Privacy Notice

Privacy Notice for TokenFi

Effective Date: February 13, 2025

This Privacy Notice explains how TokenFi ("we," "us," or "our") collects, uses, and shares your personal information when you use our website, https://www.tokenfi.com/ (the "Website. We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant regulations.

Please read this Global Privacy Policy carefully to understand our policies and practices regarding your information and how we will process it. If you do not agree with our policies and practices, your choice is not to use our Website or Floki TokenFi Platform. By accessing or using this Website and/or Floki TokenFi Platform, you agree to this Privacy Policy. This Privacy Policy may change from time to time. Your continued use of this Website and/or Floki TokenFi Platform after we make changes is deemed to be acceptance of those changes, so please check the Privacy Policy periodically for updates.

Definitions:

  • “EEA” means, for purposes of this GDPR Notice, the then-current member states and member countries of the European Union and European Economic Area, respectively, and the United Kingdom.

  • “GDPR” means the General Data Protection Regulation 2016/679, EEA implementation legislation relating thereto, and the transposition of the General Data Protection Regulation 2016/679 into the United Kingdom’s domestic law (and amendments to the United Kingdom Data Protection Act 2018 relating thereto).

  • “Services” means the provision of the Platform and Website, related documentation and any other specified services or deliverables required to be provided by Floki TokenFi (for itself or on behalf or through any of its Affiliates) under the Agreement between you and Floki TokenFi.

  • “Agreement” means the agreement between you and Floki TokenFi. If you access Floki TokenFi Website as a User, the Agreement is the “Floki TokenFi Terms of Use”

  • Except as otherwise defined herein, the terms “controller,” “personal data,” “processor” and “processing” (including “process(es)” and “processed”) shall have the meanings set forth in the GDPR. Any capitalized terms not defined herein take their meanings from the Floki TokenFi Platform Terms of Service.

Information We Collect:

We collect various types of information from you, depending on your interaction with the Website and Services:

  • Identity Information: This may include your name, email address, postal address, phone number, username, password, date of birth, nationality, and other similar identifiers.

  • Contact Information: This includes information you provide to us for communication purposes, such as your email address, phone number, and social media handles.

  • Financial Information: If you use our Services for tokenizing assets or investing in tokenized assets, we may collect financial information, such as your payment card details, bank account information, transaction history, investment portfolio details, and other financial records. (Note: We often use third-party payment processors who have their own privacy policies.)

  • Asset Information: This includes information about the real-world assets you wish to tokenize or invest in, such as property details, ownership records, valuation reports, and other relevant documentation.

  • Technical Information: This may include your IP address, browser type, operating system, device information, location data, and other technical details about your use of the Website and Services.

  • Usage Information: This may include information about how you use the Website and Services, such as the pages you visit, the features you use, the assets you view, and the time you spend on the Website.

  • KYC/AML Information: To comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations, we collect information to verify your identity, such as government-issued identification documents (passport, driver's license), proof of address, and source of funds.

  • Accreditation Information (if applicable): If you participate in offerings requiring accredited investor status, we may collect information to verify your accreditation.

  • Marketing Information: With your consent, we may collect information about your marketing preferences and send you promotional materials.

  • Information from Third Parties: We may receive information about you from third parties, such as identity verification services, data analytics providers, credit bureaus, and marketing partners.

How We Use Your Information:

We use your information for the following purposes:

  • Providing and Improving the Services: To operate, maintain, and improve the Website and Services, personalize your experience, facilitate asset tokenization, and provide customer support.

  • Processing Transactions: To facilitate the tokenization of assets, manage your account, process investments, and prevent fraud.

  • Compliance with Legal Obligations: To comply with KYC/AML regulations, securities laws, and other legal requirements.

  • Communication: To communicate with you about your account, updates to the Services, investment opportunities, and marketing offers (with your consent).

  • Due Diligence: To conduct due diligence on the assets being tokenized and ensure compliance with regulatory requirements.

  • Analytics: To analyze how users interact with the Website and Services and improve their functionality.

  • Marketing: To send you promotional materials and personal offers related to asset tokenization and investment opportunities (with your consent).

  • Security: To protect the Website, Services, and our users from fraud, security breaches, and other harmful activity.

How We Share Your Information:

We may share your information with the following categories of third parties:

  • Service Providers: We share your information with service providers who assist us with payment processing, identity verification, data analytics, marketing, legal services, and other services necessary for our operations. We ensure these providers are contractually obligated to protect your data.

  • Legal Authorities: We may disclose your information to legal authorities if required by law, legal process, or government request.

  • Financial Institutions: We may share your information with financial institutions involved in processing transactions or providing custody services for tokenized assets.

  • Auditors and Consultants: We may share your information with auditors and consultants who assist us with compliance and risk management.

  • Business Partners: We may share your information with business partners involved in the tokenization process, such as asset owners, legal advisors, and technology providers, but only with your consent or where necessary for the Services.

  • Investors (Limited): In certain cases, and with appropriate safeguards, we may share limited information about tokenized assets with potential investors.

  • Affiliates: We may share your information with our affiliates for the purposes described in this Privacy Notice.

Your Rights:

You have certain rights regarding your personal information, including:

  • Access: You have the right to access the personal information we hold about you.

  • Rectification: You have the right to correct any inaccuracies in your personal information.

  • Erasure: You have the right to request that we delete your personal information under certain circumstances.

  • Restriction of Processing: You have the right to restrict the processing of your personal information under certain circumstances.

  • Data Portability: You have the right to receive your personal information in a structured, commonly used, and machine-readable format.

  • Objection: You have the right to object to the processing of your personal information under certain circumstances.

  • Withdrawal of Consent: You have the right to withdraw your consent to the processing of your personal information at any time.

Data Security:

We take reasonable measures to protect your personal information from unauthorized access, use, or disclosure. However, no method of transmission over the internet or electronic storage is 100% secure. We utilize industry-standard security practices, including encryption and access controls.

Data Retention:

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Notice, or as required by law, including KYC/AML regulations and securities laws.

Children's Privacy:

Our Website and Services are not intended for children under the age of 18. We do not knowingly collect personal information from children under this age.

International Data Transfers:

Your information may be transferred to and processed in countries outside of your residence, which may have different data protection laws. We will ensure appropriate safeguards are in place for such transfers.

California Privacy

This section of the Global Privacy Policy provides information to California residents whose personal information is processed pursuant to the California Consumer Privacy Act of 2018 (“CCPA”), whether through the Website/Platform or offline. It describes the categories of personal information that Floki TokenFi collects, and the purposes for which that information is collected.

This section does not apply to personal information that is protected under federal financial privacy laws. Personal information does not include information that is publicly available or that has been de-identified or aggregated.

California residents should refer to the sections Information “We Collect About You and How We Collect It” and “How We Use Your Information” for a discussion of the personal information we collect and how we collect and use it. As a California resident, beginning after January 1, 2021, you may have certain rights over personal information we have about you, depending on the type of relationship you have with us.

We do not offer an opt-out of sale link on our homepage for the purposes of the CCPA. We may share personal information with our service providers, with third parties with whom we jointly offer products or services, with third parties from whom you request a product or service through us, in the context of a merger, acquisition, bankruptcy, or other corporate transaction, or as otherwise permitted by the CCPA.

Data Subjects Rights

Subject to certain exceptions set out in the GDPR, natural persons have a right: (i) to request access to or correction or erasure of their personal data; (ii) to object to processing of their personal data; (iii) to restrict processing of their personal data; and (iv) to request a copy of their personal data, or to have a copy thereof sent to another controller, in a structured, commonly used and machine-readable format under the right of data portability. Natural persons also have the right to lodge a complaint about the processing of their personal data with a data protection authority.

Natural persons may object to personal data processed pursuant to Floki TokenFi’s legitimate interest. In such case, Floki TokenFi will no longer process their personal data unless Floki TokenFi demonstrates appropriate overriding legitimate grounds for the processing or if needed for the establishment, exercise or defense of legal claims.

Natural persons also may object at any time to processing of their personal data for direct marketing purposes. In such cases, their personal data shall no longer be used for that purpose.

You may revoke your consent at any time. Once the revocation has been exercised, it will not be retroactive unless otherwise required by law, and your data may be kept blocked for the prescription periods established by the applicable regulations.These rights may be exercised by contacting dataprotection@TokenFi.com

Please, bear in mind that concerning the Platform, we cannot delete your personal information without also deleting your user account. We may not accommodate a request to change information if we believe the change would violate any law or legal requirement or cause the information to be incorrect.

For questions or inquiries regarding this GDPR Notice, please reach out to legal@TokenFi.com.

Security Measures

We have implemented measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration, and disclosure. We store and process your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, where Floki TokenFi facilities or our service providers are located, and we protect it by maintaining physical, electronic, and procedural safeguards in compliance with applicable regulations. We use computer safeguards such as firewalls and data encryption, enforce physical access controls to our buildings and files, and authorize access to personal information only for those employees who require it to fulfill their job responsibilities.

The safety and security of your information also depend on you. Where we have given you (or where you have chosen) a password for access to certain parts of our Website/Platform, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.

Unfortunately, the transmission of information via the internet is not completely secure. Although we do our best to protect your personal information, we cannot totally guarantee the security of your personal information transmitted to our Website/Platform. Any transmission of personal data is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Website/Platform except otherwise agreed in written with us.

We store our Users' and Investors' personal information securely throughout the life of their Platform Accounts. These measures include computer safeguards, limiting access to those personnel for whom access is appropriate, securing files and buildings, and other commercially reasonable measures designed to protect the confidentiality of your personal information in accordance with policies and practices.

Floki TokenFi runs an internal security and event management platform that provides 24x7x365 monitoring and alerting for security events on our networks and system.

CHANGES TO OUR GLOBAL PRIVACY POLICY

It is our policy to post any changes we make to our Global Privacy Policy on this page with a notice that the Global Privacy Policy has been updated on the Website home page. If we make material changes to how we process our Users' and/or Investors’ personal data, we will notify you by e-mail to the primary e-mail address specified in your Platform Account or through a notice on the Website home page.

Contact Us:

If you have any questions about this Privacy Notice, please contact us at:

privacypolicy@floki.com

PreviousLEGAL DISCLAIMER

Last updated