Home / Adatvédelmi Szabályzat

Privacy Policy

Joinx Hub Ltd. (‘JoinX’, ‘we’, ‘us’, or ‘our’) is committed to protecting and respecting the privacy of the users (‘you’, ‘your’ or ‘yourself’) of our website located at www.joinx.me (the ‘Website’) or our Services.

This Privacy Policy (the ‘Policy’) and any other documents referred to in it, sets out the basis on the types of personal data we collect and how we collect and process your personal data as a data controller. This Policy also includes a description of rights that you may have over your personal data that we may collect.

By using our Services, you acknowledge that you have read, understood and agreed to the processing of data in accordance with this Policy. If you do not agree with this Policy or the practices described, you should not use our Services.

You can visit the Website without providing any information about yourself. If you use our Website purely for information purposes (i.e., you do not register, log into an account, place an order, use the Services or otherwise provide us with information about yourself), we do not process any personal data, with the exception of the data that your browser transmits when you visit our Website and the information that is provided to us (as cookies or log files). For information about cookies, please read our Cookie Policy. For further information on the data process regarding technical data and log files, please see Section 3(7).

Capitalised terms not specifically defined in this Policy have the meaning given to them in the General Terms and Conditions.

The processing of your personal data by us may be subject to various laws:

  • 1. the processing of personal data in the context of the provision of our Services is, as a general rule, governed by the Montenegrin data processing rules, however,
  • 2. if you use our Services while you are in the European Union, given that we specifically target markets in certain EU countries with our Services, the EU General Data Protection Regulation, i.e. the GDPR, applies,
  • 3. if you use our Services from any other countries the market of which we specifically target with our Services, these countries data protection laws might also be applicable.

1. WHO IS THE CONTROLLER OF YOUR PERSONAL DATA AND WHOM TO CONTACT?

The controller of personal data is Joinx Hub Ltd., which is incorporated in Montenegro with registration number 03407373, and whose registered address is Kralja Nikole 27A/4, 81000 Podgorica, Montenegro. As a data controller, we determine how personal data is processed, for what purposes, and select any processors who may assist us with the processing.

You can contact us at support@joinx.me regarding any questions and the exercise of rights relating to the processing of your personal data.

As JoinX may target individuals in the European Economic Area (‘EEA’), but is established outside the EEA, it appointed Gergo Kiss, available at gergo@joinx.me as its representative under Article 27 of the GDPR.

2. WHAT INFORMATION DO WE COLLECT ABOUT YOU AND HOW DO WE OBTAIN IT?

We may collect and process your personal data. Personal data, or personally identifiable information, means any information about an individual that directly or indirectly identifies that individual. It does not include data where the identity has been removed (anonymous data).

We do not collect, store and/or use special category data about you. This means details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data, etc.

(1) We collect most of your personal data directly from you when you use the Services (when registering on the Website, creating the user account, ordering Services or communicating with us through customer support), in particular:

  • Identity Data: includes first name and last name, country of residence or date of birth.
  • Contact Data: includes email address, phone number.
  • Billing Data: includes name and billing address.
  • Profile Data: includes your username and password.
  • Payment Data: includes data regarding the payment, depending on the payment method chosen (such as payment card data).
  • Service Related Data: includes the Service you choose to order.
  • Other data: includes records of communication between you and us or details of any claims that you have submitted.

(2) For certain data, the collection is automatic when you use the Website and our Services. Such data are in particular:

  • Technical Data: includes data about your device, such as the IP address, device type, operating system and platform, browser type and version, connection provider, time zone setting and location, websites from which your system accesses our Website or websites accessed by your system via our Website.
  • Usage Data: includes information about how you use our Website and Services (such as the full Uniform Resource Locators (URL) clickstream to, through and from our Website and Services [including the date and the time], time and duration of visit to pages, page response times, download errors, page interaction information [scrolling, clicks, and mouse-overs], Website browsing history, the login and logout information, your account settings).
  • Service related data: includes all data on the simulated trades (such as the type of financial instruments you trade with, time of opening and closing the position, value of the fictitious capital, profit and loss, trading strategy).

3. HOW DO WE USE YOUR PERSONAL DATA?

We use personal data for the following purposes:

(1) REGISTRATION (USER ACCOUNT CREATION)

In order to use the Services or in order for us to provide you with our Services, you must register on the Website and create a User Account. For this purpose, we process your personal data.

  • Personal data processed: identification, contact and profile data.
  • Legal ground for the processing: The processing is necessary for the performance of the contract; the provision of personal data is required because without it we cannot register your user account and provide you with our Services.

(2) ORDER PROCESSING, PAYMENT PROCESSING AND BILLING

When you order our Services via our Website, we process your personal data in order to receive and process your order and payment, to issue and send you an invoice (if needed).

  • Personal data processed: identification data (excluding date of birth), contact data (email address), billing and payment data.
  • Legal ground for the processing: Processing is necessary for the performance of the contract and compliance with our legal obligations in connection with the applicable provisions under commercial, trade or tax law. The provision of these personal data is required as we cannot process your order without them.

Our Company provides online payments through payment service providers; these payment service providers are considered to be the data processors of the Company. The data required for payment are always provided by you directly to the payment service provider, so in particular payment card data do not pass through our Company's servers and are not transmitted to us by the payment service provider, so our Company does not receive sensitive credit card data in connection with online payments at any time and does not process them directly.

International data transfer

In most cases, international transfers will be made to a country covered by a compliance decision, unless the Company applies standard contractual clauses in its security measures or, where necessary, obtains explicit consent. In most cases, international transfers will be made to a country covered by an adequacy decision and if not, the Company applies standard contractual clauses and, where necessary, obtains explicit consent as part of the necessary security measures.

We may use third parties in order to use the services of payment service providers, in particular where this may result in more favourable payment terms. The Company may use Volanza AG as such a third party, which may therefore have access to personal data. When Volanza AG processes personal data in connection with the processing of payments, it does so as a data processor. However, the fact that Volanza AG, as a data processor based in a third country (Switzerland) has access to the personal data we process, it constitutes an international transfer of personal data. For Switzerland, personal data may be transferred on the basis of an adequacy decision by the Commission of the European Union.

(3) PROVISION OF SERVICES

In order for us to be able to provide you with our Services, i.e. in particular to provide you access to the selected Service (the Challenge) and evaluate whether the chosen Challenge has been passed or failed, we need to process your personal data.

  • Personal data processed: Identification and contact data, profile data, service related data.
  • Legal ground for the processing: Processing is necessary for the performance of the contract (i.e., for the provision of the Services). Personal data is required because we can only provide access to our Service through your User Account, so if we do not process your personal data, we will not be able to provide you with access to the chosen Challenge and it cannot be evaluated whether it is passed or failed.

(4) CONTACT REQUEST, CUSTOMER SUPPORT, COMPLAINT HANDLING

In order to process and respond to your inquiries or complaints (e.g. via the contact form, the live chat feature on the Website or to our email address or by contacting our customer support team in any way), we process your personal data.

Personal data processed: identity and contact data and other information you provide to us when communicating with us or the processing of which is necessary to handle the issue raised (i.e., service related data such as transaction data)

Legal ground for the processing: We process your personal data when responding to your inquiries on the legal basis of safeguarding our legitimate interests such as the appropriateness of our response to contact inquiries and complaints, maintaining customer satisfaction and supporting the use of our Services.

(5) RECORDING OF CUSTOMER SERVICE CALLS

Calls (both incoming and outgoing) on our customer service line are recorded to assist in quality monitoring of staff and to investigate and resolve complaints.

Personal data processed: identity and contact data, the conversion and any information you provide us during the conversation.

Legal ground for the processing: We process your personal data on the legal basis of safeguarding our legitimate interests in handling disputes, monitoring and improving the quality of our customer service processes and ultimately in maintaining customer satisfaction.

(6) MARKETING AND COMMERCIAL COMMUNICATION

If you are our current or past customer, we may from time to time send you marketing communications that relate to our Services. We may also send you commercial communications to the extent to which you give us your consent. Each of the e-mails sent will be marked as a business communication and each of them will contain a link which will enable you to easily unsubscribe from such further communication.

Personal data processed: Identification and contact data (name and email).

Legal ground for the processing: If we have provided you with our Services, we may from time to time send you marketing communications based on our legitimate interest, namely keeping in touch with our customers. If you give us your consent to process your data for marketing purposes, then we process your data on the basis thereof.

(7) TRANSMISSION OF DATA CONCERNING CHALLENGE COMPLETERS

If you complete any of the Challenges (both Phase-1 and Phase-2), we transfer your data to Volanza AG (Boulevard Georges, Favon 8, 1204, Geneva), a third-party company who may, upon a separate agreement between you and this company, offer you with another account, operating also in a demo environment, which allows you to receive a pay-out from the simulated profit.

  • Personal data processed: Identification and contact data (name and email).
  • Legal ground for the processing: We process your personal data based on your consent given by you when accepting our Terms.
  • Recipients: Volanza AG (Boulevard Georges, Favon 8, 1204, Geneva). Following the transmission of your personal data, Volanza AG processes the data for its own purposes under its own privacy policy.
  • International data transfer: The transfer of your personal data under this point may constitute a transfer to a third country (Switzerland). Please note, however, that the European Commission has adopted an adequacy decision in relation to Switzerland, which means that the European Commission has recognised Switzerland as providing adequate protection.

(8) JOINX ACADEMY

Our Academy is a database of educational materials in which we can provide useful information to users with any level of trading experience according to their interests. The Academy materials are accessible to those who express an interest in such content by completing the relevant form.

  • Personal data processed:Contact data (name and email and optionally phone number).
  • Legal ground for the processing:We process your personal data based on your consent given when submitting the Academy application form.

(9) DATA PROCESSING IN RELATION TO THE TRANSFER OF RIGHTS

We may transfer the business or the activity carried out to another third party. In such a case, our rights and obligations under existing contracts will be transferred, which will also involve the transfer of personal data.

Personal data processed: identification data, contact data, profile data, billing data, service related data.

Legal basis for processing: Our legitimate interest in the performance of our agreement to transfer the contract.

(10) DATA PROCESSING FOR THE PURPOSE OF HANDLING DATA SUBJECT RIGHTS

The purpose of data processing is to enforce the rights of the data subject, and to this end to process and fulfil the requests we receive under point 7, and to document all these.

Personal data processed: identification data, contact data and data communicated by you in connection with your case or request.

Legal basis for processing: We have a legal obligation under applicable data protection law to respond to requests from data subjects regarding the processing of their personal data. In addition, we have a legitimate interest in being able to demonstrate that the processing of data subjects' requests is in accordance with the applicable data protection laws.

(11) WEBSITE ANALYSIS

We use Google Analytics, a web-based analysis service to analyse the traffic of our Website. Google Analytics uses cookies, whereby text files are stored on your computer to analyse user behaviour on the Website. Google uses this information on our behalf to evaluate your use of the Website, to compile reports on Website activity and to provide other services related to Website and internet usage to the website operator.

Personal Data Collected: IP addresses, unique identifiers, location data, and detailed browsing behaviour.

Legal basis for processing: The processing under this point will be carried out with your explicit consent.

You can prevent the use of cookies by selecting the appropriate settings in your browser software. However, we would like to point out that in this case you may not be able to use all the functions of this website to their full extent.

International data transfer: The information collected by the cookie about your use of our Website is usually transmitted to a Google server in the United States and stored there. Google also participates in the EU-US Data Privacy Framework Data Privacy Framework, but we also take additional security measures to protect your personal data.

We use Google Analytics with the extension "_anonymizeIp()" on our Website. This ensures that IP addresses are shortened and prevents direct personal identification. The IP address transmitted by your browser as part of Google Analytics will not be merged with other Google data.

To read more about cookies, please see our Cookie Policy.

4. HOW DO WE STORE PERSONAL DATA AND HOW ARE THEY SECURED?

We process your personal data in an encrypted database on computers and other devices. In order to ensure protection against unauthorised access or unauthorised alteration, disclosure or destruction of the data that we collect and process, we have adopted organisational and technical measures to secure them, which we strictly adhere to.

As a general rule, we store the personal data within the EEA on the servers of Amazon Web Services, Inc (‘AWS’). For Montenegrin data subjects, the storage of data on EU servers constitutes an international data transfer, which is also lawful without specific consent in accordance with the applicable data processing legislation. For more information on the consequences of using AWS services, please see section 6(iii).

5. DATA RETENTION

Personal data are processed to the extent necessary to fulfil the purposes described above and for the time necessary to achieve those purposes or for a period directly stipulated by law. Thereafter, the personal data are deleted or anonymised.

(i) If you use our Website for information purposes only, we will store your personal data on our servers for the duration of your visit. After you leave our website, your personal data will be deleted.

(ii) When you make contact inquiries we store your personal data for the period until we have responded to your inquiry. However, if the inquiry is a complaint, we will keep the personal data related to the complaint for 5 years.

(iii) When you use our Services actively (i.e., you have entered into a contract with us) we store your personal data for the duration of the contractual relationship. This also includes the initiation of a contract (pre-contractual legal relationship) and the performance of a contract. We may retain your personal data for a longer period in the event of a complaint or a possible litigation to exercise or defence of legal claims or to exercise of rights and obligations in connection with the contract.

In the latter case, the processing is based on our legitimate interest and it continues no more than 5 years from the termination of the contract.

(iv) We may also retain your personal data for as long as reasonably necessary for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements.

(v) If you have given your consent, we retain your personal data until you revoke your consent.

(vi) Identification data and any additional information provided for the purpose of confirming your identity when submitting a data subject rights request as per point 7 is kept only for the time required to handle your request (i.e., submitting a reply to you), after which it is deleted. Any other personal data submitted to us by the you in the context of a data subject rights request is kept for five years from the date of the request.

(vi) Recorded phone calls will be kept for 90 days from the date of recording, unless the call was the subject of a complaint or dispute, in which case they will be kept for 5 years from the date of recording.

6. RECIPIENTS OF THE DATA AND INTERNATIONAL DATA TRANSFER

In some cases, to the extent permitted or required by law, we may share your personal data with our service providers in connection with our Website and the respective Service. In doing so, we restrict the transfer of your necessary personal data so our service providers receive your personal data as data processors under our supervision.

The necessary recipients of your personal data:

(i) The trading platform provider in order to enable you to use our Services through the trading platform.

Please note that the trading platform and interface enabling you to use the Services is provided to us by a third-party service provider. This third-party service provider is Antelope Systems Limited (7 Florinis St., Nicosia, Cyprus). As a solution provider and as a provider of support services for the platform, this third party may have access to your personal data when providing services to us in connection with the operation of the platform and the provisions of the Services to you. This third-party acts as a data processor and on our instructions.

(ii) Payment service providers and financial institutions for payment processing.

(iii) IT service providers for the administration and hosting of our Website or the operation of our apps, cloud service providers.

Our hosting provider is AWS storing the data we manage primarily on servers located within the EEA. However, AWS is located in the United States. When using AWS services, we may also transfer data to other third countries (to the US specifically). We, however, inform you that AWS participates in the EU-US Data Privacy Framework and as such provides adequate protection based on the adequacy decision of the European Commission. Moreover, the service terms include the Standard Contractual Clauses approved by the European Commission Implementing Decision (EU) 2021/914 of 4 June 2021.

For sending e-mails and conducting e-mail marketing campaigns, our Company uses the services of SendGrid, Inc., which company is also located in the United States. We, however, inform you that SendGrid participates in the EU-US Data Privacy Framework Data Privacy Framework and as such provides adequate protection based on the adequacy decision of the European Commission.

(iv) Companies providing us with customer support or other back office activities.

Our company has outsourced the provision of customer support services in certain languages. The service provider may have access to your personal data when providing customer support services. In all cases where the service provider processes personal data in connection with the provision of its services, it acts as a data processor.

Entities that provide support services to our company in the context of outsourced activities:

Dunaportal 2010 Kft. (1072 Budapest, Dob utca 38. II. em. 25. ajtó, Hungary). Data transfer from Montenegro to Hungary are considered international transfers of data of Montenegrin data subjects, however, this data transfer complies with the applicable data protection rules, given that Hungary is a Member State of the European Union.

For quick assistance, we provide you with a live chat feature available on the Website and in the User Area. The chat solution is provided by Voiceflow Inc. (30 Duncan Street, Lower Level North Suite, Canada) and in this capacity it acts as our data processor. When personal data is held by the named company, an international data transfer takes place. however, that the European Commission has adopted an adequacy decision in relation to Canada, which means that the European Commission has recognised Canada (in relation to the commercial organisations) as providing adequate protection.

(v) Others

Our Company registers every complaints it receives. The ticketing system used for registering complaints is provided by Freshwork Inc., which is used as a data processor by our Company. Freshwork Inc. is located in the United States. We, however, inform you that SendGrid participates in the EU-US Data Privacy Framework Data Privacy Framework and as such provides adequate protection based on the adequacy decision of the European Commission.

To record telephone calls, our company uses the products and services of Voicespin Ltd. (3 Tefutsot St., Givatayim, Israel), an Israeli company. Please be informed that Israel ensures an adequate level of protection for personal data on the basis of the adequacy decision adopted by the European Commission.

In addition, we may transfer your data to persons in the cases where it is our obligation under the law or under a judicial or any other legally binding decision.

In the rare event of a business transaction such as a merger, acquisition or reorganisation, we may share some of your personal data with relevant parties (such as a buyer or successor) in order to facilitate such a transaction. If we intend to transfer information about you, we will inform you either by email or by posting a notice on the Website.

7. YOUR RIGHTS

You can exercise all your rights mentioned below by sending a request to us via email at support@joinx.me, alternatively you can use our contact details in Section 1 of this Privacy Policy.

Following receipt of your request, we must provide you with information about the action we have taken in response to your request within the time limits set by applicable data protection law. Unless applicable law provides otherwise, and unless a shorter or longer time limit is specified, this will generally mean that you can expect a response from us within one month.

In connection with the processing of personal data you have the following rights:

(1) Right of access to personal data

You may request (at any time) to send you a confirmation as to whether we are processing personal data about you. In that case, you have the right to access this data and certain other information (subject to the applicable law). If you request it, we will also provide you with a copy of the personal data processed.

(2) Right to rectification of personal data

If you register on the Website, you will be able to rectify and amend your personal data by editing your user account. Alternatively, you may notify us of inaccurate processing of your personal data and we will rectify it without undue delay.

(3) Right to erasure of personal data (“right to be forgotten”)

You have the right to erasure of your personal data without undue delay in the following cases:

(i) if the data are no longer necessary in relation to the purposes for which we have collected or otherwise processed them;

(ii) if you withdraw your consent to their processing and, at the same time, there will be no other legal ground for their processing (this only applies in the cases where we process personal data on the basis of your consent);

(iii) if you object and there are no overriding legitimate grounds for the processing, or if you object to the processing for direct marketing purposes; or

(iv) if your personal data are processed unlawfully.

The right to erasure does not apply, inter alia, if the processing of personal data is necessary (i) for exercising the right of freedom of expression and information, (ii) for compliance with a legal obligation to which we are subject or (iii) for the establishment, exercise or defence of legal claims.

(4) Right to restriction of processing

You have the right to request a restriction of the processing of your personal data.

(5) Right to data portability and to the provision of data in a machine-readable format

In the case of automated processing based on your consent or performance of the contract, you have the right to receive the data in a structured, commonly used and machine-readable format and to have them transmitted by us to another personal data controller.

(6) Right to object

If we process personal data on the basis of our legitimate interest, you have the right to object to such processing. If you file such an objection, we will not be able to process your personal data unless we demonstrate compelling legitimate grounds for the processing which override your interests or rights and freedoms, or for the establishment, exercise or defence of our legal claims.

(7) Right to withdraw consent

If processing is based on your consent, you have the right to withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of processing based on the consent given before its withdrawal.

(8) Right to lodge a complaint with the supervisory authority

We encourage you to always contact us first to raise your questions or concerns.

In any case, if you believe that any of your rights have been infringed in relation to processing your personal data, you may file a complaint to the Agency for Personal Data Protection and Free Access to Information (address: Bulevar Revolucije 11, Podgorica; e-mail: azlp@azlp.me; azlp@t-com.me, website: https://www.azlp.me/en/personal-data-protection)

If you are using our Services in any of the member states of the European Union, you may file a complaint to the supervisory authority having competence in that specific member state. Contact details for the competent authorities can be found at https://www.edpb.europa.eu/about-edpb/about-edpb/members_en.

***

Restrictions on any of the rights mentioned above in this section may be imposed if it is deemed necessary for: defence, national and public security, detection and prosecution of criminal offenders, safeguarding economic or financial interest or cultural assets of importance for the state, as well for protection of the data subject or of human right and freedoms, to the extent necessary to achieve the purpose for which the restriction was established, in accordance with a separate law. .

If you are an EU citizen or using our Services from the EU, restrictions on the rights described above will always be in accordance with the GDPR.

8. FINAL PROVISIONS

We may change this policy unilaterally, but we will do so only when necessary and we will notify you about such change. Such changes will be effective when posted. The date the Policy was last revised is identified at the top of the page. Your continued use of our Services following the posting of any modification to this Policy shall constitute your acceptance of the amendments to this Policy.