Privacy Policy

 

Banexcoin SA (or simply, “Banexcoin”) with RUC No. 20603726139, domiciled at Av. José Pardo No. 434 Office 1001, Miraflores, Lima, Peru, makes available to customers (or simply, “ You") this Privacy Policy (or simply, "Policy"), in accordance with Law No. 29733, Personal Data Protection Law and its Regulations, approved by Supreme Decree No. 003-2013-JUS (together “Personal Data Regulation”). 


In this document, you will be able to find, among other aspects, information about the personal data that we will collect, the purposes for which its treatment is carried out (collection, registration, storage, conservation, consultation, use, among other activities), those in charge of carrying out said activities, the time that personal data will be stored in our personal data bank, the security measures implemented, as well as the procedure provided for customers to exercise their rights as holders of personal data. 


What is meant by personal data?


Personal data is understood as all information about a natural person that identifies or makes it identifiable through means that can be reasonably used.


What personal data do we collect?


Banexcoin, through the website, collects from  customers the data detailed below:   


  • Of an identifying nature: names and surnames, number of national identity document or unique taxpayer registration number, passport number, immigration card number, home address, telephone, email address, image, voice, signature, electronic signature and billing address,
  • Of a personal nature: marital status, date of birth, nationality, sex, profession, occupation, country of birth, name of the workplace and confirmation if you are considered a politically exposed person
  • Of an economic-financial nature: bank details, credit history, tax information, credit cards, patrimonial assets
  • Of a social nature: receipt of public service
  • Of a sensitive nature: fingerprint, facial recognition, economic income


Sensitive data is collected and used to validate the identification of customers (fingerprint and facial recognition) in the registration process and start of the contractual relationship and is subsequently complemented (economic income) in the due diligence of knowledge of the client's.


Banexcoin will be responsible for the treatment and security of the personal data provided by you or that it collects through the Platform so that customers can access the services provided by us. The personal data collected from its customers will be stored with all the security and confidentiality measures in a data bank of its ownership called: "Bank of personal data of customer", registered in the National Registry of Protection of Personal Data with the code RNPDP N°. 968-2022-JUS/DGTAIPD-DPDP.


For what purposes do we use your personal data?


The personal data that customers provide to Banexcoin, through the Platform, will be used for the following purposes:


1.     Necessary purposes:

  1. Access the services provided by Banexcoin

  2. Preparation, celebration and execution of the contractual relationship derived from the request and/or contracting of the services provided by Banexcoin through the Platform 

  3. For management purposes in the prevention of money laundering and financing of terrorism 

  4. Evaluate, control and meet the needs of the contractual relationship 

  5. Verify your identity and the veracity of the information you provide to Banexcoin 

  6. Prevent or detect fraud or criminal activity and/or to manage and resolve any actual or potential loss in connection with crime or fraud

  7. Transfer this information to different areas of Banexcoin when it is necessary for the development of its operations

  8. Address and manage claims, complaints, queries and requests made by customers ents through the channels authorized by Banexcoin 

  9. Compliance with legal and/or regulatory demands and requirements or those that come from competent authorities

  10. Inform customers about changes in the conditions of the services provided by Banexcoin

  11. Any other activity of a similar nature to those described above that are necessary for the development of the contractual relationship with our customers 


2.     Additional purposes (commercial purposes). In the event that you grant your consent, your personal data will be processed for the following purposes:


  1. Manage the subscription request for a newsletter and send promotions through the direct communication channels used by Banexcoin 

  2. Manage customer lists

  3. Carry out market studies

  4. Carry out advertising and commercial prospecting actions

  5. Offer of commercial promotions

  6. Record information for statistical or historical analysis

  7. Remission (via physical, electronic or telephone means) of advertising, information on offers and/or promotions (personalized or general) of products and/or services 

  8. Transfer your data to specialized companies so that they carry out for themselves the treatments indicated in the preceding items (it should be noted that some of these companies have computer servers located outside of Peru, so an international transfer of data will occur) 


If you do not expressly and previously authorize the processing of your data for additional purposes, your personal data will only be used for the necessary purposes indicated in the previous point. With which, the authorization of the use of your data for additional purposes is not a condition to contract any service offered by Banexcoin.


What happens if I refuse to provide my personal data?


Banexcoin collects data in order to comply with its contractual obligations and carry out all activities that aim to comply with legal requirements and requirements.


If you do not provide the mandatory personal data for the necessary purposes, Banexcoin may end your registration process on the Platform and may not provide you with its services. 


Who can access your personal data?


Banexcoin may process the personal data of its customers directly or through providers (national or international), who provide services detailed below.


  • Transaction processing

  • service Payment gateway service for the processing of purchases made with credit and/or debit cards

  • Advertising and communication

  • service Identity validation service and "Know Your Client" (KYC)


Likewise, Banexcoin may transfer your personal data, in Peru or abroad, by any means to its allies, partners or commercial suppliers. In any case, you must take into account that your personal data will be shared with third parties for the necessary purposes; if applicable; and, in addition, for additional purposes, provided that you have authorized it, in accordance with the procedures determined by Banexcoin within the framework of its normal operations. 


In this regard, we inform you of the complete list of recipients who may receive your data as data processors or as third-party recipients, you can find out who they are by clicking here. This information will be constantly updated, so that it is available when customers need information about these third parties. Banexcoin will inform you, through authorized channels, if said list has been updated. 


For the aforementioned purpose, Banexcoin complies with guaranteeing that the possible recipients of personal data will carry out their treatment with an adequate degree of protection.


For what period can we keep your personal data?


Your personal data will be stored for up to 2 years after the contractual relationship has ended; Unless, due to legal or regulatory requirement or requirement of any competent authority, said conservation must be carried out for a longer period, in which case, Banexcoin will carry out the storage for the established legal term or for the term required by the authority, if it is the case, if, for example, we are in the framework of an investigation procedure. If there is no legal requirement or requirement of a competent authority, Banexcoin undertakes to eliminate personal data from its records. 


How do we protect your personal data?


Banexcoin has adopted the necessary technical, legal and organizational measures to guarantee the security and adequate processing of the customers personal data, as well as to avoid any improper manipulation, accidental loss, destruction or unauthorized access by third parties. 


In this sense, when Banexcoin shares your data with third parties it will take the necessary measures (for example, contractually), to ensure that your personal data is treated with the same level of protection as that established by the Personal Data Regulations. The data protection rights set forth in this Data Privacy Policy will continue to apply to that data, regardless of the jurisdiction in which it is processed. 


Although Banexcoin does not plan to do so, when personal data needs to be transferred to jurisdictions that do not have personal data protection regulations similar to the Personal Data Regulations, Banexcoin will obtain the prior and express consent of the customers for this to happen and will take the necessary measures as indicated in the preceding paragraph to safeguard the correct treatment of your personal data. 


How can you exercise the rights that the Personal Data Regulation grants you regarding your personal data?


Banexcoin recognizes and guarantees the exercise of the rights of access, rectification, cancellation and opposition (hereinafter, "ARCO Rights'') that the customers, as holders of their personal data; as well as revocation of consent for additional purposes (commercial purposes), submitting your requests through the email [email protected]] or at our offices located at Av. José Pardo No. 434 Office 1001, Miraflores, Lima, Peru. 


The requests sent to Banexcoin will have a pre-established format (which you can download by clicking here), in which the following information is requested: (i) names and surnames of the owner of the personal data, identity document number, phone and email; In the case of legal entities, data of the legal representative is requested; brand or select the rights to exercise by attaching a copy of the Identity Document or equivalent, and in case your representative makes the request, additionally, you will be asked to prove the representation or the necessary powers in accordance with the applicable laws, attaching a power of attorney with legalized signatures or similar document; (ii) specific request that gives rise to the request, selecting the rights you want to exercise; (iii) clear description or justification of the request; (iv) documents that support the request, if applicable; and (v) date and signature of the applicant.


The response time for requests for rectification, cancellation and opposition rights is ten (10) business days. For its part, the request on the right of access has a response period of twenty (20) business days. These terms may be extended only once and for an equal period, provided that the circumstances justify it. Banexcoin undertakes to communicate said decision to the email or address indicated by the owner of the personal data.


The cancellation of personal data will not proceed when they must be kept by Banexcoin by virtue of historical, statistical or scientific reasons, in accordance with the applicable regulations or requirements of competent authorities or due to possible claims against Banexcoin for responsibilities derived from the treatment of such information. In the latter case, the duration of said conservation may not exceed the legal prescription period of said responsibilities.

 

If the ARCO Rights are not addressed within the established period or are denied, you may appeal to the National Authority for the Protection of Personal Data by way of claim or to the Judiciary to initiate a habeas data action.


Likewise, customers may revoke their consent to the processing of their personal data for additional purposes (commercial purposes) by submitting their requests through the mail and/or at the address indicated in the first paragraph of this clause. 


The requests sent to Banexcoin will not necessarily have a pre-established format, however, in any case they must contain, at least, the following: (i) names and surnames of the owner of the personal data; attaching a copy of the National Identity Document or equivalent, and in case your representative makes the request, additionally, you will be asked to prove the representation or the necessary powers in accordance with the applicable laws, attaching a power of attorney with the legalized signatures or similar document ; (ii) specific request giving rise to the request; (iii) address, or address that may be electronic; and, (iv) date and signature of the applicant. 


Banexcoin, at the request of the customers, will proceed with the revocation and will adjust the processes associated with said request within a maximum period of five (5) business days. 


What other additional aspects should be taken into consideration?


  1. Data Protection 


Officer Banexcoin has designated a Data Protection Officer trained to fulfill his task; notwithstanding the foregoing, each of its areas supports said person in charge in fulfilling the functions assigned to contribute to the proper processing of personal data of customers. In no case does this designation imply an exoneration of responsibility of the obligations that correspond to Banexcoin in its capacity as owner of the Bank of personal data of customers.  


The functions assigned to the Data Protection Officer are contemplated in the internal regulations approved by Banexcoin; where some of the detailed below stand out:


  • Attention to requests and queries made by customers who hold data or Banexcoin (if applicable), for the exercise of their ARCO Rights or to answer and/or clarify any doubts that you may have regarding any aspect included in this Policy.

  • Monitor and follow up on the regulations issued on personal data protection and make recommendations for adjustments to internal regulations or associated procedures adopted within Banexcoin.

  • Promote training for Banexcoin on the importance of complying with regulations on the protection of personal data. 

  • Evaluate, in conjunction with other areas of Banexcoin (if applicable) any incident related to a possible impact on the regulatory obligations regarding the protection of personal data. 

  • Serve as a link and coordinate compliance with the other areas of Banexcoin regarding the protection of personal data.

 

  1. Transfer of Contractual Position


The Client expressly authorizes the transfer of this Policy and its information in favor of any person who (i) is bound by this Policy; and/or (ii) that it is the new person in charge of the database that contains the Customer Information. After the transfer occurs, Banexcoin will not have any responsibility with respect to any event that occurs from the date of the transfer. The new person in charge of the database will assume each and every one of the obligations established in this Policy regarding the treatment, protection and conservation of the information previously detailed.

 

  1. Modifications of the Data Privacy Policy

 

In response to changes in our services or applicable legislation or due to the continuous improvement of Banexcoin, we expressly reserve the right to modify, update or complete this Policy at any time.

 

Any modification, update or extension produced in this Policy will be immediately published on the Platform, and customers, as holders of their personal data, must check these terms regularly to consult the changes that may have existed and how they may affect them. 


It is your responsibility to stay informed of our Policy, so each time you use our Platform, you should consult our Privacy Policy.


  1. Attention to Concerns


If you have any concerns, as well as any suggestions regarding our Policy, and your rights and obligations arising from it or any other section of the Site  https://www.banexcoin.com/ or write to us at[email protected]