Privacy Policy

Last updated on 9 January, 2024

Socrates (“Socrates”, “we”, or “us”) is committed to protecting the privacy of our users, and we take our data protection responsibilities seriously. This Privacy Notice describes how Socrates collects and processes your personal data through the Socrates platforms, websites and applications that are referenced in this Privacy Notice.

This Privacy Notice applies to your use of, and access to, the Socrates mobile app, the website www.socrates.com, and to our other online products and services (collectively, the “Services”). This Privacy Notice applies to all personal data processing activities carried out by us, across platforms, websites, applications and departments of Socrates.

To the extent that you are a customer or user of our Services, this Privacy Notice applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you.

To the extent that you are not a relevant stakeholder, customer, or user of our Services, but are using our platforms, website or applications, this Privacy Notice also applies to you.

What personal data does Socrates collect and process?

Personal data is data that identifies an individual or relates to an identifiable individual. This may include data you provide to us, data which is collected about you automatically, and data we obtain from third parties.

Information you provide to us

To open an account and access our Services, we will ask you to provide us with some data about yourself. This data is necessary to provide the requested Services (e.g., you may need to provide your email address in order to open your account), or is relevant for certain specified purposes, described in greater detail below. In some cases, if we add Services and features, you may be asked to provide us with additional data.

Failure to provide the data required may mean that Socrates will not be able to offer you our Services.

We may collect the following types of information from you:

Category of Personal Data

Types of Personal Data

Personal Identifiable Information

E-mail address, username, avatar, profile picture, country and region

Contact Information

E-mail address

Transaction Information

ERC20 wallet address and information about the transactions you make on our Services

Communications

Your communications with us including chats with our customer services team and your responses to surveys

Information we collect from you automatically

To the extent permitted under applicable laws, we may collect certain types of information from you automatically, for example, whenever you interact with us or use our Services. This information helps us address customer support issues, improve the performance of our sites and Services, maintain and improve your user experience and protect your account from fraud by detecting unauthorised access.

Information collected from you automatically includes:

Category of Personal Data

Types of Personal Data

Browsing Information

Device ID, device type, operation system type, browsing information such as name and version and IP address

Usage Data

Information about how our Services are performing when you use them, e.g., error messages you receive and performance of the site

Marketing and Research Information

Device ID, IP address, browser or web history data and analytics on preferences and profiles

Information we collect from third parties

From time to time, we may obtain information about you from third-party sources as required or permitted by applicable laws.

Category of Personal Data

Types of Personal Data

Blockchain Data

Wallet address, public blockchain data, e.g., transaction ID, transaction, amount, event and timestamp

Our primary purpose in collecting your personal data is to provide our Services in a secure, efficient and smooth manner. We generally use your personal data to deliver, provide and operate our Services, for content-delivery and advertising and for loss prevention and anti-fraud purposes. Below you will find a more detailed explanation on how we use your personal data:

Why does Socrates process my personal data?

Legal basis for our use of your personal data

To create and maintain your Socrates account

We use your personal data to create and maintain your account, to provide our Services to you and to process any transactions.

Without processing your personal data for this purpose, we will not be able to let you open an account with us or we may have to terminate your account where one is already opened. We may not be able to provide you with our Services as well.

Processing is necessary for the performance of a contract of which you are a party.

To communicate with you on our Services and transaction-related matters

We use your personal data to communicate with you in relation to our Services on administrative or account-related information. We will also communicate with you to keep you updated about our Services, for example, to inform you of relevant security issues, updates or other transaction-related information.

Without such communications, you may not be aware of important developments relating to your account that may affect how you can use our Services.

Please note that you cannot opt out of receiving critical service communications, such as emails or mobile notifications sent for legal or security purposes.

Processing is necessary for the performance of a contract of which you are a party.

To provide you with customer services

We process your personal data when you contact us so that we can provide you with support on questions, disputes, complaints or problems that you may have.

Without processing your personal data for this purpose, we cannot respond to your requests.

Processing is necessary for the performance of a contract of which you are a party.

To provide you with recommendations and personalisations

We use your personal data to recommend Services or advertisements that may be of interest to you. We also use your personal data to identify your preferences and personalise your experience with us.

Without processing your personal data for this purpose, we cannot tailor our platform and Services to enhance your experience.

We rely on the legitimate interest of providing you with personalised Services.

It is in our interest to understand how you interact with the Services in order to customise and/or improve our products and Services and enable accurate and reliable reporting.

To provide you with marketing communications

We use your personal data to send you marketing communications, including news and information on promotions, offers, rewards and other incentives through email, mobile, in-app mail and push notifications.

Without processing your personal data for this purpose, we cannot draw your attention to our promotions, offers, rewards or incentives.

We rely on the legitimate interest of providing you with marketing news.

Where required by applicable laws, we rely on your consent to process your personal data for marketing purposes. You may withdraw your consent at any time and we will thereafter stop processing your personal data for marketing purposes. Your withdrawal of consent however does not affect the lawfulness of processing based on consent before its withdrawal.

To maintain and promote the safety, security and integrity of our Services

We process your personal data in order to (i) monitor and verify accounts, service access and related activities, (ii) detect, investigate, address and prevent violations of our Terms of Use, suspicious activities, fraud, abuse and unlawful behaviours, (iii) enhance security by combating malware and security risks. (iv) provide functionality and fix errors and (v) comply with applicable security laws and regulations.

Without processing your personal data for this purpose, we will not be able to ensure the security of our platform, our Services, our users and others.

Processing is necessary for the performance of a contract of which you are a party.

To improve our Services

We process your personal data to improve our Services and for you to have better user experience. We analyse performances to improve the usability and effectiveness of our Services.

Without processing your personal data for this purpose, we will not be able to provide you with the best features and user experience.

We rely on the legitimate interests of improving our Services and enhancing your user experience.

It is in our interest to understand how you interact with the Services in order to improve our products and Services and enable accurate and reliable reporting.

To carry out research and innovate

We may process your personal data when carrying out surveys to learn more about your experience using our Services. We may also use your personal data to support research and development and to drive innovations of our Services.

Without processing your personal data for this purpose, we will not be able to provide you with the best features and user experience.

We rely on the legitimate interests of improving our Services and enhancing your user experience.

It is in our interest and our users’ interests to improve and iterate our Services through information obtained from research and interviews.

To comply with legal and regulatory obligations

We may access, preserve, disclose or otherwise process your personal data when we consider it necessary or reasonable to comply with any laws, legal obligations, regulations, requests from law enforcements, authorities, regulators or governments and court orders or other legal requests.

Without processing your personal data for this purpose, we may be in breach of our legal and regulatory obligations.

Processing is necessary for us to comply with our legal and regulatory obligations under applicable laws and regulations.

Does Socrates carry out automated decision-making?

We do not rely solely on automated tools to help determine whether a transaction or an account presents a fraud or legal risk.

Are children allowed to use Socrates Services?

We do not allow anyone under the age of 13 to use Socrates Services and we do not knowingly collect personal data from anyone under the age of 13.

Does Socrates use cookies or other similar technology?

We may use cookies and other similar technological tools to help us provide our Services, magnify our marketing efforts and better understand how you use our Services so that we can make improvements and enhance your user experience.

Does Socrates share your personal data?

We may share your personal data with our affiliates and third parties when we consider that the sharing of your personal data is in accordance with, beneficial to, or required by, any contractual relationships between you and us, applicable laws, regulations or legal processes.

We may share your personal data with the following parties or in the following circumstances:

  • Affiliates: Personal data that we collect and process may be transferred between Socrates companies as a normal part of business conduction and the offering of our Services to you.

  • Third-party service providers: We may engage other companies and individuals to perform functions on our behalf. Examples may include data analysis, marketing assistance and content transmission. These third-party service providers only have access to personal data necessary to perform their functions but may not use the personal data for any other purposes. Further, they must process the personal data in accordance with our contractual agreements and only as permitted by applicable data protection laws.

  • Legal authorities: We may be required by applicable laws or by courts to disclose certain information about you or any engagement we may have had with you to relevant governments, regulators, law enforcement agencies and/or other competent authorities. We will only disclose information about you to these legal authorities to the extent we are obliged to do so according to the applicable laws. We may also need to share your personal data in order to enforce or apply our legal rights, to prevent fraud or to protect the rights, property or safety of Socrates, our users or others.

  • Business transfers: As we continue to develop our businesses, we may sell or buy other businesses or services. In such transactions, user information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing privacy policies or notices (unless, of course, the user consents otherwise). Also, in the unlikely event that Socrates or substantially all of its assets are acquired by a third party, user information will be one of the transferred assets.

Does Socrates carry out cross-border transfer of your personal data?

To facilitate our global operations, we may transfer your personal data outside of your country of residence, in particular, outside of the European Economic Area (“EEA”), the United Kingdom (“UK”) and Switzerland. The EEA includes the European Union (“EU”) countries, as well as Iceland, Liechtenstein and Norway.

We may transfer your personal data to third-party service providers based throughout the world. In cases where we intend to transfer your personal data to countries or international organisations outside of your country of residence, we put in place suitable and adequate technical, organisational and contractual safeguards, such as the Standard Contractual Clauses, to ensure that such transfer is carried out in compliance with applicable data protection laws, including but not limited to the EU General Data Protection Regulation (“GDPR”), the UK GDPR and the Swiss Federal Act on Data Protection.

We also rely on decisions from the European Commission in which it recognises that certain countries and territories outside of the EEA ensure an adequate level of protection for personal data. These decisions are referred to as “adequacy decisions”.

How does Socrates secure your personal data?

We design our systems with your security and privacy in mind. We have appropriate security measures in place to prevent your personal data from being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We work to protect the security of your personal data during transmission and while stored by using encryption protocols and software. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need-to-know.

Does Socrates use your personal data for marketing purposes?

In order for us to provide you with the best user experience, we may share your personal data (with your consent when required by applicable laws) with our marketing partners for the purposes of targeting, modelling and analytics, as well as marketing and advertising.

What data subject rights do you have?

Subject to the applicable laws, as outlined below, you have a number of data subject rights in relation to your privacy and the protection of your personal data:

  • Right to access: You have the right to obtain confirmation that your personal data is processed by us and to obtain a copy of your personal data as well as certain information related to its processing.

  • Right to correct: You can request for the rectification of your personal data if it is inaccurate. You can also supplement your personal data or change your personal data at any time.

  • Right to delete: You can, in some cases, have your personal data deleted.

  • Right to object: You can object, for reasons relating to your situation, to the processing of your personal data. For instance, you have the right to object where we rely on legitimate interests to process your personal data or where we process your personal data for direct marketing purposes.

  • Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal data by us, provided there are valid grounds for doing so. We may continue to process your personal data if it is necessary for the defence of legal claims, or for any other exceptions permitted under applicable laws.

  • Right to data portability: In some cases, you can ask to receive your personal data which you have provided to us in a structured, commonly-used and machine-readable format, or, when this is possible, that we communicate your personal data on your behalf directly to another data controller.

  • Right to withdraw your consent: For processing that requires your consent, when you consent to the processing of your personal data for a specified purpose, you have the right to withdraw your consent at any time. Exercising this right however does not affect the lawfulness of the processing based on the consent given before the withdrawal.

  • Right to lodge a complaint with the relevant data protection authority: We hope that we can satisfactorily answer any queries you may have about the way in which we process your personal data. However, if you have unresolved concerns, you have the right to make a complaint to the data protection authority in the location in which you live, work or believe a data protection breach has occurred.

Please note that your data subject rights may be limited in some situations, for example, where we can demonstrate that we have a legal requirement to process your personal data.

If you want to exercise any of your data subject rights, or if you have any questions as to how we collect and process your personal data, please contact us via e-mail at [email protected]

For how long does Socrates keep your personal data?

We keep your personal data to enable your continued use of our Services, for as long as it is required in order to fulfil the relevant purposes described in this Privacy Notice, as may be required by applicable laws, and to resolve any disputes and/or legal claims, or as otherwise communicated to you.

While personal data retention requirements vary from country to country, our typical retention periods for different categories of your personal data are described below:

  • Personal identifiable information collected to comply with our legal obligations may be retained after account closure for as long as it is required under applicable laws.

  • Contact information such as your e-mail address for marketing purposes is retained on an ongoing basis and until you unsubscribe or we delete your account. Thereafter, we will add your details to an unsubscribed list to ensure that we do not inadvertently send marketing communications to you.

  • Content that you post may be kept after you close your account.

  • Information collected via cookies, web page counters and other analytics tools is kept for a period of up to one year from the date of data collection.

Who can you contact about your personal data that Socrates collects and processes?

Our data protection officer can be contacted via e-mail at [email protected] and will work to address any questions or issues that you may have with respect to the collection and processing of your personal data.

Socrates

Hong Kong Lesee Industry Co., Limited, a company registered at Room 803, 8/F Easey Commercial Building, 253-261 Hennessy Road, Wan Chai, Hong Kong, operates as “Socrates” and is the data controller for Socrates and its affiliated companies.

Notices and Revisions

Our Privacy Notice may change from time to time. You should check our websites and applications frequently to keep up to date with recent changes. Unless stated otherwise, our most current Privacy Notice applies to all personal data that we have collected and processed about you and your account.

Last updated