1. Preamble

Please carefully read this Privacy Policy (“Privacy Policy” or "Policy"), which governs when and how Ammer Technologies AG collects, stores, processes, uses and discloses information, when you visit the Website, download any App, use the Services within the infrastructure or when you otherwise interact with us for a purpose related to the Services.

This Privacy Policy shall constitute, as added, amended, modified, supplemented or restated from time to time, a binding agreement between you and the Company as part of the Terms and Conditions (as defined below).

We encourage you to read this Policy carefully as it forms part of the relevant Company Parties’ terms and conditions, terms of business and/or terms of use, as the case may be and as it contains information about the treatment of your personal data and your rights under the Data Protection Law.

2. Definitions

In addition to the definitions contained elsewhere in the text of this Policy, the following terms and expressions shall have the following meaning ascribed to them for use in this Policy:

“Affiliate” means, with respect to any person, any other person directly or indirectly controlling, controlled by or under common control with such person.

“App” means any application owned and operated by the Company or its Affiliate, published by the Company to be available for download through Apple App Store, Google Play store or other application platforms (if applicable). This definition also may include any Desktop Version (if applicable).

"Company Parties" means the Company and its respective past, present and future employees, officers, directors, contractors, consultants, attorneys, accountants, financial advisors, equity holders, parent companies, subsidiaries, Affiliates, agents, representatives, predecessors, successors and assignors. A "Company Party" means one of the foregoing, as the case may be.

“Data Protection Law” means any applicable law relating to the processing of Personal Data and/or privacy, including the Swiss Federal Act on Data Protection, as amended from time to time and the GDPR when and if applicable.

"EU Persons" means individuals (natural persons) who are the citizens of the countries with membership in the European Union.

“Terms and Conditions” means the terms and conditions promulgated by the Company for the purpose of governing the relationships between the Company and the User in relation to the Services provided by the Company.

"GDPR" means the Regulation (EU) 2016/679 of the European Parliament and the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation).

"Personal Data" means any information relating to an identified or identifiable natural person (data subject); an identifiable natural person is a natural person who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

"Processing" means any operation or set of operations performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction. "Process", "Processed" and other similar terms shall be construed accordingly.

“User”, “your” or “you” means the person or persons, using the Website or the App or using the Services of the Company.

“Ammer Technologies”, “Ammer Tech”, “we”, “us”, “our” or “the Company” means Ammer Technologies AG, the company registered under the laws of Switzerland with registered number CHE-172.069.385, located at Feldhof 3, 6300 Zug, Switzerland.

“Website” means https://ammer.tech, https://ammer.app, https://ammer.cards, https://ammer.cash owned and operated by the Company or its Affiliates.


All capitalized terms not otherwise defined in this Policy shall have the meanings ascribed to them in section 1 of the Terms and Conditions.

3. Age of Consent

By visiting or Website, downloading and using our App, you represent that you are at least the age of majority in your state or province or country of residence, or that you are the age of majority in your state or province or country of residence and you have given us your consent to allow any of your minor dependents to use our Services.

4. Data Collected

We collect the following data:

When you purchase something from us or receiving our products as a gift, we collect the Personal Data you give us: your name and surname, email address, address or mobile phone number and any other useful information that allow us to send you the purchased or presented product.

When you browse our Website, we may receive your device’s internet protocol (IP) address in order to learn about your browser and operating system and improve user experiences.

After purchasing or receiving a product, we may send you emails about important security notices, new products, and updates from the Company.

When you use the App, the App collects some information from you, e.g., your device technical specifications.

5. Purpose and Legal Grounds for Personal Data Processing

The purpose of Personal Data collection, storage and processing shall be the identification of the User.

We Process your Personal Data on the basis that it is:

• necessary for the performance of a contract, therefore, if we have a contract with you, we will process your Personal Data in order to fulfil that contract (in particular, to provide you with the Services);
• authorized by your Consent, which you give us as it is set out in Section 6 (Consent to Personal Data Processing) hereof;
• necessary for compliance with our legal obligations, in particular, when we are obliged to respond to a court order or a regulator;
• necessary for performing our legitimate interests; or
• permitted by applicable legislation, if the respective legal ground for Personal Data Processing is
• not mentioned in, or contradicts, the provisions of this Policy.

You are welcome to contact us for further information on the legal grounds that we rely on in relation to any specific Processing of your Personal Data.

We do not knowingly and deliberately collect personally identifiable information from children and any person under the age of 18 for the reason that the use of the Services is not allowed for a person under the age of at least 18 years.

We may Process the Personal Data for a number of legitimate interests, including: to provide and improve the Services, administer our relationship with you and our business, for marketing purposes and in order to exercise our rights and responsibilities. In particular, we may Process the Personal Data for the following purposes:

• provide technical and customer support and training, verify your identity and send important account, subscription and Service information;
• we analyse the way you use our Services to make suggestions to you for features or Services that we believe you will also be interested in, and so that we can make our Services more user-friendly;
• providing, maintaining, delivering or improving the Website, the Apps, the Services or other products or services provided through the Website or the Apps;
• personalize your experience with our Services: we may retain your browsing and usage information to make your searches within our Services more relevant and use those insights to target advertising to you online on our Website or Apps;
• contact you in relation to, and conduct, surveys or polls you choose to take part in and to analyse the data collected for market research purposes;
• verifying that you are a unique individual or entity;
• answering your enquiry or responding to a communication from you;
• conduct internal research and development, as well as improve, test and enhance the features and
• functions of our Services;
• provide you with marketing materials as permitted by law;
• meet our internal and external audit requirements, including our information security obligations;
• exercise, protect and/or enforce our rights, privacy, safety, networks, systems and property, or those
• of other persons;
• prevent, detect or investigate a crime, fraud or other breach of law or requirement;
• prevent or detect any loss incurred by the Company or third persons;
• comply with requests from courts, law enforcement agencies, regulatory agencies and other public
• and government authorities, including where they are outside your country of residence;
• defend the Company and Company parties from claims;
• comply with laws and regulations that apply to us or third parties with whom we work.

Where we rely on legitimate interests as a lawful ground for Processing your Personal Data, we balance those interests against your interests, fundamental rights and freedoms. For more information on how this balancing exercise has been carried out, please contact us by sending an e-mail to: info@ammer.cards.

6. Consent to Personal Data Processing

§1. EU Persons Consent to Personal Data Processing

• If you are an EU Person and to Process your Personal Data we need to receive your consent, as it is prescribed by the GDPR, we will process your Personal Data only in the case that we have received from you a freely given, specific, informed and unambiguous indication of your wishes by which you signify agreement to the processing of your Personal Data ("Consent").
• You may give your Consent as per requirements of the GDPR by the way of opt-in consent, including by ticking a box when visiting the Website and/or the App or otherwise upon the configuration of the particular interface. In the case you tick the respective box or otherwise, you irrevocably and unconditionally consent and agree that the Company and/or the Company Parties shall be entitled to Process your Personal Data as it is indicated in your Consent.
• Your Consent covers all Processing activities with your Personal Data carried out for the same purpose or purposes. When the Processing has multiple purposes, your Consent should be deemed given for all of them.
• You have the right to withdraw your Consent at any time. You can submit such request by sending us an e-mail to: info@ammer.cards. Your withdrawal of Consent shall not affect the lawfulness of your Personal Data Processing based on Consent before its withdrawal. For the avoidance of doubt, we may not have the possibility to withdraw your Consent if your Personal Data was provided by you to an independent third party, e.g., Telegram.
• Except as required or enabled by law (including, for the avoidance of doubt, the laws of the member states of the European Union), we will not use or disclose your Personal Data for any purpose for which you refuse Consent or later withdraw your Consent. If you withdraw Consent, you agree that in spite of this withdrawal, we may continue to use this Personal Data previously provided to us to the extent that we are contractually or otherwise legally obliged to do so and to the extent necessary to enforce any contractual obligation you may have towards the Company or in any other way permitted by law. You also understand that we need certain Personal Data, including data linked to the fact of payment or involving an ongoing relationship with our partners. If you refuse to provide us with Personal Data we require or later withdraw your consent, we may no longer be able to maintain any contractual relations with you.

§2. Non-EU Persons Consent to Personal Data Processing

If you are not an EU Person, by transferring to us your Personal Data you irrevocably and unconditionally consent and agree that the Company shall be entitled, in accordance with this Policy to Process in any manner, including to collect, store, use, disclose, share and transfer (including cross-border), your Personal Data provided to us.

7. Disclosure of Personal Data

The Company treats Personal Data as confidential and may not pass on or use any such data without valid legal grounds.
We will only disclose your Personal Data in the following ways:

• with your Consent or at your instruction;
• to our current or future Company Parties and to other companies under common control or ownership with us or our offices internationally;
• to third parties or service providers that perform work for us;
• to partner financial institutions (if applicable) in the process of business of the Company;
• in connection with a merger or sale of our company assets, or if we do a financing or are involved in an acquisition, or any other situation where Personal Data may be disclosed or transferred as one of our business assets;
• in response to a request for information if we believe disclosure is in accordance with, or required by, any applicable law, regulation or legal process;
• if we believe your actions are inconsistent with our user agreements, policies or legislation, or to protect the rights, property and safety of any assets of the Company Parties or third parties;
• to third parties where aggregated Personal Data is disclosed which cannot reasonably be used to identify you.

Company Parties may without limitations share aggregated or de-identified information, which cannot reasonably be used to identify you.

8. Transmission of Personal Data

The transmission of Personal Data or any other information (including communications by e-mail) over the Internet or other publicly accessible networks is not one hundred percent secure. Company Parties are not liable for the security of any Personal Data or any other information you are transmitting over the Internet, or third-party content.

Transmission of Personal Data of EU Persons to recipients, both internally or externally, is subject to the authorization requirements and pursuant to the defined purposes. Personal Data of EU Persons transmitted to a recipient outside the European Economic Area must be subject to protection at least equivalent to that sought by the GDPR. Intragroup transfers of Personal Data of EU Persons to third countries are subject to the safeguards provided by the legislation requirements.

9. Protection of Personal Data. Security Measures

We take appropriate security, organizational and technical measures to protect any Personal Data you provide regarding the collection, storage and Processing of Personal Data.

Personal Data is safeguarded from unauthorized access and unlawful Processing or disclosure, as well as accidental loss, modification or destruction, through state-of-the-art technical and organizational measures. These are adjusted and updated continuously to reflect technical developments and organizational changes. Additionally, Personal Data protection audits and other controls are carried out on a regular basis.

We take reasonable steps to protect the security of the Personal Data. However, no computer security system is entirely secured and the Internet is not one hundred percent secure method of transmitting information. As a result, we do not assume any responsibility for the Personal Data for the integrity of the Personal Data sent over the Internet, and we cannot and do not guarantee that information communicated by you to us or sent to you by us will be received, or that it will not be altered before or after its transmission to us. You agree to not hold any Company Party liable for any loss or damage of any sort incurred as a result of any misappropriation, interception, modification, deletion, destruction or use of information provided through the Internet.

Personal Data provided to us is stored in accordance with applicable laws of the jurisdiction of the Company. The period for which the Personal Data will be stored is determined by the applicable laws of the jurisdiction of the Company. The Company has ensured that appropriate security standards are in place regarding the safeguarding, confidentiality and security of Personal Data.

10. Retainment of Information

In accordance with applicable laws the Company may hold your Personal Data. This requirement is conditioned by the need to comply with legal obligations and resolve possible disputes.

The Company may retain your Personal Data until it is indispensable for the Company to have relevant information to respond to any issues that may arise later.

11. EU Persons' Rights
The Company values the protection of all users' rights relating to their Personal Data; hence, the Company is committed to making sure you can exercise your respective rights effectively and free of charge. The Company will ensure each of your requests related to your Personal Data to be reviewed in a timely fashion. You shall be informed that the Company will require you to verify your identity before responding to any requests to exercise your rights.
EU Persons shall acknowledge, that their rights relating to Personal Data are provided in the GDPR and other applicable laws of the member states of the European Union. In particular, EU Persons have the following rights relating to their Personal Data:

• right to access. You can request access to your Personal Data and obtain a copy of such Personal Data in a reasonable format to you (e.g., PDF, DOC, DOCX). You can submit such request by sending an e-mail to: info@ammer.cards. After your request is received, our privacy team reviews the form and conducts requestor's identity verification without undue delay. Upon successful verification, you are provided with a copy of your Personal Data;
• right to data portability. You have the right to receive your Personal Data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another service provider (controller) without hindrance from us;
• right to erasure ("Right to be forgotten") and right to rectification. You are entitled to request erasure or rectification of your Personal Data by sending us a respective request to info@ammer.cards. We will handle requests for Personal Data to be rectified or deleted, unless there is a legal requirement that prohibits such request to be fulfilled. When your request is fulfilled, you will be informed that your Personal Data has been changed or erased and is no longer being collected, however, to fulfil our legal requirements the Company will store information about each requestor for the purposes of providing an evidence that a request has been fulfilled;
• right to object. At all times, you are entitled to object to Processing of your Personal Data. Right to object can be exercised by sending an e-mail to info@ammer.cards. Upon receipt of the request, the Company ceases the Processing, unless there is a legal or statutory ground for such Processing;
• right to be informed. If you are enquiring about Processing activities conducted with respect to your Personal Data, the Company, without undue delay, will provide information about: (i) purposes of Processing; (ii) categories and types of Personal Data; (iii) retention period; (iv) source of the relevant Personal Data; (v) privacy rights and information on Data portability. However, all information about the categories of Personal Data and Processing conducted by Company is available in this Policy;
• right to opt out. You have the right to opt out of newsletters, marketing communications or notifications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt out" link in the marketing e-mails we send you. To opt out of other forms of marketing, please contact us by e-mailing info@ammer.cards; and
• the right to lodge a complaint with a supervisory authority. Supervisory authority means an independent public authority which is established by an EU member state pursuant to Article 51 of the GDPR.

If we have collected your information by obtaining your consent, you also have the right at any time to withdraw that consent by contacting us, provided however that, in case you remain a User of the Services, you will not be able to withdraw your consent for all the data in general, denying us to hold any of your information at all.
You should be informed that some information may not be rectified or deleted due to mandatory AML/CFT requirements.

12. Automated Decision-Making

We do not envisage that any decisions will be taken about you using fully automated means.

13. Data Protection Officer

The Company has appointed an expert on data privacy who works independently to ensure that the Company is adhering to the policies and procedures set forth in the Data Protection Law (data protection officer). The data protection officer assists the Company in monitoring internal compliance, informs and advises on data protection obligations, provides advice regarding data protection impact assessments (DPIAs) and acts as a point of contact for data subjects and supervisory authorities.

The contact information of the Data Protection Officer is dpo@ammer.cards.

14. Third-Party Service and Links

Third-party service providers, such as blockchain explorers, payment gateways and payment transaction processors, have their own privacy policies in respect to the information we are required to provide to them in order to fulfill our services to you. We recommend that you read their privacy policies so you can understand how your personal information will be handled by them.

Third-party service providers may be located in or have facilities that are located a different jurisdiction than either you or us. In this case, your information may become subject to the laws of the jurisdiction(s) in which that service provider or its facilities are located.

Once you leave our App or Website or are redirected to a third-party website or application, you are no longer governed by this Privacy Policy or our Terms and Conditions.

When you click on links in our App or Website, they may direct you to a third-party website. We are not responsible for the privacy practices of other sites and encourage you to read their privacy statements.

15. Changes to this Privacy Policy

We reserve the right to modify this Privacy Policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the Website and/or through the App.