[Last revised: 10th October, 2022]
In order to operate our Services, to meet our regulatory obligations and to reduce the risk of online fraud, LCX , as a data controller, must ask you to provide us with information about yourself, including your personal details for customer identification, and information about your financial background an payment options that may be connected to your use of LCX Services, as well as any other types of information specified in this Policy.
This Policy aims to give information on how LCX collects and processes personal data , including any data that may have been provided to us or which we may receive by any means.
The Services are not intended for minors (i.e., persons under 18 years of age or the respective age of majority) and we do not knowingly collect personal data relating to minors.
Personal information or data refers to any information that can be associated with a specific natural person and can be used to identify that person, directly or indirectly, in particular by reference to required information that the user provides to LCX to gain access to and use our Services (hereinafter “Personal data” or “personal information”).
Unless otherwise indicated, terms used in this Regulation shall have the same meaning as under the GDPR.
Controller: LCX as defined above is the controller and responsible for customer’s personal data.
Third Party Websites: Some pages on the LCX website may include links to third-party websites. These sites are governed by their own privacy statements, and LCX is not responsible for their operations, including, but not limited to, their information practices. Users submitting information to or through these third-party websites should review the privacy statements of these sites before providing them with personally identifiable information. Clicking on those links or enabling those connections may allow third parties to collect or share data about customers. We do not control these third-party websites and are not responsible for their privacy notices, statements or policies. The respective provider of the linked website is solely responsible for the content and correctness of the information provided there, as well as for the tracking and setting of cookies by such websites.
Most web browsers are set to accept cookies by default. You are free to decline most of the cookies if the browser or browser add-on permits. Choosing to remove or disable cookies may interfere with the use and functionality of the Services. Additionally, LCX may use certain persistent cookies that are not affected by browser settings but will use such cookies solely for identity verification and fraud prevention purposes.
Because of how cookies and similar technologies work, we cannot access data collected by third-party cookies, nor can other companies or persons access the data generated by such tools, and in particular, not all tracking functions of third-party tools can be controlled by us. All these providers are obliged to comply with the applicable data protection regulations and are solely responsible for any processing of personal data as a data controller according to article 4 (7) GDPR. You may disable cookies on your browser and by enabling a “Do Not Track” request in your browser.
Type of Cookie
Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland
Marketing & Analytics
Essential System Requirements
Hotjar Limited, Level 2, St Julian’s Business Centre, 3 Elia Zammit Street, 1000 St Julian’s STJ, Malta
Browser / Do Not Track Request
Cloudflare, Inc. 101 Townsend St. San Francisco, CA 94107 USA
Essential System Requirements; set for anti-DDOS/bot protection by our DNS only for selected suspicious users.
Opt-out via your browser settings
Google LLC, 1600 Amphitheatre Pkway, Mountain View, CA 94043-1351, USA
Essential System Requirements; set only for users under suspicion of being a bot.
Hubspot Ireland Limited, 1 Sir John Rogerson’s Quay, Dublin Docklands, Dublin, D02 CR67, Ireland
TRADINGVIEW UK LTD, 43 Berkeley Square, London, England, W1J 5FJ
Essential System Requirements; Performance of Contract
Automattic (incl Wordfence, Yoast SEO, Typeform, JetPack)
Automattic Inc. 60 29th Street #343 San Francisco, CA 94110, USA
Essential System Requirements; Website operationality and Marketing & Analytics
Information we collect from users: To register for and use the LCX Services, you must provide your full name, address, phone number, the details of your identification document, and email address and other identification and compliance information as requested. In order to top-up your wallet balance with us or make certain payments or transactions through our Services, you must provide (where applicable) your payment instrument or account information details, API details and other information required. We may also ask you to choose different security questions to answer for the purposes of account verification or password reset.
We may also require you to provide us with other commercial and/or identification information if you send or receive certain high-value transactions or high overall payment volumes through our Services or as is otherwise required in order for us to comply with our anti-money laundering and risk management obligations.
Using your device: When you use LCX Services using any device), we may additionally collect and store device sign-on data (including but not limited to device ID) and geolocation data.
Photographs: If you use certain functionalities provided by us, we may ask you to upload a picture of you in order to provide you with these specific services. Your face must be recognizable.
Transaction Information: When you use our Services to send funds to someone else or request money from someone else, as the case may be, we may ask you to provide information related to that transaction. This information includes the amount and type of the transaction, transactional details and the details pertaining to the identity of the third party. Also, if you send funds to another LCX customer, you may be asked to provide personal details to that customer to complete the transaction. Those details may also be passed on to us from that customer. We also collect the Internet address (IP address) and other identifying information about the computer or device you use to access or use our Services, in order to help detect possible instances of unauthorized transactions.
Travel Rule (transaction information): Recommendation No. 15 of the FATF Recommendations provides that, in the case of transfers of virtual currencies or virtual assets, similar to the regulations on the Money Transfer Regulation, an exchange of information regarding the data of the beneficiary and the payer (principal) is carried out between virtual asset service providers.
Pursuant to Art 12a of the Due Diligence Act in connection with Art. 23b of the Due Diligence Ordinance, an exchange of information is required for all transfers of virtual assets that currently exceed the amount of one Swiss Franc (1 CHF). The decisive factor for the obligation to exchange information is that the token is actually transferred. This means that a transfer takes place in some form on the virtual asset system in which the virtual asset service provider is involved. Ultimately, this means that a virtual asset service provider who has made, initiates, performs, executes or commissions a transfer of a token on a virtual asset system (e.g., blockchain) is obliged to exchange of information if another virtual asset service provider is also involved on the opposite side and the amount to be transferred exceeds one Swiss Franc.
If the counterparty (commissioning or benefiting virtual asset service provider with whom a token / virtual asset transfer is concluded) is a foreign service provider which, if domiciled in Liechtenstein, would be a trusted technology / virtual asset service provider subject to registration under the Liechtenstein Tokens and Trusted Technology Service Providers Act (TTTA or TVTG in German), there is also an obligation to carry out the exchange of information. It is possible that the service provider abroad is a registered payment service provider or a bank. Likewise, an exchange of information must be carried out if the foreign service provider is subject to the application of the “travel rule” due to its activities abroad.
Token issuers are then exempt from this obligation if the transfer is carried out as part of the initial public offering. However, if further transfers are carried out in addition to this (secondary market), token issuers also fall within the scope of the travel rule provisions. In order to carry out the exchange of information, it is necessary to determine whether the counterparty is a (beneficiary) virtual asset service provider (possibly a contracting virtual asset service provider) or not. This determination of the counterparty is thus relevant for any transfer of tokens with an equivalent value of more than one Swiss Franc. The legislator stipulates that prior to the execution of a virtual asset transfer a determination of the counterparty must be made.
Prior to the exchange of information, the following information must be collected by the commissioning virtual asset service provider.
– the name (first and last name / firm name) of the beneficiary and the principal;
– the name or address of the virtual asset account (e.g., the wallet) of the principal and the beneficiary; and
– the address, the number of a valid official ID, the customer number or the date of birth and place of the principal.
To comply with the Travel Rule LCX uses the services of Notabene ID GmbH, Dammstrasse 16, 6300 Zug, Switzerland. Data is being processed with regard to the Travel Rule by LCX to comply with legal obligations. In addition to verifying the transfer data, both the principal and beneficiary (sending and receiving) virtual asset service provider also have the reciprocal obligation to screen for sanctions.
Information About You From Third Parties: In order to execute certain transactions of our customers, protect all our customers against potential fraud, comply with our legal obligations and enforce our Terms and Conditions, we verify and validate information provided to us by users with a number of third parties, such as financial partners, anti-fraud agencies, data vendors, as well as using information available through internet and publicly accessible social network data. In the course of such verification, we may receive personally identifiable information about our users from such services and sources.
If you send or receive high overall payment volumes or display inconsistent transactional patterns through LCX Services, or if you have a limited transactional history with us, in some circumstances we will conduct a background check on you by obtaining information about you and your activities, and potentially (if legally permitted) also about your business partners, from a credit reference or fraud agency. If you owe us money, we may conduct a credit check on you by obtaining additional information about you from a credit reference or anti-fraud agency, to the extent permitted by law. LCX, at its sole discretion, reserves the right to periodically retrieve and review a business and/or consumer credit report supplied by such credit reference or fraud agency for any account, and reserves the right to close a user account based on information obtained during this credit review process.
We may also collect public information about your activities and your behavior on social media platforms (such as the email address and the number of “likes” and “followers”), to the extent relevant to confirm an assessment of your transactions and/or the nature of your activities that are relevant to our services offered to you.
We may also collect information about you from other sources, including from other companies (subject to their privacy policies and applicable law), and from other accounts we have reason to believe you control (whether in part or in whole).
Examples of information we automatically collect about you may include:
Additional Verification: If we cannot verify the information that you provide, or if you request a withdrawal to an account, payment instrument or digital wallet for Virtual Assets not previously used by you, we may ask you to upload or send us additional confirmation or to answer additional questions online to help verify your information.
Website Traffic Information: Because of the way Internet communication standards work, when you arrive at or leave the LCX website, we automatically receive the web address of the site that you came from or are going to. We also collect information on which pages of our website you visit, IP addresses, the type of browser you use and the times you access our website.
Communications: When you communicate with us for customer service or other purposes (e.g., by emails, calls, tweets, etc.), we retain such information and our responses to you in the records of your account.
Questionnaires, Surveys, Sweepstakes and Profile Data: From time to time, we offer optional questionnaires, surveys, online competitions and sweepstakes to our users for such purposes as collecting demographic information or assessing users’ interests and needs. If we collect personally identifiable information from our users in these questionnaires, surveys, and sweepstakes, the users will be given notice of how the information will be used prior to their participation in the survey, questionnaire or sweepstake.
Some of this information, for example, indicating your racial origin or biometrical details, is considered especially sensitive, from the point of view of data protection, and we will use and process this information in strict accordance with the law.
Where we are required to collect personal data:
to verify the identity of our applicants and clients, mitigate against risks (such as potential or suspected fraud) and in particular, to assess and take a decision on whether we will or should enter into a relationship with contracting parties (as subject to our client acceptance criteria and policies) and this data is not provided when requested, or else provided in an incomplete or insufficient manner, we may not be able to perform or conclude contractual relations which we have or are otherwise trying to enter into.
In certain instances, particularly where this relates to compliance with due diligence duties, we may even need to exercise our right to terminate our contractual relations, and thus withdraw the availability of our Services, or else, if still at application stage, we may have to decline to enter into a contractual relationship.
Below is a summary of how LCX may use customer information collected from our users or about our users. We will only process personal data pursuant to the law. Most commonly, we will use personal data in the following circumstances:
Internal Uses: We collect, store and process your information on servers located in the European Economic Area, European Union or Switzerland or in states in which an adequacy decision has been issued. Our primary purpose in collecting your information is to provide you with a safe, smooth, efficient, and customized experience. You acknowledge that we may use your personal information to:
Questionnaires, Surveys and Profile Data: If you choose to answer our optional questionnaires or surveys, we may use such information to improve our Services, send your marketing or advertising profile preferences, or as otherwise explained in detail in the survey or campaign itself (legitimate interest: business development).
Our Contact with Customers: We communicate with our users on a regular basis via email and chats to provide requested services. We may also communicate with our users by phone or using VOIP technologies to:
We use your email to confirm your opening of a LCX account, to send you notices and confirmations related to your activities, to send you information about important changes to our products and services, and to send notices and other disclosures required by law. Generally, users cannot opt out of these communications, but they will be informational in nature, and not promotional.
We may also use your email address to send you other types of communications that you can control, including “news”, “customer surveys”. You can choose whether to receive some, all, or none of these communications when you complete the registration process, or at any time thereafter, by logging in to your account and then selecting settings, and updating your communicational preferences.
In connection with independent audits of our financial statements and operations imposed by applicable law, the auditors may seek to contact a sample of our customers to confirm that our records are accurate. However, these auditors cannot use personally identifiable information for any secondary purposes.
We make sure we consider and balance any potential impact for our customers before we process personal data for our legitimate interests. We do not use personal data for activities where our interests are overridden by the impact on or legal rights of our customers (unless we have explicit consent or are otherwise required or permitted to by law).
LCX may use your Personal data to form a view on what we believe might enhance your user experience or present you with information that may be of interest to you (consent or commercial relationship).
If you don’t wish to receive marketing communications from us, or to participate in our ad-customization programs, simply update your preferences.
If you would like to change your personal communication preferences or change preferences with regard to marketing communications from us, you can do so by adjusting your preferences in the communication preferences profile section or by contacting us at: [email protected].
We work with third parties to enable you, them and potentially their customers to accept or facilitate payments from or to you using the LCX Services. In doing so, a third party may share information about you with us such as your full name, email address or wallet address, when a payment is sent to you or when you are attempting to pay that third party (performance of contract; fulfillment of legal obligation for Virtual Asset Service Providers). We use this information to confirm that you are a LCX customer and that LCX can be enabled to make a transfer (of Virtual Assets), or where a transfer is sent to you to send you a notification that you have received such assets as the result of a transfer. Please note that third parties you receive assets or transact with may have their own privacy policies, and LCX is not responsible for their operations, including, but not limited to, their information practices.
If you are a registered LCX user and you are sending assets or transacting with another registered LCX user, as a part of the transaction, some personal information of both parties will be shared as a part of transaction notification.
How We Share Information with Other Third Parties. LCX works with third-party service providers which provide important functions to us that allow us to be an easier, faster, and safer way to facilitate transactions, display information and otherwise offer our services to you. We need to disclose certain user data to them from time to time, so that the services can be performed.
In order to provide the LCX services, some information we collect may be required to be transferred to other entities, in their capacity as financial partners, payment providers, custodians, payment processors, technical service providers or account holders (or similar capacities). You acknowledge that according to their local legislation, such entities may be subject to laws, regulations, inquiries, investigations, or orders which may require the disclosure of information to the relevant authorities in their relevant country.
We will only use personal data for the purposes for which we collected it, unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose, or we are obliged to process personal data by applicable laws or court or other enforceable orders.
Please note that we may process personal data without the need to obtain consent, in compliance with the above rules, where this is required or permitted by law.
Specifically, you consent to and direct LCX to do any and all of the following with your information, if no other lawful basis of processing of your personal data is applicable as noted in brackets:
We require all third parties to respect the security of personal data and to treat it in accordance with the law (including applicable data protection and privacy law). We do not allow our third-party business partners or service providers to use personal data for their own purposes and only permit them to process personal data for specified purposes and in accordance with our documented instructions. Furthermore, these third parties access and process personal data on the basis of strict confidentiality and subject to the appropriate security measures and safeguards.
We may also share aggregated or anonymized information, which cannot reasonably be used to identify you.
LCX is committed to handling your customer information with high standards of information security. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to personal information only for those employees who require it to fulfil their job responsibilities, and who have committed themselves to confidentiality undertakings.
The security of your LCX account information also relies on your protection of your password or access credentials. You may not share your LCX password with anyone. LCX representatives will never ask you for your password, so any email or other communication requesting your password should be treated as unauthorized and suspicious and forwarded to us. If you do share your LCX password with a third party for any reason, including because the third party has promised to provide you additional services such as account aggregation, the third party will have access to your account and your personal information, and you may be responsible for actions taken using your password. If you believe someone else has obtained access to your password, please change it immediately by logging in to your account and changing your Profile settings, and also contact us right away.
LCX is committed to adequately protecting your information regardless of where the data resides and to providing appropriate protection for your information if your data is transferred outside of the EEA, EU or any country for which an adequacy decision has been issued. In this regard, transfers to non-EEA countries may notably be carried out on the basis of standard contractual arrangements approved by the European Commission, a copy of which may be obtained by you by simple request sent to LCX.
The personal data that we collect from you will be transferred to and stored at a destination inside the European Economic Area (EEA) or Switzerland. As we provide an international service, your personal data may be processed outside of the EEA in order for us to enable your use of our Services and fulfil our contract with you to provide the LCX Services; to comply with legal obligations or to assert, file or exercise a legal claim.
All information you provide to us is stored on our secure servers, encrypted at rest. Any Service provided by us or our chosen third-party providers will be encrypted in transit. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our Website you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
Certain LCX Services include social networking, chat room or forum features. Ensure when using these features that you do not submit any personal data that you do not want to be seen, collected or used by other users.
We will only retain personal data for as long as necessary to fulfil the purposes we collected it for (i.e., the ongoing service provision) and, thereafter, for the purpose of satisfying any legal, accounting, tax, compliance, due diligence and reporting requirements or obligations to which we may be subject and/or to the extent that we may also need to retain personal data to be able to assert, exercise or defend possible future legal claims against or otherwise involving customers. In that regard, please note that our contractual relationship is of an ongoing and continuous nature, until terminated.
We will only retain personal data for as long as necessary to fulfil the purposes we collected it for (i.e., the ongoing service provision) and, thereafter, for the purpose of satisfying any legal, accounting, tax, compliance, due diligence and reporting requirements or obligations to which we may be subject and/or to the extent that we may also need to retain personal data to be able to assert, exercise or defend possible future legal claims against or otherwise involving customers.
By and large, our retention of personal data shall not exceed the period of three (3) years from the date of the termination of customer relationship with us. This period of retention enables us to use the data in question for the possible filing, exercise or defense of legal claims (taking into account the timeframe of applicable statutes of limitation and prescriptive periods). In certain cases, though we may need to retain data for a period of up to ten years or longer in order to comply with applicable laws, in particular accounting and tax laws as well as due diligence duties.
LCX is obligated under the Due Diligence Act to retain personal data from you and your LCX transactions for a period of a minimum of ten years from the conclusion of the transaction or from its preparation. We therefore use this retention requirement as a benchmark for all personal data that we receive from you. In order to not hold your information for longer than is strictly necessary we will not hold any of your personal data for more than 10 years after the termination of our business relationship, unless there are other legal obligations that require us to retain your information longer.
Whenever and to the extent possible, we anonymize personal data when it is no longer necessary to identify customers from the data (anonymous data).
In order to collect, use, and share data, we will anonymize personal data so that it can no longer be associated with customers for research or statistical purposes, in which case we may use this information indefinitely without further notice.
You have a right to:
Please know that if you have any questions or objections as to how we collect and process your personal information, or how you may exercise your rights, please contact us at [email protected]
Please note that none of these rights of the data subject are absolute and must generally be balanced against our own legal obligations and legitimate interests. If a decision is made to override a data subject’s request, the customer will be informed of this by us along with the reasons for our decision.
We try to respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated. We will need to request specific information from a customer to help us confirm the customer’s identity and ensure the customer’s right to access the personal data (or to exercise any of the other right as a data subject).
You will not have to pay a fee to access your personal data or account information (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is clearly unfounded, repetitive, excessive or misused.
If your request is clearly unfounded, repetitive, excessive or misused we may refuse to comply with your request under these circumstances.
Request of transfer of your personal data to you. You can review and download your account information and transactional history via access to your LCX account online, however, should you require that we provide you with a copy of your account information in a more structured, comprehensive and machine-readable format, please reach out to [email protected].
Full name of legal entity: LCX AG
registration number: FL-0002.580.678-2
Email address: [email protected]
Registered Office: Herrengasse 6, 9490 Vaduz, Liechtenstein
If you are not satisfied by the way in which we address your concerns or how we handle your personal information, you have the right to lodge a complaint with the Liechtenstein’s Data protection Office at any time. In any case we suggest that you first reach out to us to solve any issue before you contact the data protection authority.
Should any provision of this Policy be invalid or unenforceable, then the remainder of this Policy shall remain valid and in force. The invalid or unenforceable provision shall be either amended as necessary to ensure its validity and enforceability, while preserving the Parties’ intentions as closely as possible or, if this is not possible, be construed in a manner as if the invalid or unenforceable part had never been contained therein.
This Policy is governed by the laws of Liechtenstein, unless this conflicts with mandatory consumer protection provisions of a member state of the European Union, European Economic Area, Switzerland, United Kingdom or any other country for which an adequacy decision regarding Data Protection Laws has been adopted and you have your residence in to the exclusion of collision laws. Any dispute arising in connection with this Agreement will be submitted to the exclusive jurisdiction of the courts of Liechtenstein.
LCX AG is a company found in 2018 and registered in Liechtenstein No. FL-0002.580.678-2. LCX AG is regulated by the Financial Market Authority of Liechtenstein under the registration No. 288159 as a trusted technology service provider.
LCX AG Herrengasse 69490 VaduzLiechtenstein
LCX AG © 2018-2022. All Rights Reserved