1. Introduction As part of our normal daily business operations, we collect personal information from our clients and prospective clients in order to provide them with our products and services, and ensure that we can meet their needs when providing these products and services, including providing information as part of the service. Your privacy is of utmost importance to us and it is our policy to safeguard and respect the confidentiality of information and the privacy of individuals. This Privacy Policy (hereinafter as 'Privacy Policy', 'Privacy Notice', 'Policy', or 'Notice', as used interchangeably) sets out how fiat services provided by MEXC Estonia OÜ (registration number: 14832615) having its registered office at Harju county, Tallinn, Kristiine district, Keemia Tn 4, 10616 ), collects, uses and manages the personal information we receive from you, or a third party, in connection with our provision of services to you have requested for or which we collect from your use of our services and/or our website. The Privacy Notice also informs you of your rights with respect to the processing of your personal information. Use of the words “The Company” “we,” “us,” or “our” refer to MEXC Estonia OÜ. Our Privacy Notice is reviewed regularly to ensure that any new obligations and technologies, as well as any changes to our business operations and practices are taken into consideration, as well as that it remains abreast of the changing regulatory environment. Any personal information we hold would be governed by our most recent Privacy Notice. Please note that if you are an employee of the Company, a contractor to the Company or a third-party provider, your personal information would be used in connection with your employment contract or your contractual relationship, whichever applies. This Privacy Notice applies to the processing activities performed by MEXC Estonia OÜ to the personal information of its clients and its potential clients and website visitors. We reserve the right to amend this Privacy Notice at any time by posting the amended version on this site including the effective date of the amended version. We shall post any material change to this Privacy Notice on our website.
  2. How do we protect personal information? The Company respects the privacy of any user who access its website and it is therefore committed to taking reasonable steps to safeguard any existing or prospective clients, applicants and website visitors. The Company keeps any personal data of its clients and its potential clients in accordance with the applicable privacy and data protection laws and regulations. We have the necessary and appropriate technical and organisational measures and procedures in place to ensure that your information remains secure at all times in line with the industry standard. We conduct periodic training and raise awareness for all our employees to the importance of maintaining, safeguarding and respecting your personal information and privacy. We regard breaches of individuals’ privacy very seriously and would impose appropriate disciplinary measures, including dismissal from employment. We have also appointed appropriate personnel to ensure that our Company manages and processes your personal information in compliance with the applicable privacy and data protection laws and regulations, and in accordance with this Privacy Notice. The personal information that you provide us with when applying to open an account, applying for a role within the Company, or when using our website, is classified as registered information, which is protected in several ways. You can access your registered information after logging in to your account by entering your username and the password that you have selected. It is your responsibility to make sure that your password is only known to you and not disclosed to anyone else. Registered information is securely stored in a safe location, and only authorised personnel have access to it via a username and password. All personal information is transferred to the Company over a secure connection, and thus all reasonable measures are taken to prevent unauthorised parties from viewing any such information. Personal information provided to the Company that does not classify as registered information is also kept in a safe environment and accessible by authorised personnel only through username and password.
  3. Information we may collect about you In order to open an account with us, you must first complete and submit a “create account” form to us by completing the required information. By completing this form, you are deemed to consent to disclose personal information in order to enable the Company to assess your application and comply with the relevant laws (including their regulations). The information that we collect from you is as follows (on an 'as-applicable' basis): 1) Full name, current residential address and contact details (e.g. email address, telephone number, etc.); 2) Date of birth, place of birth, gender, citizenship; 3) Bank account information, credit card details, including details about your source of funds, assets and liabilities, and Office of Foreign Assets Control (OFAC) information; 4) Trading account balances, trading activity, your inquiries and our responses; Information on whether you hold a prominent public function such as Politically Exposed Persons (PEP); 5) Verification information, which includes information necessary to verify your identity such as a passport, driver’s licence or Government-issued identity card; 6) Other Personal Information or commercial and/or identification information – Any information we, in our sole discretion, deemed necessary to comply with our legal obligations under various anti-money laundering Anti Money Laundering (AML) obligations, such as under the European Union’s appropriate AML Directive. Certain information we collect about you are done automatically, such as 1) Browser Information – Information that is automatically collected via analytics systems providers from your browser, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform; 2) Log Information – Information that is generated by your use of services provided by MEXC Estonia OÜ that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page; Information we receive about you from other sources. We may obtain information about you through your usage of our services, including through any of our websites, the account opening process, webinar sign-up forms, event subscribing, news and updates subscribing, and from information provided in the course of on-going support service communications. We may also receive information about you from third parties such as your payment providers, payment channels, and through publicly available sources. For example: 1) The banks you use to transfer money to us would provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details; 2) Your business partners may provide us with your name and address, as well as financial information; 3) Advertising networks, analytics providers and search information providers may provide us with anonymized or de-identified information about you, such as confirming how you found our website; 4) Credit reference agencies do not provide us with any personal information about you but may be used to corroborate the information you have provided to us.
  4. Disclosure of your personal information The Company would not disclose any of its clients’ confidential information to a third party, except: (a) to the extent that it is required to do so pursuant to any applicable laws, rules or regulations; (b) if there is a duty to disclose; (c) if our legitimate business interests require disclosure; (d) in line with our Terms of Service; (e) at your request or with your consent or to those described in this Privacy Notice. The Company would endeavour to make such disclosures on a “need-to-know” basis, unless otherwise instructed by a regulatory authority. Under such circumstances, the Company would notify the third party regarding the confidential nature of any such information. As part of using your personal information for the purposes set out above, the Company may disclose your personal information to the following: 1) Any members of the Company, which means that any of our affiliates and subsidiaries may receive such information; 2) Any of our service providers and business partners, for business purposes, such as specialist advisors who have been contracted to provide us with administrative, financial, legal, tax, compliance, insurance, IT, debt-recovery, analytics, research or other services; If the Company may be required to disclose your personal information to service providers and business partners in order to perform the services requested by you as our client, such providers and partners may store your personal information within their own systems in order to comply with their legal and other obligations. We require that service providers and business partners who process personal information to acknowledge the confidentiality of this information, undertake to respect any client’s right to privacy and comply with all relevant privacy and data protection laws and this Privacy Notice.
  5. Where we store your personal data Our operations are supported by a network of computers, servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. We and our third-party service providers and business partners store and process your personal data in, including, but not limited to, the European Union (including Estonia) and the United Kingdom.
  6. Transfers of personal information outside of the European Economic Area (EEA) and the United Kingdom (UK) We may transfer your personal information outside the EEA and UK to other Company subsidiaries, service providers and business partners (i.e Data Processors) who are engaged on our behalf. To the extent that we transfer your personal information outside of the EEA and UK, we would ensure that the transfer is lawful and that any such Data Processor in these jurisdictions are obliged to comply with the applicable European Union (EU) General Data Protection Regulation and the UK Data Protection Act 2018. If transfers of personal information are processed in the US, we may in some cases rely on standard contractual clauses.
  7. Transfers of Personal Information outside of your country By using our products and services, you consent to your Personal Data being transferred to other countries, including countries that have differing levels of privacy and data protection laws than your country. In all such transfers, we would protect your personal information as described in this Privacy Notice, and ensure that appropriate information sharing contractual agreements are in place.
  8. Privacy when using digital assets and blockchains Your funding of bitcoin, MX, ether, and other Digital Assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data. As blockchains are decentralized or third-party networks which are not controlled or operated by us or our affiliates, we are not able to erase, modify or alter personal data from such networks.
  9. Data Retention Safeguarding the privacy of your personal information is of utmost importance to us, whether you interact with us personally, by phone, by email, over the internet or any other electronic medium. We would hold personal information, for as long as we have a business relationship with you, in secure computer storage facilities, and we take the reasonable and necessary measures to protect the personal information we hold from misuse, loss, unauthorised access, modification or disclosure. When we consider that personal information is no longer necessary for the purpose for which it was collected, we would remove any details that would identify you or we would securely destroy the records. However, we may need to maintain records for a significant period of time (after you cease being our client). For example, we are subjected to anti-money laundering regulations which may require us to retain the following, for a certain period of up to 5 years after our business relationship with you has ended or other periods as directed by a regulator: 1) A copy of the records we used in order to comply with our client due diligence obligations; 2) Supporting evidence and records of transactions with you and your relationship with us. Also, the personal information we hold in the form of a recorded information, by telephone, electronically or otherwise, would be held in accordance with applicable local regulatory requirements (i.e. 5 years after our business relationship with you has ended or longer if you have legitimate interests (such as handling a dispute with you)). If you have opted out of receiving marketing communications we would hold your details on our suppression list so that we know you do not want to receive these communications. We may keep your data for longer than 5 years if we cannot delete it for legal, regulatory, or technical reasons.
  10. Cookies When you use our products and services, we may make use of the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used when engaging with us. We use Cookies to (i) help us recognize you as a customer, collect information about your use of our products and services, to better customize our services and content for you, and to collect information about your computer or other access devices to ensure our compliance with our BSA and AML obligations.
  11. Your rights regarding your personal information The rights that are available to you in relation to the personal information we hold about you are outlined below.

    12. Information Access

    If you ask us, we would confirm whether we are processing your personal information and, if so, what information we process and, if requested, provide you with a copy of that information within 30 days from the date of your request.

    Rectification

    It is important to us that your personal information is up to date. We would take all reasonable steps to make sure that your personal information remains accurate, complete and up-to-date. If the personal information we hold about you is inaccurate or incomplete, you are entitled to have it rectified. If we have disclosed your personal information to others, we would let them know about the rectification where possible. If you ask us, if possible and lawful to do so, we would also inform you with whom we have shared your personal information so that you can contact them directly. You may inform us at any time that your personal details have changed by emailing us at service@mexceu.com. The Company would change your personal information in accordance with your instructions within a reasonable time. To proceed with such requests we may sometimes require supporting documents from you as proof i.e. personal information that we are required to keep for regulatory or other legal purposes.

    Erasure

    You can ask us to delete or remove your personal information in certain circumstances such as if we no longer need it, provided that we have no legal obligation to retain that data. Such requests would be subject to the contract that you have with us, and to any retention limits we are required to comply with in accordance with applicable laws and regulations. If we have disclosed your personal information to others, we would let them know about the erasure request where possible. If you ask us, if possible and lawful to do so, we would also inform you with whom we have shared your personal information so that you can contact them directly.

    Processing restrictions

    You can ask us to block or suppress the processing of your personal information in certain circumstances such as if you contest the accuracy of that personal information or object to us processing it. It would not stop us from storing your personal information. We would inform you before we decide not to agree with any requested restriction. If we have disclosed your personal information to others, we would let them know about the restriction of processing if possible. If you ask us, if possible and lawful to do so, we would also inform with whom we have shared your personal information so that you can contact them directly.

    Data portability

    In certain circumstances, you may have the right to request for personal information you have provided us with previously (in a structured, commonly used and machine readable format) and to re-use it elsewhere or request us to transfer this to a third party.

    Objection

    You may request us to stop processing your personal information, and we would do so, if we are: 1. Relying on our own or someone else’s legitimate interests to process your personal information except if we can demonstrate compelling legal grounds for the processing; 2. Processing your personal information for direct marketing; or 3. Processing your personal information for research unless we reasonably believe such processing is necessary or prudent for the performance of a task carried out in the public interest (such as by a regulatory or enforcement agency).

    Automated decision-making and profiling

    If we have made a decision about you based solely on an automated process (e.g. through automatic profiling) that affects your ability to access our products and services or has another significant effect on you, you can request not to be subject to such a decision unless we can demonstrate to you that such decision is necessary for entering into, or the performance of, a contract between you and us. Even if a decision is necessary for entering into or performing a contract, you may contest the decision and require human intervention. We may not be able to offer our products or services to you, if we agree to such a request (i.e. end our relationship with you).

  12. Changes to this Privacy Notice Our Privacy Notice is reviewed regularly to ensure that any new obligations and technologies, as well as any changes to our business operations and practices are taken into consideration, as well as that it remains abreast of the changing regulatory environment. Any personal information we hold would be governed by our most recent Privacy Notice. If we decide to change our Privacy Notice, we would post those changes to this Privacy Notice and other places we deem appropriate.
  13. Data Protection Authorities If you are not satisfied with our response to your complaint, you have the right to submit a complaint with the appropriate governing regulatory body or bodies.