In this Policy, Services means the BF Wallet application, any feature provided by us via a website or any local wallet application (mobile desktop or otherwise), including without limitation wallet services or BF Global information services, but excluding API services, which are governed by a separate agreement.
When you access or use the Services, we collect the following information:
Information you provide to us:
You may give us information about you by filling in forms on our Wallet Application or through our app or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use the Services and when you report a problem with the Wallet Application or with our app. The information you give us may include your name, email address, virtual currency addresses, business card or other identifying document, mobile phone number, alias, password, mobile PIN code, and any other information you choose to provide. When you use the app to scan other user’s address in a form of a QR code, the data is processed in real time and no actual photographs are being taken nor stored.
Information we collect about you:
With regard to each of your visits to our Wallet Application or our app we automatically collect the following information:
Information we collect from other sources:
We also receive information from other sources and combine that with information we collect through our Services. For instance:
As it is in our legitimate interests to be responsive to you and to ensure the proper functioning of our products and organisation, we will use your information to:
We also reserve the right to use aggregated Personal Data to understand how our users use our Services, provided that those data cannot identify any individual.
We use Google Analytics which is a web analytics tool that helps us understand how users engage with the Wallet Application. Like many services, Google Analytics uses first-party cookies to track user interactions as in our case, where they are used to collect information about how users use our Wallet Application. This information is used to compile reports and to help us improve our Wallet Application. The reports disclose Wallet Application trends without identifying individual visitors. You can opt out of Google Analytics without affecting how you visit our site – for more information on opting out of being tracked by Google Analytics across all website you use, visit this Google page:https://tools.google.com/dlpage/gaoptout.
We will process your Personal Data legally and fairly and not use it outside the purposes of which we have informed you. So far as we are able we shall ensure that all of your Personal Data is accurate and up to date.
We use Firebase and Crashlytics which is a tool that helps us collect anonymous data for these third party services.
We also may share personal information with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of BF Global’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Data held by BF Global is among the assets transferred.
We shall require any third party, including without limitation any government or enforcement entity, seeking access to data we hold to have obtained a Court Order, or proof they are statutorily empowered to access your data and that their request is valid and within their power.
We protect Personal Data with appropriate physical, technological and organisational safeguards and security measures. Your Personal Data comes to us via the internet which chooses its own routes and means whereby information is conveyed from location to location. As such we cannot give any warranty or assurance that the means where information is conveyed to us are safe, reliable or have integrity. We audit our procedures and security measures regularly to ensure they are being properly administered and remain effective and appropriate. Every person of BF Global is committed to our privacy policies and procedures to safeguard Personal Data. Our site has security measures in place to protect against the loss, misuse and unauthorised alteration of the information under our control. More specifically, our server uses SSL (Secure Sockets Layer) security protection by encrypting your Personal Data to prevent individuals from reading these Data as they travel over the Internet.
The length of time we retain Personal Data outside our back up system varies depending on the purpose for which it was collected and used, as follows:
Except where prohibited by law, this period may extend beyond the end of the particular relationship with us but only for so long as we are contractually bound to do so, or so far as is necessary for audit or other accounting purposes. When Personal Data are no longer needed we have procedures either to destroy, delete, erase or convert it to an anonymous form.
If at any time we become subject to anti-money laundering or other regulatory requirements in respect of the Services, we will retain your Personal Data for such period as required by such regulations.
If you reside in the EU, BF Global stores your Personal Data at secure locations in the United States of America. BF Global has ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Data.
The information that we collect from you will be transferred to, and stored in, destinations outside of your country and the European Economic Area (EEA) as described below.
Adequacy Decision: The personal data that we collect from you will be transferred to, and stored at/processed in, the United States of America via encrypted communications channels and stored on hardware owned by BF Global for the purposes of providing the Services and disaster recovery, which were found to have an adequate level of protection for personal data under Commission Decision 2000/518/EC of 26 July 2000.
Model Clauses: The Personal Data that we collect from you will be transferred to, and stored at/processed in the United States of America via encrypted communications channels and stored on hardware owned by BF Global for the purpose of operation of Services and disaster recovery, under the Commission’s model contracts for the transfer of personal data to third countries (i.e., the standard contractual clauses), pursuant to Decision 2010/87/EU.
Privacy Shield: The Personal Data that we collect from you will be transferred to, and stored at/processed by, BF Global which complies with the US Department of Commerce's EU-US Privacy Shield and Swiss–US Privacy Shield and has certified that we adhere to the EU-US Privacy Shield Principles of Notice, Choice, Accountability for Onward Transfer, Security, Data Integrity and Purpose Limitation, Access, and Recourse, Enforcement and Liability. For more information about the EU-US Privacy Shield Framework and Swiss-US Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield wallet application.
If you are a user of the Services located in the EU, in certain circumstances, you have the right to access and receive a copy of information we hold about you, to rectify any Personal Data held about you that is inaccurate and to request the deletion of Personal Data held about you. Any access request after the first such request by you may be subject to a reasonable fee to meet our costs in providing you with details of the information we hold about you. You also have the right to data portability for information you provide to us – this means that you can obtain a copy of your Personal Data in a commonly used electronic format so that you can manage and move it. You may have the right to restrict or object to the processing of your Personal Data by us. You can exercise your rights by contacting us at [email protected].
In the event that you wish to make a complaint about how we process your Personal Data, please contact us in the first instance at [email protected] and we will endeavour to deal with your request as soon as possible. This is without prejudice to your right to launch a claim with the data protection supervisory authority in the country in which you live or work where you think we have infringed data protection laws.