Escaroo Limited (referred to as “we” or “us”) for the purpose of this notice, are the data controllers and we are pleased to provide you with the following Privacy Notice.
We are working hard to serve customers a little better every day. Looking after the personal data you share with us is a hugely important part of this. We want you to be confident that your data is safe and secure with us and understand how we use it to offer you a better and more personalised experience.
What this Notice covers:
• Sets out the types of personal data that we collect;
• Explains how and why we collect and use your personal data;
• Explains when and why we will share personal data within Escaroo Limited and with other organisations; and
• Explains the rights and choices you have when it comes to your personal data.
This Policy applies to you if you use our services (referred to in this Policy as “our Services”). Using our Services means:
• Using any of the website (“our Website”) where this Policy is posted; or
• If you contact us or we contact you about our Services.
Personal Data we Collect:
This section tells you what personal data we may collect from you when you use our Services and what other personal data we may receive from other sources.
When you use Escaroo for buying and selling with cryptocurrencies, you may provide us with:
• Your name, postal and billing addresses, email addresses;
• Cryptocurrency account details;
When you browse our website, we may collect:
• Information about your online browsing behaviour on our Websites and information about when you click on one of our promotions (including those shown on other organisations’ websites);
• Information about any devices you have used to access our Services (including the make, model and operating system, IP address, browser type and mobile device identifiers)
When you contact us or we contact you about our Services, we may collect:
• Personal data you provide about yourself anytime you contact us about our Services (for example, your name and contact details), including contacting us by phone, email or post or when you speak with us through social media;
• Details of the emails and other digital communications we send to you that you open, including any links in them that you click on; and
• Your feedback and contributions to customer surveys or reviews.
How and Why We Use Personal Data:
This section explains in detail how and why we use personal data. In order to collect and process personal data about you we need to have a lawful basis. The main Lawful bases’ we rely on includes consent (where you have given permission), contract (where processing is necessary to administer an account you set up with us) and our “legitimate interests” (where processing is in the interest of our company and we believe you would have a reasonable expectation for us to do this).
We use personal data to:
Make our Services available to you:
We need to process your personal data so that we can manage your customer accounts, record a transaction history, record of any message conversations you have had with a buyer or seller.
Manage and improve our day-to-day operations:
Detect and prevent fraud or other crime
It is important for us to monitor how our Services are used to detect and prevent fraud, other crimes and the misuse of services. This helps us to make sure that you can safely use our Services.
In order to resolve legal claims or disputes involving you or us.
For example, if you have any dispute with the sale or purchase of items, we can process the information recorded to assist with this matter.
If you are using one of our social media pages, please remember that our page is provided via social media platform sites, such as Facebook, which has its own functionality, terms and privacy policies. Please ensure you have read these carefully and have checked your own personal settings to ensure you are happy with how your information will be used by the social media site. Our social media pages may make use of these functions, but we do not control them and are not responsible for them. We will not assume responsibility for data shared or the responsibilities of a data controller, that responsibility will remain with the social media provider.
Escaroo Limited will monitor the social media site on occasion and, as soon as practically possible, any inappropriate entries will be removed.
Sharing personal data with third parties:
We may on occasions pass your Personal Information to third parties exclusively to process work on our behalf. We require these parties to agree to process this information based on our instructions and requirements consistent with this Privacy Notice.
We do not broker or pass on information gained from your engagement with us without your consent. However, we may disclose your Personal Information to meet legal obligations, regulations or valid governmental request. We may also enforce our Terms and Conditions, including investigating potential violations of our Terms and Conditions to detect, prevent or mitigate fraud or security or technical issues; or to protect against imminent harm to the rights, safety of our Staff and you as our customer.
How do we protect personal data:
We know how important it is to protect and manage your personal data. This section sets out some of the measures we have in place.
• We apply physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of personal data;
• We protect the security of your information while it is being transmitted by encrypting it;
• We use computer safeguards such as firewalls and data encryption to keep this data safe;
• We only authorise access to employees and trusted partners who need it to carry out their responsibilities;
• We regularly monitor our systems for possible vulnerabilities and attacks;
• We will ask for proof of identity before we share your personal data with you; and
• We will reveal only the last four digits of your payment card number when confirming an order.
The personal data that we collect from you may be transferred to, and stored at, a destination outside the European Economic Area ("EEA"). It may also be processed by companies operating outside the EEA who work for us or for one of our service providers. If we do this, we ensure that your privacy rights are respected in line with this Policy.
How long do we use personal data for?
We will not keep your personal data longer than we need to, how long this is, depends on several factors, including:
• Why we collected it in the first place;
• Whether there is a legal/regulatory reason for us to keep it; or
• Whether we need it to protect you or us.
You can at any time ask us to provide you with the retention schedule relating to your own personal data. We will provide this information in accordance with our policy and procedure for Data Subject Access Requests.
Your rights as a data subject
At any point whilst we are in possession of, or processing your data, you have the following rights:
• Right of access – you have the right to request a copy of the information that we hold about you;
• Right of rectification – you have a right to correct data that we hold about you that is inaccurate or incomplete. If you believe we hold inaccurate or missing information, please let us know and we will correct it;
• Right to be forgotten – in certain circumstances you can ask for the data we hold about you to be erased from our records. There are several situations when you can have us delete your personal data, this includes (but is not limited to):
- When we no longer need to keep your personal data;
- You have successfully made a general objection;
- You have withdrawn your consent to us using your personal data (and we do not have any other grounds to use it);
• Right to restriction of processing – where certain conditions apply you have a right to restrict the processing. There are several situations when you can restrict our use of your personal data, this includes (but is not limited to):
- you have successfully made a general objection;
- you are challenging the accuracy of the personal data we hold;
• Right of portability – you have the right to have the data we hold about you transferred to another organisation;
• Right to object – you have the right to object to certain types of processing such as direct marketing. If on balance, your rights outweigh our interests in using your personal data, then we will at your request either restrict our use of it or delete it;
• Right to object to automated processing, including profiling – you also have the right not to be subject to the legal effects of automated processing or profiling;
Subject Access Rights
You have the right to see the personal data we hold about you. This is called a Data Subject Access Request (DSAR).
If you would like a copy of the personal data, we ask you to use the on-line Data Subject Access Request Form on our websites or write to:
Data Protection Champion
Beachside Business Centre, Rue Du Hocq, St Clement, Jersey, JE3 6LF
You can also email us at [email protected]
To access what personal data is held, identification will be required
We will accept the following forms of ID when information on your personal data is requested: a copy of your national ID card, driving license or passport. A minimum of one piece of photographic ID listed above and a supporting document is required such as a utility bill not older than three months. If we are dissatisfied with the quality of ID provided, further information may be sought before personal data can be released.
All requests should be made to [email protected] or in writing to us at the address provided above. We will respond to your request within a four-week period, once your identification has been verified.
Complaints / Comments
We’d like the chance to resolve any complaints you have; In the event that you wish to make a compliant about how your personal data is being processed by us, you have the right to make a complaint, however you also have the right to complain to the Jersey Office of the Information Commissioner about how we have used your personal data.
If you do not get a response within 30 days or are dissatisfied with the response, you can complain to the Jersey Office of the Information Commissioner.
The details for each of these contacts are:
Escaroo Limited - Data Protection Officer
Beachside Business Centre, Rue Du Hocq, St Clement, Jersey, JE3 6LF
or email [email protected]
Office of the Information Commissioner – Jersey
2nd Floor, 5 Castle St, St Helier, Jersey JE2 3BT
Telephone +44 (0) 1534 716530 or Email: [email protected]