Legal

Privacy Policy

Last updated: December 2024

Table of Contents

1. Introduction

ATOMi ("we", "us", or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our platform and services.

We operate as a data controller under the General Data Protection Regulation (GDPR) and other applicable data protection laws. By using ATOMi, you consent to the data practices described in this policy.

2. Data We Collect

2.1 Information You Provide

  • Account Information: Name, email address, phone number, company name
  • Identity Verification (KYC): Government ID, proof of address, biometric data (facial recognition for verification)
  • Financial Information: Bank account details, wallet addresses, transaction history
  • Agreement Data: Contract terms, document uploads, communication logs

2.2 Information Collected Automatically

  • Device Information: IP address, browser type, operating system, device identifiers
  • Usage Data: Pages visited, features used, time spent on platform
  • Log Data: Access times, errors, referring URLs

2.3 Information from Third Parties

  • Authentication Providers: Data from Web3Auth when you sign in
  • KYC Providers: Verification results from identity verification services
  • Blockchain Data: Public blockchain transaction records

3. How We Use Your Data

We use your personal data for the following purposes:

  • Service Delivery: To operate and provide our escrow platform services
  • Identity Verification: To comply with KYC/AML requirements and prevent fraud
  • Transaction Processing: To execute escrow agreements and process payments
  • Communication: To send notifications, updates, and respond to inquiries
  • Security: To protect against unauthorized access and fraudulent activity
  • Legal Compliance: To comply with applicable laws and regulations
  • Service Improvement: To analyze usage and improve our platform

4. Data Sharing

We may share your personal data with:

4.1 Service Providers

Third-party vendors who assist in operating our platform, including cloud hosting providers, payment processors, KYC verification services, and customer support tools. All service providers are bound by data protection agreements.

4.2 Other Users

Information necessary for escrow agreements is shared with counterparties and advisors involved in your transactions. This includes names, agreement terms, and relevant documents.

4.3 Legal Requirements

We may disclose your information when required by law, court order, or government request, or when necessary to protect our rights, safety, or property.

4.4 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity.

We never sell your personal data to third parties.

5. Data Security

We implement appropriate technical and organizational measures to protect your personal data:

  • AES-256 encryption for data at rest
  • TLS 1.3 encryption for data in transit
  • Multi-factor authentication for administrative access
  • Regular security audits and penetration testing
  • Incident response procedures
  • Employee security training

While we strive to protect your information, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

6. Data Retention

We retain your personal data for as long as necessary to provide our services and comply with legal obligations:

  • Account Data: Retained while your account is active, plus 5 years after closure
  • Transaction Records: Retained for 7 years for regulatory compliance
  • KYC Documents: Retained for 5 years after the business relationship ends
  • Communication Logs: Retained for 3 years

After the retention period, data is securely deleted or anonymized.

7. Your Rights

Under GDPR and applicable data protection laws, you have the following rights:

  • Right of Access: Request a copy of your personal data
  • Right to Rectification: Request correction of inaccurate data
  • Right to Erasure: Request deletion of your data (subject to legal retention requirements)
  • Right to Restriction: Request limitation of data processing
  • Right to Data Portability: Receive your data in a machine-readable format
  • Right to Object: Object to processing based on legitimate interests
  • Right to Withdraw Consent: Withdraw previously given consent

To exercise these rights, contact us at privacy@atomi.com. We will respond within 30 days.

8. Cookies

We use cookies and similar tracking technologies:

  • Essential Cookies: Required for platform functionality
  • Analytics Cookies: Help us understand how users interact with our platform
  • Preference Cookies: Remember your settings and preferences

You can control cookies through your browser settings. Blocking essential cookies may affect platform functionality.

9. International Transfers

ATOMi is based in the European Union. Your data is primarily stored and processed within the EU. When we transfer data outside the EU, we ensure appropriate safeguards are in place:

  • Standard Contractual Clauses approved by the European Commission
  • Adequacy decisions for countries with equivalent data protection
  • Binding Corporate Rules for transfers within corporate groups

10. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of significant changes by email or through a prominent notice on our platform. The "Last updated" date at the top of this policy indicates when it was last revised.

11. Contact Us

If you have questions about this Privacy Policy or our data practices, contact us:

  • Email: privacy@atomi.com
  • Telegram: @atomini
  • Contact Form: Contact Page

You also have the right to lodge a complaint with your local data protection authority.