Privacy Policy

Last Updated: December 23, 2024

1. BACKGROUND

Lemma-X ApS, a private limited company incorporated in Denmark with its registered office at c/o Plesner, Amerika Pl. 37, 2100 København, Denmark;
Lemma-X DG Limited with its registered office at Smith’s House, 6/7 St. Stephen’s Green, Dublin 2 D02X827, Ireland and with company number 747235, Lemma-X UAB with its registered office at Gedimino Avenue 44a-201, LT 01110, Vilnius, Lithuania and with company number 306669353, and other companies in the Lemma-X group (collectively “Lemma-X”, “we”, “our” or “us”) collect and use certain Personal Data. Lemma-X is responsible for ensuring that it uses that Personal Data in compliance with data protection laws, including (but not limited to) the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any other national, implementing or supplementing Data Protection Legislation including but not limited to the Data Protection Act 2018.

At Lemma-X we respect the privacy of our customers and we are committed to keeping your Personal Data secure. This Privacy Policy governs the handling of Personal Data by Lemma-X in the course of carrying on commercial activities. 

We may modify this Privacy Policy from time to time. Please check the date at the top of this notice to see when it was last updated.

We use the following definitions in this Privacy Policy: 

Services	means the Lemma-X Website and the Lemma-X platform through which Lemma-X provides you with services, including the ability to buy and sell various digital items, including cryptoassets, non-fungible tokens, in-game products and currency, and other digital content.
Lemma-X Website	means the Lemma-X website https://lemmax.com/.
Lemma-X, we or us	means Lemma-X DG Limited, Lemma-X UAB and other companies of the Lemma-X Group.
Personal Data	means any data which relates to a living individual who can be identified from that data or from that data and other information which is in the possession of, or is likely to come into the possession of, Lemma-X (or its representatives or service providers). In addition to factual information, it includes any expression of opinion about an individual and any indication of the intentions of Lemma-X or any other person in respect of an individual.
Privacy Policy	means this privacy policy.
User(s) or You	means the users of the Lemma-X services, including but limited to the Lemma-X Website and the Lemma-X platform.

 

2. THE TYPES OF PERSONAL DATA WE COLLECT 

The Lemma-X Services require us to obtain Personal Data about you in order to perform the services we have been engaged to provide. Users may be unable to access the Lemma-X Services if such Personal Data are not provided. In relation to each of the Lemma-X Services, we will collect and process the following Personal Data about you: 

• Information that you provide to Lemma-X. This includes information about you that you provide to us, for instance when you open an account with us. The nature of the services you are requesting will determine the kind of Personal Data we might ask for, though such information may include (by way of a non-exhaustive list):

• • Identification Information: Full name, date of birth, nationality, gender, signature, utility bills, photo verification, telephone number, home address, and email address.
  • Formal Identification Information: Government issued identity document such as passport, driver’s license, national identity card, taxpayer identification number, passport number, and/or any other information deemed necessary to comply with our legal obligations under financial or anti-money laundering laws.
  • Financial Information: Bank account information, payment method information, transaction history, and tax identification.
  • Other personal information: Any information that you choose to share on Lemma-X Website which may be considered Personal Data.

• Information that we collect or generate about you. This includes (by way of non-exhaustive list): 

• • any information regarding the services purchased and/or used on the Lemma-X Website and our interactions with you;
  • information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, type of currency (fiat or gamecoin) and timestamp;          
  • a file with your contact history to be used for enquiry purposes so that we may ensure that you are satisfied with the services which we have provided to you; 
  • online identifiers such as geo location/tracking details, operating system, browser name and version, and/or personal IP addresses; 
  • usage data such as authentication data and security questions; and
  • any information you choose to provide to us, for example, through support tickets, emails, and/or surveys.

• Cookies. When you visit the Lemma-X Website, cookies are used to collect technical information about the services that you use, and how you use them. For more information on the cookies we use, please see our Cookie Policy.
• Information we obtain from other sources. This includes the Personal Data provided to us by third-party service providers, agencies or other publicly available sources where applicable. The main types of third parties we receive your personal information from are:
  • Public Databases, Credit Bureaus & ID Verification Partners in order to verify your identity in accordance with applicable law. ID verification partners like Sumsub use a combination of government records and publicly available information about you to verify your identity. Such information may include your name, address, job role, public employment profile, government-issued ID, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. 
  • Game developers, who may share your game user ID with us in order for us to provide the Services to you.
  • Blockchain Data, including through the use of third party transaction and wallet screening service providers, to ensure parties using our Services are not engaged in illegal or prohibited activity and to analyse transaction trends for research and development purposes.

 

3. HOW WE USE YOUR INFORMATION

Your Personal Data may be stored and processed by us in the following ways: 

• for ongoing review and improvement of the Lemma-X Services to ensure they are user friendly and to prevent any potential disruptions or cyber attacks;
• to allow you to use and access the functionality provided by the Lemma-X Services;
• to assess your application for an account through the Lemma-X Services, where applicable;
• to set up customers to use Lemma-X Services;
• to understand feedback on Lemma-X Services and to help provide more information on the use of those services quickly and easily;
• to communicate with you in order to provide you with services or information about Lemma-X;
• to understand your needs and interests;
• for the management and administration of our business; 
• in order to comply with and in order to assess compliance with applicable laws, rules and regulations, and internal policies and procedures; or 
• for the administration and maintenance of databases storing Personal Data. 

When we process your Personal Data, we make sure that the purposes we are using it for comply with applicable law, which requires all Personal Data processing purposes to fall within a lawful basis for processing. These include: 

• we need to do so in order to perform our contractual obligations with our customers and third-party providers;
• we have obtained your consent;
• we have legal and regulatory obligations that we have to discharge; 
• we may need to do so in order to establish, exercise or defend our legal rights or for the purpose of legal proceedings;
• the use of your Personal Data as described is necessary for our legitimate business interests, such as: 

• allowing us to effectively and efficiently manage and administer the operation of our business;
• maintaining compliance with internal policies and procedures;
• monitoring the use of our copyrighted materials; and
• enabling quick and easy access to information on Lemma-X Services.

 

4. DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES 

We may share your Personal Data within Lemma-X for the purposes described above. We will take steps to ensure that access to Personal Data is restricted to Lemma-X employees who have a legitimate business need to access the information for the purposes described in this Privacy Policy.

We may share your Personal Data outside of Lemma-X for the following reasons: 

• with our business partners. For example, this could include our partners from whom you purchased the Lemma-X Services(s). Personal Data will only be transferred to a business partner who is contractually obliged to comply with appropriate data protection obligations and the relevant privacy and confidentiality legislation;
• with third party agents and contractors for the purposes of providing services to us (for example, Lemma-X’s accountants, professional advisors, IT and communications providers and debt collectors). These third parties will be subject to appropriate data protection obligations and they will only use your Personal Data as described in this Privacy Policy; 
• with financial institutions which we partner with to process payments you have authorised when you use our Services;
• to the extent required by law, for example if we are under a duty to disclose your Personal Data in order to comply with any legal obligation (including, without limitation, in order to comply with tax reporting requirements and disclosures to regulators), or to establish, exercise or defend its legal rights; 
• if we sell our business or assets, in which case we may need to disclose your Personal Data to the prospective buyer for due diligence purposes; and
• if we are acquired by a third party, in which case the Personal Data held by us about you will be disclosed to the third party buyer. 

 

5. INTERNATIONAL TRANSFERS OF PERSONAL DATA

Lemma-X is a global business. Our customers and our operations are spread around the world. As a result, we collect and transfer Personal Data on a global basis. That means that we may transfer your Personal Data to locations outside of your country. 

When we transfer your Personal Data to another country outside the UK and / or EEA, we will ensure that it is protected and transferred in a manner consistent with legal requirements. In relation to data being transferred outside the UK and / or EEA, for example, this may be done in one of the following ways:

1. the country that we send the data to might be approved by relevant data protection authorities as offering an adequate level of protection for Personal Data; 
2. the recipient might have signed up to a contract based on ‘model contractual clauses’ approved by relevant data protection authorities, obliging them to protect your Personal Data;
3. the recipient may have adhered to binding corporate rules; or
4. In other circumstances the law may permit us to otherwise transfer your Personal Data outside the UK and / or EEA.

You can obtain more details of the protection given to your Personal Data when it is transferred outside the UK and /or EEA (including a copy of the standard data protection clauses which we have entered into with recipients of your Personal Data) by contacting us as described in Section 9 below.

 

6. HOW WE SAFEGUARD YOUR INFORMATION

We have extensive controls in place to maintain the security of our information and information systems. Customer files are protected with safeguards according to the sensitivity of the relevant information. Appropriate controls (such as restricted access) are placed on our computer systems. Physical access to areas where Personal Data is gathered, processed or stored is limited to authorised employees. 

We may store and process all or part of your Personal Data, including certain payment information, such as your encrypted bank account and/or routing numbers in the countries where our facilities or service providers are located. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

As a condition of employment, Lemma-X employees are required to follow all applicable laws and regulations, including in relation to data protection law. Access to sensitive Personal Data is limited to those employees who need it to perform their roles. Unauthorised use or disclosure of confidential client information by a Lemma-X employee is prohibited and may result in disciplinary measures.

When you contact a Lemma-X employee about your file, you may be asked for some Personal Data. This type of safeguard is designed to ensure that only you, or someone authorised by you, has access to your file.

 

7. HOW LONG WE KEEP YOUR PERSONAL DATA 

How long we will hold your Personal Data for will vary and will be determined by the following cumulative criteria:

• the purpose for which we are using it – Lemma-X will need to keep your Personal Data for as long as is necessary for that purpose; and
• legal obligations – laws or regulation may set a minimum period for which Lemma-X has to keep your Personal Data.

 

8. YOUR RIGHTS 

Depending on applicable law where you reside, you may have the following rights in relation to your Personal Data:

• the right to obtain information regarding the processing of your Personal Data and access to the Personal Data which we hold about you; 
• the right to withdraw your consent to the processing of your Personal Data at any time. Please note, however, that we may still be entitled to process your Personal Data if we have another legitimate reason for doing so. For example, we may need to retain Personal Data to comply with a legal obligation; 
• in some circumstances, the right to receive some Personal Data in a structured, commonly used and machine-readable format and/or request that we transmit those data to a third party where this is technically feasible. Please note that this right only applies to Personal Data which you have provided directly to Lemma-X;
• the right to request that we rectify your Personal Data if it is inaccurate or incomplete;
• the right to request that we erase your Personal Data in certain circumstances. Please note that there may be circumstances where you ask us to erase your Personal Data, but we are legally entitled to retain it;
• the right to object to, or request that we restrict, our processing of your Personal Data in certain circumstances. Again, there may be circumstances where you object to, or ask us to restrict, our processing of your Personal Data but we are legally entitled to refuse that request; and
• the right to lodge a complaint with the relevant data protection regulator if you think that any of your rights have been infringed by us.

You can exercise your rights by contacting us using the details listed in Section 9 below. Further information about your rights may be obtained by contacting the supervisory data protection authority located in your jurisdiction. 

 

9. QUESTIONS AND CONCERNS 

For further information regarding the processing of your Personal Data by Lemma-X, this Privacy Policy or in order to exercise the rights mentioned above, please contact our data protection officer using the following contact details.

Address: 

Lemma-X DG Limited
Smith’s House – 6/7 St. Stephen’s Green – Dublin 2 D02X827
Ireland

Email Address: privacy@lemmax.com

We are usually able to resolve privacy questions or concerns promptly and effectively. If you are not satisfied with the response you receive from our data protection officer, you may escalate concerns to the applicable privacy regulator in your jurisdiction. Upon request, Lemma-X’s will provide you with the contact information for that regulator. If you reside in the EU, you can file a complaint with the International Centre for Dispute Resolution by phone at +1.212.484.4181, or through your relevant data protection authority.