Last update: 11 July 2019
Crix Ltd. and its affiliates (hereinafter, "Crix", "we", "us" or "our") are committed to protecting and respecting your privacy.
Crix is a registered trademark of Crix Limited, a company registered under the laws of Malta bearing company registration number C 88483 and having its registered office situated at Fort Business Centre, Level 2, Mriehel Bypass, Birkirkara BKR 3000, Malta (hereinafter the “Crix”)
The types of Personal Information which we collect directly or via third parties like www.yoti.com may include:
We will process your Personal Information only for the purpose(s) of providing to you the service(s) that you ask us to provide you, to satisfy the legal obligations stemming from regulatory obligations that arise from providing you the service(s) and our legitimate interest.
Based on our legal obligations and legitimate interest we may request other documents for your identity verification and the sources of your funds confirmation for the purposes of money laundering and fraud prevention. To know more about it please see our AML/KYC Policy.
We may use your Personal Information for the following purposes:
Please note that our services are exclusively offered to individuals at least 18 years old. We do not process any Personal Information of children under this age.
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and will not be used to identify any individual unless that same individual.
We use third party service provider(s), to assist us in better understanding the use of our Sites. Our service provider(s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our Sites, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our visitors' interests in our Sites and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Platform. Our service provider(s) is/are contractually restricted from using information they receive from our Sites other than to assist us.
You may control the cookies through the browser settings. Find out how to manage cookies on browsers:
We may make available the Personal Information that you provide to us for the limited purpose indicated for and during the provision of the service that you would have requested in particular to:
We may also share Users’ Personal Information with financial institutions, insurance companies or other companies in the case of a merger, divestiture, or other corporate re-organisation and notify you of such sharing of your information to be able to exercise any of your rights where applicable.
We may also share Users' Personal Information with law enforcement or regulatory agencies, as may be required by law. In certain cases, we may not be able to inform you of such sharing of data due to legal restrictions.
Any third party which receives or has access to Personal Information shall be required by us to protect such Personal Information and to use it only to carry out the services they are performing for you or for Crix, unless otherwise required or permitted by law. Such a third party, except for regulatory authorities, would be contractually bound to adhere to the same security and confidentiality policies as Crix and assume the same responsibilities as Crix.
The legitimate exercise of any of your rights with Crix will also be notified to be applied by any such third parties having been given access to your Personal Information.
You have the right to access your Personal Information and to require the correction, updating and blocking of inaccurate and/or incorrect data by sending an email to us at [email protected] or where possible, you can do these actions in your account profile page yourself.
Upon your written request at [email protected], we will inform you of the Personal Information relating to you that we hold and the use and general disclosure of your Personal Information. We will also give you a copy of the Personal Information we have retained. There may be a minimal charge for providing you additional copies of your Personal Information to cover administrative costs.
You may also request the erasure of both the Account and Personal Information by sending an email to us at: [email protected]. Crix will action your request, unless we have a legal or regulatory obligation or overriding legitimate interest to store your Personal Information (for instance, in cases you have performed transactions).
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. Moreover, you have the right to restrict and object to the processing of your personal data in certain circumstances.
You may also ask us to transfer your Personal Information to another controller of your choice.
To ensure the confidentiality, integrity and availability of your information to yourself, we may request you to confirm your identity by providing identification documentation and/or other methods prior to assisting you in exercising any of your rights.
If you refuse to prove your identity, we may decline to take actions in respect of your data, save restricting processing, until we can ensure that such actions are the true wish of the data subject.
In the carrying out of our services we may use automated processing and profiling to reduce the risks of fraud, money laundering and abuse of our services. Through this automated processing, we carry out an analysis of your identification, transactional and behavioural patterns.
We may not be able to provide you with some or all our services if you do not wish this automated processing to be carried out. If you feel that this processing might be detrimental to you, please contact us on [email protected], and our compliance officer will review your application.
Please note, if you make a request, we have one month to respond to you.
We have implemented technical and organisational security measures to ensure the confidentiality, integrity and accountability of your Personal Information and to protect your Personal Information from loss, misuse, alteration or destruction. Such measures include:
Only authorised personnel of Crix have access to your Personal Information, and these personnel are required to treat the information as confidential.
Where you have consented to, or we are obliged to pass on Personal Information to third parties to provide you with a requested service or in the carrying out of a regulatory or legal obligation, we will request that the same levels of technical and organisational security measure be applied through contractual arrangements, where possible.
We conduct testing, assessment and evaluation of our technical and organisational measures effectiveness on a regular basis. Technical and organisational security measures in place will, from time to time, be reviewed in line with legal and technical developments.
In the event of a personal data breach or the failure of the measures of protection of such information we will immediately notify you without undue delay.
Crix Ltd only uses trusted Payment Service Providers which are fully compliant with PCI DSS Requirements. PCI DSS (Payment Card Industry Data Security Standard) is an information security standard designated for merchants, financial institutions and payment service providers in order to ensure the safety of cardholders' data.
We do not control those third party sites or any of the content contained therein and you agree that we are in no way responsible or liable for any of those third party sites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those sites. We encourage you to review all policies, rules, terms and regulations, including the privacy policies, of each site that you visit.
Your information is held within our servers located within the European Union. Access to this information is provided to employees of Crix whose office may also be outside of the European Union but who adhere to the same principles of data security and processes as those within the European Union.
Your payment method information that you may use to effect or receive payments from Crix are passed on to a third-party payment processor(s) which is/are based in the EU and with which Crix has a contractual agreement to safeguard your rights. Unless you create an account with us and conduct transactions, we do not retain your payment method information.
In accordance with record keeping activities for Anti-Money Laundering, Tax and Company legal obligations and considering the period during which you may bring legal claims against us under the law of Malta, we will retain Personal Information for a period of six years after our User closes his or her Account and terminates legal relationships with us for six years from the end of the tax period in which the User conducts his or her last transaction.
Data stored for regulatory purposes only will be protected from unnecessary processing and will be held only for the purpose of being able to provide information or access to relevant authorities.
Once we do not have any obligation to providing you with a service you requested, nor an obligation to hold Personal Information for regulatory or legal purpose, we will anonymise or dispose of your Personal Information in line with acceptable industry and security standards so that this cannot be subsequently retrieved and associated to you.
Where we cannot directly remove such records, such as in archived backups, we will retain a log of which Personal Information should be removed if ever the backup data is restored.
We will ask you for your consent on registration or post-registration, by providing you the ability to check marketing preferences check boxes located within your account profile page to allow us to contact you or use your Personal Information for marketing purposes. We may also notify our existing Users on our own products or services similar to those we have already provided based on our legitimate interest.
You have the right to retract the consent for us to process your Personal Information for marketing purposes. You can exercise your right to prevent such processing by unchecking marketing preferences check boxes on your account profile or by contacting us at any time on [email protected]. Crix retains the right to send all types of system communications even to the Users who unsubscribed from marketing communications.
If we consider that your rights may be affected by any such changes, we will request you to confirm your consideration and acceptance prior to continue our relationship with you.
Please be notified that Crix is not in any partnership with entities who represent themselves as customer support agents, providing customer support services via phone and/or social media and promise to help solve your issues for money. Remember - customer support is provided only via the Crix website and is always provided free of charge.
If you discovered what you believe is a fraud, phishing, or scam which impersonates Crix, please email us at [email protected]
You may also wish to check our Help Centre on www.crix.io for frequently asked questions where a solution may easily be found ready for you.