optima.cc

Here's what it says on the optima.cc website:

This Cookie Policy is issued by the OPTIMA Transnational Group of Companies, including: Optima Co PTY LTD, Optima Business Limited and Optima Business Growth LTD and describes which cookies and similar technologies for analytics and personalization are used on the website and in mobile applications (or similarly integrated software in third-party apps) of the Group as part of the provision of custodial, investment and other credit and financial services. The jurisdictional requirements regarding the Group’s use of cookies are similar to the applicable requirements for the protection of the sensitive information of the Group’s customers, which are detailed in the Privacy Policy regarding the processing of personal data and are governed by the Privacy Act 1988 under the supervision of the Office of the Australian Information Commissioner (OAIC), the Personal Data Privacy Ordinance (PDPO) (Cap. 486) under the supervision of the Office of the Privacy Commissioner for Personal Data (PCPD), the UK General Data Protection Regulation (UK GDPR) with the supplementary Data Protection Act 2018 under the supervision of the Information Commissioner’s Office (ICO) and other international and local legal regulations of Australia, Hong Kong SAR and Great Britain. The technologies used on the website for analytics and personalization include session/persistent cookies (small text files that are stored by the web browser on the user's device when visiting the website and are deleted after the session ends or manually), as well as other similar technologies: Client-side storage: Storing data in the user's browser, such as LocalStorage or SessionStorage, and the IndexedDB database for large volumes of structured data. Fingerprinting: Creating a unique user fingerprint by collecting various browser parameters and hardware specifications - ranging from fonts and plugins to graphics rendering and pixel readout (Browser, Canvas/WebGL, AudioContext fingerprinting)-as well as analyzing click patterns, scrolls, and timing intervals (Behavioral fingerprinting) for identification purposes. Less detectable storage files: A set of Evercookie and Supercookie techniques combining multiple storage locations (Canvas, ETag, LocalStorage, IndexedDB, HTML5, etc.) for more persistent tracking. Cross-site data transfer technologies: Third-party storage workarounds and other cross-domain ID tracking techniques; Storage Access API for storage management; Shared/Service Workers for caching and cross-tab communication; and the use of Analytics SDKs for collecting and transmitting metrics. Other alternative technologies: Server-side identifiers, Session ID, JSON Web Tokens, Opaque tokens mapped to sessions or profiles; mobile identifiers,IDFA, GAID/AAID, for advertising and personalization; user matching across multiple signatures and identifiers via Universal IDs and Identity Graphs; hardware and network identifiers; other methods and techniques. Based on their purpose, cookies and similar identifiers are classified into strictly necessary cookies, designed to ensure the basic and secure operation of the site (authentication, session recognition, protection against CSRF), functional cookies for storing user preferences and improving the user interface, analytical IDs for traffic analysis and service improvement (e.g., Google Analytics tags), targeting identifiers, as well as technologies for preventing fraud, tracking suspicious activity and session anomalies, and other security cookies. The management of optional cookies is available to the user via browser or mobile device settings, or through advertising personalization within third-party platform profiles. Data that the Group may collect through cookie technology may include anonymized session IDs, interface settings, information about visited URLs and other interactions with the site, technical information about the user's device and software, analytical data, and other information. Some cookies may be set by third-party payment providers, analytical platforms, security services, KYC/AML providers, and other counterparties and partners of the Group. Data exchange with third parties is regulated by applicable laws and mechanisms for the international transfer of personal data in compliance with the key principles of Standard Contractual Clauses (SCCs). OPTIMA Group of Companies complies with transparency and fair processing requirements by strictly minimizing the amount of personal data processed via cookies, utilizing data pseudonymization, tracking control tools, and data encryption during transmission and storage, as well as entering into high-quality SLA/DSA contracts with third-party service providers that include necessary requirements for the deletion and secure transfer of user data. This Cookie Policy does not constitute legal or investment advice, and the information herein may be updated without prior notice. Users are advised to check this Policy regularly for updates to stay informed of any changes. This User Agreement and related documents govern the relations between the User and the OPTIMA Transnational Group of Companies, including: Optima Co PTY LTD, Optima Business Limited and Optima Business Growth LTD, which provide custodial, investment and other credit and financial services. By using the website, mobile applications, API, participating in a promotional campaign, or otherwise interacting with the business lines and products of the Group in online or offline formats, the User fully and irrevocably accepts the terms of this Agreement. The Agreement shall be governed by the applicable laws of the jurisdictions specified in the registration documents of the companies included in the OPTIMA Group. In the event of reorganization of the applicable legislation, the Group reserves the right to amend the terms and conditions of the services offered to comply with the new requirements without prior notice. Optima Co PTY LTD: Australian Company Number 690 051 677, Australian Business Number 71 690 051 677, issued by the Australian Taxation Office. Jurisdictional requirements, including legal standards, corporate governance, reporting, audit, and consumer protection from misleading practices in financial services, are governed by the Corporations Act 2001 under the supervision of the Australian Securities & Investments Commission (ASIC). Located in Southport QLD 4215, Australia. Optima Business Limited: Business Registration Number 79118927 in the Companies Registry issued by the Hong Kong Inland Revenue Department. Regulatory requirements regarding corporate governance, share capital, annual financial statements, statutory audits, compliance procedures, and other legislative obligations are stipulated under the Companies Ordinance (Cap. 622). Local Office: Room 701, 7/F, Lucky Centre, 165-171 Wanchai Road, Wan Chai, Hong Kong. Optima Business Growth LTD: Company number 16864023 in Companies House. In conjunction with the jurisdictional requirements of the Consumer Rights Act in the area of ​​regulation of relations between businesses and consumers in the UK, the organization fully complies with the corporate law standards of the Companies Act 2006 with existing corporate control and liability mechanisms, compliance procedures, approval of payment transactions and disclosure of information, as well as regular reporting and mandatory financial audits. The company is registered at 23 Forrester Way, London, England E15 1GN. OPTIMA, through its own services, related products, partner services, and third-party counterparties, provides users with a variety of financial services, from custodial services and consumer investment solutions based on algorithmic and AI technologies to opening credit lines secured by crypto assets and providing access to other fintech products. The Group reserves the right to charge fees for providing such services, introduce additional service charges, establish special collateral requirements (LTV ratios and margin thresholds), liquidate collateral positions when the value of the crypto-collateral decreases, or require additional collateral. Despite the defined scope of liability, the Group implements sufficient technical and organizational measures to minimize investment risks and ensure the resilience of the OPTIMA infrastructure, as well as the protection of funds, payment transactions, and data: access control procedures, segregation of duties, cold storage of keys, multi-signature solutions, hardware security modules (HSM), data encryption, regular vulnerability testing, and an incident management program. The Group shall not be liable for failure to fulfill obligations due to the occurrence of force majeure events, including: natural disasters, military actions, epidemics, government bans, embargoes, major failures in network infrastructure, power outages and other extraordinary and unavoidable circumstances beyond the reasonable control of the OPTIMA Group of Companies. All media content posted on behalf of OPTIMA on its own website, mobile app, social media, third-party services, or published by partners under fair use is the exclusive property of the Group or its licensors and is protected under applicable intellectual property laws. Such content includes text, images, videos, designs, logos, trademarks, software, interfaces, documentation, analytical materials, investment research, related materials, etc. Any copying, reproduction, modification, or distribution of OPTIMA materials in any manner other than as provided for in this Agreement without the prior written consent of the Group, is prohibited. The User confirms their legal capacity and that they have reached the age of majority (18 years or older, or another age according to local legislation), and undertakes to provide true, accurate, and up-to-date data required for interaction with OPTIMA. The User shall ensure the confidentiality of their credentials and immediately notify the consulting department of any loss of access or unauthorized login The Group reserves the right to refuse service, restrict account functionality, or terminate the relationship unilaterally in the event of a breach of Agreement terms, regulatory requirements, suspicion of fraud, attempts to circumvent restrictions, creation of Sybil accounts, use of the service for prohibited or illegal transactions, use of automated scripts, interference with the OPTIMA infrastructure, or other criminal acts by the user, with subsequent settlement of mutual obligations through local law enforcement procedures. Jurisdictional requirements from government entities mandate that the OPTIMA Group of Companies comply with applicable laws and cooperate with regulatory and supervisory authorities regarding its obligations, including adherence to sanctions, PEP and export controls, Anti-Money Laundering (AML), and Counter-Terrorism Financing (CFT). The Group is obliged to comply with lawful requests from authorities and, if warranted or based on a low risk-based assessment, to conduct identification procedures (KYC/EDD), transaction monitoring, and sanctions compliance, requesting certain sensitive information from clients. All disputes and disagreements arising out of or in connection with this Agreement or related documents shall be settled through a formal claim or mediation procedure via good-faith negotiations with a discussion of settlement methods. If the parties fail to reach an amicable settlement, the dispute shall be referred to court or arbitration in accordance with applicable law. This User Agreement does not constitute legal or investment advice, and the information herein is subject to change without prior notice. Users are advised to check this Agreement regularly for updates to stay informed of any changes. This Privacy Policy on Personal Data Processing explains how the OPTIMA Transnational Group of Companies, including: Optima Co PTY LTD, Optima Business Limited and Optima Business Growth LTD, manages user data in the course of providing custodial, investment, and other credit and financial services. This document sets forth the detailed procedures by which the Group collects, processes, and stores personal and non-personal data of its clients, specifies the legislative acts and regulatory initiatives governing such data processing, and outlines the measures taken by OPTIMA to ensure the protection of sensitive user information. Commonwealth of Australia: the primary federal Privacy Act 1988 (including the 13 Australian Privacy Principles) administered by the Office of the Australian Information Commissioner (OAIC); the amended Privacy and Other Legislation Amendment Act 2024, which introduces new penalties for privacy intrusions and requires disclosure of the use of automated decisions; law enforcement data access rules under the Telecommunications Act 1979 and the Assistance and Access Act 2018; and the Consumer Data Right (CDR), which regulates the sharing of consumer data. Hong Kong SAR: The main State Act of the Personal Data Privacy Ordinance (PDPO) (Cap. 486), which includes 6 Data Protection Principles, and is enforced by the independent Office of the Privacy Commissioner for Personal Data (PCPD). Additionally, the Codes of Practice and Guidance Notes issued by PCPD, as well as the requirements of other industry regulators (Financial Services, HKMA, Securities & Futures Commission and others), which are important for the interpretation of DPP principles, are taken into account. United Kingdom of Great Britain: The UK version of the General Data Protection Regulation (UK GDPR), supplemented by the Data Protection Act 2018, under the supervision of the Information Commissioner’s Office (ICO) as the lead enforcement authority; the framework for public authority access to communications data under the Investigatory Powers Act 2016; the Privacy and Electronic Communications Regulations (PECR); and other national instruments specifying data protection requirements for the financial sector. Personal data is any information that relates to an identified person: name, login, email address, phone number, wallet addresses, financial information, and others. Non-personal data is aggregated or depersonalized information that does not allow identifying the user. Information collected directly from the user: Identity and contact data (e.g., first name, last name, date of birth, email, mailing address); verification documents for KYC/AML compliance (passport, ID card, driver's license, photographs, proof of residence); financial data; cryptocurrency data (blockchain wallet addresses, transaction hashes); interaction data with company employees (correspondence, agreements, questionnaires, and signed documents); crypto-collateral data, as well as personal preferences, marketing settings, and other data. Information collected automatically: Technical data (IP address, device information, software, system settings, browser type, etc.), activity data within the web session (pages visited, time and duration of sessions, user actions), transaction logs (public keys, timestamps, transaction amounts and types), cookies and similar technologies for analytics and personalization, and other data. Detailed information about what cookies are and what types of cookies and other similar technologies are used on the site, from necessary to prevent violations, can be found in the accompanying Cookie Policy document. Information received from counterparties and third-party sources: Data from payment providers and cryptoservices (transaction confirmation, transaction data, blockchain identifiers, metadata from platforms), data from KYC/AML providers and sanctions registries, in some cases user information from open and commercial databases, as well as data from other sources. Personal data is processed on legal grounds provided by applicable law for the following purposes: provision of financial services, execution of transactions, and payment processing based on the performance of obligations and compliance with payment legislation; customer service, advisory support, and processing of inquiries within the scope of business relationships; customer identification and verification in the context of KYC/AML regulatory requirements, as well as compliance with sanctions, PEP, and export controls; fulfillment of legal mandates related to auditing, reporting, and other tax and financial regulations to ensure compliance with jurisdictional requirements; risk management, infrastructure security, fraud prevention, as well as analytics, marketing, service improvement, and other purposes based on the legitimate interests of the OPTIMA Group of companies. The data is stored for the entire period necessary to achieve the purposes of processing the information received or as required by applicable law. User data security is ensured within expedient and reasonable limits, without an absolute guarantee of invulnerability, through technical, physical, and organizational security measures, including access control procedures based on the principle of least privilege, separation of duties, logging, encryption of data during transmission (TLC protocol) and storage, regular vulnerability testing, and an incident management program. The User, in turn, undertakes to provide reliable, accurate, and up-to-date data required for interaction with OPTIMA, independently ensuring the confidentiality of personal access data, and to immediately notify the Consulting Department in case of loss of access to the personal account or possible unauthorized access. The Group is not liable for any damages arising from the user’s violation of security measures. In the course of providing the proposed services, the Group may transfer (including cross-border data transfer and storage in other jurisdictions) certain user data to third parties, specifically: payment providers, crypto services, cloud, hosting, analytics, CRM, and security service providers, KYC/AML and sanctions registry providers, government authorities, consultants, and auditors upon legal request, as well as other persons and counterparties, subject to applicable laws. OPTIMA Group is required to comply with jurisdictional requirements from government agencies and cooperate with regulatory bodies, including, among other things, KYC/AML data processing where grounds exist, legal disclosure of user data, and interaction with law enforcement. This includes collecting specific sensitive customer information for identification purposes, additional screening, sanctions compliance procedures, and the use of previously gathered data, with subsequent disclosure of information upon lawful request by courts, law enforcement, or regulators. Whenever possible, the Group shall strictly minimize the scope of disclosure and, where permitted by law, notify the user of the relevant request. OPTIMA collects and processes only the data necessary for the stated purposes and, where appropriate, anonymizes such data for analytics and storage. When developing and introducing new products, business lines and technologies that may pose a high risk to the rights and freedoms of data subjects, the Group carries out the Data Protection Impact Assessment (DPIA) in accordance with the requirements of applicable regulations. Privacy Policy on Personal Data Processing does not constitute legal or investment advice, and the information in the document may be updated without prior notice. Users are advised to check this Policy regularly for updates to stay informed of any changes. This Risk Disclosure and Scope of Liability document is provided by the OPTIMA Transnational Group of Companies, including: Optima Co PTY LTD, Optima Business Limited and Optima Business Growth LTD, in accordance with regulatory disclosure requirements for investors and borrowers. The jurisdictional requirements for this Disclosure are governed by the Australian Securities & Investments Commission (ASIC), the Corporations Act 2001, the Companies Ordinance (Cap. 622), the Companies Act 2006 and other international and local legal regulations. The document includes categories of potential risks associated with the use of OPTIMA's custodial, investment, and credit-financial services, a description of the Group's risk management policy, withdrawal rights, and liability limitations, as well as recommendations for users and clarifications on applicability. Market: Cryptocurrency prices are subject to a high degree of volatility. Economic or political drivers, supply-demand shifts, and changes in trends or technical levels can lead to abnormal return deviations, from extreme lows to uncharacteristic maximums. Liquidity: Certain cryptocurrency pairs may lack sufficient liquidity on exchanges and other public markets, particularly during market stress, making it difficult to complete buy or sell transactions at the desired price and within the required timeframe. Regulatory uncertainty: Changes in government regulations in international or local jurisdictions regarding cryptocurrencies, crypto-collateralized services, and related offerings may include new requirements, barriers, or prohibitions. Furthermore, there may be amendments to the tax regime and methods of accounting for tax liabilities affecting settlements and payments, as well as changes in the licensing system, asset storage requirements, and disclosure of information. Cybersecurity: The technological infrastructure of third-party services and cryptocurrency blockchains used in trading operations may be vulnerable to hacker attacks, exploits, code errors, payment gateway and exchange failures, as well as other smart contract vulnerabilities and protocol dependencies on other online services. Structural and external counterparty risks: hardware or software failures, interoperability risks, risks of non-compliance with cross-border regulations on cross-service, cold, or modular asset storage, potential difficulties with compliance processes, risk of counterparty default, and dependency on third-party platforms, brokers, liquidity providers, custodial partners, and depositories. Borrowed Funds: Operating with borrowed money obtained through OPTIMA credit and financial services can be potentially unprofitable, and the risk of forced liquidation of collateral under adverse market conditions carries the danger of losing the entire amount of crypto collateral. The foundation of OPTIMA’s Risk Management Policy is the systematic identification, assessment, management, and mitigation of factors that could impact the safety of invested funds and the resilience of IT infrastructure, business lines and products of the group. The management of these risks is built upon regular identification of potential hazards, their quantitative and qualitative assessment, setting risk thresholds by asset class, portfolio stress testing, and the formation of reserves and response plans. To ensure the security of capital and operations, the following measures are applied: access control procedures, segregation of duties, cold storage of keys, multi-signature solutions, hardware security modules (HSM), data encryption, regular vulnerability testing, and an incident management program. The organizational policy includes independent internal and external audits, in-depth compliance management, incident escalation procedures, and business continuity plans (BCP/DR), as well as daily monitoring of market and operational indicators; meanwhile, counterparty control based on legal expertise, monitoring of financial condition and conditions of trusted custodianship. The OPTIMA Group of Companies is not responsible for any financial losses of investors and borrowers caused by the use of Group’s deposit and credit/financial services. Any materials regarding OPTIMA business lines, products, services, investment terms, or crypto lending, whether posted online or available offline, are for informational purposes only, do not constitute a public offer or investment advice, and are published solely for educational purposes. OPTIMA does not guarantee returns and does not provide any guarantees regarding the safety of assets, declared yields or liquidity, minimum investment periods, or other stated conditions for clients. If acceptable levels of risk are reached, for example, to suppress fraudulent activity or on other grounds necessary to ensure stability, the Group reserves the right to take measures to change the composition of the investor portfolio, introduce a temporary pause on the withdrawal of funds, or revise client terms. Investing in cryptocurrencies or crypto-trading services, as well as using crypto-collateralized services, involves significant financial risks and may lead to the total loss of funds. Past performance of the instruments described above, including regular returns, is no guarantee of future profitability. By using OPTIMA business products, the user acknowledges that they have read this Risk Disclosure and Scope of Liability, understand the risks associated with investment and crypto-lending, accurately assess their personal risk tolerance, and accept full responsibility for their decisions following independent consultation with a qualified financial advisor. This Risk Disclosure and Scope of Liability does not constitute legal or investment advice, and the information herein is subject to change without prior notice. Users are advised to check this Disclosure regularly for updates to stay informed of any changes.