In this data privacy notice we, LiquidChain AG (also: “we”, “us” or “our”), explain the type, scope and purposes of the collection and other processing of personal data in connection with the use of our web sites and/or services, the Liquidity Network, a non-custodial, financial intermediary offering payment services, and the Liquidity Exchange, a non-custodial off-chain exchange („Services“). Our Services are available via a web wallet and mobile applications. This data privacy notice applies to our web wallet and mobile applications as well as to the web sites available under the main domain liquidity.network („Website“ or „Websites“).
Personal data are all data relating to an identified or identifiable natural person. The processing of personal data in connection with the use of our Websites and/or Services is based on the General Data Protection Regulation of the EU (“GDPR”) and the Federal Data Protection Act (“FADP”). Although this data privacy notice is also based on the GDPR, this does not imply a choice of law in favour of EU law. This data privacy notice shall be governed by the substantive law of Switzerland to the exclusion of any conflict laws provision.
If you do not agree to this data privacy notice, do not continue to use our Services and/or Websites.
Data Controller of the data processing described here is:
For concerns in connection with data protection, please contact the above contact address (this is also the address of our data protection officer in accordance with Art. 37 GDPR).
The personal data of the person concerned will be deleted or blocked as soon as the purpose of storage ceases to apply. Furthermore, data may be stored if this is provided for by law. The data will also be blocked or deleted if a legally prescribed storage period expires, unless there is a need for further storage of the data, e.g. for the conclusion or fulfilment of a contract.
When providing Services to you, we will share personal data with persons acting on your behalf or otherwise involved in the transaction (depending on the type of relationship or contract with you and depending on the type of Services you receive from us), including, where relevant banks, other financial institutions or market counterparties.
In some instances, we share personal data with our suppliers, including other business partners who provide services to us, such as compliance service providers, legal service providers, IT and hosting providers, communication services and marketing providers, and others. When we do so we take steps to ensure they meet our data security standards, so that your personal data remains secure.
If required from time to time, we disclose personal data to public authorities, regulators or governmental bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so.
If our business is sold to another organisation or if it is re-organised, personal data will be shared so that you can continue to receive Services. We will usually also share personal data with prospective purchasers when we consider selling or transferring part or all of a business. We take steps to ensure such potential purchasers keep the data secure.
We may need to disclose personal data to exercise or protect legal rights, including ours and those of our employees or other stakeholders, or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.
The recipients referred to in section 3 may be located outside Switzerland. In those cases, except where the relevant country has been determined by the Federal Data Protection and Information Commissioner to provide an adequate level of protection, we require such recipients to comply with appropriate measures designed to protect personal data contained within a binding legal agreement.
When using the Websites for information purposes only, i.e. unless you provide us with other information, we only collect the personal data that your browser transmits to our server. When this data is stored, it is not assigned to a specific person. When you view our Website, we collect the following data, which are technically necessary for us to display our Website to you and to guarantee stability and security (legal basis is Art. 6 Para. 1 Lit. f GDPR):
date and time of the request
time zone difference to Greenwich Mean Time (GMT) time zone
content of the request (specific page)
access status/http status code
amount of data transferred in each case
website from which the request comes
browser (incl. language and version)
operating system and version of the browser software.
We will, depending on the Services we provide to you (if any), collect and process personal data about you including your username, name, date of birth, nationality, country of residence, phone number, physical and electronic address, your ethereum address, details of our interactions with you and the Services you use, identifiers we assign to you, such as your client number, and related data.
However, it is crucial to note that the wallet private keys are never transmitted to our servers, so it is not possible for us to access your Ether funds or other cryptographic assets in any case.
When you contact us by email, we will store the data you have provided (your message, your email address, your name and your telephone number if applicable) in order to arrange appointments or to answer your questions. We delete the data arising in this context after storage is no longer necessary, or restrict processing if statutory retention obligations exist.
Our Website contains a contact form that can be used to contact us. The data entered in the contact form is transmitted in encrypted form (SSL encryption). The data entered in the contact form will be stored for the purpose of processing or contacting the person making contact. This data will not be passed on to third parties.
In addition to the aforementioned data, cookies are stored on your computer when you use our Websites. Cookies are small text files that are stored on your hard disk or the memory of the mobile device assigned to the browser you use and through which certain information flows to the place that sets the cookie (here by us). Cookies cannot run programs or transmit viruses to your computer. A cookie typically contains the name of the domain from which the cookie originates, the lifetime of the cookie and a unique identifier.
Our Website uses session cookies and permanent cookies, the scope and functionality of which are explained below.
Session cookies are temporarily set cookies. Session cookies are required above all to enable the user to use our Website and, if applicable, to register or log in. These store a so-called ses-sion ID, with which different requests of your browser can be assigned to the common session. This will allow your computer to be recognized when you return to our Website, even if we do not know who you are. Session cookies are deleted when you log out or close your browser.
We also use permanent cookies. These remain longer in the cookie file of your browser. The duration depends on the lifetime of the respective cookie. Permanent cookies are automatically deleted after the specified period. You can delete cookies at any time in the security settings of your browser. Permanent cookies allow the website to remember the selection you made (e.g. registration data, the language you selected).
The Websites use Google Analytics with the extension “_anonymizeIp()”. As a result, the IP addresses are further processed in abbreviated form, so that a personal relationship can be excluded. As far as the data collected about you is personal, it will be excluded immediately and the personal data will be deleted immediately.
We use Google Analytics to analyse and regularly improve the use of our Website. We can improve our offer and make it more interesting for you as a user. For the exceptions in which personal data is transferred to the USA, Google has submitted to the US Privacy Shield Agreement, https://www.privacyshield.gov/participant?id=a2zt000000001L5AAI&status=Active.
Third Party Information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User Terms: http://www.google.com/analytics/terms/de.html, Data Privacy Notice: http://www.google.de/intl/de/policies/privacy.
Our mobile applications use Firebase, a mobile applications development and analysis service of Google LLC, which offers various features. Our mobile applications use the following features:
Google Analytics for Firebase
Google Analytics for Firebase uses identifiers for mobile devices, cookies and similar technologies that enable an analysis of the use of the mobile applications. Please note, however, that we do not use the advertising module on our mobile applications. The information generated by the cookies etc. about your use of the applications (including your IP address) is transmitted to and stored by Google on servers, the majority of which are located in the USA. On behalf of the operator of the mobile application, Google will use this information to evaluate your use of the Websites, to compile reports on Website activity and to provide other services relating to mobile application and internet use. Google may pass this information on to third parties if required to do so by law or in the event that third parties are commissioned by Google to carry out this data processing.
You may refuse the use of or Google Analytics for Firebase by selecting the appropriate settings in the settings section of the application, however please note that if you do this you may not be able to use the full functionality of the mobile applications.
In case of an error in the mobile application Firebase Crashlytics collects data and information on your phone called log data. This log data may include information such as your devices’s IP address, device name, operating system version, configuration of the app when utilising our Service, the time and date of your use of the Service, and other statistics.
You may refuse the use of or Firebase Crashlytics by selecting the appropriate settings in the settings section of the application, however please note that if you do this you may not be able to use the full functionality of the mobile applications.
We also use Cloud Firestore to store and sync data between you and devices - at global scale - using a cloud-hosted, NoSQL database.
Firebase Remote Config
We also use Remote Config to fetch a global configuration file which allows us to customize the mobile applications.
Firebase Cloud Messaging
We also use Firebase Cloud Messaging to send you push notifications containing important information regarding our Services.
Third Party Information: Google Dublin, Google Ireland Ltd., Gordon House, Barrow Street, Dublin 4, Ireland, Fax: +353 (1) 436 1001. User Terms Overview: https://firebase.google.com/terms/, User Terms Google Analytics for Firebase: https://firebase.google.com/terms/analytics/, User Terms Firebase Crashlytics: https://firebase.google.com/terms/crashlytics/, Data Privacy Notice: http://www.google.de/intl/de/policies/privacy.
Our mobile applications use Sentry, an application monitoring service of Functional Software Inc., which helps identify and debug errors. Sentry may for example collect your email address or username, the type of web browser and operating system used, device identifiers, IP address, event type, and related source code.
Third Party Information: Functional Software, Inc. dba Sentry, 132 Hawthorne Street, San Francisco, CA 94107, USA, email: [email protected] User Terms: https://sentry.io/terms/, Security Information: https://sentry.io/security/, Data Privacy Notice: https://sentry.io/privacy/.
a) Due to Statutory Provisions (Art. 6 Para. 1 Lit. c. GDPR)
Data is processed in order to meet our legal or regulatory responsibilities.
We are subject to various legal obligations, meaning statutory requirements (e.g. the anti-money laundering regulations and tax laws). The purpose of data processing is to carry out the customer’s on-boarding processes, including verifying your identity, and conducting legal and other regulatory audits (e.g. to comply with money laundering and fraud prevention regulations). In addition, the purpose of data processing is to meet our ongoing regulatory and compliance obligations (e.g. anti-money laundering and tax laws), including the collection and monitoring of communications, disclosures to tax authorities, financial services regulators and other regulatory and governmental authorities, and the investigation or prevention of crime.
b) For Fulfillment of Contractual Obligations (Art. 6 Para. 1 Lit. b GDPR)
Data is processed in order to provide services in accordance with our legal agreements with our clients or to carry out pre-contractual measures that occur as part of a request from an interested party.
The purpose of data processing is primarily to enable us to provide you with products and services and to ensure that they are properly executed, e.g. by ensuring that we can identify you and act in accordance with your instructions. In addition, the purpose of data processing is to administer our relationship with you, including communication with you regarding the products and services you receive from us and our business partners, and to process questions and complaints relating to customer service.
c) In the Context of Balancing Interests (Art. 6 Para. 1 Lit. f GPDR)
Where required, we process your data beyond the actual fulfillment of the contract for the purposes of the legitimate interests pursued by us or a third party.
The purpose of data processing is primarily to pursue certain of the purposes in section 5.3 (a), exercise our rights under Articles 26 and 27 of the Federal Constitution of the Swiss Confederation, including our freedom to conduct a business and right to property, provide products and services and assuring a consistently high service standard, and keeping our customers and other stakeholders satisfied, meet our accountability and regulatory requirements, and assert legal claims and a defense in legal disputes.
d) As a result of your consent (Art. 6 Para. 1 Lit. f GPDR)
As long as you have granted us consent to process your personal data for certain purposes, this processing is legal on the basis of your consent.
Within the scope of the data protection law applicable to you, you have the right to information about the personal data concerned, correction, deletion, restriction of processing, objection to processing, data transferability (GDPR). To assert your rights against us, you can contact us at the address given in section 1.
If data processing is based on your consent, you can revoke this at any time without giving reasons for the future. The revocation is also to be addressed to the person responsible via the contact details in section 1.
You can also assert your own claims in court or complain to a data protection supervisory authority about our processing of your personal data. The responsible data protection authority in Switzerland is the Federal Data Protection and Information Commissioner and can be contacted at http://www.edoeb.admin.ch.
We have in place appropriate technical and organisational measures to prevent unauthorised or unlawful access to the personal data you have provided to us. As complete data security cannot be guaranteed for communication via e-mails, and similar means of communication, we would recommend sending any particularly confidential information by an alternative secure means.
We reserve the right to modify this data privacy notice at any time. If the data privacy notice has been updated, we will take steps to inform you of the update by appropriate means, depending on how we normally communicate with you. This data privacy notice does not establish any contractual rights.