MANGUSTO

Info@mangusto.io

Privacy Policy

Introduction

This Privacy Policy outlines MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s policies and procedures concerning the collection, use, sharing, and further handling of the User’s Personal Data (Personal Information) during the use of Our MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA Website, Wallet, Platform, and/or Services.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA is dedicated to safeguarding the Personal Data (Personal Information) shared by Users with Us. All Personal Data (Personal Information) kept on MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA Wallet, Website, Platform, and/or Services is regarded as Confidential Information, securely stored and accessible solely by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s authorized staff in line with GDPR standards and principles.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA applies and upholds suitable technical, protective, and organizational safeguards to shield Personal Data (Personal Information) from unauthorized or illegal handling, access, and exploitation, encompassing but not restricted to unintended loss, erasure, harm, misappropriation, or exposure of gathered Personal Data (Personal Information).
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA offers a platform for trading Virtual Assets, along with additional Services detailed in the MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Terms of Use. Thus, this Privacy Policy describes the ways MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA manages Personal Data (Personal Information) capable of directly or indirectly identifying our Users, obtained via MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Website, Platform, and/or Services.
This Policy is applicable when We serve as a Data Controller regarding the Personal Data (Personal Information) of Our Website Visitors and Service Users. Put differently, when We decide the objectives and methods for processing such Personal Data (Personal Information).
We will also request Your consent for Our cookie usage per Our Cookies Policy upon Your initial visit to Our Website.
This Privacy Policy forms a compulsory, binding, and essential component of the Terms of Use, acting as an Additional Document noted in the MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Terms of Use.
For this Privacy Policy, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA defines “User” or “You” as a natural or legal entity, whether a Website Visitor and/or the User outlined in the Terms of Use. The terms “We”, “Us”, and/or “Our” pertain to MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA.

Definitions

Terms used in this Privacy Policy shall be interpreted in accordance with the definitions outlined below:
““MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA” means MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA LLC, a company registered and incorporated under the laws of Poland with the business REGON: 52992449900000: NIP: 6762679281, having its registered office at: ul. SZLAK nr. 77 lok. 222 miejsc. KRAKÓW kod 31-153 poczta KRAKÓW kraj POLSKA.. MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA has been granted a trade license (authorisation) for providing services related to virtual assets.
“Data subject” means the User-natural person, i.e. an identifiable natural person who can be directly or indirectly identified.
“User-Visitor” means the User-natural person who only visits the MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Website.
“DPAs” mean legally binding documents that specify the terms and conditions under which Personal Data (Personal Information) is handled by a third party on behalf of a Data Controller, ensuring compliance with GDPR and other relevant EU data protection laws.
“ePrivacy Directive” means Directive 2002/58/EC of the European Parliament and of the Council of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
“Data Controller” means MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA, i.e. the legal entity which determines the purposes and means of the Processing of Personal Data.
“Third-Party Processor” means a person who processes Personal Data (Personal Information) under the direct authority and on behalf of the Data Controller.
“Third-Party Services” mean services delivered by an external natural or legal person that is not part of MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA.
“AML” or “AML/CFT” means a set of applicable laws, regulations, and procedures designed to prevent money laundering, terrorist financing, and any other criminal activity involving funds disguised as legitimate income.
“KYC” means a process employed by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as an AML/CFT Obliged Person to verify the identity of its clients (Users).
“KYT” means a process utilized by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as an AML/CFT Obliged Person to verify, monitor, and/or analyze individual transactions to identify suspicious or unusual activity that may signal fraudulent behavior or illicit financial activities.
“Cookies” mean small text files saved on the User’s device when accessing the Website. They enable MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA to recognize Your device, retain information about Your preferences or past actions on the Website, and assist MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA in enhancing the Website.
“AML/CFT Obliged Person” means MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA, i.e. the entity which, under applicable AML laws, is required to prevent money laundering, terrorist financing, and any other criminal activity involving funds presented as legitimate income.
“Standard Contractual Clauses” or “SCCs” mean the legal mechanisms that Commission Implementing Decision (EU) 2021/914 of 4 June 2021 on standard contractual clauses for the transfer of personal data to third countries pursuant to Regulation (EU) 2016/679 allows for data transfers to third countries without an adequacy decision.
All other terms and expressions not defined in this Privacy Policy shall be interpreted in accordance with the definitions provided in the Terms of Use (including Additional Documents) and/or in the GDPR.

Legal Requirements

The processing of Personal Data occurs in line with Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons regarding the processing of Personal Data and on the free movement of such data, referred to as the General Data Protection Regulation (“GDPR”), and our handling aligns fully with GDPR standards.
In all its operations involving the processing of Personal Data (Personal Information) from Users, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA adheres to these core principles:
Lawfulness: Processing of Personal Data by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as Controller relies on a lawful basis per GDPR, meeting its requirements alongside relevant AML/CFT regulations (particularly Articles 6, 7, 8, and 9 of GDPR), without engaging in any prohibited handling or use of personal data.
Fairness: Any Processing conducted by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as Data Controller remains equitable to affected Users, steering clear of undue harm, surprises, deception, or misleading practices.
Transparency: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA, acting as Data Controller, guarantees that data processing stays clear and open to both Users and oversight authorities.
Purpose limitation: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA collects Personal Data as Data Controller solely for defined, explicit, and valid purposes set at collection time, avoiding further use incompatible with those aims.
Data minimisation: As Data Controller, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA gathers and handles only personal data that proves sufficient, pertinent, and strictly needed for the intended purposes.
Accuracy: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as Data Controller maintains accurate Personal Data (Personal Information), updating it as required.
Storage limitation: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA retains personal data, allowing User identification, no longer than essential for the processing purposes.
Integrity and confidentiality: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA processes Personal Data (Personal Information) as Data Controller with security and secrecy measures fitting the data’s sensitivity, guarding against unauthorized, illegal handling, or risks like accidental loss, destruction, or harm.
Accountability: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA as Data Controller assumes full responsibility and can prove adherence to these data processing principles outlined here.
For data activities tied to AML/CFT, KYC, or KYT processes, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s AML/KYC Policy applies accordingly with necessary adjustments.

Acceptance of Privacy Policy

MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA presumes that all Users (including User-Visitors) of Our Website, Platform, and/or Services have thoroughly reviewed this Privacy Policy and fully accept its terms. If anyone disagrees with this Privacy Policy, they should avoid accessing our Website, Platform, and/or Services.
By proceeding to navigate our Website after viewing the cookies notice without altering default settings, You agree to the handling of Your personal data as outlined in this Privacy Policy and our Cookies Policy.
In the account registration process, Users must actively select a checkbox to confirm they have reviewed and accept the Privacy Policy, Cookies Policy, and Terms of Use. Registration cannot proceed without this approval.
Accessing our Website without account creation (such as viewing pages, engaging with content, or submitting messages) indicates Visitor consent to cookies and related technologies per our Cookies Policy. First-time Visitors receive a cookie notification allowing preference management.
For account holders using MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Services, approval for personal data processing—including KYC/AML and other required data—occurs via explicit checkbox during signup, plus ongoing Service use. This approval includes data handling under this Privacy Policy, Cookies Policy, and Terms of Use.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA retains the right to update this Policy based on needs or changes to its Platform and/or Services.
This Privacy Policy can be amended, altered, refreshed, or expanded anytime at MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s sole discretion. Upon updates, We post the revised version on Our Website.
Using Our Website, Wallet, Platform, and/or Services for purchasing, trading, or holding Virtual Assets signifies Your acceptance of such updates.
Users confirm they must regularly check Our Website (including this Privacy Policy) to stay aware of revisions or alterations.
Continued use of the Website, Wallet, Platform, and/or Services after posting amendments to Our Privacy Policy equals Your endorsement of the updated terms.
Should changes affect the type, purpose, or method of Your Personal Data processing, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA will seek Your consent if mandated by EU or national laws.
Note: Website Visitors have only cookies and submitted data processed. Registered Users undergo additional handling of identification, transaction, and AML/KYC data.

Data Controller and Third-Party Processors

MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA handles Personal Data as a Data Controller, as outlined in the GDPR.
User Data will be managed by Third-Party Processors acting on behalf of MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA to utilize, gather, and handle such data.
Certain features within the MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA Wallet rely on third-party providers (processors), like bank card handling for Virtual Asset purchases, payments to project addresses accepting Virtual Assets, which demand required AML/KYC checks performed by certified external services that collect, relay, and retain Users’ personal details on their systems.
Per Article 13(1)(e) GDPR—covering recipients or recipient categories of personal data—MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA utilizes these third-party processor types:
Cloud infrastructure and hosting providers;
Payment processors and banking partners;
AML/KYC and sanctions screening providers;
Analytics and user behavior tracking tools;
Identity verification and fraud prevention service providers;
Customer support and ticketing platforms.
Legal and audit consultants, when needed to meet MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s duties.
Every involved Processor adheres closely to contractual duties and GDPR standards.
Select Third-Party Processors, as specialized identity and transaction verification firms, manage Personal Data for essential AML/KYC needs. These processors collect and handle the following User details:
Name and Surname;
Address;
Residency;
Date and place of birth;
ID number;
Copy ID;
Users’ picture;
E-mail address;
Phone number;
Utility bill; and
Other Personal Information.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA engages only Third-Party Processors offering strong assurances of proper technical and organizational safeguards, ensuring GDPR-compliant processing and data subject (User) rights protection.
As Data Controller, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA maintains DPAs with these Third-Party Processors to guarantee GDPR adherence. Internal data transfers follow this Data Processing Agreement (DPAs), plus relevant GDPR rules and sector norms.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA may disclose Your Personal Information to employees, contractors, agents, service providers, and delegates solely to deliver specific services for our operations.
Regarding data collection and sharing, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA acts as a joint controller alongside Facebook, Instagram, and Google for gathering and relaying certain personal data from Website visitors.

Third-Party Websites and Services

Our website may include links to external third-party sites.
Clicking such a link directs You to that external site.
Note that these third-party websites operate independently of MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA.
We recommend reviewing the Privacy Policy of any third-party site You access.
We lack control over and bear no liability for the content, privacy practices, or policies of third-party sites or services.
Providing personal data to third-party services signals Your approval for their handling of Personal Data (Personal Information). Your engagement with Third-Party Services follows their own Terms of Use and Privacy Policy. Any data We collect is managed under Our Privacy Policy.

Security of Personal Data

We prioritize safeguarding Your data through physical and digital protections, such as encrypted passwords, two-factor authentication where feasible, and industry-standard transport layer security for all connections. Despite these steps, We cannot promise complete immunity from data access, exposure, changes, or loss due to factors like hardware/software issues or unauthorized actions. Data You share remains at Your own risk.
We deploy multiple defenses to uphold the confidentiality, integrity, availability, and privacy of Your Personal Information, shielding it from theft, loss, unauthorized entry, abuse, modification, or erasure.
Key safeguards encompass:
Password-secured databases;
Secure Sockets Layer (SSL) encryption for safe transmission of Your Personal Data (Personal Information) online;
Routine vulnerability scans against hackers and threats;
Periodic penetration tests;
Secure development practices;
Encryption for sensitive data in transit and storage;
Two-factor verification;
Activity logging within the platform;
Access restrictions; and
Additional steps addressing risks from assessments.
Financial or credit details transmit via SSL and stay encrypted in Our systems.
Access to Your Personal Information is restricted to MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA authorized staff, bound by strict confidentiality. Security protocols undergo regular reviews amid evolving laws and technologies.

Legal Basis and Principles of Processing

Processing refers to any action or series of actions conducted by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA on personal data or data collections. MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA performs these processing operations:
Collection,
Organisation,
Structuring,
Storage,
Adaptation or modification,
Retrieval,
Utilization,
Disclosure via transmission,
Restriction,
Erasure, and/or
Destruction.
Processing remains lawful solely when at least one condition holds:
The data subject (User) consents to handling their Personal Data for specified purpose(s);
Processing supports fulfilling a contract involving the data subject (User) or preparatory steps requested by them before contract formation;
Processing meets a legal duty binding the controller;
Processing enables tasks in public interest or official powers granted to the controller;
Processing advances legitimate interests of the controller or third party, unless outweighed by the data subject’s interests, rights, or freedoms necessitating Personal Data safeguards.

Use, Collection and Processing from User-Visitors

By accessing the MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Wallet, Website, Platform and/or Services, You agree to the collection, sharing and other handling practices detailed in this Privacy Policy, aligned with GDPR standards and relevant laws.
If You are only a User-Visitor of Our Website—not utilizing Our Wallet, Platform, or Services—and disagree with Our Terms of Use or any terms herein, We ask You to avoid Our Website.
Your approval for collecting and processing Personal Data as User-Visitor follows this process:
On first Website visit, a prominent cookie and privacy banner appears.
The banner explains cookie usage and data gathering, linking to this Privacy Policy and Cookies Policy.
You provide explicit consent by selecting “Accept” or equivalent button.
Continuing to browse without consenting to optional cookies limits us to essential cookies based on legitimate interest, processing no further data until consent.
Interacting with Our Website post-banner (e.g., page navigation, form submission, interactive elements) confirms You received data processing details and consented where needed.
Where laws demand, We seek Your explicit consent for Personal Data (Personal Information) processing, gathered via this Website or submitted voluntarily.
Note: User consent remains fully voluntary. Yet, withholding clear consent for MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA to process Your Personal Data (Personal Information) may restrict or prevent Website use.
Personal Data (Personal Information) from User-Visitors may include:
Your IP address;
First and Last Name;
Postal and Email address;
Phone number;
Job title;
Occupation details;
Social network data;
Geo-location info;
Visitor counts;
Session duration on Website;
Interest data in Platform/Services;
Clicked pages or referral sources.
Cookies and tracking tech;
Browser, device, OS types;
Visited pages and interactions (clicks, scrolls, time);
Submitted info (e.g., contact forms).
Usage data stems from Our analytics system, used to evaluate Website, Platform, Services usage, enhance User experience, and support Service development. Legal grounds: legitimate interest (Art. 6(1)(f) GDPR) and User consent (Art. 6(1)(a) GDPR) via continued use post-notification without cookie changes. Primary basis: User-Visitor consent per Art. 6(1)(a), granted by post-banner continued use unchanged preferences. Rarely, for necessities like security, abuse prevention, basic function, we use legitimate interest (Art. 6(1)(f)), balancing against User rights with minimization and purpose limits.
Non-registered visitor data processes for:
Basic site function (language, security) (Basis: Legitimate Interest Art. 6(1)(f) for operation; Contract Performance Art. 6(1)(b) for core services; Legal Obligation Art. 6(1)(c) for security logs).
Monitoring/improving Website, Platform/Services (Basis: Legitimate Interest Art. 6(1)(f) for quality).
Traffic/usage analytics (Basis: Consent Art. 6(1)(a) for cookies per ePrivacy; Legitimate Interest for anonymous aggregates).
Inquiry responses (Basis: Contract Performance Art. 6(1)(b) for services; Legitimate Interest Art. 6(1)(f) general support).
Visitor behavior analysis (MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA may share with vendors/contractors) (Basis: Consent Art. 6(1)(a) tracking; Legitimate Interest Art. 6(1)(f) non-intrusive).
Website navigation analysis for improvement (Basis: Consent Art. 6(1)(a) cookies; Legitimate Interest Art. 6(1)(f) anonymized).
Site/Platform function/security (Basis: Legitimate Interest Art. 6(1)(f); Legal Obligation Art. 6(1)(c) cybersecurity).
User experience/performance optimization (Basis: Consent Art. 6(1)(a) personalization; Legitimate Interest Art. 6(1)(f) technical).
Analytics/reporting (Basis: Consent Art. 6(1)(a) identifiable; Legitimate Interest Art. 6(1)(f) aggregates).
Visitor requests (Basis: Contract Performance Art. 6(1)(b); Legitimate Interest Art. 6(1)(f)).
Legal/security/fraud prevention (Basis: Legal Obligation Art. 6(1)(c); Legitimate Interest Art. 6(1)(f)).
Consent/ePrivacy management (Basis: Legal Obligation Art. 6(1)(c)).
Content customization (Basis: Consent Art. 6(1)(a) profiling; Legitimate Interest Art. 6(1)(f) basic).
Retargeting ads (Basis: Consent Art. 6(1)(a) GDPR/ePrivacy).
User communication (Basis: Contract Performance Art. 6(1)(b) services; Legitimate Interest Art. 6(1)(f) updates; Consent Art. 6(1)(a)+ePrivacy marketing).
Cookies/tech governed by Cookies Policy, reviewed on first visit via banner for preference control per law. Cookies boost function, analyze use, personalize content/ads.
See Cookies Policy for details/types. It integrates with MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Privacy Policy—read together for Website cookie/tech rules.

Use, Collection and Processing from Wallet/Platform Users

To deliver Services to Users, MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA gathers specific Personal Data (Personal Information) types. MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA handles these from registered users:
Identity data (e.g., full name, birth date, nationality). Per this Privacy Policy and § 5 Polish AML Act No. 253/2008 Sb., “identity data” covers:
For individuals:
All given names and surnames;
Birth number, or absent that, birth date and gender;
Birth place;
Permanent/other residence;
Nationality;
Identity document number/type, issuing state/authority, validity;
For sole traders: trade name, addition/designation, registered office, ID number.
For companies:
Core ID like company name (with additions/designation), seat, ID number or foreign equivalent;
Details of statutory body natural persons;
Details of statutory body legal entities, including representatives.
Contact info (Email, phone, mailing address);
KYC/KYB files (ID scans/photos, address proof, liveness/selfie);
Transaction records (details, dates, sums, counterparties, status, initial payments, etc.);
Financial info (payment methods, masked cards, bank details, IBAN/accounts for fiat, processor IDs, references, statements, trading data, etc.).
Account/tech data (login, IP, location, device/OS, geolocation, browser, settings);
Communication records (support messages, complaints, inquiries);
Behavioral/usage patterns (site/platform interactions, page time, clicks, sessions, browser/device/OS, traffic);
Sanctions/risk checks (lists, PEP, media, risk scores, fraud flags);
AML data like employment, job, employer, income, funds/wealth source under risk approach.
Residence proof (bills, address docs; phone/similar).
User-owned Personal Data (Personal Information) collected by MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA stays User property; MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA shares with third parties only with User consent or per this Policy/laws.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA uses collected Personal Data:
To supply Platform/Services and enhance them (Basis: Contract performance Art. 6(1)(b) GDPR);
For wallet/exchange access (Basis: Contract performance Art. 6(1)(b) GDPR);
To refine analytics, Services, maintenance functions (Basis: Consent Art. 6(1)(a), Legitimate interest Art. 6(1)(f) GDPR);
To secure Wallet operations/assets (Basis: Legitimate interest Art. 6(1)(f), Contract Art. 6(1)(b), Legal duty Art. 6(1)(c) GDPR);
For technical support/Service function (Basis: Contract Art. 6(1)(b) GDPR);
To meet legal/regulatory duties (AML/KYC, taxes). Note: Account maintenance/AML/KYC reviews use same data as Third-Party Processors in verification (Basis: Legal obligation Art. 6(1)(c) GDPR, incl. Polish AML Act 253/2008);
Fraud/illegal activity detection/prevention (Basis: Legal obligation Art. 6(1)(c) GDPR);
User ID verification (Basis: Legal obligation Art. 6(1)(c), Contract Art. 6(1)(b));
Law/court compliance (Basis: Legal obligation Art. 6(1)(c) GDPR);
Law enforcement cooperation (Basis: Legal obligation Art. 6(1)(c) GDPR);
Agreement enforcement (Basis: Contract Art. 6(1)(b) GDPR);
Rights/property/safety protection for us, staff, users/others (Basis: Legitimate interest Art. 6(1)(f) GDPR);
Marketing (with prior consent) (Basis: Consent Art. 6(1)(a) GDPR).

Rights of Users as Data Subjects

You hold the rights listed below, exercisable by contacting us at [ваш email DPO]:
Right to Access: You can inquire if We process Your data and request access to Your Personal Data. This provides a copy of data We hold and details to verify lawful processing. Given high data volume, We may ask You to pinpoint specific info or activities.
Right to Correction (Rectification): Request fixes for incomplete or wrong personal data We maintain about You.
Right to Erasure (Right to be Forgotten): Ask Us to erase Personal Data under specific conditions. Exceptions apply, like legal compliance or claims needs.

Right to Restriction: Request suspension of processing certain personal data, e.g., to verify accuracy or processing basis.
Right to Transfer (Data Portability): Request transfer of certain personal data to another entity.
Right to Objection: Challenge processing based on legitimate interests (ours or third-party). We may continue if justified by our interests or legal claims. Object to direct marketing processing. Limits exist if requests impact others’ rights or legal retention duties. We note exemptions in responses.

Right to lodge complaint: Enforce rights via supervisory bodies like Polish Office for Personal Data Protection or European Data Protection Supervisor (https://edps.europa.eu/).

To halt promotional emails, contact help@mangusto.io for opt-out.

Update preferences anytime via contact. We handle requests promptly, though short delays in communications/data collection may occur during processing.
Users can opt out of select data practices. Contact Us to limit processing where possible, per regulations.
Opt-outs may face regulatory limits conflicting with legal duties.
For security, We verify identity before some opt-outs.
Note: MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA enables Virtual Asset trading/storing on Blockchains—decentralized, encrypted global databases resistant to changes. Data dispersal prevents modification/deletion or EU-only storage.
You agree blockchain nature bars erasure (right to be forgotten) or EU data confinement.

Data Retention

MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA retains data no longer than needed for collection purposes or legal mandates.
User data lasts only as required for purposes or laws.
Post-account termination/expiry, platform-collected Personal Data deletes per law.
Expect Our response within one month of request receipt.
MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA LLC keeps data as needed for purposes, legal/accounting/reporting duties under GDPR/Polish AML.
Retention for Visitors/Users:
User/third-party contractual data – 5 years post-termination (contract, legal, interest);
Cookies/analytics/marketing/optimization – 2 years post-activity;
AML/fraud data – 5-10 years post-activity (Polish AML Act 253/2008);
Account/services – 5 years post-relationship (contract, legal, interest);
Fraud/security – 5 years post-activity (interest, legal);
Marketing – Until withdrawal/inactivity (max 2 years post-activity); opt-outs indefinite (consent, interest);
Analytics/site optimization – 2 years post-activity (consent, interest);
Support – 5 years post-closure (interest).
Post-retention, data deletes securely or anonymizes unless law demands longer.

Geographical Location and International Users

The MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s Wallet operates from servers in the European Union (EU) or European Economic Area (EEA).
Personal Data (Personal Information) We gather from You resides within EU territories.
Should We move Your Personal Data (Personal Information) beyond the EU/EEA, transfers follow data protection regulations. Specifically, such moves rely on DPAs including European Commission Standard Contractual Clauses (SCCs) or approved safeguards for adequate protection.
For Users from Asia or regions with differing data laws, continued Service use means transferring Personal Information to the EU, with Your consent.
In transaction handling, We share select Personal Information with third-party providers aiding operations. No selling, swapping, or sharing occurs without consent, except for Service delivery or legal mandates. Service use and Terms acceptance approve disclosures per this Privacy Policy.

Lawful Disclosure of User Data

MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA shares Your Personal Data (Personal Information) without prior consent only if deemed essential to identify, reach, or pursue action against parties:
Suspected of breaching MANGUSTO SPOLKA Z OGRANICZONA ODPOWIEDZIALNOSCIA’s or others’ rights/property, or
Whose actions might harm others or violate rights, deliberately or otherwise.
We disclose Personal Data (Personal Information) when convinced of legal necessity or authority demands.

Contact Us

For questions, issues, or requests on Personal Data (Personal Information) collection/usage, reach Us at.

Scroll to Top