Privacy Policy & Cookies

Privacy Policy

Last Updated 9th July 2021

CTX considers privacy one of our core values, we recognize the significance of protecting information which is stored on our servers or network or is intended to be stored on our servers or network and which relates to an individual. We protect your “Personal Data” which is any information that can be used to identify you directly or indirectly.

This privacy policy addresses the regulatory requirements of the jurisdictions in which CTX.com offers its Services, including the General Data Protection Regulation (“GDPR”), as enacted by the European Commission and the California Consumer Privacy Act (“CCPA”). The terms “Service” and “Services” have the same meaning as described in the User Agreement.

This Privacy Notice applies to all processing of Personal Data on the website CTX.com, app.CTX.com and all CTX.com mobile applications. If you do not agree with this Privacy Policy, in general, or any part of it, you should not use any of our SErvices. We may amend this Privacy Policy from time to time by posting a new version on our website.

Who we are and how to contact us.

The organization responsible for ensuring that your Personal Data is processed in compliance with applicable regulations is: Astound Group Ltd, 522-224 Esplanade West, North Vancouver, BC V7M 3M6, a company registered in England and Wales (11348410) hereby referred to as the “Data Controller”.

If you have any concern, question or if you would like to exercise any of your rights with respect to your Personal Data, you may contact our Data Protection Officer (“DPO”) at support@ctx.com.

What data we collect about you and how we collect it.

We collect your Personal Data through a variety of methods: either you provide it to us directly, we collect it from external sources, or we collect it by using automated means.

Information you may provide to us:
You may give us information about you by filling in forms on our Services or through our app or by corresponding with us by phone, email or otherwise. This includes information you provide when you register to use the Services.

Information we collect about you:
With regard to each of your visits to our sites or use of any of our Services we automatically collect the following information:

  • Login Information: We log technical information about your use of the Services, including the type of browser and version you use, the Internet Protocol (IP) address used to register your account and the most recent IP address used to access the services.
  • Device Information: We collect information about the device you use to access your account, including the hardware model, operating system and version, and unique device identifiers, but this information is anonymised and not tied to any particular person.
  • Payments Information: In connection with our Merchant Services, we may collect and maintain information relating to invoices you create, and subsequent payments.
  • Exchange Information: In connection with our Exchange Services, we may collect and maintain information relating to all aspects of orders you create, including their processing.

Information We Collect Required By Law, Rule, or Regulation: Depending on the Service, we may collect information from you in order to meet regulatory obligations around know-your-customer (“KYC”) and anti-money laundering (“AML”) requirements. Information that we collect from you includes the following:

  • Full name
  • Residential address
  • Contact details (telephone number, email address)
  • Bank account information and/or credit card details
  • Your status as a politically exposed person
  • Source of funds & proof of address
  • Passport and/or national driver’s license or government-issued identification card to verify your identity

Information We Collect from External Sources:
We also receive information from other sources and combine that with the information we collect through our Services. For instance:

  • We use "cookies" from time to time to help personalise your online experience with us. A cookie is a small text file that is stored on your computer to help us make your visit to our Sites more “user-friendly.” Please see our Cookie Policy below for more details about the cookies we use. Cookies provide us with information about your use of the Sites that can help us improve the Sites and your experience with it. We will process Personal Data collected through cookies in accordance with this Privacy Policy. If you have set your browser to alert you before accepting cookies, you should receive an alert message with each cookie. You may refuse cookies by turning them off in your browser, however, you should be aware that our Sites may not work well with cookies disabled.
  • We may analyze public blockchain data to ensure parties utilizing our Services are not engaged in illegal or prohibited activity under our User Agreement, and to analyze transaction trends for research and development purposes.
  • Advertising or analytics providers may provide us with anonymised information about you, including but not limited to, how you found our website.

3. On what basis do we collect your data?

We only use your Personal Data where we have a legal basis to do so:

Consent.
For some processing activities, we require your prior consent. This applies for example to some of our direct marketing activities which fall under the scope of the GDPR. You will always be prompted to take clear, affirmative action so that we can ensure that you agree with the processing of your Personal Data. This action may, for example, take the form of a checkbox. If you have given us your consent for processing operations, you may always change your mind, and withdraw your consent at any time and easily; all you need to do is to send us an email at the following address support@CTX.com

Performance of a contract.
Some Personal Data we process about you is for the performance of a contract to which you are a party or in order to take steps at your request prior to entering into a contract with us.

Legal obligation.
In some cases, we have to process your Personal Data to comply with legal obligations, including those applicable to financial services institutions, such as under the Bank Secrecy Act and other anti-money laundering laws. You may not be eligible for certain Services if we cannot collect the Personal Data necessary to meet our legal obligations.

Legitimate interest.
In most cases where we process Personal Data in the context of our Services we rely on our legitimate interests in conducting our normal business as a legal basis for such processing. Our legitimate interests are to identify or prevent fraud, to enhance the security of our network and information systems, or to carry out processing operations for statistical purposes. We will use legitimate interest only when we have carried out an assessment on the impact that this processing may have on you, and concluded that the processing does not unduly infringe your rights and freedoms. For example, we do not use this justification if we process sensitive data, or when the processing would be unexpected for you, or if we consider it to be too intrusive.

For what purposes do we collect your data?

We collect your Personal Data to:

  • Provide our Services (including customer support);
  • Process transactions and send notices about your transactions;
  • Resolve disputes, collect fees, and troubleshoot problems;
  • Communicate with you about our Services and business and to inform you of matters that are important for your account and/or use of the Sites. We also use your Personal Data to respond to any questions, comments or requests you filed with us and the handling of any complaints;
  • Comply with applicable laws and regulations;
  • Establish, exercise and defend legal claims;
  • Monitor and report compliance issues;
  • Customize, measure, and improve our business, the Services, and the content and layout of our - Sites and apps (including developing new products and services; managing our communications; determining the effectiveness of our sales, marketing and advertising; analyzing and enhancing our products, services, websites and apps; ensuring the security of our networks and information systems; performing accounting, auditing, invoicing, reconciliation and collection activities; and improving and maintaining the quality of our customer services);
  • Perform data analysis;
  • Deliver targeted marketing, service update notices, and promotional offers based on your communication preferences, and measure the effectiveness of it. To approach you via email for marketing purposes, we request your consent, unless it is not required by law. You always have the option to unsubscribe from our mailings, e.g., via the unsubscribe link in our newsletter;
  • Perform risk management, including comparing information for accuracy and verify it with third parties and protect against, identify and prevent fraud and other prohibited or illegal activity, claims and other liabilities; and
  • Enforce our contractual terms.

5. How long do we keep your data?

We will only retain your personal information for as long as necessary to fulfil the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting obligations or to resolve disputes. While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal information are described below.

  • Personal information collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as required under such laws.
  • Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our suppression list to ensure we do not inadvertently market to you.
  • Content that you post on our Sites such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes (e.g. to prevent a known fraudulent actor from opening a new account).
  • Information collected via technical means such as cookies, web page counters and other analytics tools is kept for a period of up to one year from expiry of the cookie.

When Personal Data is no longer necessary for the purpose for which it was collected, we will remove any details that identifies you or we will securely destroy the records, where permissible. However, we may need to maintain records for a significant period of time (after you cease using a particular Service) as mandated by regulation. For example, we are subject to certain anti-money laundering laws that require us to retain the following, for a period of five (5) years after our business relationship with you has ended.

6. Who do we share your Personal Data with?

We may share your information with selected recipients to perform functions required to provide certain Services to you and/or in connection with our efforts to prevent and investigate fraudulent or other criminal activity. All such third parties will be contractually bound to protect data in compliance with our Privacy Policy. The categories of recipients include:

  • Other CTX.com partners, including to help detect and prevent potentially illegal acts and violations of our policies, and to guide decisions about our products, services and communications;
  • Service providers who help with our business operations and to deliver our Services, such as:

    • Cloud service providers providing cloud infrastructure;
    • Providers of ID verification solutions and other due diligence solutions (such as KYC and anti-money laundering);
    • Providers of website analytics;
    • Providers of customer service solutions; and
    • Providers of marketing automation platforms.
       
  • Law enforcement, government officials, regulatory agencies, our banks, and other third parties pursuant to a subpoena, court order or other legal process or requirement if applicable to CTX.com; or when we believe, in our sole discretion, that the disclosure of data is necessary to report suspected illegal or fraudulent activity or to investigate violations of our User Agreement.

We also may share Personal Data with a buyer or other successor in the event of a merger, divestiture, restructuring, reorganisation, dissolution or other sale or transfer of some or all of CTX.com’s assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in which Personal Data held by CTX.com is among the assets transferred.

Funding and transaction information related to your use of certain Services may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of private financial information, especially when block chain data is combined with other data.

Because blockchains are decentralised or third-party networks that are not controlled or operated by CTX.com or its affiliates, we are not able to erase, modify, or alter Personal Data from such networks.

7. Is your data transferred outside of the European Union?

As much of our services are provided from outside of the European Union, we will ensure that any entity, whether our processor or affiliate that transfers Personal Data to us from the EU employs appropriate safeguards. If your Personal Data is transferred to us from the European Economic Area by our service providers (i.e., Data Processors who are engaged on our behalf) and business partners, we will ensure that the transfer is lawful.

8. What are your rights?

Under the GDPR and relevant implementation acts, individuals have statutory rights related to their Personal Data. Please note that rights are not absolute and may be subject to conditions.

One key right is the Right to object. You have the right to object to processing of your Personal Data where we are relying on legitimate interests as our legal basis (see above). Under certain circumstances, we may have compelling legitimate grounds that allow us to continue processing your Personal Data. Insofar as the processing of your Personal Data takes place for direct marketing purposes, including profiling for direct marketing, we will always honor your request.

Other rights are as follows:

  • Right to withdraw consent. Insofar as our processing of your Personal Data is based on your consent (see above), you have the right to withdraw consent at any time.
  • Right of access. You have the right to request access to your Personal Data.
  • Right to rectification. You have the right to request rectification of the Personal Data that we hold about you.
  • Right to erasure. You have the right to request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data in certain circumstances.
  • Right to restriction. You have the right to request restriction of processing of your Personal Data.
  • Right to data portability. In some cases, you have the right to request to transfer your Personal Data to you or to a third party of your choice.

The exercise of the aforementioned rights is free of charge and can be carried out by contacting us at support@CTX.com.

Before responding to your request, we will verify your identity and / or ask you to provide us with more information to respond to your request, if we have any doubts about your identity. We will do our best to respond to your request within one month, unless your request is particularly complex (for example if your request concerns a large amount of sensitive data). In such a case, we will inform you of the need to extend this response time by two additional months.

9. How about children’s privacy?

CTX.com does not address anyone under the age of 18. We do not knowingly collect personally identifiable information from anyone under the age of 18. If you are a parent or guardian and you are aware that your child has provided us with Personal Data, please contact us at support@CTX.com. If we become aware that we have collected Personal Data from children without verification of parental consent, we take steps to remove that information from our servers.

10. What happens if we make changes to this Privacy Policy?

We may update this policy to reflect changes to our information practices but we will not reduce your rights under this Privacy Policy without your express consent. We will post any changes to this page and, if the changes are significant, we will provide a more prominent notice. We encourage you to periodically review our Privacy Policy for the latest information on our privacy practices and to contact us if you have any questions or concerns.

California Consumer Privacy Act Addendum

At CTX.com, we take our responsibilities under the California Consumer Privacy Act (“CCPA”) seriously. If you are a California resident, the following provisions apply to our processing of information that identifies, relates to, describes, is reasonably capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household subject to the CCPA. For such residents, the provisions of this CCPA Addendum prevail over any conflicting provisions in our CTX.com Privacy Notice.

1. California Personal Information We Collect We have collected the following categories of California Personal Information within the last 12 months:

CATEGORYEXAMPLES
IdentifiersE-mail address, unique personal identifier, online identifier, Internet Protocol address, country of residence, or other similar identifiers.
Information under the California Customer Records statute“Personal Information” described in subdivision (e) of Section 1798.80 (California Customer Records statute). This means any information that identifies, relates to, describes, or is capable of being associated with, a particular individual, including, but not limited to, his or her name, social security number, address, telephone number, passport number, driver’s license or state identification card number, bank account number, credit card number, debit card number, or any other financial information.
Commercial informationCommercial information, including records of products or services purchased, obtained, or considered, or other purchasing or consuming histories or tendencies on our site
Internet or other similar network activityInternet or other electronic network activity information, including, but not limited to, browsing history, search history, and information regarding a consumer’s interaction with an Internet website, application, or advertisement
Geolocation dataGeolocation data
Inferences drawn from other personal informationInferences drawn from any of the information identified in this subdivision to create a profile about a consumer reflecting the consumer’s preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, and aptitudes

For each of these categories, we obtain California Personal Information from a variety of sources. These sources include: yourself, with respect to both online and offline interactions you may have with us or our service providers; other entities with whom you transact; others with whom you maintain relationships who may deal with us on your behalf; the devices you use to access our websites, mobile applications, and online services; identity verification and fraud prevention services; marketing and analytics providers; public databases; social media platforms; and others consistent with this CCPA Addendum. For more information, please see the “For what purposes do we collect your data?” section of our Privacy Notice.

For each of these categories, we share Personal Information with a variety of third parties. These third parties include: other CTX.com entities; service providers; marketing and advertising providers; analytics providers; law enforcement, government officials, or other third parties pursuant to a subpoena, court order, or other applicable legal process or requirement; and merchants in cases of suspected fraud or in connection with an ongoing investigation.

2. Sale and disclosure of California Personal Information Within the last 12 months, within the meaning of “sale” under the California Consumer Privacy Act, we have disclosed California Personal Information identified in the above categories for business purposes. This includes the use of cookies on our website, including those placed by third parties. You can configure your browser to prevent the placement of cookies when using our site. To learn more about cookies, please see our Cookie Policy below or your browser help documentation for more information. To learn more about the categories of third parties with whom we share such information, please see the “Who do we share your Personal Data with?” section of our Privacy Notice.

3. Use of California Personal Information For each of the above categories, we use the California Personal Information we collect for the business purposes disclosed within this CCPA Addendum. Please note that the business purposes for which we may use your information include:

  • Audits and reporting relating to particular transactions and interactions, including online interactions, you may have with us or others on our behalf;
  • Detecting and protecting against security incidents, and malicious, deceptive, fraudulent or illegal activity, and prosecuting the same;
  • Debugging to identify and repair errors in our systems;
  • Short-term, transient use including contextual customization of ads or website;
  • Providing services on our behalf or on behalf of another, including maintaining or servicing accounts, providing customer service, fulfilling transactions, verifying identity information, processing payments, and other services;
  • Conducting internal research to develop and demonstrate technology; and
  • Conducting activity to verify, enhance, and maintain the quality or safety of services or devices which we may own, control, or provide.

We may also use the information we collect for our own or our service providers’ other operational purposes, purposes for which we provide you additional notice, or for purposes compatible with the context in which the California Personal Information was collected.

4. Your California Rights If you are a California resident, you have certain rights related to your California Personal Information. You may exercise these rights free of charge except as otherwise permitted under applicable law. If you wish to submit a request under the CCPA, please do so by writing to support@CTX.com.

As required under applicable law, we may take steps to verify your identity before granting you access to information or acting on your request to exercise your rights. We may require you to provide information to verify your identity in response to exercising requests of the above type, including name and account information. We may limit our response to your exercise of the below rights as permitted under applicable law.

4.1. Right to Access/Know You have the right to request that we disclose to you:

  • the categories of California Personal Information we have collected about you
  • the categories of sources from which the California Personal Information is collected;
  • our business or commercial purpose for collecting or selling California Personal Information;
  • the categories of third parties with whom we share California Personal Information; and
  • the specific pieces of information we have collected about you.

To the extent that we sell your California Personal Information within the meaning of the California Consumer Privacy Act or disclose such information for a business purpose, you may request that we disclose to you:

  • the categories of California Personal Information that we have collected about you;
  • the categories of California Personal Information about you that we have sold within the meaning of the California Consumer Privacy Act and the categories of third parties to whom the California Personal Information was sold, by category or categories of personal information for each third party to whom the California personal information was sold; and
  • the categories of California Personal Information about you that we disclosed for a business purpose.

4.2. Right to Delete You have the right to request that we delete California Personal Information about you which we have collected from you.

4.3. Right to Opt-Out and Right to Opt-In You have the right to direct us to not sell your Personal Information at any time (the “right to opt-out”) by managing your cookie preferences by contacting us at support@CTX.com.

4.4. Non-Discrimination Subject to applicable law, we may not discriminate against you because of your exercise of any of the above rights, or any other rights under the California Consumer Privacy Act, including by:

  • Denying you goods or services;
  • Charging different prices or rates for goods or services, including through the use of discounts or other benefits or imposing penalties;
  • Providing you a different level or quality of goods or services; or
  • Suggesting that you will receive a different price or rate for goods or services or a different level or quality of goods or services.

5. Changes to this Notice We may amend this Notice at any time by posting a revised version on our website. The revised version will be effective at the time we post it. You are responsible for periodically reviewing this Notice.

6. Contact Information You may contact us with questions or concerns about our privacy policies or practices at support@CTX.com.



Cookie Policy

Last Updated 9th July 2021

This Cookie Policy describes the different types of cookies that may be applied by CTX.com or by third-party organizations on this website or on our mobile application. If you have questions regarding this Cookie Policy, please contact support@CTX.com.

1. What do we mean by "cookie"?

Cookies are small text files that are placed on your computer or mobile applications by websites that you visit. They are widely used in order to make websites work, and also to provide organizations some information on you and on your browsing activities.

Cookies have several functions, such as allowing you to navigate efficiently on a website or a mobile application, remembering your choices and the goods and services you purchased. Thanks to cookies, we:

  • improve the knowledge we have of you and your interests;
  • offer you content specifically personalized for you (for example to remember the choice of language you have made on our site, or to show you advertisements that are tailored to your needs and interest)

When we talk about "cookies" we are also talking about technologies similar to cookies, such as scripts, web beacons, pixels, fingerprinting and redirects. Scripts (sometimes called tags) are programs that run in your browser or mobile application and perform various actions, such as sending information to our servers.

Cookies can be implemented by us and also by third-party organizations.

2. What data do we collect thanks to cookies?

Cookies allow us to collect personal data relating to you, and to transmit us technical information about the devices you use, the clicks you make, and the content you view. We combine this information with personal data that you have already provided us or that we have obtained from external sources (see our Privacy Policy here).

The cookies we place on your terminal give us access to the following personal data relating to you:

  • Identifiers of the equipment you use (IP address of your computer, Android identifier, Apple identifier, etc.);
  • Type of operating system used by your terminal (Microsoft Windows, Apple Os, Linux, Unix, etc.);
  • Type and version of the browser software used by your terminal (Microsoft Internet Explorer, Apple Safari, Mozilla Firefox, Google Chrome, etc.);
  • Dates and times of connection to our services;
  • Address of the originating Internet page ("referrer");
  • Browsing data on our services, content viewed;
  • Information relating to your use of our sites and applications;
  • Information relating to the presence of cookies on your terminal, the time and date of viewing; a page, and a description of the page where the web beacon is placed;
  • Information on whether or not you read emails that we send you, on the clicks you make on the links contained in these emails.

3. Are cookies absolutely essential for our site / mobile application to function properly?

Yes and no. Some cookies are necessary for our site to function ("Essential Cookies"). However, for others, your consent is collected before the cookies are implemented on your terminal.

Essential Cookies allow our website/mobile applications to function. Without them, your user experience would be degraded. The Essential Cookies that we implement without your consent are the following:

  • Cookies recording the choice you have expressed on the implementation of cookies;
  • Cookies used for authentication purposes and for ensuring the security of our authentication mechanism;
  • Cookies used for personalization of our user interface (choice of language, or presentation of our service), when such personalization is essential to provide you with our service;
  • Cookies allowing you to automatically login into your account, using identifiers or data that you have previously entrusted to us;
  • Cookies allowing us to ensure that the display of our content is suitable for your device;
  • Cookies to remember your subscription to our newsletters.

4. Why do we use non-essential cookies?

These cookies, for which we collect your consent, are used to measure our audience, to present you with personalized advertising, to tailor the content displayed on our website/application to your preferences, and to allow you to share our website/mobile application content on social media platforms. We use non-essential cookies for the following:

  • Optimization of your navigation on our website and applications

    • Recording of information relating to a form that you have filled in on our site (registration or access to your account) or to products, services or information that you have chosen on our site (service subscribed, content viewed, purchase made, etc.);
    • A/B testing cookies, i.e. cookies allowing us to build traffic statistics and tests aimed at measuring the relative performance of different versions of our website, detecting navigation problems on our site or application, or even organize the content.
    • Management of our platforms and performance of internal technical operations as part of problem solving, data analysis, tests, research, analysis, studies and surveys;
    • Cookies allowing us to improve the security measures of our website.
  • Audience measurement and web analytics

    • Establishment of statistics and volumes of visits and use of the various elements making up our site (sections and contents visited, routes) in order to improve the interest and ergonomics of our services;
    • Calculation of the total number of advertisements displayed by us on our advertising spaces, ranking and statistics;
    • Analysis of audiences based on the results of advertising campaigns;
    • Determination of interests and behaviors;
    • Improved customer / user knowledge for personalization purposes.
  • Sharing of your personal data on social media platforms

The use of social networks to interact with our sites and applications (in particular the “like" buttons on Facebook, Twitter) allows you to share content of our website on social media platforms.

For example, if you are connected to the social network Facebook and you visit a page of our site, Facebook is likely to collect this information. Likewise, if you consult an article on our website and click on the "tweet" button, Twitter will collect this information. We therefore invite you to consult the privacy policies of any such social networks to learn about the collections and processing they carry out on your data.

5. Do we use third-parties’ cookies?

Yes. Some cookies are set by our service providers who help us achieve our goals (for example Google Tag Manager sets a cookie to help us measure our audience). Below is the current list of third parties that implement cookies on your terminal through our website/mobile application.

CookiePurposeExpiration
amp_Website user analytics performed by Amplitude24 hours
_ce.sWebsite user analytics performed by CrazyEgg5 years
^__cfduid$Detecting bots on the web performed by CloudFlare30 days
^_ga$Identifying unique users performed by Google Analytics2 years
^gatUA-.*These are performance cookies which we use to collect information about how our visitors use the website via Google Analytics1 year
^gclau$Is used by Google AdSense for experimenting with advertisement efficiency90 days
^_gid$Used to distinguish users by Google Analytics24 hours
^NID$The NID cookie contains a unique ID Google uses to remember your preferences and other information, such as your preferred language6 months
  • Accelerated by Launch
  • Supported by the Dash Investment Foundation