1. PREAMBLE

The security and protection of your Personal data is one of the top priorities of Rezo Five Spółka z ograniczoną odpowiedzialnością, a company duly incorporated under the laws of the Republic of Poland, with registration number (KRS Number) 0001012156 and with official address at ul. PIOTRKOWSKA, nr 116, lok. 52, miejsc. ŁÓDŹ, kod 90-006, poczta ŁÓDŹ, kraj POLSKA (hereinafter, “Rezo Five”, “the Company”, “We”, “our” or “us”) which operates a website hosted at the URL - www.rezofive.com (“Website”). The Company shall collect Personal data from both natural or legal persons who browse the Website (the “Visitors”) and from natural persons or legal persons who are Users of the Rezo Five platform (the “Users”).

2. INTRODUCTION

This Privacy Policy (“this Policy”) aims to protect the privacy and the fundamental rights of the Users when their Personal data are processed by the Company, such as the fundamental rights of the Visitors while they are browsing the Website. It further describes the ways Rezo Five, to whose services you have registered, collects, uses, stores, and discloses Personal data through its websites, mobile applications and other online products and services that link to this Policy (“Services”) or when Users otherwise interact with us. The Policy ensures that Rezo Five complies with applicable data protection laws and ensures that users are provided privacy protection. We encourage Users to read this Policy as it forms part of the relevant Rezo Five Terms and Conditions, Terms of Business and/or Terms of Use, as the case may be. The Company uses privacy by default and privacy by design standards and undertakes to store your Personal data in a secured manner and to process your Personal data with all appropriate care and attention in accordance with the Federal Data Protection Act (RS 235.1), the Ordinance on the Federal Data Protection Act (RS 235.11). Users accept this Policy by visiting our Website and/or by using our Services.

3. DEFINITIONS

a. Consent – shall mean any freely given, specific and informed indication of his or her wishes by which a Data subject signals agreement to the Processing of Personal data relating to him or her.

b. GDPR – shall mean General Data Protection Regulation Act.

c. Data Controller – shall mean the natural or legal person who (either alone or jointly or in common with other persons) determines the purposes and means of the Processing of Personal data and who is in charge of this Processing.

d. Data processor – shall mean any natural or legal person who processes the data on behalf of the Data controller.

e. Data subject – shall mean any natural or legal persons whose data is processed, whether it is a User or a Visitor.

f. Disclosure – shall mean making Personal data accessible, for example by permitting access, transmission or publication.

g. Personal data – (Personally, identifiable information) – shall mean any/all information that can be directly associated with a specific person and can be used to identify that person.

h. Personal data breach – shall mean a breach of security leading to the accidental or unlawful destruction, loss or alteration of – or to the unauthorized Disclosure of, or access to – Personal data transmitted, stored or otherwise processed.

i. Processing – shall mean any operation or set of operations – by automated and other means – that is performed upon Personal data or sets of Personal data, such as collecting, recording, organizing, structuring, storing, adapting or altering, retrieving, consulting, using, disclosing by transmitting, disseminating or otherwise making available, aligning or combining, or erasing.

j. Recipient – shall mean third, public authority, agency or other body – that is, someone or something other than the Data subject or the Company – to which the Personal data is disclosed.

4. APPLICATION OF THIS POLICY

The Company provides this Policy to describe its procedures regarding the Processing and Disclosure of Personal data collected by the Company while using the Website.

This Policy shall apply to any use of the Website, widgets, mobile applications and other platforms, whatever the method or medium used. It details the conditions at which, the Company may collect, keep, use and save information that relates to you, as well as the choices that you have made in relation to the collection, utilisation and Disclosure of your Personal data.

5. ACCEPTANCE

By browsing the Website, Visitors acknowledge that the Company may collect and process a certain number of Personal data that relate to them and that they have read and understood this Notice and agree to be bound by it and to comply with all applicable laws and regulations. Users acknowledge that the Company may collect and process a certain number of Personal data that relate to them and that they have read and understood this Policy and agree to be bound by it and to comply with all applicable laws and regulations. In particular, the Consent for the Processing of Personal data is given once the Visitor and/or the Users ticks the box in the pop-up window which says “I have read the Privacy Policy and agree to be bound by it.” The Consent is also given when Users freely submit to the Company, the Personal Data required to become a User. This latter understands and agrees that the Company is free to use these Personal Data within the limit provided by law and this Policy. If you do not agree with the terms of this Policy, please do not become a User and refrain from using the Website.

6. PRINCIPLES FOR PROCESSING PERSONAL DATA

While Processing Personal data, the Company will respect the following general principles:

a. Fairness and lawfulness – When we process Personal data, the individuals’ rights of the Data subjects must be protected. Personal Data must be collected and processed lawfully, in a fair manner, in good faith and must be proportionate to the objective.

b. Restricted to a specific purpose – Personal data handled by the Company should be adequate and relevant to the purpose for which they are collected and processed. This requires, in particular, ensuring that the types of Personal data collected are not excessive for the purpose for which they are collected. Subsequent changes to the purpose are only possible to a limited extent and require substantiation.

c. Transparency – The Data subject must be informed of how his/her Personal data is being handled. When the Personal data is collected, the Data subject must be informed of: the existence of the present Policy; the identity of the Data controller; the purpose of Personal data Processing; third parties to whom the data might be transmitted.

d. Consent of the Data subject – Personal data must be collected directly from the individual concerned and the Consent of the Data subject may be required before Processing Personal data. The Consent must be obtained in writing or electronically for the purposes of documentation. The Consent is valid only if given voluntarily. If, for any reason, the Consent of the Data subject is not given before Processing Personal data, this one should be secured in writing as soon as possible after the beginning of the Processing. Personal data can be processed without Consent if it is necessary to enforce a legitimate interest of the Company. Legitimate interests are generally of a legal (e.g. filing, enforcing or defending against legal claims) or financial (e.g. valuation of companies) nature. The Processing of Personal data is also permitted if national legislation requests, requires or allows this.

e. Accuracy – Personal data kept on file must be correct and if necessary, kept up to date. Inaccurate or incomplete Personal data should not be kept on file and deleted.

7. COLLECTION OF INFORMATION

This Policy applies to all information which is received during your visit to or use of the Website and/or when you become a User.

In particular, the Company will collect the following Personal data: visitors’ data:

When you browse the Website, even if you do not subscribe to our newsletter, do not become a User and do not contact us, the Company automatically: collects your cookies; uses Metropolises HubSpot; uses Twitter connect.

Users’ data:

Any information necessary for registration. In order to access the full functionality of the Service, you will be required to sign up or register for an Rezo Five Account of Services. When you go through the registration process, you shall provide an e-mail address, phone number and billing address which will be verified by way of a unique code which is sent to you. To ensure your safety, we require (for example in the case of KYC procedure) you to provide us with other Personal data which is collected and stored for purposes of our Services (such as, a copy of your Identification Document e.g. Passport, National Identity Card or Driver’s License). Information provided directly to us, such as Financial information, information provided to participate in any interactive features of our Services, fill out a form, make a purchase, communicate with us via third-party sites, request customer support or otherwise communicate with us. Transaction Information. For all personal user accounts, we collect transaction information including transaction history. Any Information which we may collect through automated means. Through use of our Services, including exchange tools, we also monitor and collect tracking information related to usage such as access date and time, login information, device identification, operating system, browser type and IP address. This information may be directed and obtained by us through third-party services.

We do not collect any information that may identify you without your permission

We further do not knowingly intend to solicit or collect Personal data from anyone under the age of 18 or under the legal age of your country, if it is higher (“Minor”). If you are under 18 or not of a legal age in your country, you should not download or use any of our Services from our Website and Services Platform nor provide any Personal data to us. If we become aware that a Minor has shared any information with us, we will delete such information. If you have any reason to believe that a Minor has shared any information with us, please contact us at support@rezofive.com.

You can update your Profile at any time by visiting the “account” page in the Settings menu or by contacting us on support@rezofive.com.

We recommend that you update their Profile regularly, to ensure that the Services offered to you are appropriate for your current circumstances. You further agree to update such information upon Rezo Five’s request, if we consider the provided information to be untrue, incorrect, incomplete and/or inconsistent with any information previously provided by you.

You acknowledge that we may rely upon such information and that you are responsible for any damages or losses which may result from any inaccuracies, including without limitation, the inappropriateness of our Services to Users Profile. You do not have to provide the information to complete your Profile, however if you choose not to, we may be unable to offer Rezo Five’s full functionalities to you.

8. USE OF INFORMATION

The following paragraphs describe the various purposes for which the Company uses your Personal data. Please note that not all of the uses below will be relevant to every individual.

a. Users’ data – We store and use the Personal Information we collect to provide, maintain, and improve our Website and Services. We use the Personal Information collected from the User to:

Maintain our Website and our Services. We use Personal Information to ensure that our Services function properly. Improve our Website and our Services. Personal Information helps our systems ensure that our interface is accessible for Users across all platforms. Comply with our regulatory and other legal obligations. In many jurisdictions we are obliged to collect certain information about our Users to be authorized to act (Know Your Customer and Anti-Money Laundering regulations). We are further obliged to obtain Personal Information in order to be able to aid during criminal investigations. Protect your assets. We may use information to identify you and the assets belonging to you in order to secure access to your accounts and prevent fraud. Information about your transaction allows us to monitor suspicious activity and protect you from fraud and scam activity. Administer transactions including chargebacks and payments. Monitor trading activity on Rezo Five, by detecting inconsistencies in payments and trades and looking out for potentially illegal activities. Determine whether a payment method is being abused. Investigate and to manage enquiries, disputes and legal proceedings and to comply with court orders, mandatory dispute resolution determinations and mandatory government authority or law enforcement orders or directions. Participate in crime prevention, legal and regulatory compliance and to assist regulatory, cybercrime, data and information protection agencies and police with their enquiries and enforcement, even if not compelled to do so. Resolve disputes and enforce our agreements to the extent necessary and sufficient for protecting your interests or interests of other Users. Develop and market other products and services. Send periodic e-mails. We may use the information we collect from you when you register or use certain other site features. This might be for security reasons, to ask your opinion about the Website, or to keep you updated on any changes to the services provided on the Website and our Services. We may also send periodic emails with news and Services updates or use this information to follow up with you post live chat or e-mail. Novate, transfer and assign any of the rights or liabilities of Rezo Five.

b. Collection of cookies – Cookies are files with small amounts of data, which may include an anonymous unique identifier. Cookies are sent to your browser from the Website and stored on your computer’s hard drive.

We use cookies to recognise your browser or device, learn more about your interests, provide you with essential features and services, and for additional purposes, including:

Recognising you when you sign-in to use our Services. Keeping track of your specified wallet addresses for improving user experience. Keeping track of transaction initiating process. Preventing fraudulent activity. Improving securing. Reporting. This allows us to measure and analyse the performance of our Services.

You can manage browser cookies through your browser settings. The “Help” feature on most browsers will tell you how to prevent your browser from accepting new cookies, how to have the browser notify you when you receive a new cookie, how to disable cookies, and when cookies will expire. If you disable all cookies on your browser, neither we nor third parties will transfer cookies to your browser. If you do this, however, you may have to manually adjust some preferences every time you visit a Website and some features on our Website may not work.

c. Use of Matomo – The Website uses Matomo, an Internet site analysis service. Matomo uses cookies which are text files placed on your computer to help to analyse the use made of the Website by its users. The data generated by the cookies concerning your use of the Website (including your IP address) will be forwarded to and stored by Matomo on servers located outside of Switzerland. Motamo will use this information to evaluate your use of the Website, compile reports on site activity for its publisher and provide other services relating to the activity of the Website and the use of the internet. Matomo may release these data to third parties if there is a legal obligation to do so or when the third parties process these data for the account of Matomo including, in particular, the publisher of the Website. Matomo will not cross-reference your IP address with any other data held.

You may deactivate the use of cookies by selecting appropriate parameters on your navigator. However, deactivation of this kind might prevent the use of certain functions of the Website. By using the Website, you specifically Consent to the Processing of your Personal data by Matomo under the conditions and for the purposes described above.

9. THIRD PARTY DISCLOSURE

We will not share personal information we hold about you except in the following circumstances:

Between and among Rezo Five, our current or future parents, affiliates, subsidiaries and other companies under common control and ownership. With professional advisors, vendors, consultants and other service providers such as payment service providers, IT hosting companies, banks and other financial institutions and credit reference agencies who need access to such information to carry out work on your behalf. In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of Rezo Five. Disclosure in accordance with, with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements. If we believe your actions to be inconsistent with our user agreements or policies, or to protect the rights, property and safety of Rezo Five. Where we have your consent.

In any case where cross-border transfer is done, the Company ensures that an adequate protection is guaranteed for Personal data to be transferred outside of Switzerland and the European Economic Area (hereinafter: the “EEA”). In some specific cases when this level of protection is not guaranteed, the Company will obtain your prior Consent or establish with the Recipient of Personal data a contractual framework or sufficient safeguards that ensure an adequate level of protection abroad. You may request access to a copy of these safeguards by contacting the Company.

We do not sell your personal information to third parties for their marketing purposes without your explicit consent. We may combine your information with information we collect from other companies and use it to improve and personalize the Services.

Unless otherwise stated, the third parties who receive data from the Company are prohibited to use this Personal data beyond what is necessary to provide the product or service to you, directly or by participating in the Company’s activities.

10. STORAGE OF YOUR PERSONAL DATA

Your Personal data will be stored in Europe. You agree that the Company may store your Personal data in any country of the EEA, including Switzerland.

The storage as well as the Processing of your Personal data may require that your Personal data are ultimately transferred/transmitted to, and/or stored at a destination outside of your country of residence, notably Switzerland. Where permitted by law, by accepting the terms of this Policy, you agree to such transferring, transmission, storing and/or Processing. You also agree that such activities may take place to or in countries offering a lower level of protection than your country of residence.

11. DATA RETENTION

In accordance with applicable laws, we will retain the data we collect from you for as long as is necessary for the purpose(s) for which we originally collected it, or for other legitimate business purposes including to meet our legal, regulatory, or other compliance obligations. The period for which we will retain Personal data will vary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation.

If you have an account with Rezo Five, we will store your Personal data for as long as you maintain that account, and after you cease holding an account, for as long as we are required to by laws and regulations that are applicable to us.

12. YOUR RIGHTS TO YOUR INFORMATION

In accordance with effective regulations, you have a significant number of rights related to your Personal data, including but not limited to:

The right to access and amend the Personal data we hold about you. You have the right to request a copy of the Personal data we hold about you. You have the right to correct or update your Personal data at any time. The right to delete the Personal data. You may request to remove the Personal data if you do not want to use our Services or want to have your Personal data erased, or you can request us to remove your account permanently. Should that be the case, requests could be fulfilled by the erasure of personal data to the extent permissible by the applicable law and regulations. In certain cases, we are obliged to store your information to be legally compliant. The right to restrict processing. You have the right to ask us to restrict the processing of your Personal data. When Processing is restricted, we can still store your information, but will not use it further. The right to object to the processing of your data. You have the right to object to our use of your Personal data for our own purpose at any time. In other words, you can withdraw your consent to the processing of your Personal data by us. In the event that you want to exercise this right, you may contact us. This right also includes the right to object to processing your Personal data for marketing and advertising purposes. The right to data portability. You have the right to receive Personal data you provide to us, in a “commonly used machine-readable format”. This allows you to obtain and reuse your information for your own purposes across different services. The right to lodge a complaint with a Supervisory Authority.

There are exceptions to these rights. For example, access to Personal data may be denied in some circumstances if making the information available would reveal Personal data about another person or if we are legally prevented from disclosing such information. In addition, where some of the Personal data is necessary to maintain our Website and Services or where that is a legal requirement, we may retain such information for the period it is needed or required even if you withdraw your consent or cancel your account. Such information will not be considered as subject to erasure.

These rights can be exercised by contacting us through our contact form or writing to us at: support@rezofive.com, attaching a copy of your ID. If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

The request is free of charge unless your request is unfounded or excessive (e.g., if you have already requested such Personal data multiple times in the last twelve months or if the request generates an extremely high workload). In such case, the Company may charge you a reasonable request fee according to applicable laws.

13. SECURITY AND INTEGRITY OF INFORMATION

The Company applies high industry standards and will always apply adequate technical and organisational measures, in accordance with applicable laws to ensure that your data is kept secure.

We protect your personal information by using date security technology and using tools such as firewalls and data encryption. Although we use certain security measures to help keep your personal information safe, we cannot guarantee that these measures will stop any Users from trying to circumvent the privacy or security settings on the Website and Services platform through unforeseen and/or illegal activity. Rezo Five makes no warranty, express, implied or otherwise, that we will preent such access.

We further require that you use a personal username and password every time you access your account online. As set out in Rezo Five Terms and Conditions, terms of business and/or use, you should never disclose your account password to unauthorized parties.

We restrict access to personal information at our offices so that only officers and/or employees with a legitimate business purpose can access it.

In the event of a Personal data breach, the Company shall without undue delay, and where feasible, not later than 72 hours after having become aware of it, notify the breach to the competent supervisory authority, unless said breach is unlikely to result in a risk to your rights and freedoms. If the breach is likely to result in a high risk to your rights and freedoms, the Company shall communicate this breach to you, if it is feasible, without undue delay.

14. PORTABILITY OF YOUR DATA

You also have the right to receive your Personal data, which you have provided to the Company with, in a structured, commonly used and machine-readable format and have the right to transmit that data to another controller without hindrance from the Company.

This right can be exercised by contacting us by writing to us at: support@rezofive.com, attaching a copy of your ID. If the request is submitted by a person other than you, without providing evidence that the request is legitimately made on your behalf, the request will be rejected.

The request is free of charge unless your request is unfounded or excessive (e.g. if you have already requested such Personal data multiple times in the last twelve months or if the request generates an extremely high workload). In such case, the Company may charge you a reasonable request fee according to applicable laws.

The Company may refuse, restrict or defer the provision of Personal data where it has the right to do so, for example if fulfilling the request will adversely affect the rights and freedoms of others.

15. Politically exposed natural person or PEP

The Company will, both at the time of the determination of the means for Processing and at the time of the Processing itself, implement appropriate technical and organizational measures, such as pseudonymization, which are designed to implement data-protection principles, such as data minimization, in an effective manner and to integrate the necessary safeguards into the Processing in order to meet the requirements of the GDPR and protect your rights.

The Company will implement appropriate technical and organizational measures for ensuring that, by default, only Personal data which are necessary for each specific purpose of the Processing are processed. This obligation applies to the amount of your Personal data We collect, the extent of their Processing, the period of storage and their accessibility. These measures will ensure that by default your Personal data are not made accessible without your intervention to an indefinite number of third parties.

16. DATA CONTROLLER

The data controller of the file is: Rezo Five Spółka z ograniczoną odpowiedzialnością, ul. HOZA, nr 86, lok. 410, miejsc. WARSZAWA, kod 00-682, poczta WARSZAWA, kraj POLSKA.

17. LINKS

The Website may contain links which direct you to third party sites. The Company rejects any liability relating to the privacy policy in force on said third party sites, the collection and use of your Personal data by the latter and relating to the contents of said sites (whether the links are hypertext links or deep-links).

Furthermore, the Data subject acknowledges and agrees that using our Website could imply downloading other applications. Under no circumstances shall the Company be liable for the utilization of these other applications, especially regarding to the Data protection rules.

18. JURISDICTION AND GOVERNING LAW

This Policy and any questions relating thereto shall be governed by the laws of the Republic of Poland, to the exclusion of any rules of conflict resulting from private international law.

Any dispute relating to this Policy must exclusively be brought before the courts of Warsaw, Poland.

19. CHANGES TO THIS POLICY

The Company may review and modify this Policy from time to time and will post the most current version on the Website. This will allow us to take account of changes to our operations or practices and further to make sure it remains appropriate with any developments and/or changes in law, technology and business environment. If a modification reduces your rights, a pop-up window will inform you immediately when you will browse our Website and you will have to accept the changes. By using the Services, you accept and agree to this Policy and the Terms of Use.

20. CONTACTING THE COMPANY AND COMPLAINTS

The Company hopes to be able to answer any questions or concerns you have about your Personal data.

You have the right to make a complaint if you feel your Personal data has been mishandled or if the Company has failed to meet your expectations. You are encouraged to contact the Company about any complaints or concerns, but you are entitled to complain directly to the relevant supervisory authority.

If you have questions about this Policy or to make a complaint about our compliance with applicable privacy laws, please contact us on support@rezofive.com.

We will acknowledge and investigate any complaint pursuant to this Policy.