Privacy Policy

Privacy and Cookie Policy

Last updated: August 20, 2024

We, at RealFin International (“Controller”, "We"), value highly your privacy. In the hereby Privacy Policy (“Policy), We describe how We may use your personal data which We collect for the delivery of our services (“Services”) through the website https://realfin.io/ (“Website”, “Site”, “Blockchain”).

Please read carefully our Policy in order to get a clear understanding of how We collect, use, protect or otherwise process your personal data in accordance with the applicable data protection legislation, including, but not limited to the European General Data Protection Regulation (“GDPR”) and the company’s AML and KYC policies.

1. Definitions

“Personal data” – all kinds of information that relates to an identified or identifiable natural person (data subject).

“Cookies” – small files that a site or service provider stores in the memory of your device using the browser you are using (if you have allowed this).

“Data controller” – a natural or legal person, public authority, agency or other entity which alone or jointly with others determines the purposes and means of the processing of personal data.

“Data processor” – a natural or legal person who, on the basis of a contract, processes personal data provided by the Controller for the agreed purposes.

2. Data Controller

The Data controller, RealFin International, is a company duly incorporated and operating under the laws of the Republic of Bulgaria, entered into the Commercial Register at the Registry Agency, with UIC 206396291, having its seat and address of management at: 1124 Sofia, Bulgaria, Yavorov District, 7 Boicho Voivoda Str.

3. What Data Do We Process?

We may collect personal data from you when you visit our Website, register and create a user account, fill out form(s) available on our Website as well as perform transactions through the Blockchain or otherwise use our Services.

In the table below you find an overview of the personal data We may collect from you, for what purposes We collect the data, on which legal basis We process your personal data and for how long We retain your personal data:

Purpose

Personal Data

Legal basis

Retention Period

Identification and verification of clients’ identity

• Name and surname;
• Date of birth;
• Nationality;
• Physical address;
• Email address;
• Telephone number; and/or identity document

Users may be required to provide an identity document (ID card, passport, driving license) via uploading the identity document inPDF or JPG format.

Data processing is necessary for compliance with KYC/AML laws and regulations (See AML/KYC Policy here).

No longer than it is necessary for fulfilling the purposes the data has been initially collected for. The Controller is legally obliged to keep records and store the collected personal data about its clients for a period of no less than 5 years.

Registering on the Blockchain and creating a user account

• Name and surname;
• Email address;
• Telephone number.

Necessary for the performance of a contractual obligation We have towards you or to take steps at your request before entering into an agreement.

The personal data of your user account will be stored until the moment you withdraw your consent by requesting the deletion/erasure of your personal data.

To process and/or enforce transactions and to send related communications

• Name and surname;
• Email address;
• Physical address;
• Telephone number;
• Digital wallet address.

Necessary for the performance of a contractual obligation We have towards you or to take steps at your request before entering into an agreement.

The personal data of your user account will be stored until the moment you withdraw your consent by requesting the deletion/erasure of your personal data.
However, regard must be had to the respective AML/CFT laws and regulations.

To personalize your customer experience and to provide content, suggestions and offers, including for new products and Services, that you may be interested in, as well as to improve the quality of our Services

• Name and surname;
• Email address;
• IP address;
• Cookie data;
• Traffic data;
• Geo-location.

Your consent

Personal data collected through cookies and similar technologies will be processed until your preferences for the use of cookies change.

Marketing purposes - to periodically send you notifcations regarding our products and Services or any such offered by our partners

• Name and surname;
• Email address;

Your consent

The personal data required to send communication will be processed until you withdraw your consent to receive any such communication.

Providing you with customer support when requested

• Name and surname;
• Email address;
• Telephone number.

Data processing is necessary for the performance of a contract with you.
Necessary for our legitimate interest as well.

No longer than it is necessary for fulfilling the purposes the data has been initially collected for.

To contact you, to maintain a followers base on social media and to provide our followers with access to special posts, publications and materials in our social media accounts (e.g.
Facebook, Instagram, Youtube)

• Name and surname;
• Email address;
• Telephone number;
• User name/pseudonym and other data from your social media profiles.

Data processing is necessary to protect our legitimate interest - providing and personalizing our Services.

Personal data will be processed until you stop following us on social media.

4. How Do We Use the Stored Data?

Any information We collect from you may be used in one of the following ways:

To process transactions and/or related activity on the Blockchain (We need this information in order to provide you with the Services you have requested);
To improve your experience in working with our Blockchain (your information helps us better respond to your individual needs);
To improve the RealFin Blockchain, including tailoring it to users’ preferences (We constantly strive to improve our Services and the functionalities of the Blockchain based on the information and feedback We receive from you);
To improve customer service when responding to your inquiries, comments and instructions (your information helps us respond more effectively to your customer service and support requirements);
Sending periodic emails (the email address you provide can be used to send information, promotional notices related to your activity on the Blockchain and/or inquiries and/or instructions and requests, if you have agreed to this).

5. Do We Use Cookies?

Our Website uses Cookies. Cookies do not typically contain any information that personally identifies a user, but Personal data that We store about you may be linked to the information stored in and obtained from Cookies. Our Website uses the following types of Cookies:

“Session cookies” which are erased when the user closes the browser;
“First-party cookies” which are set by the web server of the visited page and share the same domain;
“Third-party cookies” stored by a different domain to the visited page's domain. This can happen when the webpage references a file, such as JavaScript, located outside its domain.

You have the ability to change your cookie preference at any time by changing your browser options. To block Cookies in a particular browser, learn more here:

Cookie settings in Google Chrome
Cookie settings in Firefox
Cookie settings in Internet Explorer
Cookie settings in Safari

The refusal of Cookies may result in a limitation of functionality or in an inability to use the Services of our Website.

6. Disclosure of Personal Data to Third Parties

The collected personal information is not sold, exchanged or in any other way transferred to outsiders. It may be made available to the judiciary if legitimately requested and if necessary to comply with the law, the rules of our Site or to ensure protection of ours and other persons’ rights, property or safety. All information collected that does not qualify as personal data or does not contain classified information may be provided to other parties for marketing, advertising or other use.

7. Compliance with General Data Protection Regulation (GDPR)

Compliance with the GDPR requirements related to storing, using and protecting personal data is ensured. The Controller takes all possible technical and organizational measures, recognized by the applicable data protection legislation, in order to protect all data that may be stored and/or processed. Personal data is processed by RealFin International in compliance with the applicable Bulgarian legislation

7.1 How Do We Store and Protect Your Personal Data:

Your personal data collected through the use of the Services of RealFin Blockchain is stored and processed on the territory of the Republic of Bulgaria or in another state in which it operates within the European Economic Area (EEA).To the extent that We may transfer and store personal data to a third country outside the EEA that does not provide an adequate level of protection, in any such case We shall implement appropriate safeguards to protect the personal data as per the applicable data protection rules and regulations. In the event of any need to transfer collected personal data outside the EU, We guarantee a high level of data protection through contractual clauses or other instruments recognized by applicable law.We ensure all required technical and organizational measures, including but no limited to data encryption, in order to protect the data from accidental or illegal destruction or from accidental loss, from unauthorized access, amendment or distribution, as well as other illegal forms of processing. There are policies and procedures designed to protect information from loss, misuse and improper disclosure. Although We work hard to protect your personal information, We cannot guarantee that our actions will prevent any unauthorized attempt to access, use or disclose personal information. However, if you consider that there is a threat to the security of your personal data, please contact us immediately via the contact options specified in Art. 12 of this Privacy Policy.We ensure additional information security measures, including access control, strict physical protection and reliable practices for collecting, storing and processing information. Data processing is further ensured by using measures that are consistent with the modern technological achievements as via SSL technology.If you wish to access or change any personal data We store about you or to request that We delete any piece of information about you that We have obtained through the use of our Services, you may contact us at any time (See forms of contact in Art. 12 of this Policy). Users can update or correct their account information. When updating your personal information, We may ask you to verify your identity before We can act on your request. Users can request deletion of their user account from the Data controller. If Users have obligations concerning active pending transactions and other obligations related to the provision of the respective Services, the Data controller shall delete their accounts only after full performance of the contractual obligations. In these cases, regard must be had to the respective AML/CFT laws and regulations.Please note that although the changes you make are immediately reflected in active user databases or within a reasonable period of time, We may retain information you provide to prevent fraud, abuse or other for fulfilling legal obligations, or when We consider that there are reasonable grounds thereby. If you refuse to provide personal information, We may not be able to provide some of the features of the Blockchain and its Services.

7.1 Controlling Authority

Controlling authority for data protection in Bulgaria is the Commission for Data Protection at address: 1592 Sofia, 2 Blvd. Tsvetan Lazarov; telephone number: 02 915 3555. More information about data protection can be found on the website of the controlling authority at (URL) www.cpdp.bg.

8. Privacy Policy Changes

We may amend this Privacy Policy from time to time. You can find the most recent version with amendments published on our Website or it may be communicated to the users when required by law. In case you disagree with the changes, you should cease using our Services.

9. Your Rights

Under the legislation in force, you are entitled to object, at any time and free of charge, to the processing of your personal data, by sending us a written request to gdpr@RealFin.finance.
You are entitled to receive access upon notification to the personal data We store about you in a structured, commonly used and machine-readable format, by sending us a written request to gdpr@RealFin.finance.
You are entitled to request the portability of your personal data to another data controller by sending us a written request to gdpr@RealFin.finance.
If any of the data We have about you is incorrect or inaccurate, you may request its correction by sending us a written request to gdpr@RealFin.finance.
You are also entitled to request the complete erasure of your personal data by sending us a written request to gdpr@RealFin.finance.
You may also request a restriction on the processing of your personal data with regard to specific actions on collection, processing or transferring by sending us a written request to gdpr@RealFin.finance.
You are also entitled to request that third parties are notified about the rectification, erasure or restriction on the processing of your data so that these third parties comply with the respective request made by you.
You are also entitled to request the complete erasure of your personal data by sending us a written request to gdpr@RealFin.finance.

We shall respond to your request or inform you, in writing, of the action we take in relation to the request within one month of receipt of the request. This period may be extended with additional two months when required due to complexity or the number of requests, of which you will be duly notified.

10. Data Retention

We only store personal data collected from the user while his or her user account is active, or otherwise We store data for a limited period of time while We need it to fulfill the purposes for which We have originally collected it, unless otherwise provided by law. We shall retain and use the information necessary to comply with our legal obligations or to resolve disputes or to enforce our contractual obligations and agreements as follows and with some terms being, non-exhaustively: (a) Payment information is retained for 10 years in accordance with accounting and tax laws; (b) Information on legal transactions shall be retained for 10 years in accordance with the general limitation period set for civil actions.

11. Minimal age

We do not collect or process personal data, which is provided by users under the age of 18 without the consent of their parents or legal guardians. The Controller will delete all information provided by or regarding users who are under the age of 18 and did not receive the consent of their parents or legal guardians for the use of the Blockchain, its Services and content.

12. Contact us

If you have any questions or complaints with respect to the processing of your personal data by us, please contact us via our email address: gdpr@RealFin.finance

In force: 22.10.2021