PRIVACY NOTICE



Last updated: 2023-03-14


In the course of our business, we, Ragnaros AB reg. no. 559322-7530 (“Divly”), may process personal data relating to you and in that capacity Divly will be regarded as the data controller.


This privacy notice outlines in detail how Divly collect, store, transfer or otherwise use (collectively “process”) your personal data. If you have any questions regarding the processing of your personal data you will find our contact details at the end of this privacy notice.


Processing of your personal data


The personal data Divly process, for what purposes and on what legal basis will depend on whether you are a:

  1. website visitor;

  1. customer;

  1. service provider; or

  1. job candidate.


Website visitors


What personal data does Divly process?

  • IP-address;

  • device settings (e.g. device and web browser type, operating system, time zone);

  • contact details by filling out and submitting a contact form;

  • personal data that is voluntarily provided by using the chat function on our website; and

  • information generated by enabled cookies in accordance with our cookie policy link to cookie policy.


From where does Divly receive the personal data?


From you when you visit our website or use certain website functions.


For which purposes and on what legal basis does Divly process the personal data?


Divly processes the personal data for the purposes of monitoring and producing statistical information regarding the use of our digital platforms, including analysing and improving their functionality. To the extent relevant cookies are enabled the personal data will also be processed to provide a personalized experience when visiting our website and/or for marketing purposes.


With the exception of necessary cookies, the information collected by our use of cookies will be based on your consent.


Other information is processed on the basis of our legitimate interest to improve our website and other digital services.


For further details regarding our use of cookies, please see our cookie policy link to cookie policy.


For how long is the personal data stored?


The storage period will depend on your cookie preferences and the applicable type of cookie, in relation to the collected personal data, and otherwise for as long as your web browser remains open.

For further details regarding the storage period Divly apply for different types of cookies, please visit our cookie policy link to cookie policy.




Customers


What personal data does Divly process?


Divly processes a limited amount of personal data to ensure the confidentiality of our customers’ cryptocurrency transactions.


The following personal data is processed by Divly:


  • e-mail address;

  • password (login credentials);

  • country (that you have chosen in your account settings);

  • transaction data (see below for further details)

  • payment information (see below for further details);

  • marketing preferences; and

  • other information that you provide when you contact us (e.g. via customer service).


Payment information


When you make a purchase via our website, Divly receives information about your name, address, order history (if you have previously purchased other services from us) , which option you choose for preparing a tax report (e.g. Casual or Enthusiast) and the relevant e-mail address for your account.


Other payment information such as your bank account or credit card number is managed by our payment processor, Stripe. Divly does not receive access to this personal data. Furthermore, Divly does not store your name and address directly in our systems as this information is only used to process payments via Stripe.


If you use cryptocurrency to make a purchase, CoinPayments will act as the payment processor and Divly will only receive information on the transaction hash and the relevant e-mail address for your account.


Transaction data


When you import information on your cryptocurrency transactions from a wallet or exchange (via API key), or by any other method such as uploading a CSV or XLSX file or manually adding transactions, the following data points may be processed:


  • proceeds and cost basis of a transaction;

  • whether a transaction resulted in a profit or loss and the amount;

  • the buy and sell date of an asset;

  • from which wallet or exchange the transaction was made in;

  • transaction types (deposit, withdrawal, trade and transfer);

  • transaction labels (e.g. mining, staking reward, airdrop, and gifted away);

  • API keys or access token if using the automatic import method; and

  • wallet address or blockchain address.


In some cases transaction labels are automatically set by Divly as part of our service but you always have the option to manually edit or remove them.


From where does Divly receive the personal data?


From you when you purchase and use our services, or if you contact our customer service.


For which purposes and on what legal basis does Divly process the personal data?


Divly processes the personal data for the purposes of providing our services, facilitate customer service, manage invoicing, marketing, sales- and performance analysis and comply with obligations relating to accounting and tax reporting.


The personal data is primarily processed in order to perform our contract with you or to comply with a legal obligation. In certain cases Divly may rely on other legal bases such as our legitimate interest to improve our customer service, and your consent to advertise similar services or products offered by us.


The personal data used for the purpose of sales- and performance analysis of our business is aggregated and anonymised.


For how long is the personal data stored?


Information relating to payment claims will be stored for up to ten (10) years. To the extent the information is only necessary for bookkeeping and/or tax reporting purposes the information will be stored up to seven (7) years.


Any agreement you have with us will be stored, at a minimum, for as long as you are a customer and for any period thereafter that is necessary to fulfil any obligations set out in the agreement or to comply with a legal obligation.


Your account information and any transaction data from previous tax reports will be saved until you either request the data to be deleted or if you have not logged into your account for more than three years. We will send a reminder to your e-mail address one (1) month before your account is automatically deleted due to inactivity. However, as stated above, certain account information may be stored for a longer period if required by law.


Service provider


What personal data does Divly process?


If you represent a service provider or act in the capacity of a sole proprietor, Divly will process the following personal data about you:


  • first- and last name;

  • contact details (work address, e-mail, telephone number etc.);

  • information relating to your workplace (e.g. name of your employer, department, title etc.);

  • personal identity number (if sole proprietor); and

  • any personal data contained invoices (e.g. listed reference person).


From where does Divly receive the personal data?


From you or your employer when Divly purchase or use your services or products. Divly may also collect information from public records.


For which purposes and on what legal basis does Divly process the personal data?


Divly processes the personal data for the purpose of completing the order of a purchased service or product, and to fulfil the obligations stated in the agreement with the service provider that you represent.


The processing is done primarily for the processing of our contract with the service provider or to comply with a legal obligation. In certain cases the personal data will be processed on the basis of our legitimate interest to maintain and improve our services and products towards the end customer.


For how long is the personal data stored?


Information relating to payment claims will be stored for up to ten (10) years. To the extent the information is only necessary for bookkeeping and/or tax reporting purposes the information will be stored up to seven (7) years.


Any agreement that the service provider has with us (which may contain personal data about you) will be stored, at a minimum, for as long the business relationship is active and for any period thereafter that is necessary to fulfil any obligations set out in the agreement or to comply with a legal obligation.


Other information such as your contact details will be stored for as long as Divly has a business relationship with the service provider or up to one (1) year after the business relationship has ended.





Job candidates


What personal data does Divly process?

  • Contact details (address, telephone number and e-mail);

  • Identity verification and permits (first- and last name, personal identity number or social security ID, gender and if necessary: passport, ID card, personal photo, licenses, residence- and work permit);

  • Merits (CV, employment history, language skills, personal letter(s), grades, diplomas, degree certificates, transcripts from university or other higher education and information furnished by provided references);

  • Job details (to the extent applicable: salary requests, workplace or office location and work position preferences);

  • Interview and tests (notes from job interviews or meetings, test results and personal assessments); and, if necessary,

  • Background checks (information retrieved from public records, credit checks, criminal records and/or other security clearance checks).


From where does Divly receive the personal data?


Divly collects the personal data listed above from the following sources:

  • you directly in connection with you submitting your job application and any related documents, or otherwise by participating in job interviews, meetings or tests;

  • reference persons you have provided;

  • consultant(s) engaged in connection with the recruitment;

  • third party when you apply or fill out a form via a service provider such as LinkedIn; and

  • public records and/or service providers conducting background checks on our behalf.


For which purposes and on what legal basis does Divly process the personal data?


Divly processes the personal data for the purpose of performing and managing the recruitment process.


Personal data relating to contact details, merits, job details as well as interview and tests is processed on the basis of our legitimate interest to ensure an efficient and correct recruitment process.


Personal data relating to identity verification and permits is processed to comply with our legal obligations.


Personal data relating to background checks is processed to comply with our legal obligations when relating to security clearances, or on the basis of our legitimate interest when it is of crucial importance to determine the suitability of a person in relation to the applied position.


With your consent, your personal data may also be processed for future internal recruitment processes.


For how long is the personal data stored?


The personal data will be stored for two (2) years after the recruitment process has ended.


If you have given your consent for us to process your personal data for future internal recruitment processes, Divly will store the personal data until such time you have withdrawn your consent or earlier on our own initiative.


For successful candidates any personal data relevant to your employment will be included in your personnel file and stored by Divly during your employment period. Following the termination of your employment the personal data will be stored for a period of time based on applicable law and in accordance with our internal policies.


_______________________

Does Divly share personal data with others?

Your personal data may be shared with our partners, service providers or other third parties with whom you come into contact or who are involved in our business activities.


Partners


Divly works with a growing number of exchanges, tax lawyers, and accountants to ensure that their customers receive the best service possible in matters relating to tax reports and better overview of cryptocurrency transactions.


If you have requested a referral to one of our partners, we will share your e-mail address and a description of what you need assistance with (e.g. tax advice).


Service providers


Divly uses third party service providers who provide services such as payment processing, invoice management, personal data storage and IT services (such as managing our website, marketing etc). In providing the services, your personal data will, where applicable, be processed by the service provider on our behalf.


Divly have written agreements with all our service providers in accordance with applicable data protection laws in order to safeguard your personal data.


Please see below for a full list on the data processors that Divly uses for your personal data.


Processor

Role

Country

AWS Europe

Cloud data storage

Germany

Stripe Payments Europe, Ltd.

Payment processor (fiat)

Ireland

CoinPayments

Payment processor (cryptocurrency)

Lithuania

Mailchimp

Email marketing

USA

SendGrid

Email processor

USA

Intercom

Customer support software provider

Ireland

Tapfiliate

Affiliate tracking software

Netherlands

Disclosure to third parties

If required by law, Divly may share your personal data with public authorities (or legal counsel in the event of suspected criminality or misconduct.

The personal data can also be shared with third parties involved in a merger or acquisition of our business (or part thereof).

Does Divly transfer personal data to countries outside the EU/EEA?

Divly will not transfer your personal data outside the EU/EEA without adequate safeguards with respect to the protection of your privacy, fundamental rights and freedoms, and the exercising of your rights. Divly ensure that your privacy is protected by an adequate level of data protection through for example EU Standard Contractual Clauses based on the EU commission’s model clauses complemented by supplementary security measures if necessary. If you would like more information on the security measures in place, please contact us (see “Questions and contact information”).

Your rights and how to exercise them

You are entitled to:

  • obtain confirmation regarding whether Divly process personal data about you, and in such case obtain access to it in the legally prescribed manner;

  • request that Divly rectify inaccurate personal data about you;

  • request that Divly erase your data where there are no legal reasons to continue the processing;

  • request that Divly restrict the processing of your personal data, provided there are no legal reasons to continue the processing;

  • request to obtain the personal data which relates to you, and which you have provided to us, in a structured, commonly used, machine-readable format (portability); and

  • withdraw your consent at any time.


Please note that in order to ascertain that the correct person is submitting a request for a measure pursuant to the above, Divly will conduct a verification of identity.

You are also entitled to submit a complaint to the Swedish Authority for Privacy Protection, www.imy.se, regarding our processing.

Questions and contact information

You can contact us by e-mail to the following address: [email protected] or by using the chat function provided on our website.

Changes to this privacy notice

Divly reserves the right to change this privacy notice. The latest version of the privacy notice will always be available online on our website. Divly will also refer to it in our e-mails. You are encouraged to carefully review the updated contents in the event any changes are made to this privacy notice.


_______________________

1


Consent to the use of cookies.

For our website to function properly we use cookies. To obtain your valid consent for the use and storage of cookies in the browser you use to access our website and to properly document this we use a consent management platform: CookieFirst. This technology is provided by Digital Data Solutions BV, Plantage Middenlaan 42a, 1018 DH, Amsterdam, The Netherlands. Website: https://cookiefirst.com referred to as CookieFirst.


When you access our website, a connection is established with CookieFirst’s server to give us the possibility to obtain valid consent from you to the use of certain cookies. CookieFirst then stores a cookie in your browser in order to be able to activate only those cookies to which you have consented and to properly document this. The data processed is stored until the predefined storage period expires or you request to delete the data. Certain mandatory legal storage periods may apply notwithstanding the aforementioned.


CookieFirst is used to obtain the legally required consent for the use of cookies. The legal basis for this is article 6(1)(c) of the General Data Protection Regulation (GDPR).

Data processing agreement

We have concluded a data processing agreement with CookieFirst. This is a contract required by data protection law, which ensures that data of our website visitors is only processed in accordance with our instructions and in compliance with the GDPR.

Server log files

Our website and CookieFirst automatically collect and store information in so-called server log files, which your browser automatically transmits to us. The following data is collected:

  • Your consent status or the withdrawal of consent
  • Your anonymised IP address
  • Information about your Browser
  • Information about your Device
  • The date and time you have visited our website
  • The webpage url where you saved or updated your consent preferences
  • The approximate location of the user that saved their consent preference
  • A universally unique identifier (UUID) of the website visitor that clicked the cookie banner