Loading

Terms of Service

SOFTWARE AS A SERVICE CONTRACT

between

In the European Economic Area (EEA) and Switzerland, Investhub services are provided to you by this contractor:

Equanimity AG

registered and operated under Liechtenstein law

(Registernummer: FL-0002.289.079-4/Umsatzsteuer-ID-Nr.: 56989)

Herrengasse 30, 9490, Vaduz, Liechtenstein

Service provider

Investhub services are provided to you by that Investhub company with which you enter into a contractual relationship for this purpose:

Investhub DAO Pte. Ltd.

organized under Singapore law of the city state of Singapore and operated under the law of Singapore

9 Jalan Kukoh #08-99

160009

Singapore

hereinafter referred to as “Investhub”.

(the “Provider“)

and

XXXX

(the “Customer“)

(together the “Contracting Parties“)

Preamble

The contracting parties have agreed on the necessary minimum content of the Software as a Service (“SaaS“) Agreement on 01.10.2022 by a concurring declaration of intent (written acceptance of Provider’s offer dated 01.10.2022 by Customer on 01.10.2022). This contract reflects the necessary minimum content and contains further regulations. This contract shall now form the sole basis for the contractual relationship between the contracting parties.

  • Subject of the contract
  1. The Provider shall provide SaaS services to the Customer via the medium of the Internet. The Provider expressly does not provide any compliance-relevant services.
  1. The subject of the contract is the
  1. Providing Provider’s KYC compliance software (the “SOFTWARE“) for use via the Internet and the
  1. Granting of storage space on the provider’s servers.

The SOFTWARE is a white label product and runs on the TENANTURL platform.  

  1. The Provider is allowed to involve subcontractors for the operation of the SOFTWARE (e.g. for video identification, for data backup) and for the granting of storage space. For this purpose, a separate contract is concluded between the customer and the subcontractor. The use of subcontractors does not release the Provider from its sole obligation to the Customer to fulfill the contract in full.
  1. It is expressly stated that the provision of the SOFTWARE constitutes neither a delegation (Art 24 DDA) nor an outsourcing (Art 24a DDA) of the due diligence obligations under the applicable provisions on combating money laundering, organized crime and terrorist financing to the Provider. The due diligence obligations remain with the Customer and the Provider assumes no liability for a breach of the due diligence obligations by the Customer.

  • Software transfer
  1. The Provider shall make the SOFTWARE available to the Customer at the router exit of the respective server of the Provider (“Delivery Point“) in the respective current version via the Internet against payment for the duration of this Agreement.
  1. The respective current functional scope of the SOFTWARE results from its current performance description on the Provider’s website at www.equanimity.li or through a live demo provided by the Provider. 
  1. The Provider does not owe the guarantee of the data connection between the transition point and the IT systems of the Customer. It is the responsibility of the customer or its contractual partners to create the technical conditions for the reception of the SOFTWARE at the transfer point and its use.
  1. The Provider shall immediately eliminate all software errors in accordance with the technical possibilities. An error shall be deemed to exist if the SOFTWARE does not fulfill the functions specified in the service description, delivers faulty results or does not function properly in any other way, so that the use of the SOFTWARE is impossible or limited.
  1. The Provider shall owe the quality and availability values set forth in the Service Level Agreement (SLA) available on the Provider’s website at www.equanimity.li.
  1. The Provider is continuously developing the SOFTWARE and will improve it through ongoing updates and upgrades.

  • Rights of use of the SOFTWARE
  1. The Provider grants the Customer the non-exclusive and non-transferable right to use the SOFTWARE designated in this Agreement for the duration of the Agreement within the scope of the SaaS Services as intended.
  1. The customer may only process the SOFTWARE as far as this is covered by the intended use of the SOFTWARE according to the respective current service description.
  1. The customer may not duplicate the SOFTWARE.
  1. The customer is not entitled to make the SOFTWARE available to third parties for use against payment or free of charge. Thus, the customer is expressly not permitted to sublet the SOFTWARE.

  • Changes to the SOFTWARE

The Provider is entitled to modify and optimize the SOFTWARE on an ongoing basis, provided that the functionality or security features of the SOFTWARE are not affected by the modification. If changes are made that alter the way personal data is processed, the customer may terminate the agreement within 30 days of receiving notice of the change. Other changes to the service description and to the Service Level Agreement (SLA) shall only come into effect by mutually agreeable amendment of the contract in the agreed form.

  • Granting of storage space, surrender and deletion of data
  1. The Provider shall provide the Customer with dynamically allocated storage space on a server for storing its data.  The Customer may store content on this server up to an extent specified in the service description. If the storage space is no longer sufficient to store the data, the Provider will notify the Customer of this. The customer can reorder corresponding contingents, subject to availability at the provider.
  1. The Provider shall ensure that the stored data can be accessed via the Internet.
  1. The customer is not entitled to transfer this storage space to a third party for use, in part or in full, against payment or free of charge.
  1. The customer undertakes not to store any content on the storage space whose provision, publication or use violates applicable law or agreements with third parties.
  1. The Provider is obliged to take appropriate precautions against data loss and to prevent unauthorized access to the Customer’s data by third parties. For this purpose, the Provider shall make daily backups.
  1. In any case, the customer remains the sole owner of the data and can therefore demand the return of individual or all data at any time.
  1. The customer can use the export function of the SOFTWARE to manually export data at any time or have it automatically stored on a server to be paid for by the customer at Amazon AWS (s3 bucket) or at an Acronis data center in Liechtenstein, which is managed by GMG AG.
  1. Upon termination of the contractual relationship, the Provider shall immediately return to the Customer all data stored on the storage space allocated to it. 
  1. The surrender of the data shall be effected at the customer’s option either by handing over data carriers or by transmission via a data network. The customer has no right to also receive the SOFTWARE suitable for the use of the data.
  1. The Provider shall have no right of retention with respect to the Customer’s data.

  • Support

The scope of support can be found on the provider’s website at www.equanimity.li. 

  • Obligations of the customer
  1. The customer undertakes not to store any illegal content or content that violates the law, official requirements or the rights of third parties on the storage space provided.
  1. The customer is obliged to prevent unauthorized access of third parties to the protected areas of the SOFTWARE by taking appropriate precautions. For this purpose, the customer shall, to the extent necessary, instruct its employees to comply with copyright law.
  1. Without prejudice to the Provider’s obligation to back up data, the Customer itself is responsible for entering and maintaining its data and information required to use the SaaS Services.
  1. The customer is obliged to check his data and information for viruses or other harmful components before entering them and to use state-of-the-art virus protection programs for this purpose.
  1. The Customer shall generate a “User Email” and a password itself for accessing the use of the SaaS Services, which are required for further use of the SaaS Services. The Customer is obliged to keep the “User Email” and password secret and not to make them accessible to third parties.
  1. The contents stored by the customer on the storage space intended for him may be protected by copyright and data protection laws. The Customer hereby grants the Provider the right to make the content stored on the server accessible to the Customer upon the Customer’s queries via the Internet and, in particular, to reproduce and transmit it for this purpose and to be able to reproduce it for the purpose of data backup.

  • Remuneration
  1. The Customer undertakes to pay the Provider for the provision of the SOFTWARE and the granting of the storage space the fee according to the price list according to the price list.
  1. Objections to the Provider’s invoice must be raised by the Customer in writing to the office indicated on the invoice within a period of 7 days after receipt of the invoice. After the expiry of the aforementioned period, the billing shall be deemed approved by the Customer. The Provider shall specifically draw the Customer’s attention to the significance of its actions when sending the invoice.

  • Liability for defects / Liability
  1. The Provider guarantees the functional and operational readiness of the SaaS Services in accordance with the provisions of this Agreement.
  1. In the event that the Provider’s services are used by unauthorized third parties using the Customer’s access data, the Customer shall be liable for any charges incurred as a result within the scope of civil liability until receipt of the Customer’s order to change the access data or notification of the loss or theft, provided that the Customer is at fault for the access of the unauthorized third party.
  1. The Provider is entitled to immediately block the storage space if there is reasonable suspicion that the stored data is illegal and/or infringes the rights of third parties. A reasonable suspicion for an illegality and/or a violation of rights exists in particular if courts, authorities and/or other third parties inform the Provider thereof. The Provider shall notify the Customer of the block and the reason for it without delay. The block is to be lifted as soon as the suspicion is invalidated.
  1. Claims for damages against the Provider are excluded, regardless of the legal grounds, unless the Provider has acted intentionally or with gross negligence. The Provider is only liable for slight negligence if one of the essential contractual obligations has been violated by the Provider. The Provider is only liable for foreseeable damages, which can typically be expected to occur. Material contractual obligations are those obligations which form the basis of the contract, which were decisive for the conclusion of the contract and on the fulfillment of which the Customer may rely.  
  1. The Provider shall not be liable for the loss of data insofar as the damage is due to the Customer’s failure to perform data backups and thereby ensure that lost data can be restored with reasonable effort.

  • Term and termination
  1. The contract is concluded for an indefinite period. The contractual relationship shall commence on 01.11.2022 and may be terminated by either party at any time in writing with 30 days’ notice to the end of a month.
  1. The right of each contractual party to terminate the contract without notice for good cause remains unaffected. In particular, the Provider shall be entitled to terminate without notice if the Customer fails to make due payments despite a reminder and a grace period or violates the contractual provisions regarding the use of the SaaS services. Termination without notice requires in any case that the other party is warned in writing and requested to eliminate the alleged reason for termination without notice within a reasonable period of time.

  • Data protection / Secrecy
  1. The processing of personal data for the customer for the fulfillment of the subject matter of the contract by the provider is carried out exclusively on behalf of the customer.
  1. The details of the commissioned processing are set out in Annex 2. This takes precedence over the provisions of this contract (including other appendices) in its scope of application.
  1. The customer itself is responsible for the declarations of consent required under the provisions of data protection law by its customers and its contractual partners.
  1. The Provider undertakes to maintain strictest secrecy about all confidential processes, in particular business or trade secrets of the Customer, which come to its knowledge in the course of the preparation, execution and fulfillment of this contract, and to neither pass them on nor exploit them in any other way. This applies to any unauthorized third parties, i.e. also to unauthorized employees of both the Provider and the Customer, unless the disclosure of information is necessary for the proper fulfillment of the Provider’s contractual obligations. In cases of doubt, the Provider shall obtain consent from the Customer prior to such disclosure.
  1. The Provider undertakes to agree with all employees and subcontractors employed by it in connection with the preparation, execution and performance of this Agreement on a provision identical in content to the preceding paragraph.

  • Applicable law, place of jurisdiction
  1. The present contract shall be governed by Liechtenstein law, excluding the conflict of laws rules.
  1. For disputes arising from this contract, the exclusive place of jurisdiction is the Provider’s registered office.

  • Other
  1. Verbal collateral agreements have not been made.
  1. Amendments, supplements and additions to this contract shall only be valid if they are agreed in writing between the contracting parties. This shall also apply to any waiver of the written form requirement.
  1. Should any provision of this contract be or become invalid, this shall not affect the validity of the remainder of the contract. The invalid provision shall be deemed to be replaced by a valid provision that comes as close as possible to the economic purpose of the invalid provision. The same shall apply in the event of a gap in the contract.
  1. Annexes referred to in this contract are an integral part of the contract.
  1. The information on Provider’s website is not a part of this Agreement unless such information is incorporated by reference into this Agreement.
  1. This contract shall be executed in duplicate in the original. Each contracting party shall receive one copy.

Vaduz, on 01.10.2022

Provider:

Equanimity AG

………………………………

Marcel Füssinger

Member of the Board of Directors

The customer:

XXX

………………………

XX

Managing Director

………………………

XX

Board of Directors


ORDER PROCESSING CONTRACT

between

XXX

LI-XX XXX

(the “Client“)

and

Equanimity AG

FL-0002.289.079-4

Herrengasse 30

LI-9490 VADUZ

(the “Contractor“)

(together the “Parties“)

  • Subject of the contract

As part of the provision of services under the contract dated 01.10.2022 (hereinafter referred to as the “Main Contract“), it is necessary for the Contractor to handle personal data for which the Customer acts as the responsible body within the meaning of the data protection regulations (hereinafter referred to as “Customer Data“). This Agreement specifies the rights and obligations of the Parties under data protection law in connection with the Contractor’s handling of Client Data for the purpose of implementing the Main Agreement.

  • Scope of the assignment
  1. The Contractor shall process the Client Data on behalf of and in accordance with the instructions of the Client within the meaning of Art. 28 DSGVO (commissioned processing). The client remains the responsible party in the sense of data protection law.
  1. The processing of Client Data by the Contractor shall be carried out in the manner, to the extent and for the purpose as specified in Annex 1 to this Agreement; the processing concerns the types of personal data and categories of data subjects designated therein. The duration of the Processing shall correspond to the term of the Main Contract.
  1. The Contractor reserves the right to anonymize or aggregate the Client Data so that it is no longer possible to identify individual data subjects and to use it in this form for the purpose of demand-oriented design, further development and optimization as well as the provision of the service agreed upon in accordance with the main contract. The Parties agree that anonymized Client Data or Client Data aggregated in accordance with the above provision shall no longer be deemed Client Data within the meaning of this Agreement.
  1. The Contractor may process and use the Client Data for its own purposes and on its own responsibility within the scope of what is permissible under data protection law if a statutory permission provision or a declaration of consent by the data subject permits this. This contract does not apply to such data processing.
  1. The processing of Client Data by the Contractor shall generally take place within the European Union or in another contracting state of the Agreement on the European Economic Area (EEA). The Contractor is nevertheless permitted to process Client Data outside the EEA in compliance with the provisions of this Agreement if it informs the Client in advance of the location of the data processing and the requirements of Articles 44 to 48 of the GDPR are met or an exception pursuant to Article 49 of the GDPR applies.

  • Powers of instruction of the principal
  1. The Contractor shall process the Client Data in accordance with the Client’s instructions, unless the Contractor is required by law to process them otherwise. In the latter case, the Contractor shall notify the Client of such legal requirements prior to processing, unless the relevant law prohibits such notification due to an important public interest.
  1. The instructions of the Customer are in principle conclusively defined and documented in the provisions of this contract. Individual instructions which deviate from the stipulations of this contract or which impose additional requirements shall require the prior consent of the Contractor and shall be carried out in accordance with the amendment procedure stipulated in the main contract, in which the instruction shall be documented and the assumption of any additional costs incurred by the Contractor as a result thereof shall be regulated by the Customer.
  1. The Contractor warrants that it will process the Client Data in accordance with the Client’s instructions. If the Contractor is of the opinion that an instruction of the Client violates this Agreement or the applicable data protection law, it shall be entitled, after notifying the Client accordingly, to suspend the execution of the instruction until the Client confirms the instruction. The Parties agree that the sole responsibility for the processing of the Client Data in accordance with the instructions lies with the Contractor.

  • Responsibility of the client
  1. The Customer shall be solely responsible for the lawfulness of the processing of the Customer Data as well as for the protection of the rights of the data subjects in the relationship between the Parties. Should third parties assert claims against the Contractor based on the processing of Client Data in accordance with this Agreement, the Client shall indemnify the Contractor against all such claims upon first request.
  1. The Customer shall be responsible for providing the Contractor with the Customer Data in a timely manner for the performance of services under the Main Agreement and shall be responsible for the quality of the Customer Data. The Client shall inform the Contractor immediately and in full if it discovers errors or irregularities with regard to data protection provisions or its instructions when checking the Contractor’s order results.
  1. Upon request, the Customer shall provide the Contractor with the information specified in Art. 30 (2) of the GDPR, unless the Contractor has such information itself.
  1. If the Contractor is obliged vis-à-vis a government agency or a person to provide information on the processing of Client Data or to otherwise cooperate with such agencies, the Client shall be obliged to support the Contractor upon first request in providing such information or in fulfilling other obligations to cooperate.

  • Personnel requirements

The Contractor shall oblige all persons who process Client Data to maintain confidentiality with regard to the processing of Client Data.

  • Processing safety
  1. The Contractor shall take the necessary, appropriate technical and organizational measures in accordance with Art. 32 GDPR, which are required to ensure a level of protection for the Client Data appropriate to the risk, taking into account the state of the art, the implementation costs and the nature, scope, circumstances and purposes of the processing of the Client Data and the varying likelihood and severity of the risk to the rights and freedoms of the data subjects.
  1. The Contractor is permitted to change or adapt technical and organizational measures during the term of the contract as long as they continue to meet the legal requirements.

  • Use of other processors
  1. The Customer hereby grants the Contractor general approval to involve further processors with regard to the processing of Customer Data. The further processors called in at the time of conclusion of the contract are shown in Annex 2. Contractual relationships with service providers which have as their object the testing or maintenance of data processing procedures or systems by other bodies or other ancillary services are generally not subject to approval, even if access to Customer Data cannot be excluded in the process, as long as the Contractor makes appropriate arrangements to protect the confidentiality of the Customer Data.
  1. The Contractor shall inform the Customer of any intended changes with regard to the involvement or replacement of further Processors. In individual cases, the Customer shall have the right to object to the commissioning of a potential additional Processor. An objection may only be raised by the Customer for good cause to be proven to the Contractor. If the Customer does not raise an objection within 14 days after receipt of the notification, its right of objection with regard to the corresponding commissioning shall expire. If the Customer raises an objection, the Contractor shall be entitled to terminate the main contract and this contract with a notice period of 3 months.
  1. The contract between the Contractor and the additional Processor must impose the same obligations on the latter as are imposed on the Contractor by virtue of this contract. The parties agree that this requirement is fulfilled if the contract has a level of protection corresponding to this contract or if the obligations set out in Art. 28 (3) GDPR are imposed on the additional processor.
  1. Subject to compliance with the requirements of Section 2.5. of this Agreement, the provisions in this Section 7. shall also apply if a further Processor in a Third Country is engaged. The Customer hereby authorizes the Contractor, on behalf of the Customer, to conclude a contract with another Processor incorporating the EU standard contractual clauses for the transfer of personal data to Processors in third countries. The Principal declares its willingness to cooperate in the fulfillment of the requirements pursuant to Art 49 DSGVO to the extent necessary.

  • Rights of the data subjects
  1. The Contractor shall support the Client with technical and organizational measures within reasonable limits in fulfilling its obligation to respond to requests to exercise the rights of data subjects to which they are entitled.
  1. Insofar as a data subject asserts a request to exercise the rights to which he or she is entitled directly against the Contractor, the Contractor shall promptly forward this request to the Client.
  1. The Contractor shall provide the Client with information about the Client Data stored, the recipients of Client Data to whom the Contractor passes it on in accordance with the order, and the purpose of the storage, unless the Client has this information itself or can obtain it itself.
  1. The Contractor shall enable the Client to correct, delete or restrict the further processing of the Client Data within the scope of what is reasonable and necessary against reimbursement of the expenses and costs to be proven incurred by the Contractor as a result thereof or, at the request of the Client, to carry out the correction, blocking or restriction of the further processing itself if and to the extent that this is impossible for the Client itself.
  1. Insofar as the data subject has a right to data portability with respect to the Client Data pursuant to Art. 20 DSGVO, the Contractor shall support the Client within the scope of what is reasonable and necessary in providing the Client Data in a common and machine-readable format against reimbursement of the expenses and costs to be proven incurred by the Contractor as a result, if the Client cannot procure the data otherwise.

  • Notification and support obligations of the contractor
  1. Insofar as the Customer is subject to a statutory obligation to report or notify a breach of the protection of Customer Data (in particular pursuant to Art. 33, 34 DSGVO), the Contractor shall inform the Customer in a timely manner of any reportable events in its area of responsibility. The Contractor shall support the Client in fulfilling the reporting and notification obligations at the Client’s request within the scope of what is reasonable and necessary against reimbursement of the expenses and costs to be proven incurred by the Contractor as a result.
  1. The Contractor shall support the Client within the scope of what is reasonable and necessary against reimbursement of the expenses and costs to be proven incurred by the Contractor in connection with any data protection impact assessments to be carried out by the Client and any subsequent consultations with the supervisory authorities pursuant to Art. 35, 36 GDPR.

  • Data deletion
  1. The Contractor shall delete the Client Data after termination of this Agreement, unless the Contractor is legally obliged to continue storing the Client Data.
  1. Documentation that serves as proof of the proper processing of Client Data in accordance with the order may be retained by the Contractor even after the end of the contract.

  • Verifications and checks
  1. The Contractor shall provide the Customer, upon the Customer’s request, with all information necessary and available to the Contractor to demonstrate compliance with its obligations under this Agreement.
  1. The Customer shall be entitled to check the Contractor with regard to compliance with the provisions of this Agreement, in particular the implementation of the technical and organizational measures; including by means of inspections.
  1. In order to carry out inspections in accordance with Clause 11.2, the Customer shall be entitled to enter the Contractor’s business premises where Customer Data are processed during normal business hours (Monday to Friday from 10 a.m. to 6 p.m.) after timely advance notice in accordance with Clause 11.5, at its own expense, without disrupting the course of business and subject to strict confidentiality of the Contractor’s trade and business secrets.
  1. The Contractor shall be entitled, at its own discretion, taking into account the Customer’s legal obligations, not to disclose information which is sensitive with regard to the Contractor’s business or if the Contractor would violate legal or other contractual regulations by disclosing it. The Customer shall not be entitled to have access to data or information on other customers of the Contractor, to information regarding costs, to quality review and contract management reports and to any other confidential data of the Contractor which is not directly relevant for the agreed review purposes.
  1. The Customer shall inform the Contractor in good time (as a rule at least two weeks in advance) of all circumstances connected with the performance of the inspection. The Customer may carry out four inspections per calendar year. Further inspections shall be carried out against reimbursement of costs and after coordination with the Contractor.
  1. If the Customer commissions a third party to carry out the inspection, the Customer shall obligate the third party in writing in the same way as the Customer is obligated to the Contractor on the basis of this Clause 11. of this Agreement. In addition, the Customer shall oblige the third party to maintain secrecy and confidentiality, unless the third party is subject to a professional confidentiality obligation. Upon request of the Contractor, the Customer shall immediately submit to the Contractor the obligation agreements with the third party. The Customer may not commission a competitor of the Contractor with the inspection.
  1. At Contractor’s option, proof of compliance with the obligations under this Agreement may also be provided by the submission of a suitable, up-to-date attestation or report by an independent body (e.g. auditor, audit, data protection officer, IT security department, data protection auditors or quality auditors) or a suitable certification by IT security or data protection audit (“Audit Report”) instead of an inspection, if the Audit Report reasonably enables Customer to satisfy itself of compliance with the contractual obligations.

  • Contract duration and termination

The term and termination of this contract shall be governed by the provisions governing the term and termination of the main contract. Termination of the main contract automatically results in termination of this contract. An isolated termination of this contract is excluded.

  • Liability
  1. The exclusions and limitations of liability pursuant to the main contract shall apply to the Contractor’s liability under this contract. Insofar as third parties assert claims against the Contractor which have their cause in a culpable breach by the Client of this Agreement or of one of its obligations as a data protection officer, the Client shall indemnify the Contractor against these claims upon first request.
  1. The Client undertakes to indemnify the Contractor also against any fines imposed on the Contractor to the extent that the Client bears a share of the responsibility for the violation sanctioned by the fine.

  • Final provisions
  1. If individual provisions of this contract are or become invalid or contain a loophole, the remaining provisions shall remain unaffected. The parties undertake to replace the invalid provision with a legally permissible provision that comes as close as possible to the purpose of the invalid provision and meets the requirements of Art. 28 of the GDPR.
  1. In case of contradictions between this contract and other agreements between the parties, in particular the main contract, the provisions of this contract shall prevail.

Vaduz, on 01.10.2022

Contractor:

Equanimity AG

………………………………

Marcel Füssinger

Member of the Board of Directors

The customer:

XXX

………………………

XXX

Managing Director

………………………

XXX

Board of Directors


Annex 1 to the commissioned processing agreement: purpose, nature and scope of data processing, type of data and categories of data subjects

Purpose of data processing:  Identification
Nature and scope of data processing A short video recording of the person concerned is made. A document to be uploaded online by the person concerned (passport or driver’s license) is compared with the video recording to evaluate whether the person shown on the document is identical to the video recording (video identification).
Type of data Video recording, photo
Categories of persons concerned Customers of the client
Purpose of data processing:  Identification
Nature and scope of data processing The data submitted by the data subject also enables further queries regarding sanctions – sanctions lists from governments and international organizations. Politically Exposed Persons – Proprietary database of politically exposed persons derived from government lists, websites, and other media sources. Monitored Lists – Lists monitored by law enforcement and regulatory agencies (including terrorism, money laundering, and most wanted lists) Adverse Media – Negative events reported in public and widely available media sources matched.
Type of data Wallet address and all personal data that are due diligence relevant
Categories of persons concerned Customers of the client
Purpose of data processing:  Tokenization
Nature and scope of data processing After the data subject has settled the payment of the tokens, the personal data is forwarded to perform the necessary allocation of the tokens on the blockchain.
Type of data Wallet address and all personal data that are due diligence relevant
Categories of persons concerned Customers of the client


Annex 2 to the order processing agreement: Further processors

Company
Address
Type of
Processing
Purpose Type of data Categories of data subjects
Google Cloud: Google Drive and Gmail; Provider: Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland, a subsidiary of Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, USA; Privacy Policy: https://policies.google.com/privacy Storage space Email sending, data storage Google Analytics Customers of the client
Onfido: Identification Provider: Onfido Ltd, 77 Farringdon Rd London EC1M 3JU, UK; Privacy Policy: https://onfido.com/privacy/ Identification Identification Name, Surname, Email Address, Date of Birth Customers of the client
IDnow: Identification Provider: IDnow GmbH Headquarters Auenstraße 100 80469 Munich, Germany; Privacy Policy: https://www.idnow.io/de/datenschutzerklaerung/ Identification Idenfitication Name, Surname, Email Address, Date of Birth Customers of the client
Stripe Inc, 510 Townsend Street, San Francisco, CA 94103, USA; Privacy Policy: https://stripe.com/en-gb-sg/privacy Payment
processing
To make online payments Name, email address Customers of the client
Sendwyre.com: Wyre Payments, Inc, 1550 Bryant St, San Francisco, CA 94103, United States; Privacy Policy: https://www.sendwyre.com/privacy-policy/ Payment
processing
To make online payments Name, email address Customers of the client
Crypto.com: MCO Malta Dax Limited, Foris MT Limited; Privacy Policy: https://crypto.com/privacy/global Payment

processing

To make online payments Name, email address Customers of the client
Amazon Web Services: Amazon Web Services, Inc. 410 Terry Avenue North, Seattle, WA 98109, USA; Privacy Policy: https://aws.amazon.com/de/compliance/eu-data-protection/ Database + Storage Data-
storage
All personal data relevant to the duty of care Customers of the client
Volt Technologies Limited, High Street, Westbury On Trym, Bristol, United Kingdom, BS9 3BY; Privacy Policy: https://www.volt.io/privacy Payment
processing
To make online payments Name, email address Customers of the client
Bitrank: Blockchain Technology Group Inc, 1199 Pender Street W Suite 410 Vancouver, BC, V6E 2R1 Canada; Privacy Policy: https://bitrankverified.com/privacy Wallet check Checking the wallet on the blockchain Wallet address Customers of the client
Coinfirm: Coinfirm Limited 16 Great Chapel St, London, W1F 8FL, United Kingdom Registered in England: 10027965; Privacy Policy: https://www.coinfirm.com/privacy-policy/  Wallet check Checking the wallet on the blockchain Wallet address Customers of the client
Acronis: Data: Acronis International GmbH, Rheinweg 9 Schaffhausen, 8200 Switzerland; Privacy Policy: https://www.acronis.com/en-eu/company/privacy.html Data-
storage
Data storage in data center in Liechtenstein All personal data that are due diligence relevant Customers of the client
Twilio Inc, 375 Beale St #300, San Francisco, CA 94105, USA; Privacy Policy: https://www.twilio.com/legal/privacy SMS sending SMS with information are transmitted Name,
Phone number
Customers of the client
Mailgun: Mailgun Technologies, Inc, 112 E Pecan St #1135, San Antonio, TX 78205, USA; Privacy Policy: https://www.mailgun.com/privacy-policy/ Email sending Information sent by email Name, email address Customers of the client
Cashlink Technologies GmbH Deutsche Börse FinTech Hub Sandweg 94 60316 Frankfurt am Main Germany, Privacy Policy: https://cashlink.de/privacy-policy/ Tokenization Tokens are issued on the blockchain Wallet address and all personal data that are due diligence relevant Customers of the client
Signnow is a brand owned by airSlate, Inc. 1371 Beacon Street Suite 301 Brookline, MA 02446 United States, Privacy Policy: https://www.signnow.com/privacy_policy Signature Sign documents digitally Name, email address, wallet address and all personal data that are due diligence relevant Customers of the client
Skribble AG, Förrlibuckstrasse 190 8005 Zurich Privacy Policy: https://www.skribble.com/de-ch/datenschutz/  Signature Sign documents digitally Name, email address, wallet address and all personal data that are due diligence relevant Customers of the client
Back To Top