As per the General Data Protection Regulation (GDPR) the regulation in EU law on data protection and privacy in the European Union and the European Economic Area. The GDPR is an important component of privacy law and of human rights law in the European Union. According to Protection of Personal Data Laws which apply in the Turkish Republic of Northern Cyprus (TRNC), the personal information we hold about you must be:
We are providing this notice under separate headings and sections for ease of use. If you have any questions about this notice or how we collect and use personal information about you please contact us at ([email protected]).
Personal data, or personal information, means any information about an individual who can be identified. It does not include data where an individual cannot be identified (anonymous data). We collect personal information from you in the following ways.
1.1. Form information. This is information about you (such as your name, address, email address, GIFA Token and other cryptocurrency wallet addresses, mobile phone number, the route by which you were referred to us, and your alias) and the transactions that you give us when filling in forms or using our services and digital content, whether on our website or elsewhere. This could include, for example, forms that you complete to register for our services, place an order, or sign-up for the trading account.
1.2. Content. This is information about you which you provide when you post content on our website. This may include support desk comments, photographs, videos, blog posts, and other content which you post on our website.
1.3. Emails and records of other contact. This is information you provide when you contact us (for example by email, post or SMS) or when you respond to correspondence from us. This may include enquiries about our services, follow-up comments or complaints.
1.4. Technical information. This is information about you which is collected via technical means such as your IP address, cookies, webpage counters and activity while on our website or elsewhere and other analytics and reporting tools.
1.5. Visitor information. We collect information about visitors to our premises. We may record information on your visit, including the date and time, who you are visiting, your name, employer, contact details and vehicle registration number. If you have an accident at our premises, this may include an account of your accident.
1.6. Caller information. We may collect details of phone numbers used to call our organisation and the date, time and duration of any calls. Please note that if we record your calls to or from us, we will inform you of this.
1.7. CCTV. We operate CCTV at our premises which may record you and your activities. We display notices to make it clear that surveillance is in operation.
1.8. Employee information. If you work for one of our customers, suppliers or business partners, the information we collect about you may include your contact information, details of your employment and our relationship with you.
1.9. Information we receive from third parties. As well as the information listed above, we may also receive the following types of personal information about you from the following sources:
1.9.1. Our other channels. This is information we receive about you if you use any of the other websites we operate or the other services or products we provide. In this case we will have informed you when we collected that data if we intend to share those data internally and combine it with data collected on this website. We will also have told you for what purpose we will share and combine your data.
1.9.2. Our service providers. We work closely with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers and credit reference agencies) who may provide us with information about you.
1.9.3. Credit information. We may also collect credit information on you from third party reference agencies.
1.9.4. Businesses we have bought. If we have acquired another business, or substantially all of its assets, which originally held your information, we will hold and use the information you provided to them, or which they otherwise held about you, in accordance with this privacy notice.
2.1. The services we provide operate using distributed ledger technology, also known as ‘blockchain’.
2.2. Our cryptocurrency, “GIFX”, uses a blockchain which is a public ledger of transactions and when you transact with third parties (or donate to approved charities) using GIFX, each user of our network independently verifies the validity of your transactions. In doing so the data relating to your transactions, including your public keys, is shared with each user of our network.
2.3. As part of the services provided by GIFA Exchange, it makes online and offline wallets available to you (for more information on this, please see our Terms and Conditions for the Provision of Services and Digital Content and Best Practice guidance. Each wallet uses a public key, YOU cannot be directly identified from your public key or wallet address.
2.4. Your transactions are “hashed” in order to “pseudonymise” your personal information. This means that we process (by using the hashing function) your transactions so that the personal data contained within them cannot be attributed to any specific individual without using additional identifying information.
2.5. The act of pseudonymising your personal information makes it very difficult for any third party to identify you from your public key or your transaction history, however this data is still considered to be personal data under data protection laws.
2.6. Each user of the GIFX blockchain determines the purposes and means by which transaction information is processed and therefore acts as a data controller in their own right. Each user of GIFX’s blockchain is solely responsible for its own compliance with relevant data protection laws / protection of personal data laws.
2.7. To the extent that we do determine the purposes and means by which your personal information is processed, we will comply with all relevant Protection of Personal Data Laws which apply in Turkish Republic of Northern Cyprus (TRNC).
2.8. Our services facilitate the sending and receiving of GIFX between users and cannot function without the data sharing element of blockchain technology. We do not control the ongoing state of Ethereum ’s blockchain or the information stored on it as we are not a party to these transactions.
3.1. Common uses of your information We will only use your personal information when the law allows us to do so. Most commonly, we will use your personal information in the following circumstances:
3.1.1. Where we need to perform a contract we have entered into with you.
3.1.2. Where we need to comply with a legal obligation.
3.1.3. Where it is necessary for our legitimate interests (or those of a third party) and your interests and rights do not override those interests.
3.1.4. We may also use your personal information where we need to protect your interests (or someone else’s interests) or where it is needed in the public interest although these circumstances are likely to be rare.
3.2. Specific examples of ways in which we may use your personal information include:
3.2.1. Website administration. We may use technical information, information about your visit to our website, transactions, cookie data, content and other information gathered about your participation in discussion boards or other functions on our website. We use this as necessary for our legitimate interests in administering our website and to ensure it operates effectively and securely.
3.2.2. Website advertising. We, or third party advertisers, may serve adverts on you. Where those adverts are targeted, this may involve using technical information, information about your visit to our website, cookie data and information we (or our third party advertisers) have obtained from third parties. More information is available in our Cookie Notice below.
This won't include information such as your name or contact details. Where our adverts are displayed to you using your information, your information is used as necessary for our legitimate interests in marketing to you, this includes making you aware of opportunities/situations/platforms where you are able to utilise GIFA Tokens.If you are a vendor, including your details in the Vendor Directory and promoting that (at our discretion) to GIFX users and potential users under the “GIFX Everywhere” brand (or as we otherwise determine from time to time) to disseminate your willingness to be paid using GIFX (by using your Buyer, Seller or Task profiles if you are an AnyTask user) to a wider market which includes promotion on all social media accounts and websites, in each case for us and our commercial partners (in connection with their services) from time to time as we or they see fit.
3.2.3. Customer Administration. We may use information about you including form information, content and other information you provide to us or which we collect about you as necessary to carry out our contracts with you, or on your behalf for products and/or services with third party providers that you may access via us, or as a result of your use of GIFX, and for our legitimate interests, administering your account, any subscriptions or competitions we operate, as well as to review and improve our offerings, including troubleshooting, data analysis and reporting, testing, research, statistical and survey purposes.
3.2.4 Direct Marketing. We may send direct postal or electronic marketing (including but not limited to via any mobile application) to you using your contact details and information you have provided us. We use this as necessary for our legitimate interests in marketing to you and maintaining a list of potential customers and this includes making you aware of opportunities/situations/platforms where you are able to utilise GIFX tokens, and making sure the marketing we send you is relevant to you.If you are not acting as a business and have not provided your contact details directly to us in relation to our products or services, we will only send electronic marketing to you if you have consented to that marketing. We will always provide an “opt-out” option on any marketing messages we send you. If you “opt-out” of our marketing materials you will be added to our suppression list to ensure we do not accidentally send you further marketing.
3.2.5. Third Party Personnel Administration. If you work for one of our customers, suppliers or business partners, we may hold information on you. This includes information you provide when you correspond with us, as well as details of your employment, contact details, and our relationship with you. We use this as necessary for our legitimate interests in managing our relationship with your employer.
3.2.6. CCTV Information and Visitor Information. We use CCTV information and visitor information as necessary for our legitimate interests in administering your visit, ensuring site security and visitor safety, and administering parking.
3.2.7. Job Applications. If you apply for a position with us, we hold and use information on you. This will include information you provide to us in your application, as well as opinion information on you from any referees you provide. We may also obtain criminal record and identity verification information from reference agencies. We use this as necessary to enter into an employment contract with you, and for our legitimate interests in evaluating candidates and recording our recruitment activities, and as necessary to exercise and perform our employment law obligations and rights.
3.2.8. Former Employees. If you used to work for us, your information will be used in accordance with our employee privacy notice. If you are a former employee or contractor and require a copy of this, please contact us.
3.3. If you fail to provide personal information. If we have (or are entering into) a contract with you, and you fail to provide certain information when requested, we may not be able to perform (or enter into) that contract, or we may be prevented from complying with our legal obligations.
3.4. Change of purpose. We will only use your personal information for the purposes for which we collected it as set out in this notice, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If we need to use your personal information for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your personal information without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We automatically monitor use of our services for the purposes of fraud detection. We operate a KYC (Know Your Client) policy to obtain and verify the identity details of our clients and customers.
As well as any sharing listed in section 3 (How and why do we use your information?) we may also share your information with third parties, including third-party service providers, approved charities and other entities in our group. We require third parties to respect the security of your personal information and to treat it in accordance with the law. We do not share any images which you submit to us with any third parties (except as may be required by law).
5.1. Why might we share your personal information with third parties? We may share your personal information with third parties if we are under a duty to disclose or share your personal information in order to comply with any legal obligation, or in order to enforce or apply our agreements with you, or to protect the rights, property, or safety of us, our customers, or others or where we have another legitimate interest in doing so. This includes exchanging information with other companies, approved charities and organisations for the purposes of fraud protection and credit risk reduction, or as a result of your use of GIFX.
5.2. Which third-party service providers process your personal information? “Third parties” includes third-party providers of goods, services or digital content (including contractors and designated agents), approved charities and other organisations within our group. The following activities are carried out by third-party service providers: administration and IT services using DIGITALOCEAN.com and Twilio; and KYC fraud prevention by our own internal verifier team.
5.3. How secure is your information with third-party service providers and other entities in your group? All our third-party service providers and other entities within the GIFA Exchange are required to take appropriate security measures to protect your personal information in line with our policies. We do not allow our third-party service providers to use your personal information for their own purposes. We only permit them to process your personal information for specified purposes and in accordance with our instructions.
5.4. When might we share your personal information with other entities associate with GIFA Token or within GIFA Exchange? We will share your personal information with other entities in our group: (1) as part of our regular reporting activities on company performance, (2) in the context of a business reorganisation or group restructuring exercise, (3) for system maintenance support and hosting of data, (4) to make you aware of opportunities/situations/platforms where you are able to utilise GIFX Tokens, or (5) to make you aware of your use of GIFX with them.
5.5. What about other third parties? We may share your personal information with other third parties, for example in the context of the possible sale of or restructuring of the business. We may also need to share your personal information with: (1) a regulator, (2) third party providers of goods and/or services and/or platforms or approved charities where you have utilised or wish to utilise GIFX Tokens with them, or (3) to otherwise comply with the law.
5.6. Blockchain and data sharing Please see section 2 for further information on the sharing of data over the Ethereum blockchain.
6.1. Our main data centres are with Digital Ocean (Data Protection) located in the USA and India. However, where required to perform our contract with you or for our wider business purposes, the information that we hold about you may be transferred to, and stored at, a destination outside the TRNC. It may also be processed by staff operating outside the TRNC who work for us or for one of our service providers. We will take all steps reasonably necessary to ensure that your personal information is treated securely and in accordance with this privacy notice.
6.2. We may transfer data to countries outside of the TRNC which may not have an adequate data protection regime in place. Where we do this, we will ensure that appropriate safeguards are put in place.
6.3. Due to the nature of GIFX’s blockchain, any personal data may be stored anywhere around the world at any time. However, we are not in control of the information contained on the GIFX blockchain: please refer to section 2 for further details.
7.1. We have put in place measures to protect the security of your information. Details of these measures are available upon request.
7.2. Subject to section 3 above, third parties will only process your personal information on our instructions and where they have agreed to treat the information confidentially and to keep it secure.
7.3. We have put in place appropriate security measures to prevent your personal information from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. In addition, we limit access to your personal information to those employees, agents, contractors and other third parties who have a business need to know. They will only process your personal information on our instructions and they are subject to a duty of confidentiality.
7.4. We have put in place procedures to deal with any suspected data security breach and will notify you and any applicable regulator of a suspected breach where necessary.
8.1. If and to the extent that your public key and other wallet information represents personal data, any personal information stored on our blockchain as part of a transaction will remain there indefinitely due to the nature of blockchain technology. As set out in section 2, we do not control the ongoing state of GIFX’s blockchain or the information stored on it.
8.2. In all other instances, we will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. To determine the appropriate retention period for personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of your personal information, the purposes for which we process your personal information and whether we can achieve those purposes through other means, and the applicable legal requirements.
8.3. Details of our typical retention periods for different aspects of your personal information are set out below. If you would like details of our retention periods for a particular aspect of your personal information which is not detailed below, please contact us:
8.3.1. Contact Information such as your name, email address and telephone number, where this is kept for marketing purposes, we will keep it on an ongoing basis until such time as you un-subscribe. Thereafter we will add your details to our suppression list indefinitely.
8.3.2. Content which you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept indefinitely after you close your account for audit and crime prevention purposes.
8.3.3. Technical information which is collected via technical means such as cookies, webpage counters and other analytics tools is kept for a period of up to six months from expiry of the cookie.
8.3.4. Visitor information which is collected about visitors to our premises is kept for a period of up to six years. If you have an accident on our premises, our accident records are retained for a period of up to 12 (twelve) years.
8.3.5. Telephone recordings which we make of your telephone conversations with us may be kept for a period of up to six years.
8.3.6. CCTV recordings may be kept for a period of up to twelve months (unless there an incident occurs and it is necessary for us to keep recordings for longer to properly deal with it).
8.4. In some circumstances we may anonymise your personal information so that it can no longer be associated with you, in which case we may use such information without further notice to you.
9.1. Protection of Personal Data Law gives you a number of rights when it comes to personal information we hold about you. The key rights are set out below. More information about your rights can be obtained from the Information Commissioner’s Office (ICO). Under certain circumstances, by law you have the right to:
9.1.1. Be informed in a clear, transparent and easily understandable way about how we use your personal information and about your rights. This is why we are providing you with the information in this notice. If you require any further information about how we use your personal information, please let us know.
9.1.2. Request access to your personal information (commonly known as a “data subject access request”). This enables you to receive a copy of the personal information we hold about you and to check that we are lawfully processing it.
9.1.3. Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.
9.1.4. Request erasure of your personal information. This enables you to ask us to delete or remove personal information where there is no good reason for us continuing to process it (for instance, we may need to continue using your personal data to comply with our legal obligations). You also have the right to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).
9.1.5. Object to processing of your personal information where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to us using your information on this basis and we do not have a compelling legitimate basis for doing so which overrides your rights, interests and freedoms (for instance, we may need it to defend a legal claim). You also have the right to object where we are processing your personal information for direct marketing purposes.
9.1.6. Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.
9.1.7. Request the transfer of your personal information to another party where you provided it to us and we are using it based on your consent, or to carry out a contract with you, and we process it using automated means.
9.1.8. Withdraw consent. In the limited circumstances where we are relying on your consent (as opposed to the other bases set out above) to the collection, processing and transfer of your personal information for a specific purpose, you have the right to withdraw your consent for that specific processing at any time. Once we have received notification that you have withdrawn your consent, we will no longer process your information for the purpose or purposes you originally agreed to, unless we have another legitimate interest in doing so.
9.1.9. Lodge a complaint. If you think that we are using your information in a way which breaches Protection of Personal Data Law, you have the right to lodge a complaint with the TRNC national data protection supervisory authority. If you want to review, verify, correct or request erasure of your personal information, object to the processing of your personal information, withdraw your consent to the processing of your personal information or request that we transfer a copy of your personal information to another party, please contact us via [email protected]
9.2. Marketing Purposes. In addition to the rights set out above, you also have the right to ask us not to process your personal information for marketing purposes. We will usually inform you (before collecting your personal information) if we intend to use your personal information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by checking certain boxes on the forms we use to collect your personal information. You can exercise the right at any time by contacting us in writing. You can also use the unsubscribe option in our marketing emails to unsubscribe from further marketing emails. Please note that where you unsubscribe from any postal marketing, you may initially still receive some content which has already been printed or sent, but we will remove you from any future campaigns.
9.3. No fee usually required. You will not have to pay a fee to access your personal information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request for access is clearly unfounded or excessive. Alternatively, we may refuse to comply with the request in such circumstances.
9.4. What we may need from you. We may need to request specific information from you to help us confirm your identity and ensure your right to access the information (or to exercise any of your other rights). This is another appropriate security measure to ensure that personal information is not disclosed to any person who has no right to receive it.
9.5. Timescale. Please consider your request responsibly before submitting it. We will respond to your request as soon as we can. Generally, this will be within one month from when we receive your request but, if the request is going to take longer to deal with, we will let you know.
Our website may, from time to time, contain links to and from the websites of our partner networks, advertisers, affiliates and approved charities. If you follow a link to any of these websites, please note that these websites have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal information to these websites.
Any changes we make to our privacy notice in the future will be posted on this page and, where appropriate, notified to you by e-mail or otherwise. Please check back frequently to see any updates or changes to our privacy notice. This privacy and cookies notice may be translated into languages other than English. In the event of any conflict in interpretation (in a legal sense) between translated versions of this notice, the English language version shall prevail.
13.1. GIFA Exchange is a crypto trading platform based in the Turkish Republic of Northern Cyprus and operating under the registered number M.S.16778 with its head office at Dr Fazil Kucuk Boulevard, Hamitkoy Junction, Lefkosa (North Cyprus) Mersin 10 Turkey 99040.
13.2. In the context of this Policy GIFA Token is a native cryptocurrency of GIFA Exchange.
13.3. ''We'', ''Us'', ''Our'' means the GIFA Token or the relevant crypto trading platform, GIFA Exchange (as the context requires).
13.4. The cryptocurrency that has been developed by GIFA Exchange is known as GIFA Token, or represented by the sticker symbol GIFX:
13.4.1. GIFX is a type of crypto asset, a cryptographically stored representation of value which uses distributed ledger technology and which can be transferred, stored or traded electronically.
13.4.2. More specifically, GIFX is an exchange token: it is not issued or backed by any central authority and is intended to function as a tool to enable the buying and selling or exchanging with other acceptable crypto coins or tokens (BTC, BCH, ETH, LTC, XRP, USDT) or with goods and services or making investments and or making charitable donations.
13.4.3. GIFX Tokens do not provide their holders with particular interests in any business, nor do they provide rights such as ownership, repayment of a specifc sum of money or entitlement to a share in future profits.
13.4.4. Other than insofar as they can be used as a means of exchange, or making charitable donation, GIFX tokens are also redeemable for access to specific goods or services.
13.5. If you have any questions, please contact us via https://[email protected].com
Strictly necessary cookies. These are cookies that are required for the operation of our website. They include, for example, cookies that enable you to log into secure areas of our website, use a shopping cart or make use of e-billing services.
Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website when they are using it. This helps us to improve the way our website works, for example, by ensuring that users are finding what they are looking for easily.
Functionality cookies. These are used to recognise you when you return to our website. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
Targeting cookies. These cookies record your visit to our website, the pages you have visited and the links you have followed. We will use this information to make our website and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
You can find more information about some of the individual cookies we use and the purposes for which we use them in the table below:
ico User’s Session
_ga Google Analytics
_locale Allows persistence of language _gat Google Analytics
_gid Google Analytics
_ref_id Tracking origin of referred user
Except for essential cookies, all cookies will expire after six months.
END OF THE POLICY DOCUMENT….