This Privacy Declaration forms integral part of SMARC’s Token App Terms.
Purpose and legal basis for data processing: We process personal data to conclude and perform the Token Swap with you or the company you represent, as well as to comply with our legal obligations. Once the Token Swap is completed, we will process personal data which you have provided through the Token App to manage the relationship with you as holder of SMARC dividend rights certificates (e.g. to register you in the dividend rights certificate register or for correspondence with you). In addition, we may process personal data for purposes which are in our legitimate interest, where those legitimate interests are not overridden by your rights or interests.
Type of information: Personal data we process about you or beneficial owner or company you represent may include contact information and other basic personal information (e.g. name, address, email address), information to verify your identity (e.g. foto and data of passport or identity card) and wallet information required for payments by SMARC of monetary compensation, as well as other information collected via technology when you interact with the Token App, including but not limited to information automatically provided by your browser, such as your IP address.
Location of data storage and processing: The data that we collect from you may be processed in, transferred to, and/or stored at a location inside Switzerland, the European Union, the European Economic Area.
Disclosure of your data and categories of recipients: We may disclose your personal data to third party service providers, (i) to implement our obligations which we have to you, or (ii) which provide services to us, if such third party needs access to the data to perform its services. We may disclose your personal data to other third parties (i) If we are involved in a merger, acquisition or sale of all or part of our business or assets; (ii) in order to comply with legal, regulatory or court obligations; (iii) In order to protect our right, property or safety; or (iv) as otherwise provided in the Token App Terms and the Token-Equity Swap terms.
Your rights: You may assert the following rights as further set out in the Swiss Data Protection Act (DPA) or the EU General Data Protection Regulation (GDPR), as applicable: (a) right of access by the data subject, (b) right to rectification or erasure; (c) right to restriction of data processing; (d) right to data portability; (e) right to object the data processing; (f) right to lodge a complaint with our data protection counselor or a competent data protection authority. In general, exercising these rights requires that you are able to prove your identity (e.g., by a copy of identification documents) where your identity is not evident otherwise or can be verified in another way.
Data retention: We process and retain your personal data as long as required for the performance of our contractual obligation and compliance with legal obligations or other purposes pursued with the processing, as well as beyond this duration in accordance with legal retention and documentation obligations. Personal data may be retained for the period during which claims can be asserted against us or to the extent we are legally obliged to do so or if legitimate business interests require further retention (e.g., for evidence and documentation purposes). As soon as your personal data are no longer required for the above-mentioned purposes, they will be deleted or blocked the extent possible. After successful identity verification, Onfido will delete all personal data you have provided from its platform.
Data security: We have appropriate technical and organizational measures in place to protect your personal data from loss, unauthorized access or misuse. Please be aware that despite regular checks, no system can provide complete protection against all hazards. Unfortunately, the transmission of data via the internet is not completely secure; we can therefore not guarantee the security of your personal data transmitted to and from the Token App. We are not responsible for damages incurred which are outside our reasonable control, including malfunctions that could jeopardize the security of the servers on which a database containing personal data is hosted.
Controller, Contact Information and Supervisory Authority: Smart Containers Group AG, Gotthardstrasse 28, 6302 Zug, Switzerland is the controller of your data in the context of this Token App. You can notify us on any data protection related concerns at our postal address with an additional line “Attn. Data Protection Counselor” or by email to firstname.lastname@example.org with the subject “Data Protection”. The competent Supervisory Authority for data protection matters in Switzerland is the Federal Data Protection and Information Commissioner, Feldeggweg, CH-3003 Bern, Switzerland, (http://www.edoeb.admin.ch).