International and EU GDPR
NiAl Interactive Inc., a company registered in the British Virgin Islands (the “Company”),
same meaning and purpose as stated in the Cryowar Token Sale, Holding and Usage Terms and Conditions
("T&Cs"), in the Cryowar End User Licence Agreement ("EULA") and in the Cryowar Website Terms and
Conditions ("Web T&Cs"), which all form, together with the Cryowar Whitepaper ("Whitepaper") the
documentation regulating the Cryowar project, in relation to:
I. any information the Company collects about the User when he/she uses the Product (including any
software and/or app in the br/oadest sense), visits the Company's Website, and/or otherwise interacts
with any member of the Company's Team;
II. how the Company uses, shares, stores, and secures the information; and
III. how the User may access and control that information.
1. User Information.
1.1. The Company may collect any ''Personal Information'', which is any data, information, or combination of
data and information that is provided by the User to the Company, or through the use of the Product and/or the
Company's Website and that relates to an identifiable individual.
1.2. The Company collects the Personal Information when it is provided by the User or when the User uses the
Product, and/or visits the Website.
1.3. The Company does not collect sensitive data or special category data about the User. This includes details
about race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, or sexual
2. Information Usage.
2.1. The Company will only use any Personal Information that the applicable law allows to and in particular:
2.1.1. to provide customer support and personalized features, and to protect the safety and security of
the Product and/or Website;
2.1.2. to satisfy a legitimate interest which is not overridden by the User's fundamental rights or data
protection interests, for example for research and development, and in order to protect the Company's
legal rights and interests;
2.1.3. when the User consents to do so for a specific purpose;
2.1.4. when the Company needs to comply with a legal or regulatory obligation arising from any Country.
2.2. When the User has given consent to use any Personal Information for a specific purpose, he/she has the
right to withdraw said consent at any time by contacting the Company, but this will not affect any use of the
Personal Information that has already taken place.
2.3. The Company does not share any Personal Information with any company outside its own group, if
applicable, for marketing purposes, unless there is an express specific consent to do so.
2.4. For visitors to or users of the Product and/or Website who are located in the European Union, the
legal bases for processing their information are published in the Legal Bases Table at the end of this Policy
under Clause 9.
3. Information Sharing.
3.1. The Company may share Personal Information with third parties that help it operate, provide, support,
improve, and market its Product, Website, others products and services, for example, third-party service
providers who provide website and application development, data storage and backup, infrastructure, payment
processing, customer support, business analytics, Anti-Money Laundering (''AML'') and Know Your Customer
checks (''KYC'') and other relevant services.
3.2. Third-party service providers have access to Personal Information only for the purpose of performing their
services and in compliance with applicable laws and regulations. These third-party service providers are required
to maintain confidentiality and security of all Personal Information that they process on the Company's behalf
and to implement and maintain reasonable security measures to protect the confidentiality, integrity, and
availability of any Personal Information.
3.3. The Company takes reasonable steps to confirm that all third-party service providers process Personal
Information in a manner that provides at least the same level of protection as is provided under this Privacy
Policy. Where any third-party service provider is unable to satisfy these requirements, any reasonable steps to
prevent or stop non-compliant processing will be taken.
3.4. The Company may share Personal Information on an aggregated or de-identified basis with third parties for
research and analysis, profiling, and similar purposes to help the improvement of products and services.
3.5. If the Users use any third-party software in connection with our products or services, third-party software
providers can gain access to the Personal Information. Policies and procedures of third-party software providers
collected or used by third-party software providers. The User is encouraged to review the privacy policies of
third-party software providers before using third-party software.
3.6. Some parts of the Product and the Website may contain links to third-party websites over which the
Company has no control. If the Users follow a link to any of these websites or submit information to them, any
Personal Information will be governed by their policies. We encourage the User to review the privacy policies
of third-party websites before submitting any information to them.
3.7. The Company may share any Personal Information with government and law enforcement officials to
comply with applicable laws or regulations arising from any applicable jurisdiction, even if different from that of
the User or the Company.
4. Information Storage
4.1. All Personal Information provided by the User is stored on the Company's servers or on a third-parties
server to which only the Company has access to within the boundaries of relevant laws and regulations.
4.2. The Company only retains Personal Information for so long as it is reasonably necessary to fulfill the
purposes they were collected for, including for the purposes of satisfying any legal, accounting, or reporting
5. International Transfer of Information
5.1. The Company collects any Personal Information globally and transfers, processes, and stores any Personal
Information outside the User's country of residence where the Company's or any third-party service providers
operate for the purpose of providing the products and services.
5.2. Some of the Countries in which the Company or third-party service providers are operating from or are
located in may not have the privacy and data protection laws that are equivalent to those in the User's
country of residence. When Personal Information is shared with these companies or third-party service
providers, use is made of contractual clauses, corporate rules, and other appropriate mechanisms to safeguard
the transfer of any Personal Information, within reason.
6. User's rights
6.1. The User has the following right to:
6.1.1. be informed of what the Company does with the relevant Personal Information;
6.1.2. request a copy of relevant Personal Information the Company holds;
6.1.3. require the Company to correct any inaccuracy or error in any Personal Information held;
6.1.4. request erasure of any relevant Personal Information, except the one held for record-keeping
purposes, to complete transactions, or to comply with legal obligations);
6.1.5. object to or restrict the processing of any relevant Personal Information (including for marketing
6.1.6. request to receive some of the relevant Personal Information in a structured, commonly used, and
machine-readable format, and request that it is transferred to another party; and
6.1.7. withdraw consent at any time where the Company is relying on consent to process the relevant
Personal Information (although this will not affect the lawfulness of any processing carried out before
such consent withdrawal).
6.2. The Platform and the App enable Users to update certain information about themselves.
6.3. The User may opt-out of receiving marketing materials from the Company by expressly contacting it.
However, the User will continue to receive notifications or information that are necessary for the use of the
Company's products or services.
6.4. As a security measure, the Company may need specific information from the User to help confirm his/her
identity when processing any privacy requests or when you exercise the rights stated in this Clause.
6.5. Any request under paragraph 6.1 will normally be addressed free of charge. However, the Company may
charge a reasonable administration fee if the request is clearly unfounded, repetitive, or excessive.
6.6. The Company will respond to all legitimate requests approximately within one (1) month. Occasionally, it
may take longer than one (1) month if the request is particularly complex or if the users have made a number of
7. Policy Changes
come into effect, the User agrees to be bound by the revised policy.
8.1. The Company's products and services are not directed or intended for individuals not major of age in their
Country of residence. The Company does not knowingly collect any personal information from individuals
not major of age and if this will be detected, steps will be taken to delete such information.
9. European Union Users - GDPR
9.1. If the User is perusing the Product and/or visiting the Company's Website from the European Union
(''EU''), that may differ from privacy laws under other jurisdictions. The User acknowledges that he may be
transferring relevant Personal Information to the Company for storage and processing in other Countries around
protecting any relevant Personal Information and has put in place adequate mechanisms to protect it when it is
9.2. The Legal Bases for collecting and using any relevant Personal Information if the User is a citizen or
resident of the EU, will depend on the Personal Information concerned and the specific context in which it is
● Performance of a contract. The use of any relevant Personal Information may be necessary to perform
the terms and conditions or other policies under which we operate the Product and the Website.
● Consent. The User consent is needed if technical information such as cookie data and geolocation data
is necessary, and any relevant Personal Information is used for marketing purposes. The User may
withdraw his/her consent at any time by contacting the Company directly.
● Legitimate interests. The Company may use any Personal Information for its legitimate interests to
improve its Product, Website, for security purposes, and fraud prevention, and to share information with
any affiliates for internal administration. In such circumstances, the Company ensures that these interests
are not overridden by the User's data protection interests or fundamental rights and freedoms.
9.3. Legal Bases Table
|Type of data processed
To enable the User to access
any products and services
Account Data, Transaction Data,
Support Data, Technical Data [and
To administer and maintain he
safety and security of the Website
To study the usage of any
products or services
Transaction Data, Support Data,
Technical Data, Usage Data
Legitimate interest to improve
To gather feedback on any products, services, or features
Legitimate interest to improve
9.4. Rights under EU law:
If the User's relevant Personal Information is subject to the protections offered by EU law, he/she may:
● Access, correct, update or request deletion of any relevant Personal Information, at any time by
contacting the Company using the contact details provided on the Website (in accordance with applicable
data protection laws) or by email to firstname.lastname@example.org, provided that the Company may charge a
reasonable fee for any manifestly unfounded, excessive or repetitive requests;
● Object to the processing of any relevant Personal Information, ask the Company to restrict processing of
any relevant Personal Information or request portability of any relevant Personal Information for the
legitimate interests set out above. In certain circumstances, the Company may not be able to stop using
the Personal Information, with motivated cause.
● Withdraw consent at any time if the Company collected and processed any relevant Personal Information
● Opt-out of any marketing communications that the Company (or any third party to whom the Company
disclosed the Personal Information with consent) may send;
● Complain to a data protection authority about the Company's collection and use of any relevant Personal
These rights apply only to Users who are subject to EU law.
9.5. The Company is the Data Controller in relation to its Product and Website and is responsible for any
relevant Personal Information, save for what pertains to other third-party service providers connected.
The User may contact the Company through its Website or by email on email@example.com if he/she
has any concerns about this Policy and any relevant Personal Information.
10. Law and Jurisdiction
connection with it or its subject matter or formation (including non-contractual disputes or claims) are governed
by and construed in accordance with the laws of the British Virgin Islands. You irrevocably agree that the
courts of the British Virgin Islands have exclusive jurisdiction to settle any dispute or claim that arises out
of or in connection with the EULA or its subject matter or formation (including non-contractual disputes or