PRIVACY POLICY
Last Update: 2024-04-05- Introduction
This Privacy Policy ('Policy') of Cryptopayments, informs and explains to the User how Cryptopayments processes any information that directly, indirectly, or in connection with other information - including a personal identification number - allows for the User's identification or identifiability ('Personal Data') Cryptopayments receives when the User is using the Website and/or the Services.
This Policy sets forth the basic rules and principles by which Cryptopayments processes the User's Personal Data and mentions Our responsibilities while processing the User's Personal Data according to transparency obligations. While using the Services the User agrees to the User's Personal Data processing in accordance with the Policy and affirms that. In case when the User does not agree with the Policy partially or fully, the User must stop using the Services. All data collected before the above-mentioned refusal will be processed in accordance with the Policy until the User's direct prohibition is received.
The Services are not directed to people under the age of eighteen (18). If the User becomes aware that the User's child has provided Cryptopayments with Personal Data without the User's consent, please contact Cryptopayments at the email address listed below. If Cryptopayments becomes aware that a child under eighteen (18) has provided Cryptopayments with Personal Data, Cryptopayments will take steps to remove such information and/or terminate the child's Account.
Cryptopayments is the Data Controller within the meaning of the General Data Protection Regulation (GDPR) and determines the purposes and means of processing the User's Personal Data.
- Definitions
'Data controller' means a company which determines purposes and means of Personal Data Processing.
'Data processor' means a company which Processes Personal Data on behalf and upon instructions of the Data controller.
'Personal Data' means any information relating to an identified or identifiable natural person; an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
'Processing' means any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether by automated means or not, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
Personal data and its processing methods
While providing the Services Cryptopayments may collect the following:
Data used for performing customer due diligence measures,
•The User's data e.g. the User's photo, name, date and place of birth and address; •Identity document data, e.g. photo of the document, number and validity; •Financial data, e.g. ownership and source of funds and/or wealth; •Contact details, including, the User's email address or details of other means of communication the User chooses to provide Us; •Transaction data and the nature of using the service, e.g. transaction sums, counter-parties, bank account and card number(s) and account holders; •Other data e.g. media coverage, occupation and connection to other persons, and device information and location;
•Usage data includes details about how the User uses our Website.
•Technical Data includes internet protocol (IP) address, the User's login data, browser type and version, time zone setting and location, browser plug-in types and versions, operating system and platform, and other technology on the devices which the User (whether a client or otherwise) uses to access and browse the Website.
•Website visit data includes the full Uniform Resource Locators (URL), clickstream to, through and from the Website (including date and time), products the User viewed or searched for, page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), methods used to browse away from the page.
•Marketing and communications data includes the User's preferences in receiving marketing from Cryptopayments or our third parties and the User's communication preferences. This may include information on whether the User has subscribed or unsubscribed from any of Our mailing lists, accepted any of Our invitations, or attended any of Our events.
•Correspondence between the User and Cryptopayments.
•Cryptopayments collects Personal Data for the next targets and legal basis:
•To provide the Services and carry out Our obligations arising from any contract the User enters into with Cryptopayments;
•To perform transactions;
•To provide the User with information related to providing the Services;
•To grant the User access to the Services;
•To remember the User's settings, manage the User's requests, host, and back-end infrastructure;
•To provide newsletters/offers/updates/advertisements which may be interesting to the User;
•In order to improve the Website (testing features, interacting with feedback platforms, managing landing pages, heat mapping the Website, traffic optimization, and data analysis and research, including profiling and the use of machine learning and other techniques over the User's Personal Data and in some cases using third parties to do this);
•To provide customer support;
•To collect statistical or technical non-personalized data about the use of the Website and the Services;
•For Our justified interest, for the purpose of fulfilling a contract, including for establishing violations of the contract or legislation, as well as to confirm such violations;
•In order to comply with legal requirements (including, compliance with KYC and AML regulations);
•In order to protect the User's vital interests or the vital interests of another natural person.
If Personal Data processing is carried out in accordance with Our justified interests, the User has a right to submit objections to such processes.
- Disclosing the User's Personal Data
Cryptopayments only shares the User's Personal Data when Cryptopayments has a valid reason for it, namely, to provide our services and products to the User and when Cryptopayments is legally permitted to do so.
Cryptopayments may disclose the User's Personal Data to:
Data processors (including banking partners, technology providers and customer support centre) - we use carefully selected service providers (data processors) that provide sufficient guarantees to implement appropriate technical and organizational security measures to protect the User's Personal Data. Cryptopayments has concluded applicable data processing agreements with the service providers and shall remain responsible for their actions regarding processing the User's Personal Data.
Third parties - in some circumstances, Cryptopayments also shares the User's Personal Data with third parties who act as independent data controllers regarding User's Personal Data. Cryptopayments only shares the User's Personal Data with third parties if stipulated herein, if required under the applicable law (e.g., auditors, national regulators or other authorities), when we need to protect the User's legal rights (e.g. disclosing Personal Data to attorneys or debt collection agencies) due to Our legitimate interest for the performance of an agreement, or with the User's consent.
Acquirer, successor, or assignee as part of any merger, acquisition, debt financing, sale of assets, or similar transaction, as well as in the event of an insolvency, bankruptcy, or receivership in which information is transferred to one or more third parties as one of our business assets. In such a case, Cryptopayments makes sure that the User's rights and conditions as a data subject shall not be decreased.
The User's representatives, advisers, and other third parties the User has contacted regarding the Service or which the User has authorized to interact with Cryptopayments on the User's behalf. Please note that Cryptopayments considers such authorization as the User's consent and therefore the User's request for such an activity must be presented to Cryptopayments in a written form.
Cryptopayments will not sell the User's Personal Data to any third party.
- Personal Data storage
Cryptopayments stores the User's Personal Data while it is necessary to process data, to protect Our interests or on the grounds provided by legal acts requirements. Following our record-keeping obligations, Cryptopayments will retain Personal Data for at least five years after they are closed by the User.
- Cookies
- Security and international transfers
Although generally the Personal Data is processed within the European Economic Area, certain activities may result in the transferring of Personal Data to Third Countries, meaning countries located outside the EU/EEA. Cryptopayments takes all necessary measures to protect the data against unauthorized access, modification, disclosure or destruction. Cryptopayments has implemented various technical and organizational measures to be compliant with applicable Personal Data, privacy, and data security legislation in the countries where Cryptopayments operates or where the applicable law applies to Cryptopayments.
Cryptopayments has put in place procedures to deal with any suspected Personal Data breach and will notify the User and any relevant regulator of a breach where Cryptopayments is required to do so by law.
Cryptopayments is not responsible for the Personal Data protection measures violations if such violations are caused by actions performed by the User or a third person.
- The User's rights and obligations
In accordance with relevant legal acts (primarily - GDPR), the User can exercise the following rights by contacting Us:
request access to the User's own Personal Data;
request changes in the User's own Personal Data;
request removal of the User's own Personal Data;
submit objections to the User's own Personal Data processing on any grounds.
Cryptopayments replies to the User's requests and requirements within 1 month and notifies about measures taken to perform provided requests and requirements.
If the requests or requirements of the User are obviously not justified or excessive, primarily due to their repetitive nature, Cryptopayments has the right to refuse to perform requests or requirements.
The User does not need to pay a fee to access information or other rights, but Cryptopayments may charge a reasonable fee if the User's request is clearly unfounded, repetitive, or excessive or refuse to comply with the User's request in these circumstances.
In case when Personal Data is processed with the User's consent, the User always has a right to revoke his consent. If the User revokes the User's consent for Personal Data processing all the data processing performed before revoke considers being legitimate and lawful.
Where Cryptopayments needs to collect Personal Data by law, or under the terms of a contract Cryptopayments has with the User and the User fails to provide that data when requested, Cryptopayments may not be able to perform the contract Cryptopayments has or is trying to enter into with the User (including the Services). In this case, Cryptopayments may have to cancel the User's use of our Services, but Cryptopayments will notify the User if this is the case at the time.
The User must notify Cryptopayments about changes in the User's contact details to keep them up to date.
In case of the User's rights violation, the User has a right to ask State Data Protection Inspectorate or court to protect the User's rights.
- Legal Limitations
Notwithstanding anything to the contrary in the Policy, Cryptopayments may preserve or disclose the User's information if Cryptopayments believes that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; to protect the safety of any person; to address fraud, security or technical issues; or to protect Our or the Users' rights or property.
The User acknowledges that Cryptopayments is not liable for any illegal or abusive use of the User's information. The User acknowledges that in a case where the User shares the User's information from the Software or the Website in social or other networks, or in other third-party sites and/or platforms, the User's information is subject to the privacy policies of such third-party resources.
Cryptopayments may share the User's Personal Data with law enforcement, data protection authorities, government officials, and other authorities only when Cryptopayments is legally bound to do so or has to protect the safety of its users and the Website.
- Third-party links
The Website may include links to third-party websites, plug-ins and applications. Clicking on those links or enabling those connections may allow third parties to collect or share data about the User. Cryptopayments does not control these third-party websites and is not responsible for their privacy notice or policies. Cryptopayments strongly encourages the User to read the privacy notice of every website he visits, particularly when leaving the Website.
- Policy changing
The Policy can be changed to comply with changes in law, Personal Data processing or under instructions of supervisory authorities. Cryptopayments will make available the updated Policy on the Website.
- Contact details and questions
Any questions about this Policy, the processing of Personal Data or data subject's requests please contact Cryptopayments via the Ticket system available on the Website or via email at support@cryptopayments.com