Last updated: May 1, 2019
Personal information or personal data (“Data”) refers to any information that can be associated with a specific person (“You” or “User”). In order to provide our services, we need to collect certain Data from You and prospective users.
The privacy and protection of your Data are of utmost importance to us. Our main principle is to safeguard and respect the confidentiality of your Data.
Cryptology is the brand name of a group of companies, Cypher OÜ, Cypher Technologies (CY) Limited, and its affiliates (together, hereinafter referred to as “Cryptology”, “We”, or “Us”), that operates the Cryptology exchange through its websites and mobile applications.
Data that we collect
User Onboarding: to open an account with Cryptology, we will collect your email address and store a password that you create for the account. We may request other information such as country, age, company name (in the case of Institutional Clients).
Account Funding and Withdrawals: depending on various factors, such as your location, nationality, transaction limits, etc., we reserve the right to request, at any time, for additional information such as photo ID, proof of residence, account information, and others. We will only request additional information from email@example.com or firstname.lastname@example.org.
Purpose of the collection and processing
All the Data that we collect and process have a legal basis. Firstly, there is a contractual relationship between You and Cryptology, and, therefore, we must validate and confirm your identity. Secondly, we must complete Know Your Customer (KYC) procedures in order to accept You as a client. Thirdly, it is imperative to comply with Anti-Money Laundering (AML) laws. Finally, it is important to detect, deter and mitigate fraudulent actions of malicious actors.
For the performance of a thorough KYC and AML check, we may involve a third party. This third party will always hold the highest standards of data protection and will hold a Data Protection Registration. Further, the third party will always have a written contract with Us and provide sufficient security safeguards to protect and process personal data.
Transfers outside of the European Economic Area (relevant for EU citizens)
We may transfer your personal information outside the European Economic Area (EEA) to other affiliate or company part of our group of companies as well as third parties as referred above. We will, at all times, ensure that the transfer is lawful and that the recipients of Data comply with European data protection laws or that their respective country’s law is comparable and provide appropriate or higher safeguards in relation to the transfer of your Data.
Your Data may be processed by staff or third parties operating outside the EEA. Such staff or third parties may be engaged in the fulfillment of your requests, processing of your orders and payment details or the provision of support services.
Retention of your Data
Subject to certain AML laws, we may retain only necessary Data for a period of 5 years after our business relationship has ceased.
You have the right to access your Data and request rectification of any information you consider is not correct or outdated. You can request any rectification or update at email@example.com, firstname.lastname@example.org, or, email@example.com.
You have the right to request us to delete or remove your Data, we will only delete or remove Data that is not considered under AML laws.
You may at any time lodge a complaint with a supervisory authority regarding our collection and processing of your Data.