Ebonex Australia Pty Ltd (ACN 649 668 011) (referred to as “Ebonex”, “we”, “our” or “us”) operates the Ebonex website www.ebonex.com.au and Ebonex mobile applications (as they change or are updated from time to time) (collectively referred to herein as the “Platform”). The Platform is dedicated to the transaction of Digital Assets and the provision of related services (referred to as the “Services”).
At Ebonex, we are committed to protecting your “Personal Information”. We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and recognise the importance of protecting your information in accordance with the Australian Privacy Principles (APPs). This Privacy Policy (Policy) applies to how we collect, use, hold, store, and disclose any Personal Information we may collect from you through our Platform accessed using your device, including your mobile phone and computer, or other various offline means, such as when you attend our events or otherwise interact with us. This Policy shall be read together with our Terms of Use which is available on our website.
All who visit, use or log onto the Platform, or register to use the Services, shall be “Users” of this Platform for the purposes of this Policy. Users are referred to in this Policy as “you” or any other applicable form of second-person pronoun.
As a User, you accept this Policy and consent to us collecting, using or disclosing your Personal Information in accordance with this Policy when you provide your Personal Information for the purpose of using the Services, technologies or functions offered by us.
This Policy may be amended on occasion to keep updated with legal requirements and the way we operate our business. Please check this Policy regularly to stay up to date with any changes. Continued use of the Ebonex Platform is an acknowledgement of having read and accepted such changes.
Although the content on the Platform is available in multiple languages, the English content prevails to the extent of any inconsistency.
This Policy contains the following sections:
- Collection of Personal Information
- How we use your Personal Information
- Sharing or disclosure of Personal Information
- Access to and correction of Personal Information
- Security of Personal Information
- Retention of Personal Information
- Marketing communications
- Collection of Cookies
- Privacy complaints
- How to contact us
- Amendments to this Privacy Policy
1. Collection of Personal Information
In this Privacy Policy, “Personal Information” is information or an opinion about an individual who can be identified, or is reasonably identifiable, whether the information is true or not; and whether the information or opinion is recorded in a material form or not.
1.1. How we collect your Personal Information
Typically, we collect Personal Information from you when you visit our website or use our mobile applications. We also collect your Personal Information from business contacts, business partners, companies that we may invest in, credit bureaus, independent verification services, or any other third parties that we work with for the purposes of performing our Services. There are also other ways we collect your Personal Information, both directly and indirectly, through among others:
(a) direct interactions such as email, telephone calls, or form submissions;
(b) receiving documents directly from our clients or their representative in relation to the services we provide;
(c)any other third parties or affiliates that we work with for the purposes of performing our Services, such as our marketing partners;
(d) from publicly available sources, including social media; and
(e) from third-party websites or applications or in connection with third-party services that have been integrated with our website or application by API or any other technologies or means.
1.2. Personal Information that we or our appointed third-party service providers may collect
The Personal Information that we or our appointed third-party service providers may collect include the following:
(a) Personal Information necessary for us to provide our Services. This includes, but is not limited to the following:
i. identification information e.g., name, date of birth;
ii. contact details e.g., email, phone number, residential address;
iii. financial information e.g., bank account information and the details of your debit card, credit card or charge card;
iv. employment information e.g., employer name, occupation, industry; and
v. internet activities e.g., search and browsing history.
(b) Any other Personal Information, including Sensitive Information that may be necessary for us to comply with applicable legal, regulatory and other compliance requirements of the jurisdictions in which we operate.
The Personal Information that you may provide on third-party websites or applications in connection with third-party services that have been integrated with our website or application by API or any other technologies or means, is collected and processed solely by the third party, independently from our processing activities. Such third parties are not subject to this Policy. Before submitting Personal Information to them, please read and understand their respective privacy policies/notices/statements.
For the avoidance of doubt, we do not have access to the specific details (i.e., the card number, CVV number, and expiry month and year) of your debit card, charge card or credit card. The processing of such information will be carried out by third-party providers and you are subject to their own privacy policy/notice/statement.
1.3. Sensitive Personal Information
Sensitive Personal Information (Sensitive Information) is Personal Information that is protected from collections by organisations under the Privacy Act. Examples of Sensitive Information include:
(a) race or ethnicity;
(b)criminal records;
(c) health and biometric information;
(d) professional, religious or political affiliations or memberships; and
(e)sexual orientation.
We do not collect any Sensitive Information unless you have given consent or we are required to do so by law. For example, we or our appointed third-party service providers may collect, use, share or otherwise process your Sensitive Information to perform KYC checks in compliance with applicable Anti-Money Laundering (AML) laws.
1.4. Reasons we collect your Personal Information
Subject to the Privacy Act and the APPs, we collect Personal Information (including Sensitive Information) for reasons which are necessary to provide you with a specific product or service. These reasons include, but are not limited to:
(a) providing you with information about a product or service;
(b)checking to ensure that we can provide you with a product or service;
(c) assisting you when online applications are incomplete;
(d) registration and administration of your Account;
(e) providing you with a product or service and helping you to manage that product or service;
(f) updating our records about you;
(g) accessing and responding to your queries and requests; and
(h) satisfying our legal obligations.
We utilise the application ‘GeeTest CAPTUA v4’ which is an AI-powered Slide that asks visitors to play a puzzle game to access our site. While visitors interact with the captcha, GeeTest collects data for its AIpowered risk engine to identify malicious features. In this way, GeeTest distinguishes legitimate humans with an intuitive interaction for the purpose of anti-robot detection.
2. How we Use your Personal Information
2.1. Reasons we use your Personal Information
The reasons we use your Personal Information include, but are not limited to:
(a) fulfilling our contractual obligations in providing you with our products or Services;
(b) responding to, processing and handling your queries, feedback and suggestions;
(c) internal or external audits;
(d) security and risk management;
(e) identity verification and authentication;
(f) for a purpose that is compatible with the original purpose as is described to you at the time of collection;
(g) legal, regulatory, and other compliance requirements (including providing assistance to law enforcement, judicial, regulatory or other government agencies and statutory bodies), such as performing KYC checks to comply with our AML obligations;
(h) market analysis and development;
(i) providing you with email and phone alerts, event registrations, social media activity, and other notices concerning our products or Services, events or news that may be of interest to you, including through direct messages and advertisements on or through our Platform and through third-party platforms (see Section 9 for more information);
(J) if you are seeking employment or other appointment with us, to:
i. process and assess your application;
ii. perform background checks;
iii. verify your credentials and qualifications as well as obtaining employment references; and
iv. carry out other activities related to the recruitment process.
We may also use your Personal Information for other compatible reasons to be described to you at the time of collection, provided you give your consent.
We will not use your Personal Information for any purpose other than those for which we are permitted under applicable laws and regulations. If you do not provide us with your Personal Information when requested, it may prevent us from being able to provide you with our products and/or Services.
2.2. Data analytics
We may also use your Personal Information for data analytics by tracking your data usage across other apps and websites when you download our mobile application. We use this data to deliver personalised advertising messages to you that promote our products and Services. If you do not consent to us tracking your data usage, when downloading our app, select ‘Ask App not to track’ when the tracking prompt appears.
3. Sharing and Disclosure of your Personal Information
3.1. Reasons we share and disclose your Personal Information
We may disclose the Personal Information we collect from you where we need to do so in the course of providing any of our products or Services to you, where you ask us to do so. When we do so, we will ensure that your Personal Information is used in a way that is congruent with this Privacy Policy, the Privacy Act and the APP.
We may share and disclose your Personal Information with:
(a) our affiliates, partners and suppliers in connection with the provision of the Platform, products and Services to our Users;
(b) partners, licensors, vendors, agents, contractors or third-party service providers who provide services to us or who jointly with us, provide products or services to you, including but not limited to our authorised representatives, insurance, consultancy, courier services, telecommunications, IT, payment, printing, billing, payroll processing, technical, training, market research, call centre, security or other such services to us;
(c) your representative or agents who you have told us or who we are otherwise aware is acting on your behalf, or who introduces you to us, or who you have asked us to contact;
(d) in the event of an actual or prospective business asset or share purchase transaction (such as any merger, acquisition or asset sale), any business partner, prospective investor, assignee, or transferee for the purposes of facilitating such a transaction; and/or
(e) any relevant government regulators, statutory boards or authorities or law enforcement agencies as required or authorised by any laws, rules, guidelines, regulations or schemes.
In exceptional circumstances, we may also be required to disclose your Personal Information where there are grounds to believe that disclosure is necessary to prevent a threat to life or health, or for law enforcement purposes.
In some cases, we shall encrypt, anonymise or de-identify, or aggregate the information before sharing it. Anonymising and de-identifying means stripping the information of personally identifiable features. Aggregating means presenting the information in groups or segments e.g., age groups.
3.2. Overseas disclosure
We may disclose your Personal Information to a recipient referred to above that is located outside Australia such as Singapore, China, Hong Kong and the United States for reasons described in this Policy or where we are compelled to do so by the relevant authorities of the jurisdictions in which we operate our business (as applicable in the circumstances).
In the event that there is a need for us to transfer your Personal Information to another country, we have safeguards in place and to ensure that the standard of data protection in the recipient country is comparable to Australia, or in certain circumstances, we may rely on allowable exceptions under applicable laws in relation to the transfer. You agree to the disclosure of your Personal Information to overseas entities when you accept and agree to this Privacy Policy and access our products and Services.
4. Access to and Correction of Personal Information
We take reasonable steps to ensure that your Personal Information is accurate, complete, and up-to-date whenever we collect or use it. If the Personal Information we hold about you is inaccurate, incomplete, irrelevant or out-of-date, please contact us through one of the methods set out in Section xx and we will take reasonable steps to either correct this information, or if necessary, discuss alternative action with you.
You should ensure that all Personal Information submitted to us is complete, accurate, true and correct. Further, when you provide us with any Personal Information relating to a third party (including your spouse, children, parents and/or employees), you represent and warrant to us that you have obtained the consent of the third party to provide us with their Personal Information.
We will, on request, provide you with access to the Personal Information we hold about you, including for the purpose of correcting or updating that information, unless there is an exception to such disclosure under applicable laws. If you require access to your Personal Information, you may contact our Privacy and Complaints Officer at [email] and we will be happy to assist you as best as we can.
Please note that, for all requests to access your Personal Information:
(a) you must put your request in writing for security reasons;
(b) in order for us to provide any Personal Information we must verify your identity and may request further information about your request;
(c) we may refuse access to your Personal Information if it would affect the privacy rights of other persons, or if permitted in some jurisdictions, if it breaches any confidentiality that attaches to that information;
(d) we may refuse your request where we are legally permitted to do so and will give you reasons for the refusal and inform you of any exceptions relied upon under applicable law (unless it would be unreasonable to do so);
(e) we may take a reasonable time to process your application for access as we may need to retrieve information from storage and review the information in order to determine what information may be provided;
(f) we may charge a reasonable administrative fee for retrieving your Personal Information;
(g) if we are satisfied that your Personal Information is inaccurate, out-of-date, incomplete, irrelevant or misleading, or if you request us to correct your Personal Information, we will take reasonable steps to notify that third party of any correction;
(h) if we refuse your request to correct your Personal Information, we will provide you with written notice explaining the reasons for the refusal to the extent that it is reasonable to do so, and provide the mechanisms available to complain about the refusal.
5. Security of Personal Information
We take appropriate security measures to protect your Personal Information from misuse, interference or loss, and from unauthorised access, modification or disclosure. The information we hold about you may be stored electronically in Australia and overseas. We use your information only in accordance with this Policy and take all steps reasonably necessary to ensure we keep your information secure.
The security measures that we may take to protect your Personal Information include:
(a) physical measures: physical records of your Personal Information will be stored in a properly locked place;
(b) electronic measures: computer data which contain your Personal Information will be stored in computer systems and storage mediums subject to strict login restrictions;
(c) management measures: only staff members duly authorised by us can access your Personal
Information, and these staff members shall comply with our internal code concerning Personal Information confidentiality;
(d) technical measures: encryption techniques, such as Secure Socket Layer Encryption, may be used to convey your Personal Information; and
(e) other measures: our network servers are protected by appropriate firewall(s).
Notwithstanding the above, please note that we will not be held liable or responsible for any loss, misuse or alteration of Personal Information that may be caused by third parties. The Personal Information collected and processed solely by the third party, independently from our processing activities are not subject to this Policy. Before submitting personal data to them, please read and understand their privacy policy/notice/statement.
Sometimes our Platform contains links to other websites. When you access a website other than our website or Platform, we are not responsible for the privacy practices of that site. We recommend that you review the privacy policies of each website you visit.
6. Retention of Personal Information
We will only retain Personal Information for only as long as there is a business or legal need to do so. In the event that retention of Personal Information is no longer necessary for any business or legal purposes or when the purpose for which the Personal Information was collected is no longer being served by the retention of the Personal Information, we will remove, destroy or anonymise/de-identify the Personal Information. The period of retention may extend beyond the termination of our relationship with you.
7. Marketing Communications
We may market and promote our products and Services to you or send you information which we believe may be of interest to you. In doing so, we may collect, use or share your Personal Information to, among others, our affiliates and service providers.
Where permitted by the APPs, we may also use Personal Information we collect from you without your consent if:
- it is not Sensitive Information; and
- you would reasonably expect us to use that Personal Information for the purposes of direct marketing; and
- we allow you to unsubscribe/opt-out of our direct marketing; and
- you have not already requested to opt-out of direct marketing from us.
8. Collection of Cookies
When you visit our website, please note that we will use Google stats via cookies to record our performance and check the effectiveness of online advertising. Cookies are a small amount of data that is sent to your browser and stored on your computer hard drive. Only when you use your computer to access our website can the cookies be sent to your computer hard drive.
Cookies are usually used to record the habits and preferences of visitors in browsing the items on our website. The information collected by cookies is non-registered and collective statistical data collected by cookies does not include Personal Information.
Cookies, which enable the website or service provider system to recognise your browser and capture and recall information, cannot be used to obtain data on your hard drive or your Personal Information. Most browsers are designed to accept cookies. You can opt to set your browser to reject cookies, or to notify you as soon as possible if you are loaded on cookies.
However, please note that if you set your browser to disable cookies, it is possible that you may not be able to launch or use some functions of our website.
9. Privacy Complaints
We have a Complaints Handling Policy in place to manage and respond to privacy risks and issues. If you believe that we have breached this Privacy Policy, or any other applicable privacy law or data protection laws or regulations which may apply to us, please contact our Privacy and Complaints Officer – see contact details in Part 10.
Our Privacy and Complaints Officer will endeavour to resolve your complaint in a satisfactory and timely manner and in accordance with our Complaints Handling Policy. Our Privacy and Complaints Officer will generally try to resolve the complaint within 10 business days, but please allow up to one calendar month for us to investigate your complaint and return a written response detailing the resolution.
If you are dissatisfied with our response, you reserve the right to make a complaint to the Office of the Australian Information Commissioner.
10. How to Contact Us
Where possible and permissible under applicable laws, we will allow you to interact with us anonymously or using a pseudonym. For example, if you contact us with a general enquiry, we will not ask for your name unless we need it to adequately handle your enquiry. However, for most of our functions and activities and to comply with applicable anti-money laundering and counter-terrorism financing laws and regulations, we usually need your name and contact information.
If you have any questions about our Privacy Policy or concerns about our commitment to your privacy, or otherwise would like to contact us, please feel free to contact us through one of the methods below:
Privacy and Complaints Officer
Ebonex Australia Pty Ltd
Level 41, Suite 8, 225 George Street, Sydney NSW Australia 2000
privacyofficer@ebonex.io
11. Amendments to this Privacy Policy
We may amend and update this Privacy Policy from time to time, according to any changes in law or changes to our business. Any such amendments will be effective upon notice to you, by publication on our Platform, or other means of communication, electronic or otherwise.
Unless you object to the changes made to our Privacy Policy by manifesting an intention to terminate your service agreement in writing, your continued use of our Platform and Services will be taken as your acceptance of the amendments.
