Last Updated and Effective Date:  December 26, 2022

WE CARE ABOUT YOUR PRIVACY

This privacy policy (“Privacy Policy”) describes the policies and procedures of Tweed Payments Inc. (sometimes referred to as “Tweed,” “us,” “we,” or “our”).  This Privacy Policy relates to our information collection, use and disclosure practices on our websites and while providing our business services (collectively, the “Services”).  The creation of this Privacy Policy grows from our fundamental respect for your right to privacy and will serve to guide our relationship with you.  We value the privacy and security of your “personal data,” which as used herein means any information relating to an identified or identifiable natural person.  Information relating to our use of cookies and similar technologies is set out below in the section entitled Cookies. 

HOW YOU ACCEPT THE TERMS AND UPDATES TO THE PRIVACY POLICY

You consent to and agree to be bound by this Privacy Policy by expressly accepting the terms of the Privacy Policy or by using our Services.  From time to time, we will update this Privacy Policy as we adopt new practices and procedures related to your personal data.  Any changes to this Privacy Policy will be placed on our websites and will supersede this version.  If we make changes to this Privacy Policy, we will revise the “Last Updated and Effective Date” above.  Your continued use of our Services following the posting of changes constitutes your acceptance of such changes.  We encourage you to check back and review this Privacy Policy from time to time.

THE PERSONAL DATA WE COLLECT ABOUT YOU, THE REASON FOR THE COLLECTION, AND HOW WE COLLECT THE PERSONAL DATA

We may collect the following types of personal data from you when you use our Services and describe below the reasons why and how we collect such personal data. If you choose not to share certain elements of your personal data with us, we may not be able to offer you the Services or to serve you effectively.

• Automatically From Our Website.  When you visit our website, we may automatically collect information about your equipment, browsing actions and patterns (“Technical Data”).  We collect this Technical Data by using cookies and other similar technologies described more fully in the section below entitled Cookies.  Technical Data may include your Internet Protocol (“IP”) address, location, device identifier data, the type of device you use, your operating system and version, the Uniform Resource Locator (“URL”) of our web pages that you visit, the URLs of referring and exiting pages, the pages you view, the time spent on a page, the number of clicks made, the platform type, and generalized, non-specific location data.  We collect this information to communicate the content on our website to you, to recognize you, to learn more about the users of our website and their preferences, to customize and improve your experience on our website, for business and marketing purposes, and to administer and protect our business and website.

• Voluntarily Provided By You.  You may voluntarily provide us certain information about yourself through forms on our website, when creating an account, opening a wallet, participating in a transaction or if you contact us.  The personal data we may collect includes your name, date of birth, street address, email address, phone number, date of birth, government issued identification document number (i.e. social security number), government issued identification document information (i.e. passport), trading information (transaction amounts, recipient name, asset types, quoted prices of trades and wallet addresses), and other personal data you may provide in the course of your relationship with us. We may ask for additional personal data not listed here at the discretion of our compliance team as may be required for compliance with law, regulations or internal policies. We collect this personal data so that we may provide the Services, improve the Services, respond to your requests or questions, communicate with you about our Services, and/or address your customer service needs or concerns.

• Provided By Other Sources.  We may also collect your personal data from certain third parties who may refer us new business or who provide business functions essential to the Services. Such personal data may be related to identity verification and public blockchain data which allow us to comply with our legal obligations. Personal data may also be collected from third parties who may enhance our ability to provide relevant marketing and improve our Services. These providers of information may include public databases, data providers or social media platforms.

• Wallet Transactions.  While providing our wallet services, we may collect certain information about the recipient or sender of virtual currency, such as wallet address, name, email address, and other identifiers or contact information.  We collect this information so that we, or our third party servicers may provide the service and other business relations.   

HOW WE USE YOUR PERSONAL DATA

We use the personal data we collect or receive from or about you to:

• To provide the Services to you;

• To respond to your inquiries and fulfill your requests, such as to send you requested materials, as well as information and materials regarding our products and Services;

• To resolve disputes, collect fees, and troubleshoot problems;

• To send administrative information to you, for example, information regarding changes to our terms, conditions, and policies;

• To send you marketing communications, including via email and SMS in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you;

• To personalize your experience on our website or within the Services by presenting products and offers tailored to you;

• For our business purposes, such as data analysis, audits, fraud monitoring and prevention, developing new products, enhancing, improving or modifying our Services, identifying usage trends, determining the effectiveness of our promotional campaigns and operating and expanding our business activities;

• As we believe to be necessary or appropriate: (a) under applicable law; (b) to comply with legal process; (c) to respond to requests from public and government authorities including public and government authorities outside your country of residence; (d) to enforce our terms and conditions; (e) to protect our operations or those of any of our affiliates; (f) to protect our rights, privacy, safety or property, and/or that of our affiliates, you or others; and (g) to allow us to pursue available remedies or limit the damages that we may sustain.

SHARING OF PERSONAL DATA WITH OTHERS

We do not rent or sell your personal data. From time to time, we may need to share your personal data to assist us in providing the Services or with others, as described below. Any personal data that is shared with our affiliates or third parties, will be on as needed basis in order for such affiliate or third party to perform services on our behalf. 

• Service Providers.  We may share your personal data with service providers who perform various business functions for us, including but not limited to other third party payment services providers, sending email communications, fraud detection and prevention, cloud data storage, software and other technical services, marketing, customer care, or performing analytics. Service providers may not use your personal data for their own purposes, including promotional or marketing purposes.

• Affiliates. We may share your personal data with our affiliates for the purpose of any necessary collaboration.

• Protection of Our Business and Others.  We may share personal data when we believe it is appropriate to enforce or apply our Terms of Service and other agreements, or protect the rights, property, or safety of our business, our products and Services, our users, or others.  This includes exchanging information with other companies and organizations for fraud protection and risk reduction.  This does not include selling, renting, sharing, or otherwise disclosing personal data of our customers for commercial purposes.

• Legal.  We may share your personal data if necessary to: (1) comply with domestic and foreign laws; (2) comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by domestic and foreign authorities; (3) cooperate with law enforcement agencies concerning conduct or activity that we reasonably and in good faith believe may violate domestic or foreign laws; (4) exercise or defend legal claims; or (5) comply with legal, accounting or other consulting service au.

• Sale of Our Business.  We may transfer to a third party personal data as an asset that is part of a merger, acquisition, bankruptcy, or other transaction in which the third party assumes control of all or part of our business.

• Non-Identifiable Data.  We may share with others data that has been anonymized, de-identified, and/or aggregated.  Such data is not considered personal data because it no longer identifies you nor is it reasonably capable of identifying you.

• With Your Consent.  Other than as described above, we may share your personal data with others with your consent.

HOW WE PROTECT YOUR PERSONAL DATA

We have implemented and maintain reasonable security procedures and practices, and commercially reasonable technical and organizational measures, to ensure a level of security appropriate to the risk, to help protect your personal data from unauthorized access and exfiltration, theft, or disclosure.  However, no security system is perfect.  We will notify you if there is a breach of our security where required by law or deemed necessary.

RETENTION OF PERSONAL DATA

Your personal data will be retained for the time required to fulfill the purposes for which it was collected and processed, including for the purpose of satisfying legal, professional, contractual, regulatory, accounting or reporting obligations.  To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorized use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.

When we have no ongoing legitimate business or regulatory need to retain or process your personal data, we will either delete or anonymize the data. 

DIGITAL ASSETS

Be aware that bitcoin, ether, and other digital assets are not anonymous.  Anyone can see the balance and transaction history of any digital asset address (public key). We, and any others who can match your digital asset address (public key) to other information about you, may be able to identify you from a blockchain transaction. This is because information published on a blockchain can be correlated with information that we and others may have. This may be the case even if we, or they, were not involved in the blockchain transaction. Furthermore, by using data analysis techniques on a given blockchain, it may be possible to identify other information about you. As part of our security, anti-fraud and/or identity verification and authentication checks, we may conduct such analysis to collect and process such information about you. You acknowledge and agree to allow us to perform such practices.

COOKIES 

Cookies are files with a small amount of data that is commonly used as an anonymous unique identifier. These are sent to your browser from the website that you visit and are stored on your computer's hard drive.

Our website uses these "cookies" to collect information and to improve our Service. You have the option to either accept or refuse these cookies, and know when a cookie is being sent to your computer. If you choose to refuse our cookies, you may not be able to use some portions of our Service.

Some of the cookies used are provided to us by third party service providers to aid in the reporting of user behavior on our website. This behavior is analyzed to provide improved user experience. By visiting our website, or using our Services, you acknowledge and agree that we may collect and/or transmit any data collected to our third party service providers, who may also make use of such technologies (pursuant to their own data privacy practices). 

PERSONS UNDER THE AGE OF 16

Our website is not intended for or directed at persons under the age of 16 (“Minors”). In addition, we do not knowingly collect personal data from Minors.  If a parent or guardian of a Minor becomes aware that their child has provided us information without their consent, please contact us, as indicated in the “Contact Us” section below.  Please include an indication that your request is related to a Children’s Online Privacy Protection Act inquiry.  We will delete such information from our records within a reasonable time.

LINKS TO THIRD PARTY WEBSITES

Some portions of our website may contain links to other websites on the Internet that are neither under our control nor maintained by us.  Such links do not constitute an endorsement by us of those other websites, the content displayed therein, or the persons or entities associated therewith.  You acknowledge that we are providing these links to you only as a convenience, and you agree that we are not responsible for the content of such websites.  Your use of these other linked websites is subject to the respective terms of use and privacy policies located on the linked websites.

COMMUNICATION PREFERENCES

You may manage your receipt of marketing and communication emails from us by clicking the unsubscribe link located at the bottom of our marketing emails. You may also specify your communication preferences in your account. You may not opt out of receiving emails or notifications for certain elements of the Services, including communications related to your transactions. 

NOTICE TO CALIFORNIA RESIDENTS

California residents may exercise certain privacy rights under the California Consumer Privacy Act of 2018 (“CCPA”) regarding their personal data. We describe below the rights you may have if you are a California resident.

Right To Know About Personal Data Collected, Disclosed, or Sold

As a California resident, you may also have the right to request more information regarding the following topics for the preceding 12 months, to the extent applicable:

1. The categories and specific pieces of personal data we have collected about you.

2. The categories of sources from which we have collected your personal data.

3. The business or commercial purpose why we collected or, if applicable, sold your personal data.

4. The categories of third parties with whom we shared your personal data.

5. The categories of personal data that we have shared with third parties about you for a business purpose.

6. If applicable, the categories of personal data that we sold about you and the categories of third parties who received your personal data in the sale.

You may submit a request for the information above by emailing us at support@paytweed.com or by calling us at 1-302-401-4220. Once you contact us, we may need to confirm your identity to process your request.

Right To Request Deletion Of Your Personal data

You have the right to request that we delete the personal data we collected or maintained about you. Once we receive your request, we will let you know what, if any, personal data we can delete from our records, and we will direct any service providers with whom we shared your personal data to also delete your personal data from their records. 

There may be circumstances where we cannot delete your personal data or direct service providers to delete your personal data from their records. Some of these instances include, but are not limited to, if we need to: (1) retain your personal data to complete a transaction, provide a good or service, fulfill the terms of a written warranty, or to perform under a contract between us; (2) detect security incidents, protect against malicious, deceptive, fraudulent, or illegal activity, or prosecute those responsible for that activity; and (3) comply with the law.

You may submit a request for the information above by emailing us at support@paytweed.com or calling us at 1-302-401-4220. Once you contact us, we will need to confirm your identity to process your request.

Right to Opt-Out of the Sale of Personal data

We do not sell your personal data to third parties. As such, there is no need to submit a request for us to not sell your personal data

Right to Non-Discrimination for the Exercise of Your Privacy Rights

We will not discriminate against you for exercising any of your rights under the CCPA, as described above. 

Authorized Agent

You may use an authorized agent to submit requests on your behalf to exercise the rights above. When contacting us through the methods above to exercise any of the CCPA rights, please indicate whether you are an authorized agent, and we will provide you instructions on how we will verify and process your request.

NOTICE TO EUROPEAN UNION RESIDENTS

Controller

Tweed is the controller of the personal data handling practices described above.  You can contact us below, as indicated in the “Contact Us” section.

European Union Data Subject Rights

Under the European Union’s General Data Protection Regulation (“GDPR”), European Union data subjects have the rights described below, under certain circumstances and grounds, with respect to the personal data that we collect and process as a controller.

• Right to obtain confirmation as to whether your personal data is being processed, access to your personal data, and information regarding the processing;

• Right to rectify inaccurate or incomplete personal data concerning you;

• Right to erasure of your personal data;

• Right to restrict processing of your personal data;

• Right to object to the processing of your personal data;

• Right to object to decision making based solely on automated processing;

• Right to receive your personal data in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller (i.e., “data portability”);

• Right to unsubscribe from marketing materials;

• Right to withdraw consent to any consent-based processing activities; and/or

• Right to lodge a complaint with relevant supervisory or other authorities.

To file a request or take action on one of your rights, please contact us as indicated in the “Contact Us” section below.  You will not have to pay a fee to access your personal data (or to exercise any of the other rights).  However, we may charge a reasonable fee if your request is clearly unfounded, repetitive or excessive.  Alternatively, we may refuse to comply with your request in these circumstances.

We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).  This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it.  We may also contact you to ask you for further information in relation to your request to speed up our response.  We try to respond to all legitimate requests within one month.  Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests.  In this case, we will notify you and keep you updated.

This Privacy Policy does not create, extend or modify any of the foregoing rights under the GDPR.  

Purpose of the Processing

Generally, we will process your personal data: (a) where we need to perform the contract we are about to enter into or have entered into with you; (b) where it is necessary for our legitimate interests and your interests and fundamental rights do not override those interests; and (c) where we need to comply with a legal or regulatory obligation.  Please note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your personal data.  Please contact us, as indicated in the “Contact Us” section below, if you need details about the specific legal ground we are relying on to process your personal data under a given situation.  

Consequences of Failing to Provide Personal Data

It is optional for you to provide us your personal data.  However, if you do not provide us your personal data, you may not be able to receive some or all of our Services.

Special Categories of Personal Data

Unless specifically requested, we ask that you do not disclose to us special categories of personal data (e.g., race or ethnic origin, political opinions, religious or philosophical beliefs, trade-union membership, genetic/biometric/health data, or information regarding your sex life or sexual orientation).

International Data Transfers

Tweed has its headquarters in the United States.  Information we collect from you will be processed in the United States.  In the event that your personal data is transferred to processors outside of the European Economic Area (“EEA”), appropriate suitable safeguards or specific derogations recognized under data protection laws, including the GDPR, will be observed.

CONTACT US

If you have any questions regarding this Privacy Policy, please contact us by any of the following means:

By Email: support@paytweed.com

By Mail:  Tweed Payments Inc., 300 Delaware Ave. Suite 210 #392, Wilmington, DE 19801

By Phone:  1-302-401-4220