1. Data Controller and Contact Details
The data controller within the meaning of Art. 4 No. 7 GDPR is Tresor-Token AG, Industriestrasse 4, 9486 Schaanwald, Principality of Liechtenstein, represented by Karl Eckstein.
You can contact our company data protection officer at Alina Eckstein E-Mail: firstname.lastname@example.org
2. General Information on Data Processing
Description and Scope and Purpose of the Processing of Personal Data
Tresor-Token AG issues and manages the Tresor Gold Token (TAUT), a gold-backed stablecoin. For these purposes, the company operates an online presence and requires personal and financial information from customers, such as identity and contact details, in the event of registration by interested parties, in order to meet legal requirements and ensure a secure transaction. Additional services such as newsletters may be added, which are provided upon customer request.
No personal data is stored without registration for one of our services, in particular, we do not operate any web analytics procedures.
To the extent that Tresor-Token AG processes personal data, this is generally done on the basis of consent pursuant to Article 6(1)(a) of the GDPR, or in specific cases to protect legitimate interests pursuant to Article 6(1)(f) of the GDPR.
To the extent that special categories of personal data are processed in specific cases, e.g., as part of identification measures, pursuant to Article 9(1) of the GDPR, this is done only with the consent of the data subject pursuant to Article 9(2)(a) of the GDPR.
Data Deletion and Retention Period
The data will be stored for at least 10 years. If a user requests the deletion of their data, the data will be deleted 10 years after the submission of the request. According to the laws of Liechtenstein, it is mandatory to retain financial records and business documents for a minimum period of 10 years. This requirement is established in the Persons and Companies Act (PGR) of Liechtenstein. After the necessary retention period has expired, the data will be deleted or blocked.
3. Individual Data Processing
Tresor-Token AG, in the context of the described project, also creates this internet offering. The processing of personal data is fundamentally only carried out to the extent necessary for providing a functional website and the associated content and services. The temporary storage of the IP address by the system is necessary to enable the delivery of the website to the user's computer. For this purpose, the user's IP address must be stored for the duration of the session.
Our log files do not store IP addresses or other data that would allow tracing back to a user.
We always process personal data only to the extent permitted by legal regulations or with their consent.
Our web platform captures the following data during an optional registration process: country of residence, email address, and platform password. The country of residence is collected to determine whether a service can be offered to the user. The email address and password are needed to identify the user on the platform and enable the purchase of tokens. Additionally, the email address is used as a contact option should a user inquiry need to be answered. If the user visits the platform without registering, none of the above-mentioned data is collected or otherwise processed.
We may issue a newsletter. Storage of the necessary email address of interested parties is done only after their express consent.
4. Third-Party Services
In the event of registration, Tresor-Token AG uses the service of Sumsub (https://sumsub.com/) for processing personal data as part of the KYC process (customer identification). For more information on Sumsub's privacy practices, please refer to their privacy notice:https://sumsub.com/privacy-notice/
5. International Data Transfers
Tresor-Token AG stores and processes personal data exclusively in Switzerland and Liechtenstein. No data is transferred to countries outside this area. The only exception is data provided to third-party services Sumsub and PayPal.
6. Consent Management
If you wish to revoke your consent to the processing of your data, you can inform us at any time. Please note that revoking your consent may affect the services offered by Tresor-Token AG. To revoke your consent, please contact the specified address.
7. Rights of the Data Subject
Data subjects have the following rights under the GDPR:
Right of Access - Article 15 GDPR
The right of access gives the data subject comprehensive insight into their personal data that is being processed and some other key criteria such as the purposes of the processing or the duration of storage.
Right to Rectification - Article 16 GDPR
The right to rectification allows the data subject to have inaccurate personal data concerning them corrected.
Right to Erasure - Article 17 GDPR
The right to erasure allows the data subject to have their data deleted by the controller. This is possible, however, only if the personal data concerning them is no longer necessary, is being processed unlawfully, or if consent to the processing has been withdrawn.
Right to Restriction of Processing - Article 18 GDPR
The right to restriction of processing allows the data subject to prevent further processing of their personal data for the time being. A restriction mainly occurs during the examination phase of other rights exercised by the data subject.
Right to Data Portability - Article 20 GDPR
The right to data portability allows the data subject to receive their personal data in a standard, machine-readable format from the controller, in order to possibly forward it to another controller.
Right to Object - Article 21 GDPR
The right to object allows data subjects to object to further processing of their personal data in a particular situation, as far as this processing is justified by the performance of a public task or the pursuit of public or private interests.
Right to Withdraw Consent – Article 7(3) GDPR
Furthermore, you have the right to withdraw your consent under Article 6(1)(a) or Article 9(2)(a) GDPR at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
8. Right to Lodge a Complaint
Every data subject has the right to lodge a complaint with a competent data protection supervisory authority under Article 77 GDPR. The competent data protection supervisory authority for Tresor-Token AG is the National Administration of the Principality of Liechtenstein:
Email: email@example.com Address: Städtle 38, P.O. Box 684, 9490 Vaduz
9. Necessity of Data Processing
The processing of personal data is directly related to our business activities.