Privacy policy

Last updated: May 24, 2018

This Privacy Policy (“Policy”) governs processing by Cryptopay Limited (“Cryptopay”, “we”, “us”) of information, including personal data, relating to the data subjects (“you”, “User") of the cryptopay.me website ("Site"), Cryptopay mobile app (“App”) and other services provided by us, including but not limited to wallet and prepaid card services (collectively hereinafter “Service”). This privacy policy applies to the Site, App, all products and Services offered by us.

Cryptopay Ltd is a company registered in England and Wales registration number 08730592.

For the purpose of the Data Protection Act 1998, Cryptopay Ltd is registered with the ICO with number ZA029520.

Our Policy covers following questions:

  • Information we may process, legal basis and purposes of processing
  • How we use collected information
  • How we share collected information
  • How we store and secure collected information 
  • How we transfer collected information
  • Rights of users
  • Changes to this Privacy policy
  • What if I do not want to accept this Privacy policy?
  • Contacts

Information we may process, legal basis and purposes of processing

  1. Personal information

    We may process personal information of Users in a variety of ways, including, but not limited to, when users visit our Site, App, or use any of our Services; register on the Service; fill out a form; provide information for passing of anti-money laundering procedures. We also may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms for purposes of verifying your identity. We obtain such information with a purpose and a legal basis to comply with our legal obligations, such as anti-money laundering laws. From time to time, we may process additional data about client to make sure our Service is not used fraudulently or for other illicit activities. In such instances, processing is necessary for us to continue to perform our contract with you and others, as well as on the basis of our legitimate interest to prevent fraud, money laundering and other illicit activities.

    Categories of data involved in data processing include:

    • Personal Identification Information:  Name, e-mail, date of birth, nationality, gender, utility bills, photographs, phone number, mailing address, ID or other documents number and other details;
    • Payment Information: Bank information, card information, transaction history;
    • Employment Information: Employer details, job title;
    • Other data collected by cookies: see sections 2 and 3 of this Policy regarding cookies.

    We may process aforementioned information on the following basis:

    • where it is necessary to perform a contract with you for the provision of our Services or to enter into a contract with you for the provision of our Services;
    • where it is necessary for compliance with our legal obligation across jurisdictions in regard to provision of financial services, as stipulated by accounting, taxation and other laws and to prevent criminal activity, fraud and money laundering;
    • where it is necessary for the purposes of our legitimate interests to prevent fraud, money laundering or unauthorized use of your account, as well as to analyze your account activity in order to be able to provide you with an adequate and reliable service and to offer you the best possible options suitable for your needs;
    • where we have received your explicit consent as required by applicable law.

    and with the following purposes:

    • to identify you as a client and distinguish you from other users of our Service;
    • to be able to continuously provide you with functional, secure, efficient, and customized service;
    • to operate and develop our Service, to content and advertising, and for loss prevention and anti-fraud purposes;
    • to respond to you about any comment or enquiry you have submitted;
    • to comply with legal and regulatory requirements, including to carry out Know-Your-Customer (KYC) and other checks;
    • to provide you with customer and technical support;
    • to inform you about our and our partner’s offers, products and to perform other marketing activity where we have received your consent.

    Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Service related activities. Thus, in some cases, we will be unable to render services to you if you do not provide us personal identification information due to the requirements of anti-money laundering laws and other legal acts.

    We may ask you to supply additional documents or information where it is necessary for compliance with our legal obligations e.g. in the prevention of fraud, money laundering and counter-terrorism.

    We also may process personal information including your email address to send you service updates and notifications (regarding your account settings), newsletters, marketing messages and certain email notifications where we have obtained your explicit consent or are otherwise lawfully permitted to do so. You can change your preferences later and opt-out from such emails at any time just by following the link, which is placed in every mentioned above email from Cryptopay or through settings.

    We will ask User’s consent before processing of aforementioned information in other purposes. When collecting such consents, we inform the Data Subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

  2. Information collected automatically

    We may collect information about Users whenever they interact with our Service, for example, through the use of cookies. Such information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as IP-address, location, date and time of connection, the operating system and the Internet service providers utilised and other similar information.

    We may process aforementioned information on the following legal basis and purposes:

    • where it is necessary to ensure the technical availability of our Service and thus to perform a contract with you for the provision of our Services;
    • where it is necessary for the purposes of our legitimate interests to prevent fraud, money laundering or unauthorized use of your account, as well as to analyze your account activity in order to be able to distinguish you from other users and provide you with an adequate and reliable service and to offer you the best possible options suitable for your needs.

    We will ask User’s consent before processing of aforementioned information in other purposes. When collecting such consents, we inform the Data Subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

  3. Web browser cookies

    Our Site may use "cookies" to enhance User experience. User's web browser places cookies on their hard drive for record-keeping purposes and sometimes to track information about them. User may choose to set their web browser to refuse cookies, or to alert you when cookies are being sent. If they do so, note that some parts of the Site may not function properly. Learn more about the way our Site may use cookies in our Cookie Policy.

    We will ask User’s consent before processing of information in other purposes. When collecting such consents, we inform the Data Subject of the respective purposes of processing and such processing is conducted only when appropriate consent is received.

How long we retain information

We store collected information for as long as it is necessary to be able to provide products and services to you. If you do not use our services, we keep your information for 5 years after the end of our relationship with the customer due to the requirements of anti-money laundering laws and other legal acts - after 5 years your personal information will be deleted. However, the information may be, wholly or in part, retained for longer or shorter term if required by applicable law or if there is other justified reason to retain or delete them.

In some cases, we can keep your information longer than 5 years: such exceeding can be used only in a case of arising of legal requirements that will oblige us to store your information for more than 5 years. We also store information on your transactions for 5 years due to the requirements of anti-money laundering laws and other legal acts. Information associated with your account will be kept until your account is deleted, unless we no longer need the data to provide products and services.

Please note that retention periods may be changed from time to time based on business or legal and regulatory requirements

How we share collected information

We sometimes need to share personal information we process with third parties. Where necessary or required we may share information with authorities, other companies within the same group of companies as us for internal administrative purposes, companies which the group cooperates with and to other third parties, such as third party service providers used in connection with our Services (e.g. various analytical services and financial institutions that we have partnered with to jointly create and offer a product). The legal basis for this data processing is performance of contract between you and us, as well as our legitimate interest and our legal obligation.

We may share collected information with:

  • credit reference agencies;
  • KYC providers;
  • debt collection and tracing agencies and other companies in the same group;
  • suppliers and services providers (analytical, financial);
  • government bodies and other recipients in order to comply with applicable law;
  • courts and tribunals.

How we store and secure collected information 

We adopt appropriate data collection, storage and processing practices and security measures to protect from unauthorized access, alteration, disclosure or destruction of your personal information, username, password, transaction information and data stored on our Site. However, the transmission of such data over the Internet using personal computers or mobile devices is not completely safe and therefore we cannot guarantee the security of documents submitted to our platform. Any transmission of such documents is at your own risk. As soon as we receive your private information, we implement strict security measures and procedures to avoid unauthorized access from any third party.

How we transfer collected information internationally 

We intend to transfer the collected information we obtain from you to recipients in countries other than the country in which the information was originally collected. Those countries may not have the same data protection laws as the country in which you initially provided the information.

The collected information may be transferred to a destination outside the European Economic Area ("EEA"). All data transfers outside the EEA are made under agreements and include all necessary standard data protection clauses adopted by a supervisory authority copy of which may be obtained by request made to the privacy@cryptopay.me.

Despite data transfer, we save all our obligations and liability for any breaching of your personal data rights by action of our data-processors.

Rights of users

You have a right to request from us:

  • access to and rectification or erasure of your personal data;
  • restriction of processing concerning you or to object to processing;
  • and to receive, under certain preconditions, your personal data in a structured, commonly used and machine-readable format and to transmit those data to another controller.

Please note that the above is subject to limitations by relevant data protection laws. You may exercise the aforementioned rights by sending a request to e-mail address provided in the Contacts section at the end of this page. In your request please provide us with your account login and we will respond you shortly for further discussion

Where the processing is based on consent, you have a right to withdraw such consent at any time. This will not affect the lawfulness of processing based on consent before its withdrawal.

In case you consider that your rights under the data protection laws are infringed, you may lodge a complaint with the supervisory authority - UK’s Information Commissioner’s Office.

We will not keep outdated or deleted information, unless we have to do so in accordance with legislative requirements.

Changes to this privacy policy

Cryptopay Ltd has the discretion to update this privacy policy at any time. When we do, we revise the updated date at the top of the page. We may also may post a notification on the main page of our Site and notify you by other means. We encourage Users to frequently check the page for any changes to stay informed about how we are helping to protect the personal information we collect. You acknowledge and agree that it is your responsibility to review this privacy policy periodically and become aware of modifications.

What if I do not want to accept this Privacy policy?

By using this Site, you signify your acceptance of this policy. If you do not agree to this policy, please do not use our Site. Your continued use of the Site following the posting of changes to this policy will be deemed as your acceptance of those changes.

If you have already registered an account, you can find out how to terminate or cancel your account  here.

Contacts

If you have a concern about the way we handle your personal information, you have a right to lodge a complaint. For further information, please contact our Data Protection Officer privacy@cryptopay.me.

For more information on the process, please visit the website of the Information Commissioner’s Office at Raising Concerns.