Liminal secures FSP license from FSRA in ADGM   Read more

Privacy Policy

Table of Contents

INTRODUCTION

Last Updated on July 2024

This Privacy Policy describes the policies and procedures of Liminal its relevant, group companies, affiliates, and subsidiaries as mentioned below (referred to as , “Liminal”, “Company”, “we”, “our” or “us” in this policy) regarding our collection, use and disclosure of your information in connection with your access and use of www.liminalcustody.com and all of its subdomains (individually referred to as “Site” and collectively referred to as “Sites”), our mobile application for iOS and Android (the “App”), and the other services, features, products, content or applications offered by Liminal (together with the Site and the App, the “Services” as defined in Terms and Conditions of Liminal). As used in this Privacy Policy, “Personal Data” means any information that can be used to identify a person individually. All defined terms not defined herein shall have the meaning ascribed to them in the Terms & Conditions, of which this Privacy Policy is a part.
Liminal subsidiaries:
  1. Singapore:

    Answer Eleven Pte Ltd is a private limited company formed under the laws of Singapore with Entity Incorporation Number: 202209266N having registered address as #12-17, The Work Boulevard, 20 Collyer Quay, Singapore – 049319
  2. India:

    First Answer India Technologies Private Limited incorporated under the laws of the Republic of India with Corporate Identification Number: U63121MH2023FTC408642 having an address at 271, 1 FLR Business Park, Vishweshwar Nagar Road, Goregaon East, Goregaon East, Mumbai-400063, Maharashtra, India.
  3. United Arab Emirates – Dubai & ADGM

    1. a.First Answer Middle East Limited is regulated and authorized by the Financial Services Regulatory Authority of Abu Dhabi Global Market (ADGM) with Financial Services Permission Number (220125) having registered address at Office 1123, 11th Floor, Al Maqam Tower, Maryah Island, Abu Dhabi, UAE 111355.

    2. b.First Answer Custody FZE is incorporated under the Dubai World Trade Centre Authority Company Rules and Regulations and its registered address is Floor No. 25, Premises No. E36, Sheikh Rashid Tower, Plot No-3360301, DM Building Number 14 in the Dubai World Trade Center Complex, Sheikh Zayed Road, Dubai.

  4. We urge you to read this Privacy Policy in full, but wanted to mention a few things upfront:

  5. This Privacy Policy covers our treatment of Personal Data that we collect about you (a) from you directly when you register with Liminal and use your Account for the Services; (b) from your web browser and/or device, as you interact with the Liminal generally; and (c) from third party websites and services, including our business partners and service providers.
  6. In this Privacy Policy, we describe the various purposes for which we use your Personal Data, as well as the legal bases supporting those purposes. As you’ll read below, the legal basis on which we rely for a given use of your Personal Data may be a contractual necessity (i.e., where we need to use your Personal Data to complete a contract with you), consent (which you must freely give us, and which you can withdraw at any time), and/or certain legitimate business interests of ours or of others, but only where we have determined that those interests are not overridden by your own interests, rights, and freedoms.
  7. The Services are hosted and operated in various geographic regions through us and our service providers. By using the Services, you acknowledge that any Personal Data you provide to us will be hosted on servers in various geographic regions.
  8. If you are using the Services in the European Economic Area, you may have certain rights regarding the Personal Data we collect from you, under the European Union General Data Protection Regulation (“GDPR”), as outlined below, and for purposes of the GDPR, Liminal would be a controller of Personal Data collected from you through the Services. If you have any questions about this Privacy Policy or whether any of the following applies to you, please contact the data protection officer at [email protected] if you have any questions or concerns about our collection and use of your Personal Data.
  9. As noted in our Terms and Conditions, we do not knowingly collect or solicit Personal Data from anyone under the age of 18. If you are under the age of 18, you are not allowed to use the Services, so please do not access or use the Site or the App, or attempt to send us any Personal Data.
  10. This Privacy Policy does not apply to the practices of third parties that we do not own or control, including, but not limited to, any third-party websites, services, products or applications (each a “Third Party Service”) that you elect to access and may interact with during your use of the Services, or to individuals that we do not manage or employ. We take steps to ensure that we only work with Third Party Services that share our respect for your privacy, although we cannot take responsibility for the content, products, services or privacy policies of those Third Party Services. We encourage you to carefully review the privacy policies of any Third Party Services you access.
What Does This Privacy Policy Cover?
1.1 This Privacy Policy covers the processing of Personal Data that we gather when you are accessing and using the Services. As used in this Privacy Policy, “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure.

1.2 This Privacy Policy also covers our treatment of any Personal Data that our business partners and service providers share with us, or that we share with our business partners and service providers.

1.3 We collect and use your information to provide and improve our Services and your experience, protect the security and integrity of our platform, and meet our regulatory and legal obligations.

What Personal Data does Liminal collect from You?
2.1 We collect Personal Data about you when you provide such information directly to us, when third parties such as our business partners or service providers provide us with Personal Data about you, or when Personal Data about you is automatically collected in connection with your use of our Services.

2.2 By providing the Personal Data of others to us, you represent that you have the authority to do so. We disclaim responsibility for the information of others that you provide to us in the course of your use of the Services.

Information we collect directly from you
We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:

3.1 Account information, including your full name, and email address.

3.2 Phone number, in case you opt for SMS notification and chat support via phone messaging applications.

3.3 Any Personal Data that you make available on or through the Services.

3.4 Any Personal Data you provide when you communicate with us or our customer service representatives (so please only provide what is necessary).

3.5 Any Personal Data you provide us when purchasing Products, including your: first name, last name, email address, and shipping address.

3.6 Information about the transactions made by using our Services, such as name of the sender, name of the recipient, amount, currency, payment method, date and/or timestamp.

3.7 When you sign up to use our Wallet Infrastructure or Custody Services, we collect your wallet address and its related information.

3.8 We also collect Corporate customer information as part of KYB and onboarding as part of regulatory compliance & internal policies.

Information we automatically collect when you use our Services
Some Personal Data is automatically collected when you use our Services, such as the following:

4.1 IP address,

4.2 App, Web browser information,

4.3 Operating system information,

4.4 Pages you visit and links you click on for the Services only (not for marketing purposes), and

4.5 Event tracking or screen recording in our iOS or Android apps for session replay analytics, and

4.6 Certain Cookies (see below for more information) (collectively, “Usage Data”).

Information we obtain from third parties
Some Personal Data is automatically collected when you use our Services, such as the following:

5.1 We obtain information about you from public databases, such as the United Nations Sanctions List, United Nations Security Council (UNCL), government agencies, the relevant Central Bank, EU, U.K. HM Treasury, U.S. OFAC and the local regulators, including your name, address, email address, phone number, gender, national ID number and nationality/country of residence, date of birth, job role, public employment profile, listing on any sanctions lists maintained by public authorities, and other data as necessary

5.2 We may analyze public blockchain data, including timestamps of transactions or events, transaction IDs, digital signatures, transaction amounts, and wallet addresses.

5.3 Information from our marketing and advertising partners: We receive information such as your name and contact information from our marketing partners, including in some instances what marketing content you viewed or the actions you take on our Sites

Information we do NOT collect when you use our Services
6.1 Browsing history outside of the Services, including the pages you visit when you exit the Services,

6.2 Publicly available information about your social media profiles, interests or preferences, or page view information,

6.3 Cookies for targeting and marketing purposes.

6.4 Please note that when you access or use the Services, we may use information from your web browser and your device’s settings and unique identifiers in order to reliably and accurately provide you with Services and information that apply to you.

Information about Cookies
7.1 The Services use “Cookies” as defined herein to enable our servers to recognize your web browser and tell us how and when you visit and use our Site and Services in order to operate our Services. Cookies are small files – usually consisting of letters and numbers – placed on your computer, tablet, phone, or similar device when you use that device to visit our Site.

7.2 We do not use Cookies to target you with advertising or promotions for our products and services. We will not supplement the information we collect from you with information received from third parties.

7.3 We do not use similar technologies such as pixel tags, web beacons, clear GIFs, and JavaScript to track or identify you.

7.4 Cookies can either be “session Cookies” or “persistent Cookies”. Session Cookies are temporary Cookies that are stored on your device while you are visiting our Site or using our Services, whereas “persistent Cookies” are stored on your device for a period of time after you leave our Site or Services. The length of time a persistent Cookie stays on your device varies from Cookie to Cookie.

7.5 We use persistent Cookies to keep a more accurate account of how often you visit our Services, how often you return, and how your use of the Services may vary over time. We do not use persistent Cookies to measure the effectiveness of advertising efforts nor to collect information about your online activity after you leave our Services.

7.6 Your browser may offer you a “Do Not Track” or “DNT” option, which allows you to signal to operators of websites, web applications, and services that you do not wish such operators to track certain of your online activities over time and across different websites. Because we collect browsing and persistent identifier data, the Services do not support Do Not Track requests at this time, which means that we may collect information about your online activity while you are using the Services. We will not collect information about your online activity after you leave our properties.

7.7 We do not control third-party Cookies. Although some Cookies may have been placed by a third party on your device we do not collect or use such information.

We use the following types of Cookies
8.1 Essential Cookies. Essential Cookies are required for providing you with features or services that you have requested. For example, certain Cookies enable you to log into secure areas of our Site or Services, maintain your preferences over time and recognise you when you return to our Services. Disabling these Cookies may make certain features and services unavailable.
We do not use the following types of Cookies
9.1 Performance/Analytical Cookies.

9.2 Retargeting/Advertising Cookies.

9.3 You can decide whether or not to accept Cookies. One way you can do this is through your internet browser’s settings. Most browsers have an option for turning off the Cookie feature, which will prevent your browser from accepting new Cookies, as well as (depending on the sophistication of your browser software) allowing you to decide on acceptance of each new Cookie in a variety of ways.

9.4 You can also delete all Cookies that are already on your computer. If you do this, however, you may have to manually adjust some preferences every time you visit a site and some services and functionalities may not work. To explore what Cookie settings are available to you, look in the “preferences” or “options” section of your browser’s menu.

9.5 To find out more information about Cookies, including information about how to manage and delete Cookies, please reach out to us at [email protected]
How Do We Use Your Personal Data?
10.1 We process Personal Data to deliver, personalize, operate, improve, create maintain, develop and understand our Services to provide you with a secure, smooth efficient and customized experience as you use them, for complying with the local regulations and anti fraud purposes. For example, we use Personal Data to:

10.2 Verify the identity and establish your Account

10.3 Process and fulfill your purchases of Products or Services

10.4 Protect against or deter fraudulent, illegal or harmful actions

10.5 Communicate with you about the Services, including sending you updates, offers, emails, newsletters and other information that we believe may be of interest to you.

10.6 Provide support and assistance for the Services

10.7 Identify trends and other statistical information that may be useful to our business

10.8 Comply with our legal or contractual obligations

10.9 Respond to user inquiries

10.10 Fulfill user requests

10.11 Resolve disputes

10.12 Enforce our Terms and Conditions (including, for clarity, this Privacy Policy)

We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interests of others, as further described below.
10.13 Contractual Necessity: We process the following categories of Personal Data as a matter of “contractual necessity,” meaning that we need to process the data to perform under our Terms and Conditions with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.
10.13.1 Account Information that you provide us.

10.13.2 Information that you provide us when purchasing Products or Services.

10.13.2 Information that you provide us when making a request or inquiry with our customer service representatives.
10.14 Compliance with Regulatory and Legal Obligations Our Services are subject to laws and regulations requiring us to collect, use, and store your personal information in certain ways. If you do not provide the personal information required by law, we will have to discontinue your account.
Why and how we use your information

a. To verify your identity: We are generally required to collect various pieces of personal information to identify or verify you as a customer and comply with other specific anti-money laundering (“AML”) or sanctions laws/regulations (e.g. funds transfer rules). Our verification processes also involve electronic identification against your provided verification information. All such information is securely maintained by Liminal and its service providers and is only disclosed where permitted by law.

b. To determine your legal eligibility for certain regulated products: When you use certain regulated Services in countries such as UAE, India and Singapore, we may be required to carry out additional checks to ensure your suitability (E.g under the Abu Dhabi Global Markets (ADGM) regulations, (Financial Intelligence Unit) VARA (Virtual Asset Regulatory Authority), UAE, FIU India, Monetary Authority of Singapore (MAS Singapore)

c. To comply with other legal and regulatory obligations

(i) We may access, read, preserve, and disclose information when we believe it is reasonably necessary to comply with law, legal obligations, regulations, law enforcement, governmental, and other legal requests, court orders, or for disclosure to tax authorities.

(ii) Examples of laws that may require us to collect, use or disclose your information: Civil, commercial, criminal, or consumer protection matters: where we receive a court order to disclose information for court proceedings or regulatory inquiries (E.g. mandatory requests or orders under the FIU authorities in India, ADGM in Abu Dhabi, VARA in UAE and MAS in Singapore).

(iii )Corporate and taxation matters: obligations such as the Indian Companies Act 2013, Indian Income Tax Act, 1961, Federal Tax laws of UAE, and Tax laws laid down by the Ministry of Finance, Singapore.

(iv) Regulatory matters: to comply with our regulatory obligations, including engaging with our regulators, such as (but not limited to) the Monetary Authority of Singapore, Abu Dhabi Global Markets (ADGM), Virtual Asset Regulatory Authority (VARA) UAE, Financial Intelligence Unit – FIU India.
10.16 Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.

10.17 Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.

10.15 Legitimate Interest: We process the following categories of Personal Data when we believe it furthers the legitimate interest of our business.
10.15.1 Account Information that you provide us.

10.15.2 Usage Data we collect in connection with your use of the Services.

10.15.3 Examples of these legitimate interests include Protection from fraud or security threats;

10.15.4 Operation, maintenance and improvement of our business, products and services

10.15.5 Provision of customer support

10.15.6 Compliance with legal obligations

10.15.7 Completion of corporate transactions.

How and With Whom Do We Share Your Data?
11.1 We share limited Personal Data with vendors, third-party service providers, and agents who work on our behalf and provide us with services related to the purposes described in this Privacy Policy or our Terms and Conditions. We limit this based on the minimum information required for such vendors, third-party service providers, and agents to perform the required services. These parties include:

11.2 Identity verification processor

11.3 Block chain Analytics provider

11.4 Hosting service providers;

11.5 Email providers;

11.6 Payment processors;

11.7 Cloud communication service providers;

11.8 Shipping providers;

11.9 Contractors; and

11.10 Cryptocurrency exchange service providers

We also share Personal Data when we believe it is necessary to:
11.11 Comply with applicable law or respond to valid legal processes, including from law enforcement or other government agencies.

11.12 Protect us, our business or our users, for example, by enforcing our Terms and Conditions, preventing spam or other unwanted communications and investigating or protecting against fraud.

11.13 As part of the Services, you will receive from Liminal, email and other communications. You acknowledge and agree that by availing yourself of the Services, you allow us to send you email and other communication that we determine in our sole discretion relate to your use of the Services.

Last, we also share information with third parties when you give us your express consent to do so.
11.14 Furthermore, we will NOT buy or sell Personal Data to or from a third party under any circumstances, except solely in the event that we merge, acquire, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, in which case Personal Data would be one of the assets that are transferred to or acquired by us or the third party as the case maybe.
However, you should know that:
11.15 We would only choose to sell its business or assets to, or to be acquired by, an entity that we believe will take a customer-first approach to Personal Data as we do; and

11.16 Any entity acquiring our business or assets would have an obligation to use the Personal Data that comes with it strictly in accordance with this Privacy Policy. You acknowledge that such transfers may occur and that any acquirer of us or our assets may continue to use your Personal Data only as set forth in this policy.

How Long Do We Retain Your Personal Data?
12.1 We retain Personal Data about you for as long as you have an open Account with us or as otherwise necessary to provide you Services, or until you contact us to request deletion (see below). In some cases, we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Regulatory obligations impose the data retention for a period of 8 years or as per applicable laws. Afterwards, we retain some information in a depersonalized or aggregated form but not in a way that would identify us personally.
How Do We Protect Your Personal Data?
13.1 We seek to protect Personal Data using appropriate technical and organizational measures based on the type of Personal Data and applicable processing activity. As a security-first company, we go to extreme measures to protect the security and privacy of our customers and our employees.

13.2 We keep Personal Data tracking at a minimum and only store that which we need to in order to deliver the Services.

13.3 We employ ‘least privilege principles’ when it comes to giving employees access to Personal Data – employees should only be able to access data if it is necessary for them to carry out the duties of their role. We also minimize the use of Third Party Services to only those required to deliver the Services.

13.4 For example, we do not use third-party Cookies, or any similar technologies such as pixel tags, web beacons, clear GIFs, and JavaScript although it negatively impacts our ability to track customer activity and trends.

13.5 Other examples of the steps we’ve taken to protect customer data and keep it from third parties include: We use end-to-end encrypted chat software to keep internal conversations completely protected

13.6 To prevent unauthorized access to your Account and Personal Data you should select and protect (and periodically update) your password appropriately and use a password manager to randomly generate your password. You should also limit access to your device and browser by signing off after you have finished accessing your Account.

13.7 We understand the importance of the security of the information we collect, but we cannot promise that our security measures will eliminate all security risks or avoid all security breaches. We cannot guarantee the security of any Account information. Unauthorized entry or use, hardware or software failure, and other factors may compromise the security of user information at any time.

Do we store the Personal Data of children
14.1 We do not knowingly collect or solicit Personal Data. If you are under 18, please do not attempt to register for the Services or send any Personal Data about yourself to us. Please contact data protection officer at [email protected]
What do users need to know?
15.1 Rights Regarding Your Personal Data:: By law, users in the European Union, India, UAE, Singapore, United Kingdom, Lichtenstein, Norway, or Iceland have certain rights with respect to their Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email the data protection officer at [email protected]. Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical if it jeopardizes the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
If you are a user of the Services, you have the following rights:
16.1 Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by logging into your online account.

16.2 Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data by emailing the data protection officer at [email protected]

16.3 Erasure: You can request that we erase your Account from our systems. To request us to delete your Account, please send an email to the data protection officer at [email protected] from the email address we have on file for your Account. We reserve the right to permanently erase your Account information from our systems immediately or promptly after we receive the request, subject only to legal requirements or appropriate exceptions under applicable law. (We also reserve the right to delete Accounts on our own initiative.) Please note that Account deletion may not ensure complete or comprehensive removal of the content or information you have posted on or submitted to the Services, and will not remove content or information that has been stored, shared or re-posted by other users and other third parties.

16.4 Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilize some or all of our Services. You may withdraw your consent by sending an email to data protection officer at [email protected]

16.5 Portability: You can ask for a copy of certain of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.

16.6 Objection: You can contact data protection officer at [email protected] to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.

16.7 Restriction of Processing: You can ask us to restrict further processing of your Personal Data by contacting the authorised data protection officer at [email protected].

16.8 Right to File Complaint: You have the right to lodge a complaint about our practices with respect to your Personal Data with the supervisory authority of your country,r EU Member State, UAE, Singapore or India .

Transfers of Personal Data
17.1 The Services are hosted and operated on the cloud in various geographic regions by Liminal and its service providers, where the laws may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to us and will be hosted on cloud servers in various geographic regions, and you authorize Liminal to transfer, store and process your information to and in the throughout the world as necessary to perform our duties in providing you with the Services. Additionally, you understand that your Personal Data may be processed in countries including but not limited to Singapore, UAE and India where laws regarding processing Personal Information may be less stringent than in your country. Please contact our data protection officer at [email protected]. with any questions or concerns.
What if you have questions regarding Your Personal Data?
If you have any questions about this Privacy Policy or our data practices generally, please contact us using the following information:

Addressed to “Liminal” at [email protected]