This document should be read in conjunction with our Privacy Policy and our Cookie Policy.
You have the right to request a copy of all data held by Venstar or their Exchange Processing Partners at any time. This is done by contacting our Data Protection Officer ("DPO"). Please see our Privacy Policy for our DPO's contact information.
All people who had data collected by Venstar Exchange while they were residing in any country that is a signatory to the EU General Data Protection Regulation ("GDPR") agreement have the right to request their data be deleted under the Anti Money Laundering ("AML") limitations set forth below. This is done by contacting our DPO. Please see our Privacy Policy for our DPO's contact information.
Data collected by Venstar falls into three groups:
Our website collects anonymous and non-sensitive data to a) allow the site to function correctly (e.g. to ensure that the site visitor is always shown the same version of our landing page), and b) as anonymous analytics data to help us manage and improve our marketing (e.g. to know which external site referred the site visitor to us).
This anonymous information is first stored in cookies on your computer. (See our Cookie Policy for full details on what cookies are stored and for how long.)
Website visitors from those regions that are signatories to the GDPR are given the option to prevent any non-essential cookies being created and stored on their browser and subsequently being passed on to Venstar or our data-processing partners or subcontractors.
The only Personally Identifiable Information ("PII") collected from our website visitors before they make direct contact with us is their IP address. This is necessary to:
Only fully anonymous analytics data is sent to Google Analytics and Facebook Pixel for us to analyze. (see Google Analytics Data Policy, and Facebook's Data Policy).
A Visitor ID (containing the visitor's IP address) and a page ID is sent to our landing page provider, UnBounce (see point 1.b. above).
Data stored in cookies on the visitor's browser is deleted either at the end of the session or after a few months (see our Cookie Policy for full details).
Anonymous data for analytics is stored indefinitely, but is totally anonymous and in now way traceable back to any one visitor.
We record in our secure CRM database the name and contact information given to us by those visitors who call us, complete a website contact form or submit the first or final page of our online registration form. This information is required so that we can respond to the visitors request and/or offer assistance with the registration process.
Visitors who come via the website will have some of the analytics data that was captured by the cookies passed on to our CRM together with their submitted form information, e.g. the external site that referred the visitor, (e.g. the search engine, affiliate website, forum, online advert, etc.), the type of form the visitor used, and a unique visitor ID (to help us find and eliminate duplicate records).
None of this data is ever shared with any third parties, unless the person chooses to register with us (see next section 'From People who Register for our Services').
As per GDPR regulations we will gladly anonymize all records upon request; however, AML regulations do require that we only anonymize this information 6 years after the visitor's or client's last activity. The date of the deletion request is saved with the record to ensure that data is accurately anonymized at the required time.
Anonymizing data means that we delete any data that can link the record to any person or entity, e.g. names, phone numbers, IP addresses, email addresses, urls, postal addresses, etc.. The remaining analytics data is now anonymous and only used for statistical trends (e.g. how many visitors from Google Vs. Bing made contact with us).
AML regulations require that we ask for, electronically verify, store, and keep up to date certain private data on registering people and organisations. This includes, but is not limited to, contact information copies of IDs, a proof of residential address, social security numbers, date of birth, the reason for and expected size and currency of the exchange(s), and, in the case of registering organisations, copies of that organisation's articles of incorporation or similar.
Successful Registrants will need to have their registration information and any subsequently requested compliance information forwarded to the payment processor which Venstar has chosen to process that client's future transactions. This is to ensure that Venstar and the payment processor stay compliant with international AML regulations. The privacy policy of the selected payment processor will be shared with the client upon registration or upon request. Processing Partners are contractually obliged to not use Venstar client data for any marketing purposes nor to share this data with any third party unless required by law.
As per GDPR regulations we will gladly delete and/or anonymize all records collected when requested; however, U.K. AML regulations do require that we only anonymize this information 6 years after the visitor's or client's last activity. The date of the deletion request is saved with the record to ensure that data is accurately anonymized at the regulated time.
Anonymizing data means that we delete any data that can link the record to any person or entity, e.g. names, phone numbers, IP addresses, email addresses, urls, addresses, etc. The remaining analytics data is now anonymous and only used for statistical trends (e.g. how our sales change over time).
