Privacy Policy

I. GENERAL PROVISIONS

  1. BNK Operations, L.P. (limited partnership number 1773, registered at Craigmuir Chambers, P.O. Box 71, Road Town, Tortola, VG 1110, the British Virgin Islands) (the “Company“ or “we“) is a data controller and holds a brand name Bankera Loans under which provides crypto-backed loans services (the “Bankera Loans“ or “Services“).
  2. This Privacy Policy (the “Policy") applies to your use of our website at https://loans.bankera.com (the “Website") and indicates how your personal data is being processed by the Company in accordance with the applicable laws.
  3. The Company takes all the necessary measures to protect your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. This includes legal, organizational, technical, and physical security measures.
  4. By using this Website and the Services you confirm you have read, understood and agree with this Policy. The Company reserves the right to make changes to this Policy. An up-to-date version of the Policy is posted on the Website.

II. PERSONAL DATA MANAGEMENT PRINCIPLES

  1. The Company undertakes to ensure your personal data is:
    1. processed lawfully, fairly, and in a transparent manner in relation to you;
    2. collected for specified, explicit and legitimate purposes (conducting know your customer (KYC) checks, ongoing monitoring, etc.), and not further processed in a manner that is incompatible with those purposes;
    3. adequate, relevant and limited to what is necessary for relation to the purposes for with they are processed;
    4. accurate and, where necessary, kept up to date;
    5. kept in a form which permits your identification for no longer than is necessary for the purposes for which the personal data are processed;
    6. processed in a manner that ensures appropriate security of your personal data.
  2. Your personal data will be processed if:
    1. you have given consent to the processing of your personal data for one or more specific purposes;
    2. processing is necessary for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract;
    3. processing is necessary for compliance with a legal obligation to which we are subject;
    4. processing is necessary for the purposes of the legitimate interests pursued by us or the third party.
  3. If you have any questions regarding this Privacy Policy or your data protection or if you want to withdraw your consent or terminate the contract you have concluded with the Company, you may contact us by e-mail: [email protected].
  4. The Company may subject its customers to decisions based solely on automated processing, including profiling, only if they have explicitly agreed with such processing.

III. PERSONAL DATA AND PURPOSES FOR WHICH IT IS BEING COLLECTED

The scope of the Customer‘s personal data which could be requested by the Company and further processed in order to provide the Services for the below indicated purposes may vary depending on the type of Services chosen particularly by the Customer and Company‘s applied verification procedures to execute it, as well as, legal requirements applied for such provision of Services in order to prevent terrorist financing and money laundering.

  1. For the purposes of identity establishment and verification, prevention of money laundering and terrorist financing, implementation of ”Know Your Customer“ principle, provision of loan issuance services (account opening, transfers of funds, payment collection, etc.), execution of contractual and other legal obligations:
    1. We may collect such information:
      1. Details of the Customer:
        1. General identification data: name, surname, personal code or date of birth, citizenship(s), place of birth (city, country), registered residential address, actual address (if differs from address or registered residence), phone number, e-mail, signature, photo;
        2. Identity document: ID Type (Passport / Identity Card / Residence permit), its copy, document number, country of issue, date of issue, date of expiry;
        3. Country of residence for tax purposes: country, taxpayer identification number (TIN);
        4. Other: Criminal record.
      2. Information about the Customer‘s occupation and income sources:
        1. Specific occupation: Paid employee (company name, position) / owner of legal entity (company name) / registered self employee / Unemployed (specification required e.g. student, retired, other);
        2. Main sectors of customer’s occupation, individual or business activity;
        3. Information regarding countries in which customer is employed carries out an individual activity or business: countries, whereas activity or business is conducted or registered in preferential tax zone, percentage of turnover in cash for such activity or business;
        4. Source of Customers income, proof of source of funds.
      3. Specification of the requested loan:
        1. Reason for applying for a crypto-backed loan;
        2. Service which the customer plans to use;
        3. Bank accounts in other banks or payment / electronic money institutions;
        4. Requested loan terms;
        5. Provided collateral.
      4. Information about politically exposed persons (PEP) (if needed):
        1. General information: relation, name, surname, country, institution position.
      5. Information about Ultimate Beneficial Owner;
        1. General identification data: name, surname, personal code (date of birth), citizenship, country of residence for tax purposes, place of birth, tax identification number (TIN), registered residential address, the share of benefit.
      6. Information about customer‘s payment accounts, crypto-wallets which is prerequisite for depositing collateral and other funds, receiving the loan and making interest and loans repayments:
        1. Account information: name and surname of bank (payment) account owner, IBAN;
        2. Customer‘s crypto-wallet: name of crypto-wallet account, crypto- wallet address, crypto-wallet statements, Customer‘s actions history;
    2. The legal basis for the above-mentioned processing is the performance of a contract to which the data subject is a party and therewith provision of the Services requested by the Customer.
    3. We collect the above-mentioned data directly from you and / or from third parties including but not limited to the Centre of Registers, identity verification, and financial sanctions databases. We will store your data for the period of our continuing business relationship and later on for 5 years since the termination of our business relationship. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    4. We may provide this data to supervising institutions, credit, financial, payment and (or) electronic money institutions, courts, law enforcement institutions, State Tax Inspectorate, lawyers, auditors, other subjects if the Company has to comply with a legal obligation to which it is a subject or if such requested personal data is necessary for the concrete data receiver to carry out a particular inquiry in the general interest, in accordance with Union or Member State law, or if the data requesting party has a legitimate interest to request for such information. Also, we may provide this to parties with whom the Company has services provision contracts.
    5. This data may be provided to third countries only if Services are carried out to a third country, or a partner (correspondent) from a third country is engaged in the Services.
    6. Storage and processing of this data are required by the laws of the British Virgin Islands and our Terms and Conditions. If you refuse to provide this information the Company retains the right not to enter or terminate a contract with you and to refuse to provide services.
  2. For the purpose of debt management (management and collection of debts, submission of claims, demands, lawsuits and other documents, provision of document for debt collection, etc):
    1. Information we may collect: your name, surname, personal code, address, date of birth, ID Type (Passport / Identity Card / Residence permit), document number, country of issue, date of issue, date of expiry, e-mail address, phone number, payment account number, IP address, personal account statements.
    2. The legal basis for the above-mentioned processing is the performance of a contract to which the data subject is a party and execution of his/her obligation(s) indicated therein or legitimate interest of third parties.
    3. We collect the aforementioned data from you and / or from third parties including but not limited to the Centre of Registers, credit institutions, companies processing consolidated debtor files, courts, etc.
    4. The due date for the debt is 5 years from the day the debt is incurred. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    5. We may provide this data to the companies processing consolidated debtor files, credit, financial, payment and / or electronic money institutions, lawyers, courts, law enforcement institutions, State Tax Inspectorate and other subjects if the Company has to comply with a legal obligation to which the Company is a subject or if such requested personal data is necessary for the concrete data receiver to carry out a particular inquiry in the general interest in accordance with the law, or if the data requesting party has a legitimate interest to get such information.
    6. The aforementioned data could be provided to third countries only if the debt is somehow related to those third countries and the Company has received an official institution‘s request to transfer such data in order to carry out a particular inquiry in a third country.
    7. Storage and processing of this data are required by the laws of the British Virgin Islands and our Terms and Conditions. If you refuse to provide us this information the Company retains the right not to enter or terminate a contract with you and to refuse to provide services.
  3. For the purpose of maintenance and administration of a business relationship with the Customer, correspondence with the Customer, assessment of the Customer's needs, consultation:
    1. Information we may collect: your IP address, your name, surname, address, date of birth, e-mail address, phone number, Customer‘s actions history in his/her account, communication with the Customer together with the information provided in the communication, other information you provide us in accordance with Paragraph III and/or which we are processing due to your exercise of our services.
    2. The legal basis for the above-mentioned processing is the performance of a contract to which the data subject is a party and therewith provision of the Services requested by the Customer.
    3. We will store this information for the aforementioned purpose for the period of our continuing business relationship and later on for 5 years from the date of termination of our business relationship. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    4. We may provide this data to other parties if the Company has to comply with a legal obligation to which the Company is a subject or if such requested personal data is necessary for the concrete data receiver to carry out a particular inquiry in the general interest, in accordance with the law, or if the data requesting party has a legitimate interest to get such information.
    5. Storage and processing of this data are required by the laws of the British Virgin Islands and our Terms and Conditions. If you refuse to provide this information the Company retains the right not to enter or terminate a contract with you and to refuse to provide services.
  4. For the purpose of protection of our lawful interests, dispute prevention, collection of evidence:
    1. Information we may collect: your IP address, name, surname, address, date of birth, e-mail address, phone number, payment account statements, transactions history, phone call recordings, written correspondence with the Customer together with information which is provided in the correspondence, information about court and other administrative proceedings where the Customer is present, debts and other Customer‘s obligations towards us or to third parties and other information which you have provided in accordance with Paragraph III or which we are processing due to execution of our services.
    2. The legal basis for the above-mentioned processing is the performance of a contract to which the data subject is a party.
    3. We collect this data from you and / or from third parties including but not limited to law enforcement authorities, courts, credit institutions, companies processing consolidated debtor files, etc.
    4. We will store this information for the aforementioned purpose for the period of our continuing business relationship and later on for 5 years from the date of termination of our business relationship. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    5. We may provide this data to supervising institutions, companies processing consolidated debtor files, lawyers, courts, law enforcement institutions, other subjects if the Company has to comply with a legal obligation to which the Company is a subject or if such requested personal data is necessary for the concrete data receiver to carry out a particular inquiry in the general interest, in accordance with the law, or if the data requesting party has a legitimate interest to get such information.
    6. Storage and processing of this data are required by the laws of the British Virgin Islands and our Terms and Conditions. If you decline to provide us with this information the Company retains the right not to enter or terminate a contract with you and to refuse to provide services.
  5. For the purpose of compliance with a legal obligation, legitimate interest of the third parties and assistance for carrying out a particular inquiry in the general interest in accordance with the law:
    1. The Company processes all the data provided by the Customer and indicated in Paragraph III and/or which we are processing due to your exercise of our Services.
    2. The legal basis for the above-mentioned processing is the compliance with a legal obligation to which the Company is a subject or legitimate interest of a third party.
    3. During the provision of Services to the Customer the Company is willing to cooperate with supervising institutions, companies processing consolidated debtor files, lawyers, courts, law enforcement institutions and other subjects from all over the world which has a lawful basis and legitimate interest to request the specific information about the particular Customer. The concrete scope of the Customer‘s personal data which may be provided to the requesting party depends on the content of the received request. The Company may provide the Customer‘s personal data specified by the aforesaid party (-ies) if the Company has assessed that:
      1. the Company must provide the requested data because it is the Company‘s legal obligation;
      2. the Company must provide the requested data because the third party has a legitimate interest to get such information;
      3. the Company must provide the requested data in order to assist the third party to carry out a particular inquiry in the general interest, in accordance with the law.
    4. We will store your data for this purpose for the period of our continuing business relationship and later on for 5 years. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    5. Storage and processing of this data are required by the laws of the British Virgin Islands. If you decline to provide us with this information the Company retains the right not to enter or terminate a contract with you and to refuse to provide services.
  6. For the purpose of direct marketing:
    1. In order to provide you the news about the launch of Bankera Loans your e-mail might be processed by the Company for direct marketing purposes but only if you have specifically expressed your will to receive such newsletters.
    2. Your e-mail for the purpose indicated in 6.1. will be processed as long as the news regarding the launch of the Services would be relevant, but not longer than 2 years, counted from the moment you expressed your consent to such processing by entering your e-mail in the Website‘s field, except in cases in which you decided to revoke your consent earlier. Together with your e-mail your personal data, such as IP address and the date when you gave consent (and later on also the date when the consent expires) will be processed for the time while your consent for direct marketing is valid. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    3. In order to provide you up-to-date news about Bankera Loans products, Services and proposals, your e-mail might be processed by the Company for direct marketing purposes but only if you have explicitly agreed with that before.
    4. Your e-mail for the purpose indicated in 6.3. will be processed for 5 years, counted from the moment you expressed your consent to such processing, except in cases in which you decided to revoke your consent earlier. Together with your e-mail your personal data, such as IP address and the date when you gave a consent and or you have renewed it (and later on also the day of termination of services or expiration/revocation date of the consent) will be processed for the time while your consent for direct marketing is valid. This time limit may be additionally extended if a competent authority conducts an investigation and the further data processing is necessary to execute it or if the Company feels necessary to maintain data longer, especially, due to the nature of its business or business relationship (transactions).
    5. You have a right not to consent to direct marketing or, if you have already agreed to such processing, to revoke your present consent at any time by withdrawing your consent in your profile settings or by clicking on the withdrawal link provided in the received newsletters or by sending us a request at [email protected].
    6. We share your e-mail address with MailerLite which provides us newsletters sending services. We may also provide the data, collected for the aforementioned purpose, to other parties if the Company has to comply with a legal obligation to which the Company is a subject or if such requested personal data is necessary for the concrete data receiver to carry out a particular inquiry in the general interest, in accordance with the law, or if the data requesting party has a legitimate interest to get such information.
  7. For the purpose of use of Company‘s website:
    1. Once you have entered into our Website the following information of your personal data may be collected: IP address, access date and time (register), webpage name and URL, device operating system data, information about the internet provider, geo-location data, language settings, and other relevant data.
    2. The legal basis for the above-mentioned processing is the legitimate interest of the company in order to prevent wilful violations and destructive acts on the website.
    3. Such data will be processed for the period depending on the Company’s preference and the circumstances surrounding its business relationships (transactions).
    4. The Company may also collect and use cookies for the operation of the Website, traffic analysis, performance assessment, referral, and direct marketing. Cookies are usually small text files, given ID tags that are stored on your computer's browser directory or program data subfolders. Cookies are created when you use your browser to visit a website that uses cookies to keep track of your movements within the site, help you resume where you left off, remember your registered login, theme selection, preferences, and other customization functions. The Website stores a corresponding file (with same ID tag) to the one they set in your browser and in this file they can track and keep information on your movements within the site and any information you may have voluntarily given while visiting the website, such as e-mail address. Once you have entered the website you are informed about cookies and your consent to imply them will be asked. Please note that if you decide not to agree with placing cookies on your device the website may not work properly. For more information about cookies please read our Cookies Policy.

IV. YOUR RIGHTS REGARDING THE PROCESSING OF YOUR PERSONAL DATA

  1. You have certain legal rights in relation to the processing of your personal data, including:
    1. the right to obtain confirmation as to whether or not personal data concerning you are being processed, and, where that is the case, access to the personal data and the information regarding its processing;
    2. the right to obtain from us without undue delay the rectification of inaccurate personal data concerning you and, taking into account the purpose of the processing, the right to have incomplete personal information completed;
    3. the right to obtain from us the erasure of personal data concerning you without undue delay if possible;
    4. the right to obtain from us restriction of processing if possible;
    5. the right to data portability if possible;
    6. the right to object at any time to processing of your personal data if possible;
    7. the right not to be subject to automated individual decision-making, including profiling if possible.
  2. This Policy does not deprive you of any other legal rights you may enforce under the applicable law.
  3. You may exercise your rights by sending us a request via e-mail: [email protected].
  4. The Customer may exercise his / her rights only after the Company has successfully identified him / her. If the Company is not sure about the identity of the person sending data request, the Company may not provide the requested information to him / her, unless the Customer‘s identity is confirmed. Therefore, if you are sending a request via e-mail, kindly ask you to attach a certified copy of your ID document (preferably the one you used for entering into a business relationship with the company) herewith. In addition, the Company keeps the right to decide the other or additional legitimate means of identification proof should be requested, such as a selfie with your ID document, video or voice call, or any other additional document which could let to determine your identity.
  5. The Customer is provided with information related to the exercise of their rights free of charge. However, the Customer's request for the exercise of rights may be waived or may be subject to an appropriate fee if the request is manifestly unfounded or excessive, in particular, because of their repetitive character.
  6. The Company shall provide the Customer with information on the actions taken upon receipt of the Customer's request for the exercise of his rights or the reasons for the inaction no later than within 1 month from the receipt of the request. The period for submitting the requested information may be extended, if necessary, for a further 2 months, depending on the complexity and number of requests. When the Customer submits the request by electronic means, the information shall also be provided by electronic means.
  7. If the Customer considers that his / her personal data is being processed in violation of his / her rights and legitimate interests in accordance with applicable law, the Customer shall have the right to file a complaint against the processing of Personal Data to the State Data Protection Inspectorate.
  8. The Company designates a representative – Secure Currency Ltd (company code 013555V, registered office at 12 Mount Havelock, Douglas, IM1 2QG, Isle of Man, the United Kingdom) (the “Representative”). Therefore, you may address your requests regarding personal data to the Representative via e-mail: [email protected].

V. YOUR RESPONSIBILITIES

  1. You confirm that you have provided correct data about yourself in every required form and that afterward when changing or adding any data at the Website, you will enter only correct data. The Company will not tolerate invalid, false or otherwise incorrect data and will pursue actions in accordance with its legal obligations. You shall bear any losses that occur with regard to the submission of invalid, false or otherwise incorrect data.
  2. You are responsible for maintaining adequate security and control of every identification number, password, and / or any other code that you use to access the Website. If you have not complied with this obligation and / or could, but have not prevented it and / or performed it on purpose or due to own negligence, you assume the losses and undertake to reimburse the losses of other persons incurred as a result of your (in)action.
  3. In the event of loss of any password by yourself or if the password(s) are disclosed not due to your or Company‘s fault, or in case of a real threat that has occurred or may occur to your account, you undertake to change the password(s) immediately or, if you do not have a possibility to do that, not later than within 1 calendar day notify the Company by e-mail at [email protected]. The Company shall not be liable for consequences that have originated due to the notification failure.
  4. After the Company receives the notification from you as indicated above, the Company shall immediately suspend access to your account and provision of the Company services until a new password is provided / created for you.
  5. The Company draws your attention to the fact that e-mail address and any other contact information you have chosen to link to your account are used for your identification and communication. You undertake the responsibility to protect these instruments and logins to them. You are responsible for password disclosure and for all operations performed after you use the password for a relevant account. We recommend memorizing your passwords and not to write them down or enter anywhere where they may be seen by other persons.

VI. FINAL PROVISIONS

  1. This Policy shall be viewed and applied in accordance with the laws of the British Virgin Islands.
  2. The Company may change, amend, delete any of the provisions contained in this Privacy Policy at any time and in its sole discretion. Any such changes will be effective upon the posting of the revised Privacy Policy and you are solely responsible for reviewing any such notice and the corresponding changes to the Agreement. Your continued use of the Website and Services following any such revisions to the Privacy Policy will constitute your acceptance of such changes. If you do not agree to any of such changes, do not continue to use our Services.
  3. Company websites and products may contain links to third-party sites. These third-party websites apply their own privacy policies. If you visit these websites, you will be covered by their respective policies.
  4. If you have any queries with regards to this Policy please do not hesitate to contact us via e-mail: [email protected].