Privacy Notice
- Scope
- This Privacy Notice (“Notice”) aims to give you information on how we collect and process your personal data through or in conjunction with your use of this website and our services.
- This Notice stipulates details and conditions of collecting and processing your personal details and provides you with information in accordance with the transparency principle and requirements under the applicable data protection laws.
- This Notice delineates the methods by which we acquire and handle your personal data via the digital interfaces and software programs associated with this Privacy Notification.
- com (the “Site”) is not intended for children and we do not knowingly collect data relating to children (below 18 years of age).
- By using our website, you consent to the data practices described in this Notice and all extensions and addendums to this Notice.
- Data Collection
- In accordance with the information we may gather regarding our users:
- Personal Data – means any information that identifies you as an individual or that relates to an identifiable individual. Whenever it is not possible or feasible for us to make use of anonymous and/or anonymized data (in a manner that does not identify any users of the Site or customers of our services), we are nevertheless committed to protecting your privacy and the security of your personal data at all times.
- Data obtained from you – We may collect from you, through interaction with you or through your interaction with us or our services different kinds of personal data about you which we have grouped together as follows:
- Registration Data provided by you including first name, last name, username or similar identifier, date of birth, territory applicable social security or similar identification number where permitted or required by law, gender, country.
- Contact Data includes permanent address, email address and telephone numbers.
- Identification and Verification Data (Anti-Money Laundering/Due Diligence/KYC data) that include your name, surname, permanent address and proof, age, nationality, proof of e-wallet ownership such as PayPal, PaySafe, etc., territory applicable personal identification where required or permitted by law, KYC documentation (e.g. ID card, Power of attorney).
- Payments Data includes bank/payment account details, as well as information pertaining to a transaction such as currency, location, amount/value, client IP, user ID, token.
- Transaction and Usage Data generated through your use of our services, including payments to and from you (deposits, withdrawals, failed deposits, and reversed withdrawals) and other details of services, date and time of the transactions, account balances, language, country, account balances.
- Log in Data includes internet protocol (“IP”) address, your logins (first log in/last login, last failed login), duration of logins, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform and other technology on the devices you use to access our services.
- Marketing Communications Data includes your preferences in receiving marketing from us (opt in/opt out), as well as your contact and registration data.
- Analytics data include various data generated with respect to your use of our website and services such as your user ID, language, location, browser data, campaigns utilized, channels used, device, payment provider, transaction and usage data and in case of online acquisition analytics also pages visited, postcards clicked, scroll depth, certain information is collected using cookies and/or similar tracking technology.
- Data obtained from different sources:
- For the purpose of Anti-Money Laundering (“AML”) and Countering Financing of Terrorism (“CFT”), we gather information about the user’s background from public sources where such information is available and permitted by the law. Additionally, we may obtain information from third-party providers, who are mostly private companies that work with public sources. This information includes whether the user is a politically exposed person, if any international or financial sanctions have been imposed, and any details regarding corporate or property ownership, court judgements, insolvency and taxation that are legally required or allowed in your region. We use a process called Open-Source Intelligence (OSINT) analysis, which involves collecting publicly available information from sources like Google, social media platforms such as Facebook, Twitter, Pinterest, Instagram, LinkedIn and other sources. This is done to establish the source of funds and wealth during the AML risk monitoring and due diligence process.
- To comply with our legal obligations stemming from applicable laws and (applicable) license conditions.
- Profile data (hobbies, interests) are also gathered by search of publicly available sources such as Facebook, LinkedIn, Twitter and Instagram, Google search.
- If you fail to provide data – In situations where we are required by law or a contractual agreement to collect personal data from you, and you refuse to provide this information, we may be unable to fulfill our obligations under the contract or initiate a contract with you. For instance, we may be unable to provide you with the services we offer.
- Username – Please make sure that your username does not contain any personally identifiable information, as the username is shared with certain partners and in the course of the sharing of the username, this is not, separately, considered personal data.
- In accordance with the information we may gather regarding our users:
- Why and How We Use Personal Data
- Our usage of your personal data will be in accordance with the law. Typically, we will employ your personal data in the subsequent circumstances:
- to allow you to participate in services and to provide ancillary products to you;
- to allow you access and use of the website;
- for legal and regulatory reasons, to comply with our legal obligations;
- for identification and verification purposes;
- to prevent and detect illegal or fraudulent behavior;
- for purposes that constitute a legitimate interest of Red Acre regarding direct marketing of its own similar goods and services via electronic mail; and
- for purposes that constitute a legitimate interest of Red Acre regarding direct marketing via live telephone calls or postal mail;
- for analytics purposes.
- We have set out below a description of the possible ways we plan to use your personal data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data.[1]
Purpose Data Category Legal Basis To identify you and verify you and to allow you to participate in services accordingly with the T&Cs Registration Data Contact Data
Log-in Data
§ Performance of the contract To allow your participation in the services Transaction and usage data § Performance of the contract To process and manage payment transactions Payment data Transaction and Usage data
§ Performance of the contract Compliance with legal obligations
To manage our relationship with you, to provide you with access to services and any ancillary products Registration Data Contact Data
Other Communication Data
Transaction and Usage Data
§ Performance of the contract Compliance with legal obligations
For AML/CFT and due diligence purposes Registration Data Contact Data
Identification and Verification Data
Transaction and Usage Data
§ Compliance with legal obligations To establish and investigate any suspicious behaviour in order to protect our business from any risk and fraud Registration Data Contact Data
Identification and Verification Data
Log in Data
Payments Data
Other Communication Data
Legitimate interest (detection and prevention of fraud) Direct Marketing of our own goods and services – including bonuses and offers Marketing Communication Data Legitimate interest (to promote our own service, to develop our business and enhance relationship) Consent
Social Media Marketing Contact Data Legitimate interest (to promote our own service, to develop our business and enhance relationship) Consent
Commercial business analyses for the creation of standards, periodical as well as ad hoc reports Transaction and Usage Data Analytics Data
Legitimate interest (to develop our products/services and grow our business) Web Analytics Transaction and Usage Data Analytics Data
Legitimate interest (to develop our products/services and grow our business) - Direct Marketing – In compliance with relevant laws and regulations and through a legitimate interest or with your consent, Red Acre may periodically notify you about similar products or services. This includes but is not limited to, new services and promotions, bonuses and offers. This notification may be conveyed through (i) electronic email (or SMS), or (ii) social media, or (iii) live phone calls, or (iv) postal mail, or (v) push notification (desktop and/or app).
- When relying on legitimate interest, Red Acre will give you the opportunity to oppose such direct marketing when registering on our Site.
- When relying on consent, the consent may be granted by you when registering on our Site.[2]
- Our usage of your personal data will be in accordance with the law. Typically, we will employ your personal data in the subsequent circumstances:
- Retention
- We will only retain your personal data for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting or reporting requirements.
- The criteria we use to determine what is ‘necessary’ depends on the nature of the particular personal data in question. Our normal practice is to determine whether there is/are any law(s) (for example license requirement, tax or corporate laws, etc.) permitting or even obliging us to keep certain personal data for a period of time (in which case we will keep the personal data for the maximum period indicated by any such law) and if not, whether there are any laws and/or contractual provisions that may be invoked against us by you and/or third parties and if so, what the prescriptive periods for such actions are. In the latter case, we will keep any relevant personal data that we may need to defend ourselves against any claim(s), challenge(s) or other such action(s) by you and/or third parties.
- Where your personal data is no longer required by us, we will either securely delete or anonymize the personal data in question.
- Recipients of Your Personal Data
- As Red Acre’s business partners, suppliers or service providers are responsible for certain parts of the overall functioning or operation of the website, services and other products, personal data are processed also by them for the above-mentioned purposes on behalf of Red Acre.
- We require all third parties to respect the security of your personal data and to treat it in accordance with the law. We do not allow our third-party service providers to use your personal data for their own purposes unless this is permitted or required by law and only allow them to process your personal data for specified purposes and in accordance with our instructions, after thorough vetting of these partners and on the basis of data processing agreement(s) as may be necessary.
- Details on the categories of recipients of the personal data:
- third-party providers for the purpose of provision of services;
- payment service providers to perform payment transactions (deposits and withdrawals);
- marketing suppliers to perform certain marketing activities on behalf of Red Acre;
- marketing partners to perform certain marketing activities on behalf of Red Acre;
- marketing consultants to provide marketing advice to Red Acre;
- service providers that enable communication with you (via email, chat, SMS, phone);
- technical suppliers to support functioning of the website and our technical systems (both front and back end);
- technical administrators of the database to maintain the functioning of the database;
- AML providers providing and/or processing certain data for the purposes of compliance with our AML obligations;
- cloud services providers for provision of cloud-based services such as storage or hosting certain software;
- service providers for the purpose of data analytics and/or business intelligence;
- credit rating agencies, fraud detection agencies and AML agencies for fraud detection and control purposes, in the processing of your member account and associated transactions;
- professional advisers including lawyers, bankers, auditors and insurers who provide consultancy, banking, legal, insurance and accounting services.
- If you are suspected to have breached our Terms and Conditions or any applicable laws (for example when we suspect that a crime may have been committed), or for the purpose of preventing, detecting or suppressing fraud or other criminal activity, Red Acre has a right to: (i) forward your personal data to the government authorities; (ii) share any of your personal data to the relevant authorities; (iii) share your personal data with relevant law enforcement and/or crime investigation bodies; (iv) respond to any Court subpoena or order or similar official request for personal data.
- Transfer of Your Personal Data
- The handling of your information involves processing activities occurring at the Company’s operating offices and at any other locations where the relevant parties participate in processing. Consequently, this information may be transferred to and stored on computers located outside of your state, province, country, or other governmental jurisdiction, where the data protection laws may differ from those in your jurisdiction.
- Red Acre will take all steps that may reasonably be necessary to ensure that your data is treated securely and in accordance with the applicable data protection legislation to which it is subject.
- In the event that it may be deemed necessary to transfer personal data outside the European Union, to jurisdictions that may apply a level of data protection lower than that adhered to in our reference data protection legislation, the Company will follow all procedures as described by the relevant data protection law, including but not limited to “adequacy decisions”, “standard contractual clauses”, “certification system”, etc.[3]
- Data Security
- We have implemented security measures to safeguard your personal data from accidental loss, unauthorized access, alteration or disclosure. To comply with the law, we employ industry-standard encryption techniques to encrypt data during transit and at rest, ensuring confidentiality and integrity at all times.
- In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a need to know business requirement. They will only process your personal data on our instructions or subject to a lawful ground, as well as their duty of confidentiality.
- Your Rights under the Data Protection Laws
- You have the right to request confirmation from us regarding the processing of your personal data and we will provide you with access to the following information with reasonable intervals:
- what personal data we have about you;
- the reasons why we are processing your data;
- the recipients to whom your data may have been disclosed;
- the duration for which we intend to keep your data (if possible);
- whether we transfer your data and the safeguards we have to protect your data;
- your rights with respect to your personal data;
- the process for making a complaint;
- the source of your personal data;
- whether we have used any automated decision-making or profiling and any related information.
- Right to Rectification – Although all reasonable efforts will be made to keep your personal data updated, you are kindly requested to inform us of any changes. To this end you have the right to ask us to rectify inaccurate personal data and to complete incomplete personal data concerning you. We may seek to verify the accuracy of the data before rectifying it.
- Right to Erasure – You have the right to ask us to delete your personal data and we shall comply without undue delay but only where:
- the personal data are no longer necessary for the purposes for which they were collected; or
- you have withdrawn your consent (in those instances where we process on the basis of consent) and we have no other legal ground to process your personal data; or
- you have successfully exercised your right to object (as explained below); or
- your personal data have been processed unlawfully; or
- there exists a legal obligation to erase the data to which we are subject; or
- special circumstances exist in connection with certain children’s rights.
- Right to Data Restriction – You have the right to ask us to restrict (that is, store but not further process) your personal data but only where:
- the accuracy of your personal data is contested (see the right to data rectification above), for a period enabling us to verify the accuracy of the personal data; or
- the processing is unlawful and you oppose the erasure of your personal data; or
- we no longer need the personal data for the purposes for which they were collected but you need the personal data for the establishment, exercise or defense of legal claims; or
- you exercised your right to object and verification of our legitimate grounds to override your objection is pending.
- Following our request for restriction, except for storing your personal data, we may only process your personal data:
- where we have your consent; or
- for the establishment, exercise or defense of legal claims; or
- for the protection of the rights of another natural or legal person; or
- for reasons of important public interest.
- Right to Data Portability – You can request us to give you your personal data in a format that is easy to read by machines, or directly transfer it to another data controller if possible without harming others’ rights and freedoms. This right only applies if:
- the processing is based on your consent or on the performance of a contract with you; and
- the processing is carried out by automated means.
- Right to Object to Certain Processing – In those cases where we process your personal data for the performance of a task carried out in the public interest or when processing is necessary for the purposes of the legitimate interest pursued by us or by a third party (as indicated in the Table in the clause 4.2 above), you shall have the right to object to processing of your personal data by us.
- When your data is processed for direct marketing purposes, you have the right to object at any time to the processing of your personal data, which includes profiling to the extent that it is related to such direct marketing.
- Right to Withdraw Consent – In situations where we handle your personal data based on your consent, we will never assume your consent but rather obtain it from you in a clear and explicit way. You have the right to withdraw your consent at any time and the process of doing so should be the same as providing it. If you decide to withdraw your consent, we will check if we have an alternative legal basis for processing your personal data, such as a legal obligation. If we do, we may still process your data without your consent and will inform you accordingly.[4]
- Right to lodge a Complaint – You are entitled to file complaints with the relevant data protection supervisory authority. If you reside in an EU member state, you can file a complaint with the data protection authority of that particular state. However, we request that you first attempt to resolve any issues with us before contacting the competent authority, even though you have the right to do so at any time, as mentioned above.
- You have the right to request confirmation from us regarding the processing of your personal data and we will provide you with access to the following information with reasonable intervals:
- Cookies
- Red Acre Site uses cookies, for further information on what cookies are, which cookies we use, how and why we use cookies and how you can control which cookies are dropped, please read our Cookies Notice.
- Links to Other Websites
- Our service may include links to external websites that are not operated by us. If you choose to click on a third-party link, you will be directed to their website. We highly recommend reviewing the Privacy Notice of every site you visit.
- Please be aware that we have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party websites or services.
- Changes to this Privacy Notice
- We reserve the right to update this Notice periodically. Any alterations will be communicated to you by publishing the revised Notice on this page.
- We will also notify you via email and/or provide a conspicuous notice on our service before the changes take effect.
- We strongly recommend that you review this Privacy Notice regularly for any updates. Changes to this Privacy Notice will be deemed effective upon their posting on this page.
- Contacting Us
- If you have any questions or concerns regarding this Privacy Notice, please do not hesitate to reach out to us using the contact information provided below.
- Contact Details Here
[1] Please note that the table sets out the general information about the personal data we process. Certain data categories and/or purposes may differ in different jurisdictions and/or brands under which Red Acre provides its services.
[2] Note that even if you object to receiving direct marketing materials, from time to time, we may still need to send you certain important communications from which you cannot opt-out.
[3] The General Data Protection Regulation establishes mechanisms such as adequacy decisions, standard contractual clauses, certification systems, etc. to ensure global data protection standards. These tools enable the lawful transfer of personal data outside the EU, safeguarding individual privacy while fostering international data flows.
[4] Note that while you can decline to provide us with your personal data, we may not be able to provide you with the services you requested if we need that information, especially if consent is the only legal ground we have available to us.