Privacy Policy

General
The CTS BASE PTE. LTD. (the "Company") attaches great importance in protecting the privacy of a person's personal data and is committed to complying with Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore and observing the relevant codes of practice which may be issued by the Privacy Commissioner for Personal Data from time to time.

Purpose of collection and usage of personal data
Company handles the minimum amount of personal data for following purposes: The handled personal data is not used for any other uses, and if the purpose of usage needs to be changed, we will take necessary measures, such as getting a separate consent.
① Membership and management
② Usage in marketing and advertising
③ Adjustment of grievance
④ Completing cryptocurrency transactions
⑤ Completing KYC, AML
⑥ Verifying and confirming ICO participation amounts
⑦ Sending you Service-related communications
⑧ complying with regulations or laws

Items of collected personal data and the method of collection
① Company collects the following personal data for above purposes.

Collected items

name, phone number, nation, gender, Birth, photo, ID card, email adress, ID, log in password, participation amounts, cryptocurrency wallet address

② While you use the service, following items may automatically form and collected.
(1). Server log and use log : IP address, login information, date and time of visits, viewed pages, MAC address, referrer information, access countries, languages, a period during which a user stays on a website,
(2). Device information : Information in relation to PCs and mobile devices used to access our website and services, including operating systems (OS) and their version, browser and other device identifiers.
(3). Use information : Where our website or services are used, the meta data of uploaded files for storage are collected and instants are recorded through private key.
(4). Information collected by Cookies and other tracking technologies : The Company and its service providers use a variety of technologies to gather information, including cookies and web beacons when users interact with its website. Cookies, as a small piece of data stored on user’s device in time of visiting a website, are graphic images used for monitoring the behavior of users who visit by email or website, in relation to device IDs, IP address, web browsers used to access a website, visited pages, the period during which a user stays on a web page, the performance of mobile applications and clicked link web beacons. Cookies are usually used along with other cookies.
(5). Information for webstie analysis : Additional information such as navigation path, returning or new users, end devices, etc. may be collected to analyze the users of Google Analytics and other websites and services

ƒ③ When Company collects personal data, it notifies and asks for consent prior to collection and the personal data is collected through following methods.
(1). Collection through the information that you directly provide by agreeing to the collection of the personal data during the usage of the service membership or identification or purchase of tokens.
(2). Automatic collection while you are using the service provided by Company

④ Company does not collect sensitive personal data (race and nationality, philosophy and creed, political stance and criminal record, etc.) that may invade basic human rights.

Provision of personal data to a third party
Company principally does not sell, lend, or lease your personal data to a third party, except for following cases.
① When you explicitly provide a consent
② When receive an order from the court to provide your personal data and data or receive a request from the government
③ When it is considered necessary or right to obey the law or protect or defend Company’s right and assets.

Storage location of personal data and consignment for management
Your personal data located in company stores and Company does not consign the management of your person information without notice.

consignment for management and International data transfers
Company may transfer information collected from you to affiliated entities, or to other third parties across borders and from your country or jurisdiction to other countries or jurisdictions around the world. Please note that these countries and jurisdictions may not have the same data protection laws as your own jurisdiction, and you consent to the transfer of information to other countries and the use and disclosure of information about you, including personal information, as described in this Privacy Policy

Name of assigned company and contact information

CTS Wallet (cts wallet Inc.)
www.ctswallet.com
help@ctswallet.com

Items to be assigned

Specially designated items below among the items collected by the Company
Identification information such as name, date of birth, citizenship
- Contact information such as email and phone number
- ID information such as passport photo, ID card issued by government and identity card
- Information automatically generated in the process of providing services such as access IP information, service use log, access log and cookies

Purpose

Verification of real names of token purchasers, KYC, AML

Period of possession and utilization of personal data
Company manages and possesses the personal data for the legal personal data possession and utilization time period stated by the law or the personal data management and possession time period consented by you at the time of collecting the personal data. The details are as follow.

① In principal, the possession and utilization time period for collected personal data from the service usage contract (membership) to the termination of service usage contract (includes membership withdraw application, authority withdrawal). When terminating the service usage contract, Company destroys your information except for the information kept for a certain period of time for reasons regarding the information possession stated below and also directs the consignee to destroy the information in case the management of the person information was consigned to a third party.

② Despite the section ¨ç, to prevent service-related disputes, Company follows the internal policy and move the information related to membership and management to a separate server (if information is written on paper, move to a separate document) and store it for the time period stated in each section below and use it within the scope of the purpose.

(1). In case of an investigation or inquiry due to violation of related legislation: until the investigation or inquiry is over
(2). In case of a bond or debt between you and Company: until the bond or debt is paid off
(3). In case of a need for preservation due to related legislation regulations: during the certain time period prescribed by the related legislation

Procedures and methods of destruction of personal data
In principal, Company promptly destroys the personal data when the purpose of personal data management is fulfilled, except when it needs to be preserved due to other legislations. The procedure, time limit, and method of destruction are as follow:

① Destruction procedure: The unnecessary personal data and personal data files are managed as follow under the responsibility of the personal data protection manager, following the internal policy procedures.
(1). Destruction of personal data: persona information outdating the possession period is promptly destroyed on the end date.
(2). Destruction of personal data files: personal data files are destroyed without delay from the day the personal data file management is considered unnecessary if the personal data file becomes unnecessary due to accomplishment of the purpose for investigational personal data file management, abolition of the service, end of the business, etc.

② Destruction method: person information printed on papers should be destroyed by shredding or burning and personal data stored in the form of electrical files should be destroyed via a technical method through which the record cannot be played or physically destroyed.

Your right, obligation, and method of exercise
① You may exercise your right related to privacy policy stated in each section below to Company at any time.
(1). Request to view the personal data
(2). Request for correction in case of errors
(3). Request for deletion
(4). Request for termination of management

② You can exercise your right following the clause ¨ç through writing, e-mail, and FAX. Company will follow your lawful exercise of right within 30 days, and if it cannot do it within 30 days, it will notify you in writing.

③ If you request correction or deletion about errors in the personal data, Company will not use or provide the personal data until it is corrected or deleted.

④ You can exercise your right following the clause ¨ç through your agent. In this case, you have to submit a power of attorney about Company.

⑤ Your right may be restricted due to related legislation upon the request for halt on the personal data viewing and management.

⑥ In case of a request for viewing, correction or deletion, and halt of management following your right, Company asks for documents, such as a copy of the identify document, for identification and verifies whether the request is truly made by the requestee.

⑦ Despite the previous section, if the personal data is stated in another legislation to be collected, the request for correction and deletion of personal data may not be made.

⑧ You may not violate related legislations and invade your own or other people’s personal data or privacy.

Collection of Personal Information via Cookies
Company may install and operate cookies that store and frequently retrieve customers’ information. A cookie means a small amount of text files that a website sends to users’ computer browsers (Internet Explorer, and others)

Operation of cookies and rejection of cookies. Cookies are stored at the hard disk of users’ computers. Cookies identify users’ computers but do not personally identify users.

In addition, customers may accept or reject all cookies, or go through checks whenever cookies are stored by changing settings on their web browser.

However, if customers refuse to store cookies, they may not use some services that require them.

Technical and organizational measures on personal data protection
1.For protection of personal data, Company takes following measures:
① Organizational measures: establishment and operation of internal management plan, regular employee training
② Technical measures: management of access rights such as personal data
③ processing system, installation of access control system, encryption of unique
④ identification information, installation of security program
⑤ Physical security measures: Access control of data processing room, archive room, etc.

Personal data protection officer, etc.
Company designates a personal data protection officer as following to manage general matters regarding the personal data and handle complaints related to personal data management as well as remedies. You can contact the director personal data protection regarding all types of inquiries related to personal data protection, complaint handling, and remedies. Company will answer and handle your inquiry without delay.

Name

Jineub Joo

Division

Business Strategy Dept.

Position

Excutive Director

Phone number

+65-31381758

E-mail

help@smathium.io

Request to view personal data
You can request the following directors to view personal data, and Company will try to handle your request promptly.

Name

Jineub Joo

Division

Business Strategy Dept.

Position

Excutive Director

Phone number

+65-31381758

E-mail

help@smathium.io

Exceptions for application of policy
The Company’s privacy policy does not apply to the collection of personal data by other websites linked in the Company homepage.

Changes in privacy policy, etc.
① This privacy policy applies from ___ year __ month __ date.
② Current privacy policy can be changed upon the government policies or the needs of Company, and when changes are made, a notification will be made in the Company homepage notices or through a separate window.
③ If a separate consent is needed for collection and usage of personal data and provision to a third party, and if related contents are added or modified, Company individually notifies through writing, e-mail, or phone and asks for a separate consent.

Date of enactment: 2018. 11. 01.
Date of final revision: 2018. 11. 01.