Official GrapheneOS sales donate
We respect your data and privacy
Privacy is our main focus
Effective April 23, 2024
We want to make sure you have all the information you need. While we provide translations of our legal agreements and policies for your ease, please keep in mind that the English version is the official and most accurate one. Translations are just here to help you read and understand better, but they don’t have any legal weight. If there’s ever a misunderstanding, the English version will be the one that counts.
1. General
Cryptvice, with registered office at Avenida de Manolete 3a and registered with the NIF under number B72758436 (hereinafter ” Cryptvice”), considers the protection of personal privacy to be extremely important. Cryptvice wishes to inform its customers and users as much as possible about its services, while respecting their data and giving them control over what happens to them. Cryptvice wants to manage and use its customer data safely, respectfully and with due diligence in order to provide better service to its customers and to offer the best possible experience. Cryptvice therefore starts from the principle that everyone must have control over their personal data. Below, you will find information about what data Cryptvice collects, why, how long for and how you can control it.
Cryptvice invites its customers to take the time to thoroughly review this Privacy Policy, together with the Terms and Conditions for Privacy Services and any other conditions that may apply to its products and services.
2. Applicability
This Privacy Policy applies to all our customers (current, former and future) and to all visitors to the Cryptvice website(s).
The European General Data Protection Regulation 2016/679 of 27 April 2016 (“General Data Protection Regulation”), the law of 30 July 2018 (“Law for the protection of personal information”), the law of 13 June 2005 (“Electronic Communications Act”) and the accompanying implementing decrees, as well as any future changes hereto, regulate the protection of your personal data.
Cryptvice endeavors to fulfill its obligations and to respect the rights of the customer whenever Cryptvice processes your personal data. For more information about this, Cryptvice would like to refer you to the website of the Commission for the Protection of Privacy.
3. Processing of personal data and responsibilities
The term “Personal Data” refers to any information related to a natural person that is identified or can be identified (‘Data Subject’); this includes, among others, an individual’s name, identification number, location data, online identifier, as well as physical, physiological, genetic, mental, economic, cultural, or social identity.
The collection and processing of personal data by Cryptvice primarily concerns the data that customers voluntarily enter through our website pages or that Cryptvice obtains through the use of our products and services.
As the responsible party, Cryptvice processes customer personal data for the purposes described in this Privacy Policy. However, customers have certain obligations regarding the processing of personal data that allow them to use Cryptvice’s products and services. In this capacity, customers must always obtain the legally required authorizations from end-users for the processing of their personal data by Cryptvice, insofar as necessary within the framework of Cyptvice’s products and services.
4. Purposes
Cryptvice processes personal data for various purposes. We only process data that is necessary to achieve the intended purpose. Therefore, we use personal data in the following situations:
- When we have received permission.
- In the context of the preparation or performance of our contract.
- To comply with legal or regulatory provisions to which we are subject.
- When Cryptvice has a justified interest, such as direct marketing, fraud prevention, internal administration management, or monitoring of appropriate network and information security. In such instances, we always strive to maintain a balance between our interest and respecting the privacy of the person concerned.
Cryptvice collects personal data for the following specific purposes, as necessary and with consent:
To initiate the processing of an application for our esteemed products and world-class services.
If you visit our website with an intention to gather information about our products and services or to subscribe to Cryptvice’s newsletter, we respectfully request your address details. All information received by Cryptvice during this pre-contractual phase will only be used by Cryptvice to provide you with the requested information, in a manner that befits your preference. Furthermore, upon becoming a customer of Cryptvice, we shall require various personal details including but not limited to name, address, telephone number, email address, and customer number. Additionally, Cryptvice shall allocate specific data such as login details to you.
To offer best service and provide comprehensive information regarding usage options.
Cryptvice utilizes personal data for the establishment, maintenance, and support of products and services, as well as for administrative purposes.
To provide information regarding the latest products and services offered by Cryptvice in a formal manner.
Cryptvice might employ personal information to present (in the form of written correspondence, via phone or electronically) novel offerings, services or specific promotions that Cryptvice deems of interest to you. It goes without saying, you have the option to decline this form of communication (please refer to the further instructions).
To track performance.
Cryptvice may employ personal data and consumer profiles for the purpose of assessing its products and services. This encompasses, inter alia, the solicitation of feedback on services (such as through market research), data acquired during responses to customer inquiries, fraud detection, and quality assurance.
To comply with legal obligations.
Cryptvice is obliged by law to retain certain personal data and communicate them to government agencies as required by general tax and accounting obligations. If necessary, Cryptvice may be obliged to transmit certain data to the relevant authorities in a confidential manner in the course of a police or judicial investigation.
Cryptvice keeps track of studies, tests, and statistics to perform trend analysis.
Anonymous, aggregated data may be used by Cryptvice to report on the usage of its services both internally and externally. Such data cannot be traced back to a specific individual. The insights derived from these analyses are used by Cryptvice to assess its current product and service portfolio as well as its processes. This performance information is also utilized to adapt to new developments.
5. Security
Cryptvice is committed to safeguarding personal data and privacy, both within its physical offices and on the Cryptvice network. Appropriate organizational and technical measures are implemented by Cryptvice to ensure the security of personal data. To ensure the data protection we use encrypted services for each process.
Cryptvice’s employees receive proper training with regards to handling confidential data. In situations that involve privacy-sensitive projects, a thorough assessment is made regarding security and the protection of personal data. Cryptvice’s information security policy, requirements and management standards conform completely to the international ISO 27001 standard, of which Cryptvice has been certified since 2011. To ensure data security, Cryptvice has specific professionals who oversee compliance with legislation and ethical principles. The network, infrastructure and information systems within Cryptvice are also secured by expert personnel who specialize in this field. Additionally, several technical measures such as password protection, hard disk encryption software, firewalls, antivirus software, intrusion and anomaly detection systems as well as access control systems for employees are utilized by Cryptvice to ensure the protection of personal data.
In the event of a data breach that could have a negative impact on personal data, the customer will be informed personally in compliance with legal requirements.
The number of Cryptvice employees who have access to personal information is restricted and they are thoroughly screened before being granted access. These employees are provided access to personal information only when they need to perform their duties.
The existence and content of communication via the Cryptvice network (such as email traffic, hosting, etc.) is protected by the provisions of telecommunications secrecy. This means that Cryptvice and its employees cannot have any knowledge of the existence or content of such communication, except for exceptions permitted by law.
Cryptvice’s websites, at times, include links to third-party sites (such as social media or organizers of events sponsored by Cryptvice) that have their own policies regarding the protection of personal data. Please refer to their policies carefully.
6. Provision of data to third parties
Cryptvice does not sell personal data to third parties nor is data passed on to third parties unless:
To our legal successors and other companies within the Cryptvice group.
Cryptvice passes on personal data to any legal successors and affiliated companies (such as subsidiaries and sister companies) for the same purposes as those stated in this Privacy Policy.
This is necessary for our service provision.
For some aspects of our products and services, we cooperate with third parties or engage sub-contractors. These third parties are always selected very carefully and there is always an agreement between Cryptvice and these third parties in accordance with the applicable legislation. Thus, Cryptvice uses, among others, service providers for device order, license order, partners, providers of cloud connect services, providers of hardware, providers of online desktop services and providers of online fax services. For more information about our sub-contractors, you can always contact us via the contact details under point 10.
If you purchase from Cryptvice a (online) product or service from a manufacturer or supplier based outside the European Union, it is possible that additional measures are necessary to ensure the security of personal data, such as a certification under the EU-US Privacy Shield and/or a processor agreement with model clauses drawn up by the European Commission.
When a person refuses to have his details passed on, it is possible that some services can no longer be offered by Cryptvice.
There is a legal obligation.
For this, Cryptvice refers you to point 4 of this Privacy Policy.
There is a legitimate interest for Cryptvice or the third party concerned.
This only happens providing the interests or fundamental rights and freedoms of the person concerned do not override that interest.
Cryptvice has received permission from the person concerned.
If Cryptvice should provide personal data to third parties by other means, this will be done with an explicit communication, in which an explanation about the third party is given, together with the purposes of the transfer and processing. Where required by law, Cryptvice obtains express and unambiguous consent from the data subject. The data subject also always has an option to object (see below).
In regard to the international transfer of personal data, Cryptvice protects all personal data in accordance with the level of protection required by European regulations.
In some cases, Cryptvice uses anonymous, aggregated data for commercial purposes or for external reporting. This data can never be traced back to a specific individual.
7. Rights of the data subjects
You may exercise several rights concerning the processing of your personal data in relation to Cryptvice, provided that you are entitled to those rights under applicable legislation.
These rights can be exercised by using the contact details indicated in point 10 of this Privacy Policy. Cryptvice will respond to such requests and will comply or not comply, as applicable, in accordance with applicable law, and in principle within one (1) month, in accordance with applicable law.
In order to exercise your rights and prevent any unauthorized disclosure of your personal data, you must provide proof of your identity. Consequently, we kindly request that you attach a copy of the front of your identity card to your application. The application may be submitted using the contact details indicated in point 10 of this Privacy Policy.
Right of objection
Kindly be informed that you have the right to object to the processing of your personal data at any time, on legitimate grounds relating to your particular situation. In the event of such objection, we will no longer process your personal data unless we can demonstrate compelling legitimate grounds for such processing, overriding your interests, rights, and freedoms, or for the establishment, exercise or defense of legal claims.
Right of access and transparency
You have the right, free of charge, to obtain access to and a copy of your personal data. Furthermore, you can inquire about:
- The processing of your personal data by us;
- The purposes for which your personal data are processed;
- The categories of your personal data that we process;
- The categories of third parties with whom we share your personal data;
- The origin of your personal data;
- Your rights as a data subject.
Right to Rectification and Erasure
Dear esteemed customer, as a data subject, you are entitled to request the correction or supplementation of incomplete, incorrect, inappropriate, or outdated personal data. To achieve this, our customer service can be contacted from a registered address, or you can amend your data via the online portal “my.cryptvice.com”. Kindly notify us of any changes to keep your data up to date, such as if you move house.
It is essential to note that you have the right, without undue delay, to delete your personal data if and only if:
The personal data are no longer required for the intended purposes;
There is no longer a legal justification for the processing;
If you object to the handling and there are no overriding legitimate grounds for the processing by Cryptvice;
The personal data have been unlawfully processed; or
The personal data must be erased to conform to a legal obligation that applies to Cryptvice.
After compliance with a request for erasure, we will send you a confirmation message. In the case of partial erasure, Cryptvice will explain why the request could not be fully met.
Please note that depending on the nature of the request, it may not be possible to offer some services by Cryptvice. Also, Cryptvice may not be able to erase all the requested data to comply with legal obligations. For example, to meet accounting and fiscal obligations, Cryptvice is required to retain invoicing data for up to seven years.
Right to Restriction of Processing
As a data subject, you have the entitlement to limit the processing of your personal data by Cryptvice, if and only if one of the following conditions is true:
- You challenge the accuracy of the personal data; in such situations, the processing is reduced during a duration allowing Cryptvice to confirm its accuracy;
- The processing is illicit, and you oppose the erasure of the personal data requesting the limitation of their use instead;
- Cryptvice no longer needs the personal data for the purposes of the processing, but you require them for the establishment, exercise, or defense of legal claims;
- You have objected to processing, pending the validation of whether Cryptvice’s legitimate grounds override those of the data subject.
Please be notified that, in the case of restriction of processing, the data may still be stored by Cryptvice.
Right to Data Portability
You have the right to request and obtain the structured, commonly used, and machine-readable form of personal data that are (i) processed in the context of the performance of the agreement, (ii) provided by yourself, and (iii) processed through automated processes. If you wish to switch providers, you may also request Cryptvice to transmit those data directly to another party, where technically possible.
8. Retention periods
Cryptvice stores and processes your personal data for the duration necessary to achieve the objectives outlined in point 4.
The retention period may vary depending on the purpose. For instance, Cryptvice has a legal obligation to maintain records for up to 5 years to meet accounting and fiscal requirements. Furthermore, Cryptvice is required to keep specific data for a maximum of 10 years after the conclusion of your contract to comply with legal necessities for presentation as proof in dispute resolution cases. Only a limited number of individuals have access to these archived records.
9. Cookies & the website
Apart from the data that you voluntarily share with Cryptvice when using our websites, Cryptvice also uses cookies and other technology means to collect data.
Websites
Cryptvice provides websites solely for informational purposes, and all text, files, and images are offered to interested parties on an as-is basis.
Cryptvice reserves the right to modify the rules and conditions governing access to and use of the website at its discretion, without prior notice or warning, and may limit or restrict access to certain portions of the website.
Access to restricted areas of the website may require the provision of personal information by visitors and users, which Cryptvice may use in accordance with its Privacy Policy. By providing this information, visitors and users expressly grant Cryptvice permission to use it.
Cryptvice may modify or revoke access to restricted areas of the website at any time, without compensation, and without notice.
Cookies
Our website employs cookies or similar technologies to store and/or read device information (hereinafter referred to as ‘cookies’ for clarity). For further details on our use of cookies, including the reasons and methods, as well as information on how to exercise your options, please consult our cookie policy through this link.
10. Contact details
Should you have any inquiries or requests concerning personal data or this Privacy Policy, we kindly ask you to direct them to the following address:
Cryptvice
Attn: Data Protection Team
Avenida de Manolete 3a,
29660 Nueva Andalucia / Marbella
Spain
E-mail: su*****@*******ce.com
11. Changes
Cryptvice hereby reserves the right to modify this Privacy Policy. All changes will be made available on this website prior to their effective date. We advise you to periodically review this Privacy Policy for your awareness regarding any modifications.
