Future Breeze s.r.o., headquartered at Primátorská 296/38, 180 00 Prague 8, Czech Republic (Company ID: 21330221), is committed to protecting your privacy and handling your personal data in a transparent and secure manner. As a provider of services related to digital assets and cryptocurrency ATMs, we ensure full compliance with Regulation (EU) 2016/679 (the General Data Protection Regulation – GDPR) and the relevant Czech legislation, including Act No. 110/2019 Coll., on the processing of personal data.

In matters of any data privacy queries, you can reach our Data Protection Officer (DPO) via email at privacy@future-breeze.eu.

This Privacy Policy describes how we collect, use, store, share, and protect personal data in connection with the services we provide. It also outlines your rights as a data subject and how you can exercise them.

We collect and process personal data only to the extent necessary for the purposes of providing our services and fulfilling our legal obligations. This includes basic identification details such as your full name, date of birth, nationality, and contact information, as well as documentation required for identity verification (including a photo or scanned copy of your ID and a facial selfie for KYC purposes). When you carry out transactions through our ATMs or digital platforms, we collect information about the transaction type, amount, cryptocurrency wallet address, and unique transaction identifiers.

Additionally, we may gather technical data such as IP addresses, device IDs, browser versions, system logs, and timestamps, which help us improve our services, detect errors, and prevent abuse. CCTV monitoring is conducted based on our legitimate interest in ensuring the safety of our ATMs and preventing fraudulent activity.

We process your personal data primarily to verify your identity in accordance with anti-money laundering (AML) regulations, to process and settle your transactions, and to ensure the safety of our infrastructure. Your data also enables us to respond to support inquiries, prevent fraudulent or criminal activities, and comply with all applicable legal obligations. In certain limited cases, we may process your data based on your explicit consent, such as for optional marketing communications, which we currently do not engage in.

Our processing activities are based on one or more of the following legal grounds: compliance with legal obligations (particularly AML and financial laws), performance of a contract (such as executing your transaction), our legitimate interest in protecting the integrity of our services and infrastructure, or your explicit consent, when applicable.

We do not sell or share your personal data for marketing or commercial purposes. Your data may be shared with regulatory authorities such as the Czech National Bank (ČNB) or the Financial Analytical Office (FAÚ), and with third-party service providers that assist us in areas such as identity verification, IT infrastructure, or legal compliance. All such transfers are made with strict contractual and security safeguards in place.

We retain personal data for no longer than necessary. Identification and transaction data are generally stored for up to 10 years after your last transaction, as required by AML legislation. CCTV footage is kept for a maximum of 72 hours unless further retention is mandated by law enforcement authorities. Technical logs and diagnostics are retained for up to 90 days to support the security and stability of our services.

As a data subject, you have the right to request access to your personal data, to have your data corrected or supplemented, and under certain conditions, to request the erasure or restriction of your data. You also have the right to object to processing where justified and to obtain a copy of your data in a structured, commonly used format. Requests can be submitted to us via email at securityadmin@future-breeze.eu, and we are committed to responding promptly and in accordance with GDPR. In addition, you have the right to lodge a complaint with the Czech national supervisory authority for data protection matters: Úřad pro ochranu osobních údajů (ÚOOÚ), located at Pplk. Sochora 27, 170 00 Prague 7, Czech Republic (www.uoou.cz).

We take data security very seriously. Your data is protected by technical and organizational safeguards including encryption both during transmission and in storage, restricted access controls, periodic audits, and security tests. Only authorized personnel with appropriate training and clearance can access sensitive data, and we regularly review our procedures to maintain high standards of data protection.

In cases where we may transfer data outside of the European Economic Area, such transfers will only take place with appropriate safeguards as required by GDPR, such as the use of standard contractual clauses approved by the European Commission.

Please note that our website or user interface may contain links to third-party websites. We are not responsible for the privacy practices or content of these external sites. We encourage users to review the privacy policies of any external services they access via our platforms.

We reserve the right to update this Privacy Policy from time to time. Changes will be published on our website. If we introduce material changes, we will inform users via direct notification or prominently on our platform.