Utila

Privacy Policy

Last Updated: August 3, 2023

Introduction

Utila Inc (“Utila”, “we”, “our” or “us”) develops and operates a digital assets management platform software solution, which includes the Utila mobile apps, including Utila Mobile App, Utila Offline App and Utila SDK (“App“). We also operate the websites https://www.utila.io/ https://console.utila.io their subdomains and their related features (“Website”, and collectively with the App – the “Services”).

Utila is dedicated to protecting your privacy rights and making our practices regarding your personal data more transparent and fair. This Privacy Policy (“Policy”) was designed to help you understand the information we collect, store, use and share, and it applies whenever you visit our Website, install or interact with our App, or otherwise access or use any of our Services.

Specifically, our Policy addresses the following –

  1. What types of data we collect?
  2. Tracking Technologies
  3. Why we process your Personal Data, and under what legal bases?
  4. With whom we share your data?
  5. Your rights
  6. International data transfers
  7. How we protect your data?
  8. Minors
  9. Retention
  10. Updates to this Policy
  11. Contact Us

We strongly urge you to read this Policy and make sure that you fully understand and agree to it. If you do not agree to this Policy, please discontinue and avoid using our Services. You have the right to cease using our Services, pursuant to this Policy at any time.

You are not legally required to provide us with any Personal Data (as defined below), but without it we will not be able to provide you with the full range or with the best experience of using our Services.

1. What types of data we collect?

We collect two types of data from you: Personal Data (“Personal Data”) and non-Personal Data. Personal Data means any information which may potentially allow your identification with reasonable means (for example, email address or name). Non-Personal Data, by contrast, can be defined as any information that does not relate to an identified or identifiable natural person. This may include, for example, your aggregated usage information and technical information transmitted by your device (e.g. the device you use, the type of browser and operating system your device uses, language preference, access time, etc.). This section sets out how and when we collect those types of data from you. If we associate Non-Personal Data with Personal Data, we will treat such information as Personal Data.

  1. Account Information. When you register to our Services, we collect your full name, nickname, password, email address, phone number and your company’s name.
  2. Communication Information. When you send us an email or contact us via the support in our App or Website, we collect the Personal Data you provide us. This may include your name, email address, phone number, your company name and any other information you choose to provide.
  3. Device Information. We may collect Personal Data from your device, such as geolocation data, IP address and other online identifiers (i.e. online data collected from individual’s devices, applications and protocols which leave traces which may be used to identify individuals).
  4. Know Your Customer and Customer Due Diligence Information. Where applicable, you may also be asked to provide us or our trusted third party service providers with your full home address (country, state/province, zip code, city, street, house number), gender, date of birth, formal identification information (such as government issued identity documents, e.g. among others national identity card, passport or passport number, driver’s license, visa, or details of any of the aforementioned documents, or any other information we, in our sole discretion, may find required), images of identification documents, images of proof-of-residence (utility bills, bank/credit card statements, government-issued letters), images of yourself (selfie photos), as well as any other information we, in our sole discretion, deem necessary for our compliance with any legal or regulatory obligations, including, among others, any anti-money laundering (AML) or combating the financing of terrorism (CTF) laws or regulations, know your customer (KYC) or customer due diligence (CDD) or any reporting or record keeping requirements (e.g., among others, contents of KYC questionnaire and responses thereto, profession and job title or position, signature sample, etc.), or any documents related to verification of any status (including, among others, proving that you do not come from a specific country which may currently, or in the future, be restricted by the Company at Company’s sole discretion) under any applicable laws or regulations in any jurisdiction, as well as any other information you agreed to share with us or with our third party service providers.
  5. Payment Information. We do not collect or process your full payment information. To pay for our Services, we will direct you to a third party payment processor. The third party payment processor will only provide us with information on the date which you made the payment, a generic number which is linked to your email address or account (order number), and information about the instrument used (e.g., credit card, debit card, or bank account).
  6. Voluntary Information. Voluntary information which is collected from time to time (for example, through surveys) to enable us to improve our Services or consider the wider needs of our users or potential users, or voluntary information that might be collected from you upon request and subject to your specific consent, for the purpose of provision of any of the Services to you.
  7. Information Obtained Through Tracking Technologies. When you visit or access our Website, we use cookies, web beacons, pixels and similar technologies (“Tracking Technologies“). These allow us to automatically collect information about you, your device, and your online behavior, in order to enhance authentication and your navigation on our Website, improve our Website’s performance, perform analytics, and customize your experience.
    There are various ways in which you can manage and control your Tracking Technologies settings. You can change your preferences using our cookie settings tool (however, please note that this tool may only be available in certain jurisdictions). Another method of managing your Tracking Technology preferences is changing your browser settings to send a “Do-Not-Track” signal. In such case, your browser will send us a special signal to stop tracking your activity. However, please note that certain features of the Website may not work properly or effectively if you delete or disable cookies.

Information from Other Sources

We are working closely with third parties (including, for example, our business partners, sub-contractors, etc.) and may receive information about you from them to the extent permitted by applicable laws. For example, we may receive your data from third party providers who help us with the provision and maintenance of our Services, such as social networks (for example your name and user name, when you register or log-in to our Services), traffic analytics vendors, fraud prevention agencies and others. We may also receive your data from third party providers which may conduct KYC, or CDD, or any other screening or AML or CTF-related procedures on our behalf, where applicable; or from third parties, including node providers, which may provide us with blockchain activity information. We may combine this information with the information we have already collected from you via the Service in order to provide you with, and to and improve, our Services.

2. Why we process your Personal Data, and under what legal bases?

This section explains for what purposes we use your Personal Data and outlines the legal bases that underlies our usage.

Purpose Legal Basis
Provision of our Services; support. We use your Personal Data, such as your name, nickname, password, and email address, for consumer services purposes. This includes, for example, responding to your inquiries and authenticating your access to the Services. The legal bases for processing this data are the performance of our contractual commitments towards you; your consent (for example, when you provide Personal Data); compliance with our legal obligations; and our legitimate interests. Our legitimate interests in this case are enforcing our policies, protection against fraud and misuse of our Services.
Improvement of our Services. We collect and analyse information about you and your usage of our Website to improve the usability and effectiveness of our Website. The legal bases for processing this data are our legitimate interests, in this case – providing and improving our Services.
Compliance with applicable laws. We may be required to collect, retain, or share your Personal Data, under applicable laws.

3. With whom we share your data?

We may share your Personal Data as described below:

  1. Affiliated companies: we may share Personal Data internally within our family of companies, for the purposes described in this Policy.
  2. Service providers: we work with service providers and other entities that work on our behalf that may need access to certain personal data in order to provide their services to us. These entities include those we have hired to provide various services, such as cloud storage vendors, and may include blockchain nodes operators and other providers.
  3. Compliance with laws and law enforcement entities: we may disclose any data about you to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate to respond to claims and legal procedures (including but not limited to subpoenas), to protect our or a third party’s property and rights, to protect the safety of the public or any person, or to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable. We also may be required to disclose an individual’s Personal Data in response to a lawful request by public authorities, including meeting national security or law enforcement requirements. We will only disclose the minimum amount of Personal Data that is required for compliance with such legal requirements.
  4. Auditors and advisers: we may share your data with our external auditors, advisors and professional service providers (e.g. lawyers, accountants, insurers etc.) for the purpose of ensuring our compliance with regulatory requirements and industry standards.
  5. Mergers and acquisitions: we may share your data if we enter into a business transaction such as a merger, acquisition, reorganization, bankruptcy, or sale of some or all of our assets. Any party that acquires our assets as part of such a transaction may continue to use your data in accordance with the terms of this Policy. If we believe that such change in control might materially affect your Personal Data then stored with us, we will notify you of this event and the choices you may have via e-mail and/or prominent notice on our Services.

4. Your rights

Certain jurisdictions provide individuals with certain statutory rights to their Personal Data. For example, as an EU resident subject to the GDPR, you may request to:

  1. Receive confirmation as to whether or not Personal Data concerning you is being processed, and access your stored Personal Data, together with supplementary information.
  2. Receive a copy of Personal Data you directly volunteer to us in a structured, commonly used and machine-readable format.
  3. Request rectification of your Personal Data that is in our control.
  4. Request erasure of your Personal Data.
  5. Object to the processing of Personal Data by us.
  6. Request to restrict processing of your Personal Data by us.

Please note that these rights are not absolute, and may be subject to our own legitimate interests and regulatory requirements.
We will make an effort to reply within a reasonable timeframe, and as required under applicable data protection laws. Please feel free to reach out to us at any time via the following email address: privacy@utila.io.

If you are unsatisfied with our response, you can lodge a complaint with the applicable data protection supervisory authority.

5. International data transfers

Since we operate globally, and accordingly Personal Data may be stored and processed in various countries worldwide. We may transfer your Personal Data to countries other than your own jurisdiction, including to the United States. These countries’ data protection rules may differ from those in your country. We will take appropriate measures to ensure our transfers of Personal Data comply with applicable data protection laws.

6. How we protect your data?

We have implemented administrative, technical, and physical safeguards to help prevent unauthorized access, use, or disclosure of your Personal Data. While we seek to protect your information to ensure that it is kept confidential, we cannot guarantee the security of any information. You should be aware that there is always some risk involved in transmitting information over the internet and that there is also some risk that others could find a way to thwart our security systems. Such breaches can lead to things such as reputational harm, fraud or identity theft. Therefore, we encourage you to exercise discretion regarding the Personal Data you choose to disclose. If you feel that your privacy was treated not in accordance with our Policy, or if any person attempted to abuse the Services or acted in an inappropriate manner, please contact us directly via our contact details available below.

7. How we protect your data?

Our Services are only eligible to individuals who are the greater of eighteen (18) years of age or the age of legal majority in the applicable jurisdiction (“Applicable Age“). We do not knowingly collect or solicit Personal Data from anyone under the Applicable Age. By accessing, using or interacting with our Services, you certify to us that you are not under the Applicable Age. In the event that we learn that we have collected Personal Data from an individual under the Applicable Age without verification of parental consent, we will delete that information upon discovery. If you believe that we might have any information from or about an individual under the Applicable Age, then please contact us through the contact details available below.

8. Retention

We will retain your Personal Data for as long as necessary to provide our Services, and as necessary to comply with our legal obligations, resolve disputes, and enforce our policies. Retention periods will be determined to take into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.

9. Updates to this Policy

We reserve the right to change this Policy at any time. The most current version will always be posted on our Website (as reflected in the “Last Updated” heading). You are advised to check for updates regularly. By continuing to access or use our Services after any revisions become effective, you agree to be bound by the updated Policy.

10. Contact Us

If you have any further questions, please contact us by email at privacy@utila.io
Utila Inc
Physical address: Hamasger 35 Tel-Aviv, Israel