As used herein, the following terms are defined as follows:
2.1 “Digital Asset” is a digital representation of value (also referred to as “cryptocurrency,” “virtual currency,” “digital currency,” “crypto token,” “crypto asset,” or “digital commodity”), such as bitcoin, ether or litecoin, etc., which is based on the cryptographic protocol of a computer network that may be (i) centralized or decentralized, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.
2.2 “Weever Account” means a user-accessible account offered via the Weever Services.
2.3 “Weever Services” means Weever-branded websites, applications, services, or tools operated by Weever group companies.
2.4 “Weever,” “We,” and “Us” refers to Weever Fintech Limited, and its group affiliates (also referred to collectively as "Weever," "we," or "us").
2.5 “Personal Information” or “Personal Data” or “your data” refers to any information relating to you, as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of you as a natural person.
3. Your data controller
Weever provides the Weever Services through local operating entity as follows:
Weever Fintech Limited,
21/F, Low Block,
Grand Millennium Plaza,
181 Queen's Road Central, Hong Kong
Where we have a legal obligation to do so, we have appointed Personal Data Officers to be responsible for Weever’s privacy program for the respective data controllers. If you have any questions about how we protect or use your Personal Information, you can contact us by email at email@example.com.
4. How do we protect your personal information?
We are serious about guarding the privacy of your Personal Information and work hard to protect Weever and you from unauthorized access to, or unauthorized alteration, disclosure, or destruction of Personal Information we collect and store. Measures we take include encryption with SSL; the availability of two-factor authentication at your discretion, and periodic review of our Personal Information collection, storage, and processing practices. We restrict access of your Personal Information only to those Weever employees, affiliates, and business partners who have a legitimate business need for accessing such information. We continuously educate and train our employees about the importance of confidentiality and privacy of customer information. We maintain physical, electronic, and procedural safeguards that comply with the relevant laws and regulations to protect your Personal Information from unauthorized access.
Unfortunately, despite best practices and technical safeguards, the transmission of information via the Internet is not completely secure. Although we do our best to protect your Personal Data, we cannot guarantee the security of your Personal Data during transmission, and any acts of transmission are at your own risk.
5. Information we may collect about you
5.1. Information you give us.
When using the Weever Services, we may collect and use the data about you, including but not limited to:
• Full legal name;
• Home address, including country of residence;
• Email address;
• Mobile phone number;
• Date of birth;
• Proof of identity (e.g., driver’s license, passport, or government-issued identity card);
• Details about your external bank or financial services accounts; including but not limited to name of the bank or financial services provider, account number, and proof of account information such as recent monthly statement or the copy of bank card;
• Comparable identification number issued by a government;
• Other Personal Information or commercial and/or identification information – Whatever information we, in our sole discretion, deem necessary to comply with our legal obligations under various anti-money laundering (AML) obligations, such as under the Anti-Money Laundering and Counter-Terrorist Financing Ordinance (“AMLO”).
5.2. Information we collect about you automatically.
• Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
• Log Information – Information that is generated by your use of Weever Services that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, device name, operating system and its version, local time and date, network status, local and/or public IP address(es), server connection, Internet connection, channel status, location information, system activity and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website or App (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;
• Account Information – Information that is generated by your Weever account activity including, but not limited to, instructions regarding funding and disbursement, orders, trades, and account balances;
• Your transactions with or through the Weever Platform, such as your account balance, trading activity, and account history;
• Correspondence – Information that you provide to us in written or oral correspondence, including opening a Weever account, and with respect to ongoing customer support; and logging of phone numbers or other mechanism (e.g. email) used to contact us.
5.3. Information we receive about you from other sources.
We may receive information about you if you use any of the other websites we operate or the other services we provide. We are also working closely with third parties and may receive information about you from them. For example:
• The banks you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information such as your bank account details;
• Business partners may provide us with your name and address, as well as financial information;
• Advertising networks, analytics providers and search information providers may provide us with anonymized or de-identified information about you, such as confirming how you found our website;
• Credit reference agencies do not provide us with any personal information about you, but may be used to corroborate the information you have provided to us.
5.4. General Provisions
Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned. If you are located within the European Economic Area ("EEA"), this Information will not be retained without your consent.
6. Uses of Personal Data
Below we set forth a description of all the ways we use your personal data. Note that we may process your personal data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us at firstname.lastname@example.org if you need details about the specific legal ground we are relying on to process your personal data where more than one ground has been set out as below.
What we use your personal information for
• providing the services you request
• day-to-day operation and maintenance of accounts
• managing our global websites and services
• understanding our customers and their needs
• designing and improving our services
• to comply with our regulatory, legal and ethical obligations or the request of any Regulatory Body (including warrants, subpoenas, court orders, or with a regulator or law enforcement agency request, and in connection with criminal investigations or to meet government tax reporting requirements)
• contacting you or responding to your inquiries and comments
• investigating any suspicious activities
• protecting our rights and property
• for direct marketing purposes
• We may from time to time collect personal data from visitors to our websites and individuals who participate in a promotion, contest or survey.
• If you decide to withhold certain information, it may limit our ability to provide you with the Weever Services and/or your ability to use the Weever Services.
7. Disclosure of your personal information
7.1. We may share your personal information with selected third parties including:
• Afiliates, operational and business partners, service providers, agents, suppliers and sub-contractors for the performance and execution of any contract we enter into with them or you;
• Analytics and search engine providers that assist us in the improvement and optimization of our site; and
• Member of Celestial Asia Securities Holdings Limited (“CASH”) and Cash Financial Services Group Limited (“CFSG”);
• Business partner and/or person with whom CASH and/or CFSG enters into or proposes to enter into transaction(s) on the customer’s behalf;
• Governmental, regulatory or other bodies or institutions whether as required by laws and regulations applicable to any member of CASH and CFSG.
7.2. We may disclose your personal information to third parties when:
• We sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets in order to continue the services for which you have contracted;
• We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms and Conditions of Use and other applicable agreements; or to protect the rights, property, or safety of Weever, our customers, or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
• We conduct or cooperate in investigations of fraud or other illegal activity whenever we believe it is reasonable and appropriate to do so;
• We seek to prevent and detect fraud and crime;
• We receive a lawful subpoena, warrant, court order, or as otherwise required by law;
• We seek to protect Weever from financial and insurance risks;
• We seek to recover debt or in relation to your insolvency; and
• We seek information necessary to maintain or develop customer relationships, services and systems.
7.3. We do not maintain a published list of all of the third parties with whom we share your personal information with, as this would be heavily dependent on your specific use of our Services. However, if you would like further information about who we have shared your personal information with, or to be provided with a list specific to you, you can request this by writing to email@example.com
We do not disclose your personal data to other parties other than to members of CASH and CFSG and trusted third parties(including financial partners and banking institutions) who assist us in our provision of the Weever Services to Users (including to parties that provide administrative, telecommunications, computer, trade execution, payment or clearing, prepare and mail account statements, transaction confirmations and other services in connection with Weever Services) on the basis that those parties agree to keep your information confidential. We may also release your personal data to non-affiliated third parties at your direction or for which you have provided your express consent, or if required by law, regulation or any Regulatory Body (such as the Hong Kong Inland Revenue Department, the Hong Kong Customs and Excise Department and other international data protection authorities). We may also share US residents’ personal information with other financial institutions as authorised under Section 314(b) of the US Patriot Act, and with law enforcement or tax authorities, including the US Internal Revenue Service (pursuant to the Foreign Account Tax Compliance Act, "FATCA") and the US FinCEN. FATCA reporting to the IRS may also apply to US nationals residing abroad.
8. Where we store your personal data
Our operations are supported by a network of computers, servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. We and our third-party service providers store and process your personal data in Hong Kong, and elsewhere in the world.
Your personal information may be transferred to or processed in Hong Kong by us or a third party service provider working for us, or by one of the members of the group. By submitting personal information via our website or other means, you agree to such storage, transfers and processing. We take all appropriate steps to store and protect your personal data. All personal data that is not directly related to our business or upon fulfilment of the purpose for which it was retained will be deleted after a reasonable period of time.
We implement physical, electronic, and procedural safeguards to protect your personal data. Our servers are secured and all data is transmitted via Secure Sockets Layer (SSL) and/or Transport Layer Security (TLS) technology to prevent access from unauthorised parties. Further, we use digital certificate services to authenticate the identity of any transactions on our website.
We also conduct regular internal evaluations of our business practices and procedures in order to protect your personal data.
9. Sharing your data outside of the EEA
In order to provide our Services to you, it is sometimes necessary for us to transfer your data to the third parties outlined in section 7.1 that are based outside of the EEA. In these cases, we ensure that both ourselves and our partners take adequate and appropriate technical, physical, and organizational security measures to protect your data. We also ensure we have appropriate contractual protections in place with these third parties.
10. Profiling and automated decision making
We may in some instances use your personal data, such as your country of residence and trade history, in order to better address your needs. For example, if you frequently trade in a specific virtual currency, we may use this information to inform you of new product updates or features that may be useful for you. When we do this, we take all necessary measures to ensure that your privacy and security are protected, and we only use anonymous or de-identified data.
We may use Automated Decision Making (ADM) in order to improve your experience, or to help fight financial crime. For example, so that we can provide you with a fast and efficient service, we may use ADM to verify your identity documents, or to confirm the accuracy of the information you have provided to us.
11. Privacy when using digital assets and blockchains
Your funding of bitcoin, ether, and other Digital Assets, may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when blockchain data is combined with other data.
Because blockchains are decentralized or third-party networks which are not controlled or operated by Weever or its affiliates, we are not able to erase, modify, or alter personal data from such networks.
12. Data Retention
As Weever and its affiliates are subject to various legal, compliance and reporting obligations, including BSA or national AML requirements (as defined above), we are required by law to store some of your personal and transactional data beyond the closure of your account with us. Your data is only accessed internally on a need to know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.
We use both session and persistent Cookies. Session Cookies expire when you log out of your account or close your browser. Persistent Cookies remain on your computer or mobile device until deleted or otherwise expire. Most web browsers are set to accept Cookies by default. You are free to decline most of our session Cookies if your browser or browser add-on permits but choosing to remove or disable our Cookies may interfere with your use and functionality of the Weever Services.
14. Your choices
• Email Communications – Subject to applicable laws and regulations, we may from time to time send communications promoting services, products, facilities, or activities to you using information collected from you. When you create a Weever Account you are agreeing to opt-in to all communications from us. We will provide you with an opportunity to opt-out of newsletter communications. We will never provide your Personal Information to third parties for direct marketing or other unrelated purposes without your written consent. Unfortunately, we are unable to allow you to opt-out of the emails we send you for certain legal or administrative purposes.
• Cookies – You may decline session cookies if your browser or browser add-on permits but choosing to remove or disable our cookies may interfere with your use and functionality of the Weever Services.
• Right of Rectification – You have the right to correct any personal information We hold on you that is inaccurate, incorrect, or out of date.
• Right of Erasure – You have the right to ask us to delete your data when it is no longer necessary, or no longer subject to a legal obligation to which Weever is subject to.
• Portability – You may have the right to transfer certain of your personal data between data controllers, for example, to move your account details from one online platform to another.
• Location Information – You may be able to stop the collection of location information through your device settings or by following the standard uninstall process to remove our applications from your device; however, because such data is used by us to meet legal requirements, as well as for ongoing fraud and risk monitoring purposes, choosing to remove or disable location services may interfere with your use and functionality of the Weever Services.
15. Access to information
Subject to applicable laws, you may have the right to access information we hold about you. Your right of access can be exercised in accordance with the relevant data protection legislation. For further information, please contact firstname.lastname@example.org
You are permitted under the Personal Data (Privacy) Ordinance (Cap. 486) to access your personal information we hold about you. You may request such access by completing the Data Access Request Form as specified under section 67 of the Personal Data (Privacy) Ordinance (Cap. 486) and sending an e-mail to email@example.com. There may be circumstances where we are unable to provide access to all of your personal information. We may deny or restrict access for legally permissible reasons, such as situations where the information contains references to other individuals and is not reasonably severable, or where it cannot be disclosed for legal, security, or commercial proprietary reasons. We will advise you of any reason for denying or restricting an access request to the extent permitted by law, rule or regulation.
16. Online Security
In addition to our security measures, you can also take steps to maximize your security online and to protect your confidential information. We encourage you to use strong passwords with mix of uppercase, lowercase, numbers and special symbols. Our support teams will never ask you for your personal details such as username or identification number via email and we will never ask for your password.
17. Protection of Minors
Weever Services are not directed to persons under the age of 18, hereinafter “Minors” and we do not knowingly collect personal information from Minors. If we learn that we have inadvertently gathered personal information from a Minor, we will take legally permissible measures to remove that information from our records. Weever will require the user to close his or her account and will not allow the use of Weever Services. If you are a parent or guardian of a Minor, and you become aware that a Minor has provided personal information to Weever, please contact us at firstname.lastname@example.org and you may request to exercise your applicable access, rectification, cancellation, and/or objection rights.
If you feel that we have not addressed your questions or concerns adequately, you may contact your data controller.
The Personal Data Officer
Weever Fintech Limited,
21/F, Low Block,
Grand Millennium Plaza
181 Queen's Road, Central, Hong Kong