This Privacy Policy (“Policy”) explains how X Wallet LLC processes your personal data when you use our platform and services (“X Wallet Platform”, “Platform”), including:

1. X Wallet Telegram widget;
2. X Wallet Telegram bot; our official website https://xwallet.one.

1. Introduction

This Policy forms part of our Terms of Use ("Terms") and should be read in conjunction with them. Unless otherwise defined in this Policy, capitalized terms have the meanings set forth in the Terms. We comply with relevant privacy and data protection laws and regulations, including, but not limited to, Regulation (EU) 2016/679 (General Data Protection Regulation, GDPR). Please note that some privacy-related terms, procedures, rights, and obligations may vary depending on applicable local laws.

1.1 About Us

We are the data controller. This means that we determine the purposes and means of processing personal data and are therefore responsible for its processing.

• Company: X Wallet LLC
• Taxpayer Identification Number: 104723865700002

If you have any questions about our Privacy Policy, you can contact us using any of the following methods:

Legal and Postal Address: Apartment 604, Maitha Plaza 2, Al Corniche Street, Deira, Dubai, Dubai Municipality, Postal Code 28640-96488. (Address in English: Maitha Plaza 2, apt 604 Al Corniche, Deira, Dubai, Dubai Municipality, 28640 96488 POST CODE)

• Email: "....../"
• Telegram Support: https://t.me/xwallet_support_bot

1.2 Consent

By using the X Wallet Platform or by clicking to accept the Policy (if provided), you agree to its terms. Please note that we process your personal data primarily based on your consent. If you/your legal representative do not agree with the Policy, please stop using the Platform. In providing access to the Platform, we act in good faith and reasonably, believing that you:

1. have all necessary rights to use the Platform;
2. provide true, accurate, current, and complete information about yourself;
3. Have reached the minimum age of consent required by the laws of your country of residence, or have parental/legal guardian consent;
4. have carefully read, understood, and accepted the terms of this Policy.

This Policy supplements, but does not replace, any consent you may have previously provided to us regarding the processing of personal data related to your use of the Platform. Your consent herein is in addition to any rights we may have by law to collect, use, or disclose your personal data.

1.3 Changes to this Policy

We reserve the right to change this Policy at any time and at our sole discretion to keep it in line with future developments, industry trends, and/or legal requirements. If we decide to update this Policy, we are not obligated to, but will endeavor to notify you of the changes before they take effect through the X Wallet Platform. In addition, we will always:

1. publish the new version of the Policy on this page so you can review the current terms;
2. indicate the date of the last update at the beginning of the document. We recommend that you periodically review this Policy for changes.

Unless otherwise provided by your rights under law, you agree to be bound by the current version of the Policy, as updated in accordance with this section. You may opt out of accepting updated terms only by discontinuing use of the Platform.

2. What personal data we process and how we do it

2.1 Types of personal data we process

For the purposes of this Policy, personal data means any information that directly or indirectly identifies a specific individual, including any other information subject to applicable law. We process only the personal data you or your legal representative provide to us. The scope of personal data processed depends on the purpose for which it is processed. Details of our personal data processing are provided in the table below:

3. Sharing Your Personal Data

3.1 With Whom We May Share Your Personal Data

We do not sell your personal data. We also do not allow third parties to use your personal data for their own marketing purposes, unless you explicitly request or consent to such use. However, we need to share personal data to ensure the smooth functioning of the Platform for you. Below are the various scenarios in which we may share your data with third parties. We may share your personal data with the following categories of third parties:

1. any third party to whom we assign or transfer our rights or obligations under an appropriate agreement;
2. any national or international regulatory authorities, law enforcement agencies, authorized financial institutions, central or local government agencies, other statutory or public authorities, or courts, when we are required to do so by applicable law or at their request;
3. any third party if you have consented to such transfer.

3.2 Processors on behalf of the personal data controller

To process your personal data, we use the services of certain third parties who process it on behalf of the personal data controller ("Processors"), namely:

Processor – Yandex LLC
Functions:
Provides us with Yandex.Metrica, a tool for user identification.
Privacy Policy details:
Privacy Policy

Processor – Google LLC
Functions:
Provides us with Google Analytics, a tool for user identification.
Privacy Policy details:
Privacy Policy

Processor – SUMSUB TECH LTD
Functions:
Provides us with a tool for user identification and verification in accordance with our AML/CFT Policy.
Privacy Policy details:
Privacy Notice

These Processors store your personal data on their servers and provide us with their own services to support the operation of the Platform. They process your personal data in accordance with the terms of written agreements concluded between us and them. These agreements stipulate that Processors use personal data only within the limits specified in the agreements. The terms of the agreements do not affect the obligations of Processors or your rights as a data subject.

3.3 Location of Personal Data Storage

The personal data we collect may be stored and processed in any country where we operate for the purposes specified in this Policy. Furthermore, your personal data may be transferred, stored, and processed by third parties worldwide.

We take all necessary measures to ensure that all third parties understand that they need to process personal data only for lawful reasons, in accordance with applicable law.

Personal data is stored by the following third parties:

Third Party -

Country:
Provides us with Yandex.Metrica, a tool for user identification.
Privacy Policy details:
Privacy Policy

3.4 Cross-Border Transfers of Personal Data

One of the important steps we take when transferring personal data internationally to third parties is to conduct due diligence and verification.

As part of our third-party verification process, we ensure that personal data is transferred to a third party located outside of our servers only if an appropriate cross-border transfer mechanism is in place and safeguards are in place, as described below. We continually monitor changes in international transfer mechanisms permitted by applicable privacy laws to ensure continued compliance with international data protection standards.

When interacting with third parties located outside of our servers, we agree to an adequate level of data protection, including additional contractual, technical, and organizational measures, and conducting a data impact assessment (where necessary) to protect the rights and freedoms of all individuals affected by our processing.

We only transfer your personal data to third parties for whom we are confident that we can protect your privacy and your rights, such as when the third party is located in a country recognized by the EU (as the leading jurisdiction for privacy regulation) as having adequate data protection laws, or in a country that has not been recognized by the European Commission as providing an adequate level of protection for personal data but where we have a contract with that third party that includes the European Commission's standard data protection clauses.

When transferring data to countries that do not provide the same level of protection as European law, i.e., to countries that the European Commission has not recognized as providing an adequate level of protection, we will use appropriate safeguards to protect your personal data, including standard safeguards for transfers to Processors, as well as additional technical and organizational measures to ensure an equivalent level of protection. By using our Platform, you consent to the transfer of your personal data to countries that have not been recognized by the European Commission as providing an adequate level of protection for personal data, where our service providers process the data for customer service, account management and service provision, and to other locations where we and/or our service providers operate, and to its storage and use as specified in the Policy and Terms or other agreement between you and us.

4. Your privacy rights

You have many rights regarding your personal data and its use. Below we list the main rights that are available to you at any time, along with how to exercise them. To exercise your rights, you can contact us using the contact information provided in Section 1.1 of this Policy.

5. Personal data security

We are committed to protecting the security of your personal data. We use reasonable information security measures, including physical, administrative, and technical security measures such as firewalls, antivirus software, and SSL encryption, to protect your personal data from: unauthorized access; improper use or disclosure; unauthorized alteration or modification; unlawful destruction or accidental loss. These measures vary depending on the sensitivity of the personal data we collect, process, and store, as well as the current state of technology.

Our employees and third parties are required to maintain the confidentiality of personal data when accessing your information. All individuals with such access are subject to strict contractual confidentiality obligations and may be subject to disciplinary action if they fail to comply with these obligations. Furthermore, we take steps to ensure that parties receiving your personal data from us (regardless of their location) have sufficient safeguards to properly process and protect your personal data in accordance with our own data protection and information security standards.

We are constantly improving our data protection systems. We do everything possible to prevent data breaches. If such an incident occurs, we commit to notifying you and the regulatory authorities as soon as possible and making every effort to minimize any negative consequences.