Comment on page
We at ZENIT know and understand how important it is for you to understand how we collect, store, process, share and use your personal data. We respect and protect the privacy of our users’ personal data in our Platform.
The purpose of this Policy is to describe how ZENIT collects, processes and manages users’ personal data through the Platform, which are developed to offer ZENIT services.
By accessing and using ZENIT, you are consenting and accepting the terms of this Policy. If you do not agree or consent with the details we require with any aspect of this Policy, you shall at any time withdraw your consent and discontinue access or use of our services.
Your Personal data is collected and stored with ZENIT in order to provide, develop and to enhance our products and services including technical infrastructure, security, compliance, fraud prevention and customer support. We are committed to exercising due diligence when dealing with every User on the Platform, to ensure compliance with applicable Laws and regulations that are required to prevent the facilitation of money laundering and terrorist financing.
We may use personal data for the following purposes:
a. To communicate with User
b. To comply with legal and regulatory compliance
c. To detect and prevent frauds and credit risks
d. To provide, troubleshoot and improve ZENIT Services
e. To enforce our terms in our Term of Use
f. To provide customer services
g. To ensure quality control
h. To ensure network and information security
i. To enhance and personalize User experience
j. To facilitate corporate acquisitions, mergers or transactions
k. To engage in marketing activities
l. For Transaction services
m. Purposes for which we seek User’s consent.
We may share your personal data with selected third parties, including business suppliers, distributors and subcontractors, when it is necessary for the delivery of our services, or when there is a legal basis to do so. The aforementioned third parties only collect, use and disclose your information in the ways indicated by us in this Policy.
We further ensure that we comply with the applicable data protection legal norms and we shall only share information in the following circumstances:
a. With applicable regulatory bodies of Costa Rica. In the event of suspicious activities or transactions such as any fraud, tax, money laundering or terrorist financing activities, ZENIT is obliged to share the User’s personal information with the applicable regulatory bodies.
b. With third party KYC/AML service providers of ZENIT to identity verification services in User onboarding process and in ongoing transaction monitoring process.
c. ZENIT intends to uphold and implement the strictest standards of compliance, security and transparency in its operation, starting with detailed verification of onboarding Users and transaction monitoring Users sending and receiving activity, and protect Users, therefore ZENIT acquires the User’s information via third party KYC/AML service providers to provide streamlined verification process for individuals and companies with global coverage, configurable verification rules, detailed and case management tools along with Politically Exposed Person (PEP) database screening, financial crime screening, legality of assets verification and due diligence services.
d. We may also share personal data with service providers under contracts to operate the business. For instance;
- Cloud storage
- Payment process
- Transaction Monitoring
- Network Infrastructure
- Customer Support
- Data analytics
e. With our affiliates/ business partners as a general part of conducting business to offer services
f. With financial Institution which we partner to process payments you have authorized
ZENIT ensures that the service providers and affiliates/ business partners who process personal information acknowledge the confidentiality of this information and to protect the User’s right to privacy by complying with all applicable privacy and data protection laws.
ZENIT maintains physical, technical, administrative and procedural safeguards in connection with the collections, storage and disclosure of User’s personal data. We use firewall barriers, encryption techniques and authentication procedures to maintain the security of User’s online sessions.
In the event of a User signing in his/her account on different devices, ZENIT shall notify a security alert to confirm and ensure the protection of the User’s account.
You are requested to protect your account password from unauthorized access to avoid unnecessary authentication issues. In order to circumvent loss, misuse, unauthorized acquisition or alteration of your data, also you are further requested to choose the strongest password and to protect the account privacy data from any third-parties. In the event of unauthorized access, the ZENIT insists you notify ZENIT Customer Support immediately.
Furthermore, ZENIT does not ensure the security or privacy of data transmitted via email, phone or SMS, till such data reaches the domain of our network, since we have no access to protect such data until it reaches our network domain.
ZENIT shall keep the original or a true copy of all KYC Documents, data and information it receives from its User in a readily retrievable format for five 5 years after termination of your relationship with our Services.
When an investigation into a suspicious User or a suspicious transaction has been initiated and in the event of proceeding the investigation in respect of the User, ZENIT shall not destroy any relevant records even though the prescribed period for retention shall have elapsed by the reporting authority, for the reason that we are subjected to certain anti-money laundering laws.
ZENIT is obliged and bound by the General Data Protection Regulation (GDPR).
Under certain circumstances, you have rights under data protection laws in relation to your personal data which are set out in more detail below
a) Request access - This enables you to receive copies of your personal data. We hold about you and to check that we are lawfully processing it. This is also commonly known as a "data subject access request". This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.
b) Request erasure - This enables you to request us to delete or remove personal data where there is no good reason for us continuing to process it. Please note that there may be circumstances where we may be legally entitled to retain your personal data.
c) Request to Restrict Processing- This enables you to object to the processing of your personal data, which is processed based on our legitimate interests. In the event of such an objection, we will no longer process your personal data, unless we demonstrate compelling legitimate grounds for the processing which override the interests, rights and freedoms of the data subject or for the establishment, exercise or defense of legal claims.
d) Request to Object Processing - You have the right to object to the processing of your personal data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. You also have the right to object where we are processing your personal data for direct marketing purposes.
e) Request to transfer - If you request us, we will provide you or a third party you have chosen, your personal data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
We are not liable or responsible for any breaches of personal data that may occur as a result of the public nature of the blockchain.
By using our services, you acknowledge and accept the risks associated with storing personal information on a public blockchain, and you agree that we are not liable for any damages or losses arising from any such breaches or the public nature of the blockchain.
We reserve the right, at our sole discretion, to modify, amend, supplement or replace this Policy at any time and such update details shall be indicated at the top of this page. We will review and revise this Policy when there are any material circumstances arisen that may affect our ability to apply this Policy pursuant to the provisions of statutory and law requirements. What constitutes a material change will be determined at our sole discretion.
We will inform our Users on all material amendments to this Policy by publishing the updated version of this Policy on our Platform. When an updated version of the Policy is released, your continued access to the Platform means that you agree to the updated content and agree to abide by the updated Policy.