Effective April 13, 2018
Privacy policy

1.1. This privacy policy (hereinafter, the "Policy") applies to:
1.1.1. this website www.socratus.io;
1.1.2. connected mobile applications (for instance, relevant iPhone, android and iPad apps);
1.1.3. Socratus Platform (the Platform is a set of services, technologies, and APIs, providing comfortable software engineered interactions for ecosystem participants and easy partners integration for white-label product distribution) and its instruments, whether used on the Socratus website or third-parties' websites;
1.1.4. related services; and
1.1.5. services based on website or Platform functionality (hereinafter, the "Website").
1.2. Processing of information means any operation or set of operations performed on information, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
1.3. By using this Website and submitting personal data, User to our website is agreeing to our use of such data as described in this Policy. We have created this Policy to govern our commitment to protecting the privacy of your information. However, should you have any further questions, please feel free to direct them to info@socratus.io.
1.4. This Policy is an integral part of Terms of Use in respect of Website.

2.1. Personal data is any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
2.2. We process personal data lawfully, fairly and in a transparent manner.
2.3. If the otherwise is not provided below, we will collect personal data from Users only if they voluntarily submit such information to it. If you are acting as an intermediary or otherwise on behalf of a third party or supply us with information regarding a third party, you undertake that you are an authorised representative or agent of such third party and that you have obtained all necessary consents from such third party to the collection, processing, use and disclosure by us of their personal data. You undertake to make the third party aware of all matters listed in this Policy, preferably by distributing a copy of this statement to them or by referring them to our Website.
2.4. We do not intend to collect sensitive information through the Website unless we are legally required to do so. Examples of sensitive information include race or ethnic origin; political opinions; religious or philosophical beliefs; and criminal records. If you choose to provide sensitive information through the Website for any reason, the act of doing so constitutes your explicit consent, where such consent is necessary and valid under your local law, for us to collect and use that information in the ways described in this Policy or as described at the point where you choose to disclose this information.
2.5. We can collect the following data and information (when you visit the Website, or use its products) sent to us by your computer, mobile phone, or other access device:
2.5.1. information you have provided to us, including the Website (including but not limited to personal data, such as your name, address, telephone number, email address details, date of birth, passport number, numbers that you may use or have registered with your local tax authority, or other data which can be used for personal identification purposes);
2.5.2. information provided by other companies who have obtained your permission to share information about you (including personal data);
2.5.3. information about your interaction with adverts and services such as registration, comments (non-personal identification information);
2.5.4. information we collect (or may collect) using cookies stored on your device about your Website use and/or selected third party websites use (non-personal identification information);
2.5.5. your IP address (a number identifying a specific network device on the Internet required for your device to communicate with Website);
2.5.6. e-mails or other messages send by Users within Website or Socratus Platform;
2.5.7. when you use a location-enabled device with the Website and products - information regarding location of the device when you access and use the Website. We may collect such geographical location data or use various means to determine the location, such as sensor data from your device that may, for instance, provide data on nearby cell towers and wi-fi access spots;
2.5.8. non-personal identification information - device information including, but not limited to, identifier, name, and type, operating system, other technical information about Users means of accessing the Website, mobile network information and standard web log information, such as browser type, and the pages accessed on the Website;
2.5.9. other profile data including but not limited to: personal pages, gender, age and mobile number.
2.6. We may request you to provide information that we, in our sole discretion, considers as required under applicable laws, regulations and (or) policies (which include but not limited to passports, driver's licenses, utility bills, photographs of you, government identification cards), and you should provide such information if you intend to continue use of the Website and (or) receiving new services or possibilities within the Website (i.e. in case further use of the Website or designed use of the Website is not possible in absence of such information).
2.7. Information is collected and processed through running the Website.
2.8. The personal data may be freely provided by the User, or, in case of usage data, collected automatically when using the Website. We may collect personal data in a variety of ways, including, but not limited to, when Users visit the Website, fill in a form, and in connection with other activities, services, features or resources available on the Website.
2.9. User is entitled to withdraw his or her consent in any time, however, in certain cases it may prevent them from participating or engaging in certain Website related activities. Such withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. Should you withdraw your consent on processing of your personal data, please contact info@socratus.io.
2.10. We also do not actively seek demographic information from you. However, you may choose to provide such information (including for example when becoming a Registered User).
2.11. By accepting this Policy, you agree to being contacted by us or by our associates or third parties (without that being considered to any breach of law or your privacy) with marketing communications regarding various offerings by way of e-mail or SMS or push-notifications (other forms of written communication), any of which you may unsubscribe from at any time by contacting us, as described below.
2.12. Before permitting you to use the Website and requesting for Tokens, we may require you to provide additional information (such as a date of birth, passport number, numbers that you may use or have registered with your local tax authority, or other data which can be used for personal identification purposes and that may be required to comply with applicable laws) so that we can verify your identity or address. We may also obtain information about you from third parties such as identity verification services.
2.13. Upon our request, you as a client or investor shall immediately provide to us information and documents that we, in its sole discretion, deem necessary or appropriate to conduct Know-Your-Client and Anti-Money-Laundry checks. Such documents may include, but are not limited to, passports, driver's licenses, utility bills, photographs of associated individuals, government identification cards or sworn statements. We may, in our sole discretion, refuse to distribute Tokens to buyer until such requested information is provided. If no information or data or documents are provided to us in specified time limits, we reserve the right to reject your payments of any nature (donations, payments, etc.).
2.14. It is our policy to collect only minimum information required to complete your request. If the Website seek non-mandatory personal information about you, you will be notified of this at the point of collection. If you believe a Website has collected excessive information about you, please contact us to raise any concerns.
2.15. Hereby you irrevocably declare:
2.15.1. that you have read, understood, found satisfactory and fully accepted this Policy;
2.15.2. that you confirm that your consent for processing of personal data is given freely and clearly;
2.15.3. that you consider Terms of Use in respect of the Website (including clauses related to Website) and risk warnings and risk disclosures provided in the Website in any form as an integral part of this Policy.
2.16. Please do not submit your personal data to us if you do not wish us to collect it.

3.1. If you choose to become a Registered User, as part of the registration process you will be asked to provide us with personal information through a registration form. Some of the information is required and, if you do not provide it, you will not be able to register and receive the benefits of being a Registered User. We have marked with an " * " those registration fields seeking information that you must provide in order to become a Registered User.
3.2. For as long as you are a Registered User, you are responsible for providing us with accurate information about you and for keeping that information up to date. You may update your information by editing your user profile in your account.

4.1. When you provide personal information to us, we may use it for any of the purposes described in this Policy, including:
4.1.1. to provide our services;
4.1.2. to improve our services;
4.1.3. to elaborate commercial version of our Website and of Socratus services;
4.1.4. to promote the Socratus services (if needed further);
4.1.5. for holding token-sale;
4.1.6. for contacting the User;
4.1.7. for interaction with external social networks and platforms;
4.1.8. for registration and authentication;
4.1.9. for handling payments;
4.1.10. for infrastructure monitoring;
4.1.11. for managing contacts and sending messages;
4.1.12. for analytics;
4.1.13. to protect the Website and Users;
4.1.14. for interaction with support and feedback platforms;
4.1.15. for User database management;
4.1.16. for communications with other Users;
4.1.17. for managing support and contact requests;
4.1.18. to run, maintain and operate the Website (including for provision of services);
4.1.19. to run promotion, contest, survey or other Website features;
4.1.20. to comply with applicable laws or by-laws;
4.1.21. to send Users information they agreed (or have requested) to receive about topics we consider as interesting for them;
4.1.22. to send Users a service-related announcement (these communications are not promotional in nature).
4.2. We do not sell, trade, or rent Users personal data to others.

5.1. The Website contains links to other sites. We are not responsible for the privacy policies and/or practices on other websites. You should exercise caution and read the respective privacy policy stated on that site when linking to another site. This Policy only governs information collected on the Website. We cannot be responsible for the protection and privacy of any information, which you provide whilst visiting such sites.

6.1. This Policy covers use of cookies by us and does not cover the use of cookies by any other third parties.
6.2. A cookie is a small software application which allows a website to recognise a previous user and to observe how a user navigates within a website. Cookies are now used as a standard by many websites to improve users' navigational experience. If you are concerned about cookies, most browsers permit individuals to decline cookies.
6.3. In most cases, you may refuse a cookie and still fully navigate the Website, however other functionality in the site may be impaired.
6.4. After termination of the visit to Website, you can always delete the cookie from your system if you wish.

7.1. Information will not be disclosed to third parties except as specified in this Policy, when we have your explicit consent where requesting such consent is permitted or except for the cases it is required for normal operation of the Platform (e.g. for providing you with insurance products or execution therefrom, supporting you in course of cooperating with particular insurance companies offering their products through the Platform, etc.). The Platform is a set of services, technologies, and APIs. It provides comfortable software engineered interactions for ecosystem participants and easy partners integration for white-label product distribution.
7.2. We may disclose User's personal data when we believe that such disclosure is necessary:
7.2.1. to conform to legal requirements or to respond to a subpoena, search warrant or other legal process received by us, whether or not a response is required by applicable law;
7.2.2. for legal purposes by us in court or in the stages leading to possible legal action arising from improper use of the Website or the related services;
7.2.3. to reveal personal data upon request of public authorities;
7.2.4. to protect our rights; or
7.2.5. to protect the safety of members of the public and Users of the service and (or) the Website.
7.3. We reserve the right to share your personal data (in the scope limited to the necessary to disclose) with:
7.3.1. our banking partners;
7.3.2. partners which have admitted to the Platform (including insurance companies offering insurance products through the Platform);
7.3.3. other Users – only for the purposes of normal Socratus services use or function (including for making ratings, etc) related to the commercial use of Socratus services or its partners which have admitted to the Platform;
7.3.4. third parties, including its own subsidiaries and affiliated companies, which we may engage from time to time to preserve, analyse or otherwise store or manipulate data received;
7.3.5. entities we plan to merge with or be acquired by (the newly combined entity shall follow these terms with respect to your personal data, and you would as well receive prior notice of any change in applicable policy);
7.3.6. third party identification services providers for fraud prevention purposes;
7.3.7. law enforcement, government officials, or other third parties when:
7.3.8. we are compelled to do so by a subpoena, court order, or similar legal procedure;
7.3.9. we believe in good faith that the disclosure of personal data is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of Terms of Use of Socratus Website Use; or
7.3.10. other third parties only with your prior consent or direction to do so.
7.4. We may share generic aggregated demographic information not linked to any personal data regarding Users with business partners, trusted affiliates and advertisers.

8.1. While we cannot guarantee that loss, misuse or alteration to data will not occur, we make every effort to prevent such occurrences.
8.2. We confirm that personal data request is adequate, relevant and limited to what is necessary for the purposes for which personal data will be processed. Your personal data will be processed only if the purposes of the processing could not be reasonably be fulfilled by other means.
8.3. Any other particularly sensitive information (such as credit card numbers collected for commercial transactions) is encrypted prior to transmission to us by User.
8.4. The data is kept for the time necessary to provide the services requested by the User, or stated by the purposes outlined in this document, and the User can always request us to suspend or remove the data.
8.5. We confirm that processing of personal data is carried out with appropriate technical and organisational measures, i.e. the data processing is carried out using computers and/or IT enabled tools, following organizational procedures and modes strictly related to the purposes indicated. We protect your information using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration.
8.6. In some cases, the data (including personal data of the Users) may be accessible to certain types of persons in charge, involved with the operation of the Website (administration, sales, marketing, legal, system administration) or external parties (such as third party technical service providers, mail carriers, hosting providers, IT-companies, communications agencies) appointed by us. The updated list of these parties may be requested from us at any time.

9.1. You are responsible for the security of the login information, such as usernames and passwords, which give you access to your private information maintained by us.
9.2. Make sure you keep login information in a safe place and do not share it with others.
9.3. Please note that key-loggers, viruses, or other surveillance devices can intercept login information on the computers from which you access the Website, so you should take precautions regarding such devices, especially from public computers.
9.4. You should always log out from any the Website when you are not actively using them.
9.5. Users are responsible for any third party personal data obtained, published or shared through the Website and confirm that they have the third party's consent to provide the personal data to us. Hereby you indemnify us against any losses and (or) damages which may occur in case of your default in having respective consent.
9.6. Please be aware that whenever you voluntarily post public information to public forums (such as journals, weblogs, message boards, classifieds), such information can be accessed by the public and be used to send you unsolicited communications.

10.1. We store and process your personal data on its servers in the European Union and elsewhere in the world, where its facilities or its service providers are located. The choice of the database in which the User's personal data will be stored depends on the requirements of the laws applicable to the received personal data.
10.2. The basic principle is that we keep your information on the servers located in the jurisdiction from which you provide or is considered to provide such personal data.
10.3. Information that is kept by us will be destroyed or permanently de-identified after a reasonable period from the time when it becomes outdated or is no longer required. We may however, retain copies of such information for internal record keeping purposes and for compliance with applicable law or professional standards.
10.4. By using this Website, you explicitly consent on trans-border transmission of such data (please see below for more details).

11.1. By submitting personal data on Website, you provide an explicit consent to trans-border transmission of such data collected on the Website for the fulfilment of his/her voluntary requests.
11.2. We ensure that your personal data will be stored or processed only within countries that provides an adequate protection of the rights of subject of personal data.
11.3. In the particular cases directly set out under applicable law, the trans-border transmission of personal data will be carried out only after the assessment of its safety by the relevant authority.

12.1. Access to User's personal data shall be limited to:
12.1.1. a subset of employees who work on compliance and identity verification matters (for the companies);
12.1.2. Users that are natural persons (for natural persons).

13.1. Users are entitled, at any time, to know whether their personal data has been stored and can consult with us to learn about their contents and origin, to verify their accuracy or to ask for them to be supplemented, cancelled, rectified, updated or erased; for restriction of processing of personal data concerning the User or to object for such processing; for lodging a complaint with a supervisory authority on the personal data processing; or for their transformation into anonymous format or to block any data held in violation of the law, as well as to oppose their treatment for any and all legitimate reasons.
13.2. Requests should be sent to us in accordance with the contact information provided.

14.1. The Website covered by this Policy is not intentionally designed for or directed at children, and we require all Users to be above the age of majority in their local country.
14.2. We adhere to laws regarding marketing to children. We never knowingly collect or maintain personal information about individuals under the age of 18.

15.1. We reserve the right to transfer personal data to a successor that has acquired such rights in result of sale or substantial sale of all of our assets to that successor.

16.1. We reserve the right to modify or amend this Policy at any time and for any reason. However, we are committed to maintaining the privacy rights of individuals.
16.2. In order to keep you informed, we will ensure that we notify Users of changes to our Privacy Policy by identifying the alteration for a period of not less than one week in our home page and identifying the effective date at the beginning of this statement. However, nothing contained in this Policy is intended to create a contract or agreement between us and any user visiting the website.
16.3. Further use of the Website (including by simply accessing and reviewing it) means that you accept and agree with any alterations made to this Policy.
16.4. You acknowledge and agree that it is your responsibility to review the Policy periodically and become aware of modifications.

17.1. If you have any questions or complaints about this Policy or the way your personal information is processed on the Website, or would like to exercise one of your rights set out above, please contact info@socratus.io.
17.2. You may also have the right to lodge a complaint with your local data protection regulator.