Privacy Policy

PRIVACY POLICY

Last Modified: 06-15-2021

Huobi Trust Company, together with our parent and affiliates (hereinafter referred to as “Huobi Trust, we or our”) is committed to safeguarding personal information. This Privacy Policy provides you with detail about how we collect, use and share personal information gathered through our websites (including huobitrust.com and any sites that link to our Privacy Policy), as well as personal information that may be gathered by third parties who use our services (collectively the “Services”).  This Privacy Policy does not apply to anonymized data. By visiting, accessing or using our Services, you agree to the terms and conditions of this Privacy Policy.  You also acknowledge that your use of the Services is subject to our Terms and Conditions.

With respect to personal information processed under this Privacy Policy, Huobi Trust is the data controller. When we require certain personal information from you, it is because we are required by applicable law to collect this information or it is relevant for specified purposes. If you elect not to provide certain types of information, you acknowledge that you may not be able to access our website or avail of certain services from our clients that may use our Services.

1. Personal Information We May Collect

1.1. The following personal information may be collected from you when you use our Services:

• Contact Information: name, address, email address, phone number
• Account information: username and password
• Financial Information: bank and bank account numbers
• Identity Verification Information: date of birth, social security number, tax ID number, images of government issued ID, passport, national ID or driving license
• Address Proof: Utility bill or similar documentation
• Account Usage Information: information that is generated by your account activity, including, but not limited to, account registrations, withdrawals and account balances.

For entities and institutions, the following information may be collected:

• Contact Information: name, address, email address, phone number

• Financial Information: bank and bank account numbers
• Organizational Information: proof of legal existence, business licenses, tax ID number, Employer Identification number (EIN), country of incorporation, physical location of offices, locations where business is being conducted, proof of ownership
• Identification Information & documentation for beneficial owners, principals, executive management, beneficiaries and any other related party or persons (as applicable)
• Account Usage Information: information that is generated by your account activity, including, but not limited to, account registrations, withdrawals and account balances.

1.2. When you access our website, we may also automatically collect certain computer, device and browsing information, including:

• Computer or mobile device information, including IP address, operating system and browser type
• Website usage information
• Location information
• Virtual Private Network (VPN) usage information

1.3. In connection with our Services, we also may collect personal information about you (including your beneficial owners, principals and executive management, as applicable) from public databases and ID verification partners, including:

• public employment details
• criminal history
• credit history
• status on any politically exposed person and sanctions lists
• current and prior addresses
• other information to help validate your identity

1.4. We also collect personal information disclosed by you when you contact us or respond to our communications (e.g., email, telephone, other forms of correspondence).

2. Uses Made of Your Personal Information

To help the government fight the funding of terrorism and money laundering activities, federal law requires all financial institutions to obtain, verify, and record information that identifies each person that it transacts with.   Other than as specified in this Privacy Policy, we will not use your personal information for purposes without your consent.  We may use your personal information in the ways listed below.

If you are based in the European Economic Area (EEA), use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of the grounds available can be found below. We have noted the grounds we use to justify each use of your information next to the use below.

We may use your personal information for our core business purposes, including:

• To provide our services effectively to our clients and conduct our business: to administer our services, including to carry out our obligations arising from any agreements entered into between our clients and us, which may include passing your data to third parties such as agents or contractors or to our advisors (e.g., legal, financial, business or other advisors). We may also use your personal information to develop our products and services, to evaluate new products and services and to improve our service quality, including by performing statistical analysis and reporting on transactions and site usage. In addition, we may use your personal information for financial reporting, management reporting, audit and record keeping purposes. 

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)

• To manage our risk: We may use your personal information in managing the risk of our client base, including for assessing and processing applications, instructions or requests from you, maintaining credit and risk related models, managing our infrastructure and business operations and complying with internal policies and procedures and monitoring the use of our products and services.

Use justification: contract performance, legitimate interests (to manage the risk of our client base and to ensure you fall within our acceptable risk profile). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent. 

• To receive services from our vendors and conduct our business: to receive services, including to carry out our obligations arising from any agreements entered into between our vendors and us, which may include passing your data to third parties such as service providers, agents, contractors, our advisors (e.g., legal, financial, business or other advisors) or the custodian. This includes vendors that provide ID verification and sanctions screening tools, which we use to help verify your identity and comply with our legal obligations, such as anti-money laundering laws. Our contracts require these vendors to only use your information in connection with the services they perform for us and prohibit them from selling your information to anyone else.

Use justification: legal obligations, legitimate interests (to enable us to perform our obligations and receive services from vendors). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent. 

• To verify your identity: for the purposes of providing facilities, products or services, including conducting screenings or due diligence checks as may be required under applicable law, regulation, directive or our Terms and Conditions.

Use justification: legal obligation, contract performance, legitimate interests (to enable us to manager client risk). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent. 

• In relation to fraud prevention: We and other organizations may also access and use certain information to prevent fraud as may be required by applicable law and regulation and best practice at any given time. If false or inaccurate information is provided or fraud is identified or suspected, details may be passed to law enforcement and fraud prevention agencies and may be recorded by us or by them. In addition, we may share information with the financial institutions with which we partner to process payments you have authorized. We may also share information with our partner or other financial institutions.

Use justification: legal obligations, legitimate interests (to ensure that your organization falls within our acceptable risk profile and to assist with the prevention of crime and fraud). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent. 

• To reorganize or make changes to our business: In the event that we are (i) subject to negotiations for the sale of our business or part thereof to a third party, (ii) sold to a third party or (iii) undergo a reorganization, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process or transferred to that reorganized entity or third party and used for the same purposes as set out in this policy or for the purpose of analyzing any proposed sale or reorganization.

Use justification: legitimate interests (in order to allow us to change our business) 

• In connection with legal or regulatory obligations: We may share your information with law enforcement, regulatory authorities, tax authorities (including the US Internal Revenue Service pursuant to the Foreign Account Tax Compliance Act, to the extent this applies), self-regulatory organizations (such as those that operate virtual currency derivative exchanges) and officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Terms and Conditions or any other applicable policies. We may also use your personal information to otherwise comply with all applicable laws, regulations, rules, directives and orders.

Use justification: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities). Where this includes special categories of personal information, we will usually rely on legal claims, substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent. 

• To communicate with you: We may use your personal information to communicate with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions.

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you) 

• In connection with disputes: We may use your personal information to address or investigate any complaints, claims or disputes and to enforce obligations owed to us.

Use justification: legal claims, contract performance, legitimate interests (to enforce our rights under our agreements with you). Where this includes special categories of personal information, we will usually rely on legal claims, or very rarely where necessary, explicit consent. 

• For advertising: Subject to applicable laws and regulations, we may use your personal information to inform our advertising and marketing strategy and to tailor our messaging to your needs. Where required by law, we will ask for your consent at the time we collect your data to conduct such marketing. An opt-out mechanism will be provided to you in each communication to enable you to exercise your right to opt out of any direct marketing. We never sell your information. You may withdraw this consent/opt-out at any time without affecting the lawfulness of processing based on your prior consent.

Use justification: consent, legitimate interest (to keep you updated with news in relation to our products and services)  

3. Transmission, Storage and Security of Your Personal Information

Security over the Internet

3.1. We maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information, including but not limited to computer safeguards such as data encryption and firewalls, physical access controls to our office and data files, and authorize access to personal information only for those employees who require it to fulfil their job requirements as well as regularly monitoring our systems for potential threats.  However, no data transmission over the Internet or website can be guaranteed to be fully secure from intrusion or impenetrable, therefore we cannot and do not guarantee that loss, misuse, unauthorized acquisition or alteration of your data will not occur.   Furthermore, we cannot ensure or warrant the security or confidentiality of information received by us by Internet or wireless connection, including email, phone or SMS, since we have no way of protecting that information once it leaves and until it reaches us.  If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.

Storage of Data

3.2.  As described in Section 4.1, all personal information gathered by us is stored on our secure servers in the United States and accessed and used subject to our security policies and standards.  Please note that we may transfer your information outside of your region for storage and processing in the United States and around the globe.  By using the Services, you consent to the transfer of information to countries outside of your country of residence, including the United States, which may have data protection rules that are different from those of your country.   

Export outside the EEA (this section only applies if you are based in the EEA)

3.3. Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the EEA in which data protection laws may be of a lower standard than in the EEA.  

Storage limits

3.4. We will retain your personal information for as long as is necessary for the processing purpose(s) for which they were collected and any other permitted linked purpose (for example certain transaction details and correspondence may be retained until the time limit for claims in respect of the transaction has expired or to comply with regulatory requirements regarding the retention of such data).

3.5. We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs, and your information that is no longer needed is either irreversibly anonymized (and the anonymized information may be retained) or securely destroyed. 

4. Your Rights & Contacting Us

4.1. You have the right to ask us not to process your personal information for marketing purposes. We will inform you if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can also exercise the right at any time by contacting us as set out below.

4.2. If you have any questions in relation to this policy or your personal information, please contact us at Support@huobitrust.com.

Your Rights (this section only applies if you are based in the EEA):

4.3. Where you are based in the EEA, under certain conditions under EU data protection law, you may have the right to require us to:

• provide you with further details on the use we make of your information;
• provide you with a copy of information that you have provided to us;
• update any inaccuracies in the personal information we hold;
• delete any personal information we no longer have a lawful ground to use;
• where processing is based on consent, to withdraw your consent so that we stop that particular processing (see section 4.1 for marketing);
• transmit the personal information you have provided to us and we still hold about you to a third party electronically;
• object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
• restrict how we use your information whilst a complaint is being investigated.

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., the maintenance of legal privilege). If you exercise any of these rights, we will check your entitlement and respond in most cases within a month.

If we are unable to resolve an inquiry or a complaint, you have the right to contact the data protection regulator in the EEA country in which you are based. A list of the data protection regulators and their contact details can be found at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

5. Cookie Policy

We use cookies on the website to distinguish you from other users of the Services. This helps us to improve your experience when using our website. By browsing the website, you agree to the terms of this Section 5 and consent to our use and storage of cookies (or similar technologies) on your computers and/or mobile device.  Please read this Section 5 for clear and comprehensive information about the cookies we use and the purposes for using them.

When we include links to third party websites, please bear in mind they will have their own privacy and cookie policies that will govern the use of any information you submit. We recommend you read their policies as we are not responsible or liable for any third party’s privacy practices.

What are cookies

Cookies are small text files that are sent to and stored on your computer, smartphone or other device for accessing the internet, whenever you visit a website. Cookies are useful as they allow a website to recognize a user’s device. The cookies used on our website have been categorized based on the guidelines found in the ICC UK Cookie guide.  We use the following cookies on our website:

Category 1 - ‘Strictly Necessary’ cookies, which are essential to ensure performance of the site. They include, for example, cookies that enable you to log into secure areas of our website.

Category 2 – ‘Performance’ cookies, which collect information about how you use our website to help optimize our website and make them easier for you to navigate. These cookies do not collect information that identifies you. All information these cookies collect is aggregated and therefore anonymous.

Category 3 – ‘Functionality’ cookies, which allows our website to remember choices you make while browsing. For instance, we may store your geographic location in a cookie to ensure that we show you our website localized for your area. The information these cookies collect will not personally identify you, and they cannot track your browsing activity on third party websites.

How you can manage your cookies

The browsers of most computers, smartphones and other web-enabled devices are typically set up to accept cookies. If you wish to amend your cookie preferences for this website or any other websites, you can do this through your browser settings. Your browser’s ‘help’ function will tell you how to do this.

However, please remember that cookies are often used to enable and improve certain functions on our website. If you choose to switch certain cookies off, it is likely to affect how our website works and you may not be able to access all or parts of the website.

6. Changes to our Privacy Policy

We may change the content of our Privacy Policy from time to time in the future. The “Last Modified” date at the top of this page indicates when this Privacy Policy was last revised.  We encourage you to review this policy from time to time to stay informed about our privacy practices.  Your use of the Services following these changes means that you accept the revised Privacy Policy.