Privacy Policy TOKERO SocialFI
This Privacy Policy describes how TOKERO processes personal data within the TOKERO SocialFI platform, in accordance with applicable data protection and digital services legislation.
I. Categories of data processed
For the functionalities of TOKERO SocialFi, the personal data processed may include, as applicable, public profile data, handle/username, profile picture, country of residence, selected interests, user-published content, comments, likes, shares/reposts, followed or following users, saved content, preferences, reports, feed usage data, and technical data generated through interaction with the social functionalities of the Platform.
Some data associated with the SocialFi profile may be visible to other users or the public, depending on the nature of the functionality used and the settings available on the Platform. Users must avoid publishing sensitive information or personal data of other individuals without a legal basis or valid consent.
The TOKERO SocialFI Platform includes public elements such as profiles, posts, and interactions. Users are responsible for the data they publish.
II. Purposes, legal bases, and duration of processing
| Purpose and categories of data | Legal basis | Duration of processing |
|---|---|---|
| Purpose: Creation and management of the SocialFi account and public profile. Categories of data: first name, last name, email address, password in secure/encrypted format, handle/username, profile picture, country of residence, areas of interest, account settings, technical registration and authentication data. |
Performance of the contract to which the user is a party, namely the Terms and Conditions applicable to TOKERO SocialFi. The Company`s legitimate interest in account security and prevention of abusive use of the Platform. | For the duration of the SocialFi account and thereafter for the period necessary to comply with legal obligations, resolve potential disputes, and protect the Company`s rights, in accordance with applicable retention periods. |
| Purpose: Providing the social functionalities of TOKERO SocialFi, including feed, content publishing, comments, likes, shares/reposts, following users, saving content. Categories of data: handle/username, profile picture, published content, comments, likes, shares/reposts, lists of followed/following users, saved content, selected interests, preferences, feed interaction data, and technical usage data. |
Performance of the contract to which the user is a party. The Company`s legitimate interest in ensuring the operation, security, integrity, and improvement of the SocialFi Platform. | For the duration of the SocialFi account or until deletion of the content/account, except where further retention is necessary to comply with the law, protect the Company`s rights, investigate abuses, or resolve disputes. |
| Purpose: Content moderation, enforcement of community rules, and prevention of fraud, abuse, market manipulation, spam, or illegal activities or activities contrary to the Terms and Conditions. Categories of data: published content, comments, reports, violation history, moderation decisions, technical logs, authentication data, IP addresses, technical identifiers, Platform behavioral data, and communications with the support/moderation team. |
The Company`s legitimate interest in protecting the Platform, users, reputation, and service integrity. Compliance with applicable legal obligations, including obligations regarding digital services, combating fraud, and cooperation with competent authorities. | For the period necessary to analyze and resolve reports or incidents, for the duration of the account and thereafter in accordance with applicable legal retention periods or relevant statutes of limitations. |
| Purpose: Analysis, measurement, and improvement of SocialFi functionalities. Categories of data: technical data, logs, aggregated or pseudonymized data regarding Platform usage, feed performance, interactions, technical errors, and statistics on feature usage. |
The Company`s legitimate interest in developing, securing, and optimizing the Platform. Consent, for processing involving analytical technologies that require consent under applicable legislation. | For the period necessary to carry out analyses and improve services, in accordance with internal retention policies and user-expressed preferences. |
| Purpose: Personalizing the SocialFi experience and displaying relevant content in the feed, Discover, or other sections of the Platform. Categories of data: selected interests, viewed content, interactions with posts and users, preferences, saved content, technical usage data, and aggregated information about Platform behavior. |
Performance of the contract, for functionalities necessary to provide the SocialFi service. The Company`s legitimate interest in improving and adapting the user experience. Consent, where required by law, particularly for tracking technologies or cookies that are not strictly necessary. | For the duration of Platform use and in accordance with the user`s settings/expressed preferences, or until withdrawal of consent where processing is based on consent. |
| Purpose: Organizing events or webinars that users may join; photography and other recordings of such events. | The Company`s legitimate interest in organizing events or webinars for a public/private audience, potentially including platform users. | For the entire period of active account holding or until withdrawal of consent. |
| Purpose: Notifications (commercial communications) to users regarding information and updates related to the company`s services, company news, promotions, offers, campaigns. | Consent for commercial communications sent by the Company, or legitimate interest for sending communications to users who have previously purchased similar services from the Company, in accordance with applicable legal provisions. | Throughout the relationship with the user or until withdrawal of consent. The Company will retain evidence of individuals who subscribed/unsubscribed during the statute of limitations period (generally 3 years), but once the relationship with the user ends or the user has withdrawn consent, that user will no longer receive commercial communications. |
| Purpose: Organizing and conducting a contest or promotion. | Performance of an agreement to which the user is a party, namely the terms and conditions of the contest or promotion. | Throughout the organization and conduct of the contest/campaign, as well as for the period necessary to protect the Company`s rights and as required by applicable laws, taking into account the statute of limitations (generally 3 years). |
| Purpose: Organizing and conducting a survey among platform users. | User consent. | For the period necessary to conduct the survey and analyze the results, after which personal data will be anonymized or destroyed. |
| Purpose: Responding to questions or requests via electronic correspondence (email, contact form) or by phone. | Processing is based on the Company`s legitimate interest in responding to your questions or requests as a visitor/user and maintaining contact with visitors/users. | For the period necessary to resolve or respond to your question/request, taking into account applicable laws and the statute of limitations (generally 3 years). |
III. Browsing the platform. Use of cookies
When you visit our platform, we use cookies to automatically collect technical information that may identify the visitor/user, such as the IP address, the type of internet browser used to browse our platform, your operating system, data about visits to the platform (including the number of visits, time spent on the platform, how the website is accessed, and behavior on the platform).
The main purpose of using cookies is, on one hand, to ensure the proper functioning of the platform or, on the other hand, to help you have a better browsing experience, perform certain functions, and allow the platform to "remember" the user`s actions or preferences over a period of time. Regarding cookies used other than strictly necessary cookies, we will only use cookies to the extent that you have agreed to their use.
For more information about the use of cookies on this website and the purposes for which they are used, as well as your options to control and/or disable cookies, please consult our Cookie Policy available on the platform.
IV. Moderation and reports
TOKERO applies content moderation policies designed to ensure a safe, fair, and functional environment for TOKERO SocialFI users, in accordance with community rules, the Platform`s Terms and Conditions, and applicable legislation.
To identify and manage illegal content or content that violates the Platform`s rules, TOKERO uses a combination of automated mechanisms and human review. Automated mechanisms may be used, for example, to flag certain types of content, detect abusive behavior, or prevent fraudulent use of the Platform. These mechanisms are subject to review and, where necessary, validation by authorized personnel.
Users have the ability to report content they consider illegal or contrary to the Platform`s rules through the reporting functionalities provided. Reports are analyzed within a reasonable time, and following evaluation, measures may be taken such as content removal, limiting its visibility, or applying measures to the account of the user who published the content, in accordance with the SocialFI Terms and Conditions.
Moderation decisions do not produce significant legal effects on users within the meaning of Article 22 of the GDPR. To the extent provided by the Platform`s rules, users may contest certain moderation decisions through the dedicated communication channels for re-evaluation.
TOKERO aims to apply moderation measures in a proportionate, transparent, and non-discriminatory manner, with the objective of protecting the community, the integrity of the Platform, and the rights of users.
V. Recipients of data
In order to provide and protect the TOKERO SocialFI services, TOKERO collaborates with certain third-party entities. These may act, depending on their role, as data processors, joint controllers, independent controllers, or third parties, in accordance with applicable data protection legislation.
Specifically, for the operation of the SocialFI Platform, certain data may be accessed, strictly to the extent necessary, by providers offering services such as hosting and IT infrastructure, cybersecurity, technical analysis, content moderation, report management, electronic communication services, and technical support.
In this context, TOKERO may use email service providers (such as SendGrid - Twilio Inc.) for sending electronic communications, as well as video communication platforms (such as Zoom Video Communications) for organizing online events or webinars.
These accesses are made exclusively to ensure the proper functioning, security, and protection of the Platform and its community.
Among the categories of recipients of personal data may be:
- technical and communication service providers (e.g., email or IT infrastructure providers), including email service providers and video communication platforms, which may be based in Romania, in the European Union, or outside it;
- public authorities, supervisory bodies, auditors, or courts, when data disclosure is required by law;
- third parties involved in operations such as reorganizations, mergers, or business transfers, where the data forms part of the assets involved;
- affiliated companies within the same group as TOKERO.
These recipients` access to personal data is limited to the information strictly necessary for the purposes for which the data is processed. TOKERO ensures that its partners are contractually bound to maintain confidentiality and apply adequate security measures, at least at the same level as those provided in this Policy and by applicable legislation.
VI. Public content on TOKERO SocialFI
TOKERO SocialFI is a social platform that includes functionalities of a public nature. Depending on the nature of the functionalities used and the available settings, certain information may be visible to other users of the Platform or to the general public.
This information may include, for example, the user`s handle, profile picture, posts, comments, reactions, and other interactions made in the public spaces of the Platform. The visibility of this content is part of the normal operation of the SocialFI service.
Users are encouraged to consider the public nature of these functionalities before publishing information and to avoid disclosing sensitive data or personal data belonging to other individuals without a legal basis.
VII. International transfers
In carrying out the activities described above, certain personal data may be transferred to or accessed from outside Romania, including from other Member States of the European Union ("EU") or the European Economic Area ("EEA"), for example in the context of using IT infrastructure providers or data centers operated by service providers.
In all situations where data is transferred or processed within the EU or EEA, TOKERO ensures that these transfers comply with the applicable legal requirements established by Regulation (EU) 2016/679 (GDPR).
In certain cases, for the provision of specific services, personal data may be transferred to providers located outside the EU/EEA. Such situations may include the use of Zoom Video Communications video platforms for organizing online events or webinars, email services provided by SendGrid (Twilio Inc.), as well as collaboration with external platforms offering exchange services or services related to the crypto ecosystem (such as Payward Ltd, Binance, or Ascendex), entities which may be based in the United States of America or in other jurisdictions outside the EU/EEA.
In these cases, TOKERO applies appropriate legal mechanisms to ensure an adequate level of protection of personal data, including standard contractual clauses adopted by the European Commission or, where applicable, binding corporate rules, in accordance with the provisions of the GDPR. TOKERO periodically reviews the framework applicable to these transfers and adopts additional measures, where necessary, to protect the rights and interests of data subjects.
VIII. User rights under the GDPR
In accordance with Regulation (EU) 2016/679 (GDPR), in the context of the processing of your personal data, you have the following rights:
Right of access - You have the right to obtain confirmation as to whether or not your personal data is being processed and, if so, to access such data, as well as information regarding the purposes of processing, categories of data, recipients, and the conditions under which processing takes place.
Right to rectification and erasure - You have the right to request the rectification of inaccurate personal data or the completion of incomplete data. You also have the right to request the erasure of personal data ("right to be forgotten") in the situations provided for by the GDPR, including when the data is no longer necessary for the purposes for which it was collected, when you have withdrawn consent and there is no other legal basis for processing, or when the data has been unlawfully processed.
Right to restriction of processing - You have the right to request the restriction of processing of personal data in the cases provided for by law, including when you contest the accuracy of the data, when processing is unlawful but you do not wish to have the data erased, or when the data is no longer necessary for processing purposes but is required for the establishment, exercise, or defense of legal claims.
Right to withdraw consent - In situations where data processing is based on your consent, you have the right to withdraw your consent at any time. Withdrawal of consent does not affect the lawfulness of processing carried out prior to withdrawal.
Right to object - You have the right to object, on grounds relating to your particular situation, to the processing of personal data based on TOKERO`s legitimate interest. You also have the right to object at any time to the processing of data for direct marketing purposes, including profiling carried out for such purposes.
Right not to be subject to automated individual decision-making - You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you or similarly significantly affects you, except in situations expressly provided for by law.
Right to data portability - You have the right to receive personal data provided to TOKERO in a structured, commonly used, and machine-readable format, as well as the right to request the transmission of such data to another controller, where processing is based on consent or on the performance of a contract and is carried out by automated means.
Right to lodge a complaint - You have the right to lodge a complaint with the National Supervisory Authority for Personal Data Processing and to address the competent courts, if you consider that your rights have been violated.
Exercising your rights - The above rights may be exercised at any time by submitting a written request to [email protected]. TOKERO will respond to your requests within the time limit provided by applicable legislation.
IX. Minors
The TOKERO SocialFI Platform is intended exclusively for individuals who are at least 16 years of age, in accordance with the TOKERO SocialFI Terms and Conditions applicable to the creation and use of the SocialFI Account.
TOKERO does not intend and does not propose to deliberately collect or process personal data belonging to individuals who have not reached the age of 16. The creation of a SocialFI Account and the use of the Platform`s functionalities are conditional upon meeting this age requirement.
In the event that TOKERO determines that personal data of an individual who does not meet the minimum age requirement has been processed, the Company will take the necessary measures to cease such processing without delay and to delete the relevant data, in accordance with applicable legislation. Accounts created in violation of age requirements may be suspended or closed, in accordance with the SocialFI Terms and Conditions.
X. Security of data processing
TOKERO implements and periodically updates appropriate technical and organizational measures to ensure an adequate level of security for personal data and to prevent unauthorized access, misuse, disclosure, loss, or destruction thereof.
In the context of TOKERO SocialFI functionalities, security measures include, among others, protecting user accounts, preventing unauthorized access, monitoring abusive use of the Platform, protecting the integrity of published content, and limiting data exposure based on available settings and functionalities.
These measures include, but are not limited to:
- use of systems and databases protected by authentication and access control mechanisms;
- encryption of transmitted data using SSL/TLS security protocols;
- implementation of monitoring, scanning, and security testing solutions for systems, including for identifying technical vulnerabilities;
- internal procedures regarding limited access by authorized personnel to personal data, based on the "need-to-know" principle;
- confidentiality obligations applicable to personnel and collaborators who have access to data.
Access to personal data is permitted exclusively to authorized individuals, who are obligated to maintain strict confidentiality thereof and to use it only for the intended purposes.
XI. Changes to this privacy policy
This Privacy Policy may be periodically updated by TOKERO, depending on the evolution of the services provided, applicable legislative changes, or changes in the way the TOKERO SocialFI Platform operates.
In the event that significant changes are made that substantially affect the rights or manner of processing personal data, TOKERO will inform users through appropriate means, such as displaying a notification on the Platform or through other communication channels that ensure effective user notification.
Updates may occur, without limitation, in situations determined by the introduction, modification, or expansion of TOKERO SocialFI functionalities, changes in the way content is displayed or moderated, introduction of community, analysis, or personalization functionalities, as well as as a result of legislative or regulatory changes applicable to online platforms.
The applicable version of the Privacy Policy is the one published on the Platform at the time of using TOKERO SocialFI services.
XII. Contact
The data controller is Globe Monnaie S.R.L., with registered office at Str. Deceneu nr. 22, bl. 22A, ap. 2, Craiova, jud. Dolj, registered at the Trade Registry under no. J2017001839162, having CUI 37865699.