Portofóli Privacy Policy

Introduction

This Privacy Policy governs the practices of how Portofóli (referred to herein as “we”, “our”, “ours” or “us”) collects, uses, transfers, and shares personal information related to your use of our Services and the Platform. This Policy is designed to align with the data protection laws and is committed to ensuring the transparent, lawful, equitable, and secure management of the personal data of our Users. For users outside the scope of the GDPR, this Privacy Policy is also intended to comply with applicable data protection laws in your jurisdiction.

Our Privacy Policy explains what kind of personal data we gather through Services, which include services you access through Portofóli Website (https://portofoli.com) and any other sites associated with Portofóli (collectively referred to as “the Website”), Portofóli applications and software developed by Portofóli independently or through contractual third parties, including web applications, mobile applications, e-wallet, and any other applications and software associated with Portofóli as well as all products, smart contracts, protocols and the native Portofóli Coin token (“Token”) (collectively referred to as “the Services”). It demonstrates how and why we collect personal data, our purposes for its use, and the third parties with whom we may share it. Moreover, it explains how you as a data subject may exercise your rights in relation to your personal data.

If you reside outside of the European Union (the “EU”) and the European Economic Area (the “EEA”), your access to and use of our Services shall mean your acceptance of this Policy. In case you reside in the EU and EEA please note that the sections marked under the term "GDPR-Covered User" relate to you.

Should any alterations be made to this Policy (alongside other policies, including our Terms of Service), we will notify you of such changes through our official communication channels, including email and in-app notifications, as well as directly on this page.

We strongly encourage you to read this Policy in its entirety to acquire a comprehensive understanding of the processes involving your data and your associated rights. For inquiries related to this Privacy Policy, data collection and usage, data disclosure, and sharing, or any other concerns or requests related to your personal data, please do not hesitate to get in touch with us via the communication channels mentioned above.

1. Definitions

The following section covers the basic definitions used in this Privacy Policy. It describes what is meant by your personal data and who controls and processes your personal data.

• Personal Data: Personal data means any information that relates to an identified or identifiable natural person. This includes details like names, addresses, email addresses, identification numbers, and even things like IP addresses or cookie identifiers, as well as any information found online that may reveal your physical, genetic, mental, economic, cultural or social identity.
• Data Subject: The data subject is the person who the personal data is about. In simpler terms, it’s you or any other individual whose personal information is being collected and processed.
• Data Controller: The data controller is the one who determines the purposes and means of processing personal data. In other words, they're the boss when it comes to deciding why and how your data is used. In this case, it would be us.
• Data Processor: The data processor, on the other hand, processes personal data on behalf of the data controller. In our case, they are vendors and partners we collaborate with that process your personal data for purposes determined by us.
• Processing of personal data: Processing of personal data is any action, whether automated or manual, performed on personal data, including collection, processing, storage, organization, modification, retrieval, sharing, transmission, dissemination, collation, interconnection, as well as blocking, deletion, or destruction, among others.
• GDPR covered user: GDPR covered user refers to the individuals whose personal data is subject to the protections and regulations set forth by the General Data Protection Regulation (GDPR). GDPR is the regulation in European Union (EU) law that focuses on data protection and privacy for individuals within the EU and the European Economic Area (EEA). In our case, GDPR covered users include citizens, residents, and anyone physically present in the EU or EEA accessing our Services.

2. Portofóli and Relationship with You

By using the Services, you agree to adhere to the Terms of Use. Portofóli is the entity responsible for providing the Services and determines how your Personal Information is processed, or similar designations as required by law. The Services are available for use by both organizations and individual users. If you are using the Services on behalf of an organization, that organization owns the associated accounts and may take specific actions regarding your access and use of the Services.

3. Information We Collect

In order to provide our Services, we need to gather information about you. We strive to collect as little personal information from you as possible, minimizing it to the information strictly necessary to provide our Services. This information may be collected by various means, for example, directly from you when you reach out to us by email, or, in some cases, through third parties, to an extent necessary to provide our Services.

Information we collect depends on your interaction with our Services. Some of the personal information you share is necessary for using our Services, while other information is optional. Below you will find information about personal data that we may collect through the aforementioned means.

We will never request information related to your racial or ethnic background, personal life, sexual orientation, political views, philosophical or religious beliefs, biometric or genetic data, or trade union membership.

Information that You Provide

• Basic User Data: Full name, Username
• Wallet Data: Wallet address
• Contact Data: Email address, Phone number, Physical address, Mailing address, Emergency contact information
• Account Data: Profile pictures and avatars, User-generated content (profile descriptions, bios), User preferences and settings
• Financial Data: Bank account numbers, Credit card information, Income details, Tax identification number, Financial transaction history
• Transaction Data: Purchase and sale history, Payment information for paid services, Purchase and sale history, Transaction amounts, Payment methods used, Billing addresses, Order amounts
• Referral Data: Information about new Users referred to the Platform through referral programs and partnership mechanisms
• Communications Data: Information submitted to you through our communication channels and over the course of our communication with you through the Customer Support channels, for example, via SMS or email; Survey responses; Information submitted through chatbots.
• Social Media Data: Social media profiles, User-generated content (posts, comments), Friends and connections, Social network activity

Information from Third Parties

In our continuous effort to provide you with our Services, we may obtain personal data from third-party partners and vendors. In case of such integration, the information collected by our partners is shared with us. We require our partners to have lawful purposes to collect, process, and use your personal data before sharing it with us.

• Marketing Data: This data aids us in refining our marketing strategies and offering you personalized recommendations. Advertisers may provide us with personal data to assess the effectiveness of advertising campaigns and optimize ad targeting.
• Blockchain Data: We may collect publicly available blockchain data to monitor and detect illegal activities, including those defined by applicable laws and regulations.
• Analytics Data: Includes Website usage statistics, Interactions, Questionnaire and survey responses, and Age groups.
• Research Data: Information received from third-party providers to conduct research related to our Services.
• API Integrations: To provide you with certain features and services, we may integrate with third-party APIs.
• Public Databases: Information retrieved from publicly available databases to enhance our Services and fulfill our legal and regulatory obligations.
• Identity Verification Partners: Data may include full names, address information, identification document images and data, personal identification codes, and other relevant identity-related data.

Information Collected Automatically

• Platform, Website, and Device Data: Device characteristics and identifiers, Operating system information, Browser type and information, IP addresses, etc.
• Activity Data: Clickstream information, or the information about what you click on when interacting with the Website and the Platform
• Troubleshooting Data: Diagnostic and performance information, such as crash logs, timestamps, performance logs, error messages, etc.
• Cookies Data: Information received from the use of cookies.
• Location Data: GPS coordinates, Location history, Wi-Fi access point data, IP addresses

Communications: If you reach out to us directly, we may request additional information such as your name, email address, personal address, phone number, and other relevant personal details. Whenever we ask for this information during communication, we will clearly explain the reasons behind it.

Please note that we will never ask you to provide your private keys when communicating with you. You should exercise caution and responsibility regarding the handling and safeguarding of your cryptocurrency wallet's private keys. In the event of a private key loss or compromise, we cannot intervene or rectify the situation. You are solely responsible for the protection and retention of your private keys.

4. How We Use Your Data

You understand and agree that by creating an Account and using our Services, you explicitly consent to the collection and processing of your data as outlined in this Policy. We process your data with your explicit consent. Processing without consent may take place where any of the following exceptions are met:

• There is an order issued by a competent judicial authority (including foreign judicial authorities) or an agreement adopted by a special investigative committee of the Legislative Assembly in the exercise of its office;
• The personal data is unrestricted access personal data and will not be processed for purposes other than those for which they were originally collected;
• The data must be provided by the individual or by the data controller as a result of a Constitutional or legal provision.

For GDPR-covered users, Portofóli may process your Personal Data for the following reasons:

• You have provided consent for us to do so.
• It is necessary to perform a contract with you.
• The processing is based on our legitimate interests, and it does not override your rights.
• To comply with legal obligations.

The table below details how we use your data:

• Providing and Maintaining Services and Platform: Managing the operation and maintenance of our Services to guarantee seamless functionality and accessibility for our users. (Lawful basis: Performance of a contract, Consent)
• Compliance with Laws and Regulations: Ensuring compliance with relevant laws and regulations, including anti-money laundering, terrorism financing, fraud prevention, and other financial crime regulations. (Lawful basis: Legal obligation, Legitimate interest)
• User Communication and Support: Communicating with you directly or through our partners for customer support, notifications, and marketing. (Lawful basis: Performance of a contract, Consent)
• User Notifications: Sending notifications, reminders, and confirmations. (Lawful basis: Performance of a contract, Consent)
• User Account Management: Managing user accounts, including setup, recovery, and termination. (Lawful basis: Performance of a contract, Consent)

5. How We Share Your Data

We may share your information with various third parties, including:

• Vendors and Service Providers: Hosting, maintenance, analytics, marketing, cybersecurity, and customer support.
• Identity Verification Services: To ensure compliance with legal requirements and verify user identities.
• Advertisers: Delivering relevant content and promotions tailored to user preferences.
• Law Enforcement: As required by applicable laws or regulations to maintain legal compliance.
• Business Partners: Jointly delivering services, promotions, or initiatives.
• Third-Party Platforms: When interacting with third-party applications through our Services.

6. How Your Data Is Secured

We prioritize the security of your personal data by employing the following measures:

• Access controls, including role-based access and multi-factor authentication.
• Regular security training for employees to handle data securely.
• Data backups and incident response procedures to address security breaches promptly.
• Encryption, secure storage, and network security measures.
• Conducting audits, vulnerability assessments, and penetration testing.

If you suspect any unauthorized activity, contact us at support@portofoli.net.

7. Data Retention

Your personal information is retained as long as necessary for the purposes outlined in this Policy. Specific retention practices include:

• Personal data will not be processed for more than 10 years after its original purpose has been fulfilled.
• If you delete your account with no transaction history, your data will be promptly removed.
• If your account has transaction history, we retain minimal data to comply with laws and anti-money laundering policies.

8. Your Rights as Data Subject

As a user, you have the right to:

• Access the personal data we hold about you.
• Request rectification or completion of inaccurate or incomplete data.
• Request deletion of personal data under certain circumstances.
• Restrict or object to the processing of your data.
• Request data portability to another service provider.

To exercise these rights, contact us at support@portofoli.net.