last updated: 10 July 2022
Opium.Network protects your personal data in accordance with the EU General Data Protection Regulation (“GDPR”) and any other applicable (data privacy) laws and our data privacy policies. Furthermore, Opium.Network maintains the appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto.
We collect personal data of our employees, potential employees, clients, suppliers, business contacts, shareholders and website users. If the data we collect are not listed in this Policy, we will give individuals (when required by law) appropriate notice of which other data will be collected and how they will be used.
Except for certain information that is required by law, your decision to provide any personal data to us is voluntary. You will therefore not be subject to adverse consequences if you do not wish to provide us with your personal data. However, please note that if you do not provide certain information, we may not be able to accomplish some or all of the purposes outlined in this Policy, and you may not be able to use certain tools and systems which require the use of such personal data.
If you provide us with personal data of another person (for example by submitting a form from for on behalf of another individual), you are responsible for ensuring that such person is made aware of the information contained in this Policy and that the person has given you his/her consent for sharing the information with Opium.Network.
Opium.Network only uses your personal data only where such is required for specific and known purposes as further detailed below. Such purposes include the correct provision of our products and services to you and our compliance with applicable banking and finance regulations. Opium.Network does not share your personal information with any third party except if such is required to correctly and properly perform our obligations to you pursuant to our agreement.
- Administering our contractual relationship:
Required for the correct and proper performance of a contract to which you are a party
- Operating and managing our business operations
- Our legitimate interest for ensuring the proper functioning of our business operations
- Complying with legal requirements
Required for the compliance with a regulatory and legal obligations to which we are subject to
- Monitoring of your use of our systems (including monitoring the use of our website and any apps and tools you use)
Required on the basis of our legitimate interests of avoiding non-compliance, protecting our reputation and integrity of our systems and operations.
Opium.Network protects your personal data in accordance with applicable laws and our data privacy policies. In addition, Opium.Network maintains the appropriate technical and organizational measures to protect your personal data against unauthorized or unlawful processing and/or against accidental loss, alteration, disclosure or access, or accidental or unlawful destruction of or damage thereto.
We will process your personal data for the purposes mentioned above based on your prior consent, to the extent such consent is mandatory under applicable laws.
We will process your personal data by applying the Privacy by Design Principle and the Data Minimization Principle. Where possible, we will work towards anonymization of your personal data.
We may transfer personal data to our service providers, professional advisors, public and governmental authorities or third parties in connection with a (potential) corporate or commercial transaction. Such third parties may be in other countries. Before we do so, we shall take the necessary steps to ensure that your personal data will be given adequate protection as required by relevant data privacy laws and Opium.Network’s internal policies.
Unless you are otherwise notified, any transfers of your personal data from within the European Economic Area (EEA) to third parties outside the EEA will be based on an adequacy decision or are governed by the standard contractual clauses (a copy of which can be obtained through the contact information included below). Any other non-EEA related transfers of your personal data will take place in accordance with the appropriate international data transfer mechanisms and standards.
The term “sensitive data” refers to the various categories of personal data identified by data privacy laws as requiring special treatment, including in some circumstances the need to obtain explicit consent from you. These categories include racial or ethnic origin, political opinions, religious, philosophical or other similar beliefs, membership of a trade union, physical or mental health, biometric or genetic data, sexual life or orientation, or criminal convictions and offences (including information about suspected criminal activities).
We maintain organizational, physical and technical security arrangements for all the personal data we hold. We have protocols, controls and relevant policies, procedures and guidance to maintain these arrangements considering the risks associated with the categories of personal data and the processing we undertake.
We adopt industry-standard and proper security measures to protect your personal data. We have regular (penetration) testing performed by a third-party provider, which continues to show the strength of our technical defences.
Regarding your use of our websites, you should understand that the open nature of the internet is such that information and personal data flows over networks connecting you to our systems without security measures and may be accessed and used by people other than those for whom the data are intended.
We will retain your personal data only for as long as is necessary. We maintain specific records management and retention policies and procedures, so that personal data are deleted after a reasonable time according to the following retention criteria:
- We retain your data as long as we have an ongoing relationship with you (in particular, if you have an account with us).
- We will only keep the data while your account is active or for as long as needed to provide services to you.
- We retain your data for as long as needed in order to comply with our EU and other legal and contractual obligations applicable pursuant to our agreement with you.
You are entitled (in the circumstances and under the conditions, and subject to the exceptions, set out in applicable law) to:
- Request access to the personal data we process about you: this right entitles you to know whether we hold personal data about you and, if we do, to obtain information on and a copy of that personal data.
- Request a rectification of your personal data: this right entitles you to have your personal data be corrected if it is inaccurate or incomplete.
- Object to the processing of your personal data: this right entitles you to request that Opium.Network no longer processes your personal data.
- Request the erasure of your personal data: this right entitles you to request the erasure of your personal data, including where such personal data would no longer be necessary to achieve the purposes.
- Request the restriction of the processing of your personal data: this right entitles you to request that Opium.Network only processes your personal data in limited circumstances, including with your consent.
- Request portability of your personal data: this right entitles you to receive a copy (in a structured, commonly used and machine-readable format) of personal data that you have provided to Opium.Network, or request Opium.Network to transmit such personal data to another data controller.
- To the extent that the processing of your personal data is based on your consent, you have the right to withdraw such consent at any time by contacting us. Please note that this will not affect Opium.Network’s right to process personal data obtained prior to the withdrawal of your consent, or its right to continue parts of the processing based on other legal bases than your consent.
If at any time, you believe that your data privacy rights have been violated, you have the right at all times to register a complaint directly with the relevant supervisory authority or to make a claim against Opium.Network with a competent court (either in the country where you live, the country where you work or the country where you deem that data privacy law has been infringed). For any questions, concerns, complaints please also reach out to our Data Privacy Department, at [email protected]. We endeavor to respond to any such questions, concerns or complaints within 15 (working) days.
We may analyse your IP and browser information to determine what is most effective about our website, to help us identify ways to improve it and, eventually, to determine how we can tailor our website to make it a more positive and relevant user experience.
If you have any questions on data privacy or any aspects of our production activities, please contact us at [email protected]. or send a notice to:
Attn.: Data Privacy Department
- You have a general question about how Opium.NetworkFinance protects your personal data.
- You wish to exercise your rights in relation to your personal data rights
- You wish to make a complaint about Opium.Network’s use of your data.
For contact details of your local Data Protection Authority, please see:http://ec.europa.eu/justice/data-protection/article-29/structure/data-protection-authorities/index_en.htm