Effective date: 09.18.23
- Personal Information We Collect
- Cookies and Similar Technologies
- Use of Personal Information
- Sharing of Your Information
- Rights and Choices
- International Data Transfers
- Data Security
- Children’s Privacy
- Links to Other Websites and Services
- How to Contact Us
- Additional Information For European Users
1. Personal Information We Collect
We may collect Personal Information about you from various sources described below. Where applicable, we indicate whether and why you must provide us with your Personal Information, as well as the consequences of failing to do so. If you do not provide Personal Information when requested, you may not be able to benefit from our Services.
Information you provide to us directly
You may provide Personal Information directly to us, including:
- Contact information, such as your name, address, telephone number, and email address
- Profile information, such as the username and password you establish with the Services, trading data, transaction information
- Demographic details, such as date of birth, gender, country of citizenship and country of residence
- Information about your net worth and/or income, such as your stated net worth; stated current, historical, and expected future income; source(s) of income; and supporting documentation that you choose to submit (e.g., tax forms, tax returns, pay stubs, financial account statements, and information about your financial assets and liabilities)
- Government-issued identification numbers (to the extent permitted under applicable law), such as a national identification number (e.g., a Social Security Number, tax identification number, or passport number), state or local identification number (e.g., a Driver’s License or other government-issued identification number), or a copy of your government-issued identification card (including the photograph and signature)
- Information about your investment experience and preferences, such as investment objectives, investment experience, liquidity needs, and risk tolerance
- Information about your relationship to a company, such as your job title, your office address, and whether you are a beneficial owner or authorized signatory of the legal entity using our Services
- Feedback and correspondence recorded in any medium, such as information you provide when you request information from us, receive customer support, or otherwise communicate with us, including by interacting with our pages on social networking online sites or services
- Financial account information, such as your bank account details, credit card numbers, and cryptocurrency wallet addresses to use for billing, refunds or remittances, or other transactions with you
- Transaction information, such as details about financial transactions or investments you make with issuers using the technology services provided by Realio via our Website, including contracts you may execute (including by using your electronic signature)
- Marketing information, such as your preferences for receiving marketing communications and details about how you engage with our marketing communications
- Other information supplied by job applicants, such as professional credentials and skills, educational and work history, and other information of the type included on a resume or curriculum vitae
- Other Personal Information you provide to us when using our Services
- Any other personal information that we may be required to gather by law
Information that we receive from third parties
- Information about our users’ companies, such as Personal Information of the beneficial owners and authorized signatories of issuers raising funds or investing through our Services
- Information about our users’ spouses (or domestic partners), when relevant to an individual’s status as an accredited investor
- Information about joint account owners, such as information that is needed to open a joint account
- Information about our users’ professional or financial advisors, such as the name and contact information about our users’ lawyer, accountant, broker, or registered investment advisor, for purposes of verifying a user’s status as an accredited or sophisticated investor
- Information about past activities of our users’ affiliates that could comprise “bad acts” under U.S. federal securities laws
- Information about the employees of our customers, vendors, and partners, such as the business contact information that those customers, vendors and partners provide to us in the context of our contractual relationships with them
- Information about potential job candidates, such as when a recruiter contacts us about an individual who may become a candidate for a job at Realio
- Contact information of referrals submitted by our users
Information that we collect from vendors
We may receive information about you from our vendors. For example, we use vendors to verify the identity and accredited investor status of users of our Services and to perform KYC and AML checks. These vendors may provide us with information such as:
- Whether you or your company are on government lists of restricted persons (e.g., the OFAC list or other watch lists or sanctions lists)
- Whether there are adverse media reports regarding you or your company
- Whether you or your company qualifies as a “politically exposed person” (e.g., a government official or representative of an international organization) under applicable law
- Whether your Personal Information matches the information contained in the databases consulted by the vendors
- Whether you are an accredited investor per applicable law
The information we collect from vendors may include sensitive information (e.g., a criminal conviction for fraud) to the extent permitted under applicable law.
Information we collect from professional or financial advisors
If you request that we verify your accredited investor status through your professional or financial advisor, then that party may provide us with information about you, such as whether you meet the legal criteria to qualify as an accredited investor. Professional or financial advisors also provide us with information about themselves, such as their contact information and licensure information.
Information we collect from private and publicly accessible sources
We and our vendors may collect information about you that is publicly available, including from publicly accessible government lists of restricted persons, public databases, media, and internet searches (e.g., we may check an investor’s public LinkedIn profile to confirm his/her employment or source of income, we may do Google searches to corroborate public databases). We and or our third-party verification providers may also collect information about you from non-public databases of third parties to the extent permitted under applicable law.
Information we collect from our business partners and social media networks
Sensitive Personal Information
We ask that you neither send nor disclose any sensitive Personal Information (e.g., information revealing racial or ethnic origin, political opinions, religion or philosophical beliefs, trade union membership, genetic or biometric information, sexual orientation, or criminal convictions or offenses) in connection with our Services or otherwise.
Information collected via automated means
We, our service providers, and our business partners may collect Personal Information about you via automated means, such as cookies, web beacons, embedded scripts, location-identifying technologies, and similar technologies. The information that may be collected automatically includes your computer or mobile device operating system type and version number, manufacturer and model, device identifier, browser type, screen resolution, IP address, the website you visited before browsing to our Services, general location information such as city, state or geographic area; and information about your use of and actions on our Services, such as the pages you’ve viewed, how long you spent on a page, navigation paths between pages, information about your activity on a page, access times, and length of access. In addition, we collect this type of information when you read our HTML-enabled emails. Our service providers and business partners may collect this type of information over time and across third-party websites. Please refer to the Cookies and Similar Technologies section for more details.
2. Cookies and Similar Technologies
What are cookies?
A “cookie” is a text file that a website stores on a user’s device. Our Website may use both session cookies (which expire once you close your web browser) and persistent cookies (which stay on your computer or mobile device until you delete them or they otherwise expire) to provide you with a more personal and interactive experience on our Website.
We use two broad categories of cookies: (1) first party cookies, served directly by us to your computer or mobile device, which we use to recognize your computer or mobile device when it revisits our Website; and (2) third-party cookies, which are served by service providers or business partners on our Website, and can be used by such service providers or business partners to recognize your computer or mobile device when it visits other websites.
Types of cookies we use
Our Website uses the following types of cookies for the purposes set out below:
Type of Cookie
These cookies are essential to provide you with the Services available through our Website and to enable you to use some of its features. Without these cookies, our Services cannot be provided. We use these cookies only to provide you with those services.
These cookies allow our Website to remember the choices you make when you use our Website. The purpose of these cookies is to provide you with a more personal experience and to avoid you having to re-select your preferences every time you visit our Website.
Analytics and Performance Cookies
These cookies collect information about traffic to our Website and about how individuals use our Website. The information gathered may include the types of information described above in the section titled “Information collected via automatic means.” We use this information to help operate our Website more efficiently, to gather broad demographic information, to monitor the activity level on our Website, and to improve the Website.
We use Google Analytics, Heap Analytics, Amplitude, and Segment for this purpose. Google Analytics and Heap Analytics use their own cookies.
Targeted and advertising cookies
These cookies track your browsing habits to enable us and third-party advertising networks to deliver ads that may interest you. These cookies use information about your browsing history to group you with other users who have similar interests or browsing behavior. Based on the cookies that the third-party advertising network sets on our Website and other sites, advertisers can display advertisements that may be relevant to your interests on our Website and while you are on third-party websites.
You can typically remove or reject cookies via your browser settings. To do this, follow the instructions provided by your browser (usually located within the “settings,” “help” “tools” or “edit” menus). Many browsers are set to accept cookies until you change your settings.
For further information about cookies, including how to see what cookies have been set on your computer or mobile device and how to manage and delete them, visit www.allaboutcookies.org.
If you do not accept our cookies, you may experience some inconvenience in your use of our Website. For example, we may not be able to recognize your computer or mobile device, and you may need to log in every time you visit our Website.
Other technologies we use on our Website
In addition to cookies, our Website may use other technologies, such as pixel tags, to collect information automatically. Pixel tags (also known as web beacons and clear GIFs) are used on our Website and in our HTML-formatted emails to track the actions of users on our Website and interactions with our emails. Unlike cookies, which are stored on the hard drive of your computer or mobile device by a website, pixel tags are embedded invisibly on webpages or within HTML-formatted emails. Pixel tags are used to demonstrate that a webpage was accessed or that certain content was viewed, typically to measure the success of our marketing campaigns or engagement with our emails and to compile statistics about usage of the Website, so that we can manage our content more effectively.
Do Not Track Signals
Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not respond to “Do Not Track” signals. To find out more about “Do Not Track,” please visit www.allaboutdnt.com.
3. Use of Personal Information
To provide our Services
Realio may use your Personal Information for the following purposes in connection with providing our Services:
- to operate, evaluate, maintain, improve, and provide to you the features and functionality of our Services and our Website
- to manage identity verification and perform KYC and AML checks on our users
- to manage accreditation verification of our investors
- to process purchases and investments you make with issuers through our Services
- to communicate with you regarding your account with us, if you have one, including by sending you service-related emails or messages (e.g., account verification, change or updates to features of our Services, technical and security notices and alerts, and support and administrative messages)
- to provide and monitor the effectiveness of our Services
- to monitor aggregate metrics such as the total number of visitors, traffic, usage, and demographic patterns on our Website and analyze data about Website traffic
- to diagnose or fix technology problems
- to tailor our Services, content, and communications to you in order to provide you with a better experience
- to operate, evaluate and improve our business and develop new products and services, and
- for other purposes for which we provide specific notice at the time of the collection of the information
To manage our recruiting and process employment applications
We process Personal Information, such as information submitted to us in a job application, to facilitate our recruitment activities and to process employment applications, such as by evaluating a job candidate for an employment activity and by monitoring recruitment statistics.
To send you marketing communications
If you request information from us (such as signing up for our newsletter), register on the Website, or participate in our contests or promotions, we may send you Realio-related marketing communications, which may be tailored to you, as permitted by law. You will have the ability to opt out of such communications.
To comply with law
We use your Personal Information as we believe necessary or appropriate to comply with applicable laws, lawful requests, and legal processes, such as subpoenas or requests from government authorities.
With your consent
To create anonymous data for analytics
We may create anonymous data from your Personal Information and other individuals whose Personal Information we collect. We make Personal Information into anonymous data by excluding information that makes the data personally identifiable to you and use that anonymous data for our lawful business purposes.
For compliance, fraud prevention, and safety
4. Sharing of Your Information
We may share Personal Information with our headquarters and affiliates, other companies and brands owned or controlled by Realio and other companies owned by or under common ownership with Realio, which also includes our subsidiaries (i.e., any organization we own or control) or our parent companies (i.e., any organization that owns or controls us) and any subsidiaries that they own. Our limitation on how Personal Information is shared also applies to our affiliates.
We engage certain trusted third-parties to perform functions and provide services to us (e.g., verification providers, website hosting providers and other parties who assist us in operating our Website, conducting our business, managing our marketing campaigns and mailings, performing tax and accounting activities, performing analytics, or serving our customers). We may share your Personal Information with these third parties but only to the extent necessary to perform these functions and provide such services. We also require these third parties to maintain the privacy and security of the Personal Information they process on our behalf.
We may disclose Personal Information to the issuer of an investment in which you have signed a subscription agreement or otherwise invested. For example, we may disclose information such as name and contact details, Social Security Number or tax identification number, and results of investor verification and confirmation that an investor is eligible to participate in the offering. An issuer typically needs this information for its own legal compliance and to maintain its ledger of investors. However, we do not control how an issuer uses the Personal Information that we provide to it.
We may disclose Personal Information to our auditors, accountants, attorneys, CPAs, and other professional advisors, insurance companies and brokers, and financial institutions in the course of the professional services that they render to us. If Realio is involved in a merger, acquisition, financing due diligence, reorganization, bankruptcy, receivership, sale of Realio assets, or transition of service to another provider, Personal Information may be disclosed or transferred as part of such a transaction as permitted by applicable law or contract. We may also disclose Personal Information to third parties as required by law or subpoena or if we reasonably believe that such action is necessary (a) to comply with applicable law and the reasonable requests of law enforcement; (b) to protect the security or integrity of our Website or Services; or (c) to exercise or protect the rights, property, or personal safety of Realio, our visitors, or others, including by protecting, investigating and deterring against fraudulent, harmful, unauthorized, unethical or illegal activity, and by enforcing the terms and conditions that govern our Website or Services.
5. Rights and Choices
In this section, we describe the rights and choices available to all users. Users who are located within Member States of the European Union, countries in the European Economic Area, the United Kingdom, and Switzerland (collectively, “Europe” or “European”) may read additional information about their rights here.
You can opt out of receiving marketing email communications from us by clicking on the unsubscribe link provided in such communications. We make every effort to process all unsubscribe requests promptly. You may continue to receive administrative messages from us, such as purchase confirmations, updates to our terms and conditions, and other policies.
Information Collected via Automated Means
If you would prefer not to accept cookies, most browsers will allow you to (i) change your browser settings to notify you when you receive a cookie, which lets you choose whether or not to accept it; (ii) disable existing cookies; or (iii) set your browser to reject cookies automatically. Please note that blocking or disabling cookies may negatively impact your experience using the Website, as some features and services on our Website may not work properly. Depending on your mobile device and operating system, you may not be able to delete or block all cookies. You may also set your email options to prevent the automatic downloading of images that may contain technologies that would allow us to know whether you have accessed our email and performed certain functions with it.
Modifying or deleting your information
If you have any questions about reviewing, modifying, or deleting your information, or if you want to remove your name or comments from our website or publicly displayed content, you can contact us directly at email@example.com. We may not be able to modify or delete your information in all circumstances.
Targeted online advertising
Some of the business partners that collect information about users' activities on our Website may be members of organizations or programs that provide choices to individuals regarding the use of their browsing behavior or mobile application usage for purposes of targeted advertising.
Users may opt out of receiving targeted advertising on websites through members of the Network Advertising Initiative by clicking here or the Digital Advertising Alliance by clicking here. European users may opt out of receiving targeted advertising on websites through members of the European Interactive Digital Advertising Alliance by clicking here, selecting the user’s country, and then clicking “Choices” (or a similarly titled link). Please note that we also may work with companies that offer their own opt-out mechanisms and may not participate in the opt-out mechanisms that we linked above.
If you choose to opt out of targeted advertisements, you will still see advertisements online, but they may not be relevant to you. Even if you choose to opt out, not all companies that serve online behavioral advertising are included in this list. As such, you may still receive some cookies and tailored advertisements from companies that are not listed.
Automated Decision-Making and Profiling
Information collected from you will be associated with your user account and may be used to identify your “profile” for purposes of targeting future marketing and other communications. Information that can be used for this purpose includes information collected automatically (e.g., the metadata associated with your IP address, including your location and time zone). It may also include information that you have provided to us in connection with registering or (unless you have specifically opted out) qualifying to make an investment. The purpose of “profiling” is to tailor our marketing.
Choosing not to share your Personal Information
Where we are required by law to collect your Personal Information or where we need your Personal Information to provide services or the Website to you, we may not be able to provide you with our services if you do not provide this information when requested (or if you later ask to delete it). We will tell you what information you must provide to receive our Services by designating it as required on or through our Services or through other appropriate means.
6. International Data Transfers
Realio is headquartered in the United States. It has service providers in the U.S. and in other countries, and your Personal Information may be transferred to the United States or other locations outside of your state, province, country, or other governmental jurisdiction where privacy laws may not be as protective as those in your jurisdiction.
European users should read the important information provided here about the transfer of Personal Information outside of Europe.
7. Data Security
We care about the security of your information and employ physical, administrative, and technological safeguards designed to preserve the integrity and security of all information collected through our Website. These measures are designed to appropriately protect Personal Information against accidental or unlawful destruction, accidental loss, unauthorized alteration, unauthorized disclosure or access, misuse, and any other unlawful form of processing of the Personal Information in our possession. However, no security system is impenetrable, and we cannot guarantee the security of our systems or your Personal Information.
We also cannot be responsible for data breaches that occur for reasons unrelated to our custody of the data. For example, this may occur if you use passwords without sufficient complexity, fail to protect the confidentiality of passwords, or fail to contact us after detecting unauthorized access to your account.
Lastly, we cannot be responsible for data breaches that occur during transmission to or from our custody via telecommunication channels (such as email or text).
8. Children’s Privacy
We do not knowingly collect or solicit any information from anyone under the age of 16 on our Website. In the event that we learn that we have inadvertently collected Personal Information from a child under the age of 16, we will delete that information as quickly as possible. If you believe that we might have any information from a child under 16, please contact us at firstname.lastname@example.org.
9. Links to Other Websites and Services
The Website may contain links to and from third-party websites of our business partners and social media sites, and our users may post links to third-party websites. If you follow a link to any of these websites, please note that these websites may have their own privacy policies and that we do not accept any responsibility or liability for their policies. We strongly recommend that you read their privacy policies and terms and conditions of use to understand how they collect, use, and share information. To the extent any features or linked websites you visit are not owned or operated by Realio, we are not responsible for the privacy policies or practices of those third parties.
10. How to Contact Us
12. Additional Information for European Users
Realio Technology, Ltd. is the “controller” for the processing of your Personal Information for purposes of the GDPR. See the “Contact Us” section above for our contact details.
Legal bases for processing
We use your Personal Information only as permitted by law. We are required to inform you of the legal bases of our processing of your Personal Information, which are described in the table below. If you have questions about the legal basis of how we process your Personal Information, contact us at email@example.com.
To provide our Services
Processing is necessary to perform the contract governing our provision of our Services or to take steps that you request prior to signing up for our Services.
To communicate with you
To manage our recruiting and process employment applications
To create anonymous data for analytics
For compliance, fraud prevention and safety
These processing activities constitute our legitimate interests. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Information for our legitimate interests. We do not use your Personal Information for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). In addition, we only rely on our or a third party’s legitimate interests to process your Personal Information when these interests are not overridden by your rights and interests.
To comply with law
Processing is necessary to comply with our legal obligations
Any other purposes
Your specific consent will be obtained when processing is done for any other purpose than those listed above. Where we rely on your consent, you have the right to withdraw it anytime in the manner indicated in our Services or by contacting us at firstname.lastname@example.org.
We, or a third-party verification provider, may perform automated identification, KYC, AML checks and verifications of your financial status, which may lead to an automated refusal of access to our Services. These checks are necessary for entering into or performing a contract with you; and are authorized by relevant law, e.g., to prevent fraud. If you believe that you have been wrongfully refused access to our Services, you may contact us at email@example.com; we will review the information you provide.
Use for new purposes
We will retain your Personal Information only for as long as necessary to fulfill the purposes for which we collected it, including for the purposes of satisfying any legal, accounting, or reporting requirements.
To determine the appropriate retention period for Personal Information, we consider the amount, nature, and sensitivity of the Personal Information, the potential risk of harm from unauthorized use or disclosure of your Personal Information, the purposes for which we process your Personal Information, whether we can achieve those purposes through other means, the applicable legal requirements, and the statute of limitations.
When we no longer require the Personal Information we have otherwise collected about you, we will dissociate such information from the information attached to your content. In some circumstances, we may anonymize your Personal Information (so that it can no longer be associated with you), in which case we may use this information indefinitely without further notice to you.
Depending on where you live, local law may afford you specific rights with respect to your Personal Information. If you live in a jurisdiction subject to the GDPR, you may ask us to take the following actions. If we are not required by law to accept your request, we may decline it at our sole discretion.
- Withdraw consent. At any time, withdraw any consent you previously provided to us. We will apply your preferences going forward and this will not affect the lawfulness of the processing before your consent withdrawal.
- Access. Provide you with information about our processing of your Personal Information and give you access to your Personal Information. This includes the right to request a copy of your Personal Information; we may charge you a small fee for this service.
- Correct. Correct inaccuracies or omissions in your Personal Information.
- Delete. Delete your Personal Information, under certain conditions.
- Transfer. Transfer a readily accessible copy of your Personal Information to you or a third-party of your choice under certain conditions.
- Restrict. Restrict the processing of your Personal Information, under certain conditions
- Object. Object to our reliance on our legitimate interests as the basis of our processing of your Personal Information under certain conditions.
You can submit these requests by email to firstname.lastname@example.org or our postal address provided above. We may request specific information from you to help us confirm your identity and process your request. Applicable law may require or permit us to decline your request. If we decline your request, we will tell you why, subject to legal restrictions. If you would like to submit a complaint about our use of your Personal Information or respond to your requests regarding your Personal Information, you may contact us as described above or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Cross-Border Data Transfer
Whenever we transfer your Personal Information out of Europe to countries not deemed by the European Commission to provide an adequate level of Personal Information protection, the transfer will be conducted as follows:
- Pursuant to the recipient’s compliance with standard contractual clauses, EU-US Privacy Shield, or Binding Corporate Rules
- Pursuant to the consent of the individual to whom the Personal Information pertains
- As otherwise permitted by applicable European requirements.
In determining whether further procedures are necessary before transferring your Personal Information to countries outside of Europe, we will rely exclusively on the European Commission’s decision as to the adequacy of data protection in those countries.
Please contact us if you want further information on the specific mechanism used by us when transferring your Personal Information out of Europe.
Company: Realio Technology, Ltd.