Privacy Policy – Prime Cryptex

1. General Provisions

1.1. This Privacy Policy (hereinafter referred to as the “Policy”) defines how Prime Cryptex (hereinafter referred to as the “Company”) collects, processes, and protects users’ personal data when using our services.
1.2. We strictly comply with applicable data protection laws, including the General Data Protection Regulation (GDPR) and other relevant local regulations.

2. Personal Data Controller

2.1. Prime Cryptex is a company registered in the Czech Republic and acts as the controller of personal data.
• Legal address: Nademlejnská 600/1, Prague, Czech Republic
• Email: info.primecryptex@gmail.com

3. Personal Data We Collect

3.1. The Company processes the following categories of personal data:
• Identification data: full name, date of birth, citizenship.
• Identity documents: copies of passports, identity cards, or other official documents.
• Photos: selfie with an identity document for verification purposes.
• Contact details: email address.
• Financial data: bank account details, payment information, sources of income.
• Technical data: IP address, device information, and location.

4. Purposes of Data Processing

4.1. We collect and process personal data for the following purposes:
1. Identity verification in compliance with KYC (Know Your Customer) and AML (Anti-Money Laundering) procedures.
2. Compliance with regulatory requirements, including FATF and EU legislation.
3. Fraud prevention and security to protect against unauthorized transactions.
4. Service improvement to enhance the quality of user experience.

5. Use of Sumsub Services

5.1. To perform identity verification, we cooperate with Sumsub, a KYC/AML compliance platform.
5.2. Sumsub processes personal data on our behalf, ensuring compliance with GDPR, ISO 27001, and other international data protection standards.

6. Legal Grounds for Data Processing

6.1. We process personal data based on the following legal grounds:
• User consent – by registering and using our services, you provide explicit consent for data processing.
• Contractual necessity – data is required to fulfill our contractual obligations.
• Legal compliance – processing is necessary to meet regulatory requirements.

7. Transfer of Data to Third Parties

7.1. Your personal data may be transferred to:
• Sumsub – for identity verification purposes.
• Public authorities – if required by law (e.g., law enforcement requests).
• Partners or contractors – only with your explicit consent.

8. Data Storage

8.1. Personal data is retained for as long as necessary to achieve processing purposes, but at least 5 years after the end of the customer relationship, in accordance with anti-money laundering (AML) legislation.

9. Data Protection Measures

9.1. We take all necessary security measures to protect user data:
• Encryption and secure servers are used to store personal information.
• Regular software updates are performed to prevent data breaches.
• Access control ensures that only authorized employees can handle personal data.

10. User Rights

10.1. Under GDPR and applicable laws, you have the following rights:
• Right to access – request a copy of your personal data.
• Right to rectification – request correction of incorrect or incomplete data.
• Right to erasure (“right to be forgotten”) – request data deletion if legally permissible.
• Right to restriction of processing – temporarily suspend data processing.
• Right to withdraw consent – withdraw your consent to data processing at any time.

10.2. To exercise your rights, please contact us at info.primecryptex@gmail.com.

11. Changes to the Privacy Policy

11.1. The Company reserves the right to update this Privacy Policy at any time.
11.2. Any updates will be published on our website, and the latest version takes effect immediately upon publication.

12. Contact Information

12.1. If you have any questions regarding this Privacy Policy, please contact us:
• Email: info.primecryptex@gmail.com