Sign In

LCX is committed to protect and respect your privacy. At the same time, LCX is a strong supporter of blockchain regulation where accountability and transparency are equally important. Ultimately, building the key infrastructure for a new financial world. 

Privacy Policy

[Last revised: 10th October, 2022]

1. GENERAL PROVISIONS

This Privacy Policy governs your use of products, services, content, features, technologies or functions offered by LCX AG, Herrengasse 6, 9490 Vaduz, Liechtenstein, commercial register no.: FL-0002.580.678-2, (“LCX”; “we”; “us”; “our” or the “Company”) and all related sites, applications, and services (collectively “LCX Services”) including, without limitation, when you provide any information to us in relation to your use of LCX Services.

In order to operate our Services, to meet our regulatory obligations and to reduce the risk of online fraud, LCX , as a data controller, must ask you to provide us with information about yourself, including your personal details for customer identification, and information about your financial background an  payment options that may be connected to your use of LCX Services, as well as any other types of information specified in this Policy. 

This Policy aims to give information on how LCX collects and processes personal data , including any data that may have been provided to us or which we may receive by any means. 

The Services are not intended for minors (i.e., persons under 18 years of age or the respective age of majority) and we do not knowingly collect personal data relating to minors.

You accept and consent to this Privacy Policy when you sign up for, access, or use the our Services. By consenting to this Privacy Policy you acknowledge that the purpose of our data processing is primarily the fulfillment of our contractual obligations and the compliance with legal requirements. If no other legal grounds for processing of data exists, you consent and agree to us processing your data pursuant to this Privacy Policy. This Privacy Policy describes the information we collect and how we use that information. LCX takes the processing of your information very seriously and will use your information only in accordance with the terms of this Privacy Policy which complies with the Liechtenstein Data Protection Act as well as the applicable EU General Data Protection Regulation (EU 2016/679) as incorporated into the EEA-acquis by decision of the EEA Join Committee No. 154/2018 (this “Privacy Policy” or this “Policy”). For the purposes of this Privacy Policy, the term “information” means any confidential and/or personally identifiable information or other information related to your use of our services. 

We will not sell or rent your information to third parties for their marketing purposes without your explicit consent. However, in order for us to offer LCX Services to our users; enhance the quality of our Services from time to time; and protect the interests of our users, we may in specific cases under limited circumstances share some of your information with third parties under strict restrictions, as described in greater detail in the following sections of this Policy. It is important for you to review this Privacy Policy as it applies to all LCX Services.

Personal information or data refers to any information that can be associated with a specific natural person and can be used to identify that person, directly or indirectly, in particular by reference to required information that the user provides to LCX to gain access to and use our Services (hereinafter “Personal data” or “personal information”).

Unless otherwise indicated, terms used in this Regulation shall have the same meaning as under the GDPR.

This Privacy Policy explains how information about customers is collected, used, and disclosed by LCX and to set out the basis on which we will process personal data when providing our Services. This Privacy Policy also aims to inform about: (i) how we will handle and look after personal data, (ii) our obligations in regard to processing personal data responsibly and securely, (iii) customer’s data protection rights as a data subject, and (iv) how the law protects customers.

Controller: LCX as defined above is the controller and responsible for customer’s personal data. 

Changes to this Privacy Policy: All future changes to this Privacy Policy are incorporated by reference into the Terms and Conditions (our contract) with you and will take effect as specified in the Policy Updates, when they may occur. “Policy Update” means a prior notice of changes to any of your agreements with LCX, which we may make available to you in writing, including in electronic form. If you disagree with the terms of this Privacy Policy, please do not register for or use the LCX Services. 

Notification of Changes: This Privacy Policy may be revised over time, for example, as new features are added to LCX Services, or as we incorporate suggestions from our customers. We may change this Privacy Policy from time to time, particularly where we need to consider and cater for any (i) business developments and/or (ii) legal or regulatory developments under applicable law which affect our Services. If we make changes, we will notify customers. We encourage customers to review the Privacy Policy whenever our Services are accessed or when customers otherwise interact with us to stay informed about our privacy and data protection practices and the ways customers can help protect their privacy. We may post the notice on our website and/or send the notice by email. You as a user and customer are obliged to inform us of changes in your personal data during our business relationship. 

Third Party Websites: Some pages on the LCX website may include links to third-party websites. These sites are governed by their own privacy statements, and LCX is not responsible for their operations, including, but not limited to, their information practices. Users submitting information to or through these third-party websites should review the privacy statements of these sites before providing them with personally identifiable information. Clicking on those links or enabling those connections may allow third parties to collect or share data about customers. We do not control these third-party websites and are not responsible for their privacy notices, statements or policies. The respective provider of the linked website is solely responsible for the content and correctness of the information provided there, as well as for the tracking and setting of cookies by such websites.

 

2. COOKIE POLICY

When you access our website, or use our Services, we (including companies we work with, as the case may be) may place small data files on your computer or other device. These data files may be cookies, pixel tags, “Flash cookies,” or other local storage provided by your browser or associated applications (collectively “Cookies”). We use Cookies to recognize you as a customer, customize our Services for you, content and advertising, measure promotional effectiveness, help ensure that your account security is not compromised, mitigate risk and prevent fraud, and to promote trust and safety across our sites and LCX Services.

Most web browsers are set to accept cookies by default. You are free to decline most of the cookies if the browser or browser add-on permits. Choosing to remove or disable cookies may interfere with the use and functionality of the Services. Additionally, LCX may use certain persistent cookies that are not affected by browser settings but will use such cookies solely for identity verification and fraud prevention purposes.

Because of how cookies and similar technologies work, we cannot access data collected by third-party cookies, nor can other companies or persons access the data generated by such tools, and in particular, not all tracking functions of third-party tools can be controlled by us. All these providers are obliged to comply with the applicable data protection regulations and are solely responsible for any processing of personal data as a data controller according to article 4 (7) GDPR. You may disable cookies on your browser and by enabling a “Do Not Track” request in your browser.

Tool

Provider

Type of Cookie

Opt-out information

Google Analytics

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Marketing & Analytics

https://tools.google.com/dlpage/gaoptout

Google AdWords

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Marketing & Analytics

https://support.google.com/ads/answer/2662922?hl=en-GB

Google Fonts

Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland

Essential System Requirements

Browser

Hotjar

Hotjar Limited, Level 2, St Julian’s Business Centre, 3 Elia Zammit Street, 1000 St Julian’s STJ, Malta

Marketing & Analytics

Browser / Do Not Track Request

Cloudflare

Cloudflare, Inc. 101 Townsend St. San Francisco, CA 94107 USA

Essential System Requirements; set for anti-DDOS/bot protection by our DNS only for selected suspicious users.

Opt-out via your browser settings

reCAPTCHA

Google LLC, 1600 Amphitheatre Pkway, Mountain View, CA 94043-1351, USA

Essential System Requirements; set only for users under suspicion of being a bot.

Opt-out via your browser settings

Hubspot

Hubspot Ireland Limited, 1 Sir John Rogerson’s Quay, Dublin Docklands, Dublin, D02 CR67, Ireland

Marketing & Analytics

Browser / Do Not Track Request

Firebase

Google LLC, 1600 Amphitheatre Pkway, Mountain View, CA 94043-1351, USA

Marketing & Analytics

Browser / Do Not Track Request

TradingView

TRADINGVIEW UK LTD, 43 Berkeley Square, London, England, W1J 5FJ

Essential System Requirements; Performance of Contract

Browser / Do Not Track Request

Automattic (incl Wordfence, Yoast SEO, Typeform, JetPack)

Automattic Inc. 60 29th Street #343 San Francisco, CA 94110, USA

Essential System Requirements; Website operationality and Marketing & Analytics

Browser

 

3. INFORMATION LCX COLLECTS

Information we collect from users: To register for and use the LCX Services, you must provide your full name, address, phone number, the details of your identification document, and email address and other identification and compliance information as requested. In order to top-up your wallet balance with us or make certain payments or transactions through our Services, you must provide (where applicable) your payment instrument or account information details, API details and other information required. We may also ask you to choose different security questions to answer for the purposes of account verification or password reset.

We may also require you to provide us with other commercial and/or identification information if you send or receive certain high-value transactions or high overall payment volumes through our Services or as is otherwise required in order for us to comply with our anti-money laundering and risk management obligations.

Using your device: When you use LCX Services using any device), we may additionally collect and store device sign-on data (including but not limited to device ID) and geolocation data.

Photographs: If you use certain functionalities provided by us, we may ask you to upload a picture of you in order to provide you with these specific services. Your face must be recognizable.

Transaction Information: When you use our Services to send funds to someone else or request money from someone else, as the case may be, we may ask you to provide information related to that transaction. This information includes the amount and type of the transaction, transactional details and the details pertaining to the identity of the third party. Also, if you send funds to another LCX customer, you may be asked to provide personal details to that customer to complete the transaction. Those details may also be passed on to us from that customer. We also collect the Internet address (IP address) and other identifying information about the computer or device you use to access or use our Services, in order to help detect possible instances of unauthorized transactions.

Travel Rule (transaction information): Recommendation No. 15 of the FATF Recommendations provides that, in the case of transfers of virtual currencies or virtual assets, similar to the regulations on the Money Transfer Regulation, an exchange of information regarding the data of the beneficiary and the payer (principal) is carried out between virtual asset service providers.

Pursuant to Art 12a of the Due Diligence Act in connection with Art. 23b of the Due Diligence Ordinance, an exchange of information is required for all transfers of virtual assets that currently exceed the amount of one Swiss Franc (1 CHF). The decisive factor for the obligation to exchange information is that the token is actually transferred. This means that a transfer takes place in some form on the virtual asset system in which the virtual asset service provider is involved. Ultimately, this means that a virtual asset service provider who has made, initiates, performs, executes or commissions a transfer of a token on a virtual asset system (e.g., blockchain) is obliged to exchange of information if another virtual asset service provider is also involved on the opposite side and the amount to be transferred exceeds one Swiss Franc.

If the counterparty (commissioning or benefiting virtual asset service provider with whom a token / virtual asset transfer is concluded) is a foreign service provider which, if domiciled in Liechtenstein, would be a trusted technology / virtual asset service provider subject to registration under the Liechtenstein Tokens and Trusted Technology Service Providers Act (TTTA or TVTG in German), there is also an obligation to carry out the exchange of information. It is possible that the service provider abroad is a registered payment service provider or a bank. Likewise, an exchange of information must be carried out if the foreign service provider is subject to the application of the “travel rule” due to its activities abroad. 

Token issuers are then exempt from this obligation if the transfer is carried out as part of the initial public offering. However, if further transfers are carried out in addition to this (secondary market), token issuers also fall within the scope of the travel rule provisions. In order to carry out the exchange of information, it is necessary to determine whether the counterparty is a (beneficiary) virtual asset service provider (possibly a contracting virtual asset service provider) or not. This determination of the counterparty is thus relevant for any transfer of tokens with an equivalent value of more than one Swiss Franc. The legislator stipulates that prior to the execution of a virtual asset transfer a determination of the counterparty must be made.

Prior to the exchange of information, the following information must be collected by the commissioning virtual asset service provider.

– the name (first and last name / firm name) of the beneficiary and the principal;

– the name or address of the virtual asset account (e.g., the wallet) of the principal and the beneficiary; and

– the address, the number of a valid official ID, the customer number or the date of birth and place of the principal.

To comply with the Travel Rule LCX uses the services of Notabene ID GmbH, Dammstrasse 16, 6300 Zug, Switzerland. Data is being processed with regard to the Travel Rule by LCX to comply with legal obligations. In addition to verifying the transfer data, both the principal and beneficiary (sending and receiving) virtual asset service provider also have the reciprocal obligation to screen for sanctions. 

Information About You From Third Parties: In order to execute certain transactions of our customers, protect all our customers against potential fraud, comply with our legal obligations and enforce our Terms and Conditions, we verify and validate information provided to us by users with a number of third parties, such as financial partners, anti-fraud agencies, data vendors, as well as using information available through internet and publicly accessible social network data. In the course of such verification, we may receive personally identifiable information about our users from such services and sources. 

If you send or receive high overall payment volumes or display inconsistent transactional patterns through LCX Services, or if you have a limited transactional history with us, in some circumstances we will conduct a background check on you by obtaining information about you and your activities, and potentially (if legally permitted) also about your business partners, from a credit reference or fraud agency. If you owe us money, we may conduct a credit check on you by obtaining additional information about you from a credit reference or anti-fraud agency, to the extent permitted by law. LCX, at its sole discretion, reserves the right to periodically retrieve and review a business and/or consumer credit report supplied by such credit reference or fraud agency for any account, and reserves the right to close a user account based on information obtained during this credit review process.

We may also collect public information about your activities and your behavior on social media platforms (such as the email address and the number of “likes” and “followers”), to the extent relevant to confirm an assessment of your transactions and/or the nature of your activities that are relevant to our services offered to you.

We may also collect information about you from other sources, including from other companies (subject to their privacy policies and applicable law), and from other accounts we have reason to believe you control (whether in part or in whole).

Examples of information we automatically collect about you may include:

  • the Internet protocol (IP) address used, information about your device and its location, as well as the details about your internet provider or mobile phone operator;
  • your login, e-mail address, password and the outcome of the authentication methods you use;
  • your interaction with our services, for example, the content you viewed, uploaded or downloaded, your transactional history;
  • your (URL) clickstream to, through and from our website (including date and time); cookie number, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs);
  • phone numbers used to call our customer service number.

Additional Verification: If we cannot verify the information that you provide, or if you request a withdrawal to an account, payment instrument or digital wallet for Virtual Assets not previously used by you, we may ask you to upload or send us additional confirmation or to answer additional questions online to help verify your information.

Website Traffic Information: Because of the way Internet communication standards work, when you arrive at or leave the LCX website, we automatically receive the web address of the site that you came from or are going to. We also collect information on which pages of our website you visit, IP addresses, the type of browser you use and the times you access our website.

Communications: When you communicate with us for customer service or other purposes (e.g., by emails, calls, tweets, etc.), we retain such information and our responses to you in the records of your account.

Questionnaires, Surveys, Sweepstakes and Profile Data: From time to time, we offer optional questionnaires, surveys, online competitions and sweepstakes to our users for such purposes as collecting demographic information or assessing users’ interests and needs. If we collect personally identifiable information from our users in these questionnaires, surveys, and sweepstakes, the users will be given notice of how the information will be used prior to their participation in the survey, questionnaire or sweepstake.

 

Account Information: For the purposes of this Privacy Policy, account information (“Account Information”) includes without limitation: name, address, email address, phone number, username, photograph, IP address, device ID, geolocation information, account numbers, account types, details of funding instruments associated with the account, details of payment transactions, other details transactions, customer statements and reports, account preferences, details of identity collected as part of our “know your customer” checks or other checks on you, and customer correspondence.

Some of this information, for example, indicating your racial origin or biometrical details, is considered especially sensitive, from the point of view of data protection, and we will use and process this information in strict accordance with the law.

Where we are required to collect personal data:

  • by law; or
  • under the terms, or in connection with any business relation we have; or
  • as part of our legitimate (business) interests

to verify the identity of our applicants and clients, mitigate against risks (such as potential or suspected fraud) and in particular, to assess and take a decision on whether we will or should enter into a relationship with contracting parties (as subject to our client acceptance criteria and policies) and this data is not provided when requested, or else provided in an incomplete or insufficient manner, we may not be able to perform or conclude contractual relations which we have or are otherwise trying to enter into.

In certain instances, particularly where this relates to compliance with due diligence duties, we may even need to exercise our right to terminate our contractual relations, and thus withdraw the availability of our Services, or else, if still at application stage, we may have to decline to enter into a contractual relationship. 

 

4. HOW LCX MAY USE CUSTOMER INFORMATION

Below is a summary of how LCX may use customer information collected from our users or about our users. We will only process personal data pursuant to the law. Most commonly, we will use personal data in the following circumstances:

  • To perform our contractual obligations and duties we are about to enter into or have entered into with customers.
  • Where it is necessary for our legitimate interests or those of a third party (ability to meet financial commitments; enable us to make an informed decision, whether we should enter into business relations; existence of risks that prospective customers may present; suitability regarding our services; safeguard our reputation; develop our business; security reasons; etc) and customer interests as well as fundamental rights do not override those interests.
  • To comply with a legal or regulatory obligations (risk assessment, prevent and mitigate fraud; report suspicious activity).

Internal Uses: We collect, store and process your information on servers located in the European Economic Area, European Union or Switzerland or in states in which an adequacy decision has been issued. Our primary purpose in collecting your information is to provide you with a safe, smooth, efficient, and customized experience. You acknowledge that we may use your personal information to:

  • Process and execute your transactions and provide the LCX Services (performance of contract);
  • Verify your identity, including during account creation and password reset processes (necessary for compliance with our legal obligations);
  • Resolve disputes, collect fees, and troubleshoot problems (performance of contract; legitimate interest: business development);
  • Manage risks, or to detect, prevent, and/or remediate fraud or other potentially illegal or prohibited activities (necessary for compliance with our legal obligations; ; legitimate interest: risk assessment; security);
  • Detect, prevent or remediate violations of policies or applicable user agreements (necessary for compliance with our legal obligations; legitimate interest: risk assessment, fraud prevention, security, business development, safeguard our reputation);
  • Provide you with customer support services (performance of contract; legitimate interest: business development);
  • Improve the LCX Services by customizing your user experience (legitimate interest: business development; security reasons);
  • Measure the performance of LCX Services and improve the content and layout of our website and user interfaces (legitimate interest: business development; security reasons, business and marketing strategy);
  • Manage and protect our information technology infrastructure (legitimate interest: network security);
  • Provide targeted marketing and advertising (if you opted in to receive them), provide service updates, and deliver promotional offers based on the communication preferences you have defined for your LCX account (legitimate interests: to define types of customers and to keep the Services updated and relevant, to develop our business and marketing strategy).); and
  • Perform online security, compliance, risk, creditworthiness and solvency checks, compare information for accuracy, and verify it with third parties, as the case may be (legal obligations and legitimate interest: ability to meet financial commitments; enable us to make an informed decision, whether we should enter into business relations; existence of risks that prospective customers may present; suitability regarding our services).

Questionnaires, Surveys and Profile Data: If you choose to answer our optional questionnaires or surveys, we may use such information to improve our Services, send your marketing or advertising profile preferences, or as otherwise explained in detail in the survey or campaign itself (legitimate interest: business development).

Our Contact with Customers: We communicate with our users on a regular basis via email and chats to provide requested services. We may also communicate with our users by phone or using VOIP technologies to:

  • Resolve customer complaints or claims made by users;
  • Respond to requests for customer service;
  • Inform users if we believe their accounts or any of their transactions have been used for an illegitimate purpose;
  • Confirm information concerning a user’s identity, business or account activity;
  •  Carry out collection activities;
  • Conduct customer surveys; and
  • Investigate suspicious transactions.

We use your email to confirm your opening of a LCX account, to send you notices and confirmations related to your activities, to send you information about important changes to our products and services, and to send notices and other disclosures required by law. Generally, users cannot opt out of these communications, but they will be informational in nature, and not promotional.

We may also use your email address to send you other types of communications that you can control, including “news”, “customer surveys”. You can choose whether to receive some, all, or none of these communications when you complete the registration process, or at any time thereafter, by logging in to your account and then selecting settings, and updating your communicational preferences.

In connection with independent audits of our financial statements and operations imposed by applicable law, the auditors may seek to contact a sample of our customers to confirm that our records are accurate. However, these auditors cannot use personally identifiable information for any secondary purposes.

We make sure we consider and balance any potential impact for our customers before we process personal data for our legitimate interests. We do not use personal data for activities where our interests are overridden by the impact on or legal rights of our customers (unless we have explicit consent or are otherwise required or permitted to by law). 

 

5. MARKETING

LCX may use your Personal data to form a view on what we believe might enhance your user experience or present you with information that may be of interest to you (consent or commercial relationship). 

If you don’t wish to receive marketing communications from us, or to participate in our ad-customization programs, simply update your preferences.

If you would like to change your personal communication preferences or change preferences with regard to marketing communications from us, you can do so by adjusting your preferences in the communication preferences profile section or by contacting us at: [email protected].

 

6. DISCLOSURE OF YOUR PERSONAL DATA

We work with third parties to enable you, them and potentially their customers to accept or facilitate payments from or to you using the LCX Services. In doing so, a third party may share information about you with us such as your full name, email address or wallet address, when a payment is sent to you or when you are attempting to pay that third party (performance of contract; fulfillment of legal obligation for Virtual Asset Service Providers). We use this information to confirm that you are a LCX customer and that LCX can be enabled to make a  transfer (of Virtual Assets), or where a transfer is sent to you to send you a notification that you have received such assets as the result of a transfer. Please note that third parties you receive assets or transact with may have their own privacy policies, and LCX is not responsible for their operations, including, but not limited to, their information practices.

If you are a registered LCX user and you are sending assets or transacting with another registered LCX user, as a part of the transaction, some personal information of both parties will be shared as a part of transaction notification.

By accepting this Privacy Policy, you expressly agree and consent that each time you transact or attempt to transact using LCX Services with a third party, LCX may transfer the relevant data to such third party, who may be located outside the European Economic Area (EEA), in order to process, execute or otherwise deal with and provide information about the transaction. LCX undertakes all measures to first transfer personal data – if required – only to countries in the European Union, Switzerland or other countries for which an adequacy decision has been issued. LCX only transfers private data if this is absolutely necessary for the performance of contractual duties and preferably with anonymized data insofar as possible, and in any case with your consent. You also expressly agree and consent to LCX providing transactional information and other information necessary to another LCX customer whom you have explicitly selected or chosen using the LCX service (also required for performance of contract and compliance with our legal obligations – e.g., travel rule).  

How We Share Information with Other Third Parties. LCX works with third-party service providers which provide important functions to us that allow us to be an easier, faster, and safer way to facilitate transactions, display information and otherwise offer our services to you. We need to disclose certain user data to them from time to time, so that the services can be performed.

LCX will not transfer, disclose, sell or rent any of your personal information to third parties for their marketing purposes without your explicit consent, and will only disclose this information in the limited circumstances and for the purposes described in this Privacy Policy. This includes transfers of data to non-EEA countries, which LCX will always endeavor to carry out in compliance with the requirements of the applicable data protection law. In this regard, transfers to non-EEA countries may notably be carried out on the basis of adequate contractual arrangements, a copy of which may be obtained by you by simple request sent to LCX.

In order to provide the LCX services, some information we collect may be required to be transferred to other entities, in their capacity as financial partners, payment providers, custodians, payment processors, technical service providers or account holders (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities in their relevant country.

We will only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, or we are obliged to process personal data by applicable laws or court or other enforceable orders.

Please note that we may process personal data without the need to obtain consent, in compliance with the above rules, where this is required or permitted by law.

Specifically, you consent to and direct LCX to do any and all of the following with your information, if no other lawful basis of processing of your personal data is applicable as noted in brackets:

  • Disclose necessary information to: the police and other law enforcement agencies and authorities; security forces; competent governmental, intergovernmental or supranational bodies; competent agencies, departments, regulatory authorities, tax authorities, self-regulatory authorities or organizations and other third parties, that (i) we are legally compelled and permitted to comply with, including but without limitation the US Foreign Account Tax Compliance Act (“FATCA Law”) and with the OECD common reporting standard (“CRS Law”) as implemented in the Liechtenstein regulatory framework; (ii) we have reason to believe it is appropriate for us to cooperate with governmental agencies or payment or processing partners in investigations of fraud or other illegal activity or potential illegal activity, to the fullest extent permitted by law, or (iii) to conduct investigations of violations of our Terms and Conditions (including without limitation, your funding source or transactional history).  If you are covered by the FATCA or CRS Law, we are required to give you notice of the information about you that we may transfer to various authorities. If we believe your account may be subject to these regulations, we may notify you separately (legal obligation; legitimate interest: fraud prevention, network security).
  • We and other organizations, including financial institutions that cooperate with LCX, may also share, access and use (including from other countries) necessary information (including, without limitation the information recorded by fraud prevention agencies) to help us and them assess and to manage risk (including, without limitation, to prevent fraud, money laundering and terrorist financing) (legal obligation; legitimate interest: fraud prevention, network security).
  • Disclose necessary information in response to the requirements of other financial institutions, credit card associations or a civil or criminal legal process, debt recover agencies, lawyers, accountants, bankers, auditors, insurances or professional advisors and brokers, our suppliers and agents or our group companies (legal obligation; legitimate interest: fraud prevention, network security; business development; performance of contract).
  • Disclose necessary information to the payment processors, financial partners, technical service providers, auditors, customer services providers, credit reference and fraud agencies, financial products providers, commercial partners, marketing and public relations companies, operational services providers, group companies, agencies, marketplaces and other third parties, in order to provide our services to you or pursue our other legitimate interests (legal obligation; legitimate interest: fraud prevention, network security, business development; performance of contract). 
  • Disclose necessary information to your agent or legal representative (such as the holder of a power of attorney that you grant, or a guardian appointed for you) (performance of contract).
  • Disclose aggregated (i.e.: anonymized) statistical data with our business partners or for public relations. For example, we may disclose that a specific percentage of our users live in a certain city. However, this aggregated information is not tied to personal information (legitimate interest: business development).
  • Share necessary Account Information with unaffiliated third parties (listed below) for the following purposes:
  • Fraud Prevention and Risk Management: to help prevent fraud or assess and manage risk, as permitted by applicable law (legal obligation; legitimate interest: security; fraud prevention; risk assessment).
  • Customer Service: for customer service purposes, including to help service your accounts or resolve disputes (e.g., billing or transactional) (performance of contract; legitimate interest: business development).
  • Legal & Compliance: to help us and our partners comply with anti-money laundering and counter-terrorist financing verification requirements, as permitted by applicable law, e.g., in relation to the Travel Rule (legal obligation).
  • Service Providers: to enable service providers under contract with us to support our business operations, namely fraud prevention, bill collection, marketing, customer service and technology services. Our contracts dictate that these service providers only use your information in connection with the services they perform for us and not for their own benefit (performance of contract; legal obligations).
  • Mergers or Acquisitions: As with any other business, it is possible that in the future LCX could merge with, or be acquired by, another company. If such an acquisition occurs, you consent to the successor company having access to the information maintained by LCX, including customer information, and such successor company would continue to be bound by this Privacy Policy unless and until it is amended (consent; legitimate Interest: business development; corporate transaction).

We require all third parties to respect the security of personal data and to treat it in accordance with the law (including applicable data protection and privacy law). We do not allow our third-party business partners or service providers to use personal data for their own purposes and only permit them to process personal data for specified purposes and in accordance with our documented instructions. Furthermore, these third parties access and process personal data on the basis of strict confidentiality and subject to the appropriate security measures and safeguards. 

We may also share aggregated or anonymized information, which cannot reasonably be used to identify you.

 

7. STORAGE SECURITY & INTERNATIONAL TRANSFERS

LCX is committed to handling your customer information with high standards of information security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfil their job responsibilities, and who have committed themselves to confidentiality undertakings.

The security of your LCX account information also relies on your protection of your password or access credentials. You may not share your LCX password with anyone. LCX representatives will never ask you for your password, so any email or other communication requesting your password should be treated as unauthorized and suspicious and forwarded to us. If you do share your LCX password with a third party for any reason, including because the third party has promised to provide you additional services such as account aggregation, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account and changing your Profile settings, and also contact us right away.

LCX is committed to adequately protecting your information regardless of where the data resides and to providing appropriate protection for your information if your data is transferred outside of the EEA, EU or any country for which an adequacy decision has been issued. In this regard, transfers to non-EEA countries may notably be carried out on the basis of standard contractual arrangements approved by the European Commission, a copy of which may be obtained by you by simple request sent to LCX.

The personal data that we collect from you will be transferred to and stored at a destination inside the European Economic Area (EEA) or Switzerland. As we provide an international service, your personal data may be processed outside of the EEA in order for us to enable your use of our Services and fulfil our contract with you to provide the LCX Services; to comply with legal obligations or to assert, file or exercise a legal claim.

All information you provide to us is stored on our secure servers, encrypted at rest. Any Service provided by us or our chosen third-party providers will be encrypted in transit. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Website you are responsible for keeping this password confidential. We ask you not to share a password with anyone.

Certain LCX Services include social networking, chat room or forum features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.

 

8. DATA RETENTION

We will only retain personal data for as long as necessary to fulfil the purposes we collected it for (i.e., the ongoing service provision) and, thereafter, for the purpose of satisfying any legal, accounting, tax, compliance, due diligence and reporting requirements or obligations to which we may be subject and/or to the extent that we may also need to retain personal data to be able to assert, exercise or defend possible future legal claims against or otherwise involving customers. In that regard, please note that our contractual relationship is of an ongoing and continuous nature, until terminated.

We will only retain personal data for as long as necessary to fulfil the purposes we collected it for (i.e., the ongoing service provision) and, thereafter, for the purpose of satisfying any legal, accounting, tax, compliance, due diligence and reporting requirements or obligations to which we may be subject and/or to the extent that we may also need to retain personal data to be able to assert, exercise or defend possible future legal claims against or otherwise involving customers.

By and large, our retention of personal data shall not exceed the period of three (3) years from the date of the termination of customer relationship with us. This period of retention enables us to use the data in question for the possible filing, exercise or defense of legal claims (taking into account the timeframe of applicable statutes of limitation and prescriptive periods). In certain cases, though we may need to retain data for a period of up to ten years or longer in order to comply with applicable laws, in particular accounting and tax laws as well as due diligence duties. 

LCX is obligated under the Due Diligence Act to retain personal data from you and your LCX transactions for a period of a minimum of ten years from the conclusion of the transaction or from its preparation. We therefore use this retention requirement as a benchmark for all personal data that we receive from you. In order to not hold your information for longer than is strictly necessary we will not hold any of your personal data for more than 10 years after the termination of our business relationship, unless there are other legal obligations that require us to retain your information longer.

  1. Data Minimization

Whenever and to the extent possible, we anonymize personal data when it is no longer necessary to identify customers from the data (anonymous data). 

In order to collect, use, and share data, we will anonymize personal data so that it can no longer be associated with customers for research or statistical purposes, in which case we may use this information indefinitely without further notice.

 

10. YOUR LEGAL RIGHTS

You have a right to:

  • Request access to the personal data we hold about you, or to get a copy of it;
  • Request correction or rectification with regard to the personal data we hold about you;
  • Request erasure of your personal data we are holding and processing (right to be forgotten), though for legal reasons we might not always be able to do it, due to various due diligence or other compliance duties, data retention, accounting and financial reporting requirements applicable to us;
  • Object to us using and processing your data for marketing communications or other reasons;
  • Request restriction of processing of personal data;
  • Request transfer of your personal data in machine-readable format (data portability);
  • Withdraw any specific consent or permission you’ve previously given us (for example, in relation to a specific promotion).

 

Please know that if you have any questions or objections as to how we collect and process your personal information, or how you may exercise your rights, please contact us at [email protected]. 

  • You can add or update your personal information by login into your account profile and following the instructions. When you update information, we usually keep a copy of the previous version for our records.
  • If you don’t want to receive marketing emails or other communications from us, please adjust your account profile settings.
  • If you want to browse our websites anonymously, you may do so by logging out of your account and disabling cookies on your browser. Your browser or internet device may allow you delete, disable, or block certain cookies and other tracking technologies.  

 

Our regulatory team is responsible for ensuring that our day-to-day procedures comply with this Privacy Policy. If you want to exercise your right to access your information, make changes or have any questions about this privacy statement, LCX information practices, or data protection, you can write to us at [email protected]

Please note that none of these rights of the data subject are absolute and must generally be balanced against our own legal obligations and legitimate interests. If a decision is made to override a data subject’s request, the customer will be informed of this by us along with the reasons for our decision.

We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. We will need to request specific information from a customer to help us confirm the customer’s identity and ensure the customer’s right to access the personal data (or to exercise any of the other right as a data subject). 

You will not have to pay a fee to access your personal data or account information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, excessive or misused.

If your request is clearly unfounded, repetitive, excessive or misused we may refuse to comply with your request under these circumstances.

Request of transfer of your personal data to you. You can review and download your account information and transactional history via access to your LCX account online, however, should you require that we provide you with a copy of your account information in a more structured, comprehensive and machine-readable format, please reach out to [email protected]

 

11. HOW TO CONTACT US OR RAISE A COMPLAINT

We have appointed a data protection officer (“DPO”) who is responsible for overseeing questions in relation to this Policy and our processing activities in general. Concerning any questions or requests, including any requests to exercise legal rights as a data subject, please contact the DPO using the contact details set out below. If you have questions about this privacy policy, including any information requests or potential complaints, you may use the contact details set out below:

Full name of legal entity: LCX AG

registration number: FL-0002.580.678-2

Email address: [email protected] 

Registered Office: Herrengasse 6, 9490 Vaduz, Liechtenstein

If you are not satisfied by the way in which we address your concerns or how we handle your personal information, you have the right to lodge a complaint with the Liechtenstein’s Data protection Office at any time. In any case we suggest that you first reach out to us to solve any issue before you contact the data protection authority.

 

12. Miscellaneous

Should any provision of this Policy be invalid or unenforceable, then the remainder of this Policy shall remain valid and in force. The invalid or unenforceable provision shall be either amended as necessary to ensure its validity and enforceability, while preserving the Parties’ intentions as closely as possible or, if this is not possible, be construed in a manner as if the invalid or unenforceable part had never been contained therein.

This Policy is governed by the laws of Liechtenstein, unless this conflicts with mandatory consumer protection provisions of a member state of the European Union, European Economic Area, Switzerland, United Kingdom or any other country for which an adequacy decision regarding Data Protection Laws has been adopted and you have your residence in to the exclusion of collision laws. Any dispute arising in connection with this Agreement will be submitted to the exclusive jurisdiction of the courts of Liechtenstein.



Login @ LCX