1. About this Privacy Notice
At Monnay, your privacy is not just a responsibility but a core value. This Privacy Notice outlines how we handle your personal information when you use our services. It explains:
• What data we collect: The type of information gathered when you create an account, transact, or interact with our platform.
• Why we collect it: To provide secure and seamless services while complying with regulatory standards.
• How we protect it: Through stringent security measures and transparency about your data rights.
We understand the sensitivity of your personal data in the context of cryptocurrency transactions. That’s why we align with global privacy standards, particularly the General Data Protection Regulation (GDPR) of the European Union, ensuring your information is safe and responsibly handled.
This document provides clarity on your rights as a user, how to contact us with privacy-related questions, and what steps we take to safeguard your trust. By using Monnay, you acknowledge your understanding of the principles laid out in this policy and agree to its terms.
For any questions regarding this notice or the management of your personal data, feel free to contact us via our website.

2. Applicability
This Privacy Notice applies to all individuals who interact with Monnay in any capacity, including but not limited to:
• Registered Users: Individuals who create an account on the Monnay platform to engage in cryptocurrency transactions, trading, or other services we provide.
• Visitors: Individuals who access our website or applications, regardless of whether they register or use our services.
• Business Partners: Entities or individuals collaborating with Monnay through partnerships or third-party integrations.
• Customer Support Requests: Anyone who contacts Monnay for inquiries, feedback, or assistance, whether or not they are registered users.
Regardless of the method or purpose of your interaction, this Privacy Notice governs how we process and protect your personal data during these engagements. We apply its provisions globally across all our services to ensure compliance with local and international privacy regulations.
By engaging with Monnay, you acknowledge that this Privacy Notice governs our use of your personal data, ensuring transparency, security, and compliance in all operations.

3. Minors
Are minors allowed to use Monnay’s services?
Monnay’s services are strictly intended for individuals aged 18 years or older. Minors are not permitted to create accounts, engage in transactions, or use any features of our platform.
We take this restriction seriously and employ measures to verify the age of our users. If we become aware that a minor has accessed our services in violation of this policy, we will take immediate steps to terminate the account and remove any associated data, in compliance with our privacy standards.
Parental Responsibility:
We strongly encourage parents or guardians to monitor their children’s online activities and prevent unauthorized access to platforms such as Monnay.
By using Monnay, you confirm that you meet the age requirement and understand the legal obligations associated with our services.

4. Controller
Who is responsible for managing your personal data?
The Controller of your personal data is MONNAY SERVICES SP. Z O.O, the entity operating the Monnay platform. As the Controller, we determine the purposes and means of processing your personal information, ensuring compliance with relevant laws, including the General Data Protection Regulation (GDPR) of the European Union.
Controller’s Details:
• Name: MONNAY SERVICES SP. Z O.O
• Registered Address: Głogowska Street, No. 82, Suite 22, 60-741 Poznań, Poland
• Contact Method: You can contact us through the contact form available on our platform.
We are committed to handling your data responsibly and securely while maintaining transparency about its use. This includes processing data for reasons such as:
• Providing our services effectively.
• Ensuring legal and regulatory compliance.
• Enhancing the user experience and platform functionality.
For questions or concerns about how your personal data is handled, please contact us through the information provided above.

5. Processing of Personal Data for Payment and Financial Services
How is your personal data handled when using Monnay’s payment and financial services?
When you use Monnay’s payment initiation and financial services, the processing of your personal data is essential for providing these services securely and efficiently. Here’s how we manage your data in this context:
1. Data Collected for Payment and Financial Services:
We may collect the following categories of personal data, depending on the specific service:
• Personal Identification Information: Name, address, email, phone number, and government-issued identification details.
• Payment Information: Bank account numbers, payment method details, and transaction history.
• Verification Data: Information provided for compliance with anti-money laundering (AML) and know-your-customer (KYC) regulations, such as identity documents and proof of address.
2. Purposes of Data Processing:
• To authenticate your identity and validate payment requests securely.
• To initiate and complete payment transactions as requested by you.
• To comply with applicable laws and regulatory requirements, including AML and KYC checks.
• To ensure fraud prevention and transaction security.
3. Legal Basis for Processing:
• Contractual Obligations: Your data is processed to fulfill the terms of our agreement with you, ensuring smooth operation of payment and financial services.
• Legal Compliance: We process data to meet statutory and regulatory requirements.
• Legitimate Interests: Ensuring the safety and security of your financial transactions on the Monnay platform.
4. Data Sharing:
Your personal data may be shared with third parties, such as:
• Financial institutions and payment processors to complete transactions.
• Regulators or law enforcement agencies, as required by law.
• Service providers who assist us in securely managing payment and financial operations.
5. Data Retention:
We retain your personal data related to payment and financial services only as long as necessary:
• To fulfill the service requirements.
• To comply with applicable legal obligations.
• To resolve disputes and enforce agreements.
We prioritize the security and confidentiality of your financial information. For further details, refer to our Security and Fraud Prevention Policy or contact us directly.

5. Processing of Personal Data for Payment Initiation and Financial Services
How does Monnay process your personal data when you use payment initiation or financial services?
Monnay is committed to safeguarding your personal data throughout the process of delivering secure and efficient payment initiation and financial services. Here’s what you need to know:

1. Types of Personal Data Collected:
• Identity Information: Such as your name, address, date of birth, email, phone number, and government-issued identification documents.
• Financial Details: Including your bank account numbers, transaction information, and payment methods.
• Verification Data: Collected to meet compliance requirements, including anti-money laundering (AML) and know-your-customer (KYC) protocols.

2. Purpose of Data Processing:
• To provide and fulfill payment initiation services as requested by you.
• To ensure compliance with legal and regulatory requirements (e.g., AML, KYC).
• To detect, prevent, and manage fraud, financial crime, and unauthorized activities.
• To improve transaction security and service efficiency.

3. Legal Basis for Processing:
We process your personal data based on:
• Contractual Necessity: To fulfill our obligations in delivering the payment and financial services you request.
• Legal Obligations: To adhere to applicable regulations and supervisory requirements.
• Legitimate Interests: To ensure a secure and functional payment environment.

4. Data Sharing with Third Parties:
We may share your data under strict conditions with:
• Financial Institutions and Payment Providers: To execute transactions.
• Regulatory Authorities or Law Enforcement Agencies: As mandated by law.
• Trusted Third-Party Vendors: For services such as fraud prevention and risk analysis, under data protection agreements.

5. Data Retention Policy:
Your data related to payment and financial services will be retained:
• As long as necessary to deliver services or as required by law.
• In accordance with statutory retention periods for financial records.
At Monnay, the confidentiality and protection of your personal data are top priorities. Our systems and practices are designed to ensure that your information is processed in a secure and compliant manner, tailored to meet the highest standards of privacy.

6. Purpose and Legal Basis for Processing personal Data

Why and on what legal grounds does Monnay process your personal data?
Monnay processes your personal data to provide seamless, secure, and compliant services while ensuring transparency in how your information is used.

1. Purposes for Processing Your Personal Data:
• Service Delivery:
To enable account creation, manage user profiles, and facilitate transactions on Monnay’s platform.
• Compliance Obligations:
To meet regulatory requirements, such as anti-money laundering (AML) and know-your-customer (KYC) checks.
• Fraud Prevention and Security:
To identify, detect, and prevent fraudulent activity or unauthorized access.
• Customer Support:
To provide assistance, answer inquiries, and resolve any issues related to our services.
• Marketing and Communication:
To keep you informed about updates, promotions, and services, subject to your consent.
• Service Improvement:
To analyze platform usage and optimize user experience through anonymized data insights.

7. Legal Bases for Processing Your Personal Data:
Monnay processes your data based on one or more of the following legal grounds:
• Contractual Necessity:
To fulfill our obligations under the agreement when you register or use our platform (e.g., processing your transactions).
• Legal Obligations:
To comply with legal and regulatory frameworks such as AML, taxation, and financial record-keeping laws.
• Legitimate Interests:
To maintain platform integrity, prevent misuse, and improve service efficiency without infringing your rights.
• Consent:
For activities such as sending marketing materials or processing optional personal data, which you can opt out of at any time.
Your Rights and Choices:
• You have the right to access, update, or delete your personal data.
• You may withdraw your consent for processing activities based on consent, without affecting the legality of data processed prior to withdrawal.
• You can object to processing based on legitimate interests where your privacy rights outweigh our purpose.
Monnay ensures your personal data is processed in line with the highest standards of security and transparency, maintaining your trust while adhering to applicable legal requirements.

8. Special Categories of Personal Data
Does Monnay handle sensitive personal data related to my transactions?
Monnay primarily processes data necessary for your identification, account operation, and compliance with financial regulations. While we do not intentionally collect sensitive personal data (as defined under global data protection laws), certain regulatory or operational processes may involve limited processing of such data.
1. What Sensitive Data Might Be Processed?
While Monnay does not directly request or focus on special categories of personal data, there are rare cases where:
• Verification Documents: Government-issued IDs or utility bills submitted for identity verification may include biometric details, photos, or inferred data about racial or ethnic origin.
• Enhanced Due Diligence (EDD): When required by anti-money laundering (AML) regulations, additional checks may uncover sensitive information.
2. Limited Purpose of Collection:
Processing of potentially sensitive data occurs strictly in the following contexts:
• To verify your identity and prevent fraud.
• To comply with Know Your Customer (KYC) and AML obligations mandated by law.
3. Protective Measures:
To ensure the safety of your personal data, including sensitive information, Monnay uses:
• End-to-End Encryption: Secures data at every stage of collection and storage.
• Access Restrictions: Data is accessible only by authorized personnel under strict compliance frameworks.
• Regulatory Safeguards: We align our practices with global data protection regulations and industry standards to prevent misuse or unauthorized access.
4. Your Rights:
• You may request clarification on the processing of any specific data.
• Monnay ensures transparency and will not process sensitive data beyond what is strictly necessary to provide secure and compliant services.
Monnay takes every measure to limit and safeguard the processing of sensitive personal information, keeping your privacy and compliance at the forefront of our operations.

9. Recipients of Personal Data
Who has access to my personal data?
Monnay values your privacy and takes appropriate measures to ensure that your personal data is not shared or disclosed to third parties without a legitimate reason or explicit consent. However, certain third parties may have access to your personal data when necessary for legal, regulatory, or operational purposes.
1. Internal and External Recipients
Your personal data may be shared with the following categories of recipients:
• Service Providers: We use trusted third-party service providers to perform essential services, such as customer support, technology infrastructure, cloud services, or payment processing. These service providers are required to comply with data protection regulations and only process your data based on Monnay’s instructions.
• Compliance and Legal Advisors: We may share your personal data with legal, tax, and regulatory advisors to comply with anti-money laundering (AML), Know Your Customer (KYC) regulations, or any other applicable laws.
• Regulatory Authorities and Law Enforcement: Monnay is obligated to cooperate with law enforcement, regulatory authorities, and government bodies, including those outside of Poland, to prevent fraud, money laundering, and terrorist financing. We may share your data with authorities in cases of suspected criminal activity or upon request for legal or regulatory compliance.
• Banks and Financial Institutions: In the course of processing transactions or fulfilling certain orders, your data may be shared with banks, payment providers, and cryptocurrency networks.
2. International Transfers of Data
As Monnay operates internationally and provides cross-border services, your personal data may be transferred to recipients in countries outside of your jurisdiction.
• European Economic Area (EEA): Data transfers within the EEA will always comply with EU data protection standards.
• Non-EEA Transfers: If your data is transferred to countries outside the European Union, Monnay ensures that such transfers are made in accordance with applicable privacy regulations, including the use of standard contractual clauses or adequacy decisions where required.
3. Data Sharing for Research and Marketing (Optional)
In certain cases, Monnay may engage with partners to offer educational materials, or additional features. You will be notified and asked for your consent for these purposes. You may choose not to participate at any time, and your refusal will have no impact on your ability to use our platform.
4. Disclosure of Anonymized Data
Monnay may also share anonymized data (non-personally identifiable data) with our partners or for analysis, research, or reporting purposes, but such data cannot be linked to you personally.
Monnay does not sell your personal data to any third parties. We are committed to ensuring that your data remains private and secure while allowing us to offer a seamless, compliant cryptocurrency exchange experience.

10. Data Security
How is my personal data protected?
At Monnay, we are committed to safeguarding your personal data and ensuring its confidentiality and integrity. We employ advanced security measures to protect your personal information from unauthorized access, disclosure, modification, or destruction.
1. Technical Measures
Monnay uses state-of-the-art encryption technologies to protect your personal data both in transit and at rest. This includes:
• Encryption Protocols: We apply strong SSL/TLS encryption for all data transmitted between our platform and users to ensure secure communications.
• Data Storage: Sensitive personal data, such as account credentials or payment details, are stored securely using industry-leading encryption methods.
2. Access Control
We maintain strict access control protocols to limit access to your data to only those employees and third parties who need it to provide our services. Access is granted on a need-to-know basis, and all personnel handling data undergo regular security training.
3. Authentication Mechanisms
Monnay offers various layers of protection to secure your account, such as:
• Two-Factor Authentication (2FA): We encourage users to enable 2FA to protect their accounts. This adds an additional layer of security by requiring both your password and a verification code from your mobile device.
• Password Hashing: We use strong cryptographic hashing techniques to securely store user passwords, ensuring that passwords cannot be decrypted even by our internal systems.
4. Continuous Monitoring and Audits
Our platform undergoes continuous monitoring for any suspicious activity, including attempts to access systems without authorization. Regular security audits and penetration tests are conducted by internal and external experts to identify vulnerabilities and improve our overall security posture.
5. Security Breach Response
While we take every measure to prevent a security breach, in the event of such an incident, Monnay will follow a strict response protocol:
• Prompt Notification: Users will be notified immediately if their personal data is involved in a breach.
• Investigation and Mitigation: We will work with relevant authorities and security experts to identify the cause and mitigate any risks to your data.
• Support: Monnay will provide assistance to affected users and guide them through remedial actions, such as updating security settings.
6. Security Measures for Cryptocurrency Transactions
As a crypto exchange platform, Monnay also implements specific security measures for the handling of digital assets. These measures include:
• Cold Storage: A large portion of cryptocurrency assets is stored offline in “cold wallets” to prevent unauthorized online access.
• Multi-signature Wallets: We use multi-signature technology to require multiple approvals for significant transactions, reducing the risk of fraud.
While no system is completely impervious to security threats, we are dedicated to using every possible safeguard to protect your personal and financial data. By doing so, we ensure that Monnay remains a secure and trustworthy platform for all your cryptocurrency exchange needs.

11. Updates of this Privacy Notice
How will I be informed about updates to this Privacy Notice?
Monnay is committed to maintaining transparency and ensuring that users are always informed about how their personal data is being processed. Therefore, we may update this Privacy Notice from time to time to reflect changes in our operations, legal requirements, or security practices. Any updates to this Privacy Notice will be communicated in the following ways:
1. Posting of Updated Privacy Notice
We will publish the updated Privacy Notice on our website, with an updated date of revision at the top. Any changes will become effective as of the date indicated in the revised notice.
2. Notification of Significant Changes
If significant changes to our privacy practices are made that impact how we process your personal data or affect your rights, we will notify you directly via email, in-app notifications, or a prominent notice on our website. This ensures you are aware of any updates that may require your attention.
3. User Responsibility
We recommend that you regularly review this Privacy Notice to stay informed about how we are safeguarding your personal data and making any changes to our data practices. By continuing to use Monnay’s services, you acknowledge and accept the updated terms of the Privacy Notice.
4. Retention of Previous Versions
To maintain transparency, previous versions of this Privacy Notice will be available on our website for your reference.
If you have any questions or concerns regarding the updates to this Privacy Notice, please do not hesitate to contact us using the contact details provided in Section 1.