Updated: 12 Dec 2024

Privacy Policy

Welcome to Hexis Crypto’s Privacy Policy. Please read this document carefully to understand how we handle your personal information.

1. Introduction

Hexis Capital Limited (trading as "Hexis Crypto") ("we," "our," or "the Company") is committed to protecting your privacy. Based in New Zealand, we provide digital currency trading services. This Privacy Policy explains how we collect, use, store, and share your personal data in accordance with the New Zealand Privacy Act 2020 and other applicable laws.

2. Personal Data We Collect

The majority of the personal information we collect is obtained during the Know Your Customer (KYC) process, conducted by our trusted partner Sum and Substance. Depending on your interactions with us, we may collect and process the following types of personal information:

• Identity Information: Full name, date of birth, nationality, ID or passport number, and other verification documents.
• Contact Information: Email address, phone number, and physical address.
• Financial Information: Bank account details and source of funds.
• Transaction Information: Records of transactions conducted through our services.
• Technical Information: IP address, device type, and access logs.
• KYC Information: Photographs, selfies, biometric data required for identity verification, and purpose of transactions.
• Professional Information: Employment details or profession, if applicable.
• Other Data: Information provided during dispute resolution or in the course of delivering our services.

3. Purpose of Data Collection

We process your personal data for the following purposes:

• To provide and manage our services.
• To verify your identity and comply with legal obligations under anti-money laundering (AML) and countering the financing of terrorism (CFT) laws.
• To process transactions and manage your account.
• To improve our services based on user feedback and analytics.
• To ensure security and prevent fraud or other unlawful activities.
• To comply with applicable legal, regulatory, or contractual obligations.

4. Sharing Your Personal Data

We may disclose your personal data with the following entities, where necessary and appropriate:

• Service Providers: Third parties who assist us with compliance, banking services, IT infrastructure, customer support, and fraud prevention.
• Government and Regulatory Authorities: When required to comply with legal obligations, respond to lawful requests, or cooperate with investigations.
• Business Partners: Such as identity verification and credit reporting providers, including Sumsub (KYC/AML services) and Equifax (credit and document verification).
• Auditors and Professional Advisors: Including legal, financial, and compliance consultants who help us meet regulatory standards and uphold our operational integrity.
• Other Third Parties: As part of corporate transactions, such as mergers, acquisitions, or asset sales, where your data may be transferred as part of the business assets.

When transferring personal data internationally, we ensure appropriate safeguards are in place as required by law.

5. Data Collection Methods

We collect your personal data through the following means:

• KYC processes.
• Direct communications (emails, phone calls, messages).
• Publicly available information.

Note: We do not use cookies or browser tracking tools.

6. Data Security

We implement strict security measures to protect your personal data from unauthorized access, alteration, disclosure, or destruction. These include:

• Organizational Measures: Staff training, access controls, and confidentiality agreements.
• Technical Measures: Encryption, pseudonymization, and regular security audits.
• Incident Management: Established procedures for detecting and responding to data breaches, including notification of affected individuals and regulators where required.

7. Your Rights

Under the New Zealand Privacy Act 2020, you have the right to:

• Access your personal data.
• Request correction of inaccurate or incomplete data.
• Request deletion of personal data when no legal basis for retention exists.
• Object to or restrict the processing of your data.
• Withdraw consent for data processing where applicable.

To exercise these rights, please contact us at privacy@hexiscrypto.com. Proof of identity may be required before processing your request.

For further information or complaints, contact the Office of the Privacy Commissioner:

• Website: www.privacy.org.nz
• Email: investigations@privacy.org.nz

8. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes outlined in this Privacy Policy or to comply with legal and regulatory requirements.

9. Updates to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We encourage you to review this policy regularly.

10. Contact Us

For questions or concerns about this policy, please contact us:

• Email: privacy@hexiscrypto.com