Privacy Policy

1. INTRODUCTION

ACX Solutions International PTE LTD. and its affiliates (“ACX,” “we,” or “us”) provide crypto-specialized services (“Services”) to the crypto industry from private and public companies to governmental institutions (“Business Customers”). You may interact with us as a representative of a Business Customer or vendor, as a visitor to the websites from which you are accessing this Privacy Notice (the “Sites”), or simply as someone interested in our Services. This Privacy Notice explains how we collect, use, and disclose information that identifies you as an individual or relates to you as an identifiable individual (“Personal Information”).
‍
This Privacy Notice applies when we process Personal Information as a controller.
‍
This Privacy Notice does not apply to Personal Information we process on behalf of our Business Customers about their own clients, customers or end users (“End-User”). In those cases, we act only as a service provider and process Personal Information strictly in accordance with our Business Customer’s instructions and our contractual obligations. If you are an End-User, the relevant Business Customer is responsible for your Personal Information. Please refer to that organization’s privacy policy for details about how your information is handled. If you have questions or wish to exercise rights, you should contact the relevant Business Customer directly.

2. COLLECTION AND PROCESSING OF PERSONAL INFORMATION

2.1 How we collect Personal Information

We collect Personal Information in different situations as part of running our business. The table below explains this in more detail.
‍
In some cases, we need certain Personal Information to provide our Services. For example, if you would like to receive event invitations, we need your email address. If you choose not to provide required information, we may not be able to fulfill your request. We will indicate when information is required at the time we collect it.
‍
If you share Personal Information with us about someone else (for example, a colleague), you confirm that you are authorized to do so and that you allow us to use that information in accordance with this Privacy Notice.

2.2 Processing of Personal Information

We use Personal Information for the purposes described in the overview below. Where the law requires your consent, we will obtain it before processing your Personal Information. In all cases, we rely on the legal bases identified in the table below.

(i) Business Customers and vendors

If you are (a representative of) our Business Customer or vendor, we will process your Personal Information for our business purposes as described below.

Purpose	Personal Information	Legal Basis
Providing Services to Business Customers We process your Personal Information to deliver our Services to you or your employer. This includes managing our relationship, administering contracts, providing customer service, responding to inquiries, communicating about Services, completing transactions, verifying information, invoicing, and processing payments.	Personal Information that may be included: Name Contact details Company you are associated with Job title or function Company financial information	The performance of our contract with the Business Customer, including steps taken to prepare such contract.
Obtaining your goods or services If you are a vendor, supplier, or a member of their staff, we use your Personal Information to manage existing contracts or enter into new ones.	Personal Information used for this purpose includes: Name Contact details Company you are associated with Payment details Financial information on invoices	The performance of our contract with the vendor or supplier, including steps taken to prepare such contract.

(ii) Website visitors

When you visit our Sites, we automatically collect certain information, including information that is not Personal Information, such as log information, IP address, approximate location, and other information collected through e.g., your browser or device, cookies, pixel tags and other similar technologies.

(iii) Marketing

We may process your Personal Information, including marketing data (e.g., your preferences for receiving our marketing communications and details about your engagement with them) and visitor & event information (such as dietary restrictions, travel, and accommodation details, issued identification pass to access the premises, and other details specific to a particular event or conference that you share with us), for promotional purposes. This includes providing you with our newsletter and/or other marketing materials and allowing you and inviting you to participate in our events.

We rely on our legitimate interests to send these communications. Where required by applicable law, we will ask for your prior “opt-in” consent before processing your Personal Information for marketing purposes.
‍
You may opt out of marketing communications from us anytime if you no longer want to receive them by clicking the “Unsubscribe” link in our emails or by contacting us as noted in the “Contacting Us” section below.

(iv) Anonymization

When we don’t need to be able to identify you, whether directly or indirectly, for our purposes, we will aggregate and/or anonymize your Personal Information so it can no longer be linked to you. Once anonymized, it is no longer considered Personal Information. We rely on our legitimate interests to anonymize your information, such as the interest to generate other data for our use.

(v) General business purposes, security, and legal compliance

We also process your Personal Information to operate and improve our business. For example, we use it for:

the development of new products and services;
enhancing, improving, repairing, maintaining, or modifying our current products and Services, as well as undertaking quality and safety assurance measures;
identifying usage trends or operating and expanding our Services, e.g., understanding which parts of our Services are of most interest to Business Customers or prospects; and
data analysis to improve the efficiency of our Services and Site.

We rely on our legitimate interests as described above to process your Personal Information for these purposes.
We will also process your Personal Information for the following purposes:

Purpose	Personal Information	Legal Basis
Providing customer service We will process your Personal Information when you contact us with requests for support, complaints or questions. This includes when you contact us through the contact form on our Site.	We collect Personal Information as needed to process your request, complaint or question. · First and last name · Email · Phone number Content of your message	We rely on our legitimate interest to respond to questions or complaints. If you request a specific service from us, we will rely on the performance of the contract to process Personal Information needed to provide you with such service. If you submit a request on the basis of a law (such as an access request based on your rights under applicable data protection law), we will process your Personal Information as needed to comply with our legal obligation to respond and process your request.
Legal and compliance We have certain general legal and compliance obligations to process your Personal Information. This includes (1) complying with applicable laws; complying with legal processes; responding to requests from public and government authorities; meeting national security or law enforcement requirements. (2) enforcing our agreement including terms and conditions, protecting our operations; protecting our rights, privacy, or property; and allowing us to pursue available legal remedies, defend claims and limit the damages that we may sustain.	We use the Personal Information as relevant for the specific legal action, regulatory investigation, and/or legal processes in question.	We rely on our relevant legal obligations to process the relevant Personal Information. We rely on our legitimate interest, such as enforcing terms and conditions and bringing or defending legal claims.
Communicating important changes / Service messages In certain situations, we may need to contact you directly to communicate administrative information with you. This may include important information regarding our relationship with you, our Services, any changes to our terms, conditions, policies and procedures, and/or other administrative information.	We use your first and last name and at least one contact method to contact you. Depending on the content of the communications, we may also process other Personal Information related to you for this purpose.	We rely on our legitimate interest, such as to ensure our Services are used in accordance with our terms, conditions, and policies. We rely on the performance of contract, where the communication relates to your use of our Services. In certain instances, we may also have a legal obligation to inform you of material changes to our agreement or Privacy Notice (e.g., in case of mergers, acquisitions and other reorganizations and restructurings of our business).
Fraud prevention and security We may use your Personal Information if this comes up in the context of: security purposes, including system security and on-site security of our premises (Note that where we have CCTV cameras installed, this will be made visible through an appropriate sign); monitoring for and preventing fraud; and audits to verify that our internal processes function as intended and are compliant with legal, regulatory and contractual obligations.	Depending on the specific purpose, this may include any Personal Information that we have collected about you.	We rely on our legitimate interests and legal obligations, such as identifying and/or preventing fraudulent transactions, to conduct audits and to detect and prevent cyberattacks.
Emergency and incident response In exceptional circumstances, we may need to process your Personal Information to respond to an incident or emergency. This may include purposes such as: ensuring the safety of on-site personnel and visitors; responding to, handling and documenting on-site accidents and medical and other emergencies; actively monitoring properties to ensure adequate incident prevention, response and documentation (including CCTV); requesting assistance from emergency services; and sending notifications and alerts in the event of incidents or emergencies (such as via SMS, email, call, audio-visual device prompts, etc.).	We use Personal Information as necessary and relevant for the specific purpose and context.	We have a legal obligation to adequately address emergencies and incidents. In certain instances, processing Personal Information may also be necessary to protect an individual’s vital interests (such as when we need to contact medical or emergency services).

2.3 Disclosure of Personal Information

We do not sell your Personal Information to third parties. We disclose your Personal Information to service providers under contract and confidentiality agreement who help us operate our business.

We also disclose Personal Information to our affiliates for the purposes described in this Privacy Notice (e.g., if you are a supplier and also deliver services to our affiliates).

In rare circumstances, we will also disclose your Personal Information as necessary or appropriate, in particular when we have a legal obligation or legitimate interest to do so:

to public and/or government and/or regulatory authorities, including courts, tribunals, regulators, tax authorities and other government authorities;
to third persons (legal or natural), as relevant for the specific legal action and/or processes in question (such as lawyers, auditors, insurers, advisory firms, etc.); and/or
to third parties in the event of any reorganization, merger, sale, joint venture, assignment, transfer, or other disposition of all or any portion of our business, assets, or stock (including in connection with any bankruptcy or similar proceedings). You will be notified of any such business transaction and of any material changes to the processing of your Personal Information in accordance with applicable law and the ‘Updates To This Privacy Notice’ section.

3. SECURITY

We use reasonable technical, organizational, and administrative safeguards to protect Personal Information. While we follow industry standards, no system can guarantee complete security. If you believe your information is no longer secure, please contact us immediately by referencing the “Contacting Us” section below.

4. INDIVIDUALS’ RIGHTS

Depending on applicable law, you may have rights regarding your Personal Information. These may include the right to access, correct, update, suppress, restrict, delete, or object to our processing of your Personal Information, to withdraw consent, or request a machine-readable copy of your data for transfer to another organization. Your withdrawal of consent does not affect the lawfulness of our use of your Personal Information before you withdrew your consent.

To exercise these rights, please contact us as described below in the “Contacting Us” section below. We will respond to your request in accordance with applicable law, and may charge a reasonable fee where permitted by law.

In your request, please make clear what Personal Information you would like to have changed or whether you would like to have your Personal Information suppressed from our database. For your protection, we may need to verify your identity before implementing your request. For example, we will only implement requests with respect to the Personal Information associated with the particular email address that you use to send us your request. We will try to comply with your request as soon as reasonably practicable.

Please note that we may need to retain certain information for recordkeeping purposes, to complete any operations that began prior to requesting a change or deletion, and/or where we have a legal obligation or legitimate business need to retain such information in accordance with applicable law. In such cases, we will inform you of the reasons for retention.

5. RETENTION PERIOD

We keep Personal Information only as long as necessary for the purposes outlined in this Privacy Notice, unless a longer retention period is required or permitted by law, e.g. for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

We determine retention periods based on factors such as:

the length of time we have an ongoing relationship with you (e.g., for as long as you are a Business Customer);
whether there is a legal obligation to which we are subject (e.g., certain laws require us to keep records of your transactions for a certain period of time before we can delete them); or
whether retention is advisable in light of our legal position (e.g., in regard to applicable statutes of limitations, litigation or regulatory investigations).

Where a legal obligation arises or retention is advisable in light of our legal position, in some circumstances, we will retain certain Personal Information, even when we no longer have an ongoing business relationship with you, e.g.:

to cooperate with law enforcement or public, regulatory and government authorities: If we receive a preservation order or search warrant related to your account, we will preserve Personal Information subject to such order or warrant even after you delete your Services account.
to pursue or defend a legal action: We may retain relevant Personal Information in the event of a legal claim or complaint, including regulatory investigations or legal proceedings about a claim related to your Personal Information, or if we reasonably believe there is a prospect of litigation (whether in respect of our relationship with you or otherwise) for up to 5 years after the dispute has been settled or decided by a court or tribunal from which there is no further right of appeal.

6. THIRD-PARTY SERVICES

This Privacy Notice does not apply to third-party websites or services that we link to. We are not responsible for their privacy practices and our including a link does not imply endorsement of the linked site or service by us or by our affiliates. We encourage you to review their privacy policies (which will be different from our Privacy Notice) before providing information or interacting with them.

In addition, we are not responsible for the information collection, use, disclosure, or security policies or practices of other organizations, such as Business Customers, Meta, Apple, Google, Microsoft, BlackBerry Limited, or any other app developer, app provider, social media platform provider, operating system provider, wireless service provider, or device manufacturer.

7. USE OF SERVICES BY MINORS

Our business operations and Services are not directed to individuals under the age of eighteen (18), and we do not knowingly collect Personal Information from anyone under that age.

8. JURISDICTION AND CROSS-BORDER TRANSFER

Your Personal Information may be transferred to, stored and processed in countries outside of your place of residence, including countries that may not provide the same level of data protection. Where required, we implement appropriate safeguards and transfer mechanisms, such as standard contractual clauses, to protect your Personal Information.

9. SENSITIVE INFORMATION

Please do not send us (on or through the Site or otherwise) any sensitive Personal Information (such as government ID numbers, health information, or information related to race, ethnic origin, political opinions, religion or other beliefs, health, biometrics or genetic characteristics, criminal background, or trade union membership) unless we specifically request it.

10. UPDATES TO THIS PRIVACY NOTICE

The “Last Updated” legend at the top of this Privacy Notice indicates when this Privacy Notice was last revised. Any changes will become effective when we post the revised Privacy Notice on the website.

11. CONTACTING US

ACX Solutions International PTE LTD. (Singapore UEN 202105793D), located at 160 Robinson Road #14-04 Singapore 068914, is generally responsible for the Personal Information processed under this Privacy Notice.

Where processing is based on a legal obligation, each affiliate is responsible for the processing of Personal Information necessary to comply with its own legal obligation.

Where processing is based on a contract, the affiliate with whom you have entered into the contract is responsible for the processing of Personal Information necessary to perform the contract (or take steps in preparation thereof).

If you have any questions about this Privacy Notice, please contact us at info@acxcompliance.com.

Please note that email is not always secure. Do not include credit card numbers, NRIC numbers, social security numbers, or other sensitive information in emails to us.