Nodu (“we”, “us”, “our”) is committed to protecting your privacy and personal data in accordance with the EU General Data Protection Regulation (GDPR) and the Polish Personal Data Protection Act as implemented in Poland. This Privacy Policy outlines how we collect, use, store, share, and protect personal data when you use our services.
1. Who We Are
Nodu is a brand operated by Prionisent Sp. Z.o.o., a company incorporated in Poland with its registered office at ul. Bartycka 22B/21A, 00-716, Warsaw, 00-716, Poland and with KRS company number 0001141712. We are registered and supervised with the General Inspector of Financial Information (GIIF) as a Virtual Asset Service Provider (VASP). For privacy-related inquiries and data protection rights, contact us at privacy@prionisent.pl.
2. Personal Data We Collect
We collect personal data necessary for service delivery and regulatory compliance, including but not limited to:
- Identification data: name, surname, date of birth, nationality, identification documents (ID/passport)
- Contact data: email, phone number, address, proof of residence
- Payment and wallet details for transaction processing
- Biometric data used during electronic KYC verification
- Technical data: IP address, cookie data, device information
- Information obtained from third-party AML/KYC service providers
- Any other information necessary for fulfilling legal obligations under Polish and EU law
3. Legal Basis and Purpose for Processing
We process your personal data on the following legal bases:
- To perform and manage contractual obligations relating to our services
- To comply with Polish AML/CFT laws, including customer identification, monitoring, and reporting obligations
- For legitimate interests in improving our services, IT security, and fraud prevention
- To meet reporting requirements to regulatory authorities such as KNF and General Inspector of Financial Information (GIIF)
4. Data Sharing and Transfers
- We share your personal data with trusted third-party service providers, including payment processors, transaction and wallet monitoring system providers and identity verification companies, ensuring they comply with GDPR and Polish data protection requirements.
- We may disclose data to Polish regulatory bodies (e.g., KNF, GIIF) and law enforcement where legally required.**
- Transfers of data outside of Poland or the European Economic Area (EEA) are protected by Standard Contractual Clauses or equivalent safeguards.
5. Cookies and Tracking
We use cookies and similar technologies on our websites for essential functionality, analytics, and security purposes. Users can adjust cookie preferences via their browser settings.
6. Data Retention
We retain your data only for as long as necessary to provide services and comply with legal requirements—typically complying with retention periods mandated by Polish AML and financial regulations.
7. Security Measures
Nodu implements technical and organizational safeguards to protect your data from unauthorized access, loss, alteration, or disclosure.
8. Your Rights Under GDPR and Polish Law
You have the following rights concerning your personal data:
- Right of access to your data
- Right to rectification and erasure
- Right to restrict or object to certain data processing
- Right to data portability
- Right to withdraw consent for marketing
- Right to lodge complaints with Polish data protection authorities (UODO)
To exercise any rights, please contact us at privacy@prionisent.pl.
9. Changes to This Policy
We may update this Privacy Policy to reflect changes in our data practices or legal obligations. Updates will be published on our website with the revision date.
10. Contact Information
Nodu
Prionisent Sp. Z.o.o.
ul. Bartycka 22B/21A, Warsaw, 00-716, Poland
Email: privacy@prionisent.pl