Privacy policy

Last Updated: 23.06.2023

Present privacy policy (hereinafter “Policy”) describes how INWAY AG (hereinafter “Company”, “we”, “our”, or “us”) collects, uses, shares, and stores personal data of users of our website/-es: ironwallet.io (hereinafter “Sites”).

This Policy applies to the Sites, applications, products and services (collectively, “Services”) on or in which it is posted, linked or referenced.

By using the Services, you accept the terms of this Policy and our Terms of Use, and consent to our collection, use, disclosure, and retention of your information as described in this Policy. If you have not done so already, please also review our Terms of Use.

This Privacy Policy explains how information about users is collected, used, and disclosed by us and to set out the basis on which we will process personal data when providing our services.

IF YOU DO NOT AGREE WITH ANY PART OF THIS POLICY OR OUR TERMS OF USE, THEN PLEASE DO NOT USE ANY OF THE SERVICES.

Purpose of this Privacy Notice

We process personal data in an appropriate and lawful manner, in accordance with the laws of Liechtenstein which shall be applicable to this Policy, unless this conflicts with mandatory consumer protection provisions of any other EU/EEA member state and to the exclusion of collision laws; in particular we process personal data in accordance with the Liechtenstein Data Protection Act (the “Act”) as amended, and the General Data Protection Regulation (Regulation (EU) 2016/679) (the “GDPR”), as well as subsidiary legislation and regulations promulgated thereunder. For the avoidance of doubt, it is noted that Liechtenstein has fully implemented the GDPR.

The Services are not intended for minors (i.e., persons under age of majority in respective jurisdiction of residence) and we do not knowingly collect personal data relating to minors.

It is important that this Policy is read together with any other privacy notice or policy which we may provide on specific occasions when we are collecting or processing personal data about in order to become fully aware of how and why we are using personal data. This Policy supplements the other notices and is not intended to override them, unless otherwise stated.

Data controller

INWAY AG as defined above is the controller and responsible for user’s personal data.

Concerning any questions or requests, including any requests to exercise legal rights as a data subject, please use the details set out below:

Full name of legal entity: INWAY Aktiengesellschaft

Email address: info@ironwallet.io

Postal address: c/o Codex Treuhand Aktiengesellschaft, Landstrasse 1, 9495 Triesen.

Third-Party Links

Our website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about customers. We do not control these third-party websites and are not responsible for their privacy notices, statements or policies.

We encourage to read the privacy policy of every website visited.

What and How Do We Collect Data?

With respect to data subjects, “data”, “information”, “personal information”, “personal data”, as used in this Policy, is equivalent to “personal data” as defines in Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) (hereinafter “GDPR”).

We collect information about you in the following way:

Information we collect from you may include:

  • Identity information, such as your first name, last name in case of correspondence;
  • Contact information, such as your email address and telephone number;
  • Feedback and correspondence, such as information you provide in your responses to surveys, when you participate in market research activities, report a problem with Service, receive customer support, or otherwise correspond with us;
  • Transaction information, such as details about status and amount of transaction;
  • Marketing information, such as your preferences for receiving marketing communications and details about how you engage with them;
  • Technical information, such as your crypto wallet address and network information regarding transactions.

Information That is Collected Automatically

We may automatically record certain information about how you use our Sites (we refer to this information as “Log Data“).

Log Data may include information such as a user’s Internet Protocol (IP) address, device and browser type, operating system, the pages or features of our Sites to which a user browsed and the time spent on those pages or features, the frequency with which the Sites are used by a user, search terms, the links on our Sites that a user clicked on or used, and other statistics.

We use this information to administer the Service and we analyze (and may engage third parties to analyze) this information to improve and enhance the Service by expanding its features and functionality and tailoring it to our users’ needs and preferences.

We may use cookies, local storage, or similar technologies to analyze trends, administer the Sites, track users’ movements around the Sites, and to gather demographic information about our user base as a whole. Users can control the use of cookies and local storage at the individual browser level.

We also may use Google Analytics to help us offer you an optimized user experience. You can find more information about Google Analytics’ use of your personal data here. Please note that IronWallet does not use Google Analytics in its wallet.

We also may use Apple Store by Apple Inc. to help us offer you an optimized user experience. You can find more information about Apple Store services in use of your personal data here. Please note that IronWallet does not use Apple Store services in its wallet

We also may use Apple Store by Apple Inc. to help us offer you an optimized user experience. You can find more information about Apple Store services in use of your personal data here. Please note that [IronWallet] does not use Apple Store services in its wallet.

Sensitive Data

Some of the information you provide us may constitute sensitive data as defined in the GDPR (also referred to as special categories of personal data), including identification of your race or ethnicity on government-issued identification documents. Should we receive sensitive personal data, we will only process that data where there is a legitimate reason and purpose as set down in article 9 para. 2 of the GDPR to do so and, in all circumstances, in accordance with our obligations at law and under the appropriate safeguards.

Information We Will Never Collect

WE WILL NEVER ASK YOU TO SHARE YOUR PRIVATE KEYS OR WALLET RECOVERY (SEED) PHRASE. NEVER TRUST ANYONE OR ANY SITE THAT ASKS YOU TO ENTER YOUR PRIVATE KEYS OR WALLET RECOVERY (SEED) PHRASE.

How We Will Use Your Data?

We only use your personal data as permitted by law. We are required to inform you of the legal basis of our processing of your personal information, which are described in the table below. We may process personal data for more than one lawful ground depending on the specific purpose for which we are using data. If you have questions about the legal basis under which we process your personal data, contact us at info@ironwallet.io. Most commonly, we will use personal data in the following circumstances:

  • Where we need to perform our contractual obligations and duties we are about to enter into or have entered into with users in respect of customer relationships with us.
  • Where it is necessary for our legitimate interests (or those of a third party) and user interests as well as fundamental rights do not override those interests.
  • Where we need to comply with a legal or regulatory obligation.
Processing Purpose Description Legal Basis
Provision of Service We will use your personal data as follows:
  1. To enable you to access and use the Services;
  2. To provide and deliver products and services that you may request;
  3. To send information, including confirmations, technical notices, updates, security alerts, and support and administrative messages.

Our processing of your personal data is necessary to perform the contract governing our provision of the Services or to take steps that you request prior to signing up for the Service.

Also, present processing activity constitutes our legitimate interests.

Compliance with applicable laws We use your personal data as we believe necessary or appropriate to comply with applicable laws. These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impacts on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).
Communication with you * We use your personal data to communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners, on condition where users provide consent to receiving such marketing material and they have not opted out of receiving such marketing materials.
Optimization of platform In order to optimize your user experience, we may use your personal data to operate, maintain, and improve our Services. We may also use your information to respond to your comments and questions regarding the Services, and to provide you and other users with general customer service.
Fraud prevention, safety We may use your personal data to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
With your consent We may use or share your personal data with your consent, such as when you consent to let us post your testimonials or endorsements on our Sites, you instruct us to take a specific action with respect to your personal data, or you opt into third party marketing communications. Where our use of your personal data is based upon your consent, you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at info@ironwallet.io
Description Legal Basis
Provision of Service
We will use your personal data as follows:
  1. To enable you to access and use the Services;
  2. To provide and deliver products and services that you may request;
  3. To send information, including confirmations, technical notices, updates, security alerts, and support and administrative messages.
Our processing of your personal data is necessary to perform the contract governing our provision of the Services or to take steps that you request prior to signing up for the Service.

Also, present processing activity constitutes our legitimate interests.

Compliance with applicable laws
We use your personal data as we believe necessary or appropriate to comply with applicable laws. These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impacts on you (both positive and negative) and your rights before we process your personal data for our legitimate interests. We do not use your personal data for activities where our interests are overridden by any adverse impact on you (unless we have your consent or are otherwise required or permitted to by law).
Communication with you*
We use your personal data to communicate about promotions, upcoming events, and other news about products and services offered by us and our selected partners, on condition where users provide consent to receiving such marketing material and they have not opted out of receiving such marketing materials.
Optimization of platform
In order to optimize your user experience, we may use your personal data to operate, maintain, and improve our Services. We may also use your information to respond to your comments and questions regarding the Services, and to provide you and other users with general customer service.
Fraud prevention, safety
We may use your personal data to protect, investigate, and deter against fraudulent, unauthorized, or illegal activity.
With your consent
We may use or share your personal data with your consent, such as when you consent to let us post your testimonials or endorsements on our Sites, you instruct us to take a specific action with respect to your personal data, or you opt into third party marketing communications. Where our use of your personal data is based upon your consent, you have the right to withdraw it anytime in the manner indicated in the Service or by contacting us at info@ironwallet.io

Opting Out

Users can ask us to stop sending such advertising and marketing communications at any time by:

  • Following the opt-out links on any marketing message sent;
  • Contacting us at any time

Where users opt out of receiving such communications, this will not apply to personal data processed or provided to us as a result of customers’ entry into a customer relationship with us and our Services for the other respective purposes.

Sharing of Personal Data

We do not share the personal data collected with other organizations without your express consent, except as described in this Privacy Policy.

Cross-Border Data Transfer

Whenever we transfer your personal information out of the EEA to countries not deemed by the European Commission to provide an adequate level of personal information protection, the transfer will be based on a data transfer mechanism recognized by the European Commission as providing adequate protection for personal information.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal information out of the EEA.

Disclosure of Personal Data

We may have to share personal data with the parties set out below for the purposes set out in the table above:

  • External third parties
  • Suppliers and external agencies that we engage to process information on our and/or customers’ behalf, including to provide information and/or materials that have been requested
  • Our subsidiaries, associates, and agents where necessary to facilitate customer relationship with us
  • The Liechtenstein Tax Administration (Steuerverwaltung), the Office for Data Protection, regulators, law enforcement agencies, and other authorities who require reporting of processing activities or may request information from us, in terms of applicable law and in certain circumstances
  • Professional advisers such as lawyers, bankers, professional indemnity insurers, brokers, and auditors
  • Other organizations where the exchange of information is for the purpose of fraud protection or credit risk reduction
  • Third parties to whom we may choose to sell, transfer, or merge parts of our business or our assets (successors in title). Alternatively, we may seek to acquire other businesses or merge with them. If a change happens to our business, then the new owners may use personal data in the same way and for the same purposes as set out in this Policy

We require all third parties to respect the security of personal data and to treat it in accordance with the law (including applicable data protection and privacy law). We do not allow our third party business partners or service providers to use personal data for their own purposes and only permit them to process personal data for specified purposes and in accordance with our documented instructions. Furthermore, these third parties access and process personal data on the basis of strict confidentiality and subject to the appropriate security measures and safeguards.

We may also disclose customers’ data:

  1. If we are under a duty to disclose or share personal data to comply with any legal obligation, judgment or under an order from a court, tribunal or authority
  2. If we believe customers’ actions are inconsistent with our user agreements or policies, or to protect the rights, property, and safety of us or others
  3. In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of our business by another company
  4. If we have consent or at a customer’s direction

We may also share aggregated or anonymized information, which cannot reasonably be used to identify you.

How We Will Store and Secure Your Data

We will only retain personal data for as long as necessary to fulfill the purposes we collected it for (i.e. the ongoing service provision) and, thereafter, for the purpose of satisfying any legal, accounting, tax, and other requirements or obligations to which we may be subject and/or to the extent that we may also need to retain personal data to be able to assert, exercise, or defend possible future legal claims against or otherwise involving customers.

We employ industry standard security measures designed to protect the security of all information submitted through the Services. However, the security of information transmitted through the internet can never be guaranteed. We are not responsible for any interception or interruption of any communications through the internet or for changes to or losses of data.

In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) in which case we may use this information indefinitely without further notice to you.

What Are Your Data Protection Rights?

  • The Right to Opt-out. Stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you Service-related and other non-marketing communications.
  • The Right to Access. Provide you with information about our processing of your personal data and give you access to your personal information.
  • The Right to Rectification. Update or correct inaccuracies in your personal data.
  • The Right to Erasure. Erase your personal data under certain conditions.
  • The Right to Restrict Processing. Restrict the processing of your personal data under certain conditions.
  • The Right to Object to Processing. Object to our reliance on our legitimate interests as the basis of our processing of your personal data that impacts your rights.
  • Right to Transfer. Transfer a machine-readable copy of your personal information to you or a third party of your choice.
  • Right to withdraw consent.

You can submit these requests by email info@ironwallet.io. Kindly note that none of these data subject rights are absolute and must generally be weighed against our own legal obligations and legitimate interests. If a decision is taken to override a data subject request, the user will be informed of this by us along with the reasons for our decision.

We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions.

Users normally don’t have to pay a fee to exercise their rights as a data subject. However, we may charge a reasonable fee if a request is clearly unfounded, repetitive, or excessive. Alternatively, we may refuse to comply with requests in the above circumstances.

We will need to request specific information from a user to help us confirm the user’s identity and ensure the user’s right to access the personal data (or to exercise any of the other rights as a data subject). This includes name, address, date of birth, and (in case of a passport/identity card being requested) its validity period.

We try to respond to all legitimate requests within the period of one month from receipt of the request. Occasionally, it may take us longer than a month if a request is particularly complex or a number of requests have been made. In this case, we will give notification within four weeks and keep customers updated on the handling of their request.

What Are Cookies?

A cookie (hereinafter “Cookie”) is a small text file that is placed on your hard drive by a web page server. Cookies contain information that can later be read by a web server in the domain that issued the cookie to you. Some of the cookies will only be used if you use certain features or select certain preferences, and some cookies will always be used.

Web beacons, tags, and scripts may be used in the Sites or in emails to help us deliver cookies, count visits, understand usage and campaign effectiveness, and determine whether an email has been opened and acted upon. We may receive reports based on the use of these technologies by our service/analytics providers on an individual and aggregated basis.

We may link the information collected by Cookies with other information we collect from you pursuant to this Policy and use the combined information as set forth herein. Similarly, the third parties who serve cookies on our Sites may link your name or email address to other information they collect, which may include past purchases made offline or online, or your online usage information.

If you are located in the European Economic Area, you have certain rights that are described above under the header “WHAT ARE YOUR DATA PROTECTION RIGHTS?”

What Types of Cookies Do We Use?

Necessary Cookies: Some Cookies are necessary for certain uses of the Sites, and without such Cookies, we would not be able to provide many services that you need to properly use the Sites. These Cookies, for example, allow us to operate our Sites so you may access it as you have requested and let us recognize that you have created an account and have logged into that account to access content on our Sites. They also include Cookies that enable us to remember your previous actions within the same browsing session and secure our Sites.

Functional Cookies: We also use functional Cookies and Cookies from third parties for analysis and marketing purposes. Functional Cookies enable certain parts of the Sites to work properly and your user preferences to remain known.

Analysis Cookies: Analysis Cookies, among other things, collect information on how visitors use our Sites, the content and products that users view most frequently, and the effectiveness of our third-party advertising.

Advertising Cookies: Advertising Cookies assist in delivering ads to relevant audiences and having our ads appear at the top of search results. Cookies are either “session” Cookies which are deleted when you end your browser session, or “persistent,” which remain until their deletion by you (discussed below) or the party who served the cookie.

How to Manage Cookies?

You can always set your browser not to accept cookies or even remove cookies from your browser. However, in a few cases, some of the Sites’ features may not function properly or even may become inaccessible as a result.

To learn more about how to control cookie settings through your browser:

  • For Firefox, click here to learn more about the “Private Browsing” setting and managing cookie settings.
  • For Chrome, click here to learn more about “Incognito” settings and managing cookie settings.
  • For Internet Explorer, click here to learn more about “InPrivate” settings and managing cookie settings.
  • For Safari, click here to learn more about “Private Browsing” settings and managing cookie settings.

For more information about cookies, please visit: https://www.aboutcookies.org/.

Third-party advertising networks, like Google and others, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here.

Flash Cookies, which from time to time may be used by Sites, are not controlled by your browser and relevant settings. In order to manage Flash Cookies settings, click here.

Privacy Policies of Other Websites

Our Sites may have links to other websites which you can follow, due to that, our Policy applies only to our Sites and other websites have their own privacy policy which you should read.

Changes to Our Privacy Policy

We keep our Policy under regular review; that is why we may amend the Policy at any time. We encourage you to periodically review this page for the latest information on our privacy practices. If we make any changes, we will change the “Last Updated” date above.

Any modifications/amendments to the Policy will be effective upon our posting of the new terms and/or upon implementation of the changes to the Sites (or as otherwise indicated at the time of posting). In all cases, your continued use of the Sites or Services after the posting of any modified Policy indicates your acceptance of the terms of the modified Policy.

How to Contact Us

If you have any questions about the Policy, the data we hold on you, or you would like to exercise one of your data protection rights, please do not hesitate to contact us at: info@ironwallet.io.

How to Contact the Appropriate Authority

If you would like to submit a complaint about our use of your personal data or response to your requests regarding your personal data, you may contact us at info@ironwallet.io or submit a complaint to the data protection regulator in your jurisdiction.

You can find your data protection regulator here.