The Platform and our Services, including the Website (https://www.aobpro.com) and mobile application (“App”), is owned and operated by AO Bridge Inc, a company based in Vancouver, British Columbia, Canada (Money Services Business); and AO Bridge International, UAB, a company based in Vilnius, Lithuania (Virtual Asset Service Provider); hereinafter jointly referred to as “Aobpro” and/or “We” and/or “Us”).
For the purposes of this document, “User” and/or “You” means any individual who may access and/or create an User Account and use our Platform and its Services.
2. Data Controller and Data Processor
Aobpro is the Data Controller and Data Processor of your Personal Information, and its details are as follows:
Registered Money Services Business (MSB):
– Business Name: AO Bridge Inc.
– Incorporation number: BC1356964.
– MSB registration number: M22110836
– Address: 398-2416 Main St Vancouver, Bc, Canada V5T3E2.
– Phone Number: +1 (778) 300-1086.
– Website: https://www.aobpro.com.
– Email: email@example.com.
Registered Virtual Asset Service Provider:
– Business Name: AO Bridge International, UAB.
– Registration Code: 306095969.
– Address: Eišiškių Sodų 18-oji g. 11, LT-02194 Vilnius, Lithuania.
– Phone Number: +370 5 2668952
– Website: https://www.aobpro.com.
– Email: firstname.lastname@example.org.
4. Granting Consent
Aobpro does not collect Personal Information from you or any third party without the prior express consent of the owner of such information.
5. Information Collected by Us
The Personal Information collected by us will solely be used in reference to our Services. We will not share, sell, or trade this information to any third parties; however, your Personal Information may remain stored in our servers and its providers for the use of the Platform. This does not apply to information that is publicly available, which we may collect and display on our Platform.
We reserve the right to confirm and validate your Personal Information and any other information provided by you at any time. In the event that we determine that the information provided by you is unlawful, false, fraudulent, erroneous or incorrect (totally or partially), we may suspend and cancel your User Account, and/or not provide our Services to you.
We have the right to file a proceeding if you provide unlawful, false, fraudulent, erroneous or incorrect information, in addition to using any other legal remedy available according to applicable legislation.
The Information we collect from you when you use our Platform and Services is as follows:
a) Information about you:
We will collect the following information about you when you register on our Platform:
- Name and Last Name;
- ID Document/Passport;
- Email Address;
- Phone Number;
- Payment Method.
Please note that Aobpro may request additional identifying information and/or documents from you, at any time, to verify you comply with our eligibility requirements, including the applicable anti-money laundering laws and/or any other applicable laws or regulations.
b) Information collected automatically by us:
Strictly to provide our Services to you, we automatically collect the following Information about you:
- Device data, such as Device operating system type and version number, manufacturer and model, browser type, screen resolution, IP address, the website you visited before accessing and using our Website and Service.
- Geolocation data, such as your city, state, locality or geographic area.
- Online activity data, such as pages or screens you viewed on our Website; how long you stayed on a page or screen; navigation paths between pages or screens; information about your activity on a page or screen, access times, and access duration.
By registering on our Platform, you authorize us to conduct necessary investigations directly or through a third party to verify your identity or protect you and/or us from financial crimes, such as fraud. The information we require to verify your identity may include, but is not limited to, your name, email address, contact information, phone number, username, government-issued ID, and other information collected during account registration. When providing the required information, you confirm it is true and accurate.
You acknowledge and agree that your personal information may be disclosed to credit bureaus and agencies and/or appropriate government authorities, for fraud prevention or financial crime prevention, which may respond to our investigations in full.
6. Use of your Information
We use your Personal Information to:
- Identify you, in order to provide you with our Services;
- Allow you to access your User Account on our Platform;
- Allow you to carry out your trading operations, exchange and payments with crypto assets through our platform.
- Identifying usage patterns of our Platform and Services for identifying potential problems or avenues of improvement;
- Enable security features of the Platform and Services;
- Send you notifications of the system necessary for the operation of our Platform and Services;
- Answer your requests, inquiries and complaints about our Platform and Services;
- Send you marketing communications related to our Platform, and Services, as permitted by law;
- Monitoring your compliance with acceptable rules of use of this Platform;
- Identify possible traces of money laundering, financing of terrorism, fraud and other financial crimes;
- Comply with applicable laws and regulations.
7. Data Retention
We will retain the Information collected from you only for as long as is necessary to provide you with our Services. Such a period does not exceed 5 years from the cancellation or termination of your User Account for any reason.
However, please note that we will retain and use your Personal Information and any other information provided by you, to the extent necessary to comply with our legal obligations, as well as, resolve disputes and enforce our legal agreements and policies.
8. Data Rights
Your data rights are as follows:
a) Right to be Informed.
b) Right to Access.
You have the right to know how your Personal Information has been collected, and processed, just as what information about you we have stored, and for what purposes. For this reason, and upon your request, we will inform you or give you access to the Personal Information about you that we have stored to provide you with our Services.
c) Right to Data Portability.
You have the right to obtain a copy of your Personal Information in a structured, commonly used, machine-readable format, or (where technically feasible) to have it ported directly to another data controller, provided this does not adversely affect the rights and freedoms of others.
d) Right to Data Rectification.
You have the right to ask us to update and/or rectify and/or complete your inaccurate or incomplete Personal Information. Please note that notwithstanding that all reasonable efforts will be made by us to keep your Personal Information updated, you are kindly requested to inform us promptly of any change, error or inaccuracy in your Personal Information.
e) Right to Data Objection or Restriction (Opt-Out).
You have the right to object or request us to suspend the processing of your Personal Information (opt-out) when you have a legitimate interest (or those of a third party) and there is something about your particular situation that causes you to object the processing of such Information because it makes you feel it impacts your fundamental rights and freedoms. Please note that we only process your Personal Information when this is necessary to provide you with our Services and/or when it is necessary to comply with a legal obligation to which we are subject to, as when processing is necessary to protect your interests or those of another person or entity.
f) Right to Data Deletion.
You have the right to ask us to delete your Personal Information when it is not relevant to the purpose for which we collect it, once the period set forth in Section 7 above has elapsed. We may delete your Personal Information before the expiration of that period, when such information is not necessary, at our sole discretion.
Nevertheless, keep in mind, there may be legal obligations which may prohibit us from deleting all or part of the Personal Information held about you immediately at the time of the request, however, we will process your request at the earliest opportunity whenever the information retention period expires in accordance with Section 7 above.
9. How to Exercise Your Data Rights
You may exercise the rights described in Section 8 above, at any time, by contacting us at email@example.com or by contacting the Office of the Privacy Commissioner of Canada (https://www.priv.gc.ca) or the competent Supervisory Authority of your country.
Please note that we try to respond to all legitimate requests within 5 business days. We will verify your identity prior to responding to any request. Occasionally, it may take us longer if your request is particularly complex or you have made certain number of requests. In this case, we will notify you and keep you updated on the status.
10. Data Protection Officer
11. Protection of your Information
Aobpro guarantees the privacy, confidentiality and protection of your Personal Information, including any other data or information provided by you, and also guarantees that it has implemented physical and electronic security measures, as well as other appropriate administrative procedures to prevent unauthorized or unlawful access by third parties to such Information.
Our data protection and security practices include, but are not limited to:
– The continuous review and updates of our security policies and controls, as technology changes to ensure ongoing Information security.
– Implementation of reasonable and appropriate technical security measures to protect the Information we process, from unauthorized access, alteration, disclosure, loss or destruction.
– Application of the duty of confidentiality for any authorized personnel who processes the Information provided by you.
– Regular audits of the security measures of the Platform by requesting third party experts to review our security controls against international standards. These audits help us to further improve our security levels.
– All Information is encrypted in transit, and where possible specific fields are encrypted at rest using industry recognized cryptographic measures.
12. Disclosure or your Information
We are committed to notifying you, as soon as possible, in the event that we receive any legal request from a public authority, including judicial authorities, regarding your Personal Information within the limits established by applicable laws.
13. Information Shared with Third Parties
We do not use, share, sell and/or exchange any of your Personal Information with third parties for any purposes without your express consent. However, in order to enable you to use our Platform and Services, we may share your Personal Information with third parties that we hire to perform services or operate on our behalf as our service providers (“Data Processors”). In all cases in which we share your Personal Information with a third party for the purpose of providing you our Services, we will not authorize them to keep, disclose or use your information with others except for the purpose of providing the services we asked them to provide.
We are not responsible for the privacy and data protection practices of our service providers and/or any third party. However, we warrant that we have used reasonable efforts to determine that our Data Processors have adequate technical and organizational measures in place and are able to satisfy the privacy, security and data protection parameters used by Aobpro.
14. International Transfers of your Information
Aobpro is based in Canada and Lithuania, and offers its services globally. Its servers are located in these countries.
We process and store your information in Canada and Lithuania. However, our Data Processors may process and store your Personal Information in such countries and/or elsewhere.
15. Transferable Information Details (EU Residents)
The details of the Personal Information that we may transfer in accordance with Section 14 above are as follows:
– Data Controller: Aobpro.
– Data Processors: Aobpro and its service providers.
– Aobpro: Canada and Lithuania.
– Data Processors: Canada, Lithuania and/or other countries.
– Category of Data Subjects: Visitors and Users.
– Data Category: Personal Data
– Frequency of the Transfer: Each time an individual uses our Services.
– Nature of the Processing: Collection, process and storage.
– Purpose of Data Transfer and Processing: Provide our Services.
– Data Retention Period: 5 years in accordance with Section 7.
16. Regulations applicable to US Residents
16.1. California Consumer Privacy Act (CCPA)
We provide the following additional details regarding the categories of Personal Information about California residents that we have collected or disclosed in the past 12 months, in accordance with the California Consumer Privacy Act (CCPA), as described in this Section.
We collected the following categories of Personal Information:
– Identifiers, such as name and last name, address, contact information and online identifiers.
– Personal Information, as defined in the California customer records law, such as name, last name, address, and email address, and any other information that allows to identify a person individually.
– Internet or network activity information, such as browsing history, online behavior, and interactions with our and other websites, applications and systems;
– Device location and IP location; and
– Inferences drawn from any of the Personal Information listed above to create a profile or summary about you, such as an individual’s preferences and characteristics.
We collect this Personal Information from you and from other categories of sources: information received as part of routine card verification (fraud) checks; social networks; publicly available databases; and joint marketing partners, when they share the information with us.
We share this Personal Information with our service providers, data processors, business partners, auditors, advisors and public or government authorities.
We disclosed the following Personal Information to third parties (such as our service providers, data processors, business partners, auditors, advisors and public or government authorities) for our operational business purposes.
We do not “sell” Personal Information for purposes of the CCPA. For purposes of this Section about CCPA, “sell” means the disclosure of Personal Information for monetary or other valuable consideration but does not include, for example, the transfer of Personal Information as an asset that is part of a merger, bankruptcy, or other disposition of all or any portion of our business.
If you are a California resident, you may request that we:
(i) Disclose to you the following information covering the 12 months preceding your request:
– The categories of Personal Information we collected about you and the categories of sources from which we collected such Personal Information;
– The specific pieces of Personal Information we collected about you;
– The business or commercial purpose for collecting Personal Information about you;
– The categories of Personal Information about you that we otherwise shared or disclosed, and the categories of third parties with whom we shared or to whom we disclosed such Personal Information.
(ii) Delete Personal Information we collected from you.
We will respond to your request consistent with applicable law. Nonetheless, you have the right to be free from unlawful discrimination for exercising your rights under the CCPA.
(iii) Requests about your Personal Information.
If you are a California resident, you may make a request for the disclosures described above or make a request to delete Personal Information we collected from you, by contacting us at: firstname.lastname@example.org.
As of January 1, 2023, the amendment approved in California to the California Consumer Privacy Act, which will be renamed the California Privacy Rights Act (CPRA), will become effective. This amendment will add the rights to rectification and restriction of Personal Information, which you will be able to exercise as of that date, by sending us an email to the address referred to in the previous paragraph.
16.2. California Online Privacy Protection Act (CalOPPA).
The California Online Privacy Protection Act (CalOPPA) applies to any individual, entity or business operating websites that collect Personal Information from California viewers and/or consumers and/or users.
The CalOPPA defines as “personally identifiable information” the following: first and last name; physical address; email address; telephone number; social security numbers; details of physical appearance (height, weight, hair color); contact information; and any other information stored online that may identify an individual.
For the purposes of CalOPPA, we only collect the following “personally identifiable information” to provide you with our Services: name, last name, physical address, and email address.
Pursuant to CalOPPA, we agree to the following:
-You may visit our Platform anonymously.
16.3. Virginia Consumer Data Privacy Act (VCDPA).
The Virginia Consumer Data Privacy Act (VCDPA) will become effective on January 1, 2023.
The VCDPA applies to individuals and companies doing business in the State of Virginia or producing products or services directed to Virginia residents.
This Act defines Personal Information, any information that is linked or reasonably associated to an identified or identifiable natural person, but excludes de-identified data or publicly available information.
If you are a resident of Virginia, upon the entry into force of the VCDPA, you will have the right with respect to your Personal Information to request access to and correction of any inaccuracies in your Personal Information and to obtain a copy of your Personal Information.
You may also ask us to delete your Personal Information, in which case we will exclude your Personal Information from our records and will not process or use such Personal Information for any purpose, except as otherwise provided by law
Virginia residents are also entitled to opt out of the processing of Personal Information for the purposes of targeted advertising, the sale of Personal Information, or profiling in furtherance of decisions that produce legal or similarly significant effects concerning the consumer.
Once the VCDPA takes effect, you may send us your request about your Personal Information to the following e-mail address: email@example.com. We will respond to your request within 45 days of receipt.
-Purpose of processing your Personal Information;
-How you may exercise your rights, including how you may appeal our decisions about your Personal Information;
-Categories of Personal Information shared by us with third parties (Processors).
-Categories of third parties (Processors)
Claims and Appeals Process (as of the entry into force of the VCDPA)
You also may file your complaint or appeal with the Virginia Attorney General’s Office at 202 North 9th Street, Richmond, Virginia 23219, Phone: (804) 786-2071; or through the following website: https://www.oag.state.va.us/.
16.4. Colorado Privacy Act (CPA).
The Colorado Privacy Act (CPA) will become effective on July 1, 2023.
The CPA applies to State of Colorado residents and companies doing business in Colorado. This Act protects the privacy rights and personal data protection rights of Colorado residents.
In accordance with CPA consumer is defined as: “an individual who is a Colorado resident acting only in an individual or household context; and does not include an individual acting in a commercial or employment context, as a job applicant, or as a beneficiary of someone acting in an employment context”.
Under the CPA, Personal Information includes a Colorado resident’s first name or first initial and last name in combination with any other data, when such data are not encrypted, redacted, or secured by any other method rendering the name or the element unreadable or unusable.
Personal Information also includes:
A Colorado resident’s username or email address, in combination with a password or security questions and answers, that would permit access to an online account; and
A Colorado resident’s account number or credit or debit card number in combination with any required security code, access code, or password that would permit access to that account.
Personal Information does not include information that is lawfully made available to the general public from government records or widely distributed media.
If you are a Colorado resident, upon the entry into force of the CPA, you have the following rights regarding your Personal Information:
-The right to access any Personal Information about you collected by us.
-The right to have Personal Information collected from you that is incorrect or out of date corrected.
-The right to have Personal Information collected from you deleted,
-The right to portability of Personal Information.
-The right to opt-out of data processing for targeted advertising, marketing, or profiling using your Personal Information.
You may send us your request about your Personal Information to the following e-mail address: firstname.lastname@example.org. We will respond to your request within 45 days of receipt.
Claims and Appeals Process (as of the entry into force of the CPA)
You also may file your complaint or appeal with the Colorado Attorney General’s Office at Colorado Department of Law, Ralph L. Carr Judicial Building, 1300 Broadway, 10th Floor, Denver, Colorado 80203;Phone Number: (720) 508-6000; or through the following website:https://coag.gov/.
16.5. Connecticut Data Privacy Act (CTDPA)
The Connecticut Data Privacy Act (CTDPA) will become effective on July 1, 2023.
The CTDPA applies to individuals and entities that conduct business in the State of Connecticut or produce products or services that are targeted to residents of the state, and that control or process the personal data of Connecticut’s residents.
The CTDPA provisions apply to the personal information of Connecticut residents who are acting in an individual capacity (“Consumers”), excluding the individuals “acting in a commercial or employment context.” Information collected in the context of a business-to-business or employment relationship will not be covered by the CTDPA.
The CTDPA defines personal information as “any information that is linked or reasonably linkable to an identified or identifiable individual”, and excludes any de-identified or publicly available information.
If you are a Connecticut resident, as of the effective date of the CTDPA, you will have the following rights:
a) Access: You have the right to confirm whether a controller is processing your personal information and access such personal data, unless such actions would reveal a trade secret.
b) Correction: You have the right to correct inaccuracies in your personal information.
c) Deletion: You have the right to delete personal information provided by or about you
d) Data Portability: You have the right to obtain a portable copy of your personal information to the extent technically feasible and provided the controller will not be required to reveal any trade secret.
e) Opt-out of Certain Data Processing: You have the right to opt out of the processing of personal information for purposes of (i) targeted advertising, (ii) the sale of personal information or (iii) profiling in connection with automated decisions that produce legal or similarly significant effects concerning to you as a consumer.
You may send us your request about your Personal Information to the following e-mail address: email@example.com. We will respond to your request within 45 days of receipt, extendable once by an additional 45 days as reasonably necessary, considering the complexity and number of your requests.
Claims and Appeals Process (as of the entry into force of the CTDPA)
You also may file your complaint or appeal with the Connecticut Attorney General’s Office at 165 Capitol Avenue Hartford, CT 06106; Phone Number: 860-808-5318; or through the following website: https://portal.ct.gov/AG.
16.6. Utah Consumer Privacy Act (UCPA)
The Utah Consumer Privacy Act (UCPA) will become effective on December 31, 2023.
The UCPA applies to “controllers” and “processors” that conduct business in the State of Utah or produce products or services targeted to Utah residents, and who have an annual revenue of USD 25,000,000.00 or more.
The UCPA defines “controller” as “a person doing business in the State of Utah, who determines the purposes for which and means by which the personal data is processed, regardless of whether the person makes the determination alone or with others”; and “processor” as “a person who processes personal data on behalf of a Controller”.
The UCPA defines personal information as any “information that is linked or reasonably linkable to an identified or identifiable individual”, excluding de-identified, aggregated or publicly available information.
If you are a resident of Utah, as of the effective date of the UCPA, you have the right with respect to your personal information to:
a) Access and confirm whether a controller is processing their personal data;
b) Delete personal data that you provided to the controller;
c) Obtain a copy of their personal data provided to the controller to the extent it is feasible, portable, practical and usable while allowing the consumer to transmit the data to another controller; and
d) Opt out of processing for the purposes of targeted advertising or the sale of personal data.
You may send us your request about your Personal Information to the following e-mail address: firstname.lastname@example.org. We will respond to your requests within 45 days of receipt, extendable once by an additional 45 days as reasonably necessary, considering the complexity and number of your requests
Claims and Appeals Process (as of the entry into force of the UCPA)
You also may file your complaint with the Utah Department of Commerce Division of Consumer Protection at 160 East 300 South Salt Lake City, UT 84111; Phone Number: (801) 530-6601; Email: email@example.com; or through the following website:https://consumerprotection.utah.gov.
16.7. Children’s Online Privacy Protection Act.
The Children’s Online Privacy Protection Act (COPPA) is intended to prevent websites, apps, digital platforms and any online marketers from targeting children with deceptive campaigns that extract Personal Information from children.
For purposes of COPPA, we represent that:
– Our Platform and Services are not provided and do not exist for a commercial purpose to children under the age of 13;
– We do not in any way collect, any Personal Information from children under the age of 13 through our Platform;
– We do not provide our Services to other websites, mobile application and/or platforms by collecting information from users of websites, mobile applications and/or platforms that are directed to children; and
– We do not process, use, share, store, maintain, and/or disclose any Personal Information from children under 13.
If you are a parent or guardian who has discovered that your child under the age of 13 has submitted Personal Information to us, please notify us at: firstname.lastname@example.org. We will promptly delete the information submitted by your child under 13 from our records, once we receive such notification.
16.8. CAN-SPAM Act.
The Controlling the Assault of Non Solicited Pornography and Marketing Act of 2003 (CAN-SPAM Act), is a U.S. federal law regulating “commercial e-mail” which applies to any individual, entity or business that engage in any advertising/marketing of products or services via e-mail.
The CAN-SPAM Act sets forth the rules and requirements for commercial email and gives recipients the right to prevent or stop the sending of commercial or marketing emails to them.
We collect your name, last name, address, and email address, so we can:
– Send information, respond to inquiries, and/or other requests or questions.
– Process your requests about our Services and to send information and updates pertaining to thereon.
– Send you additional information related to our Services.
– Market to our mailing list or continue to send emails to you after any transaction.
– Email you free information and advertising certain Services we offer.
In compliance with CAN-SPAM Act, we agree to the following:
– We will not use false or misleading subjects or email addresses.
– We will identify the email message as an advertisement in some reasonable way.
– We will include our business mailing address and/or physical address in our emails.
– We will monitor third-party email marketing services for compliance.
– We will honor opt-out/unsubscribe requests quickly.
– We will allow Users to unsubscribe by using the appropriate link at the bottom of each email.
How to unsubscribe to our emails:
If at any time you would like to unsubscribe from receiving future emails, you may email us at email@example.com or follow the instructions at the bottom of any email you receive from us and we will promptly remove you from future correspondence(s). If you experience any problems unsubscribing, please email us to that email address listed here and we will promptly handle your removal.
A Cookie is a small text file that websites store via browsers on each user’s devices, upon prior consent, when they visit any website. Cookies are widely used in order to make websites work more efficiently and provide a better service and web features for their users. Cookies allow websites to identify and track their users, enabling them to recognize the user´s needs and preferences as well as provide them with security features.
Our Platform uses “First Party Cookies” set up by us, and “Third-Party Cookies” set up by our service providers and advertisers. Cookies and their use are described below.
a) First-Party Cookies.
These Cookies are directly stored by our Website and App. These Cookies allow us to collect analytics data, remember users settings, and perform other useful functions that provide a good experience to our visitors and Users (e.g. Strictly Necessary Cookies; Performance Cookies; and Functionality Cookies).
b) Third-Party Cookies.
These Cookies are created by third party websites that are not our Platform, including but not limited to our service providers and advertisers. These types of Cookies are usually used for online-advertising purposes and placed on any website through a script or tag. A Third-Party cookie is accessible on any website that loads the third-party server’s code. (e.g. Targeting Cookies).
d) Cookies Purpose.
– Identify you when you use our Platform and Services;
– Provide our Services;
– To allow you to access your User Account on this Platform;
– To store information about your transactions and operations on our Platform and to personalize our Services;
– Implement security measures to protect your Personal Information, including the prevention of fraudulent use of login credentials, and to protect our Platform and Services;
– Display advertisements that will be relevant to you; and
– Analyze the use and performance of our Platform and Services.
e) Cookies Control.
You may easily control Cookies usage through your browser settings. The help function in your preferred browser should provide you with the correct information. You may also visit the following website to obtain further information on Cookies and how to manage them:https://allaboutcookies.org/.
19. Governing Law and Jurisdiction
20. Contact Us
Last update: November 11th, 2022.