Login
Login

Privacy Policy of NFTake.com

Effective Date: June 11, 2025

Last Updated: July 24, 2025

NFTake SIA, a company incorporated in accordance with the laws of the Republic of Latvia, with its registered address in Riga, Latvia ("NFTake", "we", "us", or "our"), is committed to protecting the privacy and personal data of individuals who use or interact with its non-custodial digital asset platform, available at www.nftake.com, and its related services. This Privacy Policy outlines how NFTake collects, uses, stores, shares, and protects the personal data of users ("you" or "your") in accordance with applicable data protection legislation, including the General Data Protection Regulation (EU) 2016/679 ("GDPR"), the Latvian Personal Data Processing Law, the California Consumer Privacy Act ("CCPA") and any other applicable regulations concerning privacy and personal data protection in the jurisdictions in which we operate.

This Privacy Policy forms an integral part of our Terms of Service and applies to all personal data we collect through our website, smart contract interfaces, connected wallet services, customer service communications, and any other interactions you may have with us, whether online or offline. By using our platform and services, you confirm that you have read and understood this policy and consent to the practices described herein.

1. Data Controller and Contact Information

NFTake SIA is the controller of your personal data for the purposes described in this Privacy Policy. We have designated a Data Protection Officer (DPO) responsible for overseeing our compliance with applicable data protection laws and for addressing questions or concerns regarding your personal data.

If you wish to exercise your data protection rights or have any questions regarding this Privacy Policy or our data practices, you may contact our DPO at:

Email: [email protected]

2. Categories of Personal Data Collected

NFTake collects personal data that is either directly provided by you, automatically collected during your use of our services, or received from third-party sources. We ensure that the scope of the data collected is limited to what is necessary for the lawful purposes described in this Policy.

2.1 Data Provided by You

We may collect the following categories of personal information that you provide voluntarily:

  • Full legal name, username, and contact information such as email address and telephone number.
  • Government-issued identification (e.g., passport, national identity card, driver’s license) and biometric data (e.g., facial scan) used for identity verification.
  • Residential address and supporting proof of residence documentation (e.g., utility bills, bank statements).
  • Wallet addresses for public blockchain interactions, including NFTs that are minted, purchased, or sold via the platform.
  • Information related to NFT listings, such as digital artwork files, project metadata, associated descriptions, and social media links.
  • Any information contained in correspondence between you and NFTake, including support tickets, survey responses, and messages sent through our communication channels.

2.2 Data Collected Automatically

When you access or interact with the platform, we automatically collect certain information, including:

  • Technical information about your device, including IP address, browser type and version, device operating system, language settings, and screen resolution.
  • Log data reflecting usage patterns and interactions with the platform, such as page views, actions taken, timestamps, and clickstream data.
  • Public blockchain data derived from your wallet address and associated transactions that interact with smart contracts on supported networks.

2.3 Data from Third Parties

We may receive personal data from external service providers and public sources, such as:

  • Identity verification providers conducting KYC and AML compliance checks.
  • Payment processors and financial institutions interacting with your transactions.
  • Blockchain analytics providers that assist us in assessing wallet risk scores or ensuring fraud prevention.
  • Marketing affiliates and social media platforms if you interact with our brand via external campaigns or link your social accounts.

3. Purposes and Legal Bases for Data Processing

NFTake processes your personal data only when there is a lawful basis to do so under applicable regulations. The legal bases and purposes include, but are not limited to, the following:

3.1 Performance of a Contract

  • To enable you to register an account and connect your cryptocurrency wallet.
  • To facilitate the creation, listing, purchase, sale, and transfer of NFTs.
  • To manage user transactions and track activity related to NFT ownership and provenance.

3.2 Compliance with Legal Obligations

  • To fulfill anti-money laundering (AML), know-your-customer (KYC), and sanctions screening obligations under applicable laws.
  • To detect, investigate, and report potentially suspicious activities.
  • To retain data in accordance with financial services regulatory requirements and cooperate with competent authorities when lawfully required.

3.3 Legitimate Interests

  • To improve, monitor, and maintain the functionality, performance, and security of our platform.
  • To develop and enhance our services based on user behavior and feedback.
  • To protect our legal rights and defend against fraud or misuse of the platform.

3.4 Consent

  • To send you marketing communications, event invitations, or newsletters, provided that you have opted in to receive such communications.
  • To use certain cookies and tracking technologies that are not essential to the operation of the site.

Where processing is based on your consent, you may withdraw your consent at any time by adjusting your preferences in your user account settings or contacting us at the email address provided above.

4. Biometric Data Processing

If you are required to undergo identity verification using biometric data, such as a facial scan, this information will be collected and processed solely for the purpose of verifying your identity and ensuring regulatory compliance. NFTake does not use biometric data for profiling, marketing, or any purpose other than lawful identity verification.

Biometric data will be handled in accordance with applicable biometric data protection requirements and deleted securely after it is no longer required for compliance or auditing purposes. Access to biometric data is strictly limited to authorized personnel and contracted service providers under confidentiality and data processing agreements.

5. Cookies and Technical Tracking

We use cookies and similar technologies to recognize your browser or device, enhance your experience on our platform, understand how our services are used, and improve overall functionality. These technologies may include session cookies, persistent cookies, pixel tags, and web beacons.

You may manage cookie preferences via your browser settings. Please note that disabling certain cookies may limit the functionality of some platform features.

6. Data Sharing and Disclosures

NFTake does not sell personal data to third parties. We share personal data with trusted recipients solely for the purposes outlined in this policy and only to the extent necessary. Categories of recipients include:

  • Service providers performing identity verification, data hosting, analytics, and customer support.
  • Financial institutions, payment service providers, and blockchain compliance tools.
  • Affiliates and subsidiaries of NFTake for internal administrative and service purposes.
  • Regulatory authorities, tax agencies, law enforcement, or other governmental bodies when required by law or court order.
  • Potential buyers or investors in the event of a corporate transaction, such as a merger, acquisition, or restructuring.

We ensure that all recipients of personal data are contractually bound to protect the data in a manner consistent with our obligations under applicable laws.

7. Data Security Measures

NFTake takes the protection of your personal data seriously and implements appropriate technical and organizational measures designed to prevent unauthorized access, loss, misuse, alteration, or destruction of the data under our control. We maintain a security framework aligned with industry best practices and regulatory expectations for platforms operating in the blockchain, financial services, and technology sectors.

All data transmitted between your device and our servers is protected using secure encryption protocols (e.g., TLS/SSL). Personal data stored in our systems is encrypted at rest using robust cryptographic algorithms. Our platform infrastructure is hosted in secure data centers with multi-layered access control systems, intrusion detection, firewalls, and continuous monitoring.

Access to personal data is strictly limited to authorized employees, contractors, or third-party service providers who require the information for the purposes set out in this Privacy Policy. These individuals are subject to contractual confidentiality obligations and are trained in the proper handling of personal data.

We also conduct regular audits, risk assessments, and penetration testing to evaluate the effectiveness of our security controls. In the event of a personal data breach that is likely to result in a high risk to your rights or freedoms, we will notify you and the appropriate supervisory authority without undue delay, as required by applicable data protection law.

Despite these precautions, no method of transmission over the internet or method of electronic storage is completely secure. Users are also responsible for implementing strong password practices, securing their personal wallets and private keys, and avoiding phishing attempts or unauthorized account access.

8. Data Retention Policy

NFTake retains personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the provision of services, performance of contracts, fulfillment of legal obligations, and exercise or defense of legal claims.

Data retention periods are determined based on the following criteria:

  • The nature and sensitivity of the data
  • The legal basis under which the data was collected and processed
  • Statutory requirements under applicable AML/KYC, tax, and financial reporting laws
  • The existence of ongoing legal claims, regulatory inquiries, or audit obligations
  • Whether the data is reasonably required for future dispute resolution or risk mitigation

For example, data collected for customer due diligence purposes is generally retained for a minimum of five (5) years following the termination of the customer relationship, in line with anti-money laundering laws. Transactional records may be retained for up to ten (10) years where required under applicable tax or accounting regulations.

When personal data is no longer necessary for the purposes for which it was processed, or when the applicable retention period has expired, it will be securely deleted, anonymized, or pseudonymized in accordance with our internal data disposal protocols.

9. International Data Transfers

As a globally accessible platform, your personal data may be transferred to, processed, and stored in countries or jurisdictions outside of your country of residence, including countries that may not offer the same level of data protection as your own jurisdiction.

Where such transfers occur, NFTake takes all appropriate steps to ensure that an adequate level of protection is afforded to your personal data, as required by the GDPR and other applicable data protection laws. This may include:

  • Implementing Standard Contractual Clauses (SCCs) adopted by the European Commission
  • Verifying that the recipient country is subject to an adequacy decision by the European Commission
  • Requiring recipients to implement additional technical and organizational safeguards
  • Assessing legal risks associated with cross-border data processing and taking risk-mitigation steps

You may request more information about international data transfers and the safeguards in place by contacting our Data Protection Officer at [email protected].

10. Your Rights Under Data Protection Law

As a data subject, you have specific rights under applicable data protection laws with respect to your personal data. NFTake is committed to upholding these rights and has established mechanisms for their enforcement.

Your rights include:

  • Right of Access: You may request confirmation of whether we process your personal data and obtain access to such data along with information about the purposes, categories, and recipients involved.
  • Right to Rectification: You may request correction of inaccurate or incomplete personal data.
  • Right to Erasure ("Right to be Forgotten"): In certain circumstances, you may request the deletion of your personal data, particularly where the data is no longer necessary for the purposes for which it was collected or where consent has been withdrawn.
  • Right to Restrict Processing: You may request the limitation of processing where accuracy is contested, processing is unlawful, or you have objected to processing pending verification of legitimate grounds.
  • Right to Data Portability: You may request a copy of your personal data in a structured, commonly used, and machine-readable format, and, where technically feasible, have the data transmitted to another controller.
  • Right to Object: You may object to the processing of your data where the legal basis is our legitimate interest or where processing is for direct marketing purposes.
  • Right to Withdraw Consent: Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.
  • Right to Lodge a Complaint: You have the right to file a complaint with your local data protection authority if you believe that our processing of your personal data violates applicable laws.

To exercise any of these rights, you may submit a request to our Data Protection Officer at [email protected]. We may require you to verify your identity before fulfilling the request. We will respond to all legitimate requests within the timeframes required by law.

11. Third-Party Links and Services

Our platform may contain links to third-party websites, applications, or services that are not owned or controlled by NFTake. These external sites and services are governed by their own privacy policies and terms of service, and we encourage you to review those policies before interacting with such third parties.

NFTake is not responsible for the privacy practices, content, or security of any third-party platforms. We disclaim any liability for the actions or omissions of such parties, including the use or misuse of personal data that you may provide directly to them.

12. Direct Marketing and Communication Preferences

NFTake may, from time to time, send you marketing communications about new products, services, promotional offers, or platform updates. We will only send you such communications where you have explicitly consented to receive them or where permitted under applicable law.

You have the right to object to or opt out of receiving marketing communications at any time. You may do so by:

  • Clicking the “unsubscribe” link included in marketing emails
  • Adjusting your marketing preferences in your user profile
  • Contacting us directly at [email protected]

Please note that opting out of marketing communications will not affect transactional or service-related emails, such as notifications about your account, NFT transactions, or regulatory updates.

13. Updates to This Privacy Policy

NFTake reserves the right to amend or update this Privacy Policy at any time in response to changes in legal requirements, business practices, platform features, or user feedback. Any material changes to the Policy will be communicated through appropriate channels, such as a notice on the platform, an email notification, or a banner alert.

The “Last Updated” date at the top of this page will reflect the date of the most recent revision. Continued use of our platform following the publication of changes will signify your acceptance of the revised policy.

We encourage you to review this Privacy Policy regularly to stay informed about how your personal data is protected and used.

14. Contact Information and Supervisory Authority

If you have any questions or concerns regarding this Privacy Policy or the handling of your personal data by NFTake, please contact us via:

Email: [email protected]

If you are a resident of the European Union or the European Economic Area, and you believe that your data protection rights have been violated, you also have the right to lodge a complaint with the supervisory authority in your country of residence.

In Latvia, the competent authority is:
Data State Inspectorate (Datu valsts inspekcija)
Website: www.dvi.gov.lv
Email: [email protected]

15. Language and Legal Validity

This Privacy Policy may be translated into different languages for informational purposes. In the event of any discrepancies or inconsistencies between language versions, the English version shall prevail and be deemed legally binding.