Privacy Policy

Date of last revision: 05th February, 2018

This document refers to personal data, this is defined as information concerning any living person (a natural person who hereafter will be called the Data Subject) that is not already in the public domain.

The Data Protection Act (DPA), Privacy and Electronic Communications Regulations (PECR) and The General Data Protection Regulation (GDPR) which is EU wide and far more extensive, seek to protect and enhance the rights of data subjects. These rights cover the safeguarding of personal data, protection against the unlawful processing of personal data and the unrestricted movement of personal data within the EU. It should be noted that GDPR does not apply to information already in the public domain such as Companies House data.

Since, protecting your personal information is our top priority, which is why we only use your data in strict compliance with applicable data protection principles. The provisions of the EU General Data Protection Regulation (hereinafter – “GDPR”) become enforceable throughout Europe on 25 May 2018. We want to keep you fully informed now about how Volum Holdings OU (“hereinafter – VOLUM”) processes personal data in accordance with this new regulation (see Article 13 ff. GDPR). Please read our privacy policy carefully. If you have any questions or comments about our privacy policy, you can always contact us at the e-mail address below.

1. About our services

We are the company which sells VLM tokens. VLM token is a usual digital product (digital goods, digital commodities), developed by the Company as variety of digital tokens, specified by standard Ethereum ERC20 Token Standard (ERC20). VLM token could be useful only within the platform created by Company (hereinafter – VOLUM Platform). VLM token is a digital product, utility token, and it does not have any value outside VOLUM Platform. The utility of such good is closely linked only with VOLUM Platform. The existence of this good maintains by smart contract developed by the Company and Ethereum blockchain developed by third parties. Blockchain was determined as a database for the keeping of data about the release of good, its movement and redemption due to the fact of its reliability (permanence guaranteed by decentralizing) and popularity.

2. Overview

The following privacy policy informs you about the nature and extent of the processing of personal data by Volum Holdings OU, a legal entity, duly incorporated under the law of Estonia, with the company number 14513559, and registered office address Ahtri tn 12, Tallinn, 10151, Estonia. Personal data is any information that allows an individual to be identified directly or indirectly. The use of products, services, technologies or features, and all related pages, applications and services (collectively referred to as the “Services”), is governed by this Privacy Policy.

When you register for the first time, or log on in the case of existing customers, you declare by means of a simple notification that you accept this Privacy Policy and expressly consent to the handling, use and disclosure of your personal data in the manner described herein.

The data gathered by VOLUM can be divided primarily into two categories:

  • All data required for the processing, preparation and performance of an agreement with VOLUM. If other service provides are involved in the performance of the agreement, e.g. payment services, optimization services or hosts, your data will be forwarded to them to the extent required.
  • When you access our Services, some information is exchanged between your device and our server, or the server of the services we use. This may include personal information. One of the ways in which the information gathered in this way will used is to further improve our Service.

Under the GDPR, you have various rights that you can assert with us. These include the right to selectively object to the use of data, particularly for advertising purposes. The option to object is highlighted in print. Further information on your rights can be found in the additional section below and in the individual descriptions of the respective data uses.

If you have any questions about our Privacy Policy, you may contact our data privacy officer by email at: info@volum.io

3. Name and Contact Information for the Person Responsible for Data Processing and of the Company’s Data Privacy Officer

This Privacy Policy applies to data processing by VOLUM and to the following services: VOLUM website. Our company data privacy officer may be reached at: info@volum.io

4. Purposes of Data Collection, Legal Basis and Legitimate Interests Pursued by Us or a Third Party, and Categories of Recipients

4.1. Accessing our Service. If you access our Service, especially by visiting our website or the browser used on your device automatically sends information to our server and temporarily stores it in a log file. The following information is collected without your intervention and stored until it is automatically or manually deleted in the log file:

  • Your device’s IP address
  • Date and time of access
  • The name and URL of the retrieved file, the website/app from which access was made (referrer URL)
  • Your browser’s unique identifier
  • The name of your Internet provider

The processing of the aforementioned data is based on Article 6 paragraph 1 lit. f) GDPR. Our legitimate interest arises from the uses listed below. At this point, we note that we are unable and do not attempt to draw any conclusions about your identity from the data collected. Your device’s IP address and the other information listed above are used by us for the following purposes:

  • To ensure that a trouble-free connection can be established
  • To ensure the convenient use of our Service
  • To evaluate system security and stability
  • Other administrative purposes

The data is stored in compliance with legally established data retention periods and then deleted automatically. We also use cookies, tracking tools, targeting methods and interfaces to other services such as social media platforms, payment processors or app store providers. The exact procedures, and how your data will be used for this purpose, are explained in more detail in section 5 below.

4.2. Concluding, Performing or Terminating an Agreement. We primarily define our Services as those of platform where you can buy VLM tokens. To give you such possibility, we collect the information required to conclude, perform or terminate an agreement. This includes:

  • E-mail address
  • First and last name
  • Billing and payment information
  • Information you enter yourself and that is generated during the use of our Services, such as gender, age, country of residing, etc.

The legal basis for this is Art. 6(1) a) and b) and Art. 9(2) a) of the GDPR. Unless we use your contact information for customer support or customer service, the information required to conclude the agreement is stored until it is no longer needed for this purpose and/or until the rights under any guarantee or warranty expire. Subsequently, we retain the required personal information for the periods established by law. During this retention period (usually six to 10 years after conclusion of the agreement), the information is used only in the case of an audit by the tax authority.

4.3. Data Processing for Customer Support or Customer Service4.3.1. Informational purposes

If you have signed-up for our services, we keep you as an existing customer. In this case, we process your contact information in order to send you information about new, enhanced or improved features, products and services, etc.4.3.2. Personalized ads

To ensure that you receive only information that corresponds to your interests, we classify and add information to your customer profile. For this purpose, both statistical information as well as information about you (such as basic or historical data from your customer profile) are used. The goal is to optimize our Services by adapting them to your actual or perceived interests and/or needs, and to send you the appropriate recommendations and not bother you with useless ads.

The legal basis for each of the aforementioned data uses is Art. 6(1) b) and f) of the GDPR and Art. 9(2) a) of the GDPR.  The use of existing customer data for the company’s own advertising purpose is recognized as a legitimate interest under Recital 47 of the GDPR.4.3.3. Right to Object

You may object to the use of your data for the aforementioned purposes at any time free of charge for each communication channel and with effect for the future. An email or a letter sent using the contact information shown under 1. is sufficient for this purpose.

Once you submit your objection, we will block the relevant contact address for future advertising data processing. We will process your objection as soon as possible and implement the appropriate blocking measures immediately after it is confirmed. Please note that in some exceptional cases the relevant information or product recommendations may still be received even after receipt of your objection. This is simply due to technical reasons and does not mean your objection has not been processed. Thank you very much for your understanding.

5. Data Processing for the Provision of our Services

In this section, we inform you about the data processing necessary for the provision of our Services:

5.1. Online Presence and Website Optimization. We will not sell or lease your information to third parties for their marketing purposes without your explicit consent. We only disclose certain information to third parties from time to time to be able to offer the best possible product to our customers, improve the quality of our Services and protect the interests of our customers. However, this disclosure will always be subject to strict limitations, which are described in more detail below.5.1.1. Cookies – General Information

We use cookies on our website in compliance with Art. 6(1) f) of the GDPR. Our interest in improving our Services is recognized as legitimate in the aforementioned provision. Cookies are small files generated automatically by your browser and stored on your device (laptop, tablet, smartphone, etc.) when you use our Services. Cookies do not harm your device, and do not contain viruses, Trojans or other malware. Cookies contain information downloaded by the specific device. This does not mean, however, that we receive direct knowledge of your identity.  One purpose of cookies is to make it more convenient for you to use our Services. For example, we use session cookies to track your use of the individual pages of our website or when you have logged on to your customer account. When you use our Service again at a later time, the cookie automatically recognizes your previous visit to the website, as well as your input and settings, so that you do not have to enter them again. To make the site more user friendly, we also use temporary cookies, which are stored on your device for a pre-determined period of time. These cookies are automatically deleted when you log off.

If you already have a customer account and are logged on, the information stored on the cookies are associated with that account.

Another reason we use cookies is to gather statistics on the use of our Services and evaluate them in order to optimize your experience and to display information tailored to you. These cookies allow us to automatically recognize that you have visited our site before. The cookies are automatically deleted after a pre-defined period. Most browsers accept cookies automatically. However, you can disable cookies on your browser or choose to be notified when a new cookie is created. However, disabling cookies completely may mean that not all features of our services will be available to you. The storage period of cookies depends on their purpose and is not the same for all of them.

6. Recipients outside the EU

As indicated above under 3.4 and 3.5, data may also be sent to recipients located outside the European Union or the European Economic Area. This applies in particular to the aforementioned processing of analysis and/or targeting technologies, which can result in data transmission to the servers of the service providers. Other recipients may be affiliated service providers that we need in order to provide our services, e.g. hosts, CRM tools, analytical service providers. These servers may be outside the EU, especially in the US. We make absolutely sure that these service providers guarantee data protection standards equivalent to those of the GDPR and that they comply with the applicable directives. Therefore, we only work with those service providers who are certified by the EU-US Privacy Shield. In case number C(2016) 4176), the European Commission established the suitability of this data protection level for certification in compliance with Art. 45 GDPR. The use of these certified service providers thus meets European standards for lawful data processing. In addition, we have obtained suitable contractual guarantees from all service providers based in other EU countries, which ensure compliance with these EU standards and the enforcement of the rights of affected persons, for example based on the standard contractual clauses of the European Commission.

7. Your Rights

7.1. Overview. In addition to the right at any time to withdraw any consent you have given us, you are also entitled to the following if the respective legal conditions are met:

  • The right to be informed about your personal data that is stored with us, pursuant to Art. 15 GDPR
  • In the event of transmissions covered by Art. 46, 47 or 49(1) 2) GDPR, the right to information, or references to suitable or appropriate guarantees that a copy of them can be obtained, or where they are available
  • Your personal data that is stored with us, pursuant to Art. 15 GDPR
  • The right to correct inaccurate or incomplete data, pursuant to Art. 16 GDPR
  • The right to the deletion of your personal information that is stored with us, pursuant to Art. 17 GDPR
  • The right to limit the processing of your data, pursuant to Art. 18 GDPR
  • Right to data portability, pursuant to Art. 20 GDPR.

7.2. Right to Object. Under the provisions of Art. 21(1) GDPR, the data subject has the right to object on grounds relating to his or her particular situation, at any time to the processing of personal data.

The foregoing general right to object applies to all processing purposes described in this Privacy Policy that are based on Article 6(1) f) GDPR. Unlike the special right to object to data processing for commercial purposes (see above under 3.3), we are only obliged to implement such a general objection under the GDPR if you state reasons of overriding importance (e.g. a potential risk to life or health).

7.3 You can request the following information:

  • Identity and the contact details of the person or organization that has determined how and why to process your data.
  • Contact details of the data protection officer, where applicable.
  • The purpose of the processing as well as the legal basis for processing.
  • If the processing is based on the legitimate interests of VOLUM or a third party such as one of its clients, information about those interests.
  • The categories of personal data collected, stored and processed.
  • Recipient (s) or categories of recipients that the data is/will be disclosed to.
  • How long the data will be stored.
  • Details of your rights to correct, erase, restrict or object to such processing.
  • Information about your right to withdraw consent at any time.
  • How to lodge a complaint with the supervisory authority.
  • Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obliged to provide the personal data and the possible consequences of failing to provide such data.
  • The source of personal data if it wasn’t collected directly from you.
  • Any details and information of automated decision making, such as profiling, and any meaningful information about the logic involved, as well as the significance and expected consequences of such processing.

8. Data Security

We apply the highest standards to data security for our infrastructure and the processing of your data. For example, we use protection mechanisms for computers such as firewalls and data encryption. Our buildings and data are subject to physical access controls. Access to the personal information of our customers is only possible for those employees who need them to carry out their activities.

All personal data sent by you, including your payment information, is also transmitted using the generally accepted and secure SSL (Secure Socket Layer) standard. SSL is a secure and proven standard, e.g. it is also used for online banking. You will recognize a secure SSL connection with the placement of an “s” at the end of http (i.e. https://www.volum.io) in the address bar of your browser, or with the lock icon at the bottom of the browser.

We also apply suitable technical and organizational security measures to protect your personal data stored with us against manipulation, partial or complete loss, and against unauthorized access by third parties. Our security measures are continuously monitored using the latest technology, and regularly adapted to the relevant risk, and improved if necessary.

9. Disclosure

VOLUM may on occasions pass your Personal Information to third parties exclusively to process work on its behalf. VOLUM requires these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice and GDPR. VOLUM do not broker or pass on information gained from your engagement with the agency without your consent. However, VOLUM may disclose your Personal Information to meet legal obligations, regulations or valid governmental request.

Volum