Back

The Empty Set

Privacy Policy

This Privacy Policy explains how The Empty Set ("The Empty Set," "we," "us," or "our") collects, uses, discloses, and protects your personal data in connection with our products and services ("Service"). It is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and Payment Card Industry Data Security Standards (PCI-DSS).

By accessing or using our Service, you acknowledge that you have read and understood this policy.

1. Interpretation and Definitions

See original definitions. The term "Personal Data" includes any information that identifies or relates to an identifiable individual and includes "personal information" as defined under CCPA and GDPR.

2. What Data We Collect

We collect the following types of Personal Data:

  • Identity Data: Name, email, phone number, date of birth, government-issued ID
  • Contact Data: Billing address, shipping address
  • Technical Data: IP address, browser type, device information
  • Usage Data: Login activity, session duration, clicked features
  • Marketing Data: Your communication preferences

We collect this data through:

  • Direct interactions (e.g., signup, card application)
  • Automated technologies (cookies, web beacons)
  • Third-party services (e.g., KYC, payment processors)

3. How We Use Your Data

We use your Personal Data to:

  • Provide you with our card and account services
  • Verify your identity (KYC/AML)
  • Process payments and transactions
  • Comply with legal and regulatory obligations
  • Communicate updates, promotions, and offers
  • Ensure PCI-DSS compliant handling of payment credentials
  • Detect and prevent fraud

We will only process your data when we have a lawful basis to do so, including your consent, contractual necessity, compliance with legal obligations, and our legitimate interests.

4. Legal Bases for Processing (GDPR)

Under the GDPR, we rely on the following legal bases:

  • Consent (e.g., marketing)
  • Performance of a contract (e.g., providing card/account services)
  • Legal obligation (e.g., AML/KYC checks)
  • Legitimate interests (e.g., fraud prevention, platform improvement)

You may withdraw your consent at any time by contacting support@the-empty-set.vip.

5. Your Rights Under GDPR & CCPA

Under GDPR (for EU/EEA users), you have the right to:

  • Access the personal data we hold about you
  • Request correction or deletion
  • Object to or restrict processing
  • Data portability
  • Lodge a complaint with a data protection authority

Under CCPA (for California residents), you have the right to:

  • Know what personal information we collect and why
  • Request deletion of your data
  • Opt-out of the sale of personal information (The Empty Set does not sell personal data)
  • Non-discrimination for exercising your rights

To exercise any of these rights, email us at support@the-empty-set.vip with the subject line "Privacy Rights Request."

We will verify your identity before responding to such requests, and respond within the timeframe required by applicable law.

6. PCI-DSS Compliance

The Empty Set adheres to the Payment Card Industry Data Security Standard (PCI-DSS), which governs the secure processing, transmission, and storage of cardholder data.

  • Card numbers and payment credentials are never stored on our servers unless required by law or our issuing bank partners, and only in compliance with PCI-DSS.
  • We use encryption, tokenization, and secure payment gateways to protect your payment data.
  • Third-party payment providers used by The Empty Set are PCI-DSS certified.

7. International Transfers

Your data may be transferred and processed in the United States and other jurisdictions outside your country of residence. When transferring data internationally, we implement safeguards such as:

  • Standard Contractual Clauses (for EU transfers)
  • U.S. legal frameworks and data protection agreements
  • Data processing agreements with vendors and partners

8. Retention Policy

We retain Personal Data only as long as necessary:

  • To fulfill the purposes it was collected for
  • To comply with applicable laws and regulations (e.g., AML)
  • To resolve disputes or enforce agreements

Data retention periods vary by data type and use case.

9. Security Measures

We implement:

  • End-to-end encryption
  • Multi-factor authentication
  • Access controls and role-based permissions
  • Regular vulnerability testing
  • Data breach monitoring and incident response

Despite these efforts, no online system is completely secure. You use the Service at your own risk.

10. Children's Privacy

The Empty Set is not intended for individuals under 13 years old. If we discover that a child has submitted Personal Data without verified parental consent, we will delete it.

11. Third-Party Links

Our Service may link to other websites. We are not responsible for their content or privacy policies. Review their policies before submitting data.

12. Changes to This Policy

We may update this Privacy Policy as needed. If material changes are made, we will notify you via email or platform notification.

13. Contact Us

For questions or requests regarding this Privacy Policy or your personal data: