AMM (Bahamas) Ltd. (“IX Swap”, “we” or “us”) is a digital securities platform licenced in The Bahamas using blockchain technology and smart contracts, and we shall protect the privacy of your personal data in accordance with the Data Protection (Privacy of Personal Information Act), 2003 of The Bahamas (“PPIA”) and any other applicable laws.
The term “you” or “User” as used herein refers to any member, user or viewer of our Website, including, but not limited to, any issuer, sponsor or investor.
2. PERSONAL DATA COLLECTION
(a) How we receive and collect your Personal Data
We may receive and collect your Personal Data when:
- You visit our Website and register an account with us;
- You contact us through telephone, e-mail, customer support, social media or our Website;
- You fill forms on our Website/App requesting demonstration of our services or for joining our mailing lists;
- You respond to any e-mails or letters that we may send or any surveys that we may conduct;
- You conduct a transaction or fundraise or issue digital securities on our App;
- You enter into agreements with us or are referred to us by any of our business partners or third parties.
(b) Types of Personal Data we receive and collect from you
We may collect personal, financial, technical, legal and other data relating you, including but not limited to the following:
- Data required to verify your identity, such as your name, home address, telephone number, country of citizenship, date of birth and gender;
- Identity documents such as your passport, identity card, driving license and utility bill;
- Financial data necessary to assess your eligibility to invest in the projects listed on our App. Specifically, Users who are accredited investors may be required to provide financial information supporting their accredited investor status;
- Information about your investment preferences;
- Information from sponsors or issuers with regard to their project or purpose of fundraising;
- Information regarding the execution of contracts, consents or agreements with regards to the use of our services;
- Payment related information such as bank account, credit card or other payment method details;
- Data relating to wallets, keys and blockchain addresses;
- Information with regard to your source of funds;
- Information about your visits to and use of the Website to help us maintain the appropriate features, functionality and user experience;
- Names and email addresses of persons who contact us through our Website with questions about us or our App. We collect this information for the sole purpose of responding to such inquiries and do not store such contact information unless requested by such persons;
- To create an account on our Website, you must provide us with your name and a valid email address. You shall then be required to verify your identity, and you may choose to provide certain Personal Data to us to pre-populate our sign-up form.
We do not collect more Personal Data than is necessary for the purposes for which they are collected.
3. WEB-RELATED INFORMATION COLLECTION
When you visit our Website, we may send one or more cookies to your device. “Cookies” are small text files containing a string of alphanumeric characters that may be placed on your web browser when you visit our Website that may convey to us anonymous information about your preferences and how you browse our Website. However, cookies do not collect your Personal Data.
Please refer to http://www.google.com/policies/privacy/partners to find out more about how Google uses data when you use our Website and how to control the information sent to Google. You may prevent Google’s collection and processing of your Personal Data by using the Google Ads Settings page or downloading and installing Google’s browser plug-in (https://tools.google.com/dlpage/gaoptout).
In addition, we (or our service providers, such as Google Analytics) may also collect technical information related to your use of our services. This may include, but is not limited to,:
- Information regarding the web pages of our Website which you have accessed;
- The frequency of such access;
- Your product and service preferences;
- Your Internet Protocol (IP) address;
- Your browser type and version;
- Your internet service provider (ISP);
- Your operating system;
- Referring or exit pages;
- The dates and times that you visit our Website;
- The search terms you enter on our Website.
Such technical data may be used for administrative purposes to assess the usage, value and performance of our online products and services and with a view of improving user experience. As with cookies, the web surfing information collected is aggregated, anonymous “click stream” and transactional data, and is not associated with any Users as individuals.
4. PURPOSES OF COLLECTING PERSONAL DATA
The Personal Data we collect is required for legal, compliance or security purposes. Where possible, we shall inform you of the specific purpose for which such Personal Data is being collected.
We may use the Personal Data collected on our Website/App for the following purposes:
- For the specific purpose for which the information was volunteered;
- To provide you with the services available on our App including but not limited to services related to any digital securities offering or security token offerings;
- To carry out any instructions in respect of the issuance of digital securities;
- To set up your digital wallet;
- To establish your ability to view offering materials and to make investments through our App;
- To enable the service providers, legal and tax advisors, fund administrators and other relevant persons that we have appointed to continue to fulfill their obligations or provide services in respect of our App, including but not limited to processing Users’ Personal Data for purposes such as legal, regulatory, audit and tax analysis, compliance, anti-money laundering/counter-terrorist financing checks and due diligence;
- To provide you with alerts, newsletters, education materials or information that you have specifically requested;
- Promoting and marketing services and products subject to your right to opt-out;
- To communicate with you and respond to your queries;
- To process your application, inquiry or request;
- To verify your identity, conduct know-your-customer and other due diligence checks, as may be required;
- To guard against potential fraud and other illegal activities;
- To maintain regular communications with you as may be necessary to inform you of upcoming investment opportunities and other company updates;
- To conduct surveys, research and statistical analysis with the aim of helping us monitor or improve our services;
- To comply with the applicable laws or inquiries from regulatory authorities and enforcement agencies or in respect of legal proceedings;
- For any other purpose permitted by the applicable laws.
5. WHY YOU SHOULD PROVIDE US WITH PERSONAL DATA
In order to access/utilize our services, you need to voluntarily provide us with your Personal Data. It may be absolutely impossible for us to provide you with certain products and services in the absence of certain key Personal Data about yourself, including your identity document, email, name and telephone number. You acknowledge that if you withdraw your consent for us to process your Personal Data, then you acknowledge that we may exercise any rights we may have to refrain from or discontinue providing you with any or all of our services.
6. THIRD PARTY DATA
Our services are not directed at persons under the age of 18. If you are a parent or guardian and you become aware that your child has provided us with Personal Data without your consent, please contact us. We shall only process Personal Data of a child under the age 18 only where consent is given or authorized by the child’s parent or guardian. If we become aware that a child under the age of 18 has provided us with Personal Data without consent, we shall delete such information from our files, including any accounts that may have been created.
8. HOW WE SHARE YOUR INFORMATION
We do not sell Users’ Personal Data to third parties. We do, however, work with a number of trusted third parties who perform vital functions as part of our operations.
In addition to AWS and Hubspot, we work with (among others) providers of hosting services for our Website, electronic signature providers, electronic payment service providers and other service providers who provide information technology and system administration services to us. We may engage third parties to help us to carry out certain other internal functions such as account processing, client services or other data collection relevant to our business where examples of such third parties may include those that perform data processing, compliance checks, reporting, tax or legal documentation, digital asset custody or escrow services.
By using our Website or services, you consent for us to disclose your Personal Data to such third parties. Your Personal Data shall be shared with these third parties only to the extent necessary, including but not limited to performing services for you, making our services available to you or acting on your instructions. Such third parties shall be required to comply with any applicable data protection laws.
If you use our blog or other public forums on our Website, please note that any Personal Data you disclose on our blog or other public forums on our Website shall be available to other Users and you shall be deemed to acquiesce to any consequences of such disclosure that we would not be responsible for, which includes but is not limited to any wrongful use of such Personal Data by other Users.
We may also share your Personal Data in the following circumstances:
- With law enforcement or other government agencies;
- As required by the applicable laws;
- For the purposes of safeguarding the security of The Bahamas;
- For preventing, detecting or investigating offences;
- For protecting the international relations of The Bahamas;
- For preventing injury or damage, including in respect of our rights, property or personal safety or the rights, property or personal safety of Users or other persons;
- To comply with any judicial proceeding, order of a court or legal process;
- To assist government enforcement agencies;
- For obtaining legal advice or in respect of legal proceedings;
- To take precautions against liability, to investigate and defend against any third-party claims or allegations;
- To prevent or limit fraud;
- o protect the security or integrity of our Website or our services;
- To protect the rights, property or personal safety of IX Swap, its Users or any other person;
- With you or any person acting on your behalf;
- Made at your request or with your consent or the consent of any person acting on your behalf; or
- In connection with any corporate reorganisation or restructuring or merger of IX Swap.
Please also be aware that the use of the App, based on public blockchains, is intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of Personal Data, in particular when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks which are not controlled or operated by us, we are not able to erase, modify, or alter Personal Data from such networks.
9. NOTIFICATIONS AND COMMUNICATIONS FROM OUR WEBSITE
We may send you email notifications from time to time. These shall typically relate to your activities on our App or changes to various legal agreements or User policies. By using our services, you consent to receiving such service-related emails.
From time to time, we may also send surveys, requests for feedback, marketing offers or newsletters. Completing any surveys or requests for feedback or accepting any offer is strictly voluntary. If you do not wish to receive these offers, surveys or feedback requests, please select the opt-out option in any such survey, request, offer or newsletter you may receive from us.
10. LINKS TO OTHER WEBSITES
11. TRANSFERRING INFORMATION OVERSEAS
The entity responsible for the management and use of our Website/App and your personal is AMM (Bahamas) Ltd., a company incorporated in The Bahamas. However, your Personal Data collected through our Website/App may be transferred,stored and processed outside of The Bahamas where we will safeguard your Personal Data according to the applicable laws in such circumstances . By providing your Personal Data and using our Website/App, you consent to any such transfer of information outside of The Bahamas.
12. SECURITY POLICY
We shall limit access to your Personal Data to only our employees or third parties, as necessary, according to our legitimate business needs. We shall conform to industry standards and practices and maintain appropriate physical, electronic and procedural safeguards and controls to protect your Personal Data.
We shall treat the protection of your Personal Data with due regard and we shall take the appropriate security measures to prevent any unauthorised access to, or alteration, disclosure or destruction, or any accidental loss or destruction of your Personal Data. Unfortunately however, the transmission of information via the internet may not be completely secure due to factors beyond our control. Although we shall endeavour to do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data transmitted through our Website. In this regard, kindly beware that any Personal Data you choose to provide us with is at your own risk.
If your Personal Data is compromised as a result of a breach of our security measures, we shall promptly notify you of such a breach.
We will never send you an email asking you for your login information. In general, you can protect yourself against phishing by never providing personal or login information via a link contained in an email. Instead, please access our Website directly.
13. RETENTION OF YOUR PERSONAL DATA
We shall retain your Personal Data in an accurate form and for as long as you continue to use our services and our Website, and/or in compliance with the applicable laws.
For the residents of the European Economic Area (“EEA”) or United Kingdom (“UK”) (collectively, the “EEA/UK Users”), we shall process your Personal Data in compliance with the EU General Data Protection Regulation 2016/679/EU (“GDPR”). IX Swap will be the Data Controller (as defined under GDPR) and in certain circumstances, EEA/UK Users will have certain rights, including the following:
(a) Access to information
The GDPR gives EEA/UK Users the right to find out whether we are processing their Personal Data and, where that is the case, to receive a copy of the Personal Data we process. We will endeavor to provide EEA/UK Users with an account of their Personal Data in our possession or control within a reasonable time. Such account shall be in respect of how their Personal Data has been or may have been generally used or disclosed.
We reserve the right to charge EEA/UK Users a reasonable administrative fee for carrying out such a request. Where EEA/UK Users’ Personal Data is inseparable from the Personal Data of other Users, we reserve the right to withhold EEA/UK Users’ Personal Data if permitted by applicable law.
(b) Right to request rectification or erasure of Personal Data
EEA/UK Users have the right to request to amend any of their Personal Data at any time if inaccurate. If any of their Personal Data is incomplete, EEA/UK Users have the right to have such Personal Data rectified. EEA/UK Users also have the right to require us to delete their Personal Data as soon as possible, by emailing us at firstname.lastname@example.org, in one of the following circumstances:
- The Personal Data is no longer necessary for the purposes of which such Personal Data was collected or otherwise processed;
- The Personal Data has been unlawfully processed;
- The Personal Data must be erased for compliance with our UK or EU legal obligations;
- The Personal Data relates to a child under the age of 18;
- A EEA/UK User withdraws the EEA/UK User’s consent to us processing the EEA/UK User’s Personal Data and we have no other legal grounds for processing the EEA/UK User’s Personal Data.
Please note that it may take up to thirty (30) working days for any such request to be reflected in our systems.
(c) Right to restrict Personal Data
EEA/UK Users have the right to request to restrict the processing of Personal Data if EEA/UK Users think that such Personal Data is inaccurate, that we are processing such Personal Data illegally, or that we no longer need such Personal Data for the purposes for which such Personal Data was collected. While we consider such a request, we will stop processing such Personal Data within a reasonable time from the date we receive the request. We will notify EEA/UK Usersof our decision and any justifications for continuing to process such Personal Data as soon as we can.
(d) Right to withdraw consent
If we process EEA/UK Users’ Personal Data with such EEA/UK Users’ consent, such EEA/UK Users have the right to withdraw their consent at any time. This will not affect the legality of our processing of such Personal Data a up until the point at which consent was withdrawn. Please also note that we may still need to process such Personal Data on other grounds, for example to fulfill a contract with such EEA/UK Users or as required by law.
(e) Right to object
EEA/UK Usershave the right to object, at any time, on grounds relating to their particular situation, to the processing of their Personal Data. If we cannot demonstrate compelling legitimate grounds to continue processing such Personal Data, such processing will cease.
15. DATA PROTECTION OFFICER AND ACCESSING YOUR RIGHTS
We have appointed a data protection officer and if you wish to withdraw your consent to any or all use of your Personal Data, or request any amendment to, or restriction or erasure of, such Personal Data, or exercise any other of your rights, please contact email@example.com.
Do note that if you withdraw your consent to any or all use of your Personal Data or request for erasure of your Personal Data, depending on the nature of your request, we may not be in a position to continue to provide services to you, or administer any contractual relationship already in place between you and us. Any withdrawal of consent or request to erase your Personal Data may also result in the termination of any agreement you may have with us. Our legal rights and remedies in such an event are expressly reserved.
You may make a request to access and be supplied with a copy of your Personal Data kept by us. However, we may refuse any such request if there are reasons to do so, in accordance with the applicable laws.
16. GOVERNING LAW
Questions? Please email us at firstname.lastname@example.org.
Last updated: 11 January 2023