2. Who are we?
The Platform is made available by DRB Panama Inc., a corporation incorporated under the laws of Panama, registered at the (Mercantile) Record No 155684990 on 11 September 2019, Panama City, Republic of Panama. DRB is the controller for the processing of your personal data.
You can contact us via the email addresses provided on the ‘Contact Us’ page on our Website.
3. Which types of personal data do we process?
During your use of our Website and the Platform, we may process the following personal data of you:
a. Personal data you provide when creating an Account, which includes:
· Email address;
· Login details (username and password);
· Country of residence;
· Security details (two-factor authentication token seed, app passcode).
b. Personal information we require to verify your identity and comply with “Know Your Customer” and anti-money laundering regulations, which information depends on the degree of the identity check to be performed. If you register a personal Account, we may require you to provide the following information in this respect:
· Bank account information, such as a bank account statement;
· A copy/image of your passport, driver’s license or ID card;
· Residency verification information (e.g. utility bill).
If you register an Account on behalf of a registered entity (corporate Account), we require the following personal data to verify your Account:
· Your full name;
· The statutory name and any deviating trade names of the entity;
· The company address registered with Chamber of Commerce;
· A valid business incorporation document (from the Chamber of Commerce and/or Financial Services Commission);
· URL of government website containing your company details that verifies the authenticity of the registration;
· A Certificate of incorporation;
· Memorandum and Articles of Association (containing the structure and rules of the company);
· Sources of funding;
· Register of shareholders/partners/members (complete list of names, addresses and number of shares of every current shareholder);
· Ownership structure chart showing the percentages of each shareholder, the ultimate beneficial owner(s) and the countries of residence/incorporation;
· List of full names and ownership percentages of shareholders who own 25% or more of the shares in the company;
· ID and a recent proof of residential address of all shareholders who own 25% or more of the shares in the company;
· List of full names, date of birth, address details of all directors;
· ID and a recent proof of residential address of all directors;
· List of individuals who are allowed to trade on the Platform;
· ID and a recent proof of residential address of all individuals who will trade on the platform of Deribit.
c. In order to facilitate your trading of Products on our Platform, we require the following information:
· The address of your wallet from which you deposit/withdraw Cryptocurrency into/from your Account;
· Your orders, trades, positions and balances.
d. Information related to communication between you and us:
· Email address; and
· Details of your request and/or complaint and other information you provide us with in the course of the communication session.
e. Information you provide us with when you visit our Website and use our Platform:
· Login records;
· A unique token of your browser session;
· IP address;
· Information about your device, browser, operating system, and network system;
· Viewing time and online behaviour on the Platform.
4. For which purposes do we process your personal data?
We may use your personal data to:
· Create and administer your Account;
· Give you access to our Platform and to provide our services;
· Verify your identity and to comply with applicable laws and regulations in that respect;
· Cooperate with requests of law enforcement agencies;
· Process your trades;
· Analyse your use of our Website and Platform;
· Provide you customer support;
· Send you updates, newsletters, surveys or promotions;
· Contact you about other aspects of our services.
We will not process your personal data for other purposes.
5. Which legal grounds apply to our processing of personal data?
We are entitled to process your personal data pursuant to different legal grounds. The following table contains an overview of the legal grounds we invoke to process specific personal data:
Creating your account
Performance of a contract
Verifying your (company’s) identity (KYC/CDD)
Compliance with a legal obligation
Marketing activities (promotional communication)
Consent (which you can revoke at any time)
Performance of a contract
Communication details to handle enquiries
Performance of a contract
Browsing information or sharing with law enforcement
Our legitimate interests
6. How long do we retain your personal data?
We will not retain your personal data longer than necessary for the purposes for which we have obtained such data. In principle we may retain your personal data up to a maximum of three (3) years upon the ending of our business relationship.
We will not delete your personal data if we are required to retain such data to comply with any statutory obligation. In particular, we reserve our rights to retain the information to verify your identity for a period of at least five (5) years. In addition, we may retain personal data that are necessary for the purposes of legal proceedings, complaints and disputes for as long as this is necessary to protect our legitimate interests.
7. Who has access to your personal data?
Our authorised personnel shall have access to your personal data on a need-to-know basis. These persons have undergone background screening before they were employed and are required to treat the information as highly confidential.
In addition, we may engage third party service providers to provide ancillary services. If and to the extent such parties will come into the possession of your personal data, such parties will act as our data processor. These are, for example, cloud service providers and suppliers of certain software solutions. We will enter into a data processing agreement with these parties, which shall include arrangements on data security to protect your personal data against data breaches. Such data processors will only process your personal data to the extent required for the provision of services for which they are engaged.
We may also share personal data with affiliates who referred you to our Website, and partners for promotions or co-branded service integrations.
We may provide your personal data to competent authorities upon their request to the extent legally required or to the extent necessary to defend our rights in legal proceedings or investigations.
8. Will your personal data be transferred to countries outside the European Economic Area?
Our third party service providers may be located in countries outside the European Economic Area (EEA), which may not offer an adequate level of protection of personal data. In order to protect your personal data and to live up with our obligations, we shall enter into a data transfer agreement on the basis of the Standard Contractual Clauses as approved by the European Commission prior to engaging service providers outside the EEA.
9. Is your personal data secure?
We process your personal data with the greatest possible care and scrutiny. This means we will adopt appropriate technical and organisational measures to ensure that all the information is correct, current and complete and to prevent it from being accessed by unauthorised persons inside and outside our organisation. We use ‘best practices’ to secure your personal data. For instance, your personal data is encrypted with Secure Sockets Layered (SSL) technology and our directories and databases are password protected.
10. What are your rights in respect of my personal data?
You are entitled to ask us if we are processing your personal data. You may at any time, with reasonable intervals, exercise your right of access to your personal data. Upon your inspection, you may request us to rectify or erase any (inaccurate) information or have us restrict or terminate the processing of your personal data. However, we reserve our right to deny such a request to restrict or terminate the processing of your personal data if we have a legitimate interest to continue the processing of your personal data, in particular if we require the information in (possible) legal proceedings.
You are entitled to request us to transfer (certain of) your personal data to you or to another party.
We use the following cookies:
· Functional cookies to enable your use of our Website and Platform, and clear gifs in our emails so that we can check the receipt of our emails;
12. How can I file a complaint?
If you have any questions concerning the manner in which we process your personal data, or you wish to invoke any of your statutory rights, you may contact us via the email address provided on the “Contact Us” page on our Website.