We are CryptoSystems OU and We are a company incorporated in the Estonia with registration number 14508009 and registered office at Harju maakond, Tallinn, Kesklinna linnoasa, Pärnu mnt, 158-88, 11317, Estonia. We are also registered with the Politsei- ja Piirivalveamet for provision a virtual currency wallet service (licence № FRK000193) and licence for provision services of exchanging a virtual currency against a fiat currency (licence № FVR000228).
We at CryptoSystems OU are dedicated to safeguarding and preserving Your personal data and privacy when visiting Our Websites, utilising Our services, products or communicating electronically with Us.
For the purposes of the data protection laws that apply to us, including the GDPR which is the European General Data Protection Regulation and Estonian Data Protection Law, We act as the Data Controller for the personal data that We collect and process to enable You to make use of Our Services.
«Cookie» means a small text file placed on Your computer or device by Our Websites or mobile applications when You visit certain parts of Websites and/or when You use certain features of Our mobile applications.
«GDPR» means the General Data Protection Regulation (EU) 2016/679, of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced or superseded and in force from time to time and as transposed into member-state legislation.
«Personal Data» means any information which relates to an identified or identifiable natural person. An identifiable person is one who can be identified directly or indirectly in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
«Services» mean all Our products: Website, Applications.
«You» («your») - You, as User or Guest, depending on your status at the Website.
«We» (“us” or “our”) refers to CryptoSystems OU.
Under the GDPR you, as a data subject, have certain rights over the personal data that We hold and process.
At CryptoSystems OU, We are committed to make it easy for You to exercise these rights in the most transparent manner possible. You can exercise any of Your rights in relation to the data that CryptoSystems OU holds about you, by contacting Our data protection officer through the email address provided at the end of this section or through Your personal user cabinet on Your mobile device via the personal data management and protection applications We support.
The following are the specific rights You have over Your personal data We hold and process, namely:
Pursuant to GDPR We are required to respond without undue delay to all Subject Access Requests in practice this means We have to respond within 1 month of receipt of the Subject Access Request.
Ordinarily Subject Access Requests are free of charge.
We may extend the time period for responding to a Subject Access Request by a further two months and may charge a reasonable fee if We deem the request to be manifestly unfounded or excessive, however, We are required to advise You of Our intention to do this within 1 month of Your subject access request.
Should You wish to make a Subject Access Request this can be done by contacting the Company using the contact details in Section 9.
If You wish to exercise any of the aforementioned rights, please contact Us. We request that in the first instance You contact Our data protection officer at any time Our on email@example.com.
We promise to promptly consider Your request and to respond to You in accordance with the requirements of the Estonian Data Protection Act and GDPR.
ЖComplaints to the Estonian Data Protection Inspectorate should be made by using the appropriate forms provided in the Estonian Data Protection Inspectorate Website.
CryptoSystems OU is licensed with the Politsei-ja Piirivalveamet with licence numbers FRK000542 and FVR000633 and by law all licensed entities are obliged to establish an Anti-Money Laundering/Countering of Financing of Terrorism framework for the purpose of forestalling, preventing and detecting illegal activities such as money laundering and financing of terrorism (the AML/CFT framework).
Pursuant to the AML/CFT framework, CryptoSystems OU is legally obliged to:
i) obtain basic personal data about all users (information such as full name, residential address and date of birth) to enable it to identify all Users; and
ii) undertake ongoing monitoring of a User’s activity and transactions to determine the ongoing potential risk of l money laundering or financing of terrorism.
As part of the AML/CFT framework during Your lifecycle as a User You may also be requested to provide additional personal data to enable Us to verify Your identity (information such as Government issued ID card or passport, Driving Licence etc.).
CryptoSystems OU will also process Your personal data based on other legal bases such as:
i) the performance of Our contract with You (i.e. the provision of Our Services to you);
ii) our legitimate business interests (i.e. for fraud prevention, maintaining the security of Our network and services, seeking to improve the Services that We provide and Your interaction with us). Whenever We rely upon on this lawful basis We assess Our business interests to make sure that they do not override Your rights. Furthermore, in some cases You have the right to object to this processing;
iii) with Your consent .for direct marketing purposes so that We may keep You fully up to date with other products and services that We supply and think may be of interest to you. Where We rely upon consent, We will need Your explicit consent, which may be removed at any time.
A summary of the Personal Data that We process, when We collect it, how We use it and why We use it (i.e. the legal basis for processing) is listed below:
|Personal Data||When We collect||How We use||Why We use|
|login, password||In registration procedure||We use Your personal and contact information to register You as a User and identify You in Our Services. Login and password You can use to log in||Necessary for the performance of a contract with you|
|information about the permitted age||In registration procedure||We need to make sure that Your use of Our services is legal||Necessary to comply with a legal obligation|
|We use Your e-mail address to inform You about the latest updates of Our Services and other products You may like. If You have subscribed to Our newsletter, We may send You marketing communications and information that will create an excellent customer experience||Only with Your explicit consent|
|address of the cryptocurrency wallet||In transaction procedure||We use this to enable Us to undertake transactions||Necessary for the performance of a contract with you|
|name,surname, patronymic (if any), registration address, residential address||KYC||We use Your personal data as part of Our due diligence / KYC procedure on Our “Know Your Customer” KYC portals and to identify You in Our Services||Necessary to comply with a legal obligation|
|Passport ID||KYC||We need to make sure that Your use of Our services is legal. We have to check whether You are permitted user of Our services subject to applicable legislation||Necessary to comply with a legal obligation|
|Your location, include: IP address, time zone, from which You access Our app or Website, Country, copies of “proof of identity” and “proof of residence” documents, phone number, Your profession, email||KYC|
|video confirmation, photo with passport||KYC||Data may be requested additionally during the KYC procedure if the minimum data is insufficient or when You make a payment of 15 000 € or over or an equal amount in any other currencies, whether in one-time transfer or several related payments over a period of up to one year||Necessary to comply with a legal obligation|
|data on the use of Our services, links, transactions||When You use Our services||We use it to improve Your customer experience and provide bespoke services that satisfy Your needs and preferences||Necessary for Our legitimate interests|
|Information about Your transactions (crypto wallet, balance, Blockchain transaction details and user wallet data)||When You do the transaction||We use it for make transactions. All transactions are carried out using third-party services||Necessary for the performance of a contract with you|
|unique identifiers, browser type and settings, device type and settings, operating system, mobile network information. We also collect information about the interaction of Your browsers and devices with Our services, including OS, IP address, URL of Your request||When You use Our services||We use it to optimise Our service and to improve Our app, Website, services, direct marketing, User relationships, behaviour profiling and experiences||Necessary for Our legitimate interests|
|All personal data||When You use Our services||We will use all of Your personal data to carry out Our ongoing monitoring process for the purposes of identifying and dealing with potential money laundering, financing of terrorism and fraudulent activities. This is also necessary to assist in making Your transactions secure, enable Us to protect Your digital assets.||Necessary to comply with a legal obligation|
We use, store and process Your personal data on CryptoSystems OU servers which are located on the Netherlands.
CryptoSystems OU protect Your Personal Data under internationally acknowledged standards, using physical, technical, and administrative security measures to reduce the risks of loss, misuse, unauthorized access, disclosure, and alteration. Some of the safeguards CryptoSystems OU use are firewalls and data encryption, physical access controls to Our data centers, and information access authorization controls. CryptoSystems OU also authorize access to Personal Data only for those employees or contractors who require it to fulfill their job or service responsibilities. The CryptoSystems OU’s staff is trained on procedures for the management of personal information, including limitations on the release of information. Access to personal information is limited to those members of Our staff and contractors whose work requires such access. CryptoSystems OU conducts periodic reviews to ensure that proper information management policies and procedures are understood and followed. All of Our physical, electronic, and procedural safeguards are designed to comply with applicable laws and regulations.
When You provide Your personal data through Our Website, KYC portals, Our applications, this information is transmitted across the internet securely using industry standard encryption. Your personal data will be held encrypted on secure servers.
Where any third parties process Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data and We will also ensure that a GDPR compliant. Data Processing Agreement is in place between CryptoSystems OU and the third party so that both parties understand their responsibilities and liabilities pursuant to GDPR.
When You create Your account, choose a strong password that is unique to this account. Do not share Your password with other people. Using the same password across Your different accounts will increase the risk of Your data being compromised if Your password is accidentally or unlawfully accessed by unauthorized persons. If You suspect that someone else has got access to Your password, make sure that You change it immediately. When using Our wallets, ensure You keep Your passphrases and keys in a secure device isolated from devices You use regularly. Do not share the device containing Your passphrases and keys with friends, family members or even people You trust.
Your personal data will be retained for as long as necessary to satisfy the purposes We received it for, this includes regulatory and business purposes.
In determining the necessary personal data retention period, the following factors are considered:
You may find links to third party Websites on Our Website or chats of users contained on Our Website or mobile applications. These Websites should have their own privacy policies which You should check. We do not accept any responsibility or liability for their policies whatsoever as We have no control over them.
We will share information with companies, organizations or individuals outside of CryptoSystems OU when We have Your explicit consent.
We may share information in response to a request for information if We believe disclosure is in accordance with, or required by, any applicable law, regulation, legal process or governmental request, including, but not limited to, meeting national security or law enforcement requirements. To the extent the law allows it, We will attempt to provide You with prior notice before disclosing Your information in response to such a request.
We may share information if We believe that it's necessary to protect the vital interests of the data subject (i.e. to prevent imminent serious physical harm or death to a person.)
We may share information if We believe Your actions are inconsistent with Our user agreements, rules, or other CryptoSystems OU policies, or to protect the rights, property, and safety of ourselves and others.
We may share information between and among CryptoSystems OU and any of Our parents, affiliates, subsidiaries, and other companies under common control and ownership.
We may share information with vendors, consultants, and other service providers (but not with advertisers and ad partners) who need access to such information to carry out processing activities for us. The partner’s use of personal data will be subject to appropriate confidentiality and security measures.
Where any third parties process Your personal data on Our behalf, We require that they have appropriate technical and organizational measures in place to protect this personal data and We will also ensure that a GDPR compliant .Data Processing Agreement is in place between CryptoSystems OU and the third party so that both parties understand their responsibilities and liabilities pursuant to GDPR.
GDPR applies to controllers and processors located in the European Economic Area (“the EEA) and countries that the EU has deemed to provide adequate protection to data subjects from a data protection perspective. Estonia is a country in EU and it has been recognised by the EU as being an “adequate” country from a data protection perspective.
Data Subjects risk losing the protection of GDPR if personal data is transferred outside of i) the EEA or ii) countries holding adequacy status and accordingly GDPR restricts such transfers, unless the rights of data subjects in respect of their personal data is protected by appropriate safeguards or one of a limited number of exceptions applies (such exceptions include Your explicit and informed consent).
CryptoSystems OU will not make any international transfers of Your personal data to countries outside the EEA (or a country holding adequacy status) unless it has i) Your explicit and informed consent or ii) it has put in place the appropriate safeguards or iii) the international transfer is covered by an exception.
We may share aggregated or pseudonymous information (including demographic information) with partners, such as publishers, advertisers, measurement analytics, apps, or other companies. For example, We may tell an advertiser how its ads performed or report how many people installed an app after seeing a promotion. We do not share information that personally identifies You (personally identifiable information is information like name or email address) with these partners, such as publishers, advertisers, measurement analytics, apps, or other companies.
Other information, that does not personally identify You as an individual is collected by CryptoSystems OU (such as, by way of example, patterns of use) and is exclusively owned by CryptoSystems OU. We can use this information in such manner that CryptoSystems OU, in its sole discretion, deems appropriate.
We may share specific aggregated, non-personal information with third parties, such as the number of users who have registered with us, the volume and pattern of traffic to and within the site, etc. That information will not identify you, the individual, in any way.
We shall not use Your email or other contact information for sending of commercial proposal, other marketing needs, without Your prior consent.
In the light of the above, when You send Us messages, We can keep them for administering of Your inquiries, for improving of Our services. We shall not transfer information from such messages to third parties.
To enhance the quality of Our services, provide You with relevant content as well as understanding how You use Our Website and applications, We use technologies, such as Cookies. Cookies do not typically contain any information that personally identifies you, but personal information that We store about You may be linked to the information stored in and obtained from Cookies.
Marketing - cookies that are used to recognize You and remember Your preferences when You using our Website, so that We can provide you with a more personalised experience.
If You want to delete any cookies already stored on Your personal device or stop the cookies, You can do so by deleting Your existing cookies and/or altering Your browser's privacy settings. However, if, as mentioned above, due to Your personal device settings or browser settings, We are not able to use other technical solutions to store respective information, restriction/deletion of cookies may lead to your inability to access the content of Our Website.
Please do not hesitate to contact Us at
Name: Serhii Nazarkevych
Address: Ukraine, Khmelnytskyi region, Izyaslav city, Zhovtneva str., 106A, ap. 54
Where appropriate, We will notify You of the changes when You next visit Our Website.