"Personal Data" means any information relating to an identified or identifiable natural person. Below we inform you about the type, extent and purpose of the collection and use of personal data.
Who is responsible for data processing and who can you contact?
The party responsible for data processing is:
JULC Limited, with its business address in the Cayman Islands, Vistra (Cayman) Limited, P. O. Box 31119 Grand Pavilion, Hibiscus Way, 802 West Bay Road, Grand Cayman, KY1 - 1205 Cayman Islands registered in the commercial register of the Commercial Court of the Cayman Islands under Licence Number QI-390525.
Data Protection Officer:
Mr. Tobias Graf
Email: [email protected]
Which data are being processed and what are the sources of these data?
We process personal data (Art. 4 Nr. 1 GDPR) which we receive in connection with the use of the Okse Card.
The following data might be processed:
identity data, contact data, communication data, financial data, transactional data, profile data, technical data, marketing data
Please note that for the verification of your identity data might be processed which belong to the “special categories” of personal data (Art. 9 para 1 GDPR). This categories include racial or ethnic origin, political opinions, religious or philosophical beliefs or trade union membership, as well as genetic and biometric data. Biometric data may be processed where necessary and with your consent which you may revoke at any time.
For what purpose and on what legal basis are the data processed?
We process personal data in order to be able to provide our services, in order to receive and reply your requests as well as for marketing and safety purposes. We process personal data in accordance with the following data protection related provisions:
- Processing personal data with your consent (Art. 6 para. 1 a GDPR): We process data according to Art. 6 para 1 a GDPR in order to communicate with you and advert for our services.
- Processing personal data to fulfil contractual obligations (Art. 6 para. 1 b GDPR): If we enter into a contractual relation (including the initiation of contractual relation) the processing of personal data takes place for the provision of our services as provider of a software serving as a platform for user adoption and interactive support according to Art. 6 para. 1 b GDPR.
- Processing personal data to fulfil legal requirements (Art. 6 para. 1 c GDPR): In the event that our company is subject to a legal obligation which requires the processing of personal data, such as for example the fulfilment of tax obligations, the processing of personal data is made pursuant to Art. 6 para. 1 lit. c GDPR.
- Processing personal data according to Art. 6 para. 1 d GDPR: In exceptional cases the processing of personal data may be required in order to protect the vital interests of the data subject or another natural person. This could for example be the case were a visitor will be injured in our premises and in consequence his name, age, health insurance data or other vital information need to be transmitted to a doctor, hospital or other third party. In that event the processing will be made pursuant to Art. 6 para. 1 lit. d GDPR.
- Processing personal data according to Art. 6 para. 1 d GDPR: Finally, data processing activities can be conducted on the basis of Art. 6 para. 1 lit. f GDPR which covers data processing activities which are do not fall under any of the aforementioned legal provisions and which covers data processing which is necessary for the purposes of the legitimate interests pursued by us or a third party and provided that such interests are not overridden by the interests or fundamental rights and freedoms of the data subject.
Legitimate interests of the controller that are being pursued by the controller or a third party
If the processing of personal data is based on Article 6 para. 1I lit. f GDPR our legitimate interest is the conduct of our business and the related communication with you (recital 47 GDPR) as well as prevention of misuse.
How do we collect data?
- Server Log Files: We collect and store information on the basis of Art. 6 para 1 lit. f GDPR about your visits of our website in so called log-files on our server. The log files contain data that your browser is automatically sending to us, such as shortened IP-address, browser type/ browser version, your operating system, referrer URL (or the website visited previously), date and time of the server request, amount of transmitted data, your internet service provider. These data will be collected and processed only for the purpose of measuring the statistics of our website performance. These data will not be connected with data from other data sources.
- Contacting us: if you contact us we store and process the data submitted by email in order to be able to reply to your request. Storing and processing your personal data in this context is based on Art. 6 para 1, lit f GDPR.
- Applying for the Okse Card and creating an account: if you apply for the Okse Card we need to process your identity data and verification data to fulfill our service. The legal basis is Art. 6 para b GDPR.
- Making transactions: if you make transactions all data in connection with the transaction and which are necessary to perform the transaction will be processed. The legal basis is Art. 6 para b GDPR. Please note that the transaction will be transparent on the blockchain.
- Participating on the Okse Platform: if you participate on the platform your participation and your communication data will be published to other users and or visitors of the website. The legal basis is Art. 6 para a GDPR.
How long do we store data?
We process and store personal data only for the period, which is required to meet the purpose of processing, or as long and to the extent as statutory laws require us to process and/or store such data.
If the purpose of processing does not apply anymore and the applicable statutory retention requirement expires, we will as a matter of routine erase data or restrict the processing of data in accordance with the applicable statutory laws.
Information about the transfer of personal data to a third country
We use services as part of our service, i.e. US-based providers or providers from other states outside EU/EEA who also process personal data on our behalf (e.g. name, e-mail address and possibly others). We expressly point out that, with regard to the USA, no adequacy decision of the European Commission has been issued so far. Whenever we transfer your personal data out of the EU/EEA, we ensure a similar degree of protection is afforded to it by ensuring at least that the country to which we transfer your personal data has been deemed to provide an adequate level of protection for personal data by the European Commission and/or a specific contract approved by the European Commission which gives safeguards to the processing of personal data, the so called Standard Contractual Clauses is used.
Data transfer to third parties:
Your data will – to the extent which is necessary to perform the service – transferred to the following third parties:
To issue the Okse Card:
Solid Financial Technologies Inc, 2955 Campus Dr #110, San Maeo, CA 94403
Elliptic Enterprises Limited. Registered in England and Wales, Registration number 8458210) elliptic.co
KYC & AML Technology Provider:
Passbase, Inc.: 179 Franklin St, New York, NY 10013
Passbase GmbH.: Monbijou Platz 2, 4th Floor, Berlin 10178, Germany
To change the crypto into fiat currency:
S A F U DMCC, License Number DMCC-825721, Unit No: ALMAS-48-CV37 ALMAS Tower, Plot No:JLT-PH1-A0 Jumeirah Lakes Towers Dubai, United Arab Emirates
Fintech & Programming:
JULC Limited. Vistra (Cayman) Limited, P. O. Box 31119 Grand Pavilion, Hibiscus Way, 802 West Bay Road, Grand Cayman, KY1 - 1205 Cayman Islands
Block Ain DMCC, License Number DMCC-831219, Unit No: ALMAS-48-CV37 ALMAS Tower, Plot No:JLT-PH1-A0 Jumeirah Lakes Towers Dubai, United Arab Emirates
To transfer the money to the merchant:
VISA Inc.,principle place of business: 900 Metro Centre Boulevard, Foster City, CA94494, USA
What are your rights?
You may exercise certain rights regarding your information processed by us. In particular you have the right to do the following:
You have the right to withdraw consent where you have previously given your consent to the processing of your information. You have the right to object, on grounds relating to your particular situation, at any time to processing of personal data concerning you which is based on point (e) or (f) of Art. 6 para.1 GDPR. You have the right to learn if information is being processed by us, obtain disclosure regarding certain aspects of the processing and obtain a copy of the information undergoing processing. You have the right to verify the accuracy of your information and ask for it to be updated or corrected. You have the right, under certain circumstances, to restrict the processing of your information, in which case, we will not process your information for any purpose other than storing it. You have the right, under certain circumstances, to obtain the erasure of your personal information from us. You have the right to receive your information in a structured, commonly used and machine-readable format and, if technically feasible, to have it transmitted to another controller without and hindrance. This provision is applicable provided that your information is processed by automated means and that the processing is based on your consent, on a contract which you are part of or on pre-contractual obligations therof. If you are located in a European Union member state or within the European Economic Area, you have the right to lodge a complaint about our data collection and processing activities with the supervisory authority concerned.
We will comply with the aforementioned requests if and to the extent such compliance is required by the applicable statutory laws. Requests for access to and rectification or erasure of personal data or restriction of processing may be directed to the email or post address stated in our website’s imprint.