Who Are We?

Coinsdrom.com is owned and operated by Clearcrest Inc. UAB (the company number 306094970), authorised to Provide virtual currency service, with a registered and operational address at Naugarduko St. 3-401, Vilnius, Lithuania.

Your Acknowledgment of this Policy

You are not legally required to provide us with any personal data. This means that if you provide us with data, you are doing so out of your own volition and consent; we cannot force you to provide any personal data, but we cannot provide you with the services without your data.

You have the right to withdraw from this consent at any time and, in such a case, request that we either cease processing your data or delete whatever personal data is no longer required to retain under law. Such removal of data may also prevent you from receiving updates and support.

Which Personal Data Do We Collect About You?

We collect these types of personal data:

Non-Personally Identifiable Data. The first type is non-personally identifiable data and statistical information. Non-personally recognizable data being gathered consists of technical and behavioural information that does not pertain to a specific individual (“Non-Personal Data”). This includes your device type, browser type and version, IP data, screen size, resolution, language, and other technical data. While it is not specifically personally identifiable, it may be reverse-engineered to be identifiable and therefore is considered personal data.

Personally Identifiable Data. The other type of data we collect is individually identifiable data. This data identifies an individual or is of a private and/or sensitive nature, such as your contact information and financial data, including:

  • Your contact details include your email address, phone number, full name, date of birth, gender, and residence.
  • Your financial data, including the identity of cryptocurrency, the account you transferred sums to or from, your bank details, and your transaction list.
  • Your documents and data are uploaded in our Know-Your-Customer process, including a photocopy of your ID, a video containing your image, proof of address and utility bills, and other data filled in our forms, such as your source of wealth and reference of funds.

How Do We Collect Personal Data?

Personal data is collected from your use of the services and from service providers who provide us with financial services, know-your-customer services, and intelligence services.

What Are The Purposes of the Collection and Processing of Data?

The purposes of collecting and processing the data are to provide you with the services, which means we use your data to provide you with the services and support you.

Moreover, we may use personal data to improve the services. This means that we use aggregated insights into how our users interact with our services to obtain insights that lead to improving future versions, bug reports, and feature requests. 

The basis for our use is both your consent under this privacy policy, and that processing is necessary for compliance with legal obligations to which we are subject, such as financial regulations and anti-money-laundering regulations; processing is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into a contract, such as to provide you with the services. Processing is necessary for our legitimate interests, such as providing you with our services and complying with industry standards.

We may create look-alike audiences and share our customer lists with advertising services that may provide us with such services, all under confidentiality obligations.

We may also use your email address to provide information about our services and promotional material.

When we say “our services,” we mean our cryptocurrency exchange service and website.

How Can We Contact You?

If you register for our service, we may contact you with periodic updates and promotional emails relating to the service and our products or services. 

You may opt out of these anytime, but not from transactional emails, such as payment updates, withdrawals, or cryptocurrency purchase orders.

Moreover, if you show interest in one of our products or services, we may contact you about such a product or service either by email, phone, text, or post.

Your Data Rights

Right of Access and Rectification

You have the right to know what personal data we collect about you and to ensure that such data is accurate and relevant for the purposes for which we collected it. You can receive a copy of your data and rectify such personal data if it is not accurate, complete, or updated. However, we may first ask you to provide us with specific credentials to permit us to identify you before rectifying, deleting, or reviewing.

Right to Delete Personal Data or Restrict Processing

Right to Withdraw Consent

You have the right to withdraw your consent to processing your data. Exercising this right will not affect the lawfulness of processing your data based on your consent before the withdrawal. In most cases, withdrawing your consent would likely cause us to delete your data rather than cease processing. 

You have the right to delete your data or restrict its processing by ourselves and third parties. We may postpone or deny your request if your data is currently used for the purposes for which it was collected or for other legitimate purposes, such as compliance with legal obligations.

Right of Data Portability

Where technically feasible, you can ask to transfer your data by your right to data portability. To apply for this, please get in touch with us at [email protected]

The Right to Lodge a Complaint

You also have the right to complain to a data protection supervisory authority regarding processing your data.

Your Brazilian LGPD Rights

Notwithstanding anything in this privacy policy, you may exercise your LGPD rights, including your rights for:

  1. Confirmation of the existence of the processing.
  2. Access to the data.
  3. Correction of incomplete, inaccurate, or out-of-date data.
  4. Anonymisation, blocking, or deletion of unnecessary or excessive data or data processed in noncompliance with the provisions of the LGPD.
  5. Portability of the data to another service or product provider employing an express request and subject to commercial and industrial secrecy under the regulation of the controlling agency.
  6. Deletion of personal data processed with your consent, except in the situations provided in Art. 16 of the LGPD.
  7. Information about public and private entities with which the controller has shared data.
  8. Information about the possibility of denying consent and the consequences of such denial.
  9. Revocation of consent as provided in §5 of Art. 8 of the LGPD.

We respond to “Do Not Track” signals.

If you do not wish your browser to allow us to use trackers, please use your browser’s “Do Not Track” option.

Exercising Your Rights

We acknowledge you have the right to access and change the Personal Data we collect and process. If you wish to access, correct, amend, or delete Personal Data, please email us at [email protected]. We will respond within a reasonable timeframe, but in any event, as permitted by applicable law. 

Additionally, please note that to ensure you have as much control over your Data and other information as possible, you may modify certain parts by contacting us.

Sharing Personal Data with Third Parties

We respect your privacy and will not disclose, share, rent, or sell your Data to any third party unless the sharing of your Personal Data is made upon your specific, explicit request or for our legitimate interests, which are compliant with regulatory requirements and performance of our obligations, as set out below. 

  1. We share data with third parties that assist us in providing the Service. They are given access to customers’ accounts and Service Data only as reasonably necessary to provide the Service and will be subject to confidentiality obligations in their service agreements;
  2. We share data with third-party service providers providing us with research and analytics, anti-spamming and anti-phishing services, marketing, and data enrichment.
  3. We share data with third-party payment processors who process your credit card and other payment information.
  4. We share data with third-party partners to assist us in KYC and provide any further support needed to use our Service.
  5. We may share data with auditors, lawyers, accountants, and other professional advisers who advise and assist us concerning the lawful and effective management of the Service and any disputes we may become involved in.
  6. We may share data with Law enforcement, other government and regulatory agencies and bodies, or other third parties as required by and following applicable laws and regulations.

This list is non-exhaustive, and there may be circumstances where we need to share Personal Data with other third parties.

Where necessary (such as when we transfer data to service providers), we put in place appropriate contractual arrangements and security mechanisms to protect the Personal Data shared and to comply with our data protection, confidentiality, and security standards and obligations.

We may also disclose data to comply with authorised data requests from governmental agencies or judicial warrants. Unless the law prohibits doing so, we shall notify you about such a request.

Location of Your Data

The personal data collected from you, as detailed in this Privacy Policy, may be transferred to and stored at servers located in countries outside your jurisdiction and nations according to our third-party provider’s standard contractual obligations. 

It may also be processed by suppliers, service providers, or partners’ staff outside your country.

We are committed to protecting your Personal Data. We will take appropriate steps to ensure that your Data is processed and stored securely and following applicable privacy laws, as detailed in this Privacy Policy. Such efforts include establishing data transfer agreements or ensuring our third-party service providers comply with data transfer protection measures.

We will ensure the confidentiality, integrity, and availability of your Personal Data by Transferring your data only to:

  1. Countries approved by the European Commission as having adequate data protection laws.
  2. Entities that execute standard contracts that have been approved by the European Commission and which provide an adequate level of high-quality protection for the recipients of your Personal Data.
  3. Transferring your Data to Privacy Shield Scheme-certified organisations, as approved by the European Commission.

By submitting your data through the service, you acknowledge and agree to transfer, store, and/or process personal data in a jurisdiction where such consent is required.

Cookies

We use both first-party and third-party cookies. A cookie is a small file placed on your computer to authenticate or verify your session with us. However, a cookie may have some identifying features. 

Minors / Children

The service is intended for users over eighteen (18).

Therefore, we do not intend or knowingly collect Personal Data from children under sixteen (16) and do not wish to do so. 

We reserve the right to request proof of age to verify that minors under sixteen (16) are not using the service. 

If we learn that we collected Personal Data from minors under sixteen (16), we will delete that data as quickly as possible. 

If you suspect that we collected Personal Data from minors under the age of sixteen (16), please notify us at [email protected], and we will delete that personal data as quickly as possible.

Security

We take appropriate measures to maintain the security and integrity of our service and prevent unauthorised access to it or use thereof through generally accepted industry standard technologies and internal procedures.

Please note, however, that there are inherent risks in the transmission of information over the Internet or other methods of electronic storage, and we cannot guarantee that unauthorised access or use will never occur.

We will comply with applicable law in case of any breach of your data’s security, confidentiality, or integrity. We will inform you of such a breach if required by applicable law.

To the extent that we implement the required security measures under applicable law, we shall not be responsible or liable for unauthorised access, hacking, or other security intrusions or failure to store or the theft, deletion, corruption, destruction, damage, or loss of any data or information included in the personal data.

Data Retention

We will retain the Personal Data for as long as we believe it is accurate and can be relied upon. Personal Data that is no longer required for the purpose for which it was initially collected will be deleted unless we have a valid justification to retain it that is permitted under applicable law, such as to resolve disputes or comply with our legal obligations.

Data Breach Notification

We comply with local authorities in data breach notifications. In any case, where a severe data breach occurs, we will also notify data subjects after such a breach and cooperate with the legal authorities to reduce the exposure of personal data.

Complaints and Arbitration

If you feel or believe that your data rights were harmed, you may contact our data protection officer at [email protected] and complain. Such complaints shall include how and why you think your data rights were damaged and the required evidence. Our data protection officer will respond to most complaints within 14 days and offer the necessary remedies.

We will resolve all complaints according to applicable regulations. We also agree to resolve all complaints and deal with disputes with the local data protection authorities.

This section does not limit your right to complain to your respective data protection authority.

Merger, Transfer of Ownership

In the future, we may merge, sell our operation or transfer the operation of the service to a third party. In such an event, the data would be used following the then-relevant privacy policy, where no change shall have a retroactive effect. 

Updates to the Privacy Policy

We reserve the right to amend this Privacy Policy at any time; we will provide you with updates on any change, and such updates shall not have a retroactive effect.