Contact
LEGAL DOCUMENTS

Last revised: 5 October, 2022

ECNG Digital UAB, acting under brand name Tunell and ECNG Digital, and/or parent company ECNG Int OU (both companies, jointly and severally, shall be referred to as “us”, “we”, “our/s”) respect the privacy of our customers (each, “you” or “Customer”) and are committed to protecting the privacy of Customers who access, visit, use or engage with our website or any other online services we provide (collectively the “Services”).

We have prepared this Privacy Policy to outline our practices with respect to collecting, using and disclosing your information when you use the Services.

We encourage you to read the Privacy Policy carefully and use it to make informed decisions. By using the Services, you agree to the terms of this Privacy Policy and your continued use of the Services constitutes your ongoing agreement to the Privacy Policy.

The Privacy Policy is a part of the Terms of Service available at https://tunell.finance/tos and is incorporated herein by reference.

In this Privacy Policy you will read about, among other things:

  • Why and what type of information we collect and our legal basis for its collection;
  • How we use the information;
  • With whom we share the information and for what purpose;
  • International transfer;
  • Your privacy rights;
  • For how long we retain the information;
  • How we protect your information;
  • Marketing;
  • Minors;
  • How to contact us.
 

1. Why and what type of information we collect and our legal basis for its collection

Why do you collect information about me?Which information do you collect about me?Why are you legally allowed to collect my information?How long do you keep information about me?
1.1 To provide you with virtual currency exchange services, payment processing in virtual currencies services, when you are our customerE-mail address, password, country, IP address, name and surname, sex, place of birth, address, telephone number, cryptocurrency address, bank account number, transaction amount, transaction currency, transaction time, address of the sender of the transaction, address of the payee of the transaction, ID number, ID copy, photo of you, power of attorney, data provided in business registration certificate, data provided in the document of business address proof, other information provided by youWe conclude and execute service agreement with you (Art. 6 (1) (b) of the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation), hereinafter referred to as “GDPR”)10 years after termination of your account
1.2 To implement measures of anti-money laundering (AML) and combating the financing of terrorism, including, but not limited to the proper identification of sources of funds

Name and surname, personal (identity) code, date of birth, nationality, country of residence for tax purposes, country, postal code, address, telephone number, e-mail address, position, workplace city and state, sources of funds, jurisdictions from which funds are received and transferred, planned turnover of services, services you use or plan to use, signature, risk level, the basis of representation

Participation in political activities, application of international financial sanctions and other restrictive measures

We have legitimate interest (to prevent money laundering and terrorist financing) (Art. 6 (1) (f) of the GDPR)

We must collect information according to the law for reasons of substantial public interest (Art. 9 (2) (g) of GDPR)

10 years after the termination of business relations
1.3 To inform you about our products and services that may be relevant to youName and surname, e-mail addressYou agree that we will use information about you (Art. 6 (1) (a), Art. 69 (1) of Lithuanian Law on Electronic Communications) or you purchased items or services from us (Art. 69 (2) of Lithuanian Law on Electronic Communications) We have a legitimate interest (to send direct marketing communications) (Art. 6 (1) (f) of GDPR)10 years after the end of the customer relationship, unless you withdraw your consent
1.4 To handle queries, requests and complaints submitted by youE-mail address, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, your name and (or) surname provided in your inquiry, reply to your inquiry, information provided by youWe have a legitimate interest to do that (to handle your queries) (Art. 6 (1) (f) of the GDPR)10 years after the receipt of the last inquiry
1.5 To comply with legal requirements in the field of accounting when you are our client, partner or providerName, surname, e-mail address, telephone number, bank account number, address, signature, invoices, reports, accounting documents, payments, paid amounts, company you representWe have a legal obligation (we must collect information in accordance with the law) (Art. 6 (1) (c) of the GDPR)Within the time limits laid down by law
1.6 To ensure security of our website and continuously improve it for youInternet protocol address (IP), referrer URL, date and time of website visitingWe have a legitimate interest (to ensure security of our website) (Art. 6 (1) (f) of the GDPR)10 years after your last visit of our website
1.7 To engage in legal proceedings related to youAll information mentioned above, documents and attachments sent to you, documents and attachments submitted by you, procedural documents, court rulings, resolutions, decisions Information about criminal offenses and convictionsWe have a legitimate interest (to defend our rights in legal proceedings) (Art. 6 (1) (f) of the GDPR) The data processing is necessary for the establishment, exercise or defence of legal claims (Art. 9 (2) (f) of the GDPR)10 years

2. How we use the information

We use and share your personal information in the manners described in this Privacy Policy. In addition to the purposes listed above, the information we collect, which may include your personal information, is used for the following purposes:

  • To set up your account and to provide the Services;
  • To identify and authenticate your access to certain features of the Services;
  • To authenticate your identity for the purpose of compliance with regulatory (including AML) requirements;
  • To communicate with you and to keep you informed of our latest updates;
  • To market our website and the Services;
  • To perform research or to conduct analytics in order to improve and customize the Services to your needs and interests;
  • To support and troubleshoot the Services and to respond to your queries;
  • To investigate and resolve disputes in connection with your use of the Services;
  • To detect and prevent fraudulent and illegal activity or any other type of activity that may jeopardize or negatively affect the integrity of the Services; and
  • To investigate violations and enforce our policies, and as required by law, regulation or other governmental authority, or to comply with a subpoena or similar legal process or respond to a government request.

3. With whom we share the information and for what purpose

We do not rent, sell, or share your personal information with third parties except as described in this Privacy Policy.

We may share your personal information with the following recipients: (i) our subsidiaries; (ii) affiliated companies; (iii) subcontractors and other third party service providers; (iv) auditors or advisers of our business processes; and (v) any potential purchasers or investors in the Company.

In addition to the purposes listed in this Privacy Policy, we may share your personal information with our recipients for any of the following purposes: (i) storing or processing your personal information on our behalf (e.g., cloud computing service providers); (ii) processing such information to assist us with our business operations; (iii) performing research, technical diagnostics, personalization and analytics; and (iv) identity verification and fraud prevention services (AML service providers); and (v) communicating promotional and informational materials, in accordance with our marketing policy (see below under “Marketing”). These third party service providers only have access to personal information needed to perform their functions, but may not use it for other purposes. Further, they must process the personal information in accordance with our contractual agreements and only as permitted by applicable data protection laws.

We may also disclose your personal information or any information you submitted via the Services if we have a good faith belief that disclosure of such information is helpful or reasonably necessary to: (i) comply with any applicable law, regulation, legal process or governmental request; (ii) enforce our policies, including investigations of potential violations thereof; (iii) investigate, detect, prevent, or take action regarding illegal activities or other wrongdoing, suspected fraud or security issues; (iv) to establish or exercise our rights to defend against legal claims; (v) prevent harm to the rights, property or safety of us, our affiliates, our Customers, yourself or any third party; (vi) for the purpose of collaborating with law enforcement agencies; and (vii) in case we find it necessary in order to enforce intellectual property or other legal rights.

You acknowledge that third party service providers may use your Personal Information or any information you submitted via the Services for analytics purposes, while ensuring that their processing of such information only results in anonymized and aggregated data.

As we continue to develop our business, we may share information, including your personal information, in the event of a corporate transaction (e.g., the sale of a substantial part of our business, a merger, de-merger, reorganization, consolidation of assets, the sale assets, or transfer of Services of part of Services thereof). In the event of the above, the acquiring company or transferee will assume the rights and obligations as described in this Privacy Policy.

4. Third party collection of information

Our policy only addresses the use and disclosure of information we collect from you. To the extent that you disclose your information to other parties via the Services (e.g., by clicking on a link to any other website or location) or via other sites throughout the Internet, different rules may apply to their use or disclosure of the information you disclose to them.

You acknowledge that we are not responsible for the products, services, or descriptions of products or services that you receive from third party sites or to the content or privacy practices of those sites and that this Privacy Policy does not apply to any such third party products and services. You are knowingly and voluntarily assuming all risks of using third party sites to purchase products and services. You agree that we shall have no liability whatsoever with respect to such third party sites and your usage of them.

5. International transfer

In most cases, personal data are processed and transferred in the territory of the European Union and the European Economic Area, but when necessary for the provision of certain services, the data may be transferred and processed beyond those territories and countries which are considered by European Commission as safe in terms of data protection or where data are protected in accordance with Privacy shield program (USA).

You may download a copy of the EU-U.S. Privacy Shield Framework at: https://www.privacyshield.gov/EU-US-Framework.

6. Your privacy rights

GDPR and other laws provide you with certain rights, procedures for implementation of and exceptions to these rights. When allowed by law, you can:

  • Submit a request for confirmation that we are processing the data related to you. If we process the data related to you, request access to the data processed and related information;
  • Submit a request to correct inaccurate or incorrect information used or to supplement it when it is not complete;
  • Submit a request to delete the information we have about you if we use it illegally;
  • Submit a request to restrict the processing of your personal information – if you dispute the accuracy of the data or object to the processing of the data, if you do not accept that your data would be deleted which was illegally processed, or if you need the data to claim, execute or defend legal claims;
  • Object to collection, use and storage of your information by us – when we process data based on our legal and / or third party interests;
  • Submit a request to transfer (receive) the data that you provided to us under the contract or giving the consent and which we process;
  • To withdraw any consents given to us regarding information used about you – when we use the data based on your consent;
  • To lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence or place of an alleged infringement of the GDPR and seek a judicial remedy.

If you have any questions or objections as to how we collect and process your personal information, please contact dpo@ecng.digital. All of the requests will be fulfilled regarding GDPR 2016/679 clauses and will be answered within 30 days.

You may exercise your right to access your information, including account creation date, client ID, your name, e-mail, phone, other profile information and transaction history in the ” Profile” section of the platform. Using the “Profile” section you can also exercise your right to revoke personal data or request personal data by clicking corresponding buttons.

7. For how long we retain the information

We retain the information we collect for as long as needed to provide the Services (including aspects of risk management) and to comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements (unless we are instructed otherwise). Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time. Under applicable regulations, we will keep records containing account opening documents, communications, and anything else as required by applicable laws and regulations.

We may rectify, replenish, or remove incomplete or inaccurate information at any time and at our own discretion.

8. How we protect your information

We take great care of implementing and maintaining the security of the Services and your information. We aspire to continuously employ industry standard procedures and policies to ensure the safety of your information and prevent unauthorized use of any such information. Although we take reasonable steps to safeguard information, we cannot be responsible for the acts of those who gain unauthorized access or abuse the Services, and we make no warranty, express, implied, or otherwise, that we will manage to prevent such access.

If you feel that your privacy was treated in discordance with our policy, or if any person attempted to abuse the Services or acted in an inappropriate manner, please contact us directly at dpo@ecng.digital.

9. Marketing

Your personal information, such as your full name, email address, etc., may be used by us, or by our third party subcontractors to provide you with promotional materials, concerning our Services.

Out of respect to your right to privacy, within such marketing materials, we provide you with means to decline receiving further marketing offers from us. In addition, at any time, you may request to unsubscribe and discontinue receiving marketing offers by sending us a blank message with the word “remove” to dpo@ecng.digital.

Please note that even if you unsubscribe from our marketing mailing list, we may continue to send you service-related updates and notifications.

10. Minors

The Services are not designated to individuals under the age of 18 or under legal age to form a binding contract under applicable laws. If you are under 18 years old or under legal age to form a binding contract under applicable laws, you should not use the Services or provide any personal information to us.

We reserve the right to access and verify any information collected from you. In the event that we become aware that an individual under the age of 18 or under legal age to form a binding contract under applicable laws has shared any of their information, we will discard such information. If you have any reason to believe that a minor has shared any information with us, please contact us at dpo@ecng.digital.

11. Cookies

We use cookies when you visit our website located at https://ecng.digital, or any other websites, pages, features, or content we own or operate to operate and administer the website, conduct analytics and improve the website and your experience on it. For more information on our use of cookies, please see the Cookie Policy at https://ecng.digital/documents/cookie-policy.

12. Updates or amendments to the Privacy Policy

We may revise this Privacy Policy from time to time, at our sole discretion, and the most current version will always be posted on our website at https://ecng.digital. In the event of a material change to the Privacy Policy, we may notify you through the Services or via email. We encourage you to review this Privacy Policy regularly for any changes.

Your continued use of the Services, following the notification of such amendments, constitutes your acknowledgment and consent of such amendments to the Privacy Policy and your agreement to be bound by the terms of such amendments.

13. How to contact us

If you have any general questions regarding the Services or the information that we collect about you and how we use it, please contact us at dpo@ecng.digital.

14. Information about us

Our details are as follows:

ECNG Int OU, registry code 14438674 – Vaksali tn 6-1, Tartu 50409, Estonia;

ECNG Digital UAB, registry code 305940403 – A. Goštauto g. 8-143, LT-01108 Vilnius, Lithuania.

Tunell is operating under ECNG Digital UAB registered and licensed in Lithuania

Legal address: A. Goštauto g. 8-143, LT-01108 Vilnius, Lithuania

Office Address: A. Goštauto g. 8-143, LT-01108 Vilnius, Lithuania
Reg. Number: 305940403
Tunell 2022