This Privacy Policy governs privacy of the Users (you, your, customer) of the https://trastra.com Website (“Website”) and app served and operated by us, Trastra (“we”, “us”, “our”) and describes what personal data (“Personal data”) is collected and how it is used, processed, stored and managed by us, under the applicable legislation, while you visit or use our Website, our Android and IOS mobile apps (“Apps”) and services (“Services”).
The reference to Trastra means the reference to Trastra EU, UAB, a company registered in Lithuania, official registration number 306044056 and having its official registered address at Gedimino pr. 44A-201, Vilnius, LT-01110, Lithuania (“Trastra”).
Before getting aware of this Privacy Policy, we advise you to carefully read our User Agreement, Cookies Policy, in order to get comprehensive insight into the terms and rules referred to our Website and our Services use.
This Privacy Policy is also treated as a privacy notice aiming to give you information on why and how we collect and process your Personal data.
If you use our Services, this means that you have read all the mentioned terms and rules. By consenting to use our Services, you expressly agree with this Privacy Policy and expressly consent to and agree with your Personal data processing as stipulated herein. Consent given by you under this Privacy Policy is treated as given in a written form.
This Privacy Policy shall be governed by, construed, interpreted, and enforced in accordance with the laws of the European Union. These provisions may be not applicable exclusively in cases where the applicable and governing law prevails or supersedes. If any provision of this Privacy Policy is, or is found to be, inapplicable or unenforceable under the law, that will not affect the applicability or enforceability of the other provisions of this Privacy Policy. If you do not agree with this Privacy policy, you should immediately refrain from using our Website, Apps and/or our Services.
We reserve the right to alter, vary and revise this Privacy Policy, whenever lawfully required or in view of marketing, commercial, technological, whatever upgrade or as we deem necessary, with considering the applicable law. Such revised or updated versions shall apply from the date of publication, unless otherwise expressly stated. By using our Website, Apps and any such revised or updated versions, you agree with and accept the terms of this Privacy Policy regarding the updates. If you disagree with any revision, alteration, or update, you must stop using our Website, Apps and/or our Services.
Website, App or application programming interface required to access Services, may include links to third-party websites, plug ins and applications(“Third Party Sites”). Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these Third Party Sites and are not responsible for their privacy statements and policies.
We may collect and process your Personal data, as follows:
Category of Personal Data
Details
Identity Data
Your e-mail address, first name, maiden name, last name, username or similar identifier, date of birth, gender, resident address, postal address, contact phone number, payment account number, trading account details, bank statements, source of funds and wealth.
Identity documents (national identity cards, passport, driving license or other forms of identification documents), proof of address documentation, occupation, employment industry, financial standing.
Biometrics
photo, video of Personal Data subject, other biometric identifiers and/or biometric information of Personal Data subject.
Financial data
bank account, payment card details, amounts associated with accounts, external account details, source of funds and related documentation.
Social identity data and Preference Data
information on referrals related to you, close connections, preferences, interests, favourites, risk assessment, compliance assessment.
Verification Data
Personal data which Trastra collects for the purpose of conducting Customer due diligence under applicable anti-money laundering laws, photo, direct video transmission recording.
Background Data
Trastra collects Personal data available in open source.
Transactional data
Personal data regarding your fiat, cryptocurrency payment transactions, transactions activity log, billing, payment details and other financial, crypto and settlement details obtained by us when you use our Services, in order to effect and administer your operations; opened, executed, not executed sale/purchase market / limit / stop-loss and other orders details, orders details, history; other details of any transactions you enter into using the Services, Website or App.
Device Data
Domain and host from which you access the Internet, operator and carrier data, your computer’s or other usable device’s IP address, device type, category and model, web browser type and the operating system software, unique IDs of your devices when you use Android and/or IOS mobile Apps, time zone setting, location data, language data, operating system and platform, diagnostics data such as crash logs and any other data we collect for the purposes of measuring technical diagnostics, and other information.
Profile and Usage Data
We collect your Personal data during your current and for future Website or Apps visits and use, as provided below in the Cookies section, login data.
Your username and password, identification number as our user, date and time you access our Website or Apps, address of the website from which you linked to our Website, Apps when you visit us, other information generated by you when you communicate with us, information about how you use Website, App, Services.
Marketing and Communication data
your preferences in receiving marketing from us or third parties, communication between Trastra and the Customer (inquiries submitted via the website, email, social media or chat), your survey responses, voice record of communication between you and us.
Please note that we may also ask you to prove ownership or control of a particular blockchain address. We are required to ask for this information to comply with anti-money laundering and counter-financing of terrorism requirements, and to ensure we safeguard against and report any suspicious activity.
Please be noted, that if you directly disclose your Personal data, or sensitive Personal data (such as, among others, racial or ethnic origin, political opinions, religious beliefs, physical or mental health, membership in any organizations, etc.), through public features, this information may be collected and used by other persons.
Furthermore, we consider certain categories of personal information to be sensitive, and such sensitive data requires additional safeguards. We will only collect, use, store, and transfer your sensitive data if we can meet both, the legal basis requirement and at least one of the required extra conditions.
The additional conditions are as follows:
For the purposes of the applicable law, we are Data Controller of your personal information and we will securely retain any data submitted by you to us and/or received by us otherwise.
We may use your Personal data, for the following purposes:
Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. If you need details about specific grounds for Personal Data processing by us, please contact us.
We will only use your Personal Data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us. If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
We may also need to process your Personal Data in connection with or during the negotiation of any merger, financing, acquisition, business transfer, assignment, bankruptcy, dissolution, transaction or proceeding involving all or a part of our shares, business or assets. This will be based on our legitimate interests in carrying out such transaction, or to meet our legal obligations.
We use different methods to collect information from and about you, including through:
Data security is highly important to us and to protect your Data we will organise and take all the necessary and appropriate measures and technologies to safeguard and secure your Data collected through this Website.
To use all features and functions of our Website, you may be required to submit certain Data, including password(s). You are responsible for keeping your password(s) confidential and safe.
While we seek to do our utmost to protect your Data, you need to keep in mind that transmission of any information over the Internet is not entirely secured and is implemented at your own risk and discretion. We, therefore, cannot ensure the security of your Data transmission to our Website or app, whenever that is beyond our reasonable control.
You undertake to notify us immediately of any unauthorized access or use of your account or any other breach of security by e-mail: [email protected] and we will notify You in case of a Data Breach occurrence which can lead to severe personal health and financial damages.
Depending on the nature of the risks presented by the proposed processing of your personal data, we will have in place the following appropriate security measures:
Security measures shall be applied in order to protect Personal data from involuntary or unauthorised processing, disclosure or destruction.
Unless we are obliged or permitted by law to do so, and subject to our relevant Third Parties business relationships (our partners, service providers, contractors, agents, financial institutions, social media, without limitation), we will not disclose your Personal data to any irrelevant Third Parties, for the purpose of security matters.
Personal data security is highly important to us and to protect your Personal data we will organise and take all the necessary and appropriate measures and technologies to safeguard and secure your Personal data collected through Website or Apps.
To use all features and functions of our Website or Apps, you may be required to submit certain Personal data, including password(s). You are responsible for keeping your password(s) confidential and safe.
While we seek to do our utmost to protect your Personal data, you need to keep in mind that transmission of any information over the Internet is not entirely secured and is implemented at your own risk and discretion. We, therefore, cannot ensure the security of your Personal data transmission to our Website or Apps, whenever that is beyond our reasonable control.
You undertake to notify us immediately of any unauthorized access or use of your account or any other breach of security by e-mail: [email protected] and we will notify You in case of a Data Breach occurrence which can lead to severe personal health and financial damages.
While there is an inherent risk in any data being shared over the internet, we have put in place appropriate security measures to prevent your Personal data from being accidentally lost, used, damaged, or accessed in an unauthorised or unlawful way, altered, or disclosed.
Your Personal data will be:
Trastra is relying on the following legal grounds when Processing Customer’s Personal data:
You have rights we need to make you aware of. The rights available to you depend on our reason for processing your Personal Data.
Trastra is providing Cryptocurrency related Services for the Customers, residents from the fixed list of jurisdictions could apply to Trastra for Services. Trastra is using automated decision making in the pre-contractual Processing in order to establish sufficiently whether the Customer is eligible to use Trastra’s Services.
Automated decision making refers to a decision which is taken solely on the basis of automated Processing of User’s Personal data. This means Processing using, for example, software code or an algorithm, which does not require human intervention.
During the onboarding process, the User is being asked for the address and personal ID. The automated decision making is necessary for entering into agreement with Trastra. The automated decision making is used in order to verify and accept or reject the Customer’s application to enter into a service agreement with Trastra. Upon rejection, Trastra will inform the User by email about the reasoning for rejection. In addition to Personal data processing for the purposes of client identification and verification, we will use document authenticity verification Services provided by an external vendor during the client onboarding process, including validation of KYC documentation, and information checking in national registers. For potential sanctions and politically exposed person (PEP) matches, as well as negative information in negative media, we shall use the vendor’s overnight screening Services.
For the purposes of implementing our legitimate interests within the AML/CTF framework, we may verify information relating to you against credible publicly available information sources, ensure monitoring of your transactions, orders and providing information to supervisory and investigative authorities in the cases provided by legal requirements; and ensure the maintenance of relevant registers.
Trastra may transfer your Personal data to third parties such as:
Your Personal data could be accessed as needed by and shared with our employees, contractors, agents, consultants or our authorized persons who are required to process this Personal data to perform their duties.
We may also be required to share your Personal data with various financial institutions, and/or law enforcement bodies and officials, supervisory authorities/ regulatory bodies, and financial crime investigation services, courts, in order to comply with applicable legislation, prevent fraud, or enforce an agreement we have with you. We may also share your Personal data in order to comply with applicable laws and regulations, to respond to a legal request from law enforcement, and to enforce an agreement we have with you.
On our Website and Apps we include or may include the references or links to the Third Parties websites. External links may be clickable texts, banners, image links to other websites, without limitation. We do not control outbound websites, nor take responsibility for their content, terms of service or any policies. This Privacy Policy governs only specifically this Website and Apps and does not extend to your use of other websites, even those of our partners and Service providers, social media, etc. We, therefore, advise you to review the privacy policy for other websites prior to using them.
Trastra has taken steps to ensure that these data recipients protect the confidentiality and security of Personal data, and to ensure that Personal data is Processed only for the provision of Service and in compliance with applicable law.
Such third parties may be located in countries outside of the European Economic Area (“EEA”) whose privacy regulations may differ and which are not in the list of countries with adequate level of data protection published by the European Commission. In those countries the security of the Personal data (inc. protection against misuse, unauthorized access, disclosure, alteration or destruction) may not be ensured as it is secured in the European Union, due to the lack of adequate data protection level.
However, when transferring collected Personal data outside of the EEA, Trastra shall ensure the application of the appropriate safeguards, like the standard contractual clauses and data processing agreements.
Our Website and Apps use Cookies (“Cookies”), small text files saved to your computer or device in order to customize and improve your experience while visiting and using our Website or App, according to our Cookies Policy. Our Website and Apps use a Cookies choice reservation allowing you to accept/enable or refuse/disable the use and saving of our Cookies on your computer or another usable device.
You can read more about Cookies by visiting our Cookies Policy.
We may have official profiles in social media networks. We advise you to verify the authenticity of such profiles before using them. We will never ask for your passwords or personal details in social media networks. When using the social media buttons, you do so at your own risk and discretion.
Any downloadable documents, files or media made available on and through our Website or Apps are provided to you at your own risk. While we stick to any measures regarding genuine downloads, we, however, advise you to verify the downloads authenticity, including by antivirus programs. We accept no responsibility for downloads from the Third Parties websites, external websites.
Where we informed you and where you agreed, we may use your Personal data to send you notifications about our Services, various profile news, updates regarding our activities by virtue of email newsletters mailing. Email mailings and marketing messages may contain technologies to track your activities. You may subscribe or unsubscribe of such mailing, contacting us by our e-mail or through details provided in that message.
Should you have any questions regarding this Privacy Policy, processing of your Personal data, please contact us at:
Data Protection Officer: [email protected]