Last updated on 30 June 2022
1. Policy Statement
We fully understand and respect the importance of your Personal Information to you, and we will adopt corresponding appropriate safety protection measures to protect your Personal Information in accordance with the requirements of the applicable laws and regulations. In view of this, this Policy is formulated to inform you of your rights with respect to the processing of your Personal Information. We will not use your personal information for any purpose not covered in this Policy without prior notification to you and/or your consent.
This Policy applies to all the Services on the Platform. You shall read this Policy carefully before using the Platform and seek independent legal advice, if necessary. If you do not agree with or understand this Policy, please do not use or access the Services. By using the Services, you shall be deemed to have acknowledged, understood, and agreed to bound by and consent in full to the Policy, including any modifications to this Policy from time to time.
“Confidential Information” means the Identification Information, Third Party Information and Usage Information.
“Corporate Identification Information” has the meaning ascribed in article 3.2.
“Digital Assets” has the meaning ascribed in article 1.
“Identification Information” has the meaning ascribed in article 3.2.
“Party” has the meaning ascribed in article 1.
“Personal Identification Information” has the meaning ascribed in article 3.1.
“Personal Information” has the meaning ascribed in article 3.1.
“Platform” has the meaning ascribed in article 1.
“Services” has the meaning ascribed in article 1.
“Third Party Information” has the meaning ascribed in article 3.4.
“Usage Information” has the meaning ascribed in article 3.3.
“User” has the meaning ascribed in article 1.
3. How we Collect and Use your Information
3.1 Personal Identification Information
We collect certain Personal Information from you when you create an Account on the Platform. Where you are an individual, we may collect, including, but not limited to, your:
(i) full name;
(ii) address (and permanent address if it differs from your address). Your address (or permanent address) shall be verified in the manner prescribed by us;
(iii) proof of Address Documents, including bank, brokerage, and/or credit card statements, utility bills, mortgage statements, and/or property tax statements;
(iv) valid email address;
(v) date of birth;
(vii) identification information such as your driver’s license number, Social Security or Identification number, Passport number or other government-issued identification documents;
(viii) photographs of you with your identification documents;
(ix) copies of your official identification documents, including passports, identify cards (both front and back) and/or other identification documents issued by the relevant authorities;
(x) other information that we may request or obtain from you from time to time,
the “Personal Identification Information”.
3.2 Where you are a legal entity other than an individual, we may collect, including, but not limited to, your:
(i) registration and incorporation documents;
(ii) articles of association or memorandum;
(iii) ownership structure and description of such ownership structure;
(iv) board resolution designating your authorised representative responsible for the Account;
(v) identification documents of the directors, major shareholders and the authorised representative(s), which may include the identification information in clause 3.1(i) to (x) above. Generally, shareholder’s holding 10% or more of the relevant entity’s voting power is required to be identified;
(vi) registered business address; and
(vii) other information that we may request or obtain from you from time to time,
the “Corporate Identification Information” and together with the Personal Identification Information, the “Identification Information”. You shall have the obligation to keep the Identification up to date. We use the Identification Information for the following purposes:
(a) to assist in the registration of your Account with the Platform;
(b) for you to access and use the Services;
(c) to facilitate our contact with you;
(d) for the safety and security of the Platform, including protecting the integrity of the Platform;
(e) to assist us in any legal proceedings;
(f) to enable us to comply with any legal and regulatory framework to combat money-laundering and/or financing of terrorism;
(g) to send marketing communications;
(h) for internal business purposes and record keeping; and/or
(i) other purposes which we may deem to be necessary from time to time.
3.3 Usage Information
When you access and/or use the Services on the Platform, we may collect certain information relating to your use of the Services, which include, but not limited to, your:
(i) transaction information, which includes Account balances, trading activity, deposits, withdrawals and customer service interactions;
(ii) bank account and debit/credit card information;
(iii) browser information, such as your IP address, domain name, login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform;
(iv) log information, such as your device information, device manufacturer, system version, IMEI, device fingerprint information, location, system activity, number and length of visits and page interactions;
(v) communications which you have with us;
(vi) any surveys completed by you; and
(vii) other information which we may collect from you from time to time,
together, the “Usage Information”. We may use the Usage Information for the following purposes:
(a) to ensure the safety of your Account and its Digital Assets;
(b) to provide you with a more convenient and personalised experience using the Services;
(c) to assist in any investigations or resolving any potential disputes;
(d) to improve the quality of the Services;
(e) to manage the operations of the Platform;
(f) for data analysis of the usage of the Platform; and/or
(g) for other purposes which we may deem to be necessary from time to time.
3.4 Third Party Information
We may collect information from third parties relating to you, which may include, but not limited to, information from:
(i) your bank when you make a bank transfer to use the Services;
(ii) advertising, search and analytics providers;
(iii) public databases, credit bureaus and identification verification partners;
(iv) authorities relating to a potential investigation relating to your use of the Services; and
(v) other information which we may collect from time to time,
together, the “Third Party Information”. Before obtaining the Third Party Information, we shall require such Third Party to obtain your consent before collecting such Third Party Information. We may use the Third Party Information for the following purposes:
(a) to assist with internal and/or external investigations;
(b) to fulfil our legal or regulatory obligations;
(c) personal data processing activities, such as identity verification, payment processing, compliance with court orders, other reporting obligations and anti-money laundering or combating the financing of terrorism policies; and
(d) other purposes which we may deem necessary from time to time.
Before obtaining the Third Party Information, we require the Third Parties to obtain your prior consent in accordance with any applicable laws, rules and regulations before collecting the Third Party Information. We shall use the same level of protective measures as those used for the Personal Information to protect the Third Party Information.
5. How we Share, Transfer or Disclose your Information
We shall not disclose any Confidential Information to any third party, except:
(i) to the extent required by applicable laws, rules and regulations;
(ii) to comply with requests from relevant authorities;
(ii) under a legal obligation to disclose such information;
(iii) when it is in our legitimate business interests to disclose such information;
(iv) when the disclosure is in line with the Huobi Platform User Agreement and/or this Policy;
(v) where the Confidential Information is already public;
(vi) where the disclosure is necessary for the operation of the Platform;
(vii) where the disclosure is necessary to protect the interests of the Platform and/or other users; and/or
(viii) at your request or with your consent.
We shall endeavour to make such disclosures on a “need-to-know” basis, and may disclose the Confidential Information to the following parties (“Receiving Parties”):
(a) any affiliates and subsidiaries;
(b) our service providers and business partners; and/or
(c) relevant authorities to assist them with their investigations.
Where disclosures on the Confidential Information are made pursuant to this article 5, the Receiving Parties may store the Confidential Information within their own systems to comply with their legal or other obligations.
6. How we Protect your Information
We adopt various measures to protect the Confidential Information (“Protective Measures”). Such measures include:
(i) physical measures, such as ensuring the Confidential Information is stored in a secure facility;
(ii) electronic measures, such as implementing strict access requirements for access to the Confidential Information;
(iii) management measures, such as setting up an internal department for the protection of the Confidential Systems, implementing internal controls to ensure only the relevant employees are permitted to access the Confidential Information and training to ensure the relevant employees know how to deal with the Confidential Information;
(iv) security measures, such as using security technology and management systems to minimise the risk that the Confidential Information would be disclosed, damaged, misused and/or accessed without proper authorisation. When storing and transmitting the Personal Information, we shall adopt measures such as encryption to protect the Personal Information; and
(v) other measures, such as a periodic review of the procedures and technology used to protect the Confidential Information.
6.1 Should you become aware of any potential security vulnerability, please contact us so that we can take the appropriate measures as soon as possible. Despite the Protective Measures, we cannot guarantee the absolute safety of the Confidential Information. When registering for our Services, choose a complex password and turn on advance security features, such as two-factor authentication. Never share your account credentials with third-parties. Where necessary, we shall anonymise and remove the identifiers from the Confidential Information.
6.2 Subject to any applicable laws, rules and regulations, we store the Confidential Information for as long as it is reasonably necessary for the purposes as described in this Policy, and may be retained until the time limit for any legal challenges has expired or in order for us to comply with the regulatory requirements regarding the retention of such personal information.
7. How You Manage Your Information
Subject to applicable laws, rules and regulations, you may do the following with regards to your Personal Information (“Management Request”):
(i) obtain a copy of your Personal Information upon request;
(ii) determine whether your Personal Information is up to date and accurate;
(iii) subject to our consent, the deletion of your Personal Information;
(iv) grant or withdraw your authorisation for us to process your Personal Information;
(v) object to the processing of your Personal Information;
(vi) limit the processing of your Personal Information; and/or
(vii) where processing any of your Personal Data requires your consent, withdraw your consent from such processing.
Where you contact us with regards to any Management Request, we shall have the right to:
(a) request that you provide the proper identification information to verify your identity before processing your Management Request;
(b) where we deem your Management Request to be unreasonable, charge you a fee to process your Management Request;
(c) reject your Management Request should we deem that your Management Request cannot be fulfilled based on the limitations of the Platform;
(d) reject your Management Request where your Management Request is subject to applicable laws, rules or regulations;
(e) reject your Management Request where we have a legal or other obligation not to fulfil your Management Request;
(f) restrict your use of the Services should the Management Request prevents us in continuing to provide the Services to you; and/or
(g) reject your Management Request where your Management Request would be detrimental to us, other users or the Platform.
8. Anonymized and Aggregated Data
8.1 Anonymization is a data processing technique that removes or modifies personal information so that removes or modifies personal information so that it cannot be associated with a specific individual. Except for this section, none of the other provisions of this Policy applies to anonymized or aggregated persona data (i.e., information about our Users that we combine together so that it no longer identifies or references an individual User).
8.2 We may use anonymized or aggregate customer data for any business purpose, including to better understand Users’ needs and behaviours, improve our products and services, conduct business intelligence and marketing, and detecting security threats. We may perform our own analytics on anonymized data or enable analytics provided by third parties.
9. Transfers of Confidential Information Outside Your Country
By using the Services, you consent to your Confidential Information being transferred to other countries, including countries that have differing levels of privacy and data protection laws other than your country. In all such transfers, we will protect your Confidential Information as described in this Policy.
10. External Links
Although the Platform strives to only include safe and relevant external links, you should adopt a policy of caution before clicking any external links. We cannot control, guarantee or verify their contents. They will have their own policies and practices with regards to privacy and personal data and you should be familiar with such policies and practices before continuing to engage with such external websites and apps.
11. How this Policy is Updated
This Policy is reviewed periodically to ensure that any new obligations are taken into consideration and takes into account any changes to the regulatory landscape. Where there are any changes to this Policy, we shall release an updated Policy on the Platform and change the Last Updated date. By continuing to use the Services after the Policy has been updated, it shall be deemed that you agree to the updated Policy. Should you not agree any of the terms in the updated Policy, you should cease to access and/or use the Services immediately.
12. How to Contact Us
For any questions in relation to this Policy, you may contact us at [email protected].