Download Whitepaper

Privacy Policy

Last update: July 20, 2018

1. Introduction


1.1. This privacy policy statement (the “Privacy Policy”) defines how the personal data of the Users of Mercato Blockchain AG., a company incorporated in Zug, Switzerland under registration number CHE 241-257-566 (the “Company”) are processed and what rights the Users of the Company, users of the website http://mercatoapp.com (collectively with all of its subdomains and all their respective pages, the "Website"), the online services at the Website ("Services"), the iOS and Android mobile apps ("Apps"), or when you otherwise interact with us (the "Users") retain in relation to their personal data being in the possession of the Company.

1.2. The General Data Protection Regulation 2016/679 is a regulation in EU law on data protection and privacy for all individuals within the European Union and the European Economic Area. The Privacy Policy has been prepared in accordance with the provisions of the GDPR.

2. Definitions


2.1. In the Privacy Policy, unless the context otherwise requires, the following terms shall have the following meanings:

2.1.1. “Users” has the meaning ascribed to it in clause 1.1;

2.1.2. “Controller” means the natural person or legal person acting alone or jointly with others, who determines the purposes and means of the processing of personal data;

2.1.3. "Data" means the information that is collected in relation to your use of the Website and the Services.

2.1.4. “Data subject” means the natural person to whom the Personal data refer.

2.1.5. “Employees” means the employees of the Company from time to time;

2.1.6. “Company” has the meaning ascribed to it in clause 1.1;

2.1.7. “GDPR” has the meaning ascribed to it in 1.2

2.1.6 “Personal data” means any information relating to an identified or identifiable natural person;

2.1.8. “Privacy Policy” has the meaning ascribed to it in clause 1.1;

2.1.9. “Processor” means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller; and

2.1.10. "Terms of Use" means the document describing the terms of use of the Website or Apps available on the Website and the Apps.

2.1.11. "User Account" means an account which may be provided to you by Company for the purpose of improving your experience at the Website, Apps and use of the Services, as well as obtaining access to specific additional other products, utilities and offerings provided by Company Parties.

3. Data Controller


3.1. The Company is the data controller. The contact details of the Company are as follows:

3.1.1. Email: [email protected]

3.1.2. Address: Rigistrasse 3, Zug 6300, Switzerland

3.2. The Company treats data protection and privacy issues with utmost care. In addition the Company strives to apply such policies and mechanisms which ensure high standard of security. Appropriate electronic and procedural measures are used in order to make sure that the personal data being in the Company’s possession are not accessible by any unauthorised person. The Employees are trained how to handle and process personal data strictly limited within the course of business, while the methods and electronic systems used for processing and sharing of personal data, where permitted, provide sufficient guarantees of protection.

4. Types of Personal Data Processed


4.1. In order to perform the Services and the functionality of the Website and Apps, we are entitled to ask you to provide Company Parties with your personal identification information, including but not limited to your name, e-mail address, mailing address, phone number, date of birth, a scanned copy of a valid government-issued passport or ID number, information about the used cryptocurrency addresses.

4.2. The Personal data may be collected either directly by the Data subject or indirectly through intermediaries and other third parties acting on behalf of the User, such as employees, agents or other service providers.

4.3. Company may collect the Data from you in a variety of ways and circumstances. Company Parties shall be entitled to combine Data collected in the course of your interaction with different sections of the Website, Apps or the Services with any other relevant available information.

4.4. Data collected by or transmitted to Company Parties, in the course of accessing, interaction and operation of the Website, Apps and provision of the Services may include, without limitation, the following Data:

4.4.1. Internet Protocol (IP) address and location;

4.4.2. cookie information;

4.4.3. browser identification information;

4.4.4. information on the computer or mobile device you use to access the Website, Apps and the Services, including the hardware model, operating system and version, your web browser, and device identifiers (including a network ID used to communicate with other nodes on the platform);

4.4.5. information contained in or relating to any communication that you send to us or send through the Website, and metadata associated with the communication;

4.4.6. date and time of accessing the Website, Apps and the Services;

4.4.7. information of third parties websites referred the Website, Apps or the Services;

4.4.8. information related to your activity in the course of the Services use, including, without limitation, search queries history, search results provided to you in response to your query, web pages you visited by reference from the search results;

4.5. You may always refuse to supply Data, though this may prevent you from engaging in certain Website or Apps related activities.

4.6. Data collected hereunder in the course of operation of the Website, Apps and provision of the Services may differ depending on whether you access the Website, Apps and the Services logged in to your User Account or without logging in.

5. Purposes of Collecting and Processing


5.1. Company collects and process the Data as part of the operation of the Website, Apps and the Services, including, but not limited to, for the following purposes:

5.1.1. administration and development of the Website, Apps and the Services;

5.1.2. enhancement of user experience, including the provision of personalized Services and improvement of the Website, Apps and the Services;

5.1.3. development of new products, utilities, and offerings;

5.1.4. detection, investigation, and prevention of fraudulent transactions and other illegal activities and protection of your rights and rights of Company Parties;

5.1.5. collection, processing and performing statistical and other research and analysis of information for enhancement of the Website, Apps and the Services;

5.1.6. communication with you about products, services, promotions, events and other news and information we think will be of interest to you; and

5.1.7. verifying compliance with the Terms of Use of the Website and Apps.

5.2. You hereby acknowledge and agree that Company Parties shall be entitled to use cookies and web beacons (pixel tags) to collect the Data and associate the Data with your computer and web browser, as well as, in the event you access the Website, Apps and/or the Services logged in to your User Account, with your User Account.

6. Potential recipients of Personal data


6.1. The Company may share the Personal data processed by the Company with the physical and legal persons listed below:

6.1.1. in the context of provision of Services by the Company;

6.1.2. employees who are properly informed about the provisions of the GDPR and are bound by the confidentiality agreement executed with the Company;

6.1.3. computer centers which provide outsourced IT and communication support, backup and other IT services with whom the Company has entered into confidentiality agreements while the Personal data shared are always encrypted;

6.1.4. courts or tribunals, upon receipt of a court order or judicial or administrative order;

6.1.5. governmental bodies and public authorities, including tax authorities, who have legitimate interest on such Personal data; and

6.1.6. to any other person for which the Data subject has given his/her consent.

7. Legal basis for collection of Personal data


7.1. The Company processes the User’s Personal data based on the below legal grounds:

7.1.1. the Company obtains the written consent of the User. Such consent is required to be obtained when (i) the Company collects the Personal data for advertising and marketing purposes or (ii) for a purpose which is not related to the services provided to the User by the Company;

7.1.2. for the entry into/performance of the contractual obligations under a contract entered into between the Company and the Data subject regarding the provision of Services;

7.1.3. compliance by the Company with its legal obligations imposed by any applicable legislation; and

7.1.4. to pursue the legitimate interests of the Company, the Users and the Employees, provided that such legitimate interests shall not override the right of the Data subject.

8. Term of retention


8.1. The Company processes the Personal data only for such period which is necessary in relation to the purpose for which they are processed. The Users are entitled to have their Personal data collected by the Company erased and no longer processed where (i) such Personal data are no longer necessary for the purpose they are collected or processed, (ii) the User’s consent has been withdrawn or (iii) the User objects to the processing of the Personal data. Irrespective of the latter, the Company reserves its legal rights for further retention of the User’s Personal data in order to comply with its obligations under the relevant provisions of the Swiss laws.

9. Security of storage


9.1. The Company implemented specific organizational and technical mechanisms which ensure high level of security of the Personal data. The Company strives to use physical and electronic filing systems which provide for the protection of the Users’ Personal data against unlicensed or unlawful processing, accidental loss, destruction or damage.

9.2. In addition to the security policy undertaken by the Company, the Data subjects are highly recommended to use only secured emails and secured networks when transmitting their Personal data to the Company.

10. Rights of the Data subjects


10.1. The Data subjects have certain rights under the GDPR, including amongst others:

10.1.1. the right to be informed within one month from the receipt of the request by the Company, which is obliged to provide such information free of charge electronically, in a compatible, machine-readable form;

10.1.2. the right of access to the Personal data, including the purpose of the processing, the categories of Personal data concerned, the recipients to whom the Personal data have been disclosed, the proposed period of retention of such Personal data;

10.1.3. the right to rectification of inaccurate Personal data concerning the Data subject

10.1.4. the right to erasure /“right to be forgotten”;

10.1.5. the right to the restriction of processing;

10.1.6. the right to data portability under which the User is entitled to receive his/her Personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller;

10.1.7. to withdraw their consent where processing relies on consent; and

10.1.8. to lodge a complaint before the Swiss Federal Data Protection and Information Commissioner.

11. Changes to the Privacy Policy


11.1. The Privacy Policy can be accessed in the Company’s website. Any changes to the Privacy Policy will be announced to the Company’s website and each User will be informed about the amended Privacy Policy by visiting the website periodically. Any updated version of the Privacy Policy will bear the relevant date of publication, in order to be clear which is the last modified version.

12. Contact


12.1. For any further information regarding the management of the Personal data, please feel free to contact the Company at [email protected] Alternatively, you may send your written request to the Company’s offices situated at Rigistrasse 3, Zug 6300, Switzerland.