Privacy Policy
Introduction
The Privacy Policy ('the Policy') of the company Hermes Inc. (also referred to as 'We', 'Our', 'Us' or 'Hermes'), registry code: 305910634, informs and explains the User (also referred to as 'You' or 'Your') how We process any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for Your identification or identifiability ('Personal Data') We receive from You, when You are using the services provided by Hermes ('the Services').By using the Website, You agree to the processing of Personal Data in accordance with the Policy.
This Policy sets forth the basic rules and principles by which We process Your Personal Data and mentions Our responsibilities while processing Your Personal Data according to transparency obligations. While using the Services You agree for Your Personal Data processing in accordance with the Policy and affirm that. In case when You do not agree with the Policy partially or fully, You must stop using the Services. All data collected before above-mentioned refusal will be processed in accordance with Policy until Your direct prohibition is received.
The Service is not directed to people under the age of eighteen (18). If You become aware that Your child has provided Us with Personal Data without Your consent, please contact Us at the email address listed below. If We become aware that a child under eighteen (18) has provided Us with Personal Data, Hermes takes steps to remove such information and terminate the child's account.
We are the controller within the meaning of the General Data Protection Regulation, We determine the purposes and means of processing Your Personal Data.
Definitions
'Personal Data' refers herein to any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
'Processing' - any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether by automated means or not, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal data and its processing methods
While providing the Services We may collect the following:
- Data used for performing customer due diligence measures,
- Your data g. Your photo, name, date and place of birth, address;
- identity document data, e.g. photo of the document, number and validity;
- financial data, e.g. ownership and source of funds and/or wealth;
- contact details, including, Your email address or details of other means of communication You choose to provide Us;
- transaction data and the nature of using the service, e.g. transaction sums, counter-parties, bank account and card number(s) and account holders;
- other data g. media coverage, occupation and connection to other persons, and device information and location;
- Usage data includes details about how you use our Website.
- Technical data includes internet protocol (IP) address, your login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices which you (whether a client or otherwise) use to access and browse the Website.
- Website visit data includes the full Uniform Resource Locators (URL), clickstream to, through and from the Website (including date and time), products you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.
- Marketing and communications data includes your preferences in receiving marketing from Us or our third parties and your communication preferences. This may include information whether You have subscribed or unsubscribed from any of Our mailing lists, accepted any of Our invitations, or attended any of Our events.
- Correspondence between You and Us.
We collect Personal Data for the next targets and legal basis:
- to provide the Services and carry out Our obligations arising from any You enter into with Us;
- to perform transactions;
- to provide You with information related to providing the Services;
- to grant You access to the Services;
- to remember Your settings, manage Your requests, host, and back-end infrastructure;
- to provide newsletters/offers/updates/advertisements which may be interesting to You;
- in order to improve the Website (testing features, interacting with feedback platforms, managing landing pages, heat mapping the Website, traffic optimization, and data analysis and research, including profiling and the use of machine learning and other techniques over Your Personal Data and in some cases using third parties to do this);
- to provide customer support;
- to collect statistical or technical non-personalized data about the use of the Website and the Services;
- for Our justified interest, for the purpose of fulfilling a contract, including for establishing violations of the contract or legislation, as well as to confirm such violations.
- in order to comply with legal requirements (including, compliance with KYC and AML regulations);
- in order to protect Your vital interests or the vital interests of another natural person.
If Personal Data processing is carried out in accordance with Our justified interests, You have a right to submit objections to such processes.
Disclosing Your Personal Data
We only share Your Personal Data when We have a valid reason for it, namely, to provide our services and products to You and when We are legally permitted to do so.
We may disclose Your Personal Data to:
- Data processors (including banking partners, technology providers, customer support center) - we use carefully selected service providers (data processors) that provide sufficient guarantees to implement appropriate technical and organizational security measures to protect Your Personal Data. We have concluded appropriate data processing agreements with the service providers and shall remain responsible for their actions in respect of the processing of Your Personal Data.
- Third parties - in some circumstances, We also share Your Personal Data with third parties who act as independent data controllers as regards Your Personal Data. We only share Your Personal Data with third parties if stipulated herein, if required under the applicable law (e.g., auditors, national regulators or other authorities), when we need to protect Your legal rights (e.g. disclosing Personal Data to attorneys or debt collection agencies) due to Our legitimate interest for the performance of an agreement, or with Your consent.
- Acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. In such case, We make sure that Your rights and conditions as a data subject shall not be decreased.
- Your representatives, advisers, and other third parties You have contacted regarding the Service or which You have authorized to interact with Us on Your behalf. Please note that We consider such authorization as Your consent and therefore Your request for such an activity must be present to Us in a written form.
We will not sell Your Personal Data to any third party.
Security and international transfers
Although generally the Personal Data is processed within the European Economic Area, certain activities may result in the transferring of Personal Data to Third Countries, meaning countries located outside the EU/EEA. We take all necessary measures to protect the data against unauthorized access, modify, disclosure or destruction. We have implemented various technical and organizational measures to be compliant with applicable Personal Data, privacy, and data security legislation in the countries where We operate or where the applicable law applies to Us.
Hermes has put in place procedures to deal with any suspected Personal Data breach and will notify You and any relevant regulator of a breach where We are required to do so by law.
Hermes is not responsible for the Personal Data protection measures violations if such violations caused by actions performed by You or a third person.
Personal data storage
We store Your Personal Data while it is necessary to process data, to protect Our interests or on the grounds provided by legal acts requirements. In accordance with our record keeping obligations We will retain Personal Data for at least a period of five years after they are closed by You.
Cookies
Our Cookies Policy is available on the Website.
Your rights and obligations
In accordance with relevant legal acts (primarily - GDPR) You can exercise the following rights by contacting Us:
- request an access to Your own Personal Data;
- request changes in Your own Personal Data;
- request removal of Your own Personal Data;
- submit objections to Your own Personal Data processing on any grounds.
Hermes replies to Your requests and requirements within 1 month and notifies about measures took to perform provided requests and requirements. If Your request or requirement is too complicated or has a large volume Hermes has a right to prolong the period for reply up to 2 months.
If the requests or requirements of the You are obviously not justified or excessive, primarily due to their repetitive nature, Hermes has the right to refuse performing requests or requirements.
You do not need to pay a fee to access information or other rights, but We may charge a reasonable fee if Your request is clearly unfounded, repetitive, or excessive or refuse to comply with Your request in these circumstances.
In case when Personal Data is processed by Your consent, he/she always has a right to revoke his consent. If You revoke Your consent for Personal Data processing all the data processing performed before revoke considers to be legitimate and lawful.
Where We need to collect Personal Data by law, or under the terms of a contract We have with You and You fail to provide that data when requested, We may not be able to perform the contract We have or are trying to enter into with You (including the Services). In this case, We may have to cancel Your use of our Services, but We will notify You if this is the case at the time.
You must notify Us about changes in Your contact details to keep them up to date.
In case of Your rights violation, You have a right to ask State Data Protection Inspectorate or court to protect Your rights.
Legal Limitations
Notwithstanding anything to the contrary in the Policy, We may preserve or disclose Your information if We believe that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud, security or technical issues; or to protect Our or the Users' rights or property.
You acknowledge that the We are not liable for any illegal or abusive use of Your information. You acknowledge that in a case where You share Your information from the Software or the Website in social or other networks, or in other third-party sites and/or platforms, Your information is subject to the privacy policies of such third-party resources.
Hermes may share Your Personal Data with law enforcement, data protection authorities, government officials, and other authorities only when Hermes is legally bound to do so or has to protect the safety of its users and the Website.
Third-party links
The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy notice or policies. We strongly encourage you to read the privacy notice of every website you visit, particularly when leaving our Website.
Policy changing
The Policy can be changed to comply with changes in Law, Personal Data processing or under instructions of supervisory authorities. We will make available the updated Privacy Policy on Our website.
Contact details and questions
Any questions about this Policy, the processing of Personal Data or data subject’s requests shall be directed to:
- Hermes Inc.
- Registry code: 14695199
- Address: 27 Old Gloucester Street, London, United Kingdom, WC1N 3AX
- Email: support@hermesltd.org