LCT

Privacy Policy

LCT GLOBAL FZE (“the Company”) is the legal entity of LCT, a Platform dedicated to providing users with virtual asset transaction and related services ("LCT" or "this Platform"). This Platform includes our website and mobile app. For the convenience of expression in this Privacy Policy, this Platform is collectively referred to as "we" or "our" in this Privacy Policy

The Company complies with Personal Data Protection Law and other data protection laws of the United Arab Emirates. These laws govern the collection, use and disclosure of individuals’ personal data that recognizes both the right of individuals to protect their personal data and the need of organizations to collect, use and disclose personal data for purposes that a reasonable individual/ nature person would consider appropriate in these situations.

We respect and protect the privacy of users (hereinafter referred to as "you" or "user"). When you use LCT Platform services, we will collect and use your Personal Data in accordance with data protection laws of the United Arab Emirates and this Privacy Policy (hereinafter referred to as "this Policy").

We recommend that you read and understand the entire content of this Policy before using the services of this Platform. Your registration of an account on this Platform, access to this Platform and/or use of the services of this Platform indicate that you agree that you have read, understood, and accepted the content of this Policy and its updates and revisions from time to time. If you do not fully understand and accept this Policy, please do not register an account on this Platform or use any services of this Platform.

If you do not accept this Policy or any terms after updates and revisions, please stop using the services of this Platform immediately. Your continued use of this Platform services will be considered as acceptance of this policy and its updated and revised versions.

The definitions of key terms in this Policy are consistent with the "User Agreement" of this Platform.

Definitions

Personal Data refers to any data relating to either an identified natural person or the one who can be identified, directly or indirectly through the linking of the data, by reference to an identifier such as name, voice, picture, identification number,electronic, identifier, geographical location, or one or more physical, physiological, cultural, or social characteristics

Sensitive Personal Data refers to any information that directly or indirectly reveals a person’s race, ethnicity, political, religious beliefs, philosophical views, criminal record, biometric data, health data, sexual data etc.

Data Controller refers to anyone who determines the means, methods, standards and purposes of the processing of an individual’s Personal Data.

Data Processorrefers to anyone who processes Personal data on behalf of a Data Controller and under their supervision and instruction.

Consent refers to the consent by which an individual authorizes third parties to process Personal Data relating to him or her. Consent must be clear, simple, specific, unambiguous, and accessible. It can be given electronically.

I.The Information We Collect from You

Please be aware that we collect the following information from you to meet your needs for the services of this Platform and we place great importance on the protection of your privacy. We will process your data in a fair, transparent, and lawful way. Please note that you can decide for yourself whether to provide us with your personal data, but if you do not provide your personal related information, we will not be able to continue to provide you with the services of this Platform.

When you register or use the services of this Platform, we will collect the following information from you with your Consent:

1. Personal Data provided by users when registering on this Platform. This includes your name, nationality, gender, date of birth, ID/passport information, address, email address, contact phone number, bank account information, etc. The specific purpose of our collection and processing of the above Personal Data is:

(1) To verify users, (2) to verify your access to or use of the services and procedures of this Platform, (3) to establish and maintain good business relationships with you, (4) to understand your needs and whether you are suitable to use products and services, to notify you about transaction and financial information, advertisements, advertising messages and other news, (5) to provide you with products or services, (6) to process bills and collect fees, (7) to conduct surveys and obtain your feedback, (8) to ensure that this Platform complies with relevant legal requirements.

2. Information Automatically Collected by the Platform. When you log in, register, or use the services of this Platform, we may automatically receive and record information sent to us by your computer, mobile phone, or other communication devices. This information includes but is not limited to your mobile device information, IP location, operation records, transaction records, transaction addresses, web page records, and data, etc.

The purpose of our collection of the above personal data is: (1) to analyze your usage of LCT services and this Platform, (2) to develop and customize LCT services and this Platform based on your preferences.

3. In addition to the above Personal Data, you acknowledge that when you use specific features of this Platform, we will make a special prompt to you for your Consent before collecting your personal information, requesting to collect more of your Personal Data. If you choose not to agree, it will be considered as your waiver of the use of that specific feature of this Platform.

4. When you are redirected to a third-party service provider, the third-party service provider will collect your personal information. LCT or this Platform does not hold the Personal Data collected by the third-party service provider.

5. Within the scope permitted by laws and regulations, we may collect and use your Personal Data without your Consent in the following situations:

(1)For claiming legal rights or as a part of judicial or security procedures

(2)For medical purposes or matters of public health

(3)For archival purposes or for scientific, historical, and statistical studies

(4)For any public interest

(5)For Data Controller’s compliance with legal obligations

(6)Any other circumstances specified by the Executive Regulations issued under the law.

6. All Personal Data will be securely retained for a mandatory period of eight years, even following the termination of your relationship. This retention period aligns with industry standards and legal requirements under the laws and regulations of the UAE, ensuring our ability to address potential inquiries, fulfill legal obligations, and provide you with accurate historical records when necessary. After the stipulated eight-year period, all non-essential Personal Data will be securely and permanently disposed of in accordance with applicable data protection regulations. You are encouraged to contact our Data Protection Officer for any queries or concerns regarding the retention and security of your information.

II. How We Use Your Personal Information

1. We confirm the corresponding relationship between you and your transaction account through the unique serial number of your mobile device.

2. We will send you important notifications in a timely manner, such as software updates, changes to the User Agreement and terms of this Policy.

3. We provide you with a "Fingerprint Login" option in the "System Settings" of this Platform, allowing you to manage your virtual assets conveniently and more securely.

4. We process the feedback you submit to us by collecting your public account address and the mobile device information you provide.

5. We collect your Personal Data for our internal audits, data analysis, and research, etc., in order to continuously improve our service level.

6. In accordance with the "User Agreement" and other relevant provisions of this Platform, we will use user information to manage and process user behavior.

7. Requirements stipulated by laws and regulations and in cooperation with regulatory authorities.

III. How You Can Control Your Information

You have the following rights over your Personal Data:

1. The right of access: you have the right to obtain access to your information.

2. The right to rectification: you have the right to have your information corrected if it is inaccurate or incomplete.

3. The right to erase: you have the right to request us to delete or remove your information where there is no compelling reason to keep using it, subject to certain exceptions.

4. The right to restrict processing: you have the right to block or suppress further use of your information.

5. The right to data portability: you have the right to obtain and reuse your Personal Data for your own purposes across different services.

6. You have the right to object to processing: you have the right to object to certain types of processing.

7. You have the right to lodge a complaint: you have the right to lodge a complaint about the way the Platform handles or processes your Personal Data.

8. You have the right to withdraw Consent: you have the right to withdraw your Consent that you have given to us regarding your Personal Data.

Please note that you can decide for yourself whether to exercise the abovementioned rights, but if you do exercise your right to restrict processing, to object to processing, to erase or withdraw your Consent, we might not be able to continue to provide you with the services of this Platform.

You have the following autonomous control over your Personal Data:

1. Please be aware that you can modify the type of your virtual assets, make transfers, and receive payments through the "Assets" section.

2. Please be aware that in the "Profile Picture" section of this Platform, you are free to perform the following operations:

(1) In the "Personal Center", you do not need to provide your name, mobile phone number, bank card, and other information, but when you use specific services, you need to provide the above Personal Data;

(2) In "Submit Feedback", you can submit your questions and improvement suggestions about this Platform to us at any time. We will be very happy to communicate with you and actively improve our services.

3. Please be aware that when we collect Personal Data from you for a specific purpose, we will notify you in advance, and you have the right to refuse. But at the same time, you acknowledge that when you choose to refuse to provide relevant information, it means that you give up using the relevant services of this Platform.

4. Please be aware that neither you nor we have control over whether your transaction records are public. Due to the open-source nature of the blockchain transaction system, your transaction records are public and transparent throughout the entire blockchain system.

5. Please be aware that when you use the this Platform's function and are redirected to a third-party service provider, our "User Agreement" and "Privacy Policy" will no longer apply. Regarding your control over your Personal Data on the third-party service provider, we recommend that you read and understand its privacy rules and relevant User Agreement in detail before using the third-party service provider.

6. This Platform will continue to use your Personal Data until you stop using our Platform services or you have the right to contact us to request us to update, change, stop using, or delete your relevant personal information. However, in this case, we will not be able to continue to provide you with this Platform’s services.

IV. We May Share or Transfer Your Information

1. The Personal Data we collect and generate will be stored on the server. If it is necessary for this Platform to transfer your Personal Data to other countries abroad, we will obtain your authorization in advance, carry out cross-border data transmission in accordance with the requirements of relevant laws, regulations, and policies, and fulfill the obligation of confidentiality for your Personal Data.

2. Without your prior Consent, we will not share or transfer your Personal Data to any third party, except in the following cases:

(1) Obtaining your explicit Consent or authorization in advance;

(2) The collected Personal Data is the information you have publicly disclosed to the society;

(3) The collected Personal Data is collected from legally publicly disclosed information, such as legal news reports, government information disclosure, etc.;

(4) Sharing with LCT's affiliates, we will only share necessary user information, and it is bound by the purposes declared in this Privacy Policy;

(5) Based on a reasonable judgment, this Platform will share your Personal Data with important third parties. These important third parties include cooperative banks and their commissioned third-party service providers, telecommunications companies, and other service providers, to facilitate your use of this Platform's services, strengthen our KYC procedures to prevent fraud, and comply with anti-money laundering, anti-terrorism and other related policies If you do not agree that we share or transfer your Personal Data to important third parties, please contact us. But in that case, we may not be able to provide you with the Platform service.

(6) Providing according to the requirements of applicable laws and regulations, legal procedures, administrative or judicial authorities;

(7) In the case of mergers and acquisitions, if the transfer of Personal Data is involved, LCT will require the recipient of Personal Data to continue to be bound by this Policy.

V. How We Protect Your Information

1. If LCT ceases operation, this Platform will promptly stop further collection of your Personal Data, announce the cessation of operation on this Platform and delete or anonymize your Personal Data it holds about you within a reasonable period.

2. To protect your personal information, we will adopt data security measures, improve the internal compliance level, increase internal staff information security training, and set secure access permissions for relevant data to protect your privacy information. We are committed to using various security technologies and supporting management systems to minimize the risk of your information being disclosed, damaged, misused, accessed without authorization, disclosed without authorization, and altered. In addition, we will take other reasonably necessary measures to protect your information. For example, in the technical development environment, only de-identified information is used for statistical analysis; when providing research reports externally, the information contained in the report is de-identified. We will store the de-identified information separately from the information that can be used to recover identification of individuals, ensuring that individuals are not re-identified in the subsequent processing of de-identified information.

3. LCT has established a Personal Data protection responsibility department and hired a Data Protection Officer to carry out Personal Data security impact assessments on the collection, use, sharing, and entrusted processing of personal information. Meanwhile, LCT has established relevant internal control systems, adopting the principle of minimal necessary authorization for staff who may come into contact with your information. The actions of staff handling your information are systematically monitored, and continuous training is provided on relevant laws and regulations, as well as privacy and security guidelines, to enhance their awareness of security.

4. We will send you messages about information security in the "Message Center" and update account usage and information protection materials from time to time in the "Help Center" section for your reference.

Important notice: Please be aware that your account password, private key, mnemonic phrase, Keystore on the Platform are not stored or synchronized to this Platform’s server. This Platform does not provide services to retrieve your account password, private key, mnemonic phrase and Keystore. Please be sure to properly keep your account password, Keystore, and other identity elements on the Platform. When you use related services, we will identify your identity through your login information and other identity elements. Once you leak the aforementioned information, you may suffer losses and it may have adverse effects on you. If you find that login information and/or other identity elements may have been or have been leaked, please contact us immediately so that we can take timely measures to avoid or reduce related losses.

VI. Protection of Minors' Information

We make the following special provisions for the protection of minors under the age of 18:

1. Minors should use the Platform-related services under the guidance of their parents or legal guardians.

2. We recommend that parents and guardians of minors should guide minors to use the services of this Platform after reading this Policy, the "User Agreement," and other annex documents and terms of this Platform.

3. We will protect the confidentiality and security of minors' Personal Data in accordance with the provisions of relevant national laws and regulations.

VII. Third Party Processing

1. We carefully select third party service providers to process your personal Data and sign agreements with third party service providers regarding third party service providers’ compliance with the Personal Data Protection Law of the UAE. However, when you access third-party services through the Platform, the privacy policy published by that third-party service provider will apply. The collection and use of your Personal Data by such third-party service providers are not controlled by LCT and are not bound by this Policy.

2. We will take reasonable security measures to protect your Personal Data to the extent possible under the existing technical level to avoid information leakage, tampering, or damage. This Platform uses wireless methods to transmit data, therefore, we cannot ensure the privacy and security of data transmitted via wireless networks.

VIII. Rights Related to Personal Data Protection

1. You can exercise or request the following rights to this Platform according to the provisions of this section:

(1)Inquire or request to view.

(2)Request for a copy.

(3)Request to supplement or correct.

(4)Request to stop collection, processing, or use.

(5)Request to delete.

2. If you request to inquire, view, or provide copies to this Platform according to the above rights, we should determine whether to agree to the request within fifteen days from the date of your request. However, this does not apply in the following cases:

(1)Interfering with national security, diplomacy and military secrets, overall economic interests, or other significant national interests.

(2)Interfering with the execution of statutory duties by public authorities.

(3)Interfering with the significant interests of the collecting agency or a third party.

3. If necessary, the fifteen-day period can be extended, but the extension should not exceed fifteen days, and the reason for the extension will be notified to you in writing (electronic or paper form). Also, we may charge procedural costs for inquiries, requests to view, or copying personal data.

4. If you request to supplement and correct your Personal Data collected by this Platform according to the above rights, this Platform will determine whether to agree to the request within thirty days from the date of receiving your request, unless there is a dispute over the accuracy of your personal data. If necessary, the thirty-day period can be extended, but the extension should not exceed thirty days, and the reason for the extension will be notified to you in writing (electronic or paper form).

IX. Data Breach

1. Under the data protection laws of the UAE, if there is any data breach that could prejudice the privacy, confidentiality and the security of the individuals’ data we will within 24 business hours notify you, UAE Data office and Virtual Assets Regulatory Authority (VARA) about the data breach.

2. The notification regarding the data breach will include the following information:

  • • A description of the nature, form, reasons, approximate number, and data breach records.
  • • The details of its Data Protection Officer.
  • • The potential and expected effects of the data breach.
  • • A description of the actions and measures taken to rectify the data breach and minimize its effects.
  • • Documentation of the data breach.
  • • Any other requirements requested by the Office.

X. Cross-Border Data Transfer

Your Personal Data will only be transferred to countries that are approved by the Data Protection Office as having an “adequate level of protection”. These cover countries that either have data protection legislation in place or where the specific country has acceded to bilateral or multilateral agreements relating to the protection of Personal Data.

The cross-border transfer of personal data to inadequate countries can also be done in the following circumstances:

  • • Under a contract that applies the requirements of the Personal Data Protection Law of the UAE (standard contract clauses);
  • • After obtaining the data subject’s express consent for such transfer;
  • • If the transfer is necessary for the execution of a contract between the controller and the data subject or as part of a contract between the controller and a third party that achieves the interests of a data subject;
  • • If the transfer is necessary for international judicial cooperation;
  • • If the transfer is necessary to protect the public interest

XI. Miscellaneous

1. You need to fully understand and comply with all relevant laws, regulations, and rules of your jurisdiction related to the use of this Platform's services.

2. If you encounter any problems regarding the use of Personal Data during the use of this Platform services, you can contact us by submitting feedback on this Platform and other methods.

3. You can view this Policy, the "User Agreement", and other service rules on this Platform’s official website. We encourage you to review the Platform's "User Agreement" and "Privacy Policy" each time you visit.

4. This Platform will update and revise this Policy from time to time. The updated and revised Policy will take effect when it is posted on this Platform's website.

5. For matters not covered by this Policy, you need to view and comply with the announcements and related rules updated from time to time by this Platform.