This is the Privacy Policy (“Policy”) of Sway Protocol. You have been directed to this Policy because we are collecting, using or disclosing your personal data. In this Policy, when we use “we”, “us” or “our”, we refer to the Sway Protocol which is collecting your personal data, or which is operating the website https://swayprotocol.org. which you are accessing or using. This Policy applies to all personal data that you may provide to us and the personal data we hold about you.
By providing us with your personal data or by accessing, using or viewing our website, applications, exchanges, wallets, platforms, software, products, services, and the functions or contents therein (including transmitting, caching, or storing of any such personal data) (collectively, “Sites”), you shall be deemed to have agreed to each and all the terms, conditions, and notices in this Policy. If you do not agree, please cease use of the site and do not provide any personal data to us. If you are visiting us from the EU, this Policy complies with the EU General Data Protection Regulation 2016/679 (the “GDPR”). This Policy complies with similar personal data protection principles applicable to foreign government agencies.
1.1. For the purposes outlined in Clause 2 below, we may collect and process the following information about you when you visit the Sites or use any of our products and services:
(I) Data collected directly from you – This may be done through the Sites, use of our products and services, over the phone, email, or in person when you meet our staff or representative, when you report any problem(s) to us or request any support from us, or when you complete any survey or questionnaire that we send to you. Information that you provide us may include but is not limited to: a. your name, contact information including your (first and last) name, digital wallet address, Instagram handle, and email address. We need your email address so that we may contact you if we have information for you regarding the service that we are providing or will provide to you; b. other financial information required to be able to provide you with the products and services, such as credit card information, bank account information, and other personal description necessary to facilitate the same; c. if you have an account with us, the preferences and interests stored in such profile or account; and d. if you have contacted us, the details of the contact and the contact history.
(II) Data collected by automated means – Various technologies may be used on our Sites and/or products and services. Such technologies may lead to data being collected automatically by us. Such data may include but is not limited to: a. technical information, including the Internet protocol (IP) address used to connect your computer to the Internet and your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform; b. information about your visit, including the full Uniform Resource Locators (URLs), clickstream to, through and from the Sites (including date and time), products and services you viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs); and c. methods used to browse away from the page, and any phone number used to call our customer service number. (III) DData collected from third parties – We work with third parties and we may receive information about you from them, for example: a. business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers and search information providers; b. blockchain data; and c. public databases and credit reference agencies.
2.1. We may use your personal data for the following purposes: a. providing, improving and developing the Sites and our products and services; b. researching, designing and launching new features or products and services; c. presenting content and information in our Sites in the most effective manner for you and for the device you use; d. providing you with alerts, updates, materials or information about our services or other types of information that you requested or signed up to; e. enforcing obligations owed to us such as collecting owed payments in any part of the world; f. responding or taking part in any claims, actions or legal proceedings (including but not limited to drafting and reviewing documents, transaction documentation, seeking legal advice, and facilitating dispute resolution) and/or protecting and enforcing our contractual and legal rights and obligations; g. complying with legal and regulatory obligations and requirements such as anti-money laundering laws across jurisdictions; h. accounting, risk management, compliance and record keeping purposes; i. staff training; j. communicating with you and responding to your issues, questions, requests or feedback, purposes directly related or incidental to the above; k. if you have consented, for the purposes of marketing products and services offered on our Sites; and l. matching any personal data held which relates to you for any of the purposes listed herein.
2.2. When using your personal data to contact you for the above purposes, we may contact you via email or any other electronic means.
2.3. If we need to use your personal data for any other purposes, we will notify you and obtain your consent beforehand. You will be given the opportunity to withhold or withdraw your consent for the use of your personal data for these other purposes.
3.1. We will not sell your personal data to third parties.
3.2. We will keep your personal data we hold confidential, but you agree we may provide your personal data to: a. any member of our group, which means our affiliates and subsidiaries to allow us to provide the products and services which you have requested; b. personnel, agents, advisers, auditors, contractors, financial institutions, and service providers in connection with our operations or provision of the products and services (for example, staff engaged in the fulfilment of your order, the processing of your payment and the provision of support services); c. our overseas offices, affiliates, business partners and counterparts (on a need-to-know basis only); d. persons or entities under a duty of confidentiality to us; e. persons or entities to whom we are required to make disclosure under applicable laws and regulations in any part of the world; f. actual or proposed transferees of our operations (or a substantial part thereof) in any part of the world; g. third parties where you have provided us consent and in the situations expressly set out in this Policy; and h. our strategic partners and business associates if you have consented to receiving marketing information from us.
3.3. You fully understand and consent that we may transfer your personal data to any location outside of the jurisdiction that we operate in for the purposes set out in this paragraph 3. When transferring your personal data outside of BVI or the jurisdiction that we operate in, we will protect your personal data to a standard comparable to the protection accorded to your personal data under the PDPA or GDPR by ensuring that the recipient is either in a jurisdiction which has comparable data protection laws, or is contractually bound to protect your personal data.
5.1. Our website uses cookies to distinguish you from other users of our websites. This helps us to provide you with a good experience when you browse our websites and also allows us to improve our websites.
5.2. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your computer if you agree to the use of cookies. Cookies contain information that is transferred to your computer’s hard drive.
5.3. We use persistent cookies and session cookies. A persistent cookie stays in your browser and will be read by us when you return to our websites or a partner site that uses our services. Session cookies only last for as long as the session (usually the current visit to a website or a browser session). All web-browsers offer the option to refuse any cookie, and if you refuse our cookie then we do not gather any information on that visitor.
5.4. We use the following cookies: a. Strictly necessary cookies – These are cookies that are required for the operation of our websites. They include, for example, cookies that enable you to log into secure areas of our websites, use a shopping cart or make use of e-billing services. b. Analytical/performance cookies – They allow us to recognise and count the number of visitors and to see how visitors move around our websites when they are using it. This helps us to improve the way our websites work, for example, by ensuring that users are finding what they are looking for easily. c. Functionality cookies – These are used to recognise you when you return to our websites. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region). d. Targeting cookies – These cookies record your visit to our websites, the pages you have visited and the links you have followed. We will use this information to make our websites and the information displayed on it more relevant to your interests. e. You can block cookies by activating the setting on your browser that allows you to refuse the setting of all or some cookies. However, if you do so, you may not be able to access all or parts of our websites. f. We may use third-party web services on our websites. The service providers that administer these services use technologies such as cookies (which are likely to be analytical/performance cookies or targeting cookies), web server logs and web beacons to help us analyse how visitors use our websites and make the information displayed on it more relevant to your interests. The information collected through these means (including IP addresses) is disclosed to these service providers. These analytics services may use the data collected to contextualise and personalise the marketing materials of their own advertising network.
Our Sites or our communications with you may from time to time contain links to third-party websites over which we have no control. If you follow a link to any of these websites, please note that they have their own practices and policies. We encourage you to read the privacy policies or statements of these websites to understand your rights. We accept no responsibility or liability for any practices of third-party websites.
7.1. All information you provide to us is stored on our secure servers.
7.2. Any payment transactions will be encrypted using TLS/SSL technology.
7.3. Where we have given you (or where you have chosen) a password that enables you to access certain parts of the Sites, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
7.4. We restrict access to personal information to our employees, service providers, agents, representatives and contractors on a strictly need-to-know basis and ensure that those persons are subject to contractual confidentiality obligations.
7.5. We review our information collection, storage and processing practices from time to time to guard against unauthorised access, processing or use.
7.6. Please note, however, that the transmission of information via the Internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to the Sites. Any transmission is at your own risk. We recommend that you change your passwords often, use a combination of letters and numbers, and ensure that you use a secure browser.
7.7 If applicable, you undertake to keep your username and password secure and confidential and shall not disclose or permit it to be disclosed to any unauthorised person, and to inform us as soon as reasonably practicable if you know or suspect that someone else knows your username and password or believe the confidentiality of your username and password has been lost, stolen or compromised in any way or that actual or possible unauthorised transactions have taken place. We are not liable for any damages resulting from any security breaches, on unauthorised and/or fraudulent use of your username and password.
8.1 For individuals who are located in the European Economic Area, United Kingdom or Switzerland at the time their personal data is collected, we rely on legal bases for processing your information under Article 6 of the GDPR. We generally only process your data where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), for our legitimate interests to operate our business or to protect our or your, property, rights, or safety, or where we have obtained your consent to do so.
8.2 When processing your personal data as set out in this Policy, as we are located in various countries throughout the world, it will have been transferred outside the EU. However, if your personal data is originally collected from within the EU, it will only be transferred on one of the following bases: a. the country that we send the personal data to is approved by the European Commission as providing an adequate level of protection for personal data; or b. you have explicitly consented to the same. To find out more about international transfers by us of your personal data and the countries concerned, please contact our Data Protection Officer.
9.1 If you have any questions, comments or requests regarding the processing of your personal data or about this Policy, if you do not accept the Policy, if you wish to withdraw any consent you have given us at any time, or if you wish to update or have access to your personal data, please contact us at:
Email: info@swayprotocol.org
9.2. Your rights under the PDPA are the following: a. check whether we hold personal data about you; b. access any personal data we hold about you; and c. require us to correct any inaccuracy or error in any personal data we hold about you.
9.3 Your rights under the GDPR are the following: a. To obtain access to, and copies of, the personal data that we hold about you; b. To require that we cease processing your personal data if the processing is causing you damage or distress; c. To require us not to send you marketing communications; d. To require us to erase your personal data; e. To require us to restrict our data processing activities; f. To receive from us the personal data we hold about you which you have provided to us, in a reasonable format specified by you, including for the purpose of you transmitting that personal data to another data controller; and g. To require us to correct the personal data we hold about you if it is incorrect. Please note that the above rights are not absolute, and we may be entitled to refuse requests where exceptions apply. If you are located in Europe, to find out more about your rights please refer to the EU regulator in the place where you are located (in the EU). If you have any questions about how we use your personal data, or you wish to exercise any of the rights set out above, please contact our Data Protection Officer.
9.4. Any request under Clause 9.2 and 9.3 may be subject to a small administrative fee to meet our cost in processing your request.
9.5 All requests for correction or for access to your personal data must be in writing. We will endeavour to respond to your request within 30 days, and if that is not possible, we will inform you of the time by which we will do so.
9.6 We may be prevented by law from complying with any request that you may make. We may also decline any request that you may make if the law permits us to do so.
9.7 In many circumstances, we need to use your personal data in order for us to provide you with products and services which you require or have requested. If you do not provide us with the required personal data, or if you do not accept the Policy or withdraw your consent to our use and/or disclosure of your personal data for these purposes, it may not be possible for us to continue to serve you or provide you with the products and services that you require or have requested.
We may amend this Policy from time to time by posting the updated policy on our Sites. By continuing to use our Sites and products and services after the changes come into effect means that you agree to be bound by the revised policy.
In case of discrepancies between the English and other language versions of this policy, the English version shall prevail.
12.1 To the maximum extent permitted by law, we shall not be liable in any event for any special, exemplary, punitive, indirect, incidental or consequential damages of any kind or for any loss of reputation or goodwill, whether based in contract, tort (including negligence), equity, strict liability, statute or otherwise, suffered as a result of unauthorised or unintended use, access or disclosure of your personal data.
12.2 Our total aggregate liability to you (if any) for any individual claim or series of connected claims for losses, costs, liabilities or expenses which you may suffer arising out of, or in connection with, any breach of this Policy by Sway Protocol shall be limited to a maximum aggregate value of the combined value of the Digital Assets in your Sway Protocol Account / Wallet at the time of the relevant claim (kindly refer to the User Agreement for definitions of these terms). Where we are considering a specific claim relating to a specific transaction this sum shall be further limited to the purchase / sale amount (as relevant) of the transaction in dispute. We shall not be liable where the said liability has arisen from your negligence, gross negligence or fraud.