Effective date: August 15, 2019
This Policy explains how we collect, use, disclose, and protect data subjects’ information as part of the Service in accordance with data protection laws. Any discussion of your use of the Service in this Policy is meant to include your visits and other interactions with the Website and Services, whether or not you are a user of the Cryptoyote’s mobile application(s).
Our Website may contain links to third-party websites. If you follow a link to any of those third-party websites, please note that they have their own privacy policies and that we do not accept any responsibility for their policies or processing of your personal data. Please check these policies before you submit any personal data to such third-party websites.
Information We May Collect
We may collect and process data about you from several sources.
1. Information that you provide to us
You will be asked to provide us with your information when you:
• fill in forms on our Website, or correspond with us by phone, email or otherwise;
• register to use our Services;
• use the Services;
• report a problem with our Website or Services; or
• complete any surveys we ask you to fill in that we use for research purposes.
If you provide us with data about other individuals, you must ensure to have obtained clear permission from such individuals before share the data with us. For the avoidance of any doubt, any reference in this Policy to your data shall include data about other individuals that you have provided us with.
The information you will be asked to provide to us for these purposes may include, but is not limited to, your name, address, email address, payment information such as credit card information, social media authentication data (where you authorize us to access this), public address of cryptocurrency wallets, mailing address and country of residence, proof of address, and scan of your personal ID.
If you communicate with us regarding career opportunities, you will be asked to provide us with details of your current employment, such as company name, job title, details about your educational history including school(s) attended, previous employer(s) and work experience information, and other relevant information from your CV (where you provide this to us).
2. Information we collect about you
With regard to each of your visits to our Website and use of our mobile applications, we may automatically collect the following information:
• device-specific information, such as your hardware model, operating system version, unique device identifiers, and mobile network information;
• technical information about your computer, including your IP address, operating system and browser type; or
• details of your visits to our website, including the full Uniform Resource Locators (URL) clickstream to, through and from our Website (including date and time), length of visits to certain pages, and page interaction information.
3. Information we receive from other sources
Third parties may provide us with certain information about you in order to enable your use of the Services. From time to time, we may obtain information about you from third-party sources, such as public databases, social media platforms, third-party data providers and our joint marketing partners.
4. Information we may collect about others
We may collect and process data about others that you provide us with, including (but not limited to) information that you provide by filling in forms on our Website or that you provide to us by email. This information might include information you provide to us on your CV, if relevant, such as employer details including your references’ name, email address, telephone number, and address, or may include emails you provide to us in order to share articles or jobs.
How We Use Your Information
Use of personal data must be justified under one of a number of legal grounds and we are required to set out the ground in respect of each use of your personal data in this Policy. These are the principal grounds that justify our use of your information about you and others:
• Consent — Where you have consented to our use of your personal data (you are providing explicit, informed, freely given consent, in relation to any such use and may withdraw your consent in the circumstance detailed below by notifying us);
• Contract performance — Where your information is necessary to enter into or perform our contract with you;
• Legal obligation — Where we need to use your information to comply with our legal obligations;
• Legitimate interests — Where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights; and
• Legal claims — Where your information if necessary for us to defend, prosecute or make a claim against you or a third party.
We may use the personal data we collect through the Services or other sources for a range of reasons, including:
• To communicate with you about your account and provide customer support — For example, if you use our mobile apps, we may ask you if you want to receive push notifications about activity in your account;
• To send you system alert messages — For example, we may inform you about temporary or permanent changes to our Services, such as planned outages, or send you account, security or compliance notifications, such as new features, version updates, releases, abuse warnings, and changes to this Policy;
• To provide, support and improve the Services — For example, this may include sharing your with third parties in order to provide and support our Services or to make certain features of the Services available to you;
• For our data analytics projects — For example, our data analytics projects may use data from Cryptoyote accounts, including personal data, to provide and improve the Services;
• To bill and collect money owed to us by you — For example, this may include sending you emails, invoices, receipts, notices of delinquency, and alerting you if we need a different credit card number. We may use third parties for secure credit card transaction processing, and those third parties collect billing information to process your orders and credit card payments;
• To meet legal requirements — For example: (i) to comply with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms; (ii) to provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements; (iii) to prosecute and defend a court, arbitration, or similar legal proceeding; or (iv) to respond to lawful requests by public authorities, including to meet national security or law enforcement requirements;
• Other purposes — To carry out other legitimate business purposes, as well as other lawful purposes about which we will notify you.
We will not sell your personal data (or any other data you provide us with) to third parties; however, we reserve the right to share any data which has been anonymized and/or aggregated. You acknowledge and accept that we own all right, title and interest in and to any derived data or aggregated and/or anonymized data collected or created by us based on your personal data.
Under the General Data Protection Regulation (EU) 2017/676, you have various rights in relation to your personal data. All of these rights can be exercised by contacting us at firstname.lastname@example.org. In certain circumstances, you have the following rights in relation to your personal data:
• Right to withdraw consent — When we rely on your consent for processing of your personal data, you have the right to withdraw your consent at any time. However, the withdrawal of your consent will not affect the lawfulness of Cryptoyote’s processing based on consent before your withdrawal;
• Right of access — You have the right to obtain from us information as to whether your personal data is being processed, and, where that is the case, access to such personal data;
• Right to rectification — We will use reasonable endeavors to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by sending us a request to rectify your personal data where you believe the personal data we have is inaccurate or incomplete;
• Right to erasure — Asking us to delete all of your personal data will result in Cryptoyote deleting your personal data without undue delay (unless there is a legitimate and legal reason why we are unable to delete certain of your personal data, in which case we will inform you of this). Asking us to stop processing your personal data or deleting your personal data will likely mean that you are no longer able to use our Services;
• Right to restriction of processing — You have the right to ask us to stop processing your personal data at any time;
• Right to data portability — You have the right to request that Cryptoyote provides you with a copy of all of your personal data and to transmit your personal data to another data controller in a structured, commonly used and machine-readable format, where it is technically feasible for us to do so and the processing is based on consent or contractual performance;
• Right to complain — Although we encourage our customers to engage with us in the event they have any concerns or complaints, you have the right to lodge a complaint to a supervisory authority;
• Right to object automated processing — You have the right not to be subject to a decision based solely on automated processing of your personal data, including profiling, which produces legal or similarly significant effects on you. There may be exceptions or limitations to this right as defined under relevant data protection laws.
We will not ordinarily charge you in respect of any requests we receive to exercise any of your rights detailed above, However, if you make excessive, repetitive or manifestly unfounded requests, we may charge you an administration fee in order to process such requests or refuse to act on such requests.
Where you request us to rectify or erase your personal data or restrict any processing of such data, we may notify third parties to whom such personal data has been disclosed of such request. However, such third party may have the right to retain and continue to process such personal data in its own right, for example to enable it to comply with its own legal obligations.
How We Share Information
1. Our service providers
2. Advertising partners
We may partner with third-party advertising networks and exchanges to display advertising on our Website or to manage and serve our advertising on other sites and may share personal data with them for this purpose.
3. Institutions that require KYC
We may be required to disclose your personal data to various institutions that are subject to KYC rules. For example, banks and exchanges may request us to provide personal information about you to complete their internal KYC procedures.
We may share your information with any competent law enforcement body, regulatory body, government agency, court or other third party if we believe disclosure is necessary: (a) as a matter of applicable law or regulation, (b) to exercise, establish, or defend our legal rights, or (c) to protect your vital interests or those of any other person.
5. A potential buyer or business partner
We may also share your personal data with a potential buyer or business partner of Cryptoyote in the case of a sale, merger, consolidation, liquidation, reorganization, acquisition, joint venture, or partnership. In that event, any acquirer will be subject to our obligations under this Policy, including your rights to access and choice. We will notify you of the change either by sending you an email or posting a notice on our Website.
6. Our current or future affiliates
List of subprocessors:
- Apmiltude (amplitude.com). Purpose: Product analytics. Country: USA;
- Google Forms (forms.google.com). Purpose: Surveying Tool. Country: USA;
- FreshChat & Freshdesk (freshworks.com). Purpose: Chat & Help Desk tool. Country: USA;
- Google analytics (analytics.google.com). Purpose: Product Analytics. Country: USA;
- Uploadcare (uploadcare.com). Purpose: Data Hosting. Country: USA;
- SendGrid (sendgrid.com). Purpose: Email Delivery Service. Country: USA;
- Yandex Metrics (metrika.yandex.ru). Purpose: Product Analytics. Country: Russia;
- Pooshwoosh (pushwoosh.com). Purpose: In-App Push Notifications. Country: USA;
- Digitalocean (digitalocean.com). Purpose: Cloud Server Infrastructure. Country: USA.
We and our partners may use various technologies to collect and store information when you use our Services, and this may include using cookies and similar tracking technologies, such as pixels and web beacons.
What cookies are
A cookie is a small software file stored temporarily on your computer’s hard drive. The main purpose of cookies is to allow a web server to identify a user’s computer and web browser and tailor web pages or login information to a user’s preferences. Cookies help us promptly display the information needed to use the capabilities of the Service and other information which we consider to be of interest to visitors to the Website and users of the Service. Cookies do not give us access to your computer.
Cookies and your personal data
Some cookies are associated with your account and personal data, while others are not. We generally treat information collected by cookies and other technologies as non-personal data. However, to the extent that IP addresses or similar identifiers are considered personal data by local law, we also treat these identifiers as personal data.
Types of cookies we use
- Authentication. These cookies help us show you the right information by personalizing the Services to your account;
- Security. These cookies help us detect suspicious or malicious activity on our Services and support other security features;
- Preferences and functionality. These cookies allow our Services to recognize you and your preferences. For example, they can auto-fill a form for you, provide you with customized content, remember your application settings, and more;
- Advertising. These cookies allow us to show you advertising about our Services. They also let our advertising partners know how well our ads are doing by measuring the ad’s success and the types of interactions people have with our ads;
- Research, performance, and analytics. These cookies help us understand how well our Services are doing by measuring your interactions with our Services. We use insights from these cookies to improve on current Services, and to research and develop new Services, features, or products.
Third-party cookies, advertising and analytics cookies
Cookies set by us are called “first-party cookies” while cookies set by others are called “third-party cookies”. We do not control how third-party cookies are used, so you should check the website of a third-party cookie provider for more information about how they are used. Both first-party and thirdparty cookies can serve many functions, including analytics, marketing, and advertising. We use third-party advertising and analytics tools to help us measure traffic and usage trends for the Service and to share offers with individuals who may be interested in our Services.
Retention of Data
We retain personal data where we have an ongoing legitimate business or legal need to do so. Our retention periods will vary depending on the type of data involved, but, generally, we'll take into account the following criteria to determine a retention period:
• Whether we have a legal or contractual need to retain the data;
• Whether the data is necessary to provide the Services;
• Whether our customers have the ability to access and delete the data within their Cryptoyote accounts;
• Whether our customers would reasonably expect that we would retain the data until they remove it or until their Cryptoyote accounts are closed or terminated.
When we have no ongoing legitimate business need to process your personal data, we will either delete or anonymize it or, if this is not possible (for example, because your personal data has been stored in backup archives), then we will securely store your personal data and isolate it from any further processing until deletion is possible.
Changes to this Policy
We may change this Policy at any time and from time to time. Any revisions to this Policy will be posted on the homepage of our Website. It is your obligation to periodically visit our Website to review any changes that may be made to this Policy. Your continued use of our Services constitutes your agreement to be bound by any such changes to this Policy. Our electronically or otherwise properly stored copies of this Policy are each deemed to be the true, complete, valid, authentic, and enforceable copy of the version of this Policy that was in effect on each respective date you visited the Website.
If you have any questions or comments, or if you have a concern about the way in which we have handled any privacy matter, you may contact us by email at email@example.com. Our data protection officer can be contacted at firstname.lastname@example.org.