Privacy Notice
‍

Bando will process certain Personal Data related to Data Subjects. "Personal Data" means any information relating to an individual and processed by us, including any information through which an individual can be identified or identifiable, directly or indirectly, which may include:
‍

Data Subjects directly provide us with most of their Personal Data we process, through Bandos's website https://bando.cool/ (hereinafter "Platform") as follows: We collect and process Personal Data when someone accesses or uses the Platform ("User") and when they enter into a contractual relationship with us. Sometimes we will obtain Personal Data from alternative sources, including but not limited to: other affiliates and service providers and government bodies where required by law (such as tax authorities). If the requested information is not provided, we may be unable to conduct certain business operations or comply with the applicable legislation.

Exceptionally, we might process sensitive information and only for limited and strictly defined purposes, such as equal opportunities monitoring and diversity monitoring and initiatives may involve us using race or ethnicity data such as information contained in the passport or other citizenship document.

Bando will not request sensitive personal data from the User that could have an impact on the most intimate aspects of them or that, if misused, could result in discrimination or pose a serious risk. Sensitive data includes racial or ethnic origin, current or future health status, genetic information, religious, philosophical, and moral beliefs, union affiliation, political opinions, and sexual preference, except for biometric data required for certain Users under specific circumstances, as described in the terms of use.
‍

We will process Personal Data for the primary purposes of:

Where relevant, we will only process Personal Data with an express prior consent of the Data Subjects.

By registering on the Platform with their email and, where applicable, phone number, the User agrees to receive emails, SMS, social media notifications, and notifications through known and future media, in general, any means that Bando may use to send information to the User. The User consents to receiving notifications related to the Platform, including follow-ups on operations performed, temporary suspension of access to the Platform or service, promotions, and information of interest, as well as any other information Bando deems necessary to communicate to the User concerning their legal relationship with the Platform. User agree and consent that Bando may share the User's Personal Data at any time and with any third party for the purpose of customer identification, identity verification (KYC processes) and to prevent and identify users or transactions related to Anti-Money Laundering and for the purposes of combating the financing of terrorism (AML/CFT). This provision applies from the time the User first interacts with Bando and the Platform, and shall remain in full force and effect for as long as Bando is legally obligated to perform periodic reviews regarding regulatory compliance and customer identification.

The User may choose to stop receiving strictly promotional emails and notifications at any time by clicking the unsubscribe link in all promotional emails. However, the User may not opt-out of receiving emails or notifications necessary for the correct functioning of the Platform or for the operations carried out by the User on the Platform.

In accordance with applicable law, by accessing and using the Platform and providing Personal Data to Bando, the User consents to the processing of such data under the terms outlined in this Notice.

We store most of Personal Data in our internal systems. We keep some data in a secure Google Cloud Service. Between Bando entities we only grant access to Personal Data on a need-to-know basis, necessary for the purposes for which such access is granted. In some cases, Bando uses third parties located in various countries to collect, use, analyse, and otherwise process Personal Data on its behalf. We tightly control access to the data to only members of the organisation that have a valid reason to access the information.

We maintain records of processing of Personal Data in accordance with the applicable laws.

Personal Data will be managed and processed according to Bando's general management to meet the primary purposes. However, not all Personal Data will be required from all Users or for all operations on the Platform; data collection depends on various factors, as described herein and in the terms of use of the Platform.

Personal Data will remain part of a database for the duration Bando considers necessary to achieve the purposes mentioned in this Notice and for the corresponding legal periods. After these periods, the Personal Data will be blocked and canceled for subsequent deletion. The blocking period will be equivalent to the prescription period of the legal actions arising from the legal relationship that founded the processing, as per the applicable law.

The User agrees to keep the data provided to Bando updated. The User will be responsible for any damage or harm caused to Bando or third parties as a result of false, inaccurate, outdated, or inauthentic information. Nonetheless, the collection of Personal Data may be limited or expanded depending on the type of operation performed by the User on the Platform, determined case by case.
‍

Additionally, Bando will process Personal Data for the following secondary purposes:

We may share Personal Data with our group entities and third-parties in accordance with the applicable laws. When we share Personal Data with a data processor, we will put the appropriate legal framework in place in order to cover data transfer and processing.

The Personal Data collected by Bando may be transferred to various third parties involved in the storage and processing of the User's information and documentation, as well as in identification processes, including biometric validation of Users. Personal data will not be transferred to other third parties, except in cases provided by law and related regulations, or when required for any process, for conducting transactions, or for maintaining the Platform's security. In cases of requests from competent authorities, these requests will only be fulfilled if they comply with the applicable legal requirements.
‍

We may outsource all or part of Personal Data processing to outsourcee. When executing an outsourcing agreement, the eligibility of the counterparty as an outsourcee is sufficiently investigated. Safety management measures, confidentiality, conditions for the outsourcee to outsource to another party, and other matters regarding the appropriate processing of the data are prescribed in the outsourcing agreement, and our outsourcees are appropriately supervised by implementing periodic monitoring, etc. of the outsourcing conditions.
‍

We may share Personal Data with all our corporate affiliates. In the event of a merger, corporate reorganisation, acquisition, joint venture, assignment, transfer, sale or disposition of all or any portion of our business (including in connection with any bankruptcy or similar proceedings), we may transfer any and all Personal Data to the relevant third party.
‍

It may be necessary, by law, legal process, litigation, and/or requests from public and relevant governmental authorities that we disclose Personal Data. We may also disclose Personal Data if we determine that, for purposes of national security, law enforcement, or other issues of public importance, disclosure is necessary or appropriate.

We may also disclose Personal Data if we determine in good faith that disclosure is reasonably necessary to protect our rights and pursue available remedies, enforce our internal regulations, investigate fraud, or protect our operations or users.

Bando has administrative, physical, and technical security measures, as well as access controls necessary to protect Personal Data from damage, loss, alteration, destruction, unauthorized use, access, or processing. The User is entirely responsible for the computer equipment, mobile devices, internet connection, and any other type of medium of access or device the User may use at their discretion to access the Platform. Bando will not be responsible for any unauthorized access, loss, interception, or any other situation related to the User's Personal Data that may be obtained by third parties as a result of using any of the previously mentioned means.
‍

Disclosures or sharing of Personal Data as described above may involve transferring Personal Data. For each of these transfers we make sure that we provide an adequate level of protection to the data transferred.
‍

We may share the minimum necessary amounts of Personal Data with the following third-party partners as required and applicable for statutory filings, benefits, and reporting, these include:
‍

There might be other third-party providers we will use in the future. If necessary, we will request the relevant Data Subjects' permission before releasing Personal Data to any other third-party.
‍

Bando takes the protection of Personal Data seriously and we intend to protect Personal Data and to maintain its accuracy. We process Personal Data in a manner that ensures such data undergoes appropriate security (including protection against unauthorised or unlawful processing and against accidental loss, destruction damage, unauthorised access, use and disclosure etc.) using appropriate technical or organisational measures to achieve this. We also require that our suppliers and providers protect such information from unauthorised access, use and disclosure.
‍

We would like to make sure that we inform Data Subjects of all data protection rights, such as:

For more information on how to exercise any of these rights, please contact us at email soporte@bando.cool. After receiving a request, we have one month to respond.

If the request lacks the required information and/or documentation, a request for clarification will be sent, allowing a maximum of 5 business days from the day after the clarification request is sent to provide the missing information, or the request will be considered not submitted.
‍

In the event anyone considers our processing of their Personal Data not to be compliant with the applicable data protection laws, a complaint can be lodged directly with Bando by contacting us via soporte@bando.cool or with the competent data protection authority.

In case of breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, Personal Data transmitted, stored or otherwise processed, we have the mechanisms and policies in place in order to identify it and assess the details of the breach promptly. Depending on the outcome of our assessment, we will make the necessary notifications to the supervisory authorities and communications to the affected Data Subjects.
‍

The Platform or other electronic platforms implemented by Bando on its website https://bando.cool/ may use "cookies" and "web beacons" for improved site performance and to help understand visitor preferences, thus making our Platform more user-friendly. For more information about the "cookies" and "web beacons" used, you can refer to our cookie policy, which can be found at the footer of the Platform.
‍

We may occasionally make changes to this Privacy Notice, as well as any other specific privacy statement. When making changes to this Privacy Notice we will add a new date at the top of this Privacy Notice. Any changes to this Privacy Notice will become effective upon posting of the revised Privacy Notice in the relevant section of our website. If we make changes which we believe are significant, we will inform the relevant Data Subjects and seek the Data Subjects' consent where applicable.
‍

In case of any questions related to this Privacy Notice, don't hesitate to contact us via email at soporte@bando.cool.