CommEX ("CommEX," "we," or "us") values the privacy of our customers and takes our data protection responsibilities extremely seriously. This Privacy Notice explains how CommEX collects and processes your personal information through the CommEX ecosystem, which includes websites, mobile applications, clients, applets, and other applications that provide CommEX services. CommEX refers to the entire ecosystem, including but not limited to https://www.commEX.com/en and other domain names. "CommEX Operators" indicate all parties responsible for running CommEX and providing CommEX services, such as legal entities, unincorporated organizations, and teams.
This Privacy Notice applies to all personal information processing activities carried out by us across all platforms, websites, and departments of CommEX and CommEX Operators.
If you are a customer or user of our services, this Privacy Notice applies in conjunction with any terms of business, contractual documents, and agreements we may have with you.
If you are not a stakeholder, customer, or user of our services but are using our website, this Privacy Notice also applies to you, along with our Cookie Notice.
1. What Personal Information does CommEX collect and process?
Personal information refers to any data that identifies an individual or is related to an identifiable person. This includes information you provide to us, information automatically collected about you, and information we obtain from third parties.
Information you provide to us: When you open an account and access our services, we will ask you to supply some information about yourself. This information is required by law (e.g., to verify your identity and comply with "Know Your Customer" obligations), essential for delivering the requested services (e.g., providing your email address to open your account), or relevant for specific purposes, described in greater detail below. As we introduce new services and features, you may be asked to share additional information with us.
Please note that failing to provide the necessary data means that CommEX will be unable to offer you our services.
We may collect the following types of information from you:
|Category of Personal Information||Types of Personal Information|
|Personal Identification Information||Full name, e-mail address, gender, home address, phone address, phone number, date of birth, nationality, signature, utility bills, photographs, and a video recording of you|
|Sensitive and Biometric Personal Information||CommEX may also collect sensitive personal information when permitted by local law or with your consent, such as biometric information, for example to verify your identity by comparing the facial scan data extracted from your selfie or video with the photo in your government issued identity document|
|Government Identifiers||Government issued identity documents such as passport, national identification number, national identity card details, drivers license numbers|
|Institutional Information||Proof of legal formation, personal identification information for all material beneficial owners, personal information about the board of directors senior persons responsible for the operations of the body corporate|
|Financial Information||Bank account information, payment card information, source of funding, source of wealth,|
|Transaction Information||Information about the transaction you make on our services, such as the name of the recipient, your name and e-mail|
|Information from Cookies||See our Cookie Notice for more information.|
|Employment Information||Job title, salary wage rate, and company|
|Communications||Surveys responses, information contained in the Survey. Communications with us including call recordings with our customer services team.|
|Contact Information||E-mail address, country, region,|
Information we collect from you automatically. In accordance with applicable laws, we may automatically collect certain types of information as you interact with us or use our services. This information helps us address customer support concerns, enhance the performance of our websites and services, maintain and improve your user experience, and protect your account from fraud by detecting any unauthorized access.
By gathering this information, we are better equipped to offer you a robust and secure experience while using our services.
Information collected automatically includes:
|Category of Personal Information||Types of Personal Information|
|Browsing Information||Device ID, browsing information such as name and version, IP address|
|Usage Data||Authentication data, security questions, click-stream data, public social networking posts, and other data collected via cookies or similar technologies.
Information about how our Services are performing when you use them, e.g., error messages you receive, performance of the site information.
|Marketing and Research Information||
Identifiers – the IP address, or other online identifiers of a person, e-mail address if used for direct marketing, and name and address
Demographic data - (e.g., income, family status, age bracket, gender, interests, etc)
Browser/web history data and preferences expressed through selection/viewing/purchase of goods, services and content, information about your mobile device including (where available) type of device, device identification number, mobile operating system.
Interests or inferred interests and marketing preferences.
Information we collect from our affiliates and third parties.
From time to time, we may obtain information about you from our affiliates or third parties sources as required or permitted by applicable law. We may analyze publicly available blockchain data, such as transaction IDs, transaction amounts, wallet addresses, timestamps, or other transaction or event-related information. By doing so, we can offer you a more secure and efficient experience with our services, ensuring an overall improved user experience.
2. Why does CommEX process my personal information? What legal bases are we relying on for our collection and processing of your personal information?
Our primary objective in collecting personal information is to provide our services in a secure, efficient, and seamless manner. We typically use your personal information to deliver, offer, and operate our services, as well as for content and advertising purposes. Additionally, we utilize this information for loss prevention and anti-fraud measures. The following is an explanation of how we use your personal information, and the legal bases we rely upon:
(a) To manage our contractual relationship with you. To create and maintain your account.
Our primary purpose is to create and maintain your account. This includes using your personal information to process orders, handle payments, and manage Personal Identification Information, Institutional Information, Contact Information, and Financial Information. Should we not process your personal information for these purposes, it may result in the inability to open an account with us or the termination of an existing account. Processing of this information is necessary for the performance of a contract to which you are a party.
(b) To maintain legal and regulatory compliance
Most of our core services, such as exchange services, are subject to strict laws and regulations that require us to collect, use, and store certain personal information, including Personal Identification Information and, in some cases, Sensitive Personal Data (including biometrics). For example, we must comply with Know Your Customer ("KYC") obligations under applicable laws and regulations, as well as Anti-Money Laundering laws and regulations. The types of information processed include Personal Identification Information, Institutional Information, Sensitive and Biometric Personal Information, Government Identifiers, Contact Information, and Financial Information. If you do not provide the personal information required by law, you may be unable to open an account, or we may be forced to close your existing account. Processing of this information is necessary to comply with our legal obligations under applicable laws and regulations, including Anti-Money Laundering laws and regulations.
(c) To communicate with you on service and transaction- related matters.
We use your personal information to communicate with you regarding CommEX Services, including administrative or account-related information. We will keep you updated about our services, such as informing you of security issues, updates, or providing other transaction-related information. Without these communications, you may miss critical developments related to your account that could impact your use of our services. Please note that you cannot opt-out of receiving essential service communications, such as emails or mobile notifications, sent for legal or security purposes. Processing this information is necessary for the performance of a contract to which you are a party.
(d) To provide customer services:
We process your personal information when you contact us, which allows us to provide support in addressing questions, disputes, complaints, troubleshooting problems, and more. The type of information processed includes Personal Identification Information, Institutional Information, Transactional Information, Communications, Contact Information, Financial Information, Browsing Information, and Usage Data. By not processing your personal information for this purpose, we would be unable to respond to your requests. Processing this information is necessary for the performance of a contract to which you are a party. Additionally, processing serves the legitimate interest pursued by us to improve our services and enhance the user experience.
(e) To promote safety, security, and integrity of our platform.
We process your personal information in order to enhance security, monitor and verify identity or service access, combat malware or security risks and to comply with applicable security laws and regulations. We process your personal information to verify accounts and related activity, find and address violations of our Terms and Conditions, investigate suspicious activity, detect, prevent and combat unlawful behaviour, detect fraud, and maintain the integrity of our Services. The Type of Information processed is Personal Identification Information, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, Usage Data. Without processing your personal information, we may not be able to ensure the security of our Services. We use your personal information to provide functionality, analyse performance, fix errors, and improve the usability and effectiveness of CommEX Services. Processing is necessary for the performance of a contract of which you are a party.
(f) To promote safety, security, and integrity of our Services.
We process Personal Identification Information to prevent and detect fraud and abuse of our Services, protecting you against account compromise or fund loss and ensuring the security of our users, CommEX Services, and others. The type of information processed includes Personal Identification Information, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, and Usage Data. Additionally, we may use scoring methods to assess and manage credit risks. Processing is necessary for the legitimate interests pursued by us and the interests of our users, such as when we detect and prevent fraud and abuse to protect the security of our users, ourselves, or others.
(g) To provide CommEX services.
We process your personal information to deliver our services and process your orders. For example, when using the exchange service on our platform, we request information such as your identification, contact information, and payment information. The types of information processed include Personal Identification Information, Institutional Information, Transactional Information, Contact Information, Financial Information, Browsing Information, and Usage Data. Without this information, we cannot provide you with our services. Processing this information is necessary for the performance of a contract to which you are a party.
(h) To improve our services.
We process personal information to enhance our services and provide a better user experience. The types of information processed include Personal Identification Information, Institutional Information, Transactional Information, Browsing Information, and Usage Data. Processing this information serves the legitimate interest pursued by us to improve our services and enhance the user experience.
(i) To provide you with promotions
We use your information to provide promotional opportunities, including offers, rewards, and incentives for using our Services. The types of information processed include Personal Identification Information, Institutional Information, Transactional Information, Browsing Information, and Usage Data. Processing this information serves our legitimate interest in rewarding customer loyalty and fostering your interest in our services.
(j) To do research and innovate.
We carry out surveys to better understand your experience using our Services. We also use your information to support research, development, and innovation for our Services and products. This information may also be utilized for marketing purposes. Processing this information caters to our legitimate interest in improving and managing our Services based on the feedback obtained from these surveys.
(k) Recommendations and personalisation.
We use your personal information to recommend features and services that may be of interest to you, identify your preferences, and personalize your experience with CommEX Services. Processing this information serves our legitimate interest in providing a tailored service to our customers and is necessary for the performance of a contract to which you are a party.
(l) To provide marketing communications to you.
We use your information, based on your consent, to send targeted marketing communications through email, mobile, in-app, and push notifications. Furthermore, we use your information for profiling related to marketing purposes. The types of information processed include Personal Identification Information, Institutional Information, Transactional Information, Browsing Information, Usage Data, Marketing and Research Information, and Communications. As required by applicable law, we rely on your consent to process your personal information for marketing purposes. You may withdraw your consent at any time, and we will cease processing your personal information for that purpose. The withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal. Profiling for marketing purposes, such as determining your interests in services or promotions, is based on legitimate interest.
(n) To comply with other legal and regulatory obligations.
We may access, read, preserve, and disclose information when we reasonably believe it is necessary to comply with laws, legal obligations, regulations, law enforcement, government or other legal requests, court orders, or tax authority disclosures. The types of information processed include Personal Identification Information, Institutional Information, Financial Information, Transactional Information, Browsing Information, Usage Data, and Blockchain Data. Processing this information is necessary to comply with our legal obligations under applicable laws and regulations. We may also rely on legitimate interests in responding to legal requests where we are not compelled by applicable law but have a good faith belief that it is required by law in the relevant jurisdiction.
CommEX does not permit individuals under the age of 18 to use CommEX Services and does not knowingly collect personal information from children under 18.
We may share your Personal Information with third parties (including other CommEX entities) if we believe that sharing your Personal Information is in accordance with any contractual relationship with you or us, or required by applicable law, regulation, or legal process. When sharing your Personal Information with other CommEX entities, we will use our best efforts to ensure that such entities are either subject to this Privacy Notice or follow practices at least as protective as those described in this Privacy Notice. For example, the entity responsible for running KYC checks may vary depending on where you reside. For more information, please refer to Section 1.
We may also share personal information with the following persons or in the following circumstances:
- Third party service providers
We engage other companies and individuals to perform functions on our behalf. Examples include data analysis, marketing assistance, payment processing, content transmission, and credit risk assessment and management. These third-party service providers only have access to the personal information necessary to perform their functions and may not use it for other purposes. Furthermore, they must process the personal information in accordance with our contractual agreements and as permitted by applicable data protection laws.
- Legal Authorities
We may be required by law or court orders to disclose certain information about you or any engagement we may have with you to relevant regulatory, law enforcement, and/or other competent authorities. We will disclose information about you to legal authorities to the extent we are obliged to do so by law. We may also need to share your information to enforce or apply our legal rights, or to prevent fraud.
- Business transfers
As we continue to grow our business, we might sell or buy other businesses or services. In such transactions, user information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless the user consents otherwise). Also, in the unlikely event that CommEX or substantially all of its assets are acquired by a third party, user information will be one of the transferred assets.
- Protection of CommEX and others
In order to support our global operations and provide our services effectively worldwide, we may transfer your personal information to entities within our organization, affiliates, third-party partners, and service providers located in countries outside of your country of residence. These international transfers of personal information may involve transferring information to countries that may have different data protection laws and regulations compared to the ones in your jurisdiction.
We are committed to ensuring that your personal information is protected, even when it is transferred across borders. To accomplish this, we have implemented appropriate technical, organizational, and contractual safeguards, such as Standard Contractual Clauses, to guarantee that all transfers of personal information to third countries or international organizations are carried out in compliance with applicable data protection laws and regulations.
Additionally, we ensure that any international transfer of personal information complies with the requirements of the General Data Protection Regulation (GDPR) or other applicable data protection regulations in your jurisdiction. This may include relying on adequacy decisions, binding corporate rules, or other legal mechanisms recognized by the respective data protection authorities.
By using our services, you acknowledge and consent to the international transfer of your personal information in accordance with the terms of our Privacy Notice. You can rest assured that we will take all necessary measures to protect your personal information, regardless of the country to which it is transferred, and that we will maintain compliance with the highest standards of privacy and data protection.
7. How Secure is My Information?
We design our systems with your security and privacy in mind. We have implemented suitable security measures to prevent your information from being accidentally lost, misused, accessed without authorization, altered, or disclosed. We work to protect the security of your personal information during transmission and storage by using encryption protocols and software. We maintain physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of your personal information. Additionally, we limit access to your personal information to those employees, agents, contractors, and other third parties who have a legitimate business need to know.
Our security procedures mean that we may ask you to verify your identity to protect against unauthorized access to your account. We recommend using a unique password for your CommEX account that is not used for other online accounts and to sign off when you finish using a shared computer.
To provide you with the best user experience, we may share your personal information with our marketing partners for purposes such as targeting, modeling, analytics, as well as marketing and advertising. At any time, you have the right to object to the processing of your personal information for direct marketing purposes (refer to Section 9 below).
Subject to applicable law, you have several rights concerning your privacy and the protection of your personal information, as outlined below. You have the right to request access to, correct, and delete your personal information, and to ask for data portability. Additionally, you may object to our processing of your personal information or ask that we restrict the processing of your personal information under certain circumstances. Also, when you consent to our processing your personal information for a specified purpose, you may withdraw your consent at any time. If you wish to exercise any of your rights, please contact us using the webform available here. These rights may be limited in specific situations, such as when we can demonstrate a legal requirement to process your personal information.
- Right to access: You have the right to obtain confirmation that your personal information is being processed, to acquire a copy of it, and to receive certain information related to its processing.
- Right to rectify: You can request the rectification of your inaccurate personal information, and also provide additional information. You can change your personal information in your account at any time.
- Right to delete: In some cases, you can have your personal information deleted.
- Right to object: You can raise an objection for reasons related to your particular situation regarding the processing of your personal information. For instance, you have the right to object when we rely on legitimate interests or when we process your data for direct marketing purposes.
- Right to restrict processing: In certain cases, you have the right to temporarily restrict the processing of your personal information, provided there are valid grounds for doing so. We may continue to process your personal information if necessary for legal claim defense or for any other exceptions permitted by applicable law.
- Right to portability: In some instances, you can request to receive your personal information that you provided to us in a structured, commonly used, and machine-readable format; or, when possible, request that we transfer your personal information directly to another data controller.
- Right to withdraw your consent: For processing that requires your consent, you have the right to withdraw your consent at any time. Exercising this right does not affect the lawfulness of the processing based on consent given before withdrawal.
- Right to lodge a complaint with the relevant data protection authority: We hope to address any concerns you may have about the way we process your personal information. However, if you have unresolved concerns, you also have the right to complain to the Irish Data Protection Commission or the data protection authority in the location where you live, work, or believe a data protection breach has occurred.
If you have any questions or objections regarding how we collect and process your personal information, please contact us using our customer support. All customer support inquiries should be directed through our ticketing system. To get support, users must submit a request https://Commex.zendesk.com/hc/en-us or through any other means provided on the platform. Our customer support team will make reasonable efforts to address and resolve users' inquiries in a timely and efficient manner. However, resolution times may vary depending on the issue's nature and complexity.
We retain your personal information to enable your continued use of CommEX Services, for as long as necessary to fulfill the relevant purposes described in this Privacy Notice, and as required by law, such as for tax and accounting purposes, compliance with Anti-Money Laundering laws, or to resolve disputes and/or legal claims, or as otherwise communicated to you. Although retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal information is described below:
- Personal Identifiable Information collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required by such laws.
- Contact Information, such as your name, email address, and telephone number, for marketing purposes is kept on an ongoing basis and until you (a) unsubscribe or we (b) delete your account. Thereafter, we will add your details to an unsubscribed list to ensure we do not inadvertently market to you.
- Content that you post on our website, such as support desk comments, photographs, videos, blog posts, and other content, may be retained after you close your account for audit and crime prevention purposes.
- Recordings of voice calls with you may be kept for up to six years for audit/compliance purposes and to resolve disputes and/or legal claims.
- Information collected via cookies, web page counters, and other analytics tools is retained for a period of up to one year from the date of collection of the relevant cookie.
Our Data Protection Officer can be contacted using the webform available here or by emailing dpo@Commex.com. They will work to address any questions or issues you have regarding the collection and processing of your personal information.
If you have any concerns about privacy at CommEX, please contact us, and we will try to resolve them. You also have the right to contact your local Data Protection Authority.
Our business changes regularly, and our Privacy Notice may change as well. You should check our website frequently to see recent changes. Unless stated otherwise, our current Privacy Notice applies to all information that we have about you and your account.
Last updated: 28 August 2023.
Each time you visit the CommEX website, you will be prompted to accept or reject cookies, and you can also tailor your selection.
What are cookies?
Cookies are small text files placed on your device when you visit a website. They are downloaded to your computer or mobile device when you visit a site and allow a site to recognize your device. Cookies store information about your visit, which may include content viewed, language preferences, and duration of each visit and advertisements accessed. Cookies managed by CommEX only are called "first-party cookies," while cookies from third parties are called "third-party cookies."
Cookies serve various functions, such as enabling efficient navigation between pages, remembering your preferences, and generally improving the user experience. They can help ensure that the advertisements you see online are more relevant to you and your interests and enable us to identify your preferences. We will explain the different types of cookies later in this document.
Yes, we may use the information collected from our cookies to identify user behavior and serve content and offers tailored to your profile. Additionally, this information serves other purposes, as described below, to the extent legally permissible in certain jurisdictions. In some cases, we may associate cookie information (including information from cookies placed via our advertisements on third party sites) with an identifiable individual.
Do you use any cookies from third-party companies?
We use some cookies, web beacons, and other tracking and storage technologies provided by third-party companies (third-party cookies) for web analytics, intelligence about our sites, and to provide measurement services and targeted ads.
What if I don't want cookies or similar tracking technologies?
You can adjust your preferences regarding cookies through our cookie settings center. To remove existing cookies from your device, you can do so using your browser options. If you wish to block future cookies from being placed on your device, you can modify the settings in our cookie settings center. However, please note that deleting and blocking cookies may impact your user experience.
What types of cookies does the site use?
The cookies used on CommEX sites have been categorized per the table below. It is essential to note that not all cookies may be used in all jurisdictions or websites. Below is a list of the cookie categories used on this website:
Strictly Necessary Cookies. These cookies are essential for the website to function and cannot be switched off in our systems. They are usually set in response to actions you make, such as requesting services, setting privacy preferences, logging in, or filling in forms. You can configure your browser to block or alert you about these cookies, but some parts of the site may not work properly. These cookies do not store any personally identifiable information.
Performance Cookies. These cookies help us count visits and sources of traffic to measure and improve our site's performance. They assist us in determining which pages are most and least popular and tracking visitors' movements around the site. All the information collected by these cookies is aggregated and therefore anonymous. If you do not allow these cookies, we won't be able to monitor our site's performance.
Functionality Cookies. These cookies enable the website to provide enhanced functionality and personalization. They may be set by us or by third-party providers whose services we have integrated into our pages. If you don't allow these cookies, some services may not function properly.
Targeting Cookies. Targeting cookies may be set through our site by our advertising partners. These third parties can use the cookies to build a profile based on your browsing information, which includes uniquely identifying your browser and device. If you do not permit these cookies, you will still see basic advertising on your browser that is generic and not based on your interests.
Social Media Cookies. These cookies are set by various social media services that we have added to our site, allowing you to share our content with your friends and networks. They can monitor your browser across other sites and generate a profile of your interests. This may influence the content and messages you see on other websites you visit. If you do not allow these cookies, you might not be able to use or see the sharing tools.
Analytics Cookies. These cookies aid us in analyzing how our website is utilized by visitors, enabling us to understand and enhance the user experience. They may collect data such as the time spent on the site, the pages visited, and any error messages encountered on those pages. If you do not allow these cookies, we will be less able to optimize our website and identify potential issues affecting your experience.
Updates to our Cookie Notice