Last Update: February 2024

This Privacy and Cookies Policy (“Policy”) governs the access to and use of all parts of the platform and services branded as XERA (“XERA”, “we”, “our”, “us”) and refers to the domain http://www.xera.pro/ (hereinafter referred as the “Platform”) and all documents, data, materials or other information made available on the Platform.

This Policy applies to all visitors and/or users (“User”, “you”, “your”). Please read this Policy along with our Terms and Conditions carefully, and note that by using XERA, you are consenting to the collection, storage, processing, and transfer of your personal information in accordance with this Policy.

1. DEFINITIONS

   1. 1.1. “Account” refers to the account created on the 2access platform.

   2. 1.2. “Third-Party Partner Websites” refers to the website with whom we collaborate, where you can utilize your XERA Account credentials to access our services

   3. 1.3. “Personal Data” refers to any information that relates directly or indirectly to a natural person and/or legal entity whether living, deceased, active, inactive, or dormant who is identified or identifiable from that information, or from that and other information in the possession of a data User, including any sensitive Personal and commercial data and expression or actions of opinion about the User

   4. 1.4. “2access” refers to an intermediary platform that operates as a unified single sign-on platform (SSO) enabling Users to access Third-Party Partner Websites offered on their platform, which encompasses platforms such as XERA.

2. PURPOSE OF THIS POLICY

   1. We know how important it is for you to understand how we collect, store, process, share, and use your Personal Data. We respect and protect the privacy of our Users’ Personal Data on our Platform.

   2. The purpose of this Policy is to describe how XERA collects, stores, processes, shares, and uses Users’ Personal Data through the Platform.

3. ACCEPTANCE

   1. By accessing and using our Platform, you are consenting and accepting the terms of this Policy. If you do not agree or consent to any aspect of this Policy, you can withdraw your consent at any time and you should discontinue access or the use of our services.

4. USER LOGIN CREDENTIAL INFORMATION

   1. To establish an Account with XERA, Users are required to complete the registration procedure on the 2access platform http://www.2access.io/. Upon registration with 2access, you will be subjected to a separate onboarding process designed to facilitate 2access’ internal onboarding procedures. As part of this process, you must create a robust password and preserve it from any unauthorized access. Moreover, Users consent to abide by 2access’ Terms and Conditions and their Privacy Policy, and any additional policies or regulations stipulated by 2access.

   2. Each Third-Party Partner Website maintains its own distinct privacy policy that governs the collection, storage, processing, sharing, and use of your Personal Data. It is your responsibility to read, understand, and agree with the terms and legal documentation outlined across all these Third-Party Partner Websites’ privacy policies, in order to understand how your Personal Data is accessed, processed, stored, and managed across the different platforms available within the ecosystem.

   3. Users grant XERA permission to use their Personal Data as required to provide products and services on the Platform.

5. PERSONAL DATA WE COLLECT FROM USERS

   1. We collect and retain your Personal Data to facilitate, advance, and improve our array of products and services. This encompasses the development of technical infrastructure, reinforcement of security measures, adherence to compliance standards, prevention of fraud, and provision of customer support. Additionally, it is imperative to acknowledge that your Personal Data will also be collected in line with the prerequisites of our Third-Party Partner Websites.

   2. The Personal Data we collect from our Users might includes:

      1. Full name.

      2. Date of Birth.

      3. Email address.

      4. Gender.

      5. Nationality.

      6. Referral Activities on our Third-Party Partner Websites.

      7. Wallet address(s).

      8. Transaction details.

      9. Passport or National ID number.

      10. Telephone number.

      11. Credit card details.

      12. Source of wealth.

      13. Occupation.

      14. Bank account details, including institution name, branch, account name, bank identifier.

      15. Bank account number or IBAN.

   3. The Personal Data we collect from our Users pertaining to browser information might includes:

      1. IP Address.

      2. Login information.

      3. Browser type and version.

      4. Time zone setting.

      5. Platform.

      6. Operating System.

      7. Transaction history.

      8. Pages accessed and links clicked.

6. HOW USERS’ PERSONAL DATA IS USED

   1. We process and use Users’ Personal Data for a number of purposes, including but not limited to, the following:

      1. To communicate with the User

      2. To provide our products and services.

      3. To comply with legal and regulatory compliance requirements.

      4. To detect and prevent fraud and credit risks.

      5. To provide, troubleshoot, and improve XERA products and Services.

      6. To enforce our terms in our Term of Use.

      7. To provide customer services.

      8. To ensure quality control.

      9. To ensure network and information security.

      10. To enhance and personalize User experience.

      11. To engage in marketing activities.

      12. For Transaction services.

      13. For purposes for which we seek the User’s consent.

7. DATA TRANSFER

   1. We may share your Personal Data with specific third-parties, which include "Third-Party Partner Websites," encompassing business suppliers, distributors, promoters, and subcontractors. Such sharing of data becomes essential for the effective delivery of our products and services, and to improve our products and services, or in instances where a legal basis mandates such sharing. Please note that the aforementioned Third-Party Partner Websites are authorized to collect, utilize, and disclose your information as directed by us. This ensures that the services provided are comprehensive and aligned with our standards.

   2. Given the nature of our products and services with the Third-Party Partner Websites, your Personal Data may be subject to transfers between these integrated platforms. This transfer of data occurs seamlessly and efficiently, enabling the harmonious operation of our services within the broader ecosystem. Please be aware that these transfers may be conducted without prior notice to you to ensure seamless and efficient use of the platforms. Your continued engagement with our products and services signifies your acknowledgment and acceptance of this data transfer mechanism.

   3. We further ensure that we comply with the applicable data protection legal norms and we shall only share information in the following circumstances:

      1. With applicable regulatory and governmental bodies.

      2. With third-party KYC/AML service providers integrated with 2access verification purposes in the User onboarding process.

      3. With service providers under contracts to operate the business. For instance:

         1. Cloud storage.

         2. Network Infrastructure.

         3. Security.

         4. Customer Support.

         5. Marketing.

         6. Data Analytics.

      4. We transfer only the minimum amount of data necessary for a particular outsourced service provider(s) (if applicable) and we only cooperate with the outsourced service providers who can provide and ensure an adequate level of Personal Data protection aligned with our own standard.

   4. XERA ensures that the service providers and affiliates/business partners who process personal information acknowledge the confidentiality of this information and protect the User’s right to privacy by complying with all applicable privacy and data protection laws.

   5. Each Third-Party Partner Website may have its own data transfer clauses, terms of use, and privacy policies governing how your data is collected, stored, processed, shared, and used. By using our Platform to access the products and services of Third-Party Partner Websites, you acknowledge and agree to adhere to the data transfer clauses and privacy policies of those Third-Party Partner Websites, as may be applicable.

8. PROTECTION AND STORAGE OF PERSONAL DATA

   1. XERA maintains physical, technical, administrative, and procedural safeguards in connection with the collection, storage, and disclosure of the User’s Personal Data. We use firewall barriers, encryption techniques, and authentication procedures to maintain the security of User’s online sessions.

   2. Furthermore, XERA does not ensure the security or privacy of data transmitted via email, phone, or SMS, until such data reaches the domain of our network since we have no access to protect such data until it reaches our network domain.

9. DATA RETENTION

   1. XERA is responsible for retaining either the original or a precise copy of all data and information acquired from its Users. This retention will be in a format that is readily accessible for a span of five (5) years following the conclusion of your involvement with our products and services, as well as those offered by our Third-Party Partner Websites on which our services are engaged. Any Personal Data provided by you will be securely maintained by us until the point at which you choose to request the termination of our association.

   2. We shall take reasonable measures to ensure that all Personal Data is destroyed or permanently deleted if it is no longer required for the purpose of providing our services for which it was processed and in certain circumstances if required by law, the XERA may not destroy any relevant records or Personal Data even though the prescribed period for retention shall have elapsed.

   3. Furthermore, information or data collected via technical means such as cookies, web page counters, and other analytics tools is kept for a period of up to one year from the expiry of the Cookies Policy.

10. DATA PROTECTION LAW AND THE EUROPEAN DATA PROTECTION RIGHTS

    1. This Policy is governed by and shall be construed in accordance with the data protection laws of the British Virgin Islands. Additionally, the highest global standard of data protection, as set forth in the General Data Protection Regulation ("GDPR"), shall also apply to the processing of Personal Data covered by this Policy.

    2. In accordance with the GDPR, XERA provides privacy notices:

       1. In a concise, transparent, intelligible, and easily accessible form.

       2. Written in clear and plain language.

       3. Delivered in a timely manner; and

       4. Free of charge

    3. If the Users are located in the European Economic Area (EEA), you will have the rights as described below:

       1. You may request access to and receive information about the Personal Data we maintain about you, update and correct inaccuracies in your Personal Data, restrict or object to the processing of your Personal Data, have the information anonymized or deleted, as appropriate, or exercise your right to data portability to easily transfer your Personal Data to another company.

       2. You may withdraw any consent you previously provided to us regarding the processing of your Personal Data, at any time and free of charge. We will apply your preferences going forward and this will not affect the lawfulness of the processing before you withdraw your consent.

       3. If you are located in the EEA, we will comply with applicable GDPR law when transferring your Personal Data outside of the EEA.

11. YOUR RIGHTS PROTECTED UNDER THE GDPR

    1. Under certain circumstances, you have rights under data protection laws in relation to your Personal Data, which are set out in more detail below:

    2. Request Access - This enables you to request details of the information, and copies of your Personal Data, and to check that we are lawfully processing it. This is also commonly known as a "data subject access request". This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

    3. Request Erasure - This enables you to request that we delete or remove Personal Data we hold about you, where there is no good reason for us to continue to process it. Please note that there may be circumstances where we may be legally entitled to retain your Personal Data.

    4. Request to Restrict or Object to Processing- This right enables you to object to the manner and/or scope in which we process your Personal Data. In the event of such an objection, we will no longer process your Personal Data, unless we demonstrate compelling legitimate grounds for doing so, which overrides the interests, rights, and freedoms of the data subject, or for the establishment, exercise, or defense of legal claims. You also have the right to object if you reasonably believe we are processing your Personal Data for direct marketing purposes.

    5. Request to Transfer - At your request, we shall provide you with your Personal Data in a structured, commonly used, machine-readable format, so that you may transfer or reuse your Personal Data across different services.

12. COOKIES POLICY

    1. Cookies are small text files that are placed on your device like a computer, mobile, or any other device by a Platform, containing details of your browsing history. Whenever you visit our Platform, the Platform sends Cookies to the device you are using to access our Platform, and your device automatically stores the Cookies in a file located within your Platform browser allowing us to recognize your device upon future access.

    2. We use the following Cookies to operate our Platform, such as:

       1. Session Cookies are temporary and expire once you close your browser. It stores information for the time, or session when you are on our Platform.

       2. Persistent Cookies encompass all Cookies that remain on your hard drive until you erase them or your browser does it. It depends on the Cookie’s expiration date. All persistent cookies have an expiration date written into their code, but their duration can vary.

       3. First Party Cookies are put on your device directly by the Platform you are visiting.

       4. Third Party Cookies are placed on your device, not by our Platform, but by a third party like an advertiser or an analytic system. Generally, Third-Party Cookies consist of tracking Cookies used to identify online behavior, understand interests, and then customize advertising for the User on other Platforms. Any information obtained from Third-Party Cookies is processed by the respective Collaborative Partners.

       5. Google Analytics Cookies measure our User’s interactions with the content on our Platform. These Cookies collect information about your interactions with our Platform, such as unique visits, repeat visits, session duration, and Platform activity.

       6. Facebook Pixel processes information about a User’s activity on our Platform, such as the Platform visited, browser data, and more. The information processed from Facebook Pixel is used to serve ads based on your interests through Facebook, as well as to measure cross-device conversions and User interactions on our Platform.

       7. Essential Cookies are known as strictly necessary Cookies for you to browse our Platform and use its features, such as accessing secure areas of our Platform. These Cookies are generally First-Party Session Cookies. These Cookies do not require consent from you. Essential Cookies helps to make our Platform easy to use by providing basic functions such as page navigation, language selections, authorization, and filling in forms. Our Platform will not function without these Cookies and they cannot be disabled. These Cookies do not reveal the User’s identity or collect information. They are stored on the User’s device until the browser is closed.

       8. Functionality Cookies allow our Platform to remember choices you have made in the past like what language you prefer, what region you would like, or what username and password are so you can automatically log in. We use Cookies for navigation and to facilitate your access to and use of this site. These Cookies are necessary for the transmission of communications on the network or to supply services whatever requested by you. Further, they help us to know which pages are the most and least popular and see how visitors move around the Platform.

       9. Performance Cookies collect information about how you use our Platform, like which page you visited and which link you clicked on. None of this type of information can be used to identify you. The sole purpose of performance cookies is to improve how our Platform functions. Analytics may collect information through log data, such as; (i) IP address, (ii) Type of browser and device, (iii) Operating system, (iv) Name of the Internet Service Provider, (v) Country information, (vi) Date and time of visit, (vii) Web page origin and exit; and/or

       10. Marketing Cookies track your online activity to help advertisers deliver more relevant advertising or to limit how many times you see an advertisement. These Cookies can share information with other organizations or advertisers. These cookies may be set through the Platform by our advertising partners. If you do not allow these cookies, you will experience less targeted advertising. These cookies are set on your device for up to two (2) years or deleted if you erase your browser cookie data.

    3. You reserve the right to decide whether to accept or reject Cookies from our Platform. You can exercise your Cookies rights by setting your preferences in the Cookies Consent Manager. However, you will not be able to reject the Essential Cookies and still access the Platform, as they are strictly necessary to provide you with our Services. In the event you choose to reject certain Cookies, you may still use our Platform though your access to some functionality and areas of our Platform may be restricted. You may also set or amend your web browser controls to accept or refuse Cookies.

13. MODIFICATIONS

    1. We reserve the right, at our sole discretion, to modify, amend, supplement, or replace this Policy at any time and such update details shall be indicated at the top of this page. Our Terms and Conditions, and any other policy (including this Policy) may be revised or updated periodically to meet the necessary requirements and standards. We encourage you to regularly visit our Platform to stay informed about any changes to our Policies.. Your continued access to the Platform means that you agree to the updated content and to abide by the updated Policy.

14. CONTACT INFORMATION

    1. In the event of any comments, questions, inquiries, or complaints regarding this Policy, the User has the right to submit questions and/or concerns at support@xera.pro.