Privacy Policy
This Privacy Policy describes how Veetrblox UAB (also referred to in this Policy as “we”, “our” or
“us”) collect, use, and share information related to your use of our products, services, and the
website. This Policy complies with the requirements of the European General Data Protection
Regulation (“GDPR”) and all applicable statutes and regulations for Data protection in the Republic
of Lithuania and seeks to establish the transparent, lawful, fair and secure handling of personal data
of our customers and users.
This Privacy Policy explains what personal data we collect through our website and services, how
and why we collect it, how we use it and what third parties we share it with. Additionally, it
describes your personal data rights and how you may exercise them.
Secure storage and handling of funds you entrust with us as well as ensuring fairness,
competitiveness, genuinity and transparency of the market and your Orders and Transactions are our
first and foremost priority. We may revise this Privacy Policy from time to time but we will never
do so in a manner that would compromise the importance of our mission. If any modifications are
made to this Policy (and other policies, including Terms of Service and Cookie Policy), we will
notify you of the changes via email and on this page.
We recommend you read this Policy in full to be aware and informed of the processes your data is
involved into and your rights. For any questions regarding this Privacy Policy, collection and use of
your data, disclosure and sharing of your data, and other concerns or requests related to your
personal data, please contact us at: [email protected]
1. Definitions
The following section covers the basic definitions used in this Privacy Policy. It describes what is
meant by your personal data and who controls and processes your personal data.
1.1. Personal Data
“Personal Data” means any information that may be used to identify you as an individual,
directly or indirectly. Such information includes you personal name, identification number,
location data, and any information found online that may reveal your physical, genetic,
mental, economic, cultural or social identity.
1.2. Information about the Deceased
Personal Data requires a person to have legal capacity, meaning they can exercise their
rights, give consent and enter into agreements. Legal capacity begins at birth and is lost
upon death. Therefore, in this Policy, any information related to the deceased person is not
seen as Personal Data and is excluded from its meaning.
Nevertheless, we will ensure that your personal data collected from you during your life is
kept securely and safely with us after your death. We will not share or disclose it in any
manner that is not defined in this Policy or not otherwise permitted by the GDPR. Treatment
of personal data after death of the data subject differs in regards to the national laws on
personal data in each EU Member State.
1.3. Controller of your Personal Data
Veetrblox UAB is the Controller of your personal data. It means that we determine what
information we collect, how and why we collect it, how it is shared and disclosed and what
means we use to process this information.
1.4. Processing of your Personal Data
We use specific vendors and partners that are responsible for processing your personal
information. For more specific information, please check out Section 8 to learn of how your
data is processed, what vendors we use for processing your personal data and what countries
we may send your data to for processing.
2. Information We Collect
To provide our Services and offer our Products, we must collect information about you.
2.1. Information that You Provide
This category includes content and information that you provide when you use our Services
and Products. Veetrblox UAB will never ask you to submit any information related to your
racial or ethnic origin, sex life or sexual orientation, political opinions, philosophical or
religious beliefs, biometric or genetic data and trade union membership.
2.1.1. Account Registration
When you create your personal account, we may ask for your contact information,
including your full name, personal address, e-mail address and phone number. In
addition, in order to further verify your identity for the purposes of compliance measures
imposed by us under the relevant legislative acts, such as Anti-Money Laundering and
Terrorism Financing Prevention law in Republic of Lithuania, we may collect the
following personal information from you:
-Formal identification information, such as identity documents issued by the
competent governmant authorities in the country of your domicile and/or
birth, e.g. passport, national ID card, residence permit and right of residence
cards, driver’s license, birth certificate, visa information, and other relevant
identification documents necessary to determine your identity and comply
with our obligations under the AML and anti-financial crime laws and
regulations;
-Financial information, such as bank account details, payment card
information, transaction history, trading data, tax information, and other
relevant information.
-Information about your business, such as formal certificate of incorporation
issued by the competent authorities of te country of incorporation of your
business, extracts from the commercial registries, tax and/or VAT number and
information, Articles and/ or Memorandum of Association, Certificates of
Incumbency, personal identification information about all ultimate beneficial
owners (hereinafter: the “UBOs”), shareholders and management board
members, information about the origina dn source of funds, etc.
-Employment information, such as the job title, location of the employer’s
officer and/or job description.
-Transaction information, such as information about amounts of your
transactions and receipients of such.
2.1.2. Communications
If you contact us directly, we may ask some additional information from you, such as
your name, e-mail address, personal address, phone number and other personal
information. If you communicate with us, we will always state the reasons why we need
this information from you.
2.1.3. Payment Information
Our Services allow our users to opt for a desired payment method in order to execute
Orders and Transations via the use of our third-party payment processors. We do not
store your information about the financial account. It is referred to our payment
processor.
2.2. Cookie Files
We use cookies on our website to gather information about our users' interaction with our
Services. Information we collect via cookies may include your use of the website features,
the frequency of your visits, your interaction with the functionalities of the Services and
other relevant information.
Cookies are small pieces of text sent by your web browser by a website you visit. Cookies
may store user preferences and other information. Cookies provide a convenience feature to
save you time or tell the Web server that you have returned to a specific page. A cookie file
is stored in your web browser and allows the Service or a third-party to recognize you and
make your next visit easier and the Service more useful to you.
Cookies can be “persistent” or “session” cookies. Persistent cookies remain on your personal
computer or mobile device when you go offline, while session cookies are deleted as soon as
you close your web browser.
Cookies set by us are called “first party cookies”. Cookies set by parties other than the
website owner are called “third party cookies”. Third party cookies enable third party
features or functionality to be provided on or through the website.
2.3. Log Files
We use log files to store information gathered from your use of our Services. We use this
information to enhance the functionalities of the website, acquiring detailed information
about traffic to optimize the website performance and improve the overall quality of
provision of our Services. The information stored in log files may include Internet Protocol
(IP) addresses, browser type, operation system (OS), Internet Service Provider (ISP),
referring/exit pages, landing pages, time and date stamps and clickstream data. Please note
that this information may be considered Personal Data under certain circumstances in
accordance with the relevant provisions of the GDPR.
2.4. Information from Partners and Third Parties
Our partners that have been authorized by us to provide our Services may provide your
Personal Data to us. In this case, the information forwarded to us is collected by our partners
and shared with us. We require our partners to have lawful rights to collect, use and share
your Personal Data before disclosing it to us. Such Partners and third parties include but are
not limited to the following sources:
-Public Databases, Identity Verification Partners and Credit Institutions: we
gather information from the above-mentioned Partners to varify your identity as per
the applicable laws and regulations. Identify verification involves collecting such
personal information as your name, address, employment information, credit history,
affiliation with any restricted, sanctioned or prohibited groups and associations,
determined as such by relevant legal acts, as well as other relevant data. Particularly,
we are obliged to collect and store such information as per our obligations under the
Anti-Money Laundering and Terrorism Financing Prevention law in Republic of
Lithuania, aimed at monitoring, detecting and preventing acts related to money
laundering, terrorism financing and other financial crimes.
-Blockchain Data: we collect publicly available blockchain data to detect and
prevent illegal activities, including those defined in RahaPTS, as well as to
determine current blockchain trends.
-Marketing Partners, Advertisers and Analytics Partners: we may collect
personal data from such partners and third parties for the purposes of conducting
reseach about how you use and interact with our website, Services and Products, as
well as to understand what Services and Products may be of interest to you.
3. Anonymized Data
As defined by the GDPR, anonymization is a technique that alters personal information to the point
when it may no longer be directly linked to a particular individual and such an individual may not
be identified, directly or indirectly, from such data.
Veetrblox UAB may employ amonymized data for the purposes of conducting research about
quality of our Services, understanding customer needs and demands, conduct marketing, detect and
prevent security vulnerabilities and braches, and other relevant business purposes.
4. How We Use Information
We use information we collect in various ways, including the following:
–Providing, operating and maintaining our Services;
–Processing payments, executing Orders, Trades and Transactions in a manner consistent
with the rules of market fairness, trasparency, competitiveness, and genuinity;
–Detecting and preventing loss of funds, including losses occuring as a result of fraud and
abuse of our Services;
–Ensuring compliance with the relevant laws and regulations to prevent anti-money
laundering, terrorism financing, fraud and other financial crimes;
–Complying with the anti-financial crime regimes and obligations, regulated and imposed by
the competent authorities of Republic of Lithuania;
–Communicating with you, including direct means or through our partners, to perform
customer support activities, to inform you of the changes and updates related to the Services,
to notify you of important information related to the Services and for marketing and
promotion;
–Sending you e-mails, including notification e-mails, reminders and confirmations;
–Improving the quality of our Services;
–Conducting research and development related to our Services to develop new features and
functionalities and introduce new products and services;
–Performing measurement and analytics activities to learn how our users interact with our
Services and understand our users' behaviour and preferences;
–Promoting safety, security and integrity of your funds, our Services and data.
5. How We Share This Information
We may share the information we collect in various ways and third parties.
5.1. Vendors and Service providers
We provide information we collect to vendors and services providers that help us keep our
business running. Such vendors include (but are not limited to) payment platforms, web and
mobile analytics services, advertisers, partners in IT such as hosting and software providers
as well as sales and marketing products.
5.1.1. Non-EU/EEA Vendors
Please kindly note that some of our service providers are located outside of the EU/EEA
area. For further information on how your data is handled when sharing it with third parties
outside of the EU/EEA, please see Section 10 of this Policy.
5.2. Payment Platforms
As a merchant, we share your information with payment services and platforms to process
your transaction and complete your order. Payment providers collect information
specifically for the purposes of processing your transaction. Veetrblox UAB may forward
your information to payment platforms in order to finalize your order; however, we never
keep your payment information or use it in any way but to process your transaction.
5.3. Identity Verification Services
We use third party verification services to verify your identity for the purposes of complying
with RahaPTS legal requirements and to ensure safety, transparency and lawful nature of
your activities. By using the services of our verification partners, we compare the personal
information provided by you with information of the verification partners’ databases and/or
public records.
5.4. Advertisers
To ensure you see the ads that may be of interest to you, we work with third-party
advertising partners. These partners may receive information from us to personalize ads to
fit your interests. They may also collect information about you and use it in accordance with
their own privacy notes. We never sell your information to advertisers. Additionally, we
make sure advertisers we choose are compliant with the GDPR and manage your
information accordingly.
5.5. Partners that Work with Us
Due to the nature of our business, we communicate and establish business connections with
various partners in the field of banking, legal services, compliance, accounting, and other
relevant fields. We may provide your information to them to ensure uninterrupted, accurate,
and integral provision of our Services and commence activities that help us maintain our
business activities.
5.6. Law Enforcement and Compliance
In some circumstances, we may need to disclose your personal information in accordance
with the law and current regulations to law enforcement authorities, government officials or
other relevant third parties. It may be necessary in the case of court proceedings, complying
with a legal order or other legal process, as well as for the purposes of financial crime,
money laundering and terrorism financing prevention, if we have strong grounds to believe
any natural or legal person to be involved in or associated with the said forms of crime.
5.7. Business Transfers
In cases of insolvency, bankruptcy, acquisition, transfer of ownership, sale of assets or
succession of Veetrblox UAB, your personal information may be disclosed to the new
owner, acquirer or successor of the company or other relevant third parties.
6. How We Secure This Information
At Veetrblox UAB, we understand the importsnace of keeping your personal information in a secure
and integral manner, as any breach of personal data may lead to detrimental consequences to you
and your funds. Therefore, we employ various physical, technical and administrative safeguards to
ensure intergrity, security and confidentiality of your personal data.
Your personal information is secured with the help of Transport Layer Security (TLS) protocol that
is designed to protect and secure your information from unauthorized access and breaches of
privacy. TLS protocol is mainly used for encrypting the information exchanged between our
website and servers. We also use TLS to encrypt all the e-mails and messages exchanged with us.
We use the latest and the most secure version of TLS (v 1.3) to date and make sure to update is if a
more secure and reliable version is released in the future.
In addition, your transaction and other personal information, is stored by us in an encrypted manner.
Such encrypted data is stored and maintainted with the use of our relevant service providers that
help us maintaint physical, technical, electronic and administrative safeguards. Please note that
some of such vendors may be located outside of the EU/EEA zone: to learn more about how your
personal data is collected, stored, handled and processed by such vendors, please read Section 10 of
this Policy.
At the same time, even with all the seciruty and safety measures imposed by us at all times, we
cannot guarantee that your data may not be breached, accessed without authorization or otherwise
tainted and leaked. We ask you to kindly acknowledge that a great part in data security lies with
you, and it is important to treat your personal data with diligence, attentiveness, and care. It is
strongly recommended to make sure your password includes a combination of letters, numbers and
signs and consists of a sufficient amount of characters; it is also advised to check for the safety of
your connection (which can be accessed by clicking a lock sign next to the URL field of your
browser) to make sure you do not submit your personal information to fraudulent and compromised
versions of our website, developed and maintained by unauthorized persons with malicious intent.
Should you become aware of any attempt to misuse your personal information by the above-
mentioned or any other malicious means, or should you believe your personal information is not
stored, handled and maintained securely by us, please notify us immediately at
__________________
7. Retention of Personal Information
Your personal information is stored securely for as long as your account is opened. We will only
store and retain your personal information for the period necessary to fulfill purposes for which it is
collected. Retention periods may vary in regards to the type of personal information and purposes
for which it was collected, such as indicated below:
-Personal information related to our legal obligations to comply with anti-financial crime and
anti-money laundering laws and regulation, may be stored for as long as it is required by
such laws;
-Contact information for marketing purposes is retained for as long as we have your consent
and is deleted immediately after you recall your consent;
-Telephone call records and other correspondence with us may be kept for a period of up to
five years;
-Information collected via technical means is retained for a period of up to one year.
8. Legal Basis and Legitimate interests
Our legal basis to collect, use and share your personal data varies depending on the context. The
following are the situations in which we perform processing:
-When we have your consent, meaning you have read our data processing purposes and
have agreed to them by giving your consent; such as in cases that include but are not limited
to being subject to our marketing notifications and campaigns and granting your consent to
use your personal information to enhance your experience of useing our website and
Services;
-When we need to perform a contract with you, meaning that your information is
necessary to process and finalize your order or comply with the terms of any other contact
we have entered into with you; to enforce the terms of this Policy and other agreements; to
provide our Services; to provide customer service and support, to ensure quality of our
Services and communications;
-When we have a legal obligation to comply with, meaning that data disclosure is
necessary to comply with the legal requirements set by law or legal order;
-When we have a legitimate interest, meaning that we process your personal data to operate
and provide our Services, improve our Products, ensure proper security and prevent illegal
activities and handling of your data. We only have legitimate interest when it does not
override your fundamental rights.
9. Rights of the Data Subject
As a data subject, you have certain rights provided by the GDPR that you may invoke.
9.1. Access, Update, Correct or Erase Your Information
You have the right to request the above to be done with your information. You may do so at
any time by e-mailing us at [email protected].
9.2. Objecting to and Restricting Processing of information
You may also exercise these rights at any moment by contacting us at [email protected].
9.3. Data Portability
If you wish to receive all the personal information we collected from you, to then provide it
to another controller, you may do so by contacting us at [email protected].
9.4. Opt-Out of Marketing Messages
You have the right to opt-out of marketing messages at any moment. This can be done by
clicking the ‘unsubscribe’ option in the marketing e-mails from us.
9.5. Withdraw Your Consent
You may withdraw your consent for processing your personal information at any moment.
Please note that lawfulness of consent before withdrawal will not be affected.
9.6. Complaining to a Data Protection Authority (DPA)
You have the right to complain to the DPA of your country of residence about collecting and
processing of your personal information by us. The list of the DPA representatives, their
webpages and contact information are available here.
10. Automated Processing and Decision-Making
We may employ automated tools to determine fraud or financial crime risks associated with any
Order, Trade, Transation or Customer. However, we do not perform any decision-making based on
means of fully automated processing, or automated processing that relies solely on decisions and
conlcusions generated by the machines and the line of code and does not involve any human
control, assessment and/or intervention. Similarly, we do not employ any algorithmic and
automated systems to make decisions that have serious life-affecting consequences, except for the
cases laid down by relevant data protection provisions.
11. International Transfer of Data
We strive to enhance the security of personal information you are entrusting us with. Therefore, we
opt for the most secure and diligent data processors to do the task. Some of such processors are
located overseas outside of the EU/EEA area in countries that have different regulations on personal
information. However, our partners follow the requirements and safeguards of the GDPR when
receiving and handling your personal information that we share with them.
For transfers of information to processors located in the US, we no longer rely on processors that
are certified under the EU-US Privacy Shield Framework because it has been invalidated in 2020 by
the decision of the European Court of Justice.
Instead, we make sure our international processors have adopted Standard Contractual Clauses for
data protection.
12. Children's Privacy
We do not knowingly collect and process any personal information from children under 13 years of
age. Please note that for any collection and processing of personal information of a child under 13,
we require explicit consent from the child’s legal representative, such as a parent or a guardian.
If you suspect that a child under 13 has provided us with their personal information without explicit
consent, please contact us at [email protected].
13. Changes to the Policy
We may modify this Policy from time to time to adapt it to the changing regulations and new
developments. Changes will be posted on our website. Additionally, we will notify you of changes
via e-mail.
14. Contact information
If you have any questions or concerns regarding this Policy, your personal data rights and how to
invoke them, or any other question about your personal information, please feel free to contact us at
[email protected].