Privacy Policy
This Privacy Policy ("Privacy Policy") describes how and why Incharge Services Ltd ("Incharge", "we" or "us") collects and otherwise processes personal data about you as a customer, in the context of providing our services.
The term "processing" is used to cover all activities involving your personal data, including e.g. collecting, handling, storing, sharing, accessing, using, transferring and disposing of your personal data.
"Applicable Data Protection Laws" means all legislation and regulations, including regulations issued by relevant supervisory authorities, protecting the fundamental rights and freedoms of individuals and, in particular, their right to privacy with respect to the processing of personal data that from time to time apply to this Privacy Policy, including the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the "GDPR") as well as laws and regulations complementing the GDPR.
"Personal data" is defined as any information relating to an identified or identifiable natural person.
WHO IS THE DATA CONTROLLER FOR THE PROCESSING OF PERSONAL DATA?
Incharge Services Ltd, with the company registration no. HE 322510 and its registered address at Makariou III 34, Hadjiyianni Building, 4th floor, Office 401, Limassol, 3065 Cyprus, is the data controller with respect to the processing of your personal data as described in this Privacy Policy.
For information about processing conducted by our partners (e.g. in particular our payment services partner Intergiro Intl AB (publ.)), where such is a data controller, we refer to such partner's privacy policy.
FROM WHERE DO WE COLLECT YOUR PERSONAL DATA?
Personal data is collected from you, as provided when you create an account with us or when you otherwise contact our customer service.
PURPOSES OF THE PROCESSING OF YOUR PERSONAL DATA
Provide Incharge services
We will process your personal data to be able to provide the Incharge services.
| Categories of personal data | Legal basis |
|
Contractual necessity. The processing is necessary for the performance of our contract with you or in order to take steps at the request of you prior to entering into the contract. |
| Retention period: Personal data will be retained during our contractual relationship. | |
Customer service
We will process your personal data as needed to provide customer services, as needed.
| Categories of personal data | Legal basis |
|
Legitimate interest. The processing is necessary to fulfil our legitimate interest in improving your experience on our website and to provide you with tailored content. |
| Retention period: Personal data will be retained during our contractual relationship. | |
Establish, exercise and defend legal claims
For the purposes of establishing, exercising and defending legal claims, e.g. in connection with a dispute or legal process, we may process your personal data.
| Categories of personal data | Legal basis |
| All data collected that are necessary to fulfil the purpose. | Legitimate interest. The processing is necessary in order to fulfil our legitimate interest to establish, exercise or defend the legal claim, e.g. in connection with a dispute or legal process. |
| Exemption for special categories of data | |
| Special categories of personal data, including criminal data, are only processed to fulfil our legitimate interest in establishing, exercising or defending legal claims. | |
| Retention period: Personal data will be retained for up to 10 years in order to establish, exercise and defend legal claims. | |
Fulfil legal obligations
Incharge will process your personal data for the purposes of fulfilling legal obligations within the area of e.g. book-keeping, accounting and requirements under Applicable Data Protection Laws.
| Categories of personal data | Legal basis |
| All data collected that are necessary to fulfil the purpose. | Legal obligation. The processing is necessary to fulfil Incharge's legal obligations. |
| Retention period: Personal data will be retained as long as necessary to fulfil each legal obligation. | |
Manage and protect IT systems and services
In order to manage and protect our services and related IT systems, e.g. upon logging, troubleshooting, backup, change and problem management in systems and in connection with potential IT incidents, we process, to the extent necessary, your personal data.
| Categories of personal data | Legal basis |
| All data collected that are necessary to fulfil the purpose. | Legitimate interest. The processing is necessary to fulfil our legitimate interest in managing and protecting our website, services and related IT systems. |
| Retention period: Personal data will be retained as long as necessary in relation to each purpose stated above. | |
DISCLOSURE AND TRANSFER OF PERSONAL DATA
Where necessary, we share your personal data with others. The recipient is the data controller for the processing of your personal data, unless we have stated otherwise.
| Recipients | Purposes | Legal basis |
| Public authorities (including courts), arbitration tribunals, external advisers and counterparties | In order to exercise, establish or defend legal claims. | Legitimate interest. To fulfil our legitimate interest in managing and defending legal claims, e.g. in relation to a dispute. |
| Public authorities (including courts) and external auditors | To fulfil legal obligations in the field of taxation and accounting. | Legal obligation. To fulfil our legal obligations. |
| Potential purchasers and vendors, external advisers | Take necessary actions in connection with selling all or part of the business or in connection with a merger. | Legitimate interest. To fulfil our legitimate interest in being able to sell all or part of the business or in connection with a merger. |
| Incharge’s business partners providing regulated services to Incharge users | In order to fulfil the routines and the verifications of the business partners regarding their internal measures against money laundering and terrorist financing. | Legitimate interest. To fulfil the legitimate interest of our business partners implementing anti-fraud measures. |
Payment services partners of Incharge providing regulated services to Incharge users:
|
Incharge will share your personal data with our payment services partners for the purpose of providing you with their respective regulated service.
Intergiro Intl AB (Org. nr: 556965-3537) will act as a data controller for the shared personal data for its processing activities, for the following purposes: 1. setting up and using your payment services account; and 2. when required, for assisting us with solving any customer support enquiries you may have. Finshark AB (Org. nr: 559203-3855) will act as a data controller for the shared personal data for its processing activities, for the following purposes: 1. Initiating payments on your Incharge account with the “Instant Bank Transfer” functionality for users located within Sweden, Finland and Norway; and 2. when required, for assisting us with solving any customer support enquiries you may have regarding the “Instant Bank Transfer” functionality for users located within Sweden, Finland and Norway. Token GmbH (Org. nr: 217765 B - Germany) will act as a data processor for the shared personal data for its processing activities, for the following purposes: 1. Executing payments on your Incharge account with the “Instant Bank Transfer” functionality for users located within the EEA but outside Sweden, Finland and Norway; and 2. when required, for assisting us with solving any customer support enquiries you may have regarding the “Instant Bank Transfer” functionality for users located within the EEA but outside Sweden, Finland and Norway. Quickbit EU AB (Org. nr: 559066-2093) will act as a data controller for the shared personal data for its processing activities, for the following purposes: 1. Executing payments on your Incharge account with the “Crypto QB” functionality; and 2. when required, for assisting us with solving any customer support enquiries you may have regarding the “Crypto QB” functionality. For information about how our payment service partners process personal data, we refer to their respective privacy policy:
|
Contractual necessity. The processing is necessary for the performance of our contract with you or in order to take steps at the request of you prior to entering into the contract. |
Data processors acting on behalf of Incharge
In order to fulfil the purposes of the processing of your personal data, we transfer personal data to external parties such as service providers that we have engaged as well as other partners. These parties provide services within the areas of inter alia IT (such as data storage, support and management services), finance (e.g. our book-keeping system) and statistics services. These external parties will act as data processors of Incharge and may only process your personal data in accordance with our instructions and not for their own purposes. Incharge is the data controller for the processing of personal data that these external parties carry out on our behalf.
Appropriate safeguards for transfers of personal data outside of the EU/EEA
Should Incharge transfer or disclose your personal data to a recipient in a country outside of the EU/EEA (third country), Incharge will ensure that appropriate safeguards have been taken (such as the EU Commission's standard contract clauses, including other safeguards as necessary in each case) to protect the personal data.
You are, if so provided under Applicable Data Protection Laws, upon request entitled to receive a copy of any documentation demonstrating that appropriate safeguards have been taken in order to protect your personal data during a transfer to a third country.
If you would like to know more about the processing of your personal data and whether it is transferred to a third country, please contact us on the contact details as set out below.
YOUR RIGHTS
Under Applicable Data Protection Laws, you have certain rights in relation to the processing of your personal data. We process your personal data to the extent necessary in order to fulfil your rights. Please submit requests for exercising your rights by contacting us on the contact details set out below.
You have, under certain circumstances, the right to exercise the following rights:
Access
You may request confirmation whether or not personal data is processed and, if that is the case, access your personal data and additional information such as the purposes of the processing. You are also entitled to receive a copy of the personal data undergoing processing. If the request is made by electronic means the information will be provided in a commonly used electronic format if you do not request otherwise.
| Object to certain processing
You have the right to object to the processing of your personal data based on a legitimate interest for reasons which concerns your particular situation. In such a situation, we will stop using your personal data where the processing is based on a legitimate interest, unless we can show that the interest overrides your privacy interest or that the use of your personal data is necessary in order to manage or defend legal claims. |
Rectification
You have at any time the right to have inaccurate personal data rectified, as well as, taking into account the purposes of processing, the right to have incomplete personal data completed which relates to you.
Erasure
You may have your personal data erased under certain circumstances, such as when your personal data is no longer needed for the purposes for which it was collected. However, we cannot delete your personal data if we e.g. are obligated under law to keep the data.
Restriction of processing
You may ask us to restrict the processing of your personal data to only comprise storage of your personal data under certain circumstances, such as when the processing is unlawful, but you do not want your personal data erased. If the processing of your personal data has been restricted we may only, besides storing the data, process your personal data with your consent, in order to establish, exercise or defend legal claims or to defend rights of others.
Withdrawal of consent
You have the right to at any time withdraw your consent to processing of personal data to the extent the processing is based on your consent.
Data Portability
You may ask to receive a machine-readable copy of the personal data processed on the basis of your consent or on the basis that the processing is necessary in order to perform an agreement with you, and which personal data have been provided to Incharge by you (data portability) and ask for the information to be transferred to another data controller (where possible).
Complaints to the supervisory authority
You acknowledge that you always have the right to lodge complaints pertaining to the processing of your personal data to the Swedish Authority for Privacy Protection (Sw. Integritetsskyddsmyndigheten).
CONTACT INFORMATION
If you have any questions or concerns regarding the processing of your personal data, please contact Incharge on the contact details set forth below.
Data controller:
Incharge Services Ltd.
Company registration number: HE 322510
Makariou III 34, Hadjiyianni Building, 4th floor, Office 401
Limassol, 3065 Cyprus
E-mail address: [email protected]
Privacy Policy last updated: February 16, 2024
