1.1. Animoca Capital is committed to processing personal data in line with all applicable privacy and data protection laws. “Animoca Capital”, “we”, “us” or “our” means Animoca Capital Investment Holdings Limited, and each of its direct or indirect subsidiaries and the investment funds under our management (collectively the “Animoca Capital”). Animoca Capital are the controllers of your personal data. We are providing this Policy to you to satisfy disclosure requirements required under data protection and privacy regulations adopted by regulatory authorities in the jurisdictions in which Animoca Capital conducts business. These regulations require that Animoca Capital (as a data controller) ensure that you understand how we collect, use, process and share your personal information. Please note that certain of these disclosures may not apply to you.
1.2. References to “you” or “your” refers to individuals whose personal data is processed by Animoca Capital, including clients with direct or indirect relationships (such as those who invest through an intermediary); employees, contingent workers, officers, agents (together “Representatives”); and beneficial owners of an organization or entity in connection with:
1.2.1. the provision of services to potential and actual clients;
1.2.2. transactions to which we are party (including those which we effect on behalf of clients); or
1.2.3. services provided to us by a third-party vendor.
1.3. We will only use your personal data where you have given us your consent or where we have other lawful basis for doing so, and in the manner set out in this Policy.
1.4. This Policy sets out the manner in which and for what purposes we collect, use, disclose and process your personal data when you access or use our website and/or services or when you otherwise provide us with your personal data, regardless of the medium through which such personal data is provided. If the stated purposes of processing are altered for any reason after we have collected your personal data, we will seek for your consent for such further processing where required by applicable data protection law.
1.5. By providing us with your personal data, you acknowledge that our collection, use, disclosure and processing of your personal data will be in accordance with this Policy, including, for the avoidance of doubt, the cross jurisdictional transfer of your data. If you object to how we will collect, use and share your personal data as set out in this Policy, please DO NOT provide any personal data to us.
1.6. This Policy supplements but does not supersede or replace any consents you have provided to us, or any other agreements or arrangements that you have with us, in respect of your personal data.
1.7. Our website may contain links to websites that are not owned or maintained by us. These links are provided only for your convenience. This Policy only applies to our website and services. When visiting and being redirected to these third-party websites or engaging third party services, you should read their privacy policies. We are not liable to you in respect of any data you transfer to these third-party’s websites or your engagement and use of third-party services.
2. Collection of Personal Data
What is Personal Data
2.1. “Personal Data” is data that can be used to identify a natural person. Personal Data we collect and for what purpose will depend on the type of services provided to you and may include:
2.1.1. Identification information such as place and date of birth, nationality, ID card details, passport details, gender, photograph/images, country of residence;
2.1.2. Contact details such as postal address, email address and phone number;
2.1.3. Family information such as marital status, number of children, identity of spouse;
2.1.4. Tax information such as tax status, tax residency, and tax ID;
2.1.5. Financial information such as bank account information and Central Depository account information;
2.1.6. Information to assess whether you are or if you may represent a politically exposed person or money laundering risk; and
2.1.7. Any other Personal Data derived from legal documentation.
Provision of Personal Data
2.2. We may collect personal data (1) that you voluntarily provide to us or (2) from third-parties or (3) through your use of our digital technologies and services. What type of personal data we collect depends on the purposes for which the personal data is collected and what you have chosen to provide.
2.3. Where our collection is based on consent, you can choose not to provide us with personal data. You also have the right to withdraw your consent from us to continue collecting, using, disclosing and processing your personal data, by contacting us as outlined in clause 11.1. However, if you do withdraw your consent, it may then not be possible for us to fulfil the purposes for which we require the personal data, including processing your transactions or providing you with the products and services that you require.
Providing Personal Data Belonging to Others
2.4. In certain circumstances, you may also provide us with personal data of persons other than yourself. If you do so, you warrant that you have brought this Policy to his/her attention, informed him/her of the purposes for which we are collecting his/her personal data and that he/she has consented to your disclosure of his/her personal data to us for those purposes. You agree to indemnify and hold us harmless from and against any and all claims by such individuals relating to our collection, use and disclosure of such personal data in accordance with the terms of this Policy.
Accuracy and Completeness of Personal Data
2.5. You are responsible for ensuring that all personal data that you provide is true, accurate and complete, and to inform us of any changes to your personal data.
2.6. Our website and/or services are not intended to be accessed or used by children, minors or persons who are not of legal age in the relevant jurisdiction. If you are a parent or guardian and you have reason to believe your child or ward has provided us with their personal data without your consent, please contact us.
3. How We Collect Personal Data
3.1. We collect Personal Data that is relevant to our relationship with you. We may collect your Personal Data directly or indirectly through various channels, such as when:
3.1.1. you provide us with your Personal Data for business/commercial reasons;
3.1.2. you authorise us to obtain your Personal Data from a third party;
3.1.3. you enter into agreements with us;
3.1.4. you provide us with information for the purposes of due diligence in order for us to meet and comply with our regulatory and legal obligations;
3.1.5. you transact with us, contact us or request that we contact you through various communication channels, for example, through social media platforms, messenger platforms, face-to-face meetings, telephone calls, emails, facsimile and letters;
3.1.6. you request to be included in an email or our mailing list;
3.1.7. your images are captured via CCTV cameras while you are within our premises;
3.1.8. your images are captured via photographs or videos taken by us or our representatives when you attend events organised by us;
3.1.9. when you attend events or functions organised by us; and/or
3.1.10. you submit an application for employment, internship or secondment, or when you provide documents or information including your resume in connection with the aforesaid application.
3.2. Depending on your relationship with us, we may also collect your personal data from third party sources, for example, from:
3.2.1. entities in which you (or a party connected to you) have an interest;
3.2.2. your advisors;
3.2.3. current or previous employers;
3.2.4. banks and other financial services providers;
3.2.5. our business partners such as third parties providing advertising, marketing and promotional services to us;
3.2.6. your family members or friends who provide your personal data to us on your behalf;
3.2.7. your referees, educational institutions or previous employers (if you have applied to us for a job); and/or
3.2.8. public agencies or other public sources.
3.3. Our website may contain, or we may deploy, certain technologies that collect data from you, such as your Internet Protocol address, browser type, pages of our website that you visit, time and date of your visit, your time spent on our website, unique device identifiers and other diagnostic data.
4. Usage of Personal Data
4.1. We collect, use, disclose and process your personal data where:
4.1.1. you have given us consent;
4.1.2. necessary to comply with our legal or regulatory obligations;
4.1.3. necessary to support our legitimate business interests, provided that this does not override your interests or rights; and
4.1.4. necessary to perform a transaction you have entered into with us, or provide a service that you have requested or require from us.
4.2. We collect, use, disclose and process your personal data for purposes connected or relevant to our business, or to manage your relationship with us. Such purposes would include:
4.2.1. verifying and establishing your identity;
4.2.2. providing our products and services and carrying out such transactions or taking steps as may be directed by you;
4.2.3. taking steps in connection with your recruitment and on-boarding as our employee if you were applying to us for employment;
4.2.4. managing the safety and security of our premises and website/platforms;
4.2.5. communicating with you and assisting you with your enquiries, feedback, complaints, disputes and requests;
4.2.6. complying with legal or regulatory obligations;
4.2.7. providing, maintaining and monitoring usage of our website;
4.2.8. performing data analytics and related technologies on data, to enable us to deliver relevant content and information to you, and to improve our website;
4.2.9. managing and engaging third parties or data processors that provide services to us;
4.2.10. carrying out our legitimate business interests;
4.2.11. such purposes that may be informed to you when your personal data is collected; and/or
4.2.12. other reasonable purposes related to the above.
4.3. Where personal data is used for a new purpose and where required under applicable law, we shall obtain your consent for the new purpose.
4.4. We may also collect, use, disclose and process your personal data for the following purposes to support our legitimate business interests, provided that this does not override your interests or rights, which include but not limited to:
4.4.1. managing our business and relationship with you, in various transactions;
4.4.2. providing services to our clients;
4.4.3. protecting our rights and interests and those of our clients;
4.4.4. complying with legal or regulatory obligations, internal policies and procedures;
4.4.5. enforcing our terms and conditions and obligations owed to us, or protecting ourselves from legal liability; and
4.4.6. managing our investor relations.
Permitted Use Under Applicable Law
4.5. We may also collect, use, disclose and process your Personal Data for other purposes, without your knowledge or consent, where this is required or permitted by law. Your Personal Data may be processed if it is necessary on reasonable request by a law enforcement or regulatory authority, body or agency or in the defence of a legal claim. We will not delete your Personal Data if relevant to an investigation or a dispute. It will continue to be stored until those issues are fully resolved.
Usage of Personal Data for Marketing Purposes
4.6. We may use your Personal Data for direct marketing purposes. For us to market products, events and services which are of specific interest and relevance to you, we may analyse and rely on your Personal Data provided to us, or data collected from your interactions with us. However, no marketing, whether direct, jointly, or by a third party, using your Personal Data would be carried out unless you have provided us with your consent to use your Personal Data for such marketing purposes (unless we are exempted by applicable law from having to obtain your express consent). We will not transfer your Personal Data to a third party for direct marketing, unless you have provided us with your consent.
4.7. If you wish to restrict how we may contact or send you information or if you do not want us to use your personal data for the purposes of marketing or any other purposes stated above, you can withdraw your consent at any time by sending an email to firstname.lastname@example.org. Your withdrawal will be effective on the date of our acknowledgement of receipt.
5. Cookie Notice
5.2. Types of cookies:
5.2.1. Strictly necessary cookies/session cookies – these are essential for our site to function and are primarily session cookies which are deleted when you leave the site.
5.2.2. Functional cookies – these record information about your preferences and are stored in your browser cache.
5.2.3. Third party cookies – these are placed by someone other than us which may gather data across multiple websites or sessions.
5.3. We collect cookies for performance/analytics purposes. These cookies collect information on how users use our website. Information collected by these cookies is used only to improve your use of our website. These cookies are sometimes placed by third party providers of web traffic and analysis services.
5.4. Most internet browsers are set up by default to accept cookies. If you wish to refuse or delete them (or similar technologies) please refer to the help and support area on your browser for instructions on how to block or delete cookies. If you block certain or all cookies you may find certain features on our website will not function properly and may affect the timely response to your request.
5.5. For persons residing in the EU, you can find more information on managing cookies by visiting http://www.youronlinechoices.eu which has further information about behavioural advertising and online privacy.
5.6. We may modify or amend this Cookie Notice from time to time and you are advised to visit our website regularly to check for any amendments.
6. Disclosure Of Personal Data
6.1. We may disclose or share your personal data with our Animoca Capital Group affiliates, other financial institutions and financial services companies in order to provide our services to you, to manage our shareholder and investor returns, and for management and compliance purposes.
6.2. We may also disclose your personal data to third parties in connection with purposes described in clause 4, including without limitation the following circumstances:
6.2.1. disclosing your Personal Data to third parties who provide services to us (including, but not limited to, fund administrators, technology providers, insurance providers, financial institutions, and auditors);
6.2.2. disclosing your Personal Data to third parties in order to fulfil such third party products and/or services as may be requested or directed by you;
6.2.3. disclosing your Personal Data to third parties that we conduct joint marketing and cross promotions with;
6.2.4. disclosing your Personal Data to third parties that we conduct joint marketing and cross promotions with;
6.2.5. disclosing your Personal Data to regulatory authorities, governments, law enforcement agencies or public agencies; or
6.2.6. if we are defending a legal claim your information may be transferred as required in connection with defending such claim.
6.3. When disclosing your Personal Data to third parties, we will (where appropriate and permissible) enter into contracts with these third parties to protect your personal data in a manner that is consistent with all applicable laws and/or ensure that they only process your Personal Data in accordance with our instructions.
7. Cross-Jurisdictional Transfers
7.1. We may transfer your personal data to different jurisdictions in connection with the purposes described above:
7.1.1. from the jurisdiction where it is collected (or where you are located) to any other jurisdictions that we operate in; and
7.1.2. to third parties in other jurisdictions.
7.2. Where we transfer your Personal Data across jurisdictions, we will ensure that your Personal Data is protected in accordance with this Policy and applicable laws regardless of the jurisdictions they are transferred to, but in any event to a level that is no less stringent than the jurisdiction from which the personal data is transferred. When we transfer your Personal Data internationally and where required by applicable law, we put in place appropriate safeguards including EU Model Clauses or rely on EU Commission adequacy decisions.
8. Protection of Personal Data
8.1. While we take reasonable precautions to safeguard your Personal Data in our possession or under our control, you agree not to hold us liable or responsible for any loss or damage resulting from unauthorised or unintended access that is beyond our control, such as hacking or cybercrimes.
8.2. We do not make any warranty, guarantee, or representation that your use of our website is safe and protected from malware and other vulnerabilities. We also do not guarantee the security of data that you choose to send us electronically. Sending such data is entirely at your own risk.
8.3. We retain your Personal Data only for as long as is necessary to fulfil the purposes we collected it for, and to satisfy our business and/or legal purposes, including data analytics, audit, accounting or reporting purposes. The standard retention period is 7 years in accordance with statutory requirements. How long we keep your personal data depends on the nature of the data, e.g. we keep personal data for at least the duration of the limitation period for bringing claims if the personal data may be required to commence or defend legal proceedings. Some information may also be retained for longer, e.g. where we are required to do so by law in the relevant jurisdiction.
8.4. In some circumstances we may anonymise your personal data so that it can no longer be associated with you, in which case we are entitled to retain and use such data without restriction.
9. Your Rights
9.1. Depending on the jurisdiction that you are in or where we operate, you may enjoy certain rights under applicable law in relation to our collection, use, disclosure and processing of your Personal Data. Such rights include:
9.1.1. Access: you may ask us if we hold your Personal Data and, if we do, you may request access to your Personal Data. This enables you to receive a copy of and information on the Personal Data we hold about you.
9.1.2. Correction: you may request that any incomplete or inaccurate Personal Data we hold about you is corrected.
9.1.3. Erasure: you may ask us to delete or remove Personal Data that we hold about you in certain circumstances.
9.1.4. Restriction: you may withdraw consent for our use of your Personal Data or ask us to suspend the processing of certain of your Personal Data about you.
9.1.5. Portability: you may request the transfer of certain of your Personal Data to another party under certain conditions.
9.1.6. Objection: where we are processing your Personal Data based on a legitimate interest (or those of a third party) you may object to processing on this ground.
9.2. If you wish to exercise your rights, you may contact us to in accordance with clause 9.3 below. We may require that you submit certain forms or provide certain information to process your request. Where permitted by law, we may also charge you a fee to process your request.
9.3. If you are of the opinion that we have not complied with this Policy or we have infringed applicable data protection laws, we encourage you to contact us so that we can resolve your concerns. This does not affect your statutory rights. For example, if the EU GDPR applies to you, you have a right to lodge a complaint with a European supervisory authority, in particular in the Member State in the European Union where you are habitually resident, where you work or where an alleged infringement of Data Protection law has taken place. Under the UK GDPR, in the United Kingdom you can make a complaint to the Information Commissioner’s Office.
11. Contact Us