New Capital Privacy Policy

Last revised: May 5, 2022

We, at New Capital, respect your privacy and your privacy is extremely important to us. We are required by regulations to collect, use and store your Personal Information in certain ways. We do not tolerate spam and will never sell, rent, lease or give away your information to any third party (unless required by law). Nor will send you an unsolicited email.

We will not collect any personal information (eg. name, email address) without your explicit permission. When we ask you to provide information by which you can be identified when using our Services, you can be assured that the information provided will only be used in accordance with this privacy statement.

This Privacy Policy describes our information handling practices when you access our Services, which include our content on the websites using the https://wallet.app/, https://new.capital/ and https://chain.review/ domain names, and including all subdomains and subdirectories (collectively, the "Site(s)") or when you use related services (referred to collectively hereinafter as the "Services").

Please take a moment to read this Privacy Policy carefully. If you have any questions about this Policy, please submit your request via email to: gdpr at new dot capital.

This Privacy Policy (the "Privacy Policy") is intended to describe our practices regarding the information we collect from you when you visit our Sites ("Site Visitor"), when you register and use our Services or any part thereof ("User"), as well as the manner in which we use your personal information ("Personal Information"), and the options and rights available to you.

This Privacy Policy is incorporated by this reference into, and made part of, the Terms of Use available at https://wallet.app/terms-and-conditions-of-use.html, and any other agreement that references this Privacy Policy.

1. Acceptance of this Privacy Policy

By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy. Where we require your consent to process your Personal Information, we will ask for your consent for the collection, use, and disclosure of your Personal Information as described below. We may provide additional "just-in-time" disclosures or information about the data processing practices of specific Services. These notices may supplement or clarify our privacy practices or may provide you with additional choices about how we process your data.

If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.

2. From whom we collect Personal Information

This Privacy Policy applies to New Capital's collection, use, and disclosure of the Personal Information of the following categories of individuals:

Site Visitors: Individuals who visit our Sites and who may volunteer certain contact data (such as their email address) in order to receive communications from New Capital.
Users: Individuals who register on their own to use Source Force or/and the New Capital Exchange.

3. What information we may collect

We collect two types of information from our Users:

Non-personal Information, or anonymized and aggregated data. Anonymization is a data processing technique that modifies personal information so that it cannot be associated with a specific individual. We may collect technical and aggregated usage information. This information may contain, among other things, the User’s operating system, type of browser, screen resolution, activities on the Sites, etc. We may use anonymized or aggregate user data for any business purpose, including to better understand user needs and behaviors, improve our Services, conduct business intelligence and detect security threats. We are not aware of the identity of the User from which the Non-personal Information was collected. For the avoidance of doubt, any Non-personal Information connected or linked to any Personal Information shall be deemed as Personal Information as long as such a connection or linkage exists.
Personal Information. Personal Information is typically data that identifies an individual or relates to an identifiable individual. This includes information you provide to us, information which is automatically collected about you when you use our Services, and information we obtain from third parties. Personal Information is described in more detail in the section “The Personal Information we may collect”.

4. The Personal Information we may collect

We may collect the following types of information from you:

4.1. Information you provide to us

To establish an account and access our Services, we will ask you to provide us with some important information about yourself. Please note that the Personal Information we collect is required in order for us to contractually provide the Services, as well as for us to meet our regulatory requirements (such as Anti-Money Laundering and Know-Your-Customer regulations), and to safeguard our legitimate interests. In the event that you choose not to provide such information, we may not be able to provide our Services. As we add new features and Services, you may be asked to provide additional information. Any information you provide to us that is not required is voluntary.

We may collect the following types of information from you:

Personal Identification Information: Full name, date of birth, nationality, gender, signature, photographs, phone number, home address and email address.
Formal Identification Information: Government issued identity document such as a passport, passport number, and/or any other information deemed necessary by us in order to comply with our legal obligations under anti-money laundering laws and any other required regulation.
Transaction Information: Information about the transactions you make on our Services, such as your name, the amount, timestamp, currency transaction history, trading data.
Employment Information and Business Activities: Job title, and/or description of role, income.
Source of Funds: The legitimate source of User funds to be deposited when using our Services.
Expected Transaction Amounts: The expected transaction volume or amounts on a monthly basis.
Correspondence: Survey responses, information provided to our support team or user research team.

4.2. Information we collect from you automatically

To the extent permitted under the applicable law, we may collect certain types of information automatically, such as whenever you interact with the Sites or use the Services. This information helps us to address user support issues, improve the performance of our Sites and applications, provide you with a streamlined and personalized experience, and protect your account from fraud by detecting unauthorized access. Information collected automatically includes:

Online Identifiers: Geo location/tracking details, browser fingerprint, operating system, browser name and version, and/or personal IP addresses.
Usage Data: Authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies and similar technologies. Please read our Cookie Policy for more information.

We may also use identifiers to recognize you when you access our Sites via an external link, such as a link appearing on a third party site.

4.3. Information collected from third parties

From time to time, we may obtain information about you from third party sources as required or permitted by applicable law. These sources may include:

Public Databases, ID Verification Partners: We obtain information about you from public databases and ID verification partners for purposes of verifying your identity in accordance with applicable law. ID verification partners such as Ondato use a combination of government records and publicly available information to verify your identity. Such information may include your name, address, job role, public employment profile, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information in order to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you to assess risk and ensure that our Services are not used fraudulently or for any illicit activities. In such instances, the processing of this data is necessary for us to continue to perform our contractual obligations with you and others. The Ondato Privacy Policy, available at https://ondato.com/privacy-policy/, describes their collection and use of personal data.
Blockchain Data: We may analyze public blockchain data in an attempt to ensure that parties utilizing our Services are not engaged in illegal or prohibited activity under our Terms, and to analyze transaction trends for research and development purposes.
Analytics Providers: Provide us with de-identified information about how you found our Sites and how you interact with our Sites and Services. This information may be collected prior to account creation. For more information on how you can manage the collection of this data, please see our Cookie Policy.

The following chart summarizes what kind of information we collect from you:

Information category	Site Visitors	Users of Source Force/ Exchange
Cookies and other tracking technologies
Log files (include but is not limited to Internet Protocol (IP) addresses, system configuration information, URLs of referring pages)
E-mail address
Full name
Copy of a government-issued ID / passport
Details regarding the government-issued ID / passport (number, issuing country and issuance/expiration date)
Country of residence / address
Date of birth
Nationality
Details regarding your business activity, income and source of funds
The purpose for opening the account and related information
Details regarding whether or not the User is a Politically Exposed Person (PEP)
Transaction information (information about the transactions you make on our Services, such your name, the amount, and/or timestamp)
Correspondence: Survey responses, information provided to our support team or user research team

Kindly note that without providing the above information, and unless that information, at our sole discretion, is determined to be satisfactory for our specific requirements, the User will not be able to register and use our Services.

In addition, we also may collect information regarding the behavior of the users on our Services, which includes keystrokes, captioning and recording of User behavior, mouse movements and other activities.

In addition, we may collect the User's publicly-available social network information in cases when the User chooses to link their other social network accounts with that of New Capital.

In the event that a User registers for the Services or otherwise grants us with certain access permission to his/her existing third-party social network account, the third-party social network(s) operating such account(s) may provide us with certain information about the User, as is stored in and/or made available by the User through his/her account and in accordance with the permission granted to us by the User. For example, such information may consist of, as applicable and/or made available by the User, the User's name, public profile picture URL address, account ID, email address, date of birth, gender, occupation or work information, education and other information which the User has made public.

5. The Purposes of the Collection of Information

Our primary purpose in collecting Personal Information is to meet regulatory requirements, for loss prevention and anti-fraud purposes. We also wish to provide you with a secure, smooth, efficient, and customized experience. We generally use Personal Information to create, develop, operate, deliver, and improve our Services, content and advertising, and for loss prevention and anti-fraud purposes.

We collect information in order to:

Provide Services. We process your Personal Information to provide the Services to you. For example, in order for you to use the Source Force or Exchange platforms, we require certain information such as your identification, contact information and any other information that we deem necessary. We cannot provide you with the Services without such information. Third parties such as identity verification services may also access and/or collect your Personal Information when providing identity verification and/or fraud prevention services.
Meet our regulatory requirements, such as Know Your Customer and Anti-Money Laundering regulatory requirements. We are required by regulations to collect, use and store your Personal Information in certain ways. If you do not provide the Personal Information as required by law, you may not use our Services.
Perform due diligence and other screening activities in accordance with our legal or regulatory obligations and risk management procedures, which are carried out in our own legitimate interests or the public interest. These activities include conducting identity verification and fraud prevention, including checks related to the source of funds or income, PEP, sanctions and adverse media checks.
Provide Service communications. We send administrative or account-related information to you to keep you updated about our Services, inform you of relevant security issues or updates, or to provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your account that may affect how you use our Services. You may not opt-out of receiving critical service communications, such as emails sent for legal or security purposes.
Analytics, statistical, development and research purposes. We process your Personal Information to better understand the way that you use and interact with our Services. In addition, we use such information to customise, measure, and improve our Services and the content and layout of our websites, and to develop new services.
Maintain legal and regulatory compliance.
Detect, prevent, or otherwise address fraud, security or technical issues (such as identity theft or financial fraud).
Enforce this Privacy Policy and/or the Terms of Use and/or other agreements, including investigation of potential violations thereof. We may use any of your Personal Information collected for these purposes. The consequences of not processing your Personal Information for such purposes is the termination of your account.
Protect the rights, property, or personal safety of New Capital, any of its users, or the general public.
Provide user service. We process your Personal Information when you contact us to resolve any questions, disputes, or to troubleshoot problems. Without processing your Personal Information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.
Ensure quality control. We process your Personal Information for quality control and to facilitate staff training so as to ensure that we continue to provide you with accurate information. If we do not process Personal Information for quality control purposes, you may experience issues when using the Services such as inaccurate transaction records or other interruptions.
Ensure network and information security. We process your Personal Information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks, and to comply with applicable laws and regulations. Without processing your Personal Information, we may not be able to ensure the security of our Services.

We will not use your Personal Information for purposes other than those purposes that we have disclosed to you without your permission. From time to time, and as required under the applicable law, we may request your permission to allow us to share your Personal Information with third parties. You may opt out of having your Personal Information shared with third parties, or allowing us to use your Personal Information for any purpose that is incompatible with the purposes for which we originally collected this information or subsequently obtained your authorization. If you choose to so limit the use of your Personal Information, certain features or our Services may not be available to you.

6. The conditions for processing of Personal Information

We will process your Personal Information for a variety of reasons, each of which is prescribed by relevant data protection laws.

Fulfillment of a contract, compliance with a legal obligation – it is necessary for us to process your Personal Information where it is necessary for the performance of a contract (such as for our Terms of Use) or in order for us to comply with our various legal and/or regulatory responsibilities, including, but not limited to, complying with any AML and KYC legislation.
Legitimate interests – we also process your Personal Information where we deem such processing to be in our (or a third party’s) legitimate interests, providing that such processing will not prejudice your interests, rights and freedoms. Examples of us processing information in accordance with legitimate interests would include: (i) where we disclose your Personal Information to any one or more of our associate/subsidiary companies following a restructuring or for internal administrative purposes; (ii) processing for the purposes of ensuring network and information security, including preventing unauthorized access to our electronic communications network; (iii) safeguarding the integrity of our Services by combating, reporting and sharing information related to fraudulent activities; (iv) adhering to regulatory and statutory requirements; (v) improving and optimizing our Services and debugging errors; (vi) sharing Personal Information with our advisers and professional services providers (such as auditors) for ensuring our compliance with regulatory requirements and industry best practices.
Consent – our processing of your Personal Information will primarily be necessary for us to provide you with the Services. However, on certain occasions we may ask for your consent in processing Personal Information. In these instances, your Personal Information will be processed in accordance with such consent and you will be able to withdraw this consent in writing at any time.

Special Categories of Personal Data – we do not process Personal Information as defined under Article 9 of the GDPR

7. Why we share Personal Information with third parties

We take care to allow your Personal Information to be accessed only by those who require such access to perform their tasks and duties, and to only share this information with third parties who have a legitimate purpose for accessing it. New Capital will never sell or rent your Personal Information to third parties without your explicit consent. We will only share your information in the following circumstances:

With third-party authentication vendors (such as identity verification, user authentication and due diligence vendors), partner risk screening providers and other data sources (such as geo-location services), in accordance with our legal or regulatory obligations and risk management procedures which are carried out in our legitimate interest or in the public interest. For identity verification services, we may use Ondato UAB. The Ondato Privacy Policy, available at https://ondato.com/privacy-policy/, describes their terms for the collection and use of personal data.
With our service providers who are under contract to assist us with components of our business operations. Our contracts specify that these service providers only use your information in connection with the services that they perform for us, and prohibits them from selling your information to anyone else. Examples of the types of service providers that we may share Personal Information with (other than those mentioned above) include: network infrastructure, cloud storage, security, user support, Internet (e.d. ISPs) and information technology.
In order to fulfill the purposes stated above, including to satisfy any applicable law, regulation, legal process, subpoena or governmental request.
In order to respond to claims that any content available on the Services violates the rights of third-parties.
When New Capital is undergoing any change in control, including by means of a merger, or the acquisition or purchase of all or substantially all of its assets.
With our professional advisors who provide legal, compliance, accounting or other consulting services in order to complete third party technical, compliance and legal audits of our operations, or otherwise comply with our legal obligations.

8. Data Transferred out of the EU

When using our Services, your data is processed and stored in the EU and other countries. We and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide equivalent levels of data protection as your home jurisdiction. We will take steps to ensure that your personal data receives an adequate level of protection in the jurisdictions in which we process that information. We provide adequate protection for the transfer of personal data to countries outside of the European Economic Area (EEA) that are not recognized as providing adequate data protection. This protection is achieved through a series of intercompany agreements based on the Standard Contractual Clauses authorized under EU law (the content of the standard contractual clauses is available here).

If you would like further information, you can contact us using the contact information provided in this Privacy Policy.

9. How we protect and store Personal Information

We understand how important your privacy is, which is why New Capital maintains (and contractually requires third parties it shares your information with to maintain) appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the Personal Information you entrust to us.

We may store and process all or part of your Personal and transactional Information. We protect your Personal Information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Information only for those employees who require this information to fulfill their job responsibilities.

However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own Personal Information. When registering with our Services, it is important to take all necessary precautionary measures by using 2FA or other methods of digital identity authorization. You should immediately notify us if you become aware of any unauthorized access to or use of your account.

Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone or SMS, since we have no way of protecting that information when it traverses connectivity infrastructure. If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.

10. Retention of Personal Information

If you have registered with an account through our Services, New Capital will retain your Personal Information during the period that your account is active. Furthermore, New Capital will retain your Personal Information for an additional period as deemed necessary to enable New Capital to meet its legal obligations under applicable laws or regulations, such as the KYC and AML regulations, as well as to meet New Capital's contractual obligations.

Personal Information collected to comply with our legal obligations under anti-money laundering laws may be retained after account closure for as long as required under such laws.
Content that you post on our website such as support desk comments and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
Information collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.

In addition, New Capital may retain Personal Information for longer periods, provided that retaining such information is strictly necessary for New Capital’s legitimate interests, such as fraud prevention and record keeping, enforcing its policies, resolving or exercising claims regarding potential disputes, and where New Capital is guided to do so by the applicable regulatory authority.

11. Minors

To use the Service, you must be over the age of eighteen (18). New Capital does not knowingly collect Personal Information from children under the age of eighteen (18) and does not wish to do so. We reserve the right to request proof of age at any stage so that we may verify that minors under the age of eighteen (18) are not using the Services. If you are under the age of eighteen (18) you should immediately contact us for special permission to use our Services. Such permission will only be granted at our sole discretion, and with the stipulation that it does not contravene any applicable laws or regulations. Otherwise, in the event that it comes to our knowledge that a person under the age of eighteen (18) is using the Services, we will prohibit and block such a User from accessing the Services and will take appropriate measures to prevent that User from making use of our Services. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent this unauthorized access to our Services.

12. Cookies and similar technologies

When you access or use the Services, we may use (and authorize third parties to use) industry-wide technologies such as cookies or similar technologies, including web beacons, pixel tags, scripts, tags and other technologies that store certain information on your computer (“Local Storage”) and which will allow us to enable automatic activation of certain features, and make your Service experience much more convenient and effortless.

Cookies allow us and third parties to automatically collect information about you (such as your IP address, device unique identifiers and your online behavior), for fraud prevention purposes and in order to enhance your navigation on our Site, improve our Site’s performance and customize your experience on our Site, as well as for advertising. We also use this information to collect statistics about the usage of our Site, perform analytics, and deliver content which is tailored to your interests. To learn more, please visit our Cookie Policy available here: https://wallet.app/cookie-policy.html

13. Your Rights

Your rights to Personal Information are not absolute. Depending upon the applicable law, access may be denied: (a) when denial of access is required or authorized by law; (b) when granting access would have a negative impact on another's privacy; (c) to protect our rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.

You may contact us at any time at gdpr at new dot capital, and request:

To access, delete, change or update any Personal Information relating to you.
That we will restrict or cease any further use of your Personal Information.
That we will provide the Personal Information you volunteered to us in a machine-readable format.
To withdraw your consent to our processing activities (provided that such processing activities rely on your consent, and not on a different legal basis).
To not be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except where such processing is necessary for the performance of the contract between you and us, or it is based on your explicit consent, as provided hereunder.

14. Third Party Websites

While using the Services you may encounter links to third party websites and/or services. Please be advised that such third party websites and/or services are independent of New Capital, and may use cookies and other web-tracking technologies to collect non-personal and/or Personal Information about you. We assume no responsibility or liability whatsoever with regard to privacy matters or any other legal matter with respect to such third party websites and/or services. We encourage you to carefully read the privacy policies and the terms of use of such third party websites and/or services, as their terms, not ours, will apply to any of your interactions with such third parties.

15. Changes to the Privacy Policy

New Capital reserves the right to change this Privacy Policy at any time, so please re-visit this page frequently. We will provide notice of substantial changes to this Privacy Policy on the Services and/or we will send you an email regarding such changes to the e-mail address that you provided. Such substantial changes will take effect seven (7) days after such notice was provided through any of the above-mentioned methods. Otherwise, all other changes to this Privacy Policy are effective as of the stated “Last Revised” date, and your continued use of the Services after the Last Revised date will constitute acceptance of, and agreement to be bound by, those changes.

16. Questions or Concerns

New Capital welcomes your questions or comments regarding this Privacy Policy and the way we process your personal information. If you have any questions concerning this Privacy Policy, you are welcome to send them to us at:

New Capital
E-mail address: gdpr at new dot capital
Address: Lvivo str. 13C-5, LT-09313 Vilnius, Lithuania

We will make an effort to reply within a reasonable time frame. Please feel free to reach out to us at any time. If you are unsatisfied with our response, you can contact the applicable data protection authority:

The State Data Protection Inspectorate (website available at https://vdai.lrv.lt/)
E-mail address: [email protected]
Address: A. Juozapavičiaus str. 6, LT-09310 Vilnius, Lithuania