Legals

Privacy Policy

1. Introduction

This Privacy Policy (“Policy”) describes how Cloudpeak Systems s.r.o. (“Cloudpeak”, “we”, “us”, or “our”) collects, uses, stores, shares, and protects your personal information when you access or use the Empresex platform (“Platform”). The Platform includes all websites, web-based services, and mobile applications operated or controlled by Cloudpeak Systems s.r.o., a company incorporated under the laws of the Czech Republic, with its registered office at Na strži 1702/65, Nusle, 140 00 Praha 4, Prague, Czech Republic, and company registration number 21721769.

This Policy applies to all users of the Platform, including visitors, registered users, and any individuals who interact with our services, regardless of the means of access (desktop, mobile, or other devices). It is intended to provide you with a comprehensive understanding of our practices regarding the collection, use, and disclosure of your personal data, as well as your rights and choices in relation to your information.

For the purposes of this Policy, “Personal Data” means any information relating to an identified or identifiable natural person, as defined by the General Data Protection Regulation (GDPR) and other applicable data protection laws. This includes, but is not limited to, your name, contact details, identification documents, financial data, and any other data that can be used to identify you directly or indirectly. Information that has been irreversibly anonymized and cannot be used to identify a specific individual is not considered Personal Data under this Policy.

By accessing or using the Platform, you acknowledge and agree to the terms of this Policy. If you do not agree with any part of this Policy, you should refrain from using the Platform or providing us with your Personal Data.

2. Your Acceptance and Consent

By providing us with your Personal Data—whether through registration, use of our services, communication with our support team, or any other interaction with the Platform—you expressly acknowledge that you have read, understood, and accepted the terms of this Policy. You further consent to the collection, processing, use, and disclosure of your Personal Data as described herein and in accordance with any other agreements or terms that may apply between you and Cloudpeak Systems s.r.o.

Your consent is voluntary, but in some cases, the provision of certain Personal Data is necessary for us to provide you with access to the Platform or to fulfill our legal and contractual obligations. If you choose not to provide certain information, or if you withdraw your consent, you may not be able to use some or all of the features and services offered by the Platform.

We may request your explicit consent for specific processing activities, such as direct marketing communications or the use of cookies and similar technologies, where required by applicable law. You have the right to withdraw your consent at any time by contacting us at [email protected] or by using the opt-out mechanisms provided in our communications.

3. Information We Collect

3.1. Categories of Personal Data

We collect a wide range of Personal Data to ensure the proper functioning of the Platform, to comply with legal and regulatory requirements, and to provide you with a secure and personalized user experience. The types of Personal Data we may collect include, but are not limited to, the following:

A. Non-Personally Identifiable Information (Non-PII)

This category includes information that does not directly identify you as an individual but may be collected automatically as you interact with the Platform. Such information may include, but is not limited to:

- Device information (e.g., device type, model, operating system, unique device identifiers)

- Browser information (e.g., browser type, version, language settings)

- IP address and geolocation data (which may indicate your approximate location)

- Screen resolution and display settings

- Usage data and interaction logs (e.g., pages visited, features used, time spent on the Platform)

- Technical and diagnostic information (e.g., error logs, crash reports)

- Cookies and similar tracking technologies (see Section 11 for more details)

While Non-PII does not directly identify you, it may be combined with other information to enhance your experience or, in certain circumstances, may be used to identify you indirectly.

B. Personally Identifiable Information (PII)

This category includes information that can be used to identify you as an individual or that is of a sensitive or private nature. Examples of PII we may collect include:

- Full name (first name, last name, middle name, if applicable)

- Contact details (email address, phone number, residential address, mailing address)

- Date of birth and gender

- Nationality and country of residence

- Identification documents (e.g., passport, national ID card, driver’s license, government-issued documents)

- Photographs, video recordings, or biometric data (for identity verification purposes)

- Employment information (occupation, employer, position, place of work)

- Financial information (bank account details, cryptocurrency wallet addresses, tax identification number, proof of income, proof of assets, transaction history)

- KYC/AML documentation (source of funds, source of wealth, utility bills, proof of address, supporting documents)

- Communication records (correspondence with our support team, feedback, complaints, inquiries)

- Any other information you voluntarily provide to us in the course of using the Platform or communicating with us

3.2. Information Collected from Third Parties

In addition to information you provide directly, we may obtain Personal Data about you from third-party sources, including but not limited to:

- Publicly available databases and registers.

- Credit reference agencies and financial institutions.

- KYC/AML service providers and verification partners.

- Business partners, affiliates, and service providers.

- Government authorities and regulatory bodies.

We may combine information collected from these sources with information you provide to us, in order to verify your identity, prevent fraud, comply with legal obligations, and enhance the security and integrity of the Platform.

4. How We Collect Your Personal Data

We collect Personal Data through various means, including but not limited to:

- Directly from you: When you register for an account, complete forms, upload documents, communicate with our support team, or otherwise interact with the Platform.

- Automatically: When you use the Platform, we automatically collect certain information through cookies, log files, and other tracking technologies.

- From third parties: As described above, we may receive information about you from external sources to supplement and verify the data you provide.

4.1. Specific Collection Scenarios

- When you visit our Platform: We collect information sent to us by your computer, mobile phone, or other access device. This may include your IP address, browser type, operating system, device identifiers, and other technical data.

- When you register for our services: We collect information such as your name, email address, phone number, date of birth, residential address, and may request additional documents for identity verification.

- When you use our services: We collect information about your transactions, activities, and interactions on the Platform, including transaction amounts, dates, recipient details, and device information for fraud prevention.

- For fraud prevention and security: We may evaluate your device and behavior to identify malicious software or suspicious activity that could affect the security or availability of our services.

- Other interactions: We may collect additional information from or about you in other ways, such as through customer support communications, surveys, or feedback forms.

4.2. Purposes for Collection and Processing

We may collect, store, use, and disclose your Personal Data for the following purposes:

- To provide you with the services you have requested, including account creation, transaction processing, and customer support.

- To communicate with you about your account, transactions, and service updates, including sending statements, confirmations, and security alerts.

- To protect our users and the Platform from fraud, abuse, and other illegal activities, including monitoring for suspicious activity and enforcing our terms of service.

- To improve and develop our services and the Platform, including introducing new features, fixing bugs, and analyzing the effectiveness of our marketing campaigns.

- To deliver direct marketing, service update notices, and promotional offers, but only if you have opted in to receive such communications.

- To comply with applicable laws and regulations, including but not limited to anti-money laundering (AML), counter-terrorist financing (CTF), and Know Your Customer (KYC) requirements.

- To fulfill any other purpose for which you provide your consent or as otherwise permitted or required by law.

5. How We May Contact You

If you have registered for our services, we may contact you with periodic updates, service announcements, and promotional emails relating to the Platform and the products or services we offer. You may opt out of marketing communications at any time by following the unsubscribe instructions in our emails or by contacting us directly. However, you may not opt out of transactional or service-related communications, such as notifications about payments, withdrawals, or important updates to your account.

If you have expressed interest in a particular product or service, we may contact you in relation to that product or service by email, phone, text message, or postal mail.

6. Your Rights: Access, Correction, and Deletion

You have the right to access, review, update, correct, or delete your Personal Data that we hold, subject to certain exceptions as provided by law. You may exercise these rights by accessing your account settings or by contacting us at [email protected]. We will respond to your request within a reasonable period of time, and in any event within the timeframes required by applicable law.

6.1. Additional Data Subject Rights

In accordance with the General Data Protection Regulation (GDPR) and applicable data protection laws, you have the following rights regarding your Personal Data:

  • Right to be Forgotten: You may request the erasure of your Personal Data (“right to be forgotten”) where there is no compelling reason for its continued processing, subject to legal and regulatory retention requirements.
  • Right to Restrict Processing: You may request that we restrict the processing of your Personal Data in certain circumstances, such as where you contest the accuracy of the data or object to its processing.
  • Right to Data Portability: You have the right to receive your Personal Data in a structured, commonly used, and machine-readable format and to transmit that data to another controller, where technically feasible.
  • Right to Object: You may object to the processing of your Personal Data for direct marketing purposes or where processing is based on our legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
    To exercise any of these rights, please contact us at [email protected]. We will respond to your request in accordance with applicable law.

In some cases, we may need to verify your identity before processing your request to ensure the security and privacy of your information. We may also retain certain information as required or permitted by law, even if you request its deletion.

7. Circumstances Where We May Not Fulfill Your Request

There may be circumstances in which we are unable to accommodate a request to access, edit, update, or delete your Personal Data, including but not limited to:

- Where such request can be denied under applicable law.

- Where we need to retain the information to comply with legal, regulatory, accounting, or tax obligations.

- Where we are required to comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by authorities.

- Where we need to cooperate with law enforcement agencies concerning conduct or activity that may violate laws or regulations.

- Where we need to retain information to establish, exercise, or defend legal claims.

- Where the information contains legal privilege or proprietary information of another party.

- Where complying with the request would compromise the privacy or rights of others.

If we determine that we cannot respond to your request in a particular instance, we will provide you with an explanation of why that determination has been made and a contact point for further inquiries. To protect your privacy, we will take commercially reasonable steps to verify your identity before responding to any request under this provision, including complying with any applicable legal requirement for verifying your identity.

To the extent permitted by applicable laws, we reserve the right to charge you a reasonable fee for the handling and processing of your requests to access your Personal Data, where applicable. If we choose to charge, we will provide you with a written estimate of the fee. Please note that in many jurisdictions, we are not required to respond to or deal with your access request unless you have agreed to pay the fee.

8. Keeping Your Personal Data Accurate and Up-to-Date

We are committed to ensuring that the Personal Data we collect, use, and disclose is relevant, accurate, complete, and up-to-date. We encourage you to contact us to update any Personal Data we hold about you. If we correct information that has previously been disclosed to another entity, we will notify the other entity within a reasonable period of the correction. Where we are satisfied information is inaccurate, we will take reasonable steps to correct the information within 30 days, unless you agree otherwise. We do not charge you for correcting the information.

9. Sharing Personal Data with Third Parties

Your Personal Data may be disclosed to third parties for purposes described in this Policy or described in any other specific and additional privacy provisions that apply to certain products and services provided by the Platform. We may disclose your Personal Data to the following third parties (as distinct from the member of the Platform to whom you have provided your Personal Data):

- Our partners for the purpose of assisting us in the KYC process and providing any further support needed to use our services.

- Any third-party service providers carrying out functions for or on behalf of the Platform.

- Government agencies, law enforcement or regulatory agencies and bodies or other third parties as required by, and in accordance with, applicable law and regulations.

- Organisations involved in facilitating payments on our behalf, including banks, third party payment processors who process your credit card and other payment information and other financial institutions.

- An agent, contractor or service provider we engage to carry out functions and activities, such as our bankers, lawyers, accountants, debt collectors and other advisers.

- Other companies in the case of a merger, divestiture or other corporate re-organisation.

- Anyone else to whom you authorise us to disclose it or which is required by law.

- Any other third party with your consent or where authorised or required by law.

Where necessary (such as when we transfer data to service providers) we put in place appropriate contractual arrangements and security mechanisms to protect the Personal Data shared and to comply with our data protection, confidentiality and security standards and obligations.

10. Location of Your Personal Data

The Personal Data collected from you, as detailed in this Privacy Policy, may be transferred to, and stored at, servers located in countries outside your jurisdiction and countries according to our third-party providers’ standard contractual obligations.

It may also be processed by our suppliers, service providers, or partners’ staff operating outside your country.

We are committed to protecting your Personal Data. We will take appropriate steps to ensure that your Personal Data is processed and stored securely and in accordance with applicable privacy laws, as detailed in this Privacy Policy. Such steps include putting in place data transfer agreements or ensuring our third-party service providers comply with our data transfer protection measures.

By submitting your Personal Data through the Platform, you acknowledge, and agree, in a jurisdiction where such consent is required, to such transfer, storing and/or processing of Personal Data.

11. Cookies and Tracking Technologies

We use both first party and third party cookies when you access our Platform. Cookies are small text files placed in your computer browsers to store your preferences. Our Platform, and our third party partners, collect and store information that is generated automatically as you use it, including your preferences and anonymous usage statistics.

We collect information about your device and use tracking mechanisms such as cookies to:

- Facilitate customer use of our Platform.

- Enable customisation of our online services and website features.

- Avoid customer re-entry of data.

- Store customer preferences for certain kinds of information.

- Enhance security measures.

- Gather data about usage of our website and mobile applications for research and promotions.

We use cookies from third party service providers to facilitate website tracking and security measures and may share the information collected with third parties acting as our service providers, who are required to maintain the confidentiality of the information.

We use these cookies and other technologies on the basis that they are necessary for the performance of a contract with you, or because using them is in our legitimate interests (where we have considered that these are not overridden by your rights), and, in some cases, where required by law, where you have consented to their use.

12. Security

We take reasonable steps to preserve the security of Personal Data we collect. Your Personal Data is held in an environment with reasonable security measures in writing or electronically, or both.

We have implemented security procedures, controls, and protocols across all of our physical premises and electronic environments to minimise the risk of interference, loss, misuse, unauthorised access, modification, or disclosure of Personal Data.

However, due to inherent risks in transmission of information over the Internet or other methods of electronic storage, we cannot guarantee that unauthorised access or use will never occur.

We will comply with applicable law in the event of any breach of the security, confidentiality, or integrity of your Personal Data and will inform you of such breach if required by applicable law.

To the extent that we implement the required security measures under applicable law, we shall not be responsible or liable for unauthorised access, hacking, or other security intrusions or failure to store or the theft, deletion, corruption, destruction, damage, or loss of any data or information included in the Personal Data.

13. Data Retention

We will retain your Personal Data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. The specific retention period for your Personal Data will depend on the nature of the data and the purposes for which it is processed.

  • For most user account information, we retain data for the duration of your relationship with us and for a period of up to five (5) years after account closure or as required by applicable law (such as AML/CTF regulations). This retention period may be extended up to ten (10) years if required by applicable law.
  • Transactional and financial data may be retained for up to ten (10) years to comply with statutory obligations.
  • If you request deletion of your Personal Data, we will delete or anonymize your data unless we are required to retain it for legal, regulatory, or legitimate business purposes.
  • We periodically review our data retention policies to ensure compliance with applicable laws and to minimize the retention of unnecessary data.

14. Data Breach Notification

We comply with applicable data protection laws regarding data breach notifications. In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours of becoming aware of the breach. Where required by law, we will also notify you without undue delay if the breach is likely to result in a high risk to your rights and freedoms.
The notification to the supervisory authority will include the nature of the breach, categories and approximate number of data subjects and records concerned, likely consequences, and measures taken or proposed to address the breach.

15. Contact Us

If you have questions, concerns, or complaints regarding this Policy or the handling of your Personal Data, you may contact our data protection officer at [email protected].

Please include your name, contact information, and the nature of your concern/request so that we can appropriately respond to your communication.

16. Updates to This Policy

(a) This Policy is current as of the Effective Date set out above. We may change our Policy from time to time, so please be sure to check periodically. We will post any changes to this Policy on the Platform.

(b) To the extent required by all applicable laws, if we make any changes to this Policy that materially affect our practices, we will endeavour to provide you with notice in advance of such change. This notice may be provided through a push notification through the Platform (you should make sure your Platform settings allow for such push notification), email or other means. You are responsible for ensuring that your contact information is up-to-date so that we can effectively communicate with you.

(c) If you have any questions or concerns about this Policy, please do not hesitate to contact us.

Cloudpeak Systems s.r.o.

Na strži 1702/65, Nusle, 140 00 Praha 4, Prague, Czech Republic

Company ID: 21721769

Email: [email protected]