- Number X→
The privacy of your Personal data is important for us. We respect your rights to privacy and rights under GDPR are committed to complying with the requirements of GDPR in the collection and processing of your Personal data.
The following terms has the meaning as defined below:
- controller of your Personal data means a legal entity that determines the purposes, conditions and manner of any processing activities that it carries out.
- customer means you as an individual if you use our Website, products or services, or a legal entity, where you act as a director, board member, employee, representative, or an owner or an ultimate beneficial owner etc.
- GDPR means the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced, or superseded and in force from time to time, and as transposed into member-state legislation.
- Personal data means any information which relates to an identified or identifiable natural person. An identifiable person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person. It does not include data where the identity has been removed (anonymous data).
- you, your means you, whether you visit our Website, use our products and services, or within our Website, contact us via digital methods of communication, or if our customer is a legal entity, means you acting as a director, board member, employee, representative, or an owner or an ultimate beneficial owner etc. of such legal entity.
- Website means https://thenumberx.com/ and/or any other website as we may operate from time to time.
2. Who we are
We are Number X Europe OÜ, registered at the legal address of Vesivärava tn 50-201, Tallinn, 10152, Estonia and/or Number X Ltd Level 7, 1 Canada Square, Canary Wharf, E14 5AB, London, UK (“Company”, “we”, “us” or “our”) being Personal data controller and is responsible for the processing of your Personal data.
Company provides products and services via Website.
3. What do we offer?
Our Website, the Service Terms contain detailed information about our products and services we offer.
4. Personal data regime. Purpose of Personal data processing
We process Personal data in scope being enough for the following purposes:
- Contractual Purpose. To enter into product, service agreement, its performance (which may require disclosure to relevant third parties as defined by us), for proper access to and quality improvement of features of our Website; to register a customer; to process and deliver our products and services and any Website, features to customer, including to execute, manage and process any instructions or orders our customer makes; to manage, process, collect and transfer payments, fees and charges, and to collect and recover payments owed to us;
- Analytical, operating, administration Purpose. To collect general and particular statistics of Website use, for sending communications, notices, updates, surveys; for customer service support and ancillary purposes; to collect statistics regarding use of our Website concerning visits and activities of customers, potential customers on our Website including the analytics services like Google Analytics etc. (this analysis helps us run our Website more efficiently and improve and personalise customer’s experience online); to keep our records updated and to study how customers use our products and services; to prevent abuse of our products and services and promotions; for compliance, quality assurance and training purposes; to manage our relationship with our customer which will include asking our customer to leave a review, take a survey or keeping our customer informed of our company's business and product development; to conduct research, compare information for accuracy and verification purposes, compile or analyse statistics relevant to the operations of our business;
- Marketing and Advertising Purpose. To send our customer welcome email following registration procedures; to send our customer occasionally our products and services updates, to manage relationship, evaluate business performance and build customers database; to contact our customer for surveys purposes, for other marketing purpose; for the direct marketing and promotional purposes; to advertise our products and services to our customers, potential customers and understand the effectiveness of the advertising we serve to our customers, potential customers. We could use your Personal data and decide which products, services and offers may be relevant for our customer.
- Compliance Purpose. To maintain accuracy of our records; to verify your Personal data for the purpose of managing our customer relationships and observing the Know Your customer (KYC) rules; to comply with legal and regulatory obligations with respect to Anti-Money Laundering (AML), Counter-Terrorism Financing (CTF), prevention of criminal activity and lawfully protect our legal interests, make relevant risk assessments and management; to use the services of financial institutions, banks, crime and fraud prevention companies, risk measuring companies; background checks, detect, investigate, report and prevent financial crime in broad sense, obey laws and regulations which apply to us and resolving them;
- Communication Purpose. To contact the Customer for administrative purposes such as customer service, address technical or legal issues related to the products and service provided, or share updates and notifications about the products and services; to respond to customer’s requests and seek your feedback;
- Regulatory and Managerial Purpose. To facilitate our internal business operations, including fulfilment of any legal and regulatory requirements and monitoring, analysing and improving the performance and functionality of our Website and investigating breaches of or enforcement of any legal terms applicable to our Website; to protect our property, the Website or our legal rights including to create backups of our business records; to manage risk and protect our Website from fraud by verifying your identity and helping to detect and prevent fraudulent use of our Website.
Legal basis for processing is:
- Processing is necessary for the entry into or performance of a contract between our customer and us (GDPR article 6 (1) (b)), for performance of the product, service agreement to which our customer is a party;
- A consent to the processing of Personal data (GDPR article 6 (1) (a));
- Processing is necessary for compliance with a legal obligation to which we are subject (GDPR article 6 (1) (c)), for compliance with a legal obligation to which we are subject, including, but not limited to, AML and CFT requirements;
- Processing is necessary for the purposes of the legitimate interests pursued by us (GDPR article 6 (1) (f)). We are processing Personal data for purposes set forth above under legitimate interest. As part of this, we must maintain and develop our Website, technical systems and IT-infrastructure, technical and organizational solutions that may also use your Personal data, in order to provide you with adequate products, services. We also process your Personal data for protection of your or another person vital interests;
- another basis prescribed by the law.
It may be impracticable to deal with you on an anonymous basis or using a pseudonym.
We may be able to provide you with limited information in the absence of your identifying yourself but generally we will be unable to provide you with any information, products and/or services unless you have identified yourself.
5. Types of Personal data
We classify our Personal data into the following three types:
5.1 Directly collected Personal Data
This refers to the information, which a customer directly provides us (e.g., by filling the website forms). We usually collect and store information including in paper, physical and electronic form provided by our customer when communicating with us by telephone, email, web-based form, letter, facsimile or other means, including, but not limited to, when:
- customer contacts us over the phone;
- we provide you with our services via telephone, email or our Website;
- we provide customer, potential customer with assistance or support for our products or services;
- customer participates in our functions, events or activities or on our social media pages;
- customer, potential customer requests that we provide information concerning our products or services;
- our customer uploads or submits information to us or our Website; or
- our customer completes any forms requesting information, including on registration with us, completes any survey or provides feedback to us concerning our products or services.
5.2 Indirectly collected Personal data
This kind of information relates to the customer, but he/she/it does not provide it directly (e.g., an IP address).
5.3 Automatically collected / generated Personal data
Our system collects this type of information automatically. Though such information isn't provided by a customer, it relates to you and according to the Article 4 (1) of the GDPR is considered to be Personal data. It has 2 subtypes:
- Static. This information doesn't usually change once it's created. For instance, an internal user id;
- Dynamic. This subtype changes based on the activities performed by you.
We also collect information from your computer or mobile device automatically when you browse our Website. This information may include Technical Data, Profile and Customer support data, Usage Data as detailed below.
The device you use to access our Website may collect information about you including your location using longitude and latitude coordinates obtained through GPS, Wi-Fi or cell site tri- angulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.
We may use statistical analytics software tools and software known as cookies which transmit data to third party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP address with any other data held by them.
6. What Personal data do we collect?
Depending on whether and how you use our Services, Website, we will collect, use, store and transfer different kinds of your Personal data, grouped in the following categories:
|Basic Identity Data
|Name, maiden name and surname, date of birth, gender, username or similar identifier, residing address, postal address, proof of address documentation, e-mail address, phone number, citizenship, information that you are or not politically exposed person, biometric identifiers and/or biometric information. Verification data: visual image of your face, audio, video made during verification, data which we collect for the purpose of conducting customers’ due diligence under applicable AML and CFT law and regulations; confirmation that you are a director, board member, employee, representative, or an owner or an ultimate beneficial owner etc of a legal entity - our customer, information on the ownership and control structure of a customer; ID card, passport details or other identification document, your occupation, employment industry, financial standing.
|Social Identity Data
|Legal entity data, work address, your group, behavioral data, your preferences, interests, favorites, information on referrals related to you, close connections, risk assessment, compliance assessment, your marketing, communication preferences, your survey responses, your connections with others whose personal information we may collect or hold.
|Financial and transactions data
|Bank/financial institution account, online payment details which may include third party payment systems, credit or direct debit details for your bank/financial institution account, virtual currency wallet accounts, amounts associated with accounts, source of funds and related documentation, activity log, billing details, details about payments/transfers to and from you, other details of any transactions you enter into using our products and services, Website, rewards.
|Computer and connection information such as browser type, version, and time zone setting, browser plug-in types and versions, operating system, language data, and platform, domain, host, IP address, login data, the date and time you access our Website, the address of the website from which you linked to our Website when you visit us. Data from mobile devices (for example, location), unique IDs of your devices when you use our Weиsite, pages and links you have accessed both on our Website and on other websites, the last website you visited, the pages of our Website that you access, other technical data.
|Profile and Customer support data
|Your username and password, your identification number as our customer, requests by you for products or services, communication between us and you (inquiries submitted via the website, email, social media or chat). Telephone calls to us may also be recorded for training and quality assurance purposes.
|information about how you use Website, products and services (device download time, install time, interaction type, date and time, event time, name and source etc.).
This information is not exhaustive, and is laid out to give you an idea about use of fundamental collected information. We will record all information collected and purposes for which we process that Personal data.
Furthermore, we treat certain categories of Personal data to be sensitive, and such sensitive data requires additional safeguards. We will only collect, use, store, and transfer your sensitive data if we can meet both the legal basis requirement and at least one of the required extra conditions.
The extra conditions include:
- circumstances prescribed by regulations: Personal data is processed in the conditions prescribed by regulations;
- information made public by you: the sensitive data has become public as a result of your actions;
- consent: you have provided your consent to the processing of your sensitive data.
- judicial proceedings: the processing is required for the purpose of or in connection with any legal proceedings, for seeking legal advice, or for establishing, exercising, or defending legal rights;
- public functions: the processing is necessary for the exercise of any functions conferred on any person by or under an enactment.
7. Lawfulness of Processing and Disclosure
We also limit access to Personal data only for those employees, contractors, advisors, auditors who require it to fulfil their job or service duties. Our employees, contractors are trained on procedures of Personal data processing, including limitations on the release of information. Access to Personal data is limited to those of our employees and contractors whose work needs it. We perform periodic evaluations to ensure that proper information processing policies and procedures are understood and followed. All of our physical, electronic, and procedural safeguards are designed to comply with applicable laws and regulations.
When you provide your Personal data over our Website, it is securely sent across the Internet using industry standard encryption. Your Personal data will be held encrypted on secure servers.
We will endeavour to take all reasonable steps to keep secure and protect any Personal data which we hold about you, including:
- using computer safeguards such as Secure Socket Layer (SSL) technology to ensure that your information is encrypted and sent across the Internet securely;
- placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and
- taking regular back-ups of our electronic systems.
Notwithstanding that we will take all reasonable steps to keep your Personal data secure, data transmission over the internet is never guaranteed to be completely secure. We do not and cannot warrant the security of any information you transmit to us or from any online services.
8. How we use Personal data for communicating with you and direct marketing
We may communicate with you by phone, email, SMS or push notification, to inform you about existing and new products and services that may be of interest to you.
We will ensure that any email we send as direct marketing complies with the GDPR and contains an ‘unsubscribe’ option so that you can remove yourself from any further marketing communications. To opt-out of communications via SMS, reply with “STOP”. You may decline marketing messages sent by push notifications by refusing the relevant permission in your phone or tablet settings, however this setting will prevent you from receiving other messages from us via push notification. You may also opt-out of receiving marketing materials from us using the contact details set out below.
You can also call or write to us to request that your details be removed from our direct marketing list. We will endeavour to remove your details from our direct marketing list within a reasonable time (ordinarily 5 working days).
Our direct marketing list may be operated by software and servers located overseas and your Personal data may be sent overseas as part of our marketing.
We will also send communications that are required or necessary to send to users of our Website that contain information about important changes or developments to or the operation of the Website or as well as other communications you request from us. You may not opt out of receiving these communications but you may be able to adjust the media and format through which you receive these notices.
9. Third Parties
We have taken steps to ensure that third parties engaged by us in processing your Personal data, have suitable technical and organizational measures in place to protect this Personal data, and we will also ensure that they are GDPR compliant. We have taken steps to ensure that third parties engaged by us, protect the confidentiality and security of Personal data, and ensure that Personal data is processed only for products, service providing and in compliance with applicable law.
We may transfer your Personal data to third parties such as:
- to our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose;
- to third parties who help us analyse the information we collect so that we can administer, support, improve or develop our business and the products, services we provide to a customer;
- to merchants and the recipients of funds to identify you as the sender of the funds and to a party whom sends you funds in connection with a transfer to you of funds;
- legal and regulatory authorities to whom we are obligated to disclose your Personal data under the law, AML and CFT requirements; agencies that deal with law enforcement; entities in cases of fraud or collusion prevention, identity verification, payment processing, credit reference; banks/financial institutions; courts;
- identification and verification service providers engaged by us for customers, your verification, performance of AML and CFT requirements, as well as other software service providers who assist us to provide products, services we provide to customers;
- to our professional advisers such as consultants, bankers, professional indemnity insurers, brokers and auditors so that we can meet our regulatory obligations, and administer, support, improve or develop our business;
- server hosts, which store our data, communication service providers, which help us stay in touch with you;
- to third parties, including those in the blockchain and fintech industry, marketing and advertising sectors, to use your information in order to let you know about products and services which may be of interest to you in accordance with GDPR;
- banking, financial service providers, helping us in products, services to our customer;
- to debt recovery agencies who assist us with the recovery of debts owed to us;
- to any other person, with your consent (express or implied);
- to facilitate the sale of all or a substantial part of our assets or business or to companies with which we propose to merge or who propose to acquire us and their advisers; and
- other third parties which services, facilities we use, in order to provide our Services and deal with certain processes necessary for the operation of the Website, perform internal procedures and law requirements.
In addition to the above recipients, we will disclose your Personal data if we are required to do so under law or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal data being transmitted overseas.
In the event of a proposed restructure or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose Personal data to the buyer and their advisers without your consent subject to compliance with GDPR. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal data.
Personal data shall not be processed (or cause to be processed) in a country that has not been designated by the European Commission as providing an adequate level of data protection unless it has put in place such measures as are necessary to ensure such transfer is in compliance with Personal data protection laws, except where otherwise required by applicable law.
We are obliged to disclose your Personal data in following cases:
- in response to lawful requests by public authorities, including to meet legitimate national security or law enforcement requirements;
- to protect, establish, or exercise our legal rights or defend against legal claims, including to collect a debt; to comply with a subpoena, court order, legal process, or other legal requirement;
- when we believe in good faith that such disclosure is required to comply with the law, prevent imminent physical harm or financial loss, or investigate, prevent, or take action regarding illegal activities, suspected fraud, threats to our property, or violations of Service Terms;
- to third parties in case of: merger, restructuring, joint venture, assignment, sale part of the business or the whole business.
10. Where do we store Personal data?
Please note that we use our own and third party computer servers including our Website hosts, data backups and payment gateway(s), which may be located overseas and your Personal data will likely be stored and transmitted overseas as part of the normal operation of our business. To ensure the security and privacy of your Personal data, we take measures designed to protect that information from loss, misuse, unauthorized access, disclosure, alteration or destruction.
11. How long do we store Personal data?
We store Personal data within the term of its processing by us, third parties engaged by us for Services providing, and additionally 5 years after cession of products, services providing, unless longer term is required by the applicable law.
12. Breaches Notifications
In case of Personal data breach, we shall notify the supervisory competent authority without undue delay and, where feasible, not later than 72 hours after becoming aware of it, unless Personal data breach is unlikely to result in a risk to the rights and freedoms of individuals.
If we become aware of a security breach, we may seek to notify you electronically so that you can take appropriate preventive measures. If a security breach occurs, we may make a notice on Website.
When Personal data breach is anticipated to result in a high risk to customers’, your rights and freedoms, we will inform you.
13. Your Rights
13.1 Obtain confirmation
You have the right to request confirmation that Personal data pertaining to you is being processed.
13.2 Access Personal Data
You have the right to access such data, or ask us to provide a copy of your Personal Data processed by us (GDPR, Article 15).
13.3 Request of information
You have the right to request the following additional information concerning your Personal data:
- the purposes of the processing;
- the categories of Personal data concerned;
- the recipient(s) or category(ies) of recipient to whom/which Personal data have been or will be disclosed;
- the criteria determining the period for which Personal data will be stored etc.
13.4 Request rectification
You have the right to rectify Personal data in case the data is incorrect or incomplete (GDPR, Article 16).
13.5 Right to Withdraw Consent for Data Processing
You are entitled to withdraw the consent granted for the processing of Personal data at any time (GDPR, Article 7). Withdrawal does not affect the lawfulness of the processing conducted before the withdrawal. If you withdraw your consent, we may not be able to provide certain products, services to you, but we will advise you if this is the case at the time you withdraw your consent;
13.6 Right to erasure
Sometimes called Right-to-be-forgotten (GDPR, Article 17). You have the right to revoke previously provided consent and have the Personal data erased from our system. In this case, third parties will no longer have access to your Personal data.
However, it does not mean that your data will be erased immediately; it will still be stored at our facility in order to comply with numerous statutory obligations, specifically a provision of the GDPR regulations, AML and CFT requirements, under which we are required to store any collected information for a minimum period of 5 years from relations termination, for the purposes of the prevention, detection, analysis and investigation of money laundering or funding of terrorism activities. Your Personal data will be erased from our records after this period has elapsed.
13.7 Restrict processing
You have the right to ask us to restrict the processing of Personal data in case the data is incorrect or incomplete or in case Personal data is processed unlawfully (GDPR, Article 18).
13.8 Receive Personal data
You have the right to receive Personal data concerning you provided to us, in a structured, commonly used and machine-readable format.
13. 9 Have Personal data transmitted
You have the right to have Personal data transmitted directly from one controller to another, where technically feasible (GDPR, Article 20). You may request the transfer Personal data to you or to a third party, and we will provide to you, or a third party you have chosen (where technically feasible), your Personal data; note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.
13.10 Right to Object
You have the right to object (GDPR, Article 21), on grounds relating to your particular situation, where there is a reason to believe that we have no lawful grounds for processing Personal data, at any time to processing of Personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.
13.11 Requests and Complaints
If you have any queries in relation to this policy, you wish to access or correct the Personal data we hold about you, or make a complaint, please contact us in writing at:
Email: [email protected]; or
Mail: Privacy Officer
Number X Europe OÜ
Vesivärava tn 50-201,
You have the right to file complaints regarding processing of your Personal data to our Privacy Officer as set forth above.
We aim to acknowledge receipt of all privacy complaints from you within 5 working days and resolve all complaints within 30 business days. Where we cannot resolve a complaint within that period, we will notify you of the reason for the delay as well as advising the time by which we expect to resolve the complaint.
In order to disclose information to you in response to a request for access we may require you to provide us with certain information to verify your identity. GDPR may prescribe exceptions which may affect your right to access your Personal data.
In the event that you believe that there has been a breach of GDPR, we invite you to contact us as soon as possible.
If you are not satisfied with our handling of a complaint or the outcome of a complaint you have the right to lodge a complaint with an appropriate authority:
Estonian Data Protection Inspectorate
39 Tatari St., 10134 Tallinn
telephone (from abroad add +372) 627 4135
e-mail [email protected]
Should we lawfully receive your Personal data from a third party, you will have the same rights regarding information in question as related to information you provided to us directly or we have collected during cooperation with you.
14. Implementation of changes
Please acknowledge, by implementing some rights given by GDPR (erasure, stop processing), you will be deprived of some features of the Website, and in some cases, where applicable, we may be forced to close your access to our Website. Despite the rights exercised by you, we anyway could proceed with your Personal data processing, if required by law.
We are committed to protecting the privacy of Personal data and make every effort to disclose the processing details clear and simple to understand.
Should you have any questions concerning the information above, please, don't hesitate to contact us as set forth above.
If you are a California resident, you can learn more about how we use your information and your privacy rights by reviewing the CCPA/CPRA Privacy Notice below.
1. Policy Statement
Personal Identifying Information: ("Personal Information" or "PII"): means any information relating to an identified or identifiable natural person (i.e. "Data Subject"); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, or an online identifier, or to one or more factors specific to the physical, economic, cultural or social identity of that natural person (e.g. your name, address, email address, tax identification number, etc.)
Business, for the purpose of CCPA/CPRA, refers to the Company as the legal entity that collects Consumers' personal information and determines the purposes and means of the processing of Consumers' personal information, or on behalf of which such information is collected and that alone, or jointly with others, determines the purposes and means of the processing of Consumers' personal information, that does business in the State of California.
CCPA and/or CPRA refers to the California Consumer Privacy Act (the "CCPA") as amended by the California Privacy Rights Act of 2020 (the "CPRA").
Consumer, for the purpose of the CCPA/CPRA, means a natural person who is a California resident. A resident, as defined in the law, includes (1) every individual who is in the USA for other than a temporary or transitory purpose, and (2) every individual who is domiciled in the USA who is outside the USA for a temporary or transitory purpose.
For the purposes of the CCPA/CPRA, Personal Data means any information that identifies, relates to, describes or is capable of being associated with, or could reasonably be linked, directly or indirectly, with you.
Data Subject: means an identified or identifiable person or entity.
Data Controller: means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Information.
Data Processor: means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Data Controller.
Website: means any Website under common ownership or control of Number X used for providing our services to you.
Third Party: means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorized to process personal data.
Personal Data Processing: any operation or set of operations performed on personal data (e.g., collection, storage, use, disclosure erasure).
IP Address: a unique string of numbers separated by periods that identifies each computer using the Internet Protocol to communicate over a network.
Pseudonymization: means the processing of personal data in such a manner that the personal data can no longer be attributed to a specific Data Subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organizational measures to ensure that the Personal Information are not attributed to an identified or identifiable natural person.
Definitions and interpretations not included in this Section should be checked in the Service Terms and other policies available on the Website. In cases where some definitions are not explained on the Website, you should interpret them according to the definitions provided in applicable laws. If you are not sure what some definitions mean, feel free to contact us by sending an email to [email protected] for assistance.
- Who is Number X and how we may work with you
- What Personal Information we may collect from you
- Why we are collecting this Personal Information from you
- How we process and utilized your Personal Information
- Your rights to access, amend, or request records of your Personal Information
- How we secure your Personal Information when working with third party vendors
- The security procedures we use to protect your Personal Information
- How we store your Personal Information and how long we retain it
- To inform you about marketing and our official pages on social media
- How to contact Number X, or our regulators, to register a complaint in regard to the management or security of your Personal Information.
4. Number X
Number X LLC 360 NW 27th St., 8th Miami, Florida, 33127, USA launched in the United States to broaden the reach of the Number X related services and service residents in the United States in a safe and regulated manner. Number X is a cross-border Merchant of record for global digital businesses.
Founded in 2022, we believe that every cross-border business should be able to scale as fast as a local business, without any regulatory and tax hurdles.
Number X offers ecommerce companies a completely different approach to distribution of digital goods. Instead of maintaining a complex payment infrastructure, we cover every aspect of payment processing on target markets, taking away 100% of the pain of regulations, taxes, chargebacks, user support, and interaction with local authorities. It’s faster, safer and simpler.
5. Gathering and Use of Personal Information
5.1. Information we collect
Consistent with our obligations, when you order our services or visit our Sites, we will ask you to provide information to verify your identity. Please note if you refuse to provide this Personal Information, we will not be able to provide our services to you.
The types of Personal Information for an individual customer which we collect may include:
- Full legal name
- Proof of identity (e.g. driver’s license, passport, or government issued ID)
- Mobile phone number
- Email address
- Date of birth
- Internet Protocol (“IP”) address, internet browser and operating system information, geolocation details
- Banking details, including account number, routing number and payment card data
- Employment details
- Information to corroborate the stated source of your funds
- Photographic images, which may include video footage
- Additional Personal Information at the discretion of our Compliance and Legal Department.
- Institution or corporate legal name and "doing business as" ("DBA") name
- Employer Identification Number ("EIN"), Tax Identification Number ("TIN") or similar
- Full legal name of all authorized account customers and beneficial owners
- Email addresses of all authorized account customers
- Mobile phone numbers of all authorized account customers
- Contact information of all authorized account customers and beneficial owners
- Proof of identity (e.g. driver’s license, passport, or government issued ID) of all authorized account customers and beneficial owners
- Personal Information for each authorized account customers and beneficial owners
- Proof of legal existence (e.g. state certified articles of incorporation or certificate of formation, unexpired government-issued business license, trust instrument, or other comparable legal documents as applicable)
- Proof of beneficial ownership (e.g. operating agreement, share registry, capitalization table, schedule K-1, or other comparable legal documents as applicable)
- Additional business records at the discretion of our Compliance and Legal Department.
We require your Personal Information only for the purposes of providing to you the services requested from Number X and to satisfy the legal requirements from our obligations. If you refuse to share your Personal Information, we will not be able to provide our services to you. We may share Personal Information with third-party service providers (including those that may be located outside of the United States or your country), who help us operate our systems, and detect fraud and security threats within the normal course of our business. Such third-party service providers are subject to strict confidentiality obligations. Additionally, we may be compelled to share your Personal Information with law enforcement, government officials, and regulators.
5.2. Purposes of using Personal Information
Reasons we can share your personal information include:
- To provide and maintain our services;
- To manage your account: to manage your registration as a customer of the service(s);
- For the performance of a contract;
- To contact you;
- To provide you with special offers and general information;
- To manage your requests;
- To ensure security of your account;
- To comply with legal obligation purposes such as tax reporting;
- To provide you with information about products and promotions that may be of interest to you;
- For market research;
- For business transfers;
- For other purposes: we may use your Personal Information for other purposes, such as data analysis, identifying usage trends, determining the effectiveness of our promotional campaigns and to evaluate and improve our service(s), products, services, marketing, and your experience.
You can limit the dissemination of your Personal Information regarding special offers and general information, information about products and promotions, market research and other purposes.
6. Tracking Technologies and Cookies
6.1. IP Addresses
We may collect information about your computer or device used to access our Website, including your IP address, operating system and browser type. Such information is collected for the limited purposes of; system administration, to report aggregate information for our internal statistics, to ensure that you are in a jurisdiction which we are authorized to operate, and to ensure that your account has not been compromised by detecting irregular or suspicious logins or transactions.
6.2. Web Beacons
Certain sections of our service(s) and our emails may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users and customers who have visited those pages or opened an email and for other related website statistics (for example, recording the popularity of a certain section and verifying system and server integrity).
You may control the cookies through your browser settings. We use both session and persistent cookies for the purposes set out below:
Necessary / Essential Cookies Type: Session Cookies Administered by us with purpose: these cookies are essential to provide you with services available through the Website and to enable you to use some of its features. They help to authenticate customers and customers and prevent fraudulent use of their accounts. Without these cookies, the services that you have asked for cannot be provided, and we only use these cookies to provide you with those services.
Tracking and Performance Cookies Type: Persistent Cookies Administered by third parties with purpose: these cookies are used to track information about traffic to the Website and how you use the Website. The information gathered via these cookies may directly or indirectly identify you as an individual visitor. This is because the information collected is typically linked to a pseudonymous identifier associated with the device you use to access the Website. We may also use these cookies to test new pages, features, or new functionality of the Website.
7. Disclosure of Personal Information
The Personal Information we collect and the practices of using such information as described herein are done for the purposes of providing you with the best customer experience possible, as well as protecting you from the risk of fraud and improper use. The Personal Information collected is sought to best serve you as the customer and to continue to maintain and improve Number X to meet your needs.
7.1. Third-Party Service Providers, Regulators, Law Enforcement
Number X may share Personal Information with third-party service providers (including those that may be located outside of the United States or your country), who help us operate our Website and systems, and detect fraud and security threats throughout the normal course of our business. Any third party which receives or has access to your Personal Information is required to protect such Personal Information and only to use it for the limited purposes necessary to carry out the services they are explicitly contracted to provide. Such third parties, aside from law enforcement or regulatory authorities, are contractually bound by the same security and confidentiality policies and responsibilities as Number X. Number X does not sell customer Personal Information to third-parties for the purposes of marketing.
7.2. Change in Ownership
7.3. Staff Non-Disclosure of Personal Information
8. Your Rights
You have the right to access your Personal Information. If you are located in the United States, European Economic Area, or the Channel Islands and have questions regarding the processing, use, or storage of your Personal Information, you may contact us at [email protected] at Number X LLC 360 NW 27th St., 8th Miami, Florida, 33127, USA.
8.1. Requesting Your Personal Information
If you choose to submit a written request for your Personal Information to [email protected] we will provide you with a copy of all of your all the Personal Information retained by Number X . Additional minimal charges may be incurred by you to offset administrative costs associated with providing you additional copies of your Personal Information.
8.2. Updating or Amending Your Personal Information
At any point you may correct, update, amend or revise your Personal Information by sending an email to [email protected] When possible, you may be required to update your Personal Information on your account profile page by logging into our Website. To ensure the accuracy and integrity of your Personal Information we may request additional Personal Information and/or identification documentation. If you refuse to provide the Personal Information requested, we reserve the right to not provide our services to you.
8.3. Removing Your Personal Information
At any point, you may also request the closure of your account. Upon closure, your Personal Information will only be stored by Number X to satisfy our obligations. We are required to store customer records for a period of five years after the closure of the account.
8.4. Automated Data Processing
In order to efficiently provide Number X’s services to you, we employ a series of automated processing systems to reduce the risks of fraud, money laundering and/or abuse of our services. Through these automated systems, we carry out an analysis of your identification, transactional and behavioral patterns based on the information provided to us. If you do not wish this automated processing to be carried out, please contact us at [email protected] and we will review your application manually. Increased wait times may apply for applications that are processed manually.
Number X have implemented technical and organizational security measures to ensure the confidentiality, integrity and accountability of your Personal Information. Through a constant process of reevaluation and testing we pride ourselves on our abilities to protect your Personal Information from loss, misuse, manipulation or destruction. Examples of measures we take to protect your Personal Information include:
- Pseudonymization and TLS 1.3 encryption of personal data
- Access control
- The ability to ensure the ongoing confidentiality, integrity, availability and resilience of our processing systems and services
- The ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident
- Only authorized personnel, who are subject to strict confidentiality agreements, have access to your Personal Information.
Number X conducts testing and evaluations of our technical and organizational measures effectiveness on a regular basis. Technical and organizational security measures will be reviewed on a rolling basis to consider all legal and technical developments. Additionally, we perform ongoing due diligence on third-party vendors which may have access to your Personal Information.
In the event of a data breach or the failure of our security measures, we will notify you immediately. Number X may retain a data protection and breach notification security advisory firm which monitors all applicable reporting requirements for the United States and other jurisdictions which we operate.
10. Retention of Personal Information
10.1. Your Personal Information is held on servers located in the European Economic Area at some of the most secure facilities in the world.
Access to this information is under strict access controls. Members of Number X staff whose offices are outside of the United States or European Economic Area are under strict contractual obligations to adhere to the same principles of data security and processes as those within the European Economic Area and United States.
10.2. We do not store your payment method, unless you create an account to conduct future transactions.
The payment method information that you provide to make instant digital asset purchases are passed through a third-party payment processor which is based in the European Economic Area and bound to the same regulations as Number X. Additionally, Number X has contractual agreements with the payment processors to further safeguard your rights. We are required to store Personal Information associated with a transaction for a period of five years after the transaction is processed.
11. Marketing Data Processing, Advertising and Social Pages
11.1. We may use your Personal Information for marketing purposes if you provide your consent during registration or post-registration by checking marketing preferences boxes in your account profile page.
Additionally, we may notify existing customers about our products or services that are similar to those we have already provided based on our legitimate interest.
11.2. You have the right to withdraw your consent for us to process your Personal Information for marketing purposes.
To exercise this right, you can uncheck the marketing preferences boxes in your account profile or contact us at [email protected]
11.3. We maintain a strong presence on various social media platforms to stay connected with our customers and keep them updated on our latest developments.
Our social fan pages include LinkedIn, Telegram and Instagram.
Here is the list of our social pages:
Telegram - https://t.me/numberx_uk
Please verify that you are on the correct website, to do it you can use the links provided above to access these pages directly.
11.4. We encourage our customers to follow and engage with us on our social media pages.
11.5. We may use social media advertising to promote our services and reach a wider audience.
11.6. Please note that any content posted by you on our social media pages is subject to the respective social media platform's terms of service and community guidelines.
We reserve the right to moderate or remove any content that violates these guidelines or our company policies.
12.1. External Links
We do not control third-party sites or any of the content contained therein. You acknowledge that by leaving our Website, Number X is not responsible or liable for any of those third-party sites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those sites. We encourage you to review all policies, rules, terms and regulations, including the privacy policies, for each site that you visit.
12.2 Fraud, Phishing and Email Scam Disclaimer
Customer support is only provided through the Number X Website and is always provided free of charge. Number X will never ask you your password.
If you discovered what you believe is fraud, phishing, or a scam which impersonates Number X, please email us at [email protected]
12.3 Unsolicited Submissions
13. Contact Information
13.1 Protection of Personal Information in the United States
Federal Trade Commission: https://www.ftc.gov
Consumer Financial Protection Bureau: https://www.consumerfinance.gov
Department of Commerce: https://www.commerce.gov
13.2 Feedback and Resources
Number X LLC 360 NW 27th St., 8th Miami, Florida, 33127, USA (hereinafter "we", "us" or "our") are committed to protecting and respecting your privacy.
Categories of Personal Information Collected
We collect information that identifies, relates to, describes, references, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular Consumer or Device. The following is a list of categories of personal information which we may collect or may have been collected from California residents within the last twelve (12) months. Please note that the categories and examples provided in the list below are those defined in the California Consumer Privacy Act / California Privacy Rights Act. This does not mean that all examples of that category of personal information were in fact collected by us but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been collected. Please note that only certain categories of personal information would only be collected if you provided such personal information directly to us. Additionally, please be aware that some information is collected automatically.
- Identifiers, such as your real name, user ID, postal address, email address, a copy of your identification (such as your driver’s license or passport), your social security number and/or other government identification or registration data, IP address, domain name, and other similar identifiers.
- Personal Information listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e)):
- Financial information, such as bank account information, routing number;
- Transaction Information, such as public blockchain data;
- Credit and Fraud Information, such as credit investigation, credit eligibility, identity or account verification, fraud detection, or as may otherwise be required by applicable law;
- Correspondence, such as information that you provide to us in correspondence, including account opening and customer support;
- Institutional Information, such as for institutional customers, we may collect additional information, including institution’s legal name, Employer Identification Number (“EIN”) or any comparable identification number issued by a government, and proof of legal existence (which may include articles of incorporation, certificate of formation, business license, trust instrument, or other comparable legal document);
- Device Information, such as hardware, operating system, browser, device model, screen width, screen height;
- Telephone number;
- Usage Data, such as system activity, internal and external information related to Number X web pages that you visit, clickstream information;
- Additional Information, as permitted by law or required to comply with legal obligations, which may include criminal records or alleged criminal activity, or information about any person or corporation with whom you have had, currently have, or may have a financial relationship. Personal Information you provide during the registration process may be retained, even if your registration is left incomplete or abandoned.
- Commercial information, such as information about your transactions and transaction history, account balances.
- Internet or other Electronic Network Activity Information, such as information related to browsing history, search history, and information regarding a consumer’s interactions with Number X website, or advertisement.
- Geolocation data to the extent we need to verify your location for anti-fraud purposes depending on the Services provided and your use of them.
- Sensory data: audio, electronic, visual, thermal, olfactory, or similar Information, such as images and videos collected for identity verification, audio recordings left on answering machines.
- Biometric Information, such as scans of your face geometry extracted from identity documents.
- Professional or employment-related information, such as your occupation, source of funds.
- Inferences drawn from the above information, which may include inferences about preferences, characteristics, and behavior.
- Sensitive Personal Information, such as government-issued verification numbers (i.e. Social Security Number or equivalent, driver’s license number, passport number), and biometric information (i.e. scans of your face geometry extracted from identity documents).
We collect this personal information to underwrite and set up your account, as well as to provide and promote our Services to you.
Sources of Personal Information
We obtain the categories of personal information listed above from the following categories of sources. Directly from you: for example, from the forms you complete on our Website, preferences you express or provide through our Service, or from your purchases on our Website. Indirectly from you: for example, from observing your activity on our Website. Automatically from you: for example, through cookies we or our Service Providers set on your Device as you navigate through our Website. From Service Providers: for example, third-party vendors to monitor and analyze the use of our Service, third-party vendors to provide advertising on our Service, third-party vendors to deliver targeted advertising to you, third-party vendors for payment processing, or other third-party vendors that we use to provide the Service(s) to you.
Use of Personal Information
We may use or disclose personal information we collect for "business purposes" or "commercial purposes" (as defined under the CCPA/CPRA), which may include the following examples:
- To operate our Website and provide you with our Service(s).
- To provide you with support and to respond to your inquiries, including to investigate and address your concerns and monitor and improve our Service(s).
- To fulfill or meet the reason you provided the information. For example, if you share your contact information to ask a question about our Service(s), we will use that personal information to respond to your inquiry. If you provide your personal information to purchase a product or service, we will use that information to process your payment and facilitate delivery.
- To respond to law enforcement requests and as required by applicable law, court order, or governmental regulations.
- As described to you when collecting your personal information or as otherwise set forth in the CCPA/CPRA.
- For internal administrative and auditing purposes.
- To detect security incidents and protect against malicious, deceptive, fraudulent, or illegal activity, including, when necessary, to prosecute those responsible for such activities.
- Other one-time uses.
Disclosure of Personal Information
We may use or disclose and may have used or disclosed in the last twelve (12) months all of the categories of personal information provided in the section Categories of Personal Information Collected for business or commercial purposes. Use and disclosure of Sensitive Personal Information. We recognize the importance of protecting your sensitive personal information, as defined by applicable California law. If we collect, use, or share sensitive personal information, we limit its use or disclosure to only those business purposes that are permitted by law. These purposes may include processing transactions, fulfilling orders, providing customer service, and conducting internal audits or analysis. We may also disclose sensitive personal information as required by law, to protect our legal rights, or to comply with a court order or legal process.
Share of Personal Information
We may share, and have shared in the last twelve (12) months, your personal information certain identified in the above categories with the following categories of third parties:
- Service Providers, which include IT and cloud hosting companies, auditors, analytics providers, advertising partners, ad networks for business purposes.
- Affiliates and subsidiaries of Number X.
- Payment providers.
- Our business partners.
- Third party vendors to whom you or your agents authorize us to disclose your personal information in connection with products or services we provide to you.
Sale of Personal Information
- Personal information categories listed in the California Customer Records statute (Cal. Civ. Code § 1798.80(e))
- Commercial information
- Internet or other Electronic Network Activity Information
Please note that the categories listed above are those defined in the CCPA/CPRA. This does not mean that all examples of that category of personal information were in fact sold but reflects our good faith belief to the best of our knowledge that some of that information from the applicable category may be and may have been shared for value in return.
Sale of Personal Information of Minors Under 16 Years of Age
Minors are not permitted to use Number X Services. If you are a parent or guardian and believe that Number X has information of a child under the age of 18 please contact us immediately at [email protected] so we remove any such information from our database.
Your CCPA Privacy Rights
You have rights that you can exercise in relation to your personal information. In particular:
- Right to know about the personal information we collect about you and how it is used and shared. You may ask for information about the categories of personal information we have collected about you, the categories of sources from which your personal information has been collected, the business or commercial purpose for collecting or selling your personal information, as well as the categories of third parties with whom we may share or to whom we sell your personal information and the categories of personal information that have been provided to such third parties. You may also ask us for a copy of the specific pieces of personal information we have collected about you in a machine-readable format.
- Right to delete. You have the right to request the deletion of your Personal Information. Please note that we may not be able to fully address your request in certain circumstances, such as when we need to complete a transaction for you, detect and protect against fraudulent or illegal activity, exercise our rights, or comply with a legal obligation. If we are unable to fulfill your request, we will inform you of the reason why.
- Right to opt-out of the Sale of Personal Information. We do not sell the Personal Information of consumers. However, you have the right to direct us to not sell your Personal Information at any time by sending a request to the contact email stated below.
- Right to correct. You may ask us to correct inaccurate information that we have about you.
- Right to limit. You have the right to request us to only use your sensitive personal information (f. e., your social security number, financial account information, your precise geolocation data, or your genetic data) for limited purposes, such as providing you with the Services.
- Right to nondiscrimination. We will not discriminate against you for exercising any of your consumer’s rights listed above. This means that we will not deny you Services, charge you different fees, or provide you with a lower level of Services if you exercise your privacy rights.
Exercising Your CCPA/CPRA Data Protection Rights
You may exercise any of your privacy rights by contacting us through one of the communication channels provided in the Contact Us section of this US Privacy Notice.
You may authorize a person to act on your behalf in relation to exercising these rights, but we may need to take certain steps to verify the request made is legitimate, i.e., that it is indeed coming from you and that it is made on your behalf. For example, we may require your signed permission demonstrating that you have authorized the agent to submit the request on your behalf.
Your request to us should: (1) provide sufficient information that allows Us to reasonably verify You are the person about whom we collected personal information or an authorized representative and (2) describe your request with sufficient detail that allows Us to properly understand, evaluate, and respond to it.
We cannot respond to your request or provide you with the required information if we cannot: (1) verify your identity or authority to make the request, (2) and confirm that the personal information relates to you.
We will disclose and deliver the required information free of charge within 45 days of receiving your verifiable request. The period to provide the required information may be extended once by an additional 45 days when reasonably necessary and with prior notice. Any disclosures we provide will only cover the 12-month period preceding the verifiable request's receipt.
For data portability requests, we will select a format to provide your personal information that is readily usable and should allow you to transmit the information from one entity to another entity without hindrance.
Please note that where we use and disclose personal information for purposes related to security, fraud detection and other similar purposes, some of your rights may be limited. As such, please consider that there might be cases where your request cannot be fulfilled. For example, as permitted by the CCPA, it is possible that we may not comply with a request to delete your personal information if we need that information for the purpose of detecting security incidents, or protecting against malicious, deceptive, fraudulent, or illegal activities, where such information is necessary to record our contractual dealings or your transactions or where required or otherwise permitted by law.
If you want to know more about your rights, or you want to exercise them, or you have any questions or concerns regarding this Privacy Notice you can reach us by [email protected]
Compliance with Local Regulations - Japan and South Korea
For users accessing our services from Japan and South Korea, we want to assure you that we are committed to compliance with local data protection regulations, including the Act on the Protection of Personal Information (Japan) and the Personal Information Protection Act (South Korea).
If you are a resident of Japan or South Korea and have any concerns or inquiries regarding the handling of your personal information, please reach out to us at [email protected] We encourage you to use this email for all communications related to privacy matters.
Your privacy is important to us, and we are dedicated to addressing any questions or concerns you may have in a timely and transparent manner.