Last Updated: January 25th, 2021.
We reserve the right to amend & update this policy at any time and when required by law, notifying you of these changes by email. This will be sent to the email address linked to your account with us.
The Personal Information we Collect.
We collect the following types of information:
Personal Identification Information: Full name, date of birth, age, nationality, gender, signature, photographs, phone number, home address and email.
Formal Identification Information: Passport number, driver’s license details, national identity card details.
Financial Information: Bank account information, transaction history, trading data, solicitor letters, company formations documents.
Transaction Information: Information about transactions made using our services, such as blockchain ID’s, the amount, timestamp, and/or recipient address.
Online Identifiers: Geo location/tracking details, OS, browser name and version, and/or personal IP addresses.
Usage Data: Information provided to our support team, security questions, user ID, and other data collected via cookies and similar technologies.
How your personal information is used
Our purpose for collecting personal information is to provide you with a secure, smooth and legally compliant service. We use personal information to operate, deliver, improve, loss prevention and anti-fraud or anti-money laundering purposes. We may use your information in the following ways:
To maintain legal and regulatory compliance - The use of our services is subject to laws and regulations which require us to collect and use your personal data. The above types of information will be used to identify and verify customers in accordance with GDPR to comply with anti-money laundering and anti-terrorism financing laws.
To enforce our terms in our user agreement – we actively monitor account usage to prevent and mitigate any potentially prohibited or illegal activities.
To provide services - To provide our service's such as buying or selling coins, we require certain information such as your identification, contact information & payment information.
To provide customer service - We will process your personal information regarding guidance, disputes, troubleshooting and general inquiries.
To ensure quality control - Processing of personal information is necessary for our quality control checks to prevent issues and interruptions with our services and to fulfil our obligations to you.
To ensure network and information security - We process your personal information to comply with applicable security laws and regulations for the security of our services. To combat threats such as spam, malware or hacks.
To engage in marketing activities - Depending on your communicated preferences, we may send you marketing information to notify you of any events or promotional offers. You can opt-out of our marketing communication at any time.
Your personal data will not be used for any purpose other than those stated above without your permission. We may need to request your permission to allow us to share your personal information with a third party.
Information from Third Party Sources
We may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, ID verification partners and social media platforms. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you to ensure our services are not used fraudulently or for other illicit activities.
We take care and only allow your personal information to be accessed by those employed by Cryptomate who require it in order to perform their tasks and duties. We do not share your personal information with any other third parties unless requested by you or in the following circumstances.
When legally obligated too;
When required to deliver services;
Otherwise stated in KYC Contract Agreement
How we protect and store personal information
We understand the importance of protecting our customers privacy and as such, our IT systems and procedures have been designed for the safety and security of our users.
We use computer safeguards such as firewalls, device encryption, data encryption and Two-Factor Authentication to only allow verified operators to have access.
We enforce physical access controls to our buildings and files, authorising access to personal information only for those employees who require it to fulfil their job responsibilities.
We may store and process part or all your personal and transactional information with our service providers, who have extensive expertise in protecting data and are compliant to all relevant data protection regulations.
We cannot ensure the security or confidentiality of information you transmit to us or receive from us via the Internet or wireless connection; including email, phone, or SMS, as we have no way of protecting that information once it leaves our control.
How you can access or change your personal information
As users you have the right to; review, correct or amend your personal information, or to delete information where inaccurate.
You have the right to object to the use of your personal information for marketing purposes at any time by informing us and unsubscribing.
Retention of personal information
Your personal information is securely stored throughout the time in which you have an account with us. We only retain your personal information for as long as necessary to satisfy any legal, accounting, reporting obligations or to resolve disputes.
Children Personal Information
We do not knowingly request or collect any personal information from any person under the age of 18. If a user submits personal information to us or is suspected of being younger than 18 years of age, we will immediately cease to offer services and remove all data held on the user.
International Transfers of Personal Information
Service providers used by Cryptomate may store, transfer and otherwise process your personal information in countries outside the UK and your country of residence. All our service providers are certified IT systems and security companies, regulated and compliant to all applicable data protection laws.
Absolute Rights to personal data
Your rights to your personal information are not absolute and may be denied when:
Denial of access is required or authorized by law;
Granting access would have a negative impact on other's privacy;
To protect our rights and properties; and
Where the request is frivolous or vexatious.
If you are unhappy or believe that we have uninfringed your rights, we encourage you to first contact us, so we can try to resolve the issue. You are entitled to the right to complain about our processing of your personal information to the Information Commission Office (ICO).