PRIVACY POLICY

1. General Information

1.1. This Privacy Policy (hereinafter – the "Policy") describes the collection, processing, storage, and protection of personal data of website users and clients by Nexory Labs OÜ, a company registered under the laws of the Republic of Estonia, registration code 17496011, with its registered address at: Harju maakond, Tallinn, Põhja-Tallinna linnaosa, Telliskivi tn 57, 10412 (hereinafter – the "Company").

1.2. The Company operates in the field of digital marketing, online promotion, and the development of solutions for technology and blockchain projects.

1.3. The Company complies with:

• the General Data Protection Regulation (GDPR);
• the data protection laws of the Republic of Estonia;
• AML/KYC requirements and international compliance standards.

1.4. By using the website or the Company's services, the user confirms that they have read this Policy and agree to the processing of personal data in accordance with its provisions.

2. What Personal Data We May Collect

2.1. Data Provided by the User or Client. The Company may collect the following personal data:

• first and last name;
• company name;
• contact details (email address, phone number, address);
• payment and banking details;
• invoicing information;
• information contained in agreements or business correspondence;
• documents required for AML/KYC verification where required by law or compliance policies.

2.2. Technical Data and Website Usage Information. When using the website, the Company may automatically collect:

• IP address;
• browser and device type;
• operating system;
• date and time of access;
• visited pages and user actions;
• cookies and similar technologies.

2.3. Payment and Compliance-Related Data. The Company may receive:

• payment and transaction information;
• data from banks, payment institutions, and financial service providers;
• information necessary for AML/KYC verification;
• confirmation of source of funds or payment origin where required by law or financial institutions.

3. Purpose of Personal Data Processing

3.1. Personal data is processed solely for the following purposes:

• providing digital marketing, online promotion, and digital solution development services;
• communication with clients and partners;
• concluding and performing agreements;
• issuing invoices and processing payments;
• compliance with AML/KYC and regulatory requirements;
• fraud prevention and security protection;
• ensuring proper website functionality;
• analyzing website performance and improving services;
• fulfilling legal and regulatory obligations.

3.2. The Company processes personal data lawfully, fairly, transparently, and only to the extent necessary for the specified purposes.

4. Sharing Personal Data with Third Parties

4.1. The Company may share personal data with third parties only where necessary for lawful business operations or compliance with legal obligations.

4.2. Financial Institutions and Payment Providers.

4.2.1. Data may be shared with:

• banks;
• payment institutions;
• international payment service providers;
• accounting and financial service providers;
• AML/KYC compliance providers.

4.2.2. Such data transfers are limited to what is necessary for:

• payment processing;
• execution of financial transactions;
• AML/KYC verification;
• compliance with financial monitoring obligations.

4.3. Technical and Service Partners

4.3.1. The Company may engage third-party service providers for:

• hosting;
• web analytics;
• CRM systems;
• cybersecurity;
• cloud storage;
• accounting support.

4.3.2. Such providers receive access only to the data necessary for performing their functions.

4.4. Government Authorities and Regulators. The Company may disclose personal data:

• where required by applicable law;
• upon request of courts, law enforcement agencies, or regulators;
• for compliance with AML/KYC and sanctions regulations.

5. Retention of Personal Data

5.1. Personal data is retained only for the period necessary for:

• performance of agreements;
• accounting and tax obligations;
• compliance with AML/KYC requirements;
• fulfillment of legal and regulatory obligations;
• dispute resolution and protection of the Company's legitimate interests.

5.2. After the applicable retention periods expire, data is deleted or anonymized unless otherwise required by law.

6. User Rights

6.1. Users have the right to:

• obtain information regarding the processing of their personal data;
• receive a copy of their personal data;
• request correction of inaccurate or incomplete data;
• request deletion of personal data where permitted by law;
• restrict the processing of personal data;
• object to data processing in cases provided by GDPR;
• receive personal data in a structured format;
• withdraw consent where processing is based on consent.

6.2. To exercise their rights, users may contact the Company using the contact details provided below.

7. Security of Personal Data

7.1. The Company implements appropriate technical and organizational measures to protect personal data against:

• unauthorized access;
• loss;
• alteration;
• destruction;
• disclosure.

7.2. Data transmitted through the website is protected using secure communication protocols (SSL/TLS/HTTPS).

7.3. Access to personal data is restricted to authorized personnel who are subject to confidentiality obligations.

8. Cookies and Analytics

8.1. The Company may use cookies and similar analytics technologies for:

• ensuring proper website functionality;
• traffic analysis;
• improving functionality and user experience;
• maintaining website security.

8.2. Users may independently restrict the use of cookies through browser settings.

9. International Data Transfers

In the course of international business operations, personal data may be transferred outside the European Economic Area only in compliance with GDPR requirements and with appropriate safeguards in place.

10. Changes to the Policy

10.1. The Company reserves the right to modify or update this Policy at any time.

10.2. The updated version of the Policy becomes effective upon publication on the website.