Privacy Policy

1. Data Controller

E-SEC GmbH ("we", "us", or "our") operates the E-SEC hardware wallet service.

Registered with BaFin (Federal Financial Supervisory Authority, Germany) under:

• BaFin-ID: 10160460
• BAK Nr.: 160460
• Gattung: Kryptowertpapierregisterführung (§ 1 Abs. 1a Satz 2 Nr. 8 KWG)

Contact: info@e-sec-gmbh.com

Address:
E-SEC GmbH
Fürstenwall 172 A
40217 Düsseldorf
Deutschland

2. Information We Collect

We collect several different types of information for various purposes to provide and improve our service to you.

2.1 Personal Data

While using our service, we may ask you to provide us with certain personally identifiable information that can be used to contact or identify you ("Personal Data").

• Email address
• First name and last name
• Phone number
• Address, State, Province, ZIP/Postal code, City
• Cookies and Usage Data

2.2 Usage Data

We may also collect information how the Service is accessed and used ("Usage Data"). This Usage Data may include:

• Device information (serial number, firmware version)
• Transaction data (only on your device, never transmitted to us)
• Customer support communications
• IP address
• Browser type and version
• Pages of our Service that you visit
• Time and date of your visit

3. Use of Data

E-SEC GmbH uses the collected data for various purposes:

• To provide and maintain our Service
• To notify you about changes to our Service
• To allow you to participate in interactive features of our Service
• To provide customer support
• To gather analysis or valuable information so that we can improve our Service
• To monitor the usage of our Service
• To detect, prevent and address technical issues
• To comply with legal obligations (AML/KYC regulations)

4. Data Retention

We will retain your Personal Data only for as long as is necessary for the purposes set out in this Privacy Policy. We will retain and use your Personal Data to the extent necessary to comply with our legal obligations (for example, if we are required to retain your data to comply with applicable laws), resolve disputes, and enforce our legal agreements and policies.

We will also retain Usage Data for internal analysis purposes. Usage Data is generally retained for a shorter period of time, except when this data is used to strengthen the security or to improve the functionality of our Service, or we are legally obligated to retain this data for longer time periods.

5. Data Transfer

Your information, including Personal Data, may be transferred to — and maintained on — computers located outside of your state, province, country or other governmental jurisdiction where the data protection laws may differ than those from your jurisdiction.

If you are located outside Germany and choose to provide information to us, please note that we transfer the data, including Personal Data, to Germany and process it there.

Your consent to this Privacy Policy followed by your submission of such information represents your agreement to that transfer.

E-SEC GmbH will take all steps reasonably necessary to ensure that your data is treated securely and in accordance with this Privacy Policy and no transfer of your Personal Data will take place to an organization or a country unless there are adequate controls in place including the security of your data and other personal information.

6. Disclosure of Data

6.1 Legal Requirements

E-SEC GmbH may disclose your Personal Data in the good faith belief that such action is necessary to:

• To comply with a legal obligation
• To protect and defend the rights or property of E-SEC GmbH
• To prevent or investigate possible wrongdoing in connection with the Service
• To protect the personal safety of users of the Service or the public
• To protect against legal liability

6.2 Regulatory Compliance

As a regulated financial service provider, we may be required to share certain information with:

• BaFin (German Federal Financial Supervisory Authority)
• Other financial regulatory bodies as required by law

7. Security of Data

The security of your data is important to us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your Personal Data, we cannot guarantee its absolute security.

We implement the following security measures:

• Encryption of data in transit using TLS 1.2+
• Regular security audits and penetration testing
• Access controls and authentication mechanisms
• Secure data centers with physical security measures

8. Your Data Protection Rights

Under certain circumstances, you have rights under data protection laws in relation to your personal data:

8.1 GDPR Rights (EU Users)

If you are a resident of the European Economic Area (EEA), you have certain data protection rights. E-SEC GmbH aims to take reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.

If you wish to be informed what Personal Data we hold about you and if you want it to be removed from our systems, please contact us.

In certain circumstances, you have the following data protection rights:

• The right to access - You have the right to request copies of your personal data.
• The right to rectification - You have the right to request correction of any information you believe is inaccurate.
• The right to erasure - You have the right to request that we erase your personal data, under certain conditions.
• The right to restrict processing - You have the right to request that we restrict the processing of your personal data, under certain conditions.
• The right to object to processing - You have the right to object to our processing of your personal data, under certain conditions.
• The right to data portability - You have the right to request that we transfer the data that we have collected to another organization, or directly to you, under certain conditions.

8.2 CCPA Rights (California Users)

If you are a California resident, you have the right to:

• Request disclosure of data collection and sharing practices
• Opt-out of the sale of personal information
• Request deletion of personal information
• Not be discriminated against for exercising privacy rights

9. Service Providers

We may employ third party companies and individuals to facilitate our Service ("Service Providers"), to provide the Service on our behalf, to perform Service-related services or to assist us in analyzing how our Service is used.

These third parties have access to your Personal Data only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.

9.1 Analytics

We may use third-party Service Providers to monitor and analyze the use of our Service.

9.2 Payment Processors

We provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).

We will not store or collect your payment card details. That information is provided directly to our third-party payment processors whose use of your personal information is governed by their Privacy Policy.

10. Changes to This Privacy Policy

We may update our Privacy Policy from time to time. We will notify you of any changes by posting the new Privacy Policy on this page.

We will let you know via email and/or a prominent notice on our Service, prior to the change becoming effective and update the "effective date" at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

11. Contact Us

If you have any questions about this Privacy Policy, please contact us:

By email: info@e-sectrading.com

E-SEC GmbH
Data Protection Officer
Fürstenwall 172 A
40217 Düsseldorf
Deutschland

Regulatory information:

BaFin ID: 10160460

BAK Nr.: 160460

Gattung: Kryptowertpapierregisterführung (§ 1 Abs. 1a Satz 2 Nr. 8 KWG)