Privacy Policy

Last review: December 06, 2022

This Privacy Policy has been created to comply with the General Data Protection Regulation (GDPR), as well as the Organic Act 3/2018 on Personal Data Protection and its implementing regulations. These laws are designed to protect the personal data of individuals within the European Union.

Identification of the website’s owner

The owner of this website is New World Blockchain Corporation Ltd. (hereinafter “nfts2me”), registered office for this purpose at 10 Market Street, Camana Bay, Grand Cayman, KY1-9006, Cayman Islands and contact e-mail address info@nfts2me.com.

Who is the data controller of the personal data we collect from this website?

The data controller of this website is New World Blockchain Corporation Ltd., registered office for this purpose at 10 Market Street, Camana Bay, Grand Cayman, KY1-9006, Cayman Islands and contact e-mail address info@nfts2me.com

What data are we going to obtain from you? And What is the purpose of such data processing?

We will collect various types of personal data from you, including your name, email address, phone number, and any other information you provide to us through our website or through any other means of communication.

The purpose of collecting this personal data is to provide you with the services and products you have requested from us, to communicate with you about your account and any transactions you have made with us, and to keep you informed about any updates or changes to our products and services. We may also use your personal data for marketing and research purposes, in order to better understand your needs and preferences and to provide you with a more personalized and relevant experience. By providing us with your personal data, you consent to the processing of your data for these purposes.

What are the legal grounds of this data processing?

The legal grounds consist of:

• the data subject has given consent to the processing of his or her personal data for one or more specific purposes. (Art. 6.1.a GDPR).
• processing is necessary for the performance of a contract to which the data subject is party or in order to take steps at the request of the data subject prior to entering into a contract; (Art 6.1.b GDPR).

How long will your data be kept?

We will retain your personal data for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements. In some cases, we may retain your personal data for longer periods of time, for instance if we are required to do so by law or if it is necessary to protect our legal interests.

If you have any questions about the retention of your personal data, please do not hesitate to contact us.

International transfers of data

We do not make any kind or category of international data transfers.

What rights is the data subject entitled to?

The GDPR grants you the rights set out below, which you may exercise by sending an e-mail. You will have to send the e-mail from the same e-mail address you initially used to buy to us.

Below we proceed to explain what each of the rights recognized in the GDPR means.

Rights to access: for the right to access, data subjects will be provided a copy of personal data available together with the purpose for which they have been collected, the identity of the recipients of the data, the terms of retention provided and the criteria used to determine these, the existence of the right to request the rectification or erasure of personal data and the limitation of, or opposition to, processing, the right to lodge a complaint with the Spanish Data Protection Agency and if the data of the data subject have not been obtained, any information available regarding their origin. The right to obtain a copy of the data cannot negatively affect the rights and freedoms of the data subjects.

Right to rectification: in the right to rectification the data of the data subject that were incorrect or incomplete shall be changed in accordance with the purposes of the processing. The data subject may indicate in the request what data are referred to and the correction to be made, providing, where necessary, the supporting documentation of the inaccuracy or incomplete nature of the data processed. If the data have been communicated by the controller to other processors, they must notify them of the rectification unless it is impossible to do so or requires disproportionate effort, providing the data subject with information regarding such recipients upon request.

Right to erasure: we are obliged to erase without undue delay personal data where any of the following circumstances come about:

1. the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed;
2. the data subject withdraws consent granted for specific purposes or on which the processing is based for the processing of special data categories, such as those which reveal the data subject’s political opinions, while such processing is not based on other legal grounds;
3. the data subject objects to the processing for reasons related to his/her specific situation and there are no overriding legitimate grounds for the processing;
4. the personal data have been unlawfully processed;
5. the personal data have to be erased for compliance with a legal obligation in Union or Member State law to which the controller is subject.

The obligation to erase personal data shall not apply to the extent that processing is necessary:

1. for exercising the right of freedom of expression and information;
2. for compliance with a legal obligation which requires processing by Union or Member State law to which the controller is subject;
3. for the performance of a task carried out in the public interest or in the exercise of official authority vested in the controller;
4. for archiving purposes in the public interest, scientific or historical research purposes or statistical purposes in so far as the right of erasure is likely to render impossible or seriously impair the achievement of the objectives of that processing;
5. for the establishment, exercise or defence of legal claims.

Right to opposition: in the case of the right to opposition, where the data subjects refuse to provide consent for the processing of their personal data before the controller, the controller shall cease processing them provided that no legal obligation prevents them from doing so. Where the processing is based on a mission of public interest or legitimate interest of the controller, before a request to exercise the right to opposition, the controller must cease processing the data except where overriding reasons prevail above the interests, rights and freedoms of the data subject or are necessary for their formulation, exercise or defence of the claims. If the data subject opposes the processing for the purposes of direct marketing, the personal data shall no longer be processed for these purposes.

Right to portability: in the case of right to portability, if the processing is carried out by automated means and is based on consent or is carried out within the framework of a contract, the data subject may request a copy of their personal data in a structured, commonly used and electronically readable format. Thus, they have the right to request that they are transmitted directly to a new controller whose identity must be communicated where technically possible.

Right to limitation of processing: in the case of the right to limitation of processing, the data subjects may request the suspension of processing of their data to impugn the inaccuracy while the controller carries out the necessary verifications or, in the event that the processing is carried out based on the legitimate interest of the controller or in compliance with a mission of public interest, while it is verified if these reasons prevail over the interests, rights and freedoms of the data subject. The data subject may also request the retention of the data if it is considered that the processing is illegal and, rather than suspension, request the limitation of processing or if the controller no longer needs the data for the purposes for which they were collected, the data subject needs them for the formulation, exercise or defence of complaints or claims. In the event that the processing of the data subject’s data is limited this must be clearly stated in the controller’s systems. If the data have been communicated by the controller to other processors, they must notify them of the rectification unless it is impossible to do so or requires disproportionate effort, providing the data subject with information regarding such recipients on request.

Complaints before data protection authorities

You have the right to file complaints before Spanish Data Protection Agency if you deem that your personal data are not being processed properly.

Processing of minors’ data

Our services should be used by people over 14 years of age. You should therefore refrain from using them if you are younger than said age. We may require you to provide an official document to certify your age.

RECORDS OF PROCESSING ACTIVITIES

Processing: Customers

a)     Controller	Identity: nfts2me Email: info@nfts2me.com
b)     Purpouse of the processing	Management of customers relations.
c)     Categories of data subjects	Customers: Persons with whom a commercial relationship as customers is mantained
d)     Categories of data	Categories necessary for maintaining the commercial relationship. Identification: name and surnames, Tax ID number, postal address, telephones, email. Personal characteristics: date and place of birth, age, sex, nationality. Payments details. ID documents.
e)     Categories of recipients	State Tax Administration Agency Law enforcement Authorities
f)      International transfers	No international transfers are planned
g)     Term of erasure	The terms provided for in tax legislation with respect to the expiry of responsibilities

 

Processing: Potential Customers

h)     Controller	Identity: nfts2me Email: info@nfts2me.com
i)      Purpouse of the processing	Management of potential customer relations.
j)      Categories of data subjects	Potential customers: People with whom it is sought to establish commercial relationships as customers.
k)     Categories of data	Categories necessary for maintaining the commercial relationship. Identification: name and surnames, Tax ID number, postal address, telephones, email.
l)      Categories of recipients	Those necessary for the commercial marketing of the company Identification: name and surnames, postal address, telephone numbers, e-mail.
m)   International transfers	No international transfers are planned
n)     Term of erasure	A year from first contact