Last updated: January 2022
X-Margin Inc. ("Company" "We" "Us" or "X-Margin") respects your privacy and personal information and is committed to protecting it through our compliance with this ("Privacy Policy"). This Privacy Policy describes the types of information we may collect from you or that you may provide when you visit and use the website https://trade.xmargin.io (the "Site"), X-Margin software application(s), application program interface(s) and related services (referred to collectively hereinafter as "Services") and our practices for collecting, using, maintaining, protecting, and disclosing that information. Capitalized terms which are not defined herein, shall have the meaning ascribed to them in our User Agreement, available here.
This Privacy Policy also applies to information we collect:
Please read this Privacy Policy carefully. If you have any questions about this Policy, please submit your request via to to support@xmargin.io. Please note that this is a master privacy policy and some of its provisions only apply to individuals in certain jurisdictions. For example, the legal basis in the table below is only relevant for GDPR-protected individuals.
By accessing and using our Services, you signify acceptance to the terms of this Privacy Policy. If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use of our Services.
We may modify this Privacy Policy from time to time which will be indicated by changing the date at the top of this page. If we make any material changes, we will notify you by email (sent to the email address specified in your account), through a notice on our Site or Services, or as otherwise required by law. You are responsible for ensuring we have an up-to-date active and deliverable email address for you, and for periodically visiting the Site and this Privacy Policy to check for any changes.
Your continued use of the Services after we make changes is deemed to be acceptance of those changes, so please check the policy periodically for updates.
We collect several types of information from and about users of our Services, including information:
We collect this information:
Personal information is typically data that identifies an individual or relates to an identifiable individual. This includes information you provide to us, information which is collected about you automatically, and information we obtain from third parties. The definition of personal information depends on the applicable law based on your physical location. Only the definition that applies to your physical location will apply to you under this Privacy Policy.
Information you provide to us
To establish an account and access our Services, we'll ask you to submit certain identifying information about yourself. As we add new features and Services, you may be asked to provide additional information. Please note that we may not be able to serve you as effectively or offer you our Services if you choose not to share certain information with us. Any information you provide to us that is not required is voluntary.
We may collect the following types of information from you:
Please note that when you input your financial account information, such as digital asset wallet information, in order to calculate Risk Metrics, such input data is not seen or stored by us. Our calculators operate through a privacy-preserving system, and we only have access to the Risk Metrics displayed on the platform.
Information we collect from you automatically
As you navigate through and interact with our Site and use the Services, we may use automatic data collection technologies to collect certain information. This information helps us address customer support issues, improve the performance of our Site and applications, provide you with a streamlined and personalized experience, and protect your account from fraud by detecting unauthorized access. Information collected automatically includes:
For example, we may automatically receive and record the following information on our server logs:
We may also use identifiers to recognize you when you access our Site via an external link, such as a link appearing on a third party site.
Information collected from third parties
From time to time, we may obtain information about you from third party sources as required or permitted by applicable law. These sources may include analytics providers to provide us with de-identified information about how you found our Site and how you interact with the Site and Services. We do not combine the information collected through the use of analytics providers with personally identifiable information.
Anonymization is a data processing technique that modifies personal information so that it cannot be associated with a specific individual. Except for this section, none of the other provisions of this Privacy Policy applies to anonymized or aggregated customer data (i.e. information about our customers that we combine into an aggregate group so that it no longer identifies or references an individual customer).
The Risk Metric calculation outputs X-Margin produces from the financial data you provide fall under this category. The types of data we may anonymize or collect in the aggregate include account balance, directional exposure metrics, aggregate position metrics, and other financial data made available to the system from API keys provided by you. We may use anonymized or aggregate customer data for any business purpose, including for risk analysis and to perform and improve our products and services.
Our primary purpose in collecting personal information is to provide the Services. We generally use personal information for risk analysis and to perform our Services.
We may use this information in the following ways:
X-Margin will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission. We may request your permission to allow us to share your personal information with third parties. You may opt out of having your personal information shared with third parties, or allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. If you choose to so limit the use of your personal information, certain features or the entirety of our Services may not be available to you.
Legal Bases for Processing your Information
For individuals who are located in the European Economic Area, the United Kingdom or Switzerland (collectively "EEA Residents") at the time their personal data is collected, we rely on legal bases for processing your information under Article 6 of the EU General Data Protection Regulation ( "GDPR"). We generally only process your data where we are legally required to, where processing is necessary to perform any contracts we entered with you (or to take steps at your request prior to entering into a contract with you), for our legitimate interests to operate our business or to protect X-Margin's or your, property, rights, or safety, or where we have obtained your consent to do so. Below is a list of the purposes described in our policy with the corresponding legal bases for processing.
Section & Purpose of Processing | Legal Bases for Processing |
---|---|
To enforce our terms in our user agreement and other agreements To provide our Services To provide Service communications To provide customer service To ensure quality control | Based on our contract with you or to take steps at your request prior to entering into a contract. |
For research and development purposes To enhance your experience To facilitate corporate acquisitions, mergers, or transactions To engage in direct marketing activities | Based on our legitimate interests. When we process your personal data for our legitimate interests, we always ensure that we consider and balance any potential impact on you and your rights under data protection laws. |
To maintain legal and regulatory compliance To detect and prevent fraud and/or funds loss To ensure network and information security | Based on our legal obligations, the public interest, or in your vital interests. |
To enhance your experience To engage in third party marketing activities For any purpose | Based on your consent. |
Marketing
Direct Marketing: Direct marketing includes any communications to you that are only based on promoting our products and services. We will only contact you by electronic means (email or SMS) based on our legitimate interests, as permitted by applicable law, or your consent. To the extent we can rely on legitimate interest under the applicable law, we will only send you information about our Services that are similar to those which were the subject of a previous sale or negotiations of a sale to you. If you are a new customer, we will contact you by electronic means for marketing purposes only if you have consented to such communication. If you do not want us to send you marketing communications, please go to your account settings to opt-out or contact us at support@xmargin.io. You may raise such objection concerning initial or further processing for purposes of direct marketing, at any time and free of charge.
Third Party Marketing: We will obtain your express consent before we share your personal information with any third parties for marketing purposes.
We take care to allow your personal information to be accessed only by those who require access to perform their tasks and duties, and to share only with third parties who have a legitimate purpose for accessing it. We will never sell or rent your personal information to third parties without your explicit consent. We will only share your information in the following circumstances:
The Site and Services may enable you to interact with or contain links to third party websites, mobile software applications and services that are not owned or controlled by us. We are not responsible for the privacy practices or the content of such third party services. Please be aware that third party services may collect personal information from you. Accordingly, we encourage you to read the terms and conditions and privacy policy of each third party service that you choose to use or interact with. We encourage you to learn about the privacy practices of those third parties. A connection you authorize or enable between your X-Margin account and a non-X-Margin account, payment instrument, or platform is considered an "account connection
Examples of account connections include:
Information that we share with a third party based on an account connection will be used and disclosed under the third party's privacy practices.
We maintain appropriate physical, technical and administrative safeguards to protect the security and confidentiality of the personal information you entrust to us.
We may store and process all or part of your personal and transactional information, including certain payment information, such as your encrypted bank account and/or routing numbers, in the US and elsewhere in the world where our facilities or our service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.
For example, we use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfill their job responsibilities.
However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.
Furthermore, we cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us using the contact information provided in this Privacy Policy.
We store your personal information securely throughout the life of your Account. We will only retain your personal information for as long as necessary to fulfill the purposes for which we collected it, including to satisfy any legal, accounting, or reporting obligations or to resolve disputes. While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal information are described below.
As a reminder, when you input your financial account information, such as digital asset wallet information, in order to calculate Risk Metrics, such data inputs are not seen or stored by us. Our calculators operate through a privacy-preserving system.
Our Services are not intended for children under 13 years of age. No one under age 13 may provide any personal information to or on the Site. We do not knowingly collect personal information from children under 13. If you are under 13, do not use or provide any information on this Site. If we learn we have collected or received personal information from a child under 13 without verification of parental consent, we will delete that information. If you believe we might have any information from or about a child under 13, please contact us at support@xmargin.io
X-Margin may transfer, store, and process your information in data centers around the world, where X-Margin facilities or service providers are located or in other countries. Appropriate safeguards will be implemented, such as standard data protection clauses, with data recipients or processors approved by competent authorities. By communicating electronically with X-Margin, you acknowledge and agree to your personal information being processed in this way.
Depending on the applicable law where you reside, you may be able to assert certain rights related to your personal information identified below. If any of the rights listed below are not provided under law for your operating entity or jurisdiction, X-Margin has absolute discretion in providing you with those rights.
Your rights to personal information are not absolute. Depending upon the applicable law, access may be denied: (a) when denial of access is required or authorized by law; (b) when granting access would have a negative impact on another's privacy; (c) to protect our rights and properties; (d) where the request is frivolous or vexatious, or for other reasons.
How to make a privacy request or lodge a complaint:
You can make privacy rights requests or lodge complaints relating to your personal information by logging into your account or contacting us at support@xmargin.io. When we receive an individual rights request via other intake methods, we may take steps to verify your identity before complying with the request to protect your privacy and security.
If you reside in the EU, you can file a complaint with the International Centre for Dispute Resolution by phone at +1.212.484.4181, or by visiting the website http://info.adr.org/safeharbor, or your relevant data protection authority.
In Ireland, the relevant data protection authority is the Data Protection Commission, Canal House, Station Road, Portarlington, R32 AP23 Co. Laois; phone: +353 (0761) 104 800; LoCall: 1890 25 22 31; Fax: +353 57 868 4757; email: info@dataprotection.ie
In addition to the rights provided for above, if you are a California resident, you have the right to request information from us regarding whether we share certain categories of your personal information with third parties for the third parties' direct marketing purposes. To the extent we share your personal information in this way, you may receive the following information:
Effective January 1, 2020, pursuant to the California Consumer Privacy Act of 2018 ("CCPA"), California residents have certain rights in relation to their personal information, subject to limited exceptions. Any terms defined in the CCPA have the same meaning when used in this California Privacy Rights section.
Should we engage in any of the activities listed in this section, your ability to exercise these rights will be made available to you in your account settings. You can exercise your rights by going to your account settings or contacting us at support@xmargin.io so that we may consider your request.
If you are a California resident, you may designate an authorized agent to make a request to access or a request to delete on your behalf. We will respond to your authorized agent's request if they submit proof that they are registered with the California Secretary of State to be able to act on your behalf, or submit evidence you have provided them with power of attorney according to California Probate Code section 4000 to 4465. We may deny requests from authorized agents who do not submit proof that they have been authorized by you to act on their behalf, or are unable to verify their identity.
To ask questions or comment about this Privacy Policy and our privacy practices, contact us at: