Privacy Policy

Monexora Privacy Policy

Monexora (“Monexora,” “we,” or “us”) is committed to protecting the privacy of our customers, and we take our data protection responsibilities with the utmost seriousness.

This Privacy Policy describes how Monexora collects and processes your personal data through the Monexora website that are referenced in this Privacy Policy.

This Privacy Policy applies to all Personal data processing activities carried out by us, across website and departments of Monexora.

To the extent that you are a customer or user of our services, this Privacy Policy applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you, as the company serves both individual clients and legal entities.

Monexora Entity

The Monexora operating entity you contract with determines the means and purposes of processing your personal data about the services provided to you (typically referred to as a “data controller”). MONEXORA SPÓŁKA Z OGRANICZONĄ ODPOWIEDZIALNOŚCIĄ, a company duly incorporated in Poland, KRS 0001139914, REGON 540248555, with its registered office at ul. RONDO IGNACEGO DASZYŃSKIEGO, nr 2B, lok. W2410, 00-843, WARSZAWA, is the controller with primary responsibility for your personal data, including providing you with data and responding to any requests you may make under data protection law.

What Personal Data does Monexora collect and process?

Personal data is data that identifies an individual or relates to an identifiable individual. This includes data you provide to us, data which is collected about you automatically, and data we obtain from third parties.

Information you provide to us. In order to use Monexora Services, we will ask you to provide us with some data about yourself. This data is either required by law (e.g., to verify your identity and comply with “Know Your Customer” obligations), necessary to provide the requested services, or is relevant for certain specified purposes, described in greater detail below. In some cases, if we add services and features you may be asked to provide us with additional data.

Failure to provide the data required implies that Monexora will not be able to offer you, our services.

We may collect the following types of information from you:

Category of Personal Data	Types of Personal Data
Personal Identification Data.	Full name, e-mail address, gender, home address, phone number, date of birth, nationality, signature, utility bills, photographs, and a video recording of you.
Sensitive and Biometric Personal Data	Monexora may also collect sensitive personal data when permitted by local law or with your consent, such as biometric information, for example, to verify your identity by comparing the facial scan data extracted from your selfie or video with the photo in your government-issued identity document
Government Identifiers	Government-issued identity documents such as passports, national identification numbers, national identity card details, driver's license numbers
Institutional Information	Entity’s name, registration number, address, website, business activity, proof of legal formation, personal identification data for all material beneficial owners, personal data about the board of directors’ senior persons responsible for the operations of the body corporate etc.
Financial Information	Bank account information, payment card information, source of funding, source of wealth, documents confirming the source of funds and wealth
Transaction Information	Information about the transaction you make on our services, such as the name of the recipient, transaction description, your name and e-mail etc
Employment Information	Job title, salary wage rate, company, working history, documents confirming salary/wage, working history or CV etc.
Communications	Surveys responses, information contained in the Survey. Communications with us including call recordings with our customer services team.
Contact Information	E-mail address, country, region, phone number.

Information we collect from you automatically. To the extent permitted under the applicable law, we may collect certain types of information automatically, for example whenever you interact with us or use the services. This information helps us address customer support issues, improve the performance of our sites and services, maintain and or improve your user experience.

Information collected automatically includes:

Category of Personal Data	Types of Personal Data
Browsing Information	Device ID, browsing information such as name and version, IP address
Usage Data	Authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies or similar technologies. Information about how our Services is performing when you use them, e.g., error messages you receive, performance of the site information.
Marketing and Research Information	Identifiers – the IP address, or other online identifiers of a person, e-mail address is used for direct marketing, and name and address. Browser/web history data and preferences expressed through selection/viewing/purchase of goods, services and content, information about your mobile device including (where available) type of device, device identification number, and mobile operating system. Analytics and profiles of the individuals based on the data collected on them. Interests or inferred interests and marketing preferences.

From time to time, we may obtain information about you from our third parties’ sources as required or permitted by applicable law.

Information we collect from our third parties

Category of Personal Data	Type of Personal Data
Blockchain Data	We may analyse public blockchain data, such as transaction IDs, transaction amounts, timestamps, transactions, or events.

How Monexora uses cookies and other similar technology on this website

We can place cookies and other similar technology on your device, including mobile devices, in accordance with your preferences set on our cookie setting centre. Depending on your settings in our cookie consent manager on your mobile device, the following information may be collected through cookies or similar technology: your unique device identifier, mobile device IP address, information about your device’s operating system, mobile carrier, and your location information (to the extent permissible under applicable law).

Every time you visit the Monexora website, you will be prompted to accept or reject cookies, you can also tailor your selection.

Cookies are small text files that are placed into a user’s device when you visit a website, downloaded to your computer or mobile device when you visit a site and allow a site to recognize your device. Cookies stores information about the user’s visit, which may include content viewed, language preference, time and duration of each visit and advertisement accessed. Cookies managed by Monexora only are called “first party cookies” whereas cookies from third parties are called “third party cookies.”

Cookies are a useful mechanism that does a lot of different jobs, such as letting you navigate between pages efficiently, remembering your preferences and improving the user experience. There are different sets of cookies, and we will explain that later in this document.

We may use information collected from our cookies to identify user behaviour and to serve content and offers based on your profile, and for the other purposes described below, to the extent legally permissible in certain jurisdictions.
In other cases, we can associate cookie information (including information from cookies placed via our advertisements on third-party sites) with an identifiable individual.

The cookies used on Monexora sites have been categorized as per the table below. However, it is important to note that not all cookies may be used in all jurisdictions or websites. A list of the categories of cookies used on this website is set out below.

Category	Description
Strictly Necessary Cookies	These cookies are necessary for the website to function and cannot be switched off in our systems. They are usually only set in response to actions made by which amount to a request for services, such as setting your privacy preferences, logging in or filling in forms. You can set your browser to block or alert you about these cookies, but some parts of the site will not when work. These cookies do not store any personally identifiable information.
Performance cookies	These cookies allow us to count visits and traffic sources so we can measure and improve the performance of our site. They help us to know which pages are the most and least popular and see how visitors move around the site. All information these cookies collect is aggregated and therefore anonymous. If you do not allow these cookies we will not know when you have visited our site and will not be able to monitor its performance.
Functionality cookies	These cookies enable the website to provide enhanced functionality and personalisation. They may be set by us or by a third-party provider whose services we have added to our pages. If you do not allow these cookies some services may not function properly.
Targeting cookies	Targeting cookies can be used by these third parties to build a profile of your interests based on the browsing information they collect from you, which includes uniquely identifying your browser and terminal equipment. If you do not allow these cookies, you will still see basic advertising on your browser that is generic and not based on your interests

Processing of personal data conducted by Monexora.

Our primary purpose in collecting personal data is to provide our services in a secure, efficient, and smooth way. We use your personal data to deliver, provide, operate, our services, and for loss prevention and anti-fraud purposes. Below you will find an explanation of how we use.

Why does Monexora process my Personal Data?	Legal Basis for our use of personal information (EEA and Switzerland EU GDPR)
Managing our contractual relationship with you. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Contact Information, and Financial Information.	Processing is necessary for the performance of a contract to which you are a party.
To maintain legal and regulatory compliance Most of our core services such as the exchange services are subject to strict and specific laws and regulations requiring us to collect, use and store certain personal data and process Personal Identification identity information and in some cases Sensitive Personal Data. For example to comply with our Know Your Customer (“KYC”) obligations under applicable laws and regulations, and in particular to comply with Anti-Money Laundering laws and regulations. The Category of Personal Data is Personal Identification Data, Institutional Information, Sensitive and Biometric information, Government Identifiers, Contact Information, and Financial Information.	Processing is necessary to comply with our legal obligations under applicable laws and regulations, and Anti-Money Laundering laws and regulations.
Communicate with you on service and transaction-related matters. We use your personal data to communicate with you in relation to Monexora Services on administrative or account-related information. We will communicate with you to keep you updated about our Services for example, to inform you of relevant security issues, and updates, or provide other transaction-related information.	Processing is necessary for the performance of a contract to which you are a party.
To provide customer services: We process your personal data when you contact us to provide support with respect to questions, disputes, complaints, troubleshooting problems, etc. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Communications, Contact Information, Financial Information, Browsing Information, and Usage Data. Without processing your personal data for this purpose, we cannot respond to your requests.	Processing is necessary for the performance of a contract to which you are a party. Processing is necessary for the purpose of the legitimate interest pursued by us to improve our services and enhance our user experience.
To promote the safety, security, and integrity of our websites and services. We process your personal data to enhance security, monitor and verify identity or service access, combat malware or security risks and comply with applicable security laws and regulations. We process your personal data to find and address violations of our Terms and Conditions, investigate suspicious activity, detect, prevent, and combat unlawful behaviour, detect fraud, and maintain the integrity of our Services. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, and Usage Data. Without processing your personal information, we may not be able to ensure the security of our Services. We use your personal data to provide functionality, analyse performance, fix errors, and improve the usability and effectiveness of Monexora Services.	Processing is necessary for the performance of a contract to which you are a party.
To promote the safety, security, and integrity of our Services. Fraud prevention and detection and credit risks. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, and Usage Data.	Processing is necessary for the purpose of the legitimate interests pursued by us and the interests of our users when, for example, we detect and prevent fraud and abuse to protect the security of our users, ourselves, or others;
To provide Monexora services. We process your personal data to provide the services to you and process your orders. For example, when you want to use the exchange service with us, we ask for certain information such as your identification, contact information, and payment information. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, and Usage Data. We cannot provide you with services without such information.	Processing is necessary for the performance of a contract to which you are a party.
To improve our services. We process personal data to improve our services and for you to have a better user experience; The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Browsing Information, Usage Data.	Processing is necessary for the purpose of the legitimate interest pursued by us to improve our services and enhance our user experience.
To provide you with promotions We use your information to provide you with promotions, including offers, rewards, and other incentives for using our Services. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Transactional Information, Browsing Information, Usage Data.	Processing is necessary for the purpose of our legitimate interest and your interest to reward your customer loyalty.
To do research and innovate. We carry out surveys to learn more about your experience using our Services. We also use your information to support research and development and drive innovations in our Services and products. This information will also be used for Marketing purposes.	Processing is necessary for the purpose of our legitimate interest to improve and run our Services through information obtained from these surveys.
Cookies: where we use cookies and similar technologies as part of our Service. The Category of Personal Data processed is Information from Cookies.	Where required by applicable law, we rely on your consent to place cookies and similar technologies. When you consent to processing your personal information for a specified purpose, you may withdraw your consent at any time, and we will stop processing your personal information for that purpose. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal
To comply with other legal and regulatory obligations. We may access, read, preserve, and disclose information when we believe it is necessary to comply with law, legal obligations, regulations, law enforcement, government, and other legal requests, court orders, or disclosure to tax authorities. The Category of Personal Data processed is Personal Identification Data, Institutional Information, Financial Information, Transactional Information, Browsing Information, Usage Data, and Blockchain Data.	Processing is necessary to comply with our legal obligations under applicable laws and regulations. We may also rely on legitimate interests in responding to legal requests where we are not compelled by applicable law but have a good faith belief it is required by law in the relevant jurisdiction.

Automated individual decision-making, including profiling. Monexora does not rely solely on automated tools to help determine whether a transaction or a customer presents a fraud or legal risk.

Can Children Use Monexora Services?

Monexora does not allow anyone under the age of 18 to use Monexora Services and does not knowingly collect personal information from children under 18.

How and Why We Share Your Personal Data?

We may share your Personal Data with third parties if we believe that sharing your Personal Information is in accordance with, or required by, any contractual relationship with you or us, applicable law, regulation, or legal process.

We may also share personal data with the following persons or in the following circumstances:

Affiliates: Personal data that we process and collect may be transferred between Monexora companies as a normal part of conducting business and offering our Services to you.

Third-party service providers: We employ other companies and individuals to perform functions on our behalf. Examples include analysing data, providing marketing assistance, processing payments, transmitting content, and assessing risk. These third-party service providers only have access to personal information needed to perform their functions but may not use it for other purposes. Further, they must process the personal information in accordance with our contractual agreements and only as permitted by applicable data protection laws.

Legal Authorities: We may be required by law or by Court to disclose certain information about you or any engagement we may have with you to relevant regulatory, law enforcement and/or other competent authorities. We will disclose information about you to legal authorities to the extent we are obliged to do so according to the law. We may also need to share your information to enforce or apply our legal rights or to prevent fraud.

Business transfers: As we continue to develop our business, we might sell or buy other businesses or services. In such transactions, user information is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Policy (unless, of course, the user consents otherwise). Also, in the unlikely event that Monexora or substantially all of its assets are acquired by a third party, user information will be one of the transferred assets.

International transfers of Personal Information

To facilitate our global operations, Monexora may transfer your personal information outside of the European Economic Area (“EEA”), UK and Switzerland. The EEA includes the European Union countries as well as Iceland, Liechtenstein, and Norway. Transfers outside of the EEA are sometimes referred to as “third-country transfers.”

We may transfer your personal information to third-party partners, and service providers based throughout the world. In cases where we intend to transfer personal information to third countries or international organisations outside of the EEA, Monexora puts in place suitable technical, organizational, and contractual safeguards (including Standard Contractual Clauses), to ensure that such transfer is carried out in compliance with applicable data protection rules.

We also rely on decisions from the European Commission where they recognise that certain countries and territories outside of the European Economic Area ensure an adequate level of protection for personal information. These decisions are referred to as “adequacy decisions.”

How Secure is My Information?

We design our systems with your security and privacy in mind. We have appropriate security measures in place to prevent your information from being accidentally lost, used, or accessed in an unauthorised way, altered, or disclosed. We work to protect the security of your personal data during transmission and while stored by using encryption protocols and software. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.

Customers’ rights
Subject to applicable law, as outlined below, you have a number of rights in relation to your privacy and the protection of your personal data. You have the right to request access to, correct, and delete your personal data, and to ask for data portability. You may also object to our processing of your personal data or ask that we restrict the processing of your personal data in certain instances. In addition, when you consent to our processing of your personal data for a specified purpose, you may withdraw your consent at any time. If you want to exercise any of your rights please contact us using info@monexora.com, rights may be limited in some situations - for example, where we can demonstrate we have a legal requirement to process your personal data.

Right to access: you have the right to obtain confirmation that your personal data are processed and to obtain a copy of it as well as certain information related to its processing;

Right to rectify: you can request the rectification of your personal data, which is inaccurate, and also add to it. You can also change your personal information in your account at any time.

Right to delete: you can, in some cases, have your personal data deleted;

Right to object: you can object, for reasons relating to your situation, to the processing of your personal data. For instance, you have the right to object where we rely on legitimate interest or where we process your data for direct marketing purposes;

Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal data by us, provided there are valid grounds for doing so. We may continue to process your personal data if it is necessary for the defence of legal claims, or for any other exceptions permitted by applicable law;

Right to portability: in some cases, you can ask to receive your personal data which you have provided to us in a structured, commonly used, and machine-readable format, or, when this is possible, that we communicate your personal data on your behalf directly to another data controller;

Right to withdraw your consent: for processing requiring your consent, you have the right to withdraw your consent at any time. Exercising this right does not affect the lawfulness of the processing based on the consent given before the withdrawal of the latter;

Right to lodge a complaint with the relevant data protection authority: We hope that we can satisfy any queries you may have about the way in which we process your personal data. However, if you have unresolved concerns, you also have the right to complain to the data protection authority in the location in which you live, work, or believe a data protection breach has occurred.

If you have any questions or objections as to how we collect and process your personal data, please contact us using info@monexora.com.

Retention of personal data

We keep your personal data to enable your continued use of Monexora Services, for as long as it is required in order to fulfil the relevant purposes described in this Privacy Policy, and as may be required by law such as for tax and accounting purposes, compliance with Anti-Money Laundering laws, or to resolve disputes and/or legal claims or as otherwise communicated to you.

While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal data is described below.

Personal Identifiable Data collected to comply with our legal obligations under financial or anti-money laundering laws may be retained for as long as is required under such laws.

Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to an unsubscribed list to ensure we do not inadvertently market to you.

Recording of voice calls with you may be kept for a period prescribed by the law, for audit/ compliance purposes and to resolve disputes and/or legal claims.

Information collected via cookies, web page counters and other analytics tools is kept for a period prescribed by the law from the date of the collection of the cookie of the relevant cookie.

Contact Information

Our data protection officer can be contacted using info@monexora.com and will work to address any questions or issues that you have with respect to the collection and processing of your personal data.

Notices and Revisions

If you have any concerns about privacy at Monexora, please contact us, and we will try to resolve them. You also have the right to contact your local Data Protection Authority.

Our business changes regularly, and our Privacy Policy may change also. You should check our websites frequently to see recent changes. Unless stated otherwise, our current Privacy Policy applies to all information that we have about you.