you should not use the Site or App.

2. DEFINITIONS

  • Digital Asset: “Digital Asset” means a digital asset (also called a “virtual financial asset”, “convertible virtual currency”, “cryptocurrency”, “virtual currency”, “digital currency”, “digital commodity”, or “digital payment token”), which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized; (ii) closed or open-source; and (iii) used as a medium of exchange and/or store of value.
  • Personal Data: “Personal Data” typically means any information which, either alone or in combination with other data, enables you to be directly or indirectly identified, such as your name, email address, username, contact details, identification number, location data, an online identifier such as a complete IP address, device ID, or one or more factors specific to the physical, economic, cultural, or social identity of you. Only the personal data from applicable national law of your legal residence will apply to you and be deemed your Personal Data.
  • Sensitive Information: “Sensitive Information” is Personal Data that includes information relating to a person's racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences, criminal record, and/or biometric or health information.

3. WHAT PERSONAL DATA WE COLLECT AND HOLD, AND HOW WE COLLECT IT

OneKey collects, processes, and stores Personal Data through your use of its services or when you provide consent. This Personal Data may encompass contact details, copies of identification documentation supplied by you or sourced from publicly accessible databases, your government identification number, as well as information related to your device or internet service (such as an IP address).

OneKey collects information you provide during the onboarding process on the OneKey Site, whether this process is completed, incomplete, or abandoned. Additionally, OneKey collects Personal Data when you communicate with customer support, subscribe to marketing communications, correspond with us via phone, email, or other communication channels, or conduct transactions on the OneKey Site. OneKey may actively or automatically collect, use, store, or transfer your Personal Data, which may include, but is not limited to, the following:

  • Personal identification information such as name, email, phone number, nationality, date of birth, address, and government identification information;
  • Institutional details such as corporate legal name, corporate registration information, government identification number, proof of identity and legal existence, address, business description, and beneficial owner information;
  • Commercial information related to transactions conducted on the OneKey Site;
  • Financial information such as credit/debit card numbers and bank account information;
  • Correspondence Information including communication with our Customer Support team and responses to user surveys;
  • Information required by regulatory agencies such as state and federal licensing authorities and consumer protection agencies; and
  • Other identifiers such as device fingerprint data, IP address, and geolocation information.

OneKey may also collect Personal Data about you from third parties, such as electronic verification services, referrers, marketing agencies, or liquidity providers. If so, reasonable steps will be taken to ensure that these parties are aware of applicable privacy laws. OneKey may also use third parties to analyze traffic on its website, which may involve the use of cookies. Information collected through such analysis is not anonymous.

OneKey will not collect Sensitive Information about you without your consent, unless an exemption or exception applies. These exemptions or exceptions include situations where collection is required or authorized by law, or necessary to take appropriate action regarding suspected unlawful activity or serious misconduct.

If you do not provide the Personal Data requested, OneKey may not be able to offer you the full benefits of its services or appropriately meet your needs. 

Furthermore, OneKey conducts business and collects Personal Data from individuals and entities located in various jurisdictions in compliance with data protection laws. Where applicable, OneKey is required to protect Personal Data processed in such jurisdictions in accordance with the relevant data protection laws.

4. HOW WE USE YOUR PERSONAL INFORMATION

OneKey may use your information in the following ways and for the following purposes:

  • To Provide OneKey's Services

We use your personal information to deliver our services to you. For instance, when you place an order on our official store, we need certain details such as your identification, contact, and address information for invoicing, delivery, analytics, and service notifications. Additionally, we may collect your information for bug-fixing, analytics to improve our products and services, identifying additional services and functionalities you might need, processing requests for assistance, finding and preventing security problems, fraudulent activity, and violations, optimizing marketing operations (e.g., information on the most-used functionalities), and sending important information (e.g., security notifications).

  • To Maintain Legal and Regulatory Compliance

OneKey processes your personal information to comply with anti-money laundering and security laws. Additionally, when you use our OneKey Card service, we may request further information to verify your identity or address in collaboration with service providers, as required by law. We also use your personal information to help detect, prevent, and mitigate fraud and abuse of our services, protecting you from account compromise or funds loss. 

  • In Our Legitimate Business Interests

At times, processing your personal information is necessary for our legitimate business interests, including:

    • Recruitment and hiring
    • Quality control and staff training
    • Enhancing security, monitoring, and verifying identity or service access, and combating spam or other malware or security risks
    • Research and development purposes
    • Improving your experience of our services and sites
    • Facilitating corporate acquisitions, mergers, or transactions

5. LEGAL BASES FOR PROCESSING YOUR INFORMATION

For individuals located in the European Economic Area, United Kingdom or Switzerland at the time their personal data is collected, we rely on legal bases for processing your information under the relevant data protection legislation. These bases mean we will only process your data where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), for our legitimate interests to operate our business, to protect OneKey or your property rights, or where we have obtained your consent to do so. We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission.

6. WHO DO WE SHARE YOUR DATA WITH

OneKey may disclose Personal Information about you under the following circumstances:

  • Group Entities

OneKey may disclose Personal Information about you to our affiliates and subsidiaries, if any, for the purpose of providing the Services and conducting business.

  • Service Providers

We work with third parties to provide the Services such as hosting, maintenance, network management, cybersecurity, and support. These third parties may have access to or process your Personal Information as part of providing those services to us. For example:

    • When you use a credit card to pay for our Services, information such as your name, billing address, phone number, email address, and credit card information will be submitted to service providers for verification and to manage any recurring payments.
    • We use cloud service providers who we rely on for data storage, disaster recovery, and to perform our obligations to you.
    • We use service providers of business communication tools.
    • We use service providers who manage the networks for the operation of the Services and to improve latency for our users.
    • We use service providers to help us prevent malicious actors from threatening the Services and to comply with legal obligations, such as preventing individuals from sanctioned territories, or sanctioned individuals, from accessing the Services.
  • Native Integrations

You can use native integrations to share data with other applications. OneKey does not share data from integrated apps with any other services or clients.

  • Legal

Personal information about you may be disclosed to law enforcement agencies, regulatory bodies, public authorities, or pursuant to the exercise of legal proceedings if we are legally required to do so, or if we believe, in good faith, that such disclosure is necessary to comply with a legal obligation or request, to enforce our terms and conditions, to prevent or resolve security or technical issues, or to protect the rights, property, or safety of OneKey, our Users, a third party, or the public.

  • Strategic Business Partners

Where you have provided your consent, we may share your Personal Information with our strategic business partners in limited circumstances, for example, for marketing and advertising purposes.

  • Third Party Platforms

Your Personal Information may be disclosed to Third Party Platforms where you have requested to interact with a third-party service or platform. Please see Third Party Links and Websites for more information.

7. YOUR RIGHTS

The rights associated with the Services provided by OneKey are described below. Please note that these rights may only be available to you in specific regions, countries, or states based on where you reside. In certain cases, OneKey may be prevented from allowing you to exercise these rights, but OneKey will inform you if that is the case when you seek to exercise them.

You have the following rights associated with the processing of your Personal Information:

  • Right to Access or Right to Know. You have the right to obtain access to the Personal Information that OneKey holds about you and to request certain information about OneKey's processing. You have the right to receive an explanation of (i) why OneKey processes your Personal Information, (ii) the categories of Personal Information OneKey has about you, (iii) who OneKey shares your Personal Information with, (iv) how long OneKey stores your Personal Information, and (v) who OneKey received your Personal Information from if it was not collected from you directly. OneKey will also inform you about your privacy rights and notify you where OneKey engages in automated decision-making.
  • Right to Rectification or Correction. You have the right to correct, update, or complete any Personal Information OneKey holds about you that is inaccurate or incomplete. Please note that OneKey may rectify or remove incomplete or inaccurate information at any time and at its own discretion.
  • Right to Erasure or Deletion. You may request to have your Personal Information anonymized, erased, or deleted, as appropriate. In this case, if there is no overriding legitimate interest or requirement to continue processing your Personal Information, OneKey will erase your data.
  • Right to Object to Processing. You have the right to object to OneKey's processing of your Personal Information where OneKey is relying on a legitimate interest or if OneKey is processing your Personal Information for direct marketing purposes.
  • Right to Restrict Processing. You have the right in certain circumstances to stop OneKey from processing your Personal Information other than for storage purposes.
  • Right to Portability. You have the right to receive, in a structured, commonly used, and machine-readable format, Personal Information that OneKey holds about you, if OneKey processes it based on a contract with you, or with your consent, or to request that OneKey transfer such Personal Information to a third party.
  • Right to Withdraw Consent. You may withdraw any consent you previously provided to OneKey regarding the processing of your Personal Information at any time and free of charge. OneKey will apply your preferences going forward. This will not affect the lawfulness of the processing before you withdraw your consent.
  • Right to Lodge a Complaint. You may lodge a complaint with a supervisory authority, including in your country of residence, place of work, or where you believe an incident took place.
  • Right Against Discrimination. OneKey will not discriminate against you for exercising your rights.
  • Right to Opt-Out of Targeted Advertising, Sale, or Sharing. You can ask OneKey to stop using your Personal Information for targeted advertising when required by law.

You may exercise these rights by contacting OneKey as set out in the “Contact Us” section below.

Please note that, prior to any response to the exercise of such rights, OneKey may require you to verify your identity. In addition, OneKey may have valid legal reasons to refuse your request and will inform you if that is the case. Note that applicable laws contain certain exceptions and limitations to each of these rights. Subject to certain restrictions, you can ask an agent to exercise your rights for you. If you have an agent exercising your rights, that person must provide OneKey with your written authorization allowing them to make such a request on your behalf. OneKey reserves the right to deny the agent’s request if OneKey is not reasonably able to confirm proper authorization and/or verify your identity as the requestor.

To appeal any refusal by OneKey to act on a data subject rights request, contact OneKey by email at: support@onekey.so

8. RETENTION OF INFORMATION

We will retain your Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy, to make the Services available to you, or as instructed by you, unless a longer retention period is required or permitted by law. We may also keep your data for as long as it is needed in relation to a legal claim, complaint, litigation or regulatory proceedings.

9. SECURITY AND STORAGE

We implement a variety of security measures that are reasonably designed to protect the safety of your Personal Information from loss, misuse, and unauthorized access, disclosure, alteration, or destruction when you enter or submit your Personal Information on the Services. However, no Internet or email transmission is ever fully secure or error free. Please keep this in mind when disclosing any information to us via the Internet. IF YOU BELIEVE YOUR PRIVACY HAS BEEN BREACHED THROUGH USE OF THE SERVICES, PLEASE CONTACT US IMMEDIATELY. When you use the Services, Personal Information about you will be stored in the United States. 

10. ELIGIBILITY

OneKey does not knowingly offer services to or collect the Personal Data of anyone under the age of 18. If we learn that we have collected Personal Data of anyone under the age of 18, we will promptly delete it from our systems. If you are aware of anyone under the age of 18 using our Services, please notify us so we can take prompt action to prevent access to our Services.

11. CHANGES TO OUR PRIVACY POLICY

We may update this Privacy Policy at any time by posting the amended version on this Site including the effective date of the amended version, so please check frequently to see if there are any updates or changes. Your continued access to or use of this Site and/or the Services constitutes your acknowledgment and acceptance of such changes to this Privacy Policy.

12. LANGUAGES

This Privacy Policy may be posted in different languages. If there are any discrepancies, the English version shall prevail.

13. ADDITIONAL INFORMATION FOR PERSONS SUBJECT TO THE EU GDPR

For European Residents, we adhere to relevant and applicable EU data protection laws and provide them with the following additional information. For the purposes of this section, Personal Data has the applicable meaning provided for in the GDPR.

1. We process Personal Data subject to the GDPR on one or more of the following legal bases:

  • To comply with legal obligations and regulations. To comply with applicable laws, regulations and legal obligations, including “know your customer” obligations based on applicable anti-money laundering and anti-terrorism requirements, financial crime and fraud prevention, suspicious activity reporting, responding to requests from public authorities, complying with economic and trade sanctions requirements, performing customer due diligence, performing audit and risk assessments, preparing tax reports, fulfilling our retention obligations, and handling legal claims.
  • To comply with contractual obligations. To comply with our contractual obligations to you under our Terms of Service, including to provide you with our Services and customer support and to optimize and enhance the Site.
  • Consent. To provide and market our Services to you based on your consent. You may withdraw your consent at any time without affecting the lawfulness of processing based on consent before it is withdrawn.
  • Legitimate interest. To monitor the usage of the Site, fraud prevention, network, and information security, conduct automated and manual security checks of our Services, to engage in direct marketing activities, and to protect your rights. When we process your personal data for our legitimate interests, we consider and balance any potential impact on you and your rights under data protection laws.

2. European Residents have the following rights under the GDPR with respect to their Personal Data, subject to certain exceptions provided under the law.

  • Right to Access and Rectification. You may submit a request that OneKey disclose the Personal Data we process about you and correct any inaccurate Personal Data.
  • Right to Erasure. You may submit a request that OneKey delete the Personal Data that we have about you.
  • Right to Restriction of Processing and Right to Object. You have the right to restrict or object to our processing of your Personal Data under certain circumstances.
  • Right to Data Portability. You have the right to receive the Personal Data you have provided to us in an electronic format and to transmit the Personal Data to another data controller.
  • Right to withdraw consent. You have a right at any time where we are relying on consent to process your Personal Data.
  • Right to complain. You may lodge a complaint with a data protection supervisory authority.

When handling requests to exercise European privacy rights, we check the identity of the requesting party to ensure that they are the person legally entitled to make such a request. While we endeavor to respond to these requests free of charge, should your request be repetitive or unduly onerous, we reserve the right to charge you a reasonable fee for compliance with your request.

3. Automated Decision-Making

We may engage in automated decision-making for purposes of risk and fraud detection. When we do, we implement suitable measures to safeguard your rights and freedoms and legitimate interests, including the right to obtain human intervention, to express your point of view and to contest the decision.

この記事は役に立ちましたか?
29人中27人がこの記事が役に立ったと言っています