Effective from: 25 August 2021
If you are visiting the Site from the European Union (EU), see especially our Notice to EU Data Subjects below for our legal bases for processing and transfer of your data (section 8).
We get information about you in a range of ways, including the following:
1.1 Information You Give Us.
Information we collect from you may include:
- 1.Identity information, such as your first name, last name or similar identifier, title, date of birth, gender, nationality, place of birth and occupation;
- 2.Passport and/or photo ID for identity verification purposes;
- 3.Contact information, such as your postal address, email address and telephone number;
- 4.Information required to comply with anti-money laundering (AML) laws and know-your-customer (KYC) requirements (such as nationality and place of birth);
- 5.Information required to comply with tax law requirements, such as your country of tax identification and tax identification number (TIN);
- 6.Profile information, such as your nickname, interests, preferences, feedback and survey responses;
- 7.Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Service, receive customer support or otherwise correspond with us;
- 8.Financial information, such as bank account number for cash withdrawal and the bank BIC number;
- 9.Transaction information, such details about transfers or purchases you make through the Service;
- 10.Usage information, such as information about how you use the Service and interact with us;
- 11.Marketing information, such as your preferences for receiving marketing communications and details about how you engage with them;
- 12.Technical information, such as your Ethereum wallet address and network information regarding transactions. Please note that your Ethereum wallet address is not collected by https://www.fiat24.com/ or the associated web-application (“Fiat24”);
- 13.Your GPS location at the moment of opening your account with Fiat24.
1.2 Information Automatically Collected
We may automatically record certain information about how you use our Site (we refer to this information as “Log Data“). Log Data may include information such as a user’s Internet Protocol (IP) address, device and browser type, operating system, the pages or features of our Site to which a user browsed and the time spent on those pages or features, the frequency with which the Site are used by a user, search terms, the links on our Site that a user clicked on or used, and other statistics. We use this information to administer the Service and we analyze (and may engage third parties to analyze) this information to improve and enhance the Service by expanding its features and functionality and tailoring it to our users’ needs and preferences. The IP address will be evaluated for clarification and defense purposes only in the event of an attack on the website(s)’ network infrastructure or in case of a suspicion of unauthorized or abusive use of the websites. It may further be used for identification purposes in criminal proceedings and in the context of civil and criminal proceedings against the concerned individual, as necessary and required.
1.3 Information we will never collect
We will never ask you to share your Ethereum private key or wallet seed. Never trust anyone or any site that asks you to enter your private keys or wallet seed.
2.1 To provide our service
In addition to the processing purposes already mentioned in section 1.1, we will use your personal information in the following ways:
- To enable you to access and use the Services incl. recording your Fiat24 account balance and transaction history in the Public Blockchain, Ethereum.
- To verify your identity.
- To provide and deliver products and services that you may request.
- To process and complete transactions, and send you related information, including purchase confirmations and invoices.
- To send information, including confirmations, technical notices, updates, security alerts, and support and administrative messages.
2.2 To comply with the law
We use your personal information as we believe necessary or appropriate to comply with applicable laws including anti-money laundering (AML) laws, know-your-customer (KYC) requirements, tax law requirements, lawful requests and legal process, such as to respond to subpoenas or requests from government authorities.
2.3 To communicate with you for marketing reasons
If we have obtained your consent, we use your personal information to communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners.
2.4 To optimize our platform
In order to optimize your user experience, we may use your personal information to operate, maintain, and improve our Services. We may also use your information to respond to your comments and questions regarding the Services, and to provide you and other users with general customer service.
2.5 With your consent
With your consent, we may use or share your personal information, such as posting your testimonials or endorsements on our website, or if you instruct us to take a specific action with respect to your personal information. You may withdraw your consent at any time by contacting us (see section 13).
2.6 For compliance, fraud prevention, and safety
We may use your personal information to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
- 2.Business Transfers. We may share personal information when we do a business deal, or negotiate a business deal, involving the sale or transfer of all or a part of our business or assets. These deals can include any merger, financing, acquisition, or bankruptcy transaction or proceeding.
- 3.Compliance with Laws and Law Enforcement; Protection and Safety. We may share personal information for legal, protection, and safety purposes.
- 1.We may share information to comply with laws, including KYC, AML, and tax law requirements.
- 2.We may share information to respond to lawful requests and legal processes.
- 4.We may share information in an emergency. This includes protecting the safety of our employees and agents, our customers, or any person.
- 4.Professional Advisors and Service Providers. We may share information with those who need it to do work for us. These recipients may include third party companies and individuals to administer and provide the Service on our behalf (such as bill and credit card payment processing, customer support, hosting, email delivery and database management services), as well as KYC/AML service providers, lawyers, bankers, auditors, and insurers.
- 5.Other. You may permit us to share your personal information with other companies or entities of your choosing. Those uses will be subject to the privacy policies of the recipient entity or entities.
- 6.Public Blockchain (Ethereum). Your Fiat24 account balance and transaction history is recorded in the Public Blockchain. It is therefore possible that your data on this Public Blockchain is visible to third-party users of the Public Blockchain.
We may also share aggregated and/or anonymized data with others for their own uses.
The Company’s own office is only in Switzerland and has service providers in the EU countries. Your personal information may be transferred to or from the Switzerland/EU to other locations outside of your state, province, country or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction, such us Singapore.
More important information also for cases in which Swiss Law is applicable is provided below about transfer of personal information outside of the European Economic Area (EEA) (section 10 f.).
In some circumstances we may anonymize your personal information (so that it can no longer be associated with you or used to identify you) in which case we may use this information indefinitely without further notice to you.
We employ industry standard security measures designed to protect the security of all information submitted through the Services. However, the security of information transmitted through the internet can never be fully guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data. Users of the Services are responsible for maintaining the security of any password, biometrics, user ID or other form of authentication involved in obtaining access to password protected or secure areas of any of our digital services. In order to protect you and your data, we may suspend your use of any of the Services, without notice, pending an investigation, if any breach of security is suspected.
You can request to change contact choices, opt-out of our sharing with others, and update your personal information and preferences. See for further information about your rights section 9 below.
We use Google Analytics, a web analysis service of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland respectively Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA. Google Analytics uses methods that allow an analysis of the use of the website, such as cookies. These generate information about your use of this website such as
- Navigation path that a visitor takes on the site,
- Length of stay on the website or sub-page,
- The sub-page on which the website is left,
- The country, region, or city from where access takes place,
- Device (type, version, colour depth, resolution, width and height of the browser window),
- Recurring or new visitors,
- Browser type/version,
- The operating system used,
- The referrer URL (the page previously visited),
- Host name of the accessing computer (IP address), and
- Time of the server query
The information is used in order to evaluate the use of the website, to compile reports on the activities on the website and to provide other services related to the use of the website and the Internet for the purposes of market research and tailor-made website design. Google may also pass this information on to third parties insofar as this is required by law or if third parties process the data on Google’s behalf. According to Google, no connection is ever made between the IP address and other data relating to the user.
Users can prevent the collection of the data (including the IP address) generated by the cookie and related to the website use by the respective user’s personal data by Google, as well as the processing of this data by Google, by downloading and installing the browser plug-in available under the following link.
An opt-out cookie is stored on your device. If you delete cookies, the link must be clicked again.
We use Google Tag Manager a service of Google Ireland Limited, Google Building Gordon House, 4 Barrow St, Dublin, D04 E5W5, Ireland, respectively Google Inc., 1600 Amphitheatre Pkwy, Mountain View, CA 94043-1351, USA, in order to manage cookies and pixels for tracking tools and other tools. The Tag Manager tool itself is a cookie-free domain and does not collect any personal data. Instead, the tool triggers other tags that may in turn collect data. If you have performed a deactivation at domain or cookie level, this remains in place for all tracking tags implemented using Google Tag Manager.
Some of the information you provide us may constitute sensitive data as defined in the GDPR (also referred to as special categories of personal data), including identification of your race or ethnicity on government-issued identification documents. For information on the processed data, please see section 1.1 to 1.3).
We only use your personal information as permitted by law. We are required to inform you of the legal bases of our processing of your personal information, which are described in the table below.
You have certain rights regarding your personal information. You may ask us to take the following actions in relation to your personal information that we hold:
- Opt-out. Stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you Service-related and other non-marketing communications.
- Access. Provide you with information about our processing of your personal information and give you access to your personal information free of charge.
- Correct. Update or correct inaccuracies in your personal information and to be informed of the correction. We will inform the recipients of the data concerned of the adjustments made, unless this is impossible or involves disproportionate effort.
- Delete. Delete your personal information in certain circumstances. In individual cases, the right to deletion may be excluded.
- Right to data portability. You have the right, in certain circumstances, to obtain from us, the personal data you have provided to us, free of charge and in a readable format.
- Right to lodge a complaint with a supervisory authority. if you are a resident of an EU or EEA Member State, you have the right to lodge a complaint with a competent supervisory authority about the way, in which your personal data is processed.
- Restrict. Restrict the processing of your personal information, under certain conditions.
- Right of withdrawal. <in principle, you have the right to withdraw your consent at any time. However, processing activities based on your consent in the past do not become unlawful as a result of your revocation.
Due to the nature of a Blockchain certain rights may be limited. However, we will do our best to grant you the rights by also taking into account all technical possibilities.
You can submit these requests by email to our data protection team at [email protected] We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your personal information or response to your requests regarding your personal information, you may contact us at [email protected] or submit a complaint to the data protection regulator in your jurisdiction.
For the sake of completeness, we would like to point out that the US authorities may take surveillance measures under US legislation that allow for the general storage of all data transferred from the European Union or Switzerland to the US. This is done without distinction, limitation or exception, on the basis of the objective pursued and without objective criteria that would allow limiting the access of the US authorities to personal data and their subsequent use to specific, strictly limited purposes justifying access to such data.
Furthermore, we would like to point out that there are no legal remedies in the USA for data subjects from EU Member States or Switzerland that would allow them to access the data concerning them and to obtain its rectification or deletion, and that there is no effective legal protection against general access rights of the US authorities. We expressly draw the data subject's attention to this legal and factual situation so that they can make an informed decision about consenting to the use of their data.
If you have any questions regarding data protection, if you would like to receive information or if you would like to request the deletion of your personal data, please contact us by email at [email protected]
Alternatively, you can write to: SR Saphirstein AG, Bellerivestrasse 245, 8008 Zurich, Switzerland.