UAB New Software Solutions (t/a CREDITS) is a limited liability company pursuant to Lithuanian laws, registered with the State Enterprise Centre of Registers (SECR) under registration number 306045667. CREDITS has its corporate seat at Žalgirio g. 90-100, LT-09303 Vilnius.
What data do we collect?
CREDITS collects the following information:
Personal identification information (name, home address, passport details, date of birth, email address, phone number, username, signature). This information helps to identify you;
Information required by regulatory authorities (e.g., AML/CTF & KYC requirements) (identity documents, personal photo, information about the ultimate beneficiaries, proof of address, utility bills or bank statements, source of fund declaration, purposes of fund documents, and source of wealth);
Information related to usage of our Services (web requests, IP address, browser type, language, time zone settings, browser plug-in types and versions, operating system and hardware settings, phone number, information derived from network operator, GPS, base station, and WLAN). This information helps our systems to ensure that our Services are accessible to Users across all platforms and can aid in criminal investigations. Your location information (determined through GPS and IP address) helps us to prevent fraud when your location and device type are different from what you would usually use;
Information related to Transactions (account numbers, account balances, Transactions history, transaction activity, distribution history). We collect this information to monitor suspicious trading activity for fraud protection, legal case resolution, and other purposes disclosed in this Policy; and
Communication information (all communications and file attachments sent to us or generated by your use of our services, including all messages, requests, or other information transmitted in the course of your contract with us, and all communications and file attachments sent in connection with your use of our services).
How do we collect your data?
You directly provide CREDITS with most of the data we collect. We collect and process data when you:
Register for, log in to, or visit our Website, Platform, or any CREDITS service;
Voluntarily complete any User survey or provide feedback to us via email or other channels; and
Use or view our Website or Platform via your browser’s or software’s cookies.
We may also receive your data indirectly from the following sources:
Public databases, credit bureaus, ID verification, AML/KYC verification partners, and transaction monitoring tools;
Third parties that provide services to you or us;
Marketing partners and resellers; and
Advertising partners and analytics providers.
How will we use your data?
We collect your data so that we can:
Provide and maintain CREDITS Services. We use the collected information to deliver, support, and improve CREDITS Services and verify our Users’ identities;
Protect our Users. We use the collected information to protect our Website, Platform, Users’ Accounts, and archives. We use IP addresses and cookies to protect against automated abuse such as spam, phishing, and other hacker attacks;
Communicate with you. We use personal information such as your phone number or email address to interact directly with you when providing customer service or to keep you informed about logins, transactions, account security, and other aspects. All direct communications are adequately kept at CREDITS or the service provider chosen by CREDITS so that they can be checked for accuracy, kept as proof, or used to meet other legal or contractual obligations;
Enforce our T&Cs and other agreements with our Users. It includes, but not limited to, reviewing, investigating, and preventing any potentially prohibited or illegal activities that may violate the preceding provisions or disclose the relevant information to a third party in accordance in addition to that;
Marketing and advertising. We may use your personal information for targeting, modeling, and/or analytics, as well as marketing and advertising; and
Establishment, exercise, or defense of legal claims, whether in court proceedings or an administrative or out-of-court procedure. Our legitimate interests, which are the protection and assertion of our legal rights, your legal rights, and the legal rights of others, give us the right to do this.
Please do not provide any other person’s personal data unless we ask you to do so and/or we have agreed before receiving the data in written form. Any unidentified information we receive will be notified to you and destroyed immediately.
Transfer of your personal data
You understand that we have the right to have all or some of the collected personal information transferred to or stored in countries or regions other than your country of nationality, your country of residence, or the country where the server is, without your specific consent, under the following circumstances:
If it is required to protect, process, analyze, and reasonably use the personal information;
If it is required to enforce our T&Cs and other agreements with our Users;
If it is required for the public interest;
If it is required to establish, exercise, or defend the rights of us, our partners, or other Users; and
Other circumstances are required by law or government orders.
Some of our Services or activities may be outsourced to third parties which will process your personal data (e.g., third-party organizations that provide applications/functionality, data processing, or IT services to us). We will share your personal data only to the extent necessary for the purposes defined in the relevant agreements. We use standard contract clauses, rely on the European Commission’s adequacy decision for specific countries, and, when applicable, conduct data protection impact assessments before processing, which may potentially result in a high risk to your rights and freedoms. By using our Services you give us your consent to process your personal data in third countries, including outside the EEA. You have the right to obtain copies of the standard contractual clauses, a summary description of the security measures we put in place for your personal data processing in third countries, and a list of subcontractors used for your personal data processing. Send your request to email@example.com, and we'll get back to you within a month with this information. You also have the right to revoke your consent at any time by sending us an email to firstname.lastname@example.org.
How do we store and protect your data?
We take all necessary precautions to safeguard the privacy of your personal information. We use technical, contractual, administrative, and physical security steps to protect your personal information. We adopted security measures such as restricted access, scanning, encryption, and firewalls to minimize the risk that your information may be lost, disclosed, misused, accessed without authorization, disclosed without authorization, or altered.
Please be aware that no data transmission over the Internet or via email is entirely secure. Therefore we cannot guarantee the protection of all personal information in all cases. As such, we request that you understand the responsibility to take safety precautions to protect your own personal information independently. You agree that we shall not be liable for any information leakage and other losses caused by force majeure and/or intentional acts of third parties, including but not limited to hacker attack, power interruption, or unavoidable technical failure, to the maximum extent permitted by Law.
Also, please remember that materials posted to online forums such as bulletin boards or chat rooms are public, not secure, and may be viewed by anyone. Any personal information you post may be collected and used by anyone, resulting in unsolicited messages from other parties.
We'd like to send you information about our products and services that we think you might like. If you have agreed to receive marketing, you may always opt-out at a later date. You have the right to stop us from contacting you for marketing purposes anytime. If you no longer wish to be contacted for marketing purposes, please click on the unsubscribe link at the bottom of the marketing email and submit your request to unsubscribe.
What are your data protection rights?
We would like to make sure you are fully aware of all of your data protection rights. Therefore, every client is entitled to the following:
The right to access: you have the right to request copies of your personal data. We may charge you a reasonable fee for providing this service.
The right to rectification: you have the right to request that we correct any information you believe is inaccurate. You also have the right to ask us to complete the information you think is incomplete within a reasonable time frame.
The right to erasure: you have the right to request that we erase your personal data under certain conditions.
The right to restrict processing: you have the right to request that we restrict processing of your personal data under certain conditions. However, you should be aware that such a processing restriction may prevent us from providing you with some CREDITS services.
The right to object to processing: you have the right to object to our processing of your personal data under certain conditions. However, you should be aware that such a processing restriction may prevent us from providing you with some CREDITS services.
The right to data portability: you have the right to request that we transfer the data that we have collected to another organization or directly to you under certain conditions. We may charge a reasonable fee for providing this service.
If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email address: email@example.com.
Retention and erasure periods:
Personal data collected for the implementation of the obligations under the Law on Money Laundering and Terrorist Financing Prevention shall be stored in accordance with the Law on Prevention of Money Laundering and Terrorist Financing of the Republic of Lithuania for up to 8 (eight) years. The retention period may be extended for a period not exceeding 2 (two) years, provided there is a reasoned request from a competent authority.
What are cookies?
Cookies are text files placed on your computer to collect standard Internet log information and visitor behavior information. When you visit our Website or Platform, we may collect information from you automatically through cookies or similar technology.
Keeping you signed in;
Understanding your habits and preferences when browsing CREDITS; and
Analyzing our performance and verifying the effectiveness of online advertising.
What types of cookies do we use?
Cookies may be either “persistent” cookies or “session” cookies; a persistent cookie will be stored by a web browser and will remain valid until its set expiry date unless you delete it before the expiry date; a session cookie, on the other hand, will expire at the end of your navigation session, when the web browser is closed.
How to manage cookies?
Most browsers are preset to accept cookies. You can adjust your browser settings to prevent cookies or notify you as soon as cookies are loaded. However, stopping all cookies might mean you cannot access or use some CREDITS features. Should you have any further questions, or if you wish to exercise any of your rights under the General Data Protection Regulation (GDPR), the Law of the Republic of Lithuania on the Legal Protection of Personal Data (Data Protection Law), or the European Union Directive ePrivacy 2009/136/EC (ePR), please contact us at firstname.lastname@example.org.
Privacy policies of other websites
Email us at email@example.com.
Contact the appropriate authority
You have the right to file a complaint to the competent supervisory authority if you think your rights have been violated under the GDPR. In Lithuania, this is the State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija, website available at https://vdai.lrv.lt/).