Privacy Policy

Plena Finance Digital LLC

At Plena Finance (hereinafter referred to as “Plena/ We/ Our”), we know you care aboutyour privacy and how your personal information is used and shared. This Privacy Policy isdesigned to help you better understand how we treat your personal information.

You should understand that by using or accessing our services in any manner, you are acknowledging that you understand and accept the practices and policies outlined in this Privacy Policy, and you are agreeing to how we may collect, use, and share your information as described in this Privacy Policy.

Plena is engaged in the business of providing decentralized financial services on blockchain and provides solutions for the NFT marketplace, lending & borrowing, staking, non-custodial, the exchange rate for swaps, etc. Plena also offers a plethora of operations and features on its App and website (“Services”).

You should also remember that your use of our Application and/ or website is at all times subject to our Terms and Conditions, which incorporates this Privacy Policy. Any capitalized terms we use in this Privacy Policy without defining them have the definitions given to them in our Terms and Conditions.

At Plena Mobile Application (the “Application”, “App”), one of our main priorities is the privacy of our users who are visitors to our Application. This Privacy Policy document contains types of Data that is collected and recorded by us and how we use it.

Plena is the controller for your Personal Data (as defined under Clause 4 herein below)and/or Data within the scope of this Privacy Policy. If you have additional questions or require more information about this Privacy Policy, do not hesitate to contact

This Privacy Policy applies only to our Application and is valid for the users of theApplication with regards to the Data that they shared and/or which was collected by us. This Privacy Policy is not applicable to any Data collected offline or via channels other than this Application. Please read this Privacy Policy carefully to understand our policies and practices regarding your Data and how we will treat it. By using our Application, you hereby confirm your understanding of our Privacy Policy and its terms.

This Privacy Policy is an inalienable part of Terms and Conditions provided on the Plena Mobile Application and website; and is to be construed and read as part of the said Terms and Conditions.

1. Changes to this Agreement

1.1. We reserve the exclusive right to make changes to this Privacy Policy from time to time, in our sole discretion. Your continued access to and use of the Application constitutes your awareness of all amendments made to this Privacy Policy as of thedate of your accessing and use of the Application. Therefore, we encourage you to review this Privacy Policy regularly to keep track of any possible changes.

1.2. If, for some reason, you are not satisfied with our Personal Data processing practices, your immediate recourse is to stop using the Application and our Services.You do not have to inform us of this decision unless you intend to exercise some of the data protection rights stipulated by GDPR and defined below in this PrivacyPolicy.

2. Eligibility

2.1. Age – By accessing our using the Application, you represent and warrant that you are at least eighteen (18) years of age. If you are under the age of eighteen (18), you may not, under any circumstances or for any reason, use the Application. Please report to us any instances involving use of the Application by individuals under the age of 18, should they come to your knowledge.

2.2. Criteria – We may, in our sole discretion, refuse to offer the Application to any person or entity and change the eligibility criteria for use thereof at any time.

3. Applicability

3.1. This Privacy Policy applies to all of your interactions with us via the Application, and your interactions with us in connection therewith.

3.2. Below are the categories of our processors used on the Application according to the internal data processing roadmap providing a brief grasp of our data processing activities with regard to each piece of the Personal Data we may collect through theApp, as well as your place in every data processing event. It’s intended to simplify your familiarity with our data protection practices. Although this roadmap may not be treated as an exhaustive list and a full replacement of this Privacy Policy content.For a comprehensive understanding of our data processing activities, please never the less consult the Privacy Policy text. Below are the categories of our processors which can access and process your Personal Data through the App:

a. Technical maintenance vendors;
b. Project and team management vendors;
c. Communication vendors;
d. On/Off-ramp transactions vendors;
e. Analytics, statistics, performance, marketing vendors.

4. Data processing in connection with the Application Types of Data We Collect

4.1. Personal Data is data relating to an individual, which can be used either alone or with other sources of Data to identify that individual.

4.2. To the maximum extent possible, we try to collect as minimum as possible PersonalData from you. We collect Personal Data that you personally provide to us, and that is collected automatically.

5. Personal Data you provide:

i. Your Account Data – In order to generate a wallet address, you don’t need to share any Personal Data with us or the App. Nevertheless, you may voluntarily add Personal Data.

5.1. Various automatically generated and analytics data – (i) IP address of the device you use to access Plena’s Application and/ or website; (ii) the type of browser software you are using; (iii) the operating system you are using; (iv) the date and time you access or use Plena Application and/ or website; (v) the website address, if any, that linked you to Plena Application and/ or website; (vi) the website address, if any, you leave our website and travel to; and (vii) other traffic data.

5.2. Other Data – Data you create through the Plena Application and/ or website, including public wallet addresses.

5.3. Customer Support – We may collect additional Data you may disclose to our customer support team. We rely on contract performance basis when collecting and processing the Personal Data you provide through our customer support.

Please Note: Your private key, which you utilize to access your Ethereum or Binance SmartChain (BSC) or other blockchain funds and initiate transactions, is stored only on your own device. In no event we are going to ask you to share your private keys or wallet seed. Never trust anyone or any application that asks you to enter your private keys or wallet seed.However, to facilitate your transactions and provide you with your wallet address balance, we store the public address associated with your private key. We use public addresses to identify a user’s journey through our product. We group and analyse these user journeys collectively in order to improve our product user experience. We do not use this data for any purpose at an individual user level.

6. Information We Collect:

6.1. Plena must receive or collect some information to operate, provide, improve, understand, customize, support, and market our Services, including when you install, access, or use our Services.

6.2. Metrics and Performance Data – We may collect service-related, diagnostic, andperformance Data. This includes Data about your activity (such as how you use ourApplication and how you interact with others using our Application), and diagnostic, crash and performance logs and reports. We rely on contract performance basis when collecting and processing service-related, diagnostic, and performance data.

6.3. Device and Connection Data – We may collect device-specific Data when you install, access, or use our Application. This may include your device’s unique ID generated while installing the Application. We rely either on contract performance or legitimate interests, depending on a particular event, when collecting and processing this kind of data.

6.4. Status Data – We may collect Data about your status on our Application, such as Application launches, taps, clicks, scrolling Data, or other Data about how you interact with the Application. We rely either on contract performance, legitimate interests, depending on a particular event, when collecting and processing this kind of data.We may also receive Data about you from other sources, including through third-party services and organizations. For example, if you access third-party services, through theApplication, we may collect Data from these third-party services.

7. Fully anonymized and pseudonymized Data

7.1. We collect fully anonymized and also pseudonymized Data with regard to:

a. Virtual Currency transactions within the App;

b. Virtual Currency transaction hash/ID that is verified and added to the BlockchainNetwork(s);

c. Information on switched Blockchain Network(s);

d. The information about your UI experience in the App;

e. Other actions and information within the App.

Please note, first three kinds of data stated above are fully anonymized and cannot be technically connected to your identity in any case without additional investigation- and intelligence-related official procedures which may be necessary for investigation of potential crimes and other potentially unlawful activities and behavior.

8. How and Why We Use Your Personal Data

8.1. We may use your Personal Data listed above only for:

Our internal and operational purposes, when: ensuring security, identifying irregular Application behavior, preventing fraudulent activity and improving security at all possible levels;

Assessing and improving the performance of the Application;

Providing the customer support efficiency;

Resolving disputes and troubleshooting problems;

Delivering targeted marketing and service update notices based on your communications preferences;

Analyzing the Application performance, including via, but not limited to: App Store and/or Google Play Market, please refer to the respective sites for more Data;

Finding and preventing fraud.

8.2. We may rely on the following legal bases to collect and process your Personal Data:

On the basis of contract performance or necessity to enter into a contract (where the Personal Data is required for us to perform our undertakings and obligations in accordance with a contract we are entering into when you use the App, or where we are at the negotiations phase);

On the basis of our or our processors’ legitimate interests to protect the App, prevent any malicious and harmful activities to the App, maintain our technical systems healthy and secure, improve the App and products by using aggregate statistics;

To respond to legal requests of authorities, provide information upon court orders and judgments, or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders, and including other similar statutory obligations we or our processors are subjected to;

On the basis of your consent; andOn other legal bases set forth in the personal data protection laws.8.3. To clear any doubts, we may use Personal Data above or any other Personal Data only for particularly tailored purposes as described above. Shall we decide to change any of those purposes, we will first amend this Policy. You may separately require the scope of Personal Data collected and exact purpose of its collection and use.

8.4. It is hereby clarified that the types of information we receive and collect depend on how you use our Services. Upon signing up on Plena’s App and/ or website, you are provided with a wallet address bearing a unique identification number. Information of the device used to sign up on Plena’s App and/ or website along with the unique wallet address thus generated are saved in the backend server of Plena. However, it is imperative to underscore that such information remains confidential and is neither disseminated nor utilized for any marketing or commercial purposes. Further, it is stated that Plena does not save or retain any information regarding the private key of the user, which is essential for accessing the wallet of the user.

8.5. Plena offers a “Chat” feature on its App and website, which allows the users to communicate with each other if they mutually accept their requests. Please see below how the information relating to the “Chat” feature is collected/ stored/ used:

Your Messages: We do not retain your messages in the ordinary course of providing our Services to you. Instead, your messages are stored on our DBS (Database System). Once your messages are delivered, they are deleted from our DBS. The following scenarios describe circumstances where we may store your messages in the course of delivering them:

Undelivered Messages – If a message cannot be delivered immediately (for example, if the recipient is offline), we keep it in encrypted form in our DBS for up to 30 days as we try to deliver it. If a message is still undelivered after 30 days, we delete it.

Media Forwarding – When a user forwards media within a message, we store that media temporarily in our DBS to aid in more efficient delivery of additional forwards.

We offer end-to-end encryption for our Services. End-to-end encryption means that your messages are encrypted to protect against us and third parties from reading them. For the sake of clarity it is stated that only the text messages exchanges on the “Char” feature is store in our DBS in encrypted format and not the media shared suing the “Chat” feature. The same is stored in unencrypted format.

Customer Support and Other Communications. When you contact us for customer support or otherwise communicate with us, you may provide us with information related to your use of our Services, including copies of your messages, any other information you deem helpful, and how to contact you (e.g., an email address). For example, you may send us an email with information relating to app performance or other issues.

8.6. All the aforesaid information whether as provided by you or obtained through your use of the Services as offered on Plena’s App and Website is retained within Plena's DBS for a duration of ten (10) years, serving the sole purposes of record-keeping and facilitating law enforcement agencies in the event of any illicit transactions conducted using the unique wallet address assigned to each user.

8.7. You, the user, at all times has the option of choosing not to share any information with Plena whatsoever, however in doing so, certain features as present on Plena’s App and website may be rendered unusable. Furthermore, all users have the right and option to request Plena to delete any and all information relating to them and as stored within Plena’s DBS, whether as provided by such user or obtained through the use of the Services as offered on Plena’s App and Website by such user.

9. Blockchain Data

9.1. Please, note, we are not responsible for your use of the Ethereum or Binance Smart Chain (BSC) or other blockchain and the use of your data processed in these decentralized and permissionless blockchain networks.

9.2. You should also be aware, that due to the inherent transparency of the blockchain networks, transactions that are instructed for in the Application may be publicly accessible. This includes, but is not limited to, your public sending address, the public address of the receiver, the amount sent or received, and any other data a user has chosen to include in a given transaction. Data stored on a blockchain may be public, immutable, and impossible to remove or delete. Transactions and addresses may reveal Data about the user’s identity and Data can potentially be correlated now or in the future by any party who chooses to do so, including law enforcement. We encourage you to review how privacy and transparency on the blockchain networks works.

10. Cookies Policy

10.1.Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow) that enables the site’s or service provider’s systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the itemsin your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved Services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

10.2.We use cookies to:Help remember and process the items in the shopping cart.Understand and save user’s preferences for future visits.Keep track of advertisements.

10.3.Most Web browsers automatically accept cookies. You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Google Chrome) settings. Each browser is a little different, so look at your browser’s Help menu to learn the correct way to modify your cookies.

10.4.If you disable cookies off, some features will be disabled and some Services on our Application and/ or website will not function properly. Using cookies makes your experience more efficient. However, you can still place orders.

11. Advertising Partners Privacy Policies

11.1.Third-party ad servers or ad networks use technologies like cookies, JavaScript, or Web Beacons that are used in their respective advertisements and links that appear on Plena, which are sent directly to users' browser or mobile application. They automatically receive your IP address when this occurs. These technologies are used to measure the effectiveness of their advertising campaigns and/or to personalize the advertising content that you see on Applications that you visit.

11.2.Please note that we have no access to or control over these cookies that are used by third-party advertisers. Please, consult their Privacy Policy for more detailed Data.

12. Third Party Privacy Policies

12.1.Plena Application Privacy Policy does not apply to other services or applications. Thus, we are advising you to consult the respective Privacy Policies of these third-party services for more detailed Data. It may include their practices and instructions about how to object to certain data processing and opt-out of certain options.

13. Agents or Third-Party Partners

13.1.We may provide your Personal Data to our employees, contractors, agents, service providers, and designees (“Agents”) to enable them for the exclusive purposes of:

Improvement of Application related services and features; and perform maintenance works,

Business transfers, whereas we may choose to buy or sell our assets. In these types of transactions, users’ Data is typically one of the business assets that would be transferred,

Also, if we (or our assets) are acquired, or if we go out of business enter bankruptcy, or go through some other change of control, your Personal Data could be one of the assets transferred to or acquired by a third party. The Agents shall abide, to the most possible extent, to the same level of care and security as to your Personal Data.

14. Service Providers

14.1.In order to ensure proper functioning and development of the Application we may engage third-party service providers for covering some parts of the Application, these may include:

Third-party providers for On/ Off-ramp transactions;

Analytics providers that we use to assist us in the improvement and optimization of the Application;

Marketing Tools providers that help us to enable our marketing;

Server owners, from whom we rent the servers, where the Personal Data is being stored;

Email Newsletter service providers which facilitate our marketing communications with you.

14.2.Service providers will have access to your Personal Data only to the extent needed to perform their business functions but may not use or share that Personal Data for purposes outside the scope of their functions related to the Application. Such service providers shall abide, to the most possible extent, to the same level of care and security as to your Personal Data.

15. Disclosure of Data

15.1.We may disclose any Data about you:

to the extent required by law or if we have a good-faith belief that such disclosure is necessary in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, or private parties, including but not limited to: in response to subpoenas, search warrants, or court orders;

in connection with a merger, division, restructuring, or other association change; and/ orc.

to our subsidiaries or affiliates, only if necessary for operational purposes.

15.2.If we must disclose any of your Personal Data in order to comply with official investigations or legal proceedings initiated by governmental and/or law enforcement officials, we may not be able to ensure that such recipients of your Personal Data will maintain the privacy or security of your Personal Data.

15.3.If you use your wallet address to or engage in a transaction with another user, that user will have access to your transaction Data, respectively. Users you interact with may store or re-share your Data with others inside or outside of our Application. We have no control over and take no responsibility for the security and use of the Data that you share with other users when deciding to interact.

16. Data Retention Period

16.1.Please note: if you delete your wallet or addresses from the Plena Application wallet iOS and/or Android mobile Application, uninstall Plena wallet Applications from your device, or request your Data to be deleted, we still may retain some Data that you have provided to us to maintain Plena wallet or to comply with relevant laws.

16.2.We store your Personal Data during the period of your Application use under the Plena Application Terms and Conditions, and for 24 months upon the end of our cooperation. In any case, when we no longer need the Personal Data, we securely delete or destroy it. Anonymized aggregated data, which cannot identify a device/ browser (or individual user) and is used for purposes of reporting and analysis does not constitute Personal Data and, thus, is maintained for as long as commercially necessary.

16.3.Sometimes business and legal requirements oblige us to retain certain Data, for specific purposes, for an extended period of time. Reasons we might retain some data for longer periods of time include:

Security, fraud & abuse prevention.
Financial record-keeping.
Complying with legal or regulatory requirements.
Ensuring the continuity of our Services on our Application.

17. Data Security

17.1.We strive to maintain the safety of your Personal Information. Unfortunately, no internet-based service is completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our site; any transmission is at your own risk. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access.

17.2.We use a range of physical, electronic and managerial measures to ensure a level of security appropriate to the risk of Personal Data processing. These measures include:

education and training of relevant staff to ensure they are aware of our privacy obligations when processing Personal Data;

administrative and technical controls to restrict access to Personal Data;

technological security measures, including fire walls, encryption (industry standard SSL encryption with 128-bit key lengths, HTTPS encryption), and anti-virus software;

external technical assessments, security audits and vendor due diligence;

security incident reporting and management.

17.3.The security of data transmitted over the internet (including by e-mail) cannot be guaranteed and carries the risk of access and interception. You should not send us any Personal Data by open/ unsecure channels over the internet.

17.4.Please note that no electronic transmission, storage, or processing of Personal Data cannot be entirely secure. We cannot guarantee that the security measures we have in place to safeguard Personal Data will never be defeated or fail, or that those measures will always be sufficient or effective. Therefore, although we are committed to protecting your privacy, we do not promise, and you should not expect that your data and/or Data will always remain private or secure.

18. Your rights under GDPR

18.1.Under certain circumstances, you may have a number of privacy rights concerning the use, storage, and processing of your Personal Data (e.g., the right to delete your data). Here is a list of privacy rights:

Right to be informed - we are publishing this Privacy Policy to keep you informed as to what we do with your Personal Data. You can ask us for Personal Data regarding you that we keep at any time. This Data concerns, among other things, the data categories we process, for what purposes we process them, the origin of the data if we did not acquire them directly from you and, if applicable, the recipients to who we have sent your data;

Right of access – you may ask us whether we process your Personal Data and you have the right to request a copy of the Data we hold about you.

Right of rectification – you have the right to correct inaccurate or incomplete data about you.

Right to be forgotten – you can ask for the Personal Data that we hold about you to be erased from our system and we will comply with this request unless we will have a legitimate reason, legal requirement, and other statutory basis not to do so. Even if can delete (erase) the Personal Data subjected to our active (ongoing) processing activities and cease its processing, we will, nevertheless retain this particular Personal Data in our backup and archive storages to fulfil our statutory and other requirements.

Right to restriction of processing – where certain conditions apply, you can ask us to ‘block’ the processing of your Personal Data.

Right to data portability – you have the right to have the Personal Data we hold about you transferred to another organization and to receive Personal Data in a structured, commonly used format; please apply to: to find out whether we currently support the provision of the portable file containing Personal Data we process about you.

Right to object - you can object to the processing of your Personal Data at any time by applying to: for reasons that arise from your special situation provided the data processing is based on your consent or our legitimate interest or that of a third party, or where we carry out profiling, use machine learning or automated decision-making algorithms. In this case, we will no longer process your Personal Data. The latter does not apply if we are able to prove there are compelling, defensible reasons for the processing that outweigh your interests or we require your data to assert, exercise or defend against legal claims.

Right to withdraw consent - withdraw the consent you gave us with regard to the processing of your Personal Data for certain purposes.

Right to complain - we take your rights very seriously. However, if you are of the opinion that we have not dealt with your complaints adequately, you have the right to submit a complaint to the data privacy protection authorities responsible. You can send your complaints to the European Economic Area (“EEA”) supervisory authority of your country of residence.

18.2.In addition to the above, it is pertinent to note that pursuant to the GDPR, citizens from the "European Territories" mean the EEA. For the purpose of this Privacy Policy, the term "European Territories" shall continue to include the United Kingdom, even after the United Kingdom leaves the European Economic Area following Brexit, and Switzerland.

19. Privacy of children

19.1.Our Application is not directed to collect any data from people under the age of 18. We do not knowingly allow anyone under the age of 18 to submit any data to our Application. If you believe your child may have provided us with their data, you can contact us using the Data in the Contact section of this Privacy Policy and we will delete the data from our Application.

20. Transfer of Personal Data

20.1.Transfers to third countries, shall be made subject to appropriate safeguards, namely standard contractual clauses adopted by a supervisory authority and approved by the Commission. Copy of the foregoing appropriate safeguards may be obtained by you upon a prior written request sent. We may instruct you on further steps to be taken with a purpose of obtaining such a copy, including your obligation to assume confidentiality commitments in connection with being disclosed the Plena Finance proprietary and personal information of third parties as well as terms of their relationships with the Plena Application.

20.2.Keep in mind that the use of Application based on public blockchains intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional revelation of Personal Data, in particular when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks which are not controlled or operated by us, we are not able to erase, modify, or alter Personal Data from such networks.

21. Data Integrity & Security of Processing

21.1.We take Data security very seriously. We work hard to protect the Personal Data you provide us from loss, misuse, or unauthorized access. We utilize a variety of safeguards such as encryption, digital and physical access controls, non-disclosure agreements, and other technical and organizational measures to protect the Personal Data submitted to us, both during transmission and once it is at rest. Still, we do not control the third-party services and therefore cannot guarantee complete security. Any Data that you provide to us is done so entirely at your own risk.

21.2.Please note that no electronic transmission, storage, or processing of Personal Data can be entirely secure. We cannot guarantee that the security measures we have in place to safeguard Personal Data will never be defeated or fail, or that those measures will always be sufficient or effective. Therefore, although we are committed to protecting your privacy, we do not promise, and you should not expect that your Personal Data will always remain private or secure.