Privacy Policy

Wunderbar – Privacy Policy

Last Updated November 2024

Welcome to Wunderbar!

Wunderbar provides users a revolutionary all-in-one crypto application that seamlessly integrates traditional finance with the world of crypto currencies. By using our platform, you agree to comply with and be bound by the following Privacy Policy. Please read them carefully!

Your privacy is important to us. At Wunderbar (referred to as “Wunderbar”, “we”, “our”, or “us”, encompassing any Wunderbar entity that interacts with you as a data controller and/ or operating entity), we treat all information collected by, or transmitted to us with care, in particular, personally identifiable information, and this Policy describes how, when, and why we collect such information. Personally identifiable information means any information that may be used, either alone or in combination with other information, to personally identify, contact or locate an individual. Any information that does not enable identification, location, or contacting of an individual, such as aggregated information, is anonymous Information, and Wunderbar may process anonymous information in any way it so considers without prior notice to you.

Wunderbar group is made up of different legal entities which are all trading under the brand Wunderbar. For users within the European Economic Area and Switzerland, Salus Alpha Financial Services (Europe) Ltd. located in Industriestrasse 56, FL-9491 Ruggell is your data controller and your operating entity for Fiat to Digital Assets and Digital Assets to Fiat and the Wunderbar Debit Card. For all other users and products Wonder N Services Ltd. located in Niue is your data controller and your operating entity. As a consequence not all products might be available to you. However you have the option to transfer your account to another operating entity within Wunderbar at any time.

1. Consent, Notification and Modification

Upon using the website, you authorize us to collect the personal information and to the extent necessary to manage your account and to improve services and information we send you. This information can be sent to any entity that contributes to the service provided to you such as those responsible for the execution of services and orders for their management, execution, processing and payment.

In addition, as a recipient of our service, you commit to provide appropriate notice of your privacy practices to, and obtain the necessary permissions and consent from, any third parties with whom you engage and/or whose personal information is collected, received, used, and/or disclosed by us.

The personal information is stored for security purposes, to meet legal and regulatory obligations. You have a right of access, rectification and opposition to your Personal Information. This also includes a right to unsubscribe from emails that will be sent to you from time to time.

2. Collection and Receipt of Information

We collect and receive Personal Information pertaining to users. This occurs due to the fact that, as part of the service, we may provide hosting services for some or all of the services, resulting in user-related personal information being routed to us from our production servers. We also collect and receive personal information relating to certain employees of our clients for the purposes of communication with us and the general provision of the service. The service may also use cookies and other tracking technologies to collect anonymous information. A cookie is a small text file that may be used, for example, to collect information about service activity and it may serve to recall Personal Information previously indicated by a user, such as his/her user ID and password for access to the services. For further information on cookies please we refer to our Cookie Policy.

3. Information We Collect

We collect the following categories of personal data:

Identity Information: First name, last name, date of birth, place of birth, gender, and citizenship.
Contact Information: Residential address, email address, and phone number.
Financial Information: Bank account details, wallet addresses, credit card information, source of funds, and asset details.
Verification Data: Passport, driver’s license, selfie photos/videos, government-issued identity cards, and login credentials
Trading Information: Account balances, trading history, and related inquiries.
PEP Information: Information on whether you or someone close to you holds a prominent public function.
Regulatory Compliance Data: Information required under anti-money laundering (AML) and know-your-customer (KYC) regulations.
Technical Information: Cookies, log data, device information, and location data (if permitted).

4. How we use your data

In order to deliver our services to you, make sure they run properly, validate your identity, and maintain the security of our services, we collect and process all kinds of personal data. These purposes include the following:

For registration process to

process your registration request;
on-board you as a customer;
provide our products and services;
manage and administer our services, including your account with us;
communicate with you regarding your account and our services, including providing information of our products and services;
send customized product and service offers

For KYC (Know Your Customer) to

execute regulatory checks and meet our obligations to our regulators;
assist us ensure that our customers are genuine and to prevent /detect fraud, money laundering and other crime (e.g. terrorist financing and offenses involving identity theft).

For Your Account to

manage and administer your account with us;
communicate with you regarding your account and our services.

For Use of Services to

manage and administer our services and systems;
trace your location or using a device consistent with our records in order to help prevent fraud;
develop and improve our services based on analyzing this information, the user’s behavior, and the technical capabilities of our users;
improve our services to better fit the behaviors and technical capabilities of our users;
answer any questions, issues or concerns;
observe customer communications for quality and training purposes.

Collected from Third Parties/Registration/Provide Services to

manage and administer our services and systems;
assist us preventing and detecting fraud.

Collected through using website to

create new services based on the information being collected, behaviors of our users, and technical capabilities of our users;
identify issues with the website, including website security, and user’s experience;
track how our website is used (including access locations, devices it is accessed from, understanding peak usage times, and analyzing what functionality and information is most and least accessed), where our customers have come from online (e.g. from links of other websites or advertising banners), and the way in which our website is used by different users groups;
perform statistical analysis and research with the purpose of better understanding the breakdown of our users, their use of our services, and what attracts our customers to our services

Collected from individuals (e.g. corporate customers & suppliers) to

provide services and products;
build relationships and B2B collaborations with other organizations;
provide advertising and marketing communications to these individuals;
improve our services and develop new services based on the preferences and behavior of these individuals;
obtain services for our business.

A network of computers, servers, other infrastructure and information technology, as well as third-party service providers, will support us in the storage and operation of your personal data. Your personal data is stored and processed by us, as well as by our third-party service providers and business partners, in the United States, Europe, Japan, Australia, and other countries. Courts, law enforcement and security agencies of these jurisdictions may be able to use legal processes to access your personal data.

5. Sharing

We do not sell, license, lease or otherwise disclose personal information to any third party for any reason, except as described above. When required by law, we reserve the right to disclose your personal information to regulatory, law enforcement, or other government agencies. We may also disclose your information as necessary to credit reporting or collection agencies, or when necessary to protect our rights or property in accordance with the applicable law.

As stated in the terms and conditions, we may enter into a related business to assist us in performing some internal tasks such account processing, fulfillment, client support, delivery, and safekeeping in order to better serve you. Use of the information shared is strictly limited to the performance of the task we request and for no other purpose. All third parties with whom we share personal information is required to protect personal information in a manner similar to the way we protect personal information and in accordance with the new EU data protection regulations (GDPR), if applicable.

6. Personal Data Transfers

Your personal information may be transferred to and stored in nations other than the one where it was first collected, such as the United Kingdom, Switzerland, and the nations outside of the European Economic Area (“EEA”). Those countries may not have the same data protection laws as the country in which you provided the data. When we transfer your personal data to other countries, we will protect the data as described in this Privacy Policy and comply with applicable legal requirements providing adequate protection for the transfer of data to countries outside the EEA, the United Kingdom and Switzerland.

We will only transfer your personal data if you are based in the United Kingdom, Switzerland, or the European Economic Area if:

the country to which the personal data will be transferred has been granted a European Commission adequacy decision; or
we have implemented appropriate safeguards in respect of the transfer, for example, we have entered into EU standard contractual clauses and required additional safeguards with the recipient, or the recipient is a party to binding corporate rules approved by an EU, UK or Swiss supervisory authority.

7. Retention

We keep your information for as long as it’s necessary for us to provide our services, meet our legal requirements, or protect the interests of others. While retention requirements vary by country, we maintain internal retention policies on the basis of how information needs to be used. This includes considerations such as when the information was collected or created, whether it is necessary in order to continue offering you our services, whether we are required to hold the information to comply with our legal obligations, including AML/KYC compliance or other financial regulatory obligations, or information preservation requirements. In order to protect the integrity, safety, and security of our services, users, and customers, we also retain certain information. Our third-party electronic identity verification providers collect and retain biometric information for the period required for financial regulatory compliance or otherwise as required by applicable law. They save this data for the period of time specified in their applicable notifications and policies. In line with these considerations, we delete information that is no longer needed for the above purposes when you close your account, or request deletion of your information.

8. Rights of Access, Correction, and Deletion

By accessing your account settings or sending us an email to [email protected], you can at any time view, amend, update, or remove your account or any personal information we may have collected. We commit to respond to your questions in a timely matter, but no later than the time range stipulated by law.

Notwithstanding the aforementioned, please be aware that there may be circumstances in which we are unable to comply with a request to amend, update, access, or remove personal information from an account profile. This consists of, but is not limited to:

any reason why the request might be rejected under applicable law
where the data must be retained on file in order to comply with local state, or federal law, or for accounting or tax purposes
where we are required by federal, state, or local authorities to abide by a subpoena, summons, investigation, or civil, criminal, or regulatory inquiry;

where we have to cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith believes may violate federal, state, or local law;
where information must be kept on file in order to pursue or defend legal claims;
where the data includes proprietary or legally protected information belonging to another party or where granting the request would jeopardize the privacy of others or their other legal rights

Considering the situation that we decide in any given case that we are not able to handle any requests, we will give you an explanation for our decision as well as a point of contact should you have any further questions. Prior to responding to any inquiry made in accordance with this clause, we will, in the interest of your privacy, take commercially reasonable steps to confirm your identity, including meeting any applicable legal requirements for identity verification.

9. Log Data

Our servers will automatically record information using cookies and other tracking technologies, including information that your browser sends whenever you visit Wunderbar or your mobile application sends when you’re using it. This log data may include your internet protocol address, the address of the web page you visited before coming to the platform, your browser type and settings, the date and time of your request, information about your browser configuration and plug-ins, language preferences, and cookie data. Such log data is not routinely deleted.

Additionally, we may also collect information about the device you use for the platform, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. The kind of device you’re using and its settings may determine whether we collect any or all of this data.

We may combine this information with other information that we have collected about you, including, where applicable, your name, user name, email address, and other personal information.

If you have provided permission through your mobile device to allow us to collect location information through a mobile application, we may obtain your physical location information in terms of latitude and longitude from technologies like GPS, Wi-Fi, or cell tower proximity.

Although we have no control over this procedure, you have the ability to withdraw your permission for us to obtain such physical location data from your mobile device through its settings. If you have any questions about how to disable your mobile device’s location services, please contact your mobile device service provider or manufacturer.

10. Linked Web Sites Privacy Policy

Purchasing a product or service offered by another company/individual at any time, any personal information you share with it will no longer be controlled under our privacy policy. We are not responsible for the privacy policies or the content of sites we link to and we have no control of the use or protection of information provided by you or collected by those sites. If you choose to link to a website that is co-branded or linked, you may be required to provide registration or other information. Please note that the information you are providing is going to a third party, and you should become acquainted with the privacy policy published by that third party. In case that you choose to obtain part or all of your stored private information from our data base, please contact: [email protected].

11. Personal Data Disclosure

We may disclose certain personal data to our business partners who provide us with services such as cloud services/servers, insurance, analytics, research, and other services or work with us to deliver our services to users. We are giving third parties the minimal amount of personal data required to provide the necessary service.

We will only provide users’ personal data in order to provide users services, as well as to improve these services, related communications. Such information will not be provided to third parties for their marketing purposes.

Your personal data may be disclosed by us in response to legal requirements, judicial orders, court proceedings, public demands, or requests from government agencies inside or outside of your home country. We may also disclose your personal data if we determine that such disclosure is necessary or appropriate for national security, law enforcement or other socially important reasons.

In addition, we might disclose your personal data if we think it’s required to enforce Wunderbar T&C or protect our operations and our users.

12. Security

We take appropriate precautions to protect personal information from loss, theft, misuse, unauthorized access or disclosure, alteration, or destruction. This is done by using physical, electronic, and procedural safeguards to protect personal information and we do not store personal information for longer than necessary to provide the service or as permitted by law. Though we implement measures to reduce the risks of damage, loss and unauthorized access to Personal Information, they do not provide absolute information security.

Therefore, it is not guaranteed, and one cannot reasonably expect, that the service will be completely immune from any unauthorized interceptions or access.

13. Changes to this Privacy Policy

We reserve the right, in our discretion and subject to the applicable law, to amend this Privacy Policy at any time. Any amendment shall be effective within 15 days following the posting of the changed policy on our website, and your continued use of the service shall constitute consent to the terms and provisions of the amended policy.

14. Children’s Privacy

Anyone under the age of eighteen is not permitted to use our services or websites. We will remove any Personal Information that a child under the age of 18 may have given us from our systems.

15. Contact Us

Any questions, complaints, comments and requests regarding Cookies are welcome and should be addressed to [email protected].