Search
Menu
PRIVACY POLICYTERMS AND CONDITIONS

PRIVACY POLICY

Effective Date: May 7, 2025

This Privacy Policy (“Privacy Policy”) describes the policies and procedures of UAB “Sapion Solution” (“we,” “our,” or “us”) and helps explain how we collect, use, store, and protect your information when you use our website sapion.org (the “Website”) and the services offered through it (the “Services”).

We are committed to protecting and respecting your privacy. This Privacy Policy also explains your rights regarding your personal information and how you can exercise them.

Please also read our Terms of Use (the “Terms”), which describe the terms under which you use our Services.

1. Our Contact Details (Data Controller)

  • Company name: UAB “Sapion Solution”
  • Company Number: 306182986
  • Legal Address: Vilnius, Krivių g. 5, LT-01204, Lithuania
  • Email: [email protected]

UAB “Sapion Solution” is the data controller responsible for your personal information collected through the Website and Services.

2.Data Protection Officer (DPO)

Our Data Protection Officer can be contacted at:

3. Information We Collect

We receive or collect information when we operate and provide our Services, including when you access or use our Website.

3.1. Information You Provide This includes information you provide when you:

  • Use our Services, including conducting transactions.
  • Create an account on our Website.
  • Contact our customer support.
  • Respond to surveys or marketing communications.

The categories of Personal Information we may collect include:

  • Full name
  • Contact details: phone number, email address, residence address
  • Date of birthday
  • Identity documents details: such as driver’s license, passport (for verification purposes as a VASP)
  • Photographic images (for verification purposes)
  • Banking details (for processing transactions)
  • Employment details (if relevant for certain services or legal requirements)
  • Information on transactions you make on our platform
  • Information on sources of funds (to comply with VASP regulations)
  • Other information you may provide to us upon request or when you contact customer support.

While your Network private key, used to access your funds and initiate transactions, is stored only on your own device, to facilitate your transactions and provide you with your account balance, we store the Network public key address associated with your Network private key.

3.2. Automatically Collected Information When you use our Website or Services, we may automatically collect certain information:

  • Metrics and Performance Data: We may collect service-related, diagnostic, and performance information. This includes information about your activity (such as how you use our Services and how you interact with others using our Services), and diagnostic, crash, website, and performance logs and reports.
  • Device and Connection Information: We may collect device-specific information when you access or use our Services. This may include your IP address, browser and operating system information, device fingerprint, and, if you choose to allow push notifications, your device’s unique push token.
  • Status Information: We may collect information about your online status on our Services, such as when you last used our Services.
  • Cookies and Similar Technologies: We use cookies and similar tracking technologies to track the activity on our Website and hold certain information. Cookies are files with a small amount of data which may include an anonymous unique identifier. You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent. However, if you do not accept cookies, you may not be able to use some portions of our Services. (For more details, see Section 8 “Cookies”).

4. How We Get and Why We Have Your Personal Information (Legal Basis for Processing)

Most of the personal information we process is provided to us directly by you for one of the following purposes and under the following legal bases as per the General Data Protection Regulation (GDPR) and other applicable laws:

  • To provide our Services under our Terms of Use (Contractual Obligation): This includes enabling you to open an account, operate on our platform, and facilitate your transactions.
  • To comply with Legal and Regulatory Obligations (Legal Obligation): As a Virtual Asset Service Provider (VASP) in Lithuania, we are subject to legal obligations, including those related to Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF). This requires us to collect and verify certain identification information and monitor transactions. This also includes compliance with tax and accounting requirements.
  • For our Legitimate Interests (Legitimate Interest):
    • To analyze the use of our Website and Services to improve them.
    • To prevent fraud and investigate potentially prohibited or illegal activities, and/or violations of our Terms.
    • To provide you with customer support and process your requests.
    • For market research, such as surveying our users’ needs and opinions.
    • To deliver targeted marketing and service update notices based on your communications preferences (where consent is not required or where it forms part of our legitimate interest to keep you informed about similar services).
  • With Your Consent (Consent):
    • To provide you with information about products and promotions that may be of interest to you, where we have obtained your explicit consent to do so.
    • For the use of certain types of cookies (see Section 8 “Cookies”).

We will not use your information for purposes other than those we have disclosed to you without your permission, unless otherwise permitted or required by law.

5. How We Use the Information We Collect

Our primary purpose in collecting information is to help us operate, provide, improve, customize, support, and market our Services. We may use your information to:

  • Provide the Services and customer support you request.
  • Process transactions and send notices about your transactions.
  • Verify your identity in accordance with applicable laws and regulations.
  • Resolve disputes and troubleshoot problems.
  • Prevent and investigate potentially prohibited or illegal activities, and/or violations of our posted Terms of Use.
  • Customize, measure, and improve the Services and the content and layout of our Website.
  • Deliver targeted marketing, service update notices, and promotional offers based on your communication preferences (where permitted by law or with your consent).
  • Manage risk, or to detect, prevent, and/or remediate fraud or other potentially harmful or illegal activities.
  • Comply with our legal and regulatory obligations.

6. How We Share Information with Third Parties

We work with third-party providers to help us operate, provide, improve, customize, support, and market our Services. We may share your Personal Information with:

  • Affiliates, agents, and representatives.
  • Service Providers:
    • Companies that distribute our apps, provide our infrastructure, delivery, and other systems (e.g., cloud storage, IT support).
    • Financial institutions and payment service providers to process transactions.
    • Customer communication platforms to manage our interactions with you.
    • Contractors providing software for identification purposes (e.g., KYC/AML verification services) or services for checking against sanctions lists.
  • Law Enforcement, Government Officials, or Other Third Parties: We may disclose information when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our Terms or applicable law.
  • Business Transfers: If we plan to merge with or be acquired by another company or other entity, we may share information with them. Should such a combination occur, we will require that the new combined entity follow this Privacy Policy with respect to your personal information. You will receive prior notice of any change in applicable policy.

We will enter into contracts with such third parties requiring them to protect your Personal Information to a standard no less protective than the obligations we undertake to you under this Privacy Policy or which are imposed on us under applicable data protection laws.

7. International Data Transfers

Our contractors and affiliates may be situated in different locations, including countries located outside the European Economic Area (EEA). In these cases, we may transfer your Personal Information only if:

  • The country to which the Personal Information is transferred provides an adequate level of personal data protection (based on a relevant decision of the European Commission).
  • We have taken appropriate safeguards to ensure that your rights as a data subject are protected (e.g., by using Standard Contractual Clauses approved by the European Commission).
  • Any derogations for specific situations apply (for instance, if such transfer is necessary for the establishment, exercise, or defense of legal claims or for important reasons of public interest).

8. Cookies

We use a browser feature known as a “cookie,” which assigns a unique identification to your computer. Cookies are typically stored on your computer’s hard drive. Information collected from cookies is used by us to evaluate the effectiveness of our Website, analyze trends, and administer the platform. This allows us to determine such things as which parts of our Website are most visited and difficulties our visitors may experience in accessing our Website. With this knowledge, we can improve the quality of your experience on the Website by recognizing and delivering more of the most desired features and information, as well as by resolving access difficulties.

8.1. How You Can Manage Cookies You can change your cookie preferences at any time. Most web browsers allow some control of most cookies through the browser settings. To find out more about cookies, including how to see what cookies have been set, visit www.aboutcookies.org or www.allaboutcookies.org.

Find out how to manage cookies on popular browsers:

  • Google Chrome
  • Microsoft Edge
  • Mozilla Firefox
  • Microsoft Internet Explorer
  • Opera (Links to the support pages of these browsers should be provided here or users directed to search for them).

To opt out of being tracked by Google Analytics across all websites, visit http://tools.google.com/dlpage/gaoptout.

9. Your Data Protection Rights

Under data protection law, including the GDPR, you have rights including:

  • Your right of access: You have the right to ask us for copies of your personal information.
  • Your right to rectification: You have the right to ask us to rectify personal information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
  • Your right to erasure (right to be forgotten): You have the right to ask us to erase your personal information in certain circumstances.
  • Your right to restriction of processing: You have the right to ask us to restrict the processing of your personal information in certain circumstances.
  • Your right to object to processing: You have the right to object to the processing of your personal information in certain circumstances (e.g., for direct marketing purposes, or where processing is based on our legitimate interests).
  • Your right to data portability: You have the right to ask that we transfer the personal information you gave us to another organization, or to you, in certain circumstances (in a structured, commonly used, and machine-readable format).
  • Your right to withdraw consent: Where we rely on your consent to process your personal information, you have the right to withdraw that consent at any time. You can do this by contacting us at [email protected]

To exercise any of these rights, please contact us at [email protected]. We may request you to confirm your identity by providing identification documentation and/or other methods prior to assisting you in exercising any of your rights. If you refuse to prove your identity, we may decline to take actions in respect of your data, save restricting processing, until we can ensure that such actions are the true wish of the data subject. We will respond to your request within one month.

There may be a minimal charge for providing you additional copies of your Personal Information to cover administrative costs.

In cases when we will not be able to fulfill your requests due to legal obligations or overriding legitimate interests, we will inform you accordingly.

10. Data Retention

We will keep your personal data no longer than needed for the purposes indicated in this Policy and in accordance with our legal obligations and legitimate business interests.

As a VASP, we are required by Lithuanian law to retain certain customer identification and transaction data for a specific period (typically 8 years after the termination of the business relationship or the last transaction, though specific AML laws should be consulted for exact durations). Even if you delete your Wallet or addresses from any associated mobile application, uninstall mobile applications from your device, or request that your information be deleted, we may still retain some information that you have provided to us to maintain our records or to comply with laws and regulations.

We will dispose of your information once we do not have any obligation to provide you with a service you requested, nor an obligation to hold personal data for regulatory or legal purposes.

11. Data Security

We are committed to making sure your information is protected in accordance with applicable laws and our data privacy policies. We have implemented appropriate technical and organizational measures (TOMs) to ensure the security of our platform and to protect your personal information from accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access.

These measures include:

  • Using encryption protocols and software to protect the security of your personal information during transmission.
  • Maintaining physical, electronic, and procedural safeguards in connection with the collection, storage, and disclosure of your personal information.
  • Securing all connections with industry-standard transport layer security.

Where we pass on Personal Information to third parties, we will request that they implement similar levels of technical and organizational security measures.

Even with all these precautions, we cannot fully guarantee against the access, disclosure, alteration, or deletion of data through events, including but not limited to hardware or software failure or unauthorized use. Any information that you provide to us is done so entirely at your own risk.

12. Automated Decision Making and Profiling

We may use automated processing and profiling to reduce the risks of fraud, money laundering, and abuse of our services, as required by our VASP obligations. Through this automated processing, we may carry out an analysis of your identification, transactional, and behavioral patterns. Please note that such processing is necessary to provide you with our services and to comply with legal requirements.

If you feel that this processing might be detrimental to you, or if you wish to obtain human intervention or express your point of view and contest a decision based solely on automated processing, please contact us at [email protected].

13. Conditions of Use, Notices, Changes, and Updates to Privacy Policy

If you choose to use our Website or Services, your use and any dispute over privacy are subject to this Privacy Policy and our Terms of Use.

We reserve the right to update and revise this Privacy Policy at any time. We occasionally review this Privacy Policy to make sure it complies with applicable laws and conforms to changes in our business. If we revise this Privacy Policy, we will update the “Effective Date” at the top of this page and will take steps to notify all users, such as by a notice on our Website and/or by posting the amended Privacy Policy on the Website. If we consider that your rights may be significantly affected by any such changes, we may request you to confirm your consideration and acceptance prior to continuing our relationship with you.

Please review this Privacy Policy regularly to ensure that you are aware of its terms. Any use of our Website or Services after an amendment to our Privacy Policy constitutes your acceptance of the revised or amended terms.

14. How to Complain

If you have any questions or concerns about our data protection practices, our use of your personal information, or wish to exercise your rights under the GDPR, please contact us first at:

We will try to resolve your concerns.

You also have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work, or place of the alleged infringement if you consider that the processing of personal data relating to you infringes the GDPR.

The data protection authority in Lithuania is:

  • State Data Protection Inspectorate (Valstybinė duomenų apsaugos inspekcija)
  • Address: L. Sapiegos str. 17, LT-10312 Vilnius, Lithuania
  • Phones: +370 5 271 2804 / +370 5 279 1445
  • Email: [email protected]

15. Legal Information

  • Company Name: UAB “Sapion Solution”
  • Company Number: 306182986
  • Legal Address: Vilnius, Krivių g. 5, LT-01204, Lithuania
  • Email: [email protected]

UAB “Sapion Solution” is duly registered as a Virtual Asset Service Provider (VASP) in Lithuania.

 

All right reserved © 2025 Sapion