Privacy Policy

Effective Date: 13th August 2023

This Privacy Policy describes how Lab4crypto, a company registered in Cyprus, collects, uses, and shares your information when you use our services and aims to give you information on how we collect and process your personal data through your use of this website, including any data you may provide through this website.

This website is not intended for children and we do not knowingly collect data relating to children.

It is important that you read this privacy notice together with any other privacy notice or fair processing notice we may provide on specific occasions when we are collecting or processing personal data about you so that you are fully aware of how and why we are using your data. This privacy notice supplements the other notices and is not intended to override them.

In this Privacy Policy, we inform you about the type of information that is collected about you on our platform, how it is collected, what it will be used for, and to whom it will be given.

This Privacy Policy is incorporated into our Terms of Use ("Terms"), and certain capitalized terms are defined in the Terms.

We may need to update this Privacy Policy to keep pace with changes in our services, our business and the applicable legislation from time-to-time. However, we always strive to maintain our commitment to respect your privacy. We will post any revisions to this Privacy Policy, along with their effective date, in an easy-to-find area on www.lab4crypto.com, and we recommend that you periodically check back here to stay informed of any changes.

This Privacy Policy does not apply to the practices of any third-party services, such as Facebook, Instagram, or Twitter, that you elect to access or monitor through our platform (the "Supported Platforms") or to any software or applications developed by third parties that we do not own or control ("Third-Party Apps").

The Privacy Policy does not cover any information or other content you can view via our platform on Supported Platforms (but which was not posted there using our platform) or information you provide to Third-Party Apps accessed via our platform. While we attempt to facilitate access only to those Supported Platforms and Third-Party Apps that share our respect for your privacy, we cannot take responsibility for the content or privacy policies of any Supported Platforms or Third-Party Apps. We encourage you to carefully review the privacy policies of any Supported Platforms or Third-Party Apps you access via our platform.

This Privacy Policy also does not apply to information collected by us offline or through any other means, including on any other website operated by us or any third party (including our affiliates and subsidiaries); or any third party (including our affiliates and subsidiaries), including through any application or content (including advertising) that may link to or be accessible from or on our platform.

IF YOU DO NOT AGREE WITH ANY OF THE TERMS OF THIS PRIVACY POLICY, PLEASE REFRAIN FROM ACCESSING OUR PLATFORM.

This Privacy Policy applies to your personal information when you:

  • use our platform;
  • contact us via our platform, email, phone, live chats, etc.;
  • provide us with your personal information in any other way (e.g., through webinars, user conferences, feedback sharing, requests to evaluate your assets, etc.); and/or
  • we contact you about our new commercial offers, updates to our products, white papers, newsletters, content, and events.

This Privacy Policy also explains your rights with respect to the personal information we collect about you and how we protect your personal information. The personal information collected by Lab4crypto is controlled by Lab4crypto.

If you have any questions or concerns about how your information is handled, please direct your inquiries to us at [email protected]. By accessing and using our platform, you signify acceptance of the terms of this Privacy Policy. Where we require your consent to process your personal information, we will ask for your consent to the collection, use, and disclosure of your personal information, as described further below.

Information You Provide to Us

We collect information from you when you contact our support services or contact us via e-mail, telephone, post, live chat, or contact forms.

When you submit a support request or fill out and submit a contact form, we may ask you for the following information:

  • your first and last name,
  • your email address,
  • your phone number, and
  • your address.

Also, when you submit the request or fill out the form, we will collect your IP address in order to identify your location.

We may request a copy of your driver’s license or any other form of identification, including, without limitation, your passport, bank statement, utility bill, tax document, or any other documents that we deem necessary for your identification.

Information We Collect from You

We gather certain information and store it when you interact with our platform. This information includes internet protocol (IP) addresses and date/time stamps.

We may share your information with certain third parties selected by us to help support our operations. These include, for example, service providers that help us analyse web traffic, send emails, and track customer support requests.

Purposes for Which We Will Use Your Personal Data

In order to enhance transparency and provide you with a clear understanding of how we handle your personal data, we have outlined the various purposes for which we may use your information. Please note that we may rely on different lawful bases for processing your data depending on the specific purpose. Below, we have summarized these purposes and the associated data types and lawful bases:

  1. To register you as a new customer:
    • Data Types: (a) Identity, (b) Contact
    • Lawful Basis: Performance of a contract with you
  2. To process and provide you with our services:
    • Data Types: (a) Identity, (b) Contact, (c) Financial, (d) Transaction, (e) Marketing and Communications
    • Lawful Bases: (a) Performance of a contract with you, (b) Necessary for our legitimate interests (to recover debts due to us)
  3. To manage our relationship with you, which includes:
    • Notifying you about changes to our terms or privacy policy
    • Asking you to leave a review or take a survey
    • Data Types: (a) Identity, (b) Contact, (c) Profile, (d) Marketing and Communications
    • Lawful Bases: (a) Performance of a contract with you, (b) Necessary to comply with a legal obligation, (c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
  4. To administer and protect our business and this website:
    • Troubleshooting, data analysis, testing, system maintenance, support, reporting, and hosting of data
    • Data Types: (a) Identity, (b) Contact, (c) Technical
    • Lawful Bases: (a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise), (b) Necessary to comply with a legal obligation
  5. To deliver relevant website content and advertisements to you and measure their effectiveness:
    • Data Types: (a) Identity, (b) Contact, (c) Profile, (d) Usage, (e) Marketing and Communications, (f) Technical
    • Lawful Basis: Necessary for our legitimate interests (to study how customers use our products/services, to develop them, to grow our business, and to inform our marketing strategy)
  6. To use data analytics to improve our website, products/services, marketing, customer relationships, and experiences:
    • Data Types: (a) Technical, (b) Usage
    • Lawful Basis: Necessary for our legitimate interests (to define types of customers for our products and services, to keep our website updated and relevant, to develop our business, and to inform our marketing strategy)
  7. To make suggestions and recommendations about goods or services that may be of interest to you:
    • Data Types: (a) Identity, (b) Contact, (c) Technical, (d) Usage, (e) Profile
    • Lawful Basis: Necessary for our legitimate interests (to develop our products/services and grow our business)

Please feel free to contact us if you need more details about the specific legal basis we are relying on for processing your personal data, especially in cases where more than one ground has been set out in the table above.

Marketing

We strive to provide you with choices regarding certain personal data uses, particularly around marketing and advertising:

Promotional Offers From us

We may use your Identity, Contact, Technical, Usage and Profile Data to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you (we call this marketing).

You will receive marketing communications from us if you have requested information from us or purchased services from us and you have not opted out of receiving that marketing.

Third-Party Marketing

We will get your express opt-in consent before we share your personal data with any third party for marketing purposes.

Opting Out

You can ask us or third parties to stop sending you marketing messages at any time by logging into the website and checking or unchecking relevant boxes to adjust your marketing preferences or by following the opt-out links on any marketing message sent to you or by Contacting us at any time.

Where you opt out of receiving these marketing messages, this will not apply to personal data provided to us as a result of a product/service purchase, product/service experience or other transactions.

Payments

We may provide paid products or services within the platform. In that case, we use third-party payment processors, such as Stripe, for payment processing. We will not store or collect your payment card details.

Your wallet and/or payment card details are transmitted directly to Stripe, whose use of your personal information is governed by their respective privacy policies. Stripe adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, and PCI-DSS requirements help ensure the secure handling of payment information.

To learn more about Stripe’s privacy practices, please review their respective privacy policies located at https://stripe.com/privacy.

Cookies and Related Technologies

We use tracking technology (“cookies”) on our platform. By visiting or using the platform, you agree to the use of cookies in your browser and HTML-based emails. Cookies are small text files placed on your device when you visit a platform in order to track your use of the platform and to improve your user experience.

Session Cookies

Our platform uses “session cookies”, which improve your user experience by storing certain information from your current visit on your computer or mobile device, such as log-in information. These enable us to remember your log-in session so you can move easily within the platform. These session cookies have limited functionalities and expirations, and you will be required to re-enter your log-in information after a certain period of time has elapsed to protect you against others accidentally accessing your account contents and related personal information.

You may at any time opt out of the automatic collection of data by setting your browser to refuse all or some browser cookies or to alert you when cookies are being sent. If you disable or refuse cookies, please note that some parts of the platform may then be inaccessible or not function properly.

Disclosure of Information

Information collected by us is always collected in line with the GDPR requirements and, subject to that, may be transferred to our corporate affiliates or our subcontractors. We may share your personal information in a manner consistent with this Privacy Policy, and if we or our assets are acquired or transferred in part or whole to another person or entity, your information and any other information we have collected may be among the items transferred. We may make inquiries, whether directly or through third parties, that we consider necessary to verify your identity or protect you and/or us against fraud or other financial crime and to take action we reasonably deem necessary based on the results of such inquiries. You hereby acknowledge that we shall have the right to investigate you in such an event.

We may also disclose your personal information when we have a good faith belief that (i) we are required to do so by law or in response to a subpoena, court order, or other legal requirements, or (ii) it is necessary to: detect, prevent, and/or address fraud and other illegal activity; to protect ourselves, you, and others, including as part of investigations.

International Transfers

We do not transfer your personal data outside the European Economic Area (EEA).

Please Contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EEA

Data Management and Security

The personal information that you provide to us is stored on servers with restricted access. In addition, we restrict access to personal information to our employees who need to know this information. However, no server, computer or communications network or system, or data transmission over the Internet can be guaranteed to be 100% secure. AS A RESULT, WHILE WE STRIVE TO PROTECT USER INFORMATION, WE CANNOT ENSURE, GUARANTEE, OR WARRANT THE SECURITY OF ANY INFORMATION YOU TRANSMIT TO US OR THROUGH THE USE OF THE PLATFORM, AND YOU ACKNOWLEDGE AND AGREE THAT YOU PROVIDE SUCH INFORMATION AND ENGAGE IN SUCH TRANSMISSIONS AT YOUR OWN RISK. ONCE WE RECEIVE A TRANSMISSION FROM YOU, WE WILL ENDEAVOR TO MAINTAIN ITS SECURITY ON OUR SYSTEMS. You may modify the personal information you have disclosed to us by contacting us via the contact form on our platform.

As mentioned herein above, this Privacy Policy does not cover the information practices of third-party websites linked to our platform. Although we encourage such third parties to adopt and follow their own privacy policies, we are not responsible for their collection and use of your personal information. You should refer to the privacy policies and statements of other websites or contact the respective webmasters of those websites to obtain information regarding their information collection, use and disclosure policies. When you have clicked on a third-party logo or URL displayed on our platform, which links you to a different website, our Privacy Policy no longer applies. You must read the privacy policy of the third party to see how your personal information will be handled on their website.

Some advertisements may be served by third-party advertisers, ad networks and ad servers. These third parties may use cookies alone or in conjunction with web beacons or other tracking technologies to collect information about our users. This may include information about user’s behaviour on this and other websites to serve them interested-based (behavioural) advertising. We do not control these third parties tracking technologies or how they may be used. If you have any questions about an advertisement, you should contact the responsible advertiser directly.

Data Retention

We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements.

To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

In some circumstances you can ask us to delete your data: see Request erasure below for further information.

In some circumstances we may anonymise your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you.

Children’s Information

Our platform is not intended for children. We do not knowingly collect personal information from children. If you are under age do not use or provide any information on this platform or on or through any of its features, register on the platform, make any purchases through the platform, use any of the interactive or public comment features of this platform or provide any information about yourself to us, including your name, address, telephone number, e-mail address or any screen name or username you may use. If we learn we have collected or received personal information from a child without verification of parental consent, we will delete that information.

Jurisdiction and Data Storage

Our platform is operated from Cyprus, EU, and our data servers are located within the European Union. The personal data you provide to us will be stored and maintained on these servers. By using the platform, you are explicitly consenting to the transfer and storage of your data in these locations.

All legal proceedings arising out of or in connection with the use of our platform will be subject to the jurisdiction of courts in Cyprus.

Individuals hold the right to access, update and delete their personal data.

You can access, update and delete your information or submit additional inquiries by emailing our PRIVACY OFFICIAL at [email protected]

Data Subject Rights

This section shall be expressly limited to Data Subjects. “Data Subjects”, subject to and as set forth in the GDPR, have several rights under the GDPR at Lab4crypto:

Right of Access. A Data Subject has the right to obtain confirmation if the Data Subject’s personal information is being processed by us. If that is the case, a Data Subject can access the Data Subject’s personal information and the following information:

  • the purposes of the processing;
  • the categories of personal information;
  • to whom the personal information has been or will be disclosed; and/or
  • the envisaged period for which the personal information will be stored, or the criteria used to determine that period.

If a Data Subject would like to have a copy of the Data Subject’s personal information from us, we will provide it if the Data Subject proves the Data Subject’s identity and it will not adversely affect the rights and freedoms of others. The first copy will be provided for free; for any further copies, we may charge a reasonable fee based on administrative costs.

Right to Rectification. A Data Subject has the right to demand that we correct without undue delay the Data Subject’s personal information, which we have in our systems, if it is inaccurate or incomplete.

Right to Erasure/Right to Be Forgotten. A Data Subject has the right to demand that we erase the Data Subject’s personal information, and we shall erase it without undue delay where one of the following grounds applies:

  • this personal information is no longer necessary in relation to the purposes for which it was processed;
  • the Data Subject withdraws consent on which the processing is based and where there is no other legal ground for the processing;
  • the Data Subject objects to the processing, and there are no overriding legitimate grounds;
  • the Data Subject’s personal information has been unlawfully processed; or
  • the Data Subject’s personal information has to be erased for compliance with a legal obligation.

Additional Rights

Right to Restrict Processing. A Data Subject has the right to restrict us in the ability to process the Data Subject’s information where one of the following applies:

  • the Data Subject contests the accuracy of the Data Subject’s personal information, and we verify it; the processing is unlawful, and the Data Subject wants to restrict it instead of erasure;
  • we no longer need the Data Subject’s personal information, but the Data Subject needs it for the establishment, exercise or defence of legal claims; or
  • the Data Subject has objected to processing, and we verify whether legitimate grounds override the Data Subject’s request.

Right to Data Portability. A Data Subject has the right to receive the Data Subject’s personal information, which the Data Subject provided to us in a structured, commonly used and machine-readable format and has the right to transmit such data to another company, where:

  • the processing is based on the Data Subject’s consent or on a contract; and
  • the processing is carried out by automated means.

Where technically feasible, a Data Subject can demand that we transmit such data directly to another company.

Right to Object. A Data Subject has the right to object to the processing of the Data Subject’s personal information based on legitimate interests. Upon such objection, we will no longer process the Data Subject’s personal information unless we demonstrate compelling legitimate grounds for the processing or for the establishment, exercise or defence of legal claims. Where personal information is processed for direct marketing purposes, a Data Subject has the right to object at any time to the processing of the Data Subject’s personal information for such marketing.

Automated Individual Decision-Making, Including Profiling. A Data Subject has the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects on the Data Subject. Please note that we don’t make any automated decisions, including profiling based on information that we have about a Data Subject.

Right to Withdraw Consent. A Data Subject has the right to withdraw the Data Subject’s consent for the processing of the Data Subject’s personal information at any time. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint. A Data Subject has the right to lodge a complaint with a supervisory authority, in particular in the EU Member State of the Data Subject’s residence, place of work, or place of the alleged infringement, if the Data Subject deems that the processing of the Data Subject’s personal information infringes GDPR.

Breach Notification. If a breach/unauthorised access of personal information takes place that is likely to “result in a risk for the rights and freedoms of Data Subjects”, we will notify the necessary EU supervisory authority within 72 hours of becoming aware of the breach.

What We May Need From You

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights). This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. We may also contact you to ask you for further information in relation to your request to speed up our response.

Customers exercising their rights under state privacy laws will face no discrimination. This Privacy Policy acts as our privacy notice to you under such applicable law. Access and/or use of the Lab4Crypto platform is permissible solely on the condition of your agreement with this Privacy Policy. It does not apply to any website other than our platform, including any website or service accessed via links on our platform or any other party's use of your personal information other than ours.

We reserve the right, at our sole discretion, to modify, discontinue, or terminate any aspect of the Lab4Crypto platform or to modify this Privacy Policy at any time without prior notice. Any changes will become effective upon posting on our platform. Your continued use of our platform following these changes signifies your agreement with the revised privacy policy.

Contact

If you have any questions about this Privacy Policy, please contact us at [email protected].

Controller

Lab4Crypto is the controller and responsible for your personal data (referred to as the” COMPANY”, “we”, “us” or “our” in this privacy notice).

We have appointed a responsible person who is responsible for overseeing questions in relation to this privacy notice. If you have any questions about this privacy notice, including any requests to exercise your legal rights, please contact the DPO using the details set out below.

Contact Details

Our full details are:

  • Full name of legal entity: Theodoros Christodoulou
  • Email address: [email protected]
  • Postal address: 25 MARTIOU 27 APP.105A, 2408

You have the right to make a complaint at any time to the Commissioner for the Protection of Personal Data in Cyprus. We would, however, appreciate the chance to deal with your concerns before you approach the ICO so please contact us in the first instance.