Privacy Policy & Terms of Use

01/01/2019

1. Recitals

TOKENESTATE SA, a Swiss Limited Company (“Société anonyme”), registered in Neuchâtel, Switzerland, under CHE-258.642.458 (“Tokenestate”, “we”, “us,our and “Controller) respects and protects the privacy of visitors to our websites and our customers who use our services. To ensure transparency, this Privacy Policy describes our information handling practices when you access content we own or operate on any websites, pages, features, or content we own or operate (“Site(s)“) and/or when you use our web application or our mobile applications (“Webapp(s)“), our application programming interfaces (“API”) or third party applications and related services (“Third Party Service(s)“).

Service(s)” means any of Site(s), API, Webapp(s) or Third Party Service(s).

As part of our commitment to protect your personal data in a transparent manner, we want to inform you, according to the Swiss Federal Act on Data Protection (“FADP”), its Ordinances (“Loi fédérale sur la protection des données (LPD) et ses Ordonances”) and the European Union General Data Protection Regulation 2016/679 (“GDPR”):

why and how Tokenestate collects, uses and stores your personal data;

the lawful basis on which your personal data is processed; and

what your rights and our obligations are in relation to such processing

2. Acceptance of our Privacy Policy

By accessing and using our Sites, API, Services, you signify acceptance to the terms of this Privacy Policy. Where we require your consent to process your personal information, we will ask for your consent to the collection, use, and disclosure of your personal information.

If you are located in, or a resident of a country with stronger Data Protection requirements than Switzerland and the European Union, you specifically and voluntarily consent to the transfer of your personal information to our related entity and service providers in any location, for the specific purposes of performing identity verification or checking, to enable us to prevent fraud and comply with our legal obligations. The FADP/GDPR may not have protections in place for personal data as extensive as those within your country. However, we require our service providers to treat your personal information in strict confidence and use appropriate security measures to protect it. We also require them to uphold all of our other obligations under this Privacy Policy. You may revoke your consent at any time with the subject line “Revoke YOUR_COUNTRY_OF_RESIDENCE data consent” (for instance: “Revoke Singapore data consent”) by writing using the details in section 13 of this notice.

We reserve the right to modify this Privacy Policy at any time, and when required by law. Any change will be reflected immediately on Sites and you will be notified by e-mail. You are committed to review often the Sites and this Privacy Policy.

If you do not agree with or you are not comfortable with any aspect of this Privacy Policy, you should immediately discontinue access or use our Sites, API, Services.

3. Personal Data We Collect

3.1. From Cookies

When consulting our Sites, cookies are placed on your computer, mobile or tablet. A cookie is a piece of data stored on your hard drive by the server for the site or mobile application that you are visiting. It contains the following data:

The name of the server that has placed it there

An identifier, in the form of a unique number

An expiration date (some cookies only)

Cookies are managed by the web browser on your computer (Internet Explorer, Firefox, Safari or Google Chrome).

Different types of cookies which have different purposes are used:

Essential cookies: These cookies are essential to allow you to browse our websites and use their functionalities. Without them, services such as shopping baskets and electronic invoicing would not be able to work.

Performance cookies: These cookies collect information on the use of our websites, such as which pages are consulted most often. These data enable us to optimise our websites and simplify browsing. These cookies do not collect any information which could be used to identify you. All the information collected is aggregated, and therefore anonymous.

Functionality cookies: These cookies enable our websites to remember the choices you have made when browsing. For example, we can store your geographical location in a cookie so that the website corresponding to your area is shown. We can also remember your preferences, such as the text size, font and other customisable aspects of the site. The cookies may also be able to keep track of the products or videos consulted to avoid repetition. The information collected by these cookies cannot be used to identify you and cannot monitor your browsing activity on sites which do not belong to Tokenestate.

Accepting or refusing cookies: We must remind you that reconfiguration is liable to alter the conditions under which you access any of our services which require the use of cookies. Most browsers allow you to manage your preferred cookies. You can set your browser to refuse or delete certain cookies. As a rule, you can also manage similar technologies in the same way, using your preferred browsers. The following links show you how to set the cookies, depending on the browser used:

Internet Explorer

Firefox

Google Chrome

Safari

3.2. From our Services

Depending on the Services, we collect:

personal details such as your name, identification number, date of birth, KYC/AML documents (national identity card or passport, utility bill, payslips, etc.), phone number, physical and electronic address, and family details such as the name of your spouse, partner, or children;

username, password, settings and preferences;

financial information, including payment and transaction records and information relating to your assets (including fixed properties), financial statements, liabilities, taxes, revenues, earnings and investments (including your investment objectives);

tax domicile and other tax-related documents and information;

where applicable, professional information about you, such as your job title and work experience;

your knowledge of and experience in investment matters;

details of our interactions with you and the products and services you use;

any records of emails/writen exchanges/phone calls between you and us;

where applicable, details of your nomination of a mandate;

identifiers we assign to you, such as your client or account number, including for accounting purposes;

when you access our Sites, data transmitted by your browser and automatically recorded by our server, including date and time of the access, name of the accessed file as well as the transmitted data volume and the performance of the access, your Operating System, web browser, browser language and requesting domain, and IP address.

We may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, KCY/AML partners, resellers and channel partners, joint marketing partners, and social media platforms. In the case we obtain any additional information, we will be notified by email.

4. How your Personal Data is used

We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission.

4.1. To maintain legal and regulatory compliance

Some of our core Services are subject to laws and regulations requiring us to collect and use your personal identification information, formal identification information, financial information, transaction information, employment information, online identifiers, and/or usage data in certain ways. Tokenestate complies and not only to:

the Swiss Federal Act on Data Protection (FADP) and its Ordinances (“Loi fédérale sur la protection des données (LPD) et ses Ordonances”)

the European Union General Data Protection Regulation 2016/679 (GDPR)

the Swiss Federal Act on Combating Money Laundering and Terrorist Financing (Anti-Money Laundering Act, AMLA) and its Ordinances (“Loi fédérale concernant la lutte contre le blanchiment d’argent et le financement du terrorisme (LBA) et ses Ordonances”)

the Swiss Financial Market Supervisory Authority (FINMA) Ordinance on Combating Money Laundering and Terrorist Financing (“Ordonnance de l’Autorité fédérale de surveillance des marchés financiers sur la lutte contre le blanchiment d’argent et le financement du terrorisme dans le secteur financier (OBA-FINMA)”)

the Swiss Code of Obligations (“Code suisse des Obligations (CO)”)

4.2. To enforce our terms in our user agreement and other agreements

We handle very sensitive information, such as your identification and financial data, so it is very important for us and our customers that we are actively monitoring, investigating, preventing and mitigating any potentially prohibited or illegal activities, enforcing our agreements with third parties, and/or violations of our posted user agreement or agreement for other Services. In addition, we may need to collect fees based on your use of our Services. We collect information about your account usage and closely monitor your interactions with our Services. We may use any of your personal information collected on our Services for these purposes. The consequences of not processing your personal information for such purposes is the termination of your account as we cannot perform our Services in accordance with our terms.

4.3. To provide Tokenestate’s Services

We cannot provide you with Services without such information.

4.4. To provide Service communications

We send administrative or account-related information to you to keep you updated about our news, Services, inform you of relevant security issues or updates, or provide other transaction-related information. Without such communications, you may not be aware of important developments relating to your account that may affect how you can use our Services.

4.5. To provide customer service

We process your personal information when you contact us to resolve any questions, disputes, collect fees, or to troubleshoot problems. We may process your information in response to another customer’s request, as relevant. Without processing your personal information for such purposes, we cannot respond to your requests and ensure your uninterrupted use of the Services.

4.6. To ensure quality control

We process your personal information for quality control and staff training to make sure we continue to provide you with accurate information. If we do not process personal information for quality control purposes, you may experience issues on the Services such as inaccurate transaction records or other interruptions. Our basis for such processing is based on the necessity of performing our contractual obligations with you.

4.7. To ensure network and information security

We process your personal information in order to enhance security, monitor and verify identity or service access, combat spam or other malware or security risks and to comply with applicable security laws and regulations. The threat landscape on the internet is constantly evolving, which makes it more important than ever that we have accurate and up-to-date information about your use of our Services. Without processing your personal information, we may not be able to ensure the security of our Services.

4.8. For research and development purposes

We process your personal information to better understand the way you use and interact with Tokenestate’s Services. In addition, we use such information to customise, measure, and improve Tokenestate’s Services and the content and layout of our website and applications, and to develop new services. Without such processing, we cannot ensure your continued enjoyment of our Services. Our basis for such processing is based on legitimate interest.

4.9. To enhance your website experience

We process your personal information to provide a personalised experience, and implement the preferences you request. For example, you may choose to provide us with access to certain personal information stored by third parties. Without such processing, we may not be able to ensure your continued enjoyment of part or all of our Services.

4.10. To facilitate corporate acquisitions, mergers, or transactions

We may process any information regarding your account and use of our Services as is necessary in the context of corporate acquisitions, mergers, or other corporate transactions. You have the option of closing your account if you do not wish to have your personal information processed for such purposes.

4.11. To engage in marketing activities

Based on your communication preferences, we may send you marketing communications to inform you about our events or our partner events; to deliver targeted marketing; and to provide you with promotional offers based on your communication preferences. We use information about your usage of our Services and your contact information to provide marketing communications. You can opt-out of our marketing communications at any time.

5. Personal Data Disclosure & Sharing

5.1. Tokenestate’s Staff

Our staff use and process usually personal data in order to ensure a consistently high service standard, to provide services and products to you.

5.2. Third Parties

When providing products and services to you, we will share personal data with persons acting on our behalf or otherwise involved in the transaction (depending on the type of product or service you receive from us).

5.3. Service providers

In some instances, we also share personal data with our suppliers and other business partners who provide services to us, such as IT and hosting providers, marketing providers, communication services and printing providers, debt collection, tracing, debt recovery, fraud prevention, and credit reference agencies, KYC/AML, and others. When we do so we take steps to ensure they meet our data security standards, so that your personal data remains secure.

5.4. Public or regulatory authorities

If required from time to time, we disclose personal data to public authorities, regulators or governmental bodies, including when required by law or regulation, under a code of practice or conduct, or when these authorities or bodies require us to do so.

5.5. Others

If our business is sold to another organisation or if it is re-organised, personal data will be shared so that you can continue to receive products and services. We will usually also share personal data with prospective purchasers when we consider selling or transferring part or all of a business. We take steps to ensure such potential purchasers keep the data secure.

We may need to disclose personal data to exercise or protect legal rights, including ours and those of our employees or other stakeholders, or in response to requests from individuals or their representatives who seek to protect their legal rights or such rights of others.

6. Location & Transfer of Personal Data

We use Swiss datacenters in order to enforce security and compliance. Due to technical requirements, data may be located outside Switzerland. In those cases, except where the relevant country has been determined by the Swiss Federal Data Protection and Information Commissioner and the European Commission to provide an adequate level of protection, Tokenestate requires such recipients to comply with appropriate measures designed to protect personal data contained within a binding legal agreement. A copy of these measures can be obtained by contacting by writing Tokenestate using the details in section 13 of this notice. If and to the extent required by applicable law, we implement the necessary legal, operational and technical measure and/or enter into an agreement with you before such transfers.

7. Processors

As Controller of your Personal Data, we work with Processors in order to provide high quality of the Services. All our Processors are GDPR compliant and agreements have been setup between them and us in order to define exactly which Personal Data are shared and which legal requirements should be applied.

8. Retention of Personal Data

We will only retain personal data for as long as necessary to fulfil the purpose for which it was collected or to comply with legal, regulatory or internal policy requirements. To help us do this, we apply criteria to determine the appropriate periods for retaining your personal data depending on its purpose, such as proper account maintenance, facilitating client relationship management, and responding to legal claims or regulatory requests.

9. Children

We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, Tokenestate will require the user to close his or her account and will not allow the user to continue using any Service. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.

10. Security

Tokenestate ensures with the maximum of abilities the protection of your data against lost, unauthorized manipulation, access or modification. We use internal rules with our staff and partners and use software, hardware, IT providers and datacenters which provide maximum security.

Our Services use strong cryptographic standards such as HTTPS protocol.

We follow the evolving of the technology and the Art in order to continuously offer the best quality, security and protection of our Services. We continuously assess and change our internal procedures accordingly with our staff, partners and providers.

11. Liabilities

Although the security of your data is protected with our best effort, you agree that Tokenestate should not, in any case, be held responsible for any lost, damages, unauthorized manipulation, access or modification in case of events beyond our control, such as and not limited to:

Any electronic attack (not exhaustive): DDoS, Penetration, Brute-Force, Stolen Key.

Malicious attack (not exhaustive): Fishing by email/writing/call, MITM, Fake News.

Unsafe behaviour (not exhaustive): weak or disclosed user/password, Stolen user/password, Stolen Key.

Illegal Activities (not exhaustive): Fake ID, Stolen ID, physical break-in.

Any hardware or software malfunction.

Communications with unsecure means (not exhaustive): email, phone, SMS, Fax.

Force Majeure:

act of God (such as, but not limited to, fires, explosions, earthquakes, drought, tidal waves and floods);

any other natural disaster of overwhelming proportions;

act of war (whether declared or not), hostilities, invasion, act of foreign enemies, terrorism or civil disorder, rebellion, revolution, insurrection, or military or usurped power, or civil war;

contamination by radio-activity from any nuclear fuel, or from any nuclear waste from the combustion of nuclear fuel, radio-active toxic explosive, or other hazardous properties of any explosive nuclear assembly or nuclear component of such assembly;

pressure waves from devices travelling at supersonic speeds or damage caused by any aircraft or similar device;

riot, commotion, strikes, go slows, lock outs or disorder;

acts or threats of terrorism;

discontinuation of electricity or water supply;

other unforeseeable circumstances beyond the control of the Parties against which it would have been unreasonable for the affected party to take precautions and which the affected party cannot avoid even by using its best efforts

12. Yours Rights

You have a right to ask Tokenestate to rectify inaccurate personal data we collect and process and the right to request restriction of your personal data pending such a request being considered. Where we process your personal data on the basis of your consent, you have the right to withdraw that consent at any time. Please also note that the withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal. You have a right to ask us to stop processing your personal data, or to request deletion of your personal data – these rights are not absolute (as sometimes there may be overriding interests that require the processing to continue, for example), but we will consider your request and respond to you with the outcome. When personal data are processed for direct marketing purposes, your right to object extends to direct marketing, including profiling to the extent it is related to such marketing. You may object to direct marketing by clicking the “unsubscribe” link in any of our emails to you, or by contacting us by writing at the address set out in section 13. Where we process your personal data on the basis of your consent, or where such processing is necessary for entering into or performing our obligations under a contract with you, you may have the right under applicable data protection laws to request your personal data be transferred to you or to another controller. You have the right to ask Tokenestate for a copy of some or all of the personal data we collect and process about you. In certain circumstances Tokenestate may process your personal data through automated decision-making, including profiling. Where this takes place, you will be informed of such automated decision-making that uses your personal data, be given information on the logic involved, and be informed of the possible consequences of such processing. In certain circumstances, you can request not to be subject to automated decision-making, including profiling. You can exercise the rights by contacting us by writing using the details in section 13 of this notice.

Right to withdraw consent. You have the right to withdraw your consent to the processing of your personal information collected on the basis of your consent at any time. Your withdrawal will not affect the lawfulness of Tokenestate’s processing based on consent before your withdrawal.

Right of access to and rectification of your personal information. You have a right to request that we provide you a copy of your personal information held by us. This information will be provided without undue delay subject to some fee associated with gathering of the information (as permitted by law), unless such provision adversely affects the rights and freedoms of others. You may also request us to rectify or update any of your personal information held by Tokenestate that is inaccurate. Your right to access and rectification shall only be limited where the burden or expense of providing access would be disproportionate to the risks to your privacy in the case in question, or where the rights of persons other than you would be violated.

Right to erasure. You have the right to request erasure of your personal information that: (i) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (ii) was collected in relation to processing that you previously consented, but later withdraw such consent; or (iii) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. If we have made your personal information public and are obliged to erase the personal information, we will, taking account of available technology and the cost of implementation, take reasonable steps, including technical measures, to inform other parties that are processing your personal information that you have requested the erasure of any links to, or copy or replication of your personal information. The above is subject to limitations by relevant data protection laws.

Right to data portability. If we process your personal information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another “controller”, where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of your personal information.

Right to restriction of or processing. You have the right to restrict or object to us processing your personal information where one of the following applies:

You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.

The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.

We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defence of legal claims.

You have objected to processing, pending the verification whether the legitimate grounds of Coinbase’s processing override your rights.

Restricted personal information shall only be processed with your consent or for the establishment, exercise or defence of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if the restriction is lifted.

Notification of erasure, rectification and restriction. We will communicate any rectification or erasure of your personal information or restriction of processing to each recipient to whom your personal information has been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request this information.

Right to object to processing. Where the processing of your personal information is based on consent, contract or legitimate interests you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law. We can continue to process your personal information if it is necessary for the defence of legal claims, or for any other exceptions permitted by applicable law.

Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws.

Right to lodge a complaint. If you believe that we have infringed your rights, we encourage you to contact us by writing using the details in section 13 of this notice so that we can try to resolve the issue or dispute informally.

You can also complain about our processing of your personal information to:

In Switzerland: to any criminal prosecution authority and moreover notice the Swiss Federal Data Protection and Information Commissioner (section 14 of this notice)

In the European Union: the relevant data protection authority (list in section 14 of this notice)

13. Contact

General information requests may be addressed by e-mail to our Data Protection Officer: dpo@tokenestate.io

We will answer within 3 working days.

Any request regarding your Personal Data should be made by writing with a proof of your identity to:

TOKENESTATE SA

Data Protection Office

Rue de la Place d’Armes 3

CH-2000 Neuchâtel

Switzerland

Be aware that communicating by e-mail/SMS/phone/FAX do not ensure confidentiality, integrity and authenticity. We will not answer to any request which will be considered unsafe or not ensuring your identity authenticity.

14. Relevant Authorities

Switzerland

Office of the Federal Data Protection and Information Commissioner FDPIC

Feldeggweg 1

CH – 3003 Berne

Austria

Österreichische Datenschutzbehörde

Wickenburggasse 8

1080 Wien

Tel. +43 1 52152 2550

email: dsb@dsb.gv.at

Website: http://www.dsb.gv.at/

Belgium

Autorité de la protection des données (APD-GBA)

Rue de la Presse 35

1000 Bruxelles

Tel. +32 2 274 48 00

Fax +32 2 274 48 35

email: contact@apd-gba.be

Website: https://www.autoriteprotectiondonnees.be/

Member: Mr Willem Debeuckelaere, President

Bulgaria

Commission for Personal Data Protection

2, Prof. Tsvetan Lazarov blvd.

Sofia 1592

Tel. + 359 2 915 3580

Fax +359 2 915 3525

email: kzld@cpdp.bg

Website: https://www.cpdp.bg/

Croatia

Croatian Personal Data Protection Agency

Martićeva 14

10000 Zagreb

Tel. +385 1 4609 000

Fax +385 1 4609 099

email: azop@azop.hr

Website: http://www.azop.hr/

Cyprus

Commissioner for Personal Data Protection

1 Iasonos Street,

1082 Nicosia

P.O. Box 23378, CY-1682 Nicosia

Tel. +357 22 818 456

Fax +357 22 304 565

email: commissioner@dataprotection.gov.cy

Website: http://www.dataprotection.gov.cy/

Czech Republic

Office for Personal Data Protection

Pplk. Sochora 27

170 00 Prague 7

Tel. +420 234 665 111

Fax +420 234 665 444

email: posta@uoou.cz

Website: http://www.uoou.cz/

Denmark

Datatilsynet

Borgergade 28, 5

Tel. +45 33 1932 00

Fax +45 33 19 32 18

email: dt@datatilsynet.dk

Website: http://www.datatilsynet.dk/

Estonia

Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon)

Väike-Ameerika 19

10129 Tallinn

Tel. +372 6274 135

email: info@aki.ee

Website: http://www.aki.ee/

European Data Protection Supervisor

Rue Wiertz 60

1047 Bruxelles/Brussel

Office: Rue Montoyer 30, 6th floor

Tel. +32 2 283 19 00

Fax +32 2 283 19 50

email: edps@edps.europa.eu

Website: http://www.edps.europa.eu/EDPSWEB/

Finland

Office of the Data Protection Ombudsman

P.O. Box 800

FIN-00521 Helsinki

Tel. +358 29 56 66700

Fax +358 29 56 66735

email: tietosuoja@om.fi

Website: http://www.tietosuoja.fi/en/

France

Commission Nationale de l’Informatique et des Libertés – CNIL

3 Place de Fontenoy

TSA 80715 – 75334 Paris, Cedex 07

Tel. +33 1 53 73 22 22

Fax +33 1 53 73 22 00

email:

Website: http://www.cnil.fr/

Germany

Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit

Husarenstraße 30

53117 Bonn

Tel. +49 228 997799 0; +49 228 81995 0

Fax +49 228 997799 550; +49 228 81995 550

email: poststelle@bfdi.bund.de

Website: http://www.bfdi.bund.de/

Greece

Hellenic Data Protection Authority

Kifisias Av. 1-3, PC 11523

Ampelokipi Athens

Tel. +30 210 6475 600

Fax +30 210 6475 628

email: contact@dpa.gr

Website: http://www.dpa.gr/

Hungary

Hungarian National Authority for Data Protection and Freedom of Information

Szilágyi Erzsébet fasor 22/C

H-1125 Budapest

Tel. +36 1 3911 400

email: peterfalvi.attila@naih.hu

Website: http://www.naih.hu/

Ireland

Data Protection Commission

21 Fitzwilliam Square

Dublin 2

D02 RD28

Ireland

Tel. +353 76 110 4800

email: info@dataprotection.ie

Website: http://www.dataprotection.ie/

Italy

Garante per la protezione dei dati personali

Piazza di Monte Citorio, 121

00186 Roma

Tel. +39 06 69677 1

Fax +39 06 69677 3785

email: garante@garanteprivacy.it

Website: http://www.garanteprivacy.it/

Latvia

Data State Inspectorate

Blaumana str. 11/13-15

1011 Riga

Tel. +371 6722 3131

Fax +371 6722 3556

email: info@dvi.gov.lv

Website: http://www.dvi.gov.lv/

Lithuania

State Data Protection Inspectorate

A. Juozapaviciaus str. 6

LT-09310 Vilnius

Tel. + 370 5 279 14 45

Fax +370 5 261 94 94

email: ada@ada.lt

Website: http://www.ada.lt/

Luxembourg

Commission Nationale pour la Protection des Données

1, avenue du Rock’n’Roll

L-4361 Esch-sur-Alzette

Tel. +352 2610 60 1

Fax +352 2610 60 29

email: info@cnpd.lu

Website: http://www.cnpd.lu/

Malta

Office of the Information and Data Protection Commissioner

Second Floor, Airways House

High Street, Sliema SLM 1549

Tel. +356 2328 7100

Fax +356 2328 7198

email: idpc.info@idpc.org.mt

Website: http://www.idpc.org.mt/

Netherlands

Autoriteit Persoonsgegevens

Bezuidenhoutseweg 30

P.O. Box 93374

2509 AJ Den Haag/The Hague

Tel. +31 70 888 8500

Fax +31 70 888 8501

Website: https://autoriteitpersoonsgegevens.nl/nl

Poland

Urząd Ochrony Danych Osobowych (Personal Data Protection Office)

ul. Stawki 2

00-193 Warsaw

Tel. +48 22 531 03 00

Fax +48 22 531 03 01

email: kancelaria@uodo.gov.pl; zwme@uodo.gov.pl

Website: https://uodo.gov.pl/

Portugal

Comissão Nacional de Protecção de Dados – CNPD

Av. D. Carlos I, 134, 1º

1200-651 Lisboa

Tel. +351 21 392 84 00

Fax +351 21 397 68 32

email: geral@cnpd.pt

Website: http://www.cnpd.pt/

Romania

The National Supervisory Authority for Personal Data Processing

B-dul Magheru 28-30

Sector 1, BUCUREŞTI

Tel. +40 31 805 9211

Fax +40 31 805 9602

email: anspdcp@dataprotection.ro

Website: http://www.dataprotection.ro/

Slovakia

Office for Personal Data Protection of the Slovak Republic

Hraničná 12

820 07 Bratislava 27

Tel.: + 421 2 32 31 32 14

Fax: + 421 2 32 31 32 34

email: statny.dozor@pdp.gov.sk

Website: http://www.dataprotection.gov.sk/

Slovenia

Information Commissioner of the Republic of Slovenia

Ms Mojca Prelesnik

Dunajska 22

1000 Ljubljana

Tel. +386 1 230 9730

Fax +386 1 230 9778

email: gp.ip@ip-rs.si

Website: https://www.ip-rs.si/

Spain

Agencia Española de Protección de Datos (AEPD)

C/Jorge Juan, 6

28001 Madrid

Tel. +34 91399 6200

Fax +34 91455 5699

email: internacional@agpd.es

Website: https://www.agpd.es/

Sweden

Datainspektionen

Drottninggatan 29

5th Floor

Box 8114

104 20 Stockholm

Tel. +46 8 657 6100

Fax +46 8 652 8652

email: datainspektionen@datainspektionen.se

Website: http://www.datainspektionen.se/

United Kingdom

The Information Commissioner’s Office

Water Lane, Wycliffe House

Wilmslow – Cheshire SK9 5AF

Tel. +44 1625 545 700

email: casework@ico.org.uk

Website: https://ico.org.uk

Iceland

Persónuvernd

Rauðarárstígur 10

105 Reykjavík

Tel: +354 510 9600

email: postur@dpa.is

Website: https://www.personuvernd.is or https://www.dpa.is

Liechtenstein

Data Protection Office, Principality of Liechtenstein

Städtle 38

9490 Vaduz

Principality of Liechtenstein

Tel. +423 236 6090

email: info.dss@llv.li

Website: https://www.datenschutzstelle.li

Norway

Datatilsynet

Tollbugata 3

0152 Oslo

Tel +47 22 39 69 00

email: postkasse@datatilsynet.no

Website: www.datatilsynet.no