send Definitions and legal references
Personal Data (or Data)
Any information that directly, indirectly, or in connection with other information — including a personal identification number — allows for the identification or identifiability of a natural person.
Data Subject
The natural person to whom the Personal Data refers.
Sensitrust (or this Application)
The means by which the Personal Data of the User is collected and processed.
User
The individual using Sensitrust who, unless otherwise specified, coincides with the Data Subject.
Data Controller (or Owner)
The natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of Personal Data, including the security measures concerning the operation and use of Sensitrust. The Data Controller, unless otherwise specified, is the Owner of Sensitrust.
Data Processor (or Data Supervisor)
The natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the Controller, as described in this privacy policy.
Usage Data
Information collected automatically through Sensitrust (or third-party services employed in Sensitrust), which can include: the IP addresses or domain names of the computers utilized by the Users who use Sensitrust, the URI addresses (Uniform Resource Identifier), the time of the request, the method utilized to submit the request to the server, the size of the file received in response, the numerical code indicating the status of the server's answer (successful outcome, error, etc.), the country of origin, the features of the browser and the operating system utilized by the User, the various time details per visit (e.g., the time spent on each page within the Application) and the details about the path followed within the Application with special reference to the sequence of pages visited, and other parameters about the device operating system and/or the User's IT environment.
Service
The service provided by Sensitrust as described in the relative terms (if available) and on this site/application.
Cookies
Small sets of data stored in the User's device.
United Kingdom (UK)
Unless otherwise specified, all references made within this document to the United Kingdom include The United Kingdom of Great Britain and Northern Ireland.
European Union (or EU)
Unless otherwise specified, all references made within this document to the European Union include all current member states to the European Union and the European Economic Area.
Legal information
This privacy statement has been prepared based on provisions of multiple legislations, including UK GDPR and EU GDPR.
This privacy policy relates solely to Sensitrust, if not stated otherwise within this document.
send Owner and Data Controller
SENSITRUST LTD
24 Tax Suite 137 B Westlink House 981 Great West Road, Brentford, United Kingdom, TW8 9DN
Company number: 12371894
ICO Registration number: ZA730856
Privacy Officer contact email: 
send Introduction
Sensitrust (“the Company”, “We”, “Our” or “Us”) is providing this Privacy Policy to explain what personal data We collect, how We use it, and your rights if you want to change how We use your personal data.
Please read this Policy carefully!
send Personal data you give Us
You may give Us personal data by:
- Registering to use Sensitrust.io;
- Filling in forms online;
- Corresponding with Us by phone, e-mail or Skype; or
- Subscribing to Our newsletter
In the following, We report the detailed set of data We ask you, mandatorily or optionally, for each process you may be involved in.
| Process name | Mandatory personal data | Optional personal data |
|---|---|---|
| Registration | Name, e-mail address, password, cookie data, Usage data and account number (provided once data is deleted). | Date of birth, address, Ethereum address, telephone number, Facebook page, Twitter page, LinkedIn page, company name, company address. |
| Support form services | Telephone number or Skype ID, any (also sensitive) personal data that may be contained within the e-mail message, Usage data, and cookies data. | None |
| Contact form services | Name, e-mail address, any (also sensitive) personal data that may be contained within the e-mail message, Usage data, and cookies data. | None |
| Invoice processing | Name, address, VAT number or fiscal code, contact details (examples include but are not limited to: telephone number, mobile number, Skype details, e-mail address, website), IBAN details. | None |
| Consultant and Collaborator engagement | Full name, ID card number or passport number, qualifications, signature and photograph. | LinkedIn ID and personal website link |
| BETA - Registration | First name, last name, username, and e-mail address, Cookie data, Usage data and Account Number (provided once data is deleted). | Photo profile, language, address, city, country, postal code, personal description, and social media links to personal profiles. |
| BETA - Contact form services | Name, Email address, any (also sensitive) personal data that may be contained within the e-mail message, Usage data and Cookies data. | None |
| BETA - Customer Feedback to the Professional | Any (also sensitive) personal data that may be contained within the feedback message. | None |
| BETA - Customer Feedback to the Auditor | Any (also sensitive) personal data that may be contained within the feedback message. | None |
| BETA - Auditor Feedback to the Professional | Any (also sensitive) personal data that may be contained within the feedback message. | None |
| BETA - Customer Checkout | Any (also sensitive) personal data that may be contained within the message to the professional. | None |
| BETA - Professional Delivery | Any (also sensitive) personal data that may be contained within the data accessible by the link provided by the professional. | None |
| BETA - Professional New Listing | Any (also sensitive) personal data that may be contained within the title, short description, full description of the activity, package description, payment coordinates (including cryptocurrency wallet addresses and Paypal email address), and IBAN details. | None |
send Personal data We collect from your device
We use Usage Data and Cookies to manage Our website, and to make sure that content from Our website is presented in the most effective way for you and your device. For more information about cookies, please see Our Cookies Policy.
send Lawful basis for personal data processing
| Process name | Lawful basis for processing |
|---|---|
| Registration | Contract |
| Support form services | Legitimate interest (May include special category of data) |
| Contact form services | Legitimate interest (May include special category of data) |
| Invoice processing | Law |
| Consultant and Collaborator engagement | Contract and Consent |
| Marketing, statistics and preference cookies | Consent |
| BETA - Registration | Contract (May include special category of data) |
| BETA - Contact form services | Legitimate interest (May include special category of data) |
| BETA - Customer Feedback to the Professional | Contract (May include special category of data) |
| BETA - Customer Feedback to the Auditor | Contract (May include special category of data) |
| BETA - Auditor Feedback to the Professional | Contract (May include special category of data) |
| BETA - Customer Checkout | Contract (May include special category of data) |
| BETA - Professional Delivery | Contract (May include special category of data) |
| BETA - Professional New Listing | Contract (May include special category of data) |
send How long We keep your personal data?
Under England and Wales Law, We are required to keep your documents according to Our Data Retention Policy. After this period, your personal data will be irreversibly destroyed. Any personal data held by Us for service notifications will be kept by Us until such time that you notify Us that you no longer wish to receive this data.
We will not retain your personal data for longer than is necessary to fulfil the purpose it is being processed for. To determine the appropriate retention period, We consider the amount, nature and sensitivity of the personal data, the purposes for which We process it and whether We can achieve those purposes through other means.
Blockchain relies on a distributed ledger system that is decentralized and immutable. It is intended to be
a permanent and a tamper-proof record that sits outside the control of any one governing authority.
Information on the blockchain, including personal information of Data Subjects, cannot be modified or deleted.
The Company vows data protection transparency. As Data Controller, we are obliged to be transparent with
Data Subjects about how we process their personal data. Thus, Data Subjects are informed that the Company
must collect an Ethereum address to offer a service. Even though the Company deletes personal data as per
Retention Policy, the Ethereum address and all the blockchain transactions linked to it are never deleted
from the blockchain due to its immutability property. This is a fact that Data Subject must accept if s/he
decides to participate in an open source, public blockchain.
Should you require further information about Our retention periods, please contact Us using the provided Privacy Officer contact email outlining your requirements.
send Do We share your personal data?
We share your personal data with third party suppliers to provide you with the best service.
| 3rd party | Service | Place | Data |
|---|---|---|---|
| Amazon Web Services, Inc. Privacy Policy |
Hosting and backend service provided | Germany | All the data collected |
| Sum And Substance Ltd Privacy Policy |
Service to verify the user's identity | United Kingdom | Identification documents (for example, national ID card, passport or driving licence), proof of residence documents (for example, utility bills or bank statements), any other documents you have provided for identification purposes (for example, proof of source of funds), and any other data (that may also include sensitive data) that can be extracted from such documents; a selfie confirming your identity and your identification document or the result/video of a liveness check; results of background AML checks. |
| Sendgrid Inc Privacy Policy |
Email address management and message sending service | United States | E-mail address, first name, any personal data that may be contained within the e-mail message |
| Google Ireland Limited Privacy Policy |
Google Analytics: track and examine the use of Sensitrust; Google Fonts: typeface visualization service; Google Tag Manager: tag management service; Google Drive: save and manage backups | Ireland | Cookies, Usage Data |
| Revolut Limited Privacy Policy |
Banking service | United Kingdom | Name, address, IBAN details (only if the Data Subject participates via a bank transfer). |
| TransferWise Limited Privacy Policy |
Banking service | United Kingdom | Name, address, IBAN details (only if the Data Subject participates via a bank transfer). |
| Dropbox Inc. Privacy Policy |
Save and manage backups | United States | Name, address, VAT number or fiscal code, contact details (examples include but are not limited to: telephone number, mobile number, Skype details, e-mail address, website), IBAN details. |
| 24 Tax and Consulting LTD Privacy Policy |
Accounting | United Kingdom | Name, address, VAT number or fiscal code, contact details (examples include but are not limited to: telephone number, mobile number, Skype details, e-mail address, website), IBAN details. |
| Cloudflare Inc. Privacy Policy |
Traffic optimization and distribution service | United States | Usage Data |
| Microsoft Coorp. Privacy Policy |
Skype: instant messaging service | United States | Any (also sensitive) personal data that may be contained within messages |
| NameCheap Inc. Privacy Policy |
Email address management and message sending service | United States | E-mail address, any (also sensitive) personal data that may be contained within the e-mail message |
| Smartsupp.com s.r.o. Privacy Policy |
Chat service | Czech Republic | Name, E-mail address, Cookies, Usage Data |
| Intuition Machines, Inc. Privacy Policy |
Anti-bot solution | United States | hCaptcha Analytics Information, data collected through hCaptcha Third Party Analytics and Tracking Technologies, and Information collected as a result of End-Users answering prompts (Labeled Data). Note that all modern security services must retain some amount of data for some period of time past initial verification in order to enable anomaly detection and other security functions. hCaptcha aggregates/de-identifies data as quickly as possible. Aggregated/de-identified data are used for the hCaptcha annotation service. |
Moreover, the Company may share your personal data with:
- Other third parties to the extent necessary to: (i) comply with a government request, a court order or applicable law; (ii) prevent illegal uses of Our website, violations of Our website, its terms of use and Our policies; (iii) defend Ourselves against third party claims; and (iv) assist in fraud prevention or investigation.
- To any other third party for which you have provided Us with your consent.
send How do we protect your data?
Our site is reviewed on a regular basis for security vulnerabilities in order to make your visit to our site as safe as possible. Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.
send What are your rights?
You have the right to request:
- Access to your personal data;
- An electronic copy of your personal data (portability);
- Correction of your personal data if it is incomplete or inaccurate; or
- Deletion or restriction of your personal data in certain circumstances provided by applicable law.
These rights are not absolute. Where We have obtained your consent for the processing of your personal data, you have the right to withdraw your consent at any time.
If you would like to request a copy of your personal data or exercise any of your other rights, kindly contact Us using the provided Privacy Officer contact email
If you have any questions related to EU GDPR 2016/679 compliance or Data Protection, you can contact Us using the provided Privacy Officer contact email. If you still feel that your personal data has not been handled appropriately according to the Law, you have the right to lodge a complaint against the Company regarding data protection issues with the Data Commissioner’s Office.
send Other local Data Protection Laws
We at Sensitrust LTD take the data privacy of our customers and guests very seriously and are committed to abiding by the applicable Data Protection Laws.
If you have any enquiry or complaint regarding how we handle your personal data or how we comply with your local applicable Data Protection Law, we welcome you to contact us using the provided Privacy Officer contact email.
When submitting an enquiry or a complaint, your indication of the applicable Data Protection Law in the subject would assist us in attending to your complaint effectively.
send Changes to this privacy policy
The Owner reserves the right to make changes to this privacy policy at any time by notifying its Users on this page and possibly within Sensitrust and/or - as far as technically and legally feasible - sending a notice to Users via any contact data available to the Owner. It is strongly recommended to check this page often, referring to the date of the last update.
Should the changes affect processing activities performed on the basis of the User’s consent, the Owner shall collect new consent from the User, where required.
Last update: 2022-10-21