Last updated: April 27th 2022
We would like to inform you about the processing of personal data when using products developed by LI.FI. This information refers to everything offered by https://li.fi and https://transferto.xyz, our API, SDK, smart contracts, widgets and other third-party integrations. and is also valid if you use LI.FI on third-party websites or in third-party apps.
Theemin Software UG (haftungsbeschränkt)
Lychener Straße 19, 10437 Berlin, Germany
Please contact us through the above contact details for any questions regarding data protection or the assertion of data protection claims.
We collect personal data via your use of our website and integrations into other offerings, for example, if you use LI.FI on other websites. Data is collected via your active input or we collect it without your active participation via your interaction with LI.FI. In particular, these are the following processes:
visiting our website;
use of our apps and integrations;
system messages via email and push message;
making contact with us;
warding off attacks against our technical infrastructure;
We refer to the following explanations for more detail.
When you visit our website, the company we commission to operate the website processes and stores the public IP address of the device you use to visit our website, including the date and time of access. The IP address is a unique numeric address under which your device sends or retrieves data to the internet. The IP address is used to enable technical access and use of our website as well as to detect and ward off attacks against our service provider or our website. Unfortunately, attacks continue to be carried out with the intention of harming website operators or their users (e.g., preventing access, spying on data, distributing malware (e.g., viruses), or other unlawful purposes). Such attacks would compromise the proper functioning of our provider's data center, the use of our website or its functionality and the security of visitors to our website. The processing of an IP address, including the time of access, is used to ward off such attacks. This processing via our service provider constitutes a legitimate interest in ensuring the functionality of our website and fending off unlawful attacks against us and visitors to our website. The legal basis for this processing is Art. 6 (1) (f) GDPR. We have commissioned Amazon Web Services EMEA SARL (AWS Europe) as a data processor for the operation of our website.
The stored IP data is deleted (with anonymization) if it is no longer needed to detect or defend against an attack.
Our apps retrieve the content to be displayed from our server. The above statements regarding our website apply accordingly in this case, as this is technically equivalent to a visit to our website.
Our applications allow to calculate transactions across different blockchains and exchanges. The calculation can be manipulated by you according to your own preferences. We aim to remember that preference as well as your executed transactions to improve your user experience and to be able to offer you a history of those.
If you adjust your settings without registering, then we store a cookie on your computer with a random user ID. This user ID will be assigned to your preferences. As soon as you register for LI.FI, we assign the user ID from the cookie to your account, so that your previous transactions appear under this ID in your account. If you do not want this, simply delete our cookies in your browser.
The legal basis of this data processing for registered users is Art. 6 (1) (b) GDPR, since we are acting to fulfill a contract with the user. For non-registered users, the legal basis for processing is Art. 6 (1) (f) GDPR. Our legitimate interest is the ability to associate transactions with a user to improve the user’s experience .
Setup of an account
It’s great that you’ve decided to create your own LI.FI account. This will give you the opportunity to use all the features that we only offer to registered users. We process your provided data to create your account. We also process this to manage your account and to enable you to use the LI.FI services connected to your customer account. The legal basis for processing is Art. 6 (1) (b) GDPR.
The data stored in your customer account will be deleted when you cancel your customer account with us. If we are legally obliged to a longer storage period (for example to fulfill accounting obligations) or are legally entitled to longer storage periods (for example due to a current legal dispute against the holder of a user account), deletion is carried out following expiration of the storage obligation or legal authorization.
We will inform you via email and/or push messages about events related to your use of LI.FI and the status of your transactions. You can set the information you want to receive and how you want to receive it (or not) in your profile. The legal basis for processing as well as these messages that serve to fulfill our contract with you is Art. 6 (1) (b) GDPR. If you have revocably activated the information yourself at any time, the legal basis is Art. 6 (1) (a) GDPR. Otherwise, for the information activated by us, which you can deactivate at any time, the legal basis is Article 6 (1) (f) GDPR, as we believe that these system messages improve your use of LI.FI.
We commission an external service provider for the preparation and dispatch of our emails, who acts as a data processor for us. This is mailchimp.com, a service by the Rocket Science Group, LLC d/b/a MailChimp, 675 Ponce de Leon Ave NE, Suite 5000, Atlanta, GA 30308, USA. This company is based in the US but is a member of Privacy Shield, https://www.privacyshield.gov/participant?id=a2zt0000000TO6hAAG&status=Active.
To send push messages, we use the Firebase product under a data processing contract with the Google Corporate Group, available here: https://firebase.google.com/terms/data-processing-terms The Privacy Policies are available at https://firebase.google.com/support/privacy/. This may result in the export of personal data to Google LLC in the US, which is a member of the Privacy Shield Convention.
If you send us a message via one of the offered contact options, we will use the information you provide us with to process your request. The legal basis for this is our legitimate interest in answering your request in accordance with Art. 6 (1) (f) GDPR. If your request is for the purpose of concluding or performing a contract with us, the further legal basis for the processing is Art. 6 (1) (b) GDPR. The data will be deleted following completion of your request. If we are legally obliged to a longer storage period, deletion is carried out following expiry of the relevant period.
Cookies are small text files that are stored on your device by your browser when visiting our website. If you visit our website again later, we can read these cookies again. Cookies are stored for various lengths of time. In your browser settings, you always have the option to set which cookies are accepted; this may however result in our website no longer working properly. Furthermore, you can delete cookies independently at any time. If you do not do this, we can specify how long a cookie should be stored on your computer when saving. A distinction is made here between so-called session cookies and persistent cookies. Session cookies are deleted from your browser when you leave our website or when you quit the browser. Persistent cookies are stored for the duration we specify upon saving.
Technically necessary cookies that are essential to use the functions of our website (for example, to recognize whether you have logged in). Without these cookies, certain functions cannot be provided
Functional cookies that are used to perform certain functions that you want to use technically.
Analysis cookies that analyze your user behavior. For details please read the information regarding "Google Analytics"
Most browsers used by our users allow them to set which cookies are stored and to delete (certain) cookies. If you restrict the storage of cookies to certain websites or do not allow third-party cookies, it may render our website inoperable under some circumstances. Here's how to customize cookie settings for the most common browsers:
Google Chrome (support.google.com/chrome/answer/95647?hl=de)
Internet Explorer (https://support.microsoft.com/de-de/help/17442/windows-internet-explorer-delete-manage-cookies)
Google Analytics allows us to create usage statistics for our website as well as demographics about visitors and their user behavior in non-personalized form. It also compiles statistics to help us better understand how our site is found, in order to improve our search engine optimization and advertising efforts. This processing constitutes a legitimate interest in being able to improve our website as well as our advertising measures. The legal basis for this processing is Art. 6 (1) (f) GDPR.
The pseudonymous data is deleted after 14 months.
You can find information on how to opt out of using Google Analytics at https://tools.google.com/dlpage/gaoptout?hl=en.
As alternative to the Browser-Add-On or for browsers on mobile devices, please click this link to deactivate tracking by Google Analytics on this website (this opt-out does only work in this browser and for this domain). It creates an Opt-Out-Cookie and saves it on your device. If you delete this Cookies in your Browser, you have to click the link again.
Google is a member of the Privacy Shield Agreement and has entered into a Google Analytics data processing contract with us.
Pursuant to Art. 15 GDPR, you have the right to ask for confirmation that personal data relating to you is being processed. If this is the case, you have a right to information about this personal data as well as to further information, which is listed under Art. 15 GDPR.
Pursuant to Art. 16 GDPR, you have the right to demand the rectification of incorrect personal data relating to you. Taking into account the purposes of processing, you also have the right to request the completion of incomplete personal data, including by means of a supplementary statement.
You have the right to request us to immediately delete your data. We are obliged to delete personal data immediately, provided that the corresponding requirements of Art. 17 GDPR are met. For details please refer to Art. 17 GDPR.
Pursuant to Art. 18 GDPR, you have the right, under certain conditions, to demand that we restrict the processing of your personal data.
Under Art. 20 GDPR, you have the right to receive the personal data that you have provided to us in a structured, common and machine-readable format, and you have the right to transfer this data to another controller without hindrance, provided that the processing is based on consent pursuant to Article 6 (1) (a) GDPR or Article 9 (2) (a) GDPR or a contract pursuant to Article 6 (1) (b) GDPR and the processing is carried out by automated means.
Under Art. 21 GDPR, you have the right to object to the processing of your personal data based on Article 6 (1) (e) or (f) GDPR; this also applies to profiling based on these provisions.
If we process your personal data to operate direct advertising, you have at any time the right to object to the processing of your personal data for the purpose of such advertising; this also applies to profiling if it is associated with such direct mail.
If you would like to exercise your right, please contact us the controller at the contact details listed above.
Without prejudice to any other administrative or judicial remedy, you have the right under Article 77 GDPR to complain to the supervisory authority. In particular, this right applies in the Member State of your domicile, your place of work or the place of the alleged infringement if you believe that the processing of your personal data is in violation of the GDPR.