Last updated: July 6, 2022
Privacy Policy
1. Introduction
1.1. Privacy is significant in our Company. We recognize the essentiality of protecting the privacy of the information of our visitors who access the Site (as defined below) to make use of the Services, or any other related services owned or operated by the Company. We appreciate your trust that we will do so carefully and sensibly. We encourage you to read this Privacy Policy carefully as it forms an integral part of the Terms of Use, and by accessing the Site or using the Services, you accept and agree to all of the terms of this Privacy Policy. However, if you disagree, you are obliged to immediately leave the Site and not make use of the Services.
1.2. This Privacy Policy has been prepared to describe our practices with respect to the collection, use and disclosure of your Personal Data (defined below), and you will learn, among other things, from this Privacy Policy, about the types of Personal Data we collect, how it is used and about data related to the use of cookies and similar technologies, the retention of the Personal Data, the security measures to protect the Personal Data, the basis and reasons why we may disclose the Personal Data to third parties.
2. Acceptance of this Privacy Policy.
2.1. By using our Services, you consent and agree to the practices described in full in this Privacy Policy. The Company will be referred to as the data controller, and you may be asked to provide further Personal Information during your use of the Services and the Site, and the Company has the right to share your Personal Data with its entities (if any) in accordance with this Policy. If you do not agree with any aspect of this Privacy Policy, you must immediately exit the Site or cease using the Services.
3. Certain definitions.
3.1. For the purposes of and under this Privacy Policy, the following terms shall have the following meanings:
3.1.1. "Company", "we", "our", "us" refers to Kryptobox OÜ, a limited liability company incorporated under the laws of Estonia, with its registered address at Roosikrantsi 2-1024, Tallinn 10119, Estonia.
3.1.2. "Personal Data" means data or information relating to an identified or identifiable natural person and as defined by Estonian law.
3.1.3. "Website(s)" means the Company's website or any other related website, pages, content, products, features, APIs, and mobile applications owned or operated by the Company.
3.1.4. "Services" means any use of, access to, or engagement with any of the Sites.
3.1.5. "Account" or "Wallet" means the fully verified personal wallet in which users are allowed to store, withdraw, send and transfer any supported digital currency assets.
3.1.6. "GDPR" means the General Data Protection Regulation (EU) 2016/679, which is a regulation of EU data protection and privacy law in the European Union (EU) and the European Economic Area (EEA).
4. Personal Data We Collect
4.1. We have set out below the categories of Personal Data that we collect and use about you, including the ways in which we collect it:
4.1.1. Information provided by you. This is Personal Data that you provide to us that enables you to register on the Site and use our Services, and that is required by applicable laws to create and verify your Account, which may include your full name, email address, phone number, date of birth, address, nationality, photo, utility bill, and country. In addition, as required by laws and regulations, and in order to assist with your identification, we may require a government-issued ID, such as a driver's license, passport, ID card, debit/card information, bank account or residence card information, legal entity details, including, without limitation, the official bylaws, certificate of incorporation, Board Resolutions, Protocols, Tax Returns, Office Address, Rental Agreement, Authorized Signatory Details, Beneficial Ownership Declaration Form, Feedback, Comments, Research, Transaction History, Transaction Details, Recipient Name, Tax Identification Number, and other information necessary to fully satisfy regulations, legal obligations, and any applicable law.
4.1.2. Information Collected by the Company. This is Personal Data that is collected about you when you access the Site and/or use the Services, including, without limitation, device type and identification number, browser type, version and language, date and time of requests, online identifiers including cookie data and IP addresses, URL Data, any interaction with our Site (pages clicked and accessed linked), geographic location not precise during use of the Services or the Site and operating system version of the devices.
4.1.3. Third-Party Sources. We may collect Personal Data about you from various third parties as required by applicable laws, including, without limitation: public databases, payment partners, authentication partners, technical service partners, advertisers, and other advertising partners. We will notify you when we receive information or Personal Data about you from these third parties and the purposes for which we intend to use that Personal Data.
5. Legal Basis and Purposes for the processing of your Personal Data.
We describe below the reasons why we process your Personal Data and the associated legal basis on which we rely and which lawfully allows us to process such Data, e.g. GDPR ("Article 6": lawfulness of processing), as well as, where you give us your express consent and to perform any agreements or contracts we have entered into with you, and for legitimate business interests to secure and protect our Services, therefore, we may use this Personal Data as follows:
5.1. Compliance with Legal Requirements, Regulations, and Law Enforcement Requests. Our Services are subject to strict regulations and various laws, such as anti-money laundering laws and privacy laws. It is essential and vital to collect and use Personal Data in compliance with applicable laws, for example, to identify and verify our users, with respect to payment processing operations, to carry out risk management appropriately and to be in line with 'KYC' 'AML' procedures as required by laws and regulations.
5.2. Obligations and Agreements. We need to collect Personal Data to enforce our agreements with third parties and to monitor, investigate and prevent any illegal acts associated with our users' Wallets and to be able to provide our Services in accordance with contractual terms under any contract.
5.3. Marketing, Promotion and Publicity Purposes. We may use your Personal Data to send you marketing communications so that we can provide you with promotional offers and notify you of the latest content and products.
5.4. Detect fraudulent payments or fraudulent use of the Services. We collect, process and store your Personal Data to help detect and prevent any fraud or prohibited activity, to protect your Account from loss of funds.
5.5. Exercise or defend legal claims. Your Personal Data may be used to effectively investigate, resolve and resolve any open, pending and unresolved questions, problems or disputes, and to protect our legal legitimate interests.
5.6. Research and Development. To evaluate and develop new features, content, technologies, and make improvements to the Services, to conduct research, data analysts, and surveys.
5.7. Provision of our Services, including Customer Support and General Settings. In order to provide the Company Services, we need to communicate with you about administrative matters, security issues, or to be able to respond to questions and comments, or collect fees, troubleshoot, news, updates, and notices in connection with your Account.
5.8. We will not use your Personal Data for purposes and reasons other than those mentioned above, without your explicit consent and permission.
6. Who we may share your Personal Data with
6.1. The Company may share your Personal Data in accordance with the purposes detailed above, and to the extent that it is required to do so in accordance with any applicable laws, rules or regulations, and in accordance with the Terms of Use, with or by your explicit consent or at your request, and on the basis of our legitimate business interests. Any shared third party will be aware of the confidential nature of such information. We may disclose your Personal Data in the following circumstances:
6.1.1. We will share your Personal Data with our financial institutions and payment processors as necessary to enable them to process your payments and for anti-fraud purposes.
6.1.2. Where we are required to share such data by arbitration, court decision, rule or order, subpoena or similar legal procedure, or to report suspected illegal activity, or to investigate violations of our Terms of Use, or to violate any of the other applicable policies, and for the purposes of preventing loss of funds and damages.
6.1.3. We will share your Personal Data in the event of a merger, acquisition, or sale or negotiation to sell our business to a buyer or potential buyer. In this situation, the Company will continue to ensure the confidentiality of your Personal Data and will notify its users before any Personal Data is transferred to that buyer or becomes subject to a different privacy policy.
6.1.4. We cooperate with service providers operating on our behalf, who may need access to certain Personal Data in order to provide their services to us or directly to you. These entities include those we hire to operate the technical infrastructure we need to provide the Services, help secure and secure our systems and servers, and help market this website and the Services, including partner products, services, events, and co-branded promotions in which we may be involved.
6.1.5. With our trusted advisors who provide legal, banking, compliance, accounting or other advisory services in order to complete third-party financial, technical, compliance and legal audits of our operations or otherwise comply with our legal obligations.
7. Cross-Border Transfers
7.1. The Company may share your Personal Data collected with our affiliates (if applicable) to carry out the activities specified above in this Privacy Policy. We may subcontract processing or share your Personal Data with third parties located in countries other than your country, so Personal Data may be subject to different privacy laws than those in your country.
7.2. Personal Data collected in the European Union, Switzerland and the United Kingdom may, for example, be transferred to and processed by third parties located in a country outside the European Union, Switzerland and the United Kingdom. In such cases, the Company will ensure that the transfer of Personal Data is carried out in accordance with applicable privacy laws and, in particular, will ensure that - appropriate contractual and technical measures are in place, such as the standard contractual clauses approved by the EU Commission.
8. Third-Party Websites
8.1. We may display advertisements from third-party service providers and other content linked to third-party websites. We cannot control or be responsible for the privacy practices and content of third parties. If you choose to click on an advertisement, link, or use of third-party services, you agree and understand that you are leaving our Services and Site, and any Personal Data you provide will not be covered by this Privacy Policy. Please read any relevant third parties' privacy policy to learn how they collect, process, and store your Personal Data.
8.2. If you set up an Account with the help of a third-party agency through its website, page, social media or mobile application, or otherwise. Any Personal Data you provide will be shared with the beneficial owner of that third party and such Personal Data will be solely subject to any applicable third-party privacy policy and any other agreements.
9. Retention of Personal Data.
9.1. We will keep your Personal Data only for as long as necessary to provide you with the Services and for legitimate and essential business purposes, such as maintaining the performance of the Services, making data-driven business decisions, complying with required legal and legal obligations, accounting, reporting obligation and dispute resolution.
9.2. At your request, we will delete or anonymise your Personal Data so that it no longer identifies you, unless we are legally authorised or required to keep certain Personal Data, including if there is an unresolved issue relating to your Account or an unresolved search, complaint or dispute, we will retain the necessary Personal Data until the issue is resolved, and where we need to retain your Personal Data for our legal, tax, auditing and accounting obligations, we will retain the Personal Data for as long as required by applicable law and, where necessary, for our legitimate business interests, such as fraud prevention or to maintain the security of our users.
9.3. Personal Data relating to retention periods is subject to the relevant jurisdiction, however, we may retain your Personal Data after Account closure to the extent required by the laws and regulations of any applicable jurisdiction.
10. How We Protect Your Personal Data
10.1. We have implemented appropriate technical measures to help protect the security of our users' Personal Data. However, please be aware that no system is completely and absolutely secure (we cannot guarantee the security or confidentiality of the data you transmit to us or receive from us over the Internet or wireless connection).
10.2. We have implemented various policies, including encryption, access, and retention policies to protect against unauthorized access and unnecessary retention of Personal Data in our systems. However, we cannot guarantee that the loss, unauthorized use or alteration of Personal Data will not occur. We encourage you to use a strong password that is unique to your Waller or Account, never share your password with anyone, limit access to your computer and browser, and log out after you have used the Site. If you believe that your Personal Data is insecure, that it has been compromised or that it has been used inappropriately, please contact us at governance@kryptobox.io
11. Cookies
11.1. We may make use of the standard practice of placing small data files called cookies, flash cookies, pixel tags or other tracking tools (hereinafter, "Cookies") on your computer or other devices used when interacting with us. We use Cookies to help recognize you as a user, to collect information about your use of the Site so that we can better personalize content or Services for you, and to collect information about your computer or device to ensure our compliance with our financial and legal obligations.
11.2. You can visit the Cookie Policy for more details.
12. Commercialization
12.1. To the extent and under applicable laws, we may send you offers in relation to our Services, for marketing purposes only. Based on our legal interests, and as permitted by applicable law, and by your express consent, we may use electronic means, such as email, to contact you, however, you may opt-out, or email us informing us to cease sending you any marketing content. We will ask for your explicit consent before sharing any Personal Data that belongs to you with third parties for marketing purposes.
13. Your rights
13.1. We believe in operating transparently to help any user read, understand, and make use of the rights of applicable data laws. As available and except where limited by applicable laws, the rights granted to individuals are: to be informed of and request access to the Personal Data we process about you; to request that we amend or update your Personal Data where it is inaccurate or incomplete; to request the deletion of some or all of your Personal Data; to request that we temporarily or permanently cease processing all or some of your Personal Data; in addition, the right to, at any time, object to the processing of your Personal Data on grounds relating to your particular situation; the right to object to the processing of your Personal Data for direct marketing purposes; the right to request a copy of your Personal Data in electronic form and the right to transmit such Personal Data for use in the third-party service; the right not to be subject to automated decision-making.
13.2. Your rights to such Personal Data are not absolute, as they are subject to our legitimate interests, laws and regulatory requirements, or other grounds that we deem necessary. If you have any concerns, questions or requests about your rights and how to exercise them, we hope you will contact us through governance@kryptobox.io . Notwithstanding the above, you have the right to lodge a complaint with the applicable authority under your jurisdiction, or your local data protection authority.
14. Children's Personal Data
14.1. We do not knowingly collect, hold or use any Personal Data from anyone under the age of 18 and no part of our Services is directed to individuals under the age of 18. If you become aware of any person under the age of 18 who has provided us with any Personal Data, please report it to the following email at governance@kryptobox.io so that we can immediately take the necessary steps to close the Account and delete such Personal Data.
15. Changes to this Privacy Policy
15.1. We may, from time to time, amend, alter or modify this Privacy Policy as required by laws or regulations, and we will notify you of any changes to this Privacy Policy by email or by other electronic means, and we will ensure to announce and update the revised version of this Privacy Policy on this Website.
16. Contact Details.
16.1. If you have any questions, concerns, comments or complaints in relation to this Privacy Policy, please email us at governance@kryptobox.io