ToonPay Privacy Policy

TOONPAY TECHNOLOGIES LIMITED registered at UNIT B, 22ND FLOOR, FORD GLORY PLAZA, 37-39 WING HONG STREET, CHEUNG SHA WAN, HONG KONG, along with our affiliates and subsidiaries (collectively referred to as "ToonPay," "us," or "our"), presents this policy to delineate our practices regarding the safeguarding, acquisition, application, and sharing of your personal information. This applies when you interact with our services including:

• Our official website and ToonPay Application
• Virtual asset services and wallet management
• Payment processing and transaction services
• Customer support and communication services

Please thoroughly review this policy as it is crucial for understanding our practices and your interaction with our services. If you have any queries, reach out to us at support@toonpool.online. Your use of our services signifies your acceptance of these terms. If you disagree with any part of this policy, please refrain from using our services.

Definition of Personal Data

Personal data, as defined here, includes any information that:

1. a). Directly or indirectly pertains to a living person.
2. b). Allows for the identification of an individual, either directly or indirectly.
3. c). Is accessible and processable.

Information Collection

As a visitor or user of our services, we collect necessary personal information to provide our services, comply with legal requirements, including Anti-Money Laundering (AML) and Counter-Terrorism Financing (CTF) obligations, or as detailed herein. Providing personal data marked with asterisks is mandatory for service provision.

Information collected by using our official website, ToonPay Application or web application:

• Pages visited, country location, date and time of requests, IP address
• Interaction with our Site(s), device, operating system and web browser user
• Transaction patterns and blockchain addresses for AML/CTF compliance
• Know Your Customer (KYC) information including identity verification documents
• Politically Exposed Person (PEP) screening results
• High-risk jurisdiction assessments as defined by FATF
• Transaction monitoring data for suspicious activity detection

We may obtain your data from partners, affiliates, and external sources, including social media connections. This may encompass demographic information and identity verification via KYC processes and AML/CTF screening procedures.

Information Sharing and Processing

We might share your information with affiliates, service providers, government bodies, or other third parties under certain conditions with our affiliates or subsidiaries, service providers (e.g., AML screening providers, blockchain analytics services, CRM, communication services) vendors, agents, relevant government ministries, regulators, including the Joint Financial Intelligence Unit (JFIU), partners, or any third party, including but not limited to when third parties perform part of our Services on our behalf.

Some third-party processing your personal data either on ToonPay behalf or any other circumstance may be located in a different country from the point of collection of your personal data including but not limited to the location of servers or cloud-based services.

In the case where your personal information must be shared with third parties in circumstances that are not standard with our relationship with you, ToonPay will request your consent unless the disclosure of your personal information is:

1. (a) requested by Authority, law enforcement agency, or public agency;
2. (b) without a doubt in your interests, and if consent cannot be obtained in a timely way;
3. (c) necessary to respond to an emergency that threatens the life, health, or safety of yourself or another individual;
4. (d) required for AML/CTF compliance including Suspicious Transaction Reports (STR);
5. (e) required, permitted, or authorized based on the applicable laws and/or regulations.

Third-Party Links and Services

Our websites and services may feature links to external sites or applications not operated by ToonPay. When you follow these links, our Privacy Policy will no longer apply. We encourage you to review the privacy policies of these external platforms. ToonPay does not bear responsibility for the privacy practices of third-party websites or applications.

International Data Transfer

We may transfer, store, and process your personal data in various locations, including facilities operated by third parties like Google or Amazon Web Services or others. Despite the international nature of our data processing, we are committed to enforcing robust data and privacy protection standards.

Data Security

Our commitment to your data's security is unwavering. We adhere to the Personal Data (Privacy) Regulation and other relevant regulations to safeguard the confidentiality and integrity of your personal information. Despite rigorous electronic safeguards, we must acknowledge the possibility of unauthorized data disclosure. In such instances, our liability for any resulting harm to users or third parties is limited to the maximum extent permitted by law.

Your Rights Regarding Personal Data

As a user of ToonPay services, you have specific rights regarding your personal data:

• Access Rights: Request access to your personal data
• Correction Rights: Request correction of inaccurate personal data
• Erasure Rights: Request deletion of your personal data (subject to legal obligations)
• Consent Withdrawal: Withdraw consent for data processing
• Data Portability: Request transfer of your data to another service provider

Limitations on Rights Exercise

In some circumstances, we may decline to comply with your request in the following circumstances:

1. (I) a government agency or regulator with jurisdiction over ToonPay, directs ToonPay not to comply with a visitor or user's request;
2. (II) the information may, in our discretion, affect the safety of any person or persons;
3. (III) the data may be relevant to a regulator or official investigators (criminal conduct or breach of applicable laws);
4. (IV) the data correction request is not made in Chinese or English writing;
5. (V) it is unable to verify the identity and authority of the requestor;
6. (VI) it is not satisfied that the personal data to which the DCR relates is inaccurate;
7. (VII) it is not provided with sufficient information to ascertain that the data is inaccurate;
8. (VIII) AML/CTF record keeping requirements prevent data deletion.

Consent Withdrawal

In case you decide to withdraw your consent for the use of your personal data by ToonPay, you are advised to immediately discontinue using our services and inform us via email at support@toonpool.online. Upon receiving your request, we will process it promptly. Be aware that withdrawing consent may have legal implications and could impact our ongoing relationship. The extent of your consent withdrawal might necessitate the termination of your access to our services.

Right to be Forgotten

You have the right to request the erasure of your personal data in our control, commonly known as the "right to be forgotten." However, we may not always be able to fully comply due to legal obligations including AML/CTF record keeping requirements or technical limitations. We commit to erasing personal data when it's no longer needed for its original purpose, except where law or public interest prevents such erasure.

Minors

Any individual below the age of 18 (or applicable age required for you to legally access or use the Services) shall obtain permission from their parents or legal guardians before accessing or visiting our Site(s) and Services.

ToonPay does not have any intention to collect any personal data about individuals below the age of 18. If you act as a parent or guardian, by providing us with the personal data of an individual below the age of 18, you hereby consent to the processing of his/her personal data as per applicable laws and agree to be personally bound by the terms of this Privacy Policy and take full responsibility for his/her actions.

Data Retention

ToonPay retains your personal data for as long as your account remains active or as necessary for providing services, including for legal, accounting, or reporting requirements. This includes retention periods post-termination of our business relationship as mandated by applicable laws, such as anti-money laundering regulations requiring retention for no less than seven (7) years after the end of the business relationship or transaction.

For AML/CTF compliance, records related to Customer Due Diligence (CDD), transaction history, risk assessments, and Suspicious Transaction Reports (STRs) must be retained for the prescribed period and must be retrievable promptly upon request from regulatory authorities.

Policy Updates

We may change this Privacy Policy from time to time. If we do, we will let you know by revising the date at the top of the policy. If the changes, in our sole discretion, are material, we may also notify you by sending an email to the address associated with your account or by otherwise providing notice through our Services.

Contact Information

If you wish to ask or notify us for:

1. (a) Data Access Request (DAR) or Data Correction Request (DCR);
2. (b) Queries related to this privacy policy;
3. (c) Remove your consent for us to use your personal data; or
4. (d) Erase personal data.

Please send us a notice to: support@toonpool.online

Cookies and Tracking Technologies

What Are Cookies?

Cookies are small amounts of data that are sent to your browser and stored on your computer's hard drive to collect standard internet log information and visitor/user behavior information. When you visit our Sites or ToonPay Application, ToonPay can automatically collect information from you through cookies or similar technologies.

How Do We Use Cookies?

We use cookies in a range of ways to make your experience on our Sites and Services more enjoyable, including but not limited to:

1. a. to keep you signed in;
2. b. to record your habits and preferences when browsing our Sites and Services;
3. to record our performance and verify the effectiveness of online advertising through analytics with cookies;
4. Manage and improve the design of the Site and Services;
5. Support AML/CTF compliance monitoring and risk assessment.

Cookie Management

Most browsers automatically accept cookies. You can adjust your browser setting to prevent cookies or to notify you as soon as cookies are loaded. However, stopping all cookies might mean that you cannot access or use some of our Services or features.

Do Not Track (DNT)

DNT is a concept that has been promoted by regulatory agencies for the Internet industry to develop and implement a mechanism for allowing Internet users to control the tracking of their online activities across websites by using browser settings. However, please be aware that cookies placed by third parties may continue to track your activities online even after you have left our Services.