Business
Products
Cryptopay BusinessCrypto Payment Gateway
White-label Payment GatewaySoon
OTC ExchangeSoon
Accept Crypto
Explore Accept CryptoPayment LinksPayment APIOnline Crypto CheckoutChannels
Mass PayoutsAccount ManagementSupported CurrenciesSupported Countries
Personal
WalletPricesSupported CurrenciesSupported Countries
Cryptopay Card
Spend your crypto on business needs, make near-instant payments and feel safe with world-class securety.
Learn more
Company
Business
Personal
Company
Products
Accept Crypto
Mass PayoutsAccount ManagementSupported CurrenciesSupported Countries
Privacy policyCookie policyAML/KYC policyLaw enforcement

Privacy Policy

This Privacy Policy (“Policy”) governs processing by CPS Solutions OÜ, UAB CPS Payments or Magnetron Payments LTD (together, “Cryptopay”, “we”, or “us”) of information, including personal data, relating to the data subjects (“you”, “User”) of the cryptopay.me website (“Site”) and other services provided by us, including but not limited to payment processing services (collectively hereinafter “Services”). This Policy applies to all products and Services offered to you by us.

If you are our business customers or their clients, please note that different Cryptopay companies may control and process your data. The company that provides you the Services, as identified in the relevant services agreement, is the company directly responsible for handling personal data.

In certain cases, different Cryptopay companies may be involved in determining the purposes and means of processing your data and act as joint controllers together with the Cryptopay entity providing you the Services (for more information please see section 10 of the Policy).

The Policy covers following questions:
  1. Information we may process, legal basis and purposes of processing
  2. How we use information
  3. How long we retain information
  4. How we share collected information
  5. Cross-border transfer
  6. How we store and protect collected information
  7. Rights of users
  8. Changes to the Policy
  9. What if I do not want to accept the Policy?
  10. Cryptopay companies
  11. Contacts

1. Information we may process, legal basis and purposes of processing

Personal data

We may process personal data of Users in a variety of ways, including, but not limited to, when users visit our Site or use any of our Services, register for the Services; fill out any form (e.g. via chat widget), provide information for passing of anti-money laundering procedures or take any actions directly stipulated by the features of the Site.

In most cases we will collect the personal data described above from you directly. We may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms for purposes of verifying your identity. We obtain information from third parties for the purposes of compliance with legal obligations, such as anti-money laundering laws, and for the purposes of contractual performance.

Categories of data involved in data processing include:
  • Personal identification information: full name, e-mail, date and place of birth, nationality, gender, utility bills, photographs, phone number, mailing address, residence details, ID or other documents’ number and other details;
  • Payment information: bank information, card information, transaction history, transaction identifiers and associated information;
  • Employment information: business contact details, employer details, job title;
  • Data collected by cookies: see sections 2 and 3 of the Policy regarding cookies.

From time to time, we may process this and additional types of data about Users to make sure our Services are not used fraudulently or for other illicit activities. In such instances, processing is necessary for one of the legal bases as described below. We may ask you to supply additional documents or information where it is necessary for compliance with our legal obligations and for the purposes of legitimate interests e.g. in the prevention of fraud, money laundering and counter-terrorism.

Users can always refuse to supply personal identification information, except that it may prevent them from engaging in certain Services or related activities. Thus, in some cases, we will be unable to render Services to you if you do not provide us your personal identification information due to the requirements of anti-money laundering laws and other legal acts.

Information collected automatically

We may collect information about Users whenever they interact with our Services, for example, through the use of cookies. Such information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as IP address, location, date and time of connection, the operating system and the Internet service providers utilized and other similar information.

Web browser cookies and online fingerprinting

Our Site may use "cookies" and online fingerprinting to enhance User experience. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly. Learn more about the way our Site may use cookies in our Cookie Policy. Online fingerprinting is a method of collecting certain technical information about your device or browser. This information helps us recognize your personalised settings and ensure the proper functioning of the Site.

Third-party widgets

Our Site may include social media features, such as buttons for Twitter (X), Facebook, LinkedIn, and Telegram. You are the only person who decides if you would like to press this button and share your personal data with the respective social media operators. These features may collect information about the page you are visiting during your use of the Services and may set a cookie to enable the feature to function properly. Your interactions with these features are governed by the privacy policy of the company providing it and we recommend that you read them prior to sharing your data with such third parties.

2. How we use information

We process aforementioned information relying on the following legal grounds:
  • where it is necessary to perform a contract with you for the provision of our Services or to enter into a contract with you for the provision of our Services;
  • where it is necessary for compliance with our legal obligations across jurisdictions with regard to provision of financial services, as stipulated by accounting, taxation and other laws and to prevent criminal activity, fraud and money laundering;
  • where it is necessary for the purposes of our legitimate interests to prevent fraud, money laundering or unauthorized use of your account, and to analyze your account activity in order to be able to provide you with an adequate and reliable service and to offer you the best possible options suitable for your needs;
  • where we have received your explicit consent as required by applicable law.
and for the following purposes:
  • to identify you as a client and distinguish you from other users of our Services;
  • to be able to continuously provide you with functional, secure, efficient, and customized service;
  • to operate and develop our Services;
  • to publish content and advertising on the Site;
  • to prevent losses and frauds;
  • to respond to you about any comment or enquiry you have submitted;
  • to comply with legal and regulatory requirements, including Know-Your-Customer (KYC) anti-money laundering (AML) requirements;
  • to provide you with customer and technical support;
  • to inform you about our and our partner’s offers, products and to perform other marketing activities where we have received your consent.

We also may process personal data including your email address to send you service updates and notifications (regarding your account settings), newsletters, marketing messages and certain email notifications where we have obtained your explicit consent or are otherwise lawfully permitted to do so. You can change your preferences later and opt-out from such emails at any time just by following the link, which may be placed in every email from Cryptopay or through settings.

We will ask the User's consent before processing of aforementioned information in other purposes. When collecting such consents, we inform the data subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

Automated decision-making and profiling

We do not rely on decisions based solely on automated processing of your personal data, including profiling. Any decisions related to the delivery of our Services and data processing are made by authorized personnel.

3. How long we retain information

We store collected information we collect for as long as it is necessary to perform our contractual obligations, deliver our products and services, comply with mandatory retention periods, support our legitimate business interests, or where such storage is technically required.

If you decide to stop using our Services, delete your account, and terminate contract with us, we will keep personal data and, including, in particular, your transaction information, to comply with anti-money laundering laws and other legal acts. The retention period depends on the entity providing the Services: if the Services was primarily provided by CPS Solutions OÜ and/or Magnetron Payments LTD, your data will be retained for at least 5 years after you delete your account; if the Services were provided by UAB CPS Payments, your data will be retained for up to 8 years after you delete your account. However, the information may be, wholly or in part, retained for a longer or shorter term if required by applicable laws or if there is other justified reason to retain or delete them.

In some cases, we can keep your information for longer periods: such exceeding can be used only in a case of arising of legal requirements that will oblige us to store your information for more than 5 or 8 years. Information associated with your account will be kept until your account is deleted, unless we no longer need the data to provide products and services.

Please note that retention periods may be changed from time to time based on legal and regulatory requirements.

4. How we share collected information

We sometimes need to share personal data we process with third parties. When necessary or required we may share information with authorities, other companies within the group of companies for internal administrative purposes, companies which the group cooperates with and to other third parties, such as third party service providers used in connection with our Services (e.g. various analytical services and financial institutions that we have partnered with to jointly create and offer you a product). The legal basis for data transfer is performance of contract between you and us, as well as our legitimate interest and our legal obligation.

We may share collected information with:
  • credit reference agencies;
  • identity verification, KYC and fraud prevention providers (e.g. Sumsub, LexisNexis);
  • debt collection and tracing agencies
  • banking and financial services partners, including payments networks;
  • IT service providers, including those providing application or infrastructure services (e.g. cloud hosting such as AWS);
  • suppliers and services providers, including those providing payment, analytical, financial and other operational support;
  • governmental bodies and regulatory authorities, judicial and investigation bodies, notaries, and other recipients based on written requests or the duties imposed on us in order to comply with applicable law.

5. Cross-border transfers

We intend to transfer the collected information we obtain from you to recipients in countries other than the country in which the information has been originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the information.

The collected information may be transferred to a state outside the European Economic Area ("EEA") or Canada. For such transfers we use standard contract clauses or other suitable safeguard to permit data transfers to other countries and ensure that such information will be afforded the same level of protection. Only when required it may be accessed by the courts, law enforcement and national security authorities. A copy of standard data protection clauses adopted by a supervisory authority may be obtained by request made to the privacy@cryptopay.me.

6. How we store and protect collected information

We implement appropriate technical and organisational measures to protect protect the confidentiality, integrity, and availability of personal data we process against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access. These measures are aligned with the current state of technology and industry practices. We consider the risks associated with processing activities when determining appropriate safeguards. We use encryption, where appropriate, to protect information and we grant access to information to our personnel and third parties only when it is necessary for them to process said information. Our personnel, contractors, and service providers who handle personal data on our behalf are subject to binding confidentiality obligations.

However, the transmission of such data over the Internet using personal computers or mobile devices is not completely safe and therefore we cannot guarantee the security of documents submitted to our platform. Any transmission of such documents is at your own risk. As soon as we receive your information, we implement strict security measures and procedures to avoid unauthorized access from any third party. If you know or suspect that your personal data have been lost, stolen, misappropriated, or otherwise compromised, or in case of any actual or suspected unauthorized use of your account, please immediately contact us by email at privacy@cryptopay.me.

7. Rights of users

You have a right to request from us:
• access to information and to receive a copy of it

You have a right to review information we keep about you enabling you to obtain confirmation of whether we are processing your personal data, and also to receive a copy of the personal data we hold about you and information regarding how your personal data is being used by us.

• update or correction of information

If you believe that the information we hold about you is incomplete or inaccurate you may request that we rectify or complete it. We may need to verify the accuracy of the new data you provide to us.

• restriction of processing and erasure of your personal data

In certain circumstances, for example if you contest the accuracy of the data, you have the right to request that we suspend the processing of your personal data. You may also request its deletion.

• object to the processing of your personal data

You have the right to raise an objection about how we are handling your personal data. We will stop processing unless we have compelling grounds that override your rights.

• personal data in a structured, commonly used and machine-readable format, and to request its transfer to another controller

Please note that the above is subject to limitations by relevant data protection laws. You may exercise the aforementioned rights by sending a request to e-mail address provided in the Contacts section. In your request please provide us with your account login and we will respond you shortly for further discussion

Where the processing is based on consent, you have a right to withdraw such consent at any time. However, we might keep processing information if we have a legal basis for it.

We will not keep outdated or deleted information, unless we have to do so in accordance with legislative requirements.

You also have the right to lodge a complaint with a competent supervisory authority. If your complaint concerns the processing activities of our business customers (from whom you purchased goods, services, or related products), please refer to the methods specified in their privacy policies.

8. Changes to the Policy

Cryptopay has the discretion to update this Policy at any time. When we do, we revise the updated date at the top of the page. We may also may post a notification on the main page of our Site and notify you by other means (for example, via email). We encourage Users to frequently check the page for any changes to stay informed about how we are helping to protect the personal data we collect. You acknowledge and agree that it is your responsibility to review this Policy periodically and become aware of modifications.

9. What if I do not want to accept the Policy?

By using our Services, you acknowledge that we process information in the ways described by the Policy. If you do not agree to this Policy, please do not use our Services. Your continued use of the Services following the posting of changes to this Policy will be deemed as your acceptance of those changes.

If you already have registered an account on the Site, but you do not agree with the Policy, you shall terminate your account. You can ask our support team to terminate or cancel your account by sending an email to support@cryptopay.me.

10. Cryptopay companies

Companies responsible for collecting and processing your personal data as independent data controllers or as joint controllers are:

CPS Solutions OÜ, with registered office at Harju maakond, Tallinn, Haabersti linnaosa, Meistri tn 16, 13517 Estonia;

UAB CPS Payments, with registered office at Lvivo g. 21A, LT-09313 Vilnius, Lithuania; and

Magnetron Payments LTD, with registered office at 208 14993 101 A Ave Surrey BC V3R 0T1, Canada

together, these companies are referred to as “Cryptopay companies”.

Cryptopay companies carry out some activities as joint controllers, jointly determining the purposes and means of personal data processing. This arrangement is formalized through a Joint Controller Agreement which sets out the duties of these controllers in accordance with Art. 26 of the General Data Protection Regulation (GDPR) and the equivalent provisions of the applicable data protection laws.

Cryptopay companies process your personal data to achieve following purposes: collecting, accessing and assessing business customer (and their customers’) information and enabling full functionality of the Services. In order to fulfill these purposes, personal data such as personal identification information, payment information, employment information, are shared between these three companies.

As joint controllers, Cryptopay companies have agreed to address requests concerning data subject rights and/or other relevant data protection questions concerning the processing activities performed jointly in a centralised manner. For any such requests or questions, please refer to the contact information provided in section 11 of the Policy.

11. Contacts

Our Data Protection Officer is responsible for overseeing questions in relation to this Policy. If you have any questions about the Policy or our privacy practices, or if you or would like to exercise any of your rights, please reach out to privacy@cryptopay.me.

If you feel that your rights under the data protection laws are infringed, please let us know and we will investigate.

Business
Cryptopay BusinessCrypto Payment GatewayAccept CryptoAccount ManagementCorporate Crypto Cards
Personal
Cryptopay CardsWalletPricesTrading feesPersonal card fees
Developers
API documentationAPI ReferencePrebuilt Integrations and PluginsPayment widgetPayment buttonPayment providers
Legal
Complaints PolicyLaw EnforcementCookie PolicyClient Rights & ProtectionRegulatory & Risk DisclosuresConflicts of InterestB2B Privacy PolicyAML/KYC policyPersonal
Resources
FAQ / SupportBusiness Help CenterBusiness Account Verification
Company
About usCareers
Download App
App Store Logo
Google Play Logo
© 2025, Cryptopay Ltd. All rights reserved

CPS Solutions OÜ is a company registered in Estonia (registry code: 16063623) whose registered address is Harju maakond, Tallinn, Haabersti linnaosa, Meistri tn 16, 13517. CPS Solutions OÜ has been granted licence FVT000413 for providing a virtual currency services.

UAB CPS Payments is a company registered in Lithuania (registry code: 305736863) whose registered address is Lvivo g. 21A, LT-09313 Vilnius, Lithuania. UAB CPS Payments is registered under number 305736863 by the State Enterprise Centre of Registers of the Republic of Lithuania as a Virtual Currency Exchange Operator.

Magnetron Payments LTD is a company registered in Canada (incorporation number: BC1332026) whose registered address is 208 14993 101 A Ave Surrey BC V3R 0T1, Canada. Magnetron Payments LTD is registered as a Money Service Business.

In the EU, your Cryptopay Visa debit card is issued by DiPocket UAB, a Financial Institution authorized and regulated by the Bank of Lithuania. DiPocket UAB holds an E-Money Institution License (No. 75) issued on November 10, 2020. Customer funds are kept in segregated accounts with banks in the EEA and the Bank of Lithuania, separate from DiPocket’s own funds. Please note, these funds are not covered by the Lithuanian deposit insurance scheme. DiPocket UAB is a Principal Member of Visa Inc.

The information on this site is not directed at residents of the United States or any particular country or jurisdiction where such distribution or use would be contrary to local law or regulation. Please examine the terms and conditions of our service and consult an expert if necessary

Products and services described on this website or in the Cryptopay app are provided by different entities within the Cryptopay group. The specific entity providing a service to you is identified in the applicable service agreement. Availability of products and services is subject to applicable laws and regulations and may be limited to certain entities within the group.