Privacy notice – Quickbit App

Version 5, applicable from May 5, 2022

This privacy notice (“Privacy Notice”) explains how Quickbit group and entities included in the group (hereinafter “Quickbit”, “we”, “us”, or “our”) collects, uses, processes, shares, transfers and protects your personal data in connection with the provision of the services (“Services”) provided through Quickbit app (“App”) or when you interact with Quickbit with respect to the Services.

Information below describes how Quickbit processes your personal data when you use the Services. In addition to the Services provided by us, there are payment services available through the App provided to you by our partner, Intergiro Intl AB (publ) (“Intergiro”). When Intergiro processes your personal data as a data controller, Intergiro is responsible for Intergiro’s own data processing. For more information on how Intergiro processes your personal data, please see section 5 below. 

Data controller and contact details

The entity within Quickbit with which you have entered an agreement regarding the Services is normally the data controller for your personal data and is therefore responsible for the processing of your personal data in accordance with this Privacy Notice. Under certain circumstances the responsibility is shared with one or several other legal entities, either a Quickbit entity or a third party, please see section 6 below for more information regarding how we share your data.

When you use the Services the following Quickbit entity is the data controller and is therefore responsible for the processing of your data

QB Europe AB, company registration number 559265-3793, if your country of residence is Sweden,

Balder Solutions AS, company registration number 921711425, if your country of residence is Norway.

If you want to exercise your data subject rights as per section 8 below, or if you have any questions about our processing of your personal data or this Privacy Notice, please feel free to contact us by email at support@quickbit.com. When you contact us, please state your full name and ensure that your query is clear, particularly in the event the query is with respect to the processing of your personal data. Additionally, please note that we may have to verify your identity before we proceed with processing your request.

If you are dissatisfied with how we process your personal data, please contact our Data Protection Officer at dpo@quickbit.com or by using below address;

Att. Data Protection Officer

Quickbit eu AB (publ),

Lästmakargatan 20, 111 44 Stockholm, Sweden

Information we collect and the collection sources

2.1 We will collect and process your personal data when you create an account in the App (“Quickbit Account”), use the Services, fill out a form, submit or post content within our Services, communicate with us via third-party platforms, request customer support, participate in surveys or otherwise communicate with us in relation to the Services. When we fetch personal data from you or third parties, we do it because it is relevant for the provision of the Services, or we are required to do so by applicable laws and regulations, or for other specified purposes. Please note that we will not be able to provide the Services to you if you fail to provide certain personal data to us that is necessary for the provision of such Services. We will not use your personal data for any other purpose than the purposes covered in this Privacy Notice without prior notification to you or your consent.

2.2 Categories of personal data we collect from you when you create a Quickbit Account, use the Services, or communicate with us:

General and contact information, such as name, username, Social Security Number (“SSN”) or similar, date of birth, e-mail address, telephone number, residential address, postal code, citizenship, tax residence, information on source of funds and similar.

Financial information, such as Quickbit account balance information, transactions you have done with us both in virtual currency and fiduciary currency, information on how you intend to use the Services, cryptocurrency wallet addresses, the orders you place with us (buy, swap, send, hold, sell crypto currency), transaction date and other related information.

Documentation necessary for the fulfillment of Anti Money Laundering and Know Your Customer measures, such as for example passport or identity card copy or copies of any other documents you have provided for identification purposes (including your picture/selfie), proof of residence address (for example utility bills or similar), proof of funds & related documents, responses provided by you within our Know Your Customer procedure.

Information about your status as Politically Exposed Person, so called PEP, from PEP lists that contain information such as name, date of birth, place of birth, occupation or position and the reason for being listed in the PEP list.

In some cases, we may also collect information you provide about others, such as for example when you provide information about whether you are a family member or an associate to a person who is a PEP.

Information about your activities using our Services, such as your activity history, access times, screens viewed, and the page you visited and similar.

Any other information that you may share with us in free text when you communicate with us, request support or file a complaint.

2.3 We collect the following categories of personal data from you automatically when you use our Services:

Technical information such as information related to your device that you use when using our Services, such as IP address, mobile network, App version type, time zone, operating system, language settings etc;

Information collected by tracking technologies: we use tracking technologies to collect information about you. Please see section 7 below for more information.

Information we collect from external sources

We obtain information from third-party sources. For example, we may collect identity verification information about you from providers of electronic signature solutions (for example BankID), identity verification solution providers (for example Onfido) or similar, information necessary for us to fulfill our legal obligations (such as anti-money laundering rules) from external parties/registries, data analytics providers, public databases and blockchain data providers.

We rely on third parties to process payments in connection with our Services. Any information you provide to facilitate such a payment is subject to the third-party payment processors’ privacy notices, and we encourage you to review such privacy notices before you provide any information to the payment processor. The payment processor may share the payment information with us to be used by us for the purposes to handle your requests, to handle fraud etc.

We obtain information about your payment transactions you made in the App from our partner Intergiro to be used for the purposes to enhance our knowledge about you as a customer.

Processing purposes and legal grounds

When you create a Quickbit account and use the Services, we will process personal data listed above for the following purposes and on the basis of the following legal grounds:

Providing the Services to you and managing your App profile and Quickbit account. The legal ground for this processing is contractual necessity.

For the fulfillment of legal obligations that we may be subject to, such as the anti-money laundering and book-keeping legislation, and also our agreement for the provision of the Services. The legal grounds for this processing are legal obligations and contractual necessity.

Replying to your inquiries and customer support requests. The legal ground for this processing is our legitimate interest to address any questions, requests or other forms of enquiries you may have and, in some cases, contractual necessity.

Sending you e-mails and other notifications in connection to the provision of the Services, for example if we want to notify you regarding the changes made to this Privacy Notice, the Terms and Conditions for the Services etc. The legal ground for this processing is contractual necessity and legal obligations.

Sending you e-mails that you have opted in to. The legal ground for this processing is your consent. You may withdraw your consent at any time through clicking on the “unsubscribe” link at the end of each e-mail).

Personalizing, tailoring or improving our Services. The legal ground for this processing is our legitimate interest to improve our Services based on our users’ needs.

To be able to conduct customer satisfaction surveys and market research, via e-mail, text message, telephone or through other communication channels. The legal ground for this processing is our legitimate interest to improve our Services based on our users’ needs. If you do not want us to perform this treatment, you can let us know by contacting us as set out in section 1 above.

For the enforcement of the agreement that you have with us, including to protect our rights, property and safety and also the rights, property and safety of third parties if necessary. The legal ground for this is our legitimate interest to establish, exercise or defend legal claims.

Collecting technical information. In some cases, it is done to prevent fraud or misuse of the Services based on legal obligations and in some cases to achieve the required functionality for the Services based on contractual necessity as legal ground. In other cases, the legal ground is your consent, which is in such case obtained from you prior to the processing and can be withdrawn by you at any time.

Retention time

We store your personal data for the purposes set out in section 3 above during the term of our contractual relationship with you. We will further store your personal data for as long as we have a meaningful contact with you or as otherwise required by laws and regulations applicable to us. When the purpose for which your personal data has been collected is no longer relevant, we will stop processing your personal data and either delete or anonymize it.

We may retain your personal data for a longer period of time to the extent required by laws and regulations, as a part of our disaster recovery backup or if the data is deemed necessary to be able to defend our legal interests or to protect ourselves from fraud.

We retain your personal data for the duration of providing the Services to you until you have requested the deletion of your Quickbit Account. Once your Quickbit Account has been closed, your personal data will be retained with limited access within the organization for up to 5 or 10 years (as applicable in the country of your residence) due to legal statutory reasons. If certain personal data that we have is not required to be retained for a certain period of time after the deletion of the Quickbit account, we will delete the data according to our retention routines.

When we obtain your payment transaction data from our partner Intergiro for the purposes of displaying the data to you and to use the data to improve our knowledge about you, such data will be automatically deleted after 90 days from the day we obtained the data.

Partnership with Intergiro

5.1 Our partner Intergiro will provide payment services to you through the App. When using the payment services Intergiro is the data controller for the data that is processed by Intergiro when providing the payment services to you. For more information on how Intergiro processes your personal data, please see Intergiro’s Privacy Policy.

5.2 During our partnership with Intergiro we will share some of your data that we have gathered from you with Intergiro to achieve the desired functionality for the App and Intergiro’s payment services in the App, for example

general and contact information, such as name, Social Security Number (“SSN”) or similar, date of birth, e-mail address, telephone number, residential address, postal code.

documentation necessary for the fulfillment of Intergiro’s Anti Money Laundering and Know Your Customer measures, such as (whichever applicable) passport copy or copies of any other documents you have provided for identification purposes (including your picture/selfie), proof of residence address (for example utility bills or similar).

depending on the market of use any of (i) identity verification information from providers of electronic signature solutions (for example BankID), (ii) identity verification solution providers (for example Onfido) or similar.

Such data will be transferred to Intergiro upon which Intergiro will become the data controller for the transferred data and will thus process the data in accordance with Intergiro’s Privacy Policy.

5.3 During our partnership with Intergiro we will process some of your personal data as a data processor to Intergiro, for example

Information about how you intend to use Intergiro’s services that we gather from you on behalf of Intergiro for Intergiro’s Know Your Customer procedure.

Financial information such as your account number at Intergiro, recipient’s IBAN/account number and recipient’s name if you make a transfer from your account at Intergiro, the name of your bank, details of the payment order you want to place with Intergiro that we gather from you on behalf of Intergiro.

Information regarding your payment card delivery address.

Account balances, transaction history, transaction descriptions, transaction currency, account numbers, information about payor, payee and merchant that we display to you in the App on behalf of Intergiro.

Information we receive from you or from Intergiro as a part of our first line customer support that we perform in relation to Intergiro’s payment services and on behalf of Intergiro.

Information we process following this section 5.3 will be processed by us in accordance with instructions provided to us by Intergiro and in accordance with Intergiro’s privacy policy.

5.4 If you have inquiries about how Intergiro processes your data please reach out to Intergiro’s privacy team at privacy@intergiro.com.

Sharing of your personal data

We may share your personal information in the following circumstances or as otherwise described in this policy:

We share the data within Quickbit with Quickbit entities under common control and ownership as required for the provision of the Services, legal obligations we may be subject to or due to other reasons.

We share personal information with vendors, service providers, and consultants that need access to information in order to perform services for us, such as companies that assist us with web hosting, storage, and other infrastructure, analytics, payment processing, fraud prevention and security, customer service, communications, search engine facilities and marketing. In some cases, the third parties may require access to some or all of your personal data. Where any of your personal data is required for such a purpose, we undertake steps to ensure that your personal data is processed in accordance with our instruction and applicable data protection regulations.

We may disclose personal information if we believe that disclosure is in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements. If we are going to disclose your personal information in response to legal process, we will give you notice so you can challenge it (for example by seeking court intervention), unless we are prohibited by law or believe doing so may endanger others or cause illegal conduct. We will object to legal requests for information about users of our Services that we believe are improper.

We may share personal information with our lawyers and other professional advisors where necessary to obtain advice or otherwise protect and manage our business interests.

We may share personal information in connection with, or during negotiations concerning, any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company. In certain circumstances, we may be legally required to share certain personal data we process such as for example where we are involved in legal proceedings, where we are complying with legal obligations, a court order, upon a legitimate request from a governmental authority, or to prevent and investigate fraud or other illegal activity to protect ourselves, you and other customers, including where necessary for the purposes of an investigation.

We may compile statistics about the use of the App including data on traffic, usage patterns, user numbers, and other information. All such data will be anonymized and will not include any personal data, or any anonymized data that can be combined with other data and used to identify you. We may from time to time share such data with third parties such as prospective investors, partners, or similar.

We share information set out in section 5.2 above with our partner Intergiro for the purpose of the provision of the intended App functionalities such as Intergiro’s services provided to you by Intergiro. When we share this data with Intergiro, Intergiro will process such data as an independent data controller, in accordance with Intergiro’s privacy policy.

Where we process your personal data

We always strive to process your personal data within the EU/European Economic Area (the “EEA”). However, in some situations such as when we share your data with for example an IT or hosting provider with operations outside the EU/EEA, your personal data may be processed outside the EU/EEA. In the event that a non-EEA country to which we transfer personal data has not obtained an adequacy decision from the European Commission, we have applied safeguards for any transfers of personal data to third countries, such as the EU Commission Standard Contractual Clauses.

Your rights

8.1 Your right in accordance with GDPR

As a data subject, you have the following rights under the applicable data protection laws;

Right to access: you have the right to request information about the personal data we hold on you at any time.

Right to rectification: you have the right request rectification of your personal data if the information is incorrect, including the right to have incomplete personal data completed.

Right to erasure: you have the right to erase any personal data processed by us at any time, except the data that we are obliged to retain following a legal obligation, a legitimate interest or to be able to protect our legal interests. When our processing of your data is based on one or several of the aforementioned reasons, we will be required to deny your request in full or in part.

Right to object to processing based on legitimate interest: you have the right to object processing of your personal data that is based on our legitimate interest. We will not continue processing personal data unless we can demonstrate legitimate grounds for the process which overrides your interest or due to legal claims.

Right to restriction: you have the right to request that we restrict to process your personal data under the following circumstances:

if you object to processing based on legitimate interest, we shall restrict it pending the verification of the legitimate interest,

if you have a claim that your personal data is incorrect, pending verification of the data accuracy.

Right to data portability: where ever we process your personal data by automated means based on your consent or based on an agreement, you have the right to get a copy of the data transferred to you or to another party. This includes only the personal data you have submitted to us.

You have an absolute right to object to personal data processing done for the purposes of direct marketing pertaining to your choice to receive e-mails from us.

If you wish to exercise your rights or have questions, please contact us using the details provided in section 1 above and we will do our best to address your concerns.

8.2 Right to lodge a complaint

If we are unable to help, you have the right to lodge a complaint with a supervisory authority. You may find your local supervisory authority by clicking on this link.

You may lodge a complaint with your home state Data Protection Authority as follows

In Sweden, with the Swedish Authority for Data Protection (Sw; Integritetsskyddsmyndigheten). Information on how to lodge a complaint is available on the authority’s website and is available by this link.

In Norway, with the Norwegian Data Protection Authority (Norwegian. Datatilsynet). Information on how to lodge a complaint is available on the authority’s website and is available by this link.

Security

Data security is very important to us. Quickbit continuously undertakes appropriate technical and organizational measures to ensure adequate security of your personal data throughout the processing.

We keep your personal data safe using fault-tolerant secured storage with industry standard encryption and implemented a number of security measures to ensure that your information is not lost, abused, or altered.

Usage of tracking technologies

7.1 Tracking technologies

We use tracking technologies that are sent to and stored on your device to collect standard log information and behavior information. When you use the App, we can automatically collect information from you through such tracking technologies. For more information, please see the cookie policy.

7.2 Your consent

Before the tracking technologies are placed on your device, you will be shown a prompt requesting your consent to set those tracking technologies. The personal data processing that is conducted via tracking technologies is thus based on your consent as a legal ground for processing. By giving your consent to the placing of tracking technologies you are enabling us to provide the best possible experience and service to you. You have a choice to deny consent to the placement of tracking technologies; however certain features of the App may not function fully or as intended. In some cases the tracking technologies used by us are strictly necessary for the provision of the Services to you - in such case the usage of such tracking technologies is exempt from the requirement to obtain your consent.

Changes to this Privacy Notice

We may change this Privacy Notice from time to time. If we make changes, we will notify you by revising the date at the top of this Privacy Notice and, in some cases, we may provide you with additional notice (such as adding a statement to our website, Quickbit.com, or providing you with a notification in the App. We encourage you to review this Privacy Notice regularly to stay informed about information practices and the choices available to you. When an updated version of the Privacy Notice is released, your continued access to the Services in the App means that you agree to the updated content.