This privacy statement went into effect on, or has been updated on December 21, 2021.
Coinmerce is a European cryptocurrency trading platform, aiming especially for ease of use and simplicity for its users to provide a safe user experience. Our office is located at Beechavenue 140, 1119 PR Schiphol-Rijk.
In order to make our services available, we have to process personal data in some cases. This processing shall adhere to the General Data Protection Regulation (GDPR). We find it of utmost importance to handle your privacy and the processing of your personal data with care. The purpose of this privacy statement is to set out which personal data we process, for what ends personal data is being used, and what we do to protect your privacy.
Identity and contact information
With regard to exercising your rights under the GDPR or other questions regarding the processing of personal data, please contact:
1119 PR Schiphol-Rijk
Which personal data do we process?
- Name (name and surname, and infix surname if applicable);
- Date and place of birth;
- Email address;
- Phone number;
- Financial data (IBAN, digital wallet addresses, and under circumstances source of funds);
- Identification details (copy ID, account, electronic data);
- Login details;
- Data that our website/app collects, such as metadata;
- Transaction details (amount and value of cryptocurrencies);
- Communication details (question you ask, information you provide).
The personal data you provide us with will be carefully handled and secured in accordance with the GDPR and related applicable regulations. For data processing, we also make use of third parties, so-called processors, with whom we have made agreements in a processing agreement about the security of your data. We do not process more personal data than necessary, access is limited to authorised persons using passwords, we do not store the data longer than necessary, and we ensure an appropriate and adequate level of security. We also safeguard the rights of those involved (i.e. you).
Purposes and principles
We process your personal data for the following purposes and on the basis of the following legal bases:
- Access to our website and app
- Performance of our contract
- Performance of the contract between you and Coinmerce
- Performance of our contract
- To comply with laws and regulations
- To contact you (at your request or when necessary)
- Consent, performance of our contract, legal obligation
- For the purpose of sending our newsletter
- Registration of name and ID document number of the customer at the time of purchase of a gift card
- Legitimate interest (AML/CFT)
Categories of recipients of (special categories of) personal data
Coinmerce may pass on your personal data to external parties if this is necessary for the performance of its services. Coinmerce may also pass on the data to suppliers, e.g. audit agencies, government institutions, subcontractors and to companies and/or persons it has engaged to perform certain tasks (including (sub)processors).
In addition, Coinmerce may provide your data to third parties if it is entitled or obliged to do so on the basis of the applicable laws and/or regulations, a court order or a legal judgement, or if it has obtained your permission to do so.
Location of processing
Your personal data will be processed by Coinmerce as far as possible within the European Economic Area (EEA). If transmission takes place outside the EEA, Coinmerce will take the necessary measures to ensure that appropriate guarantees are in place with regard to this transmission.
Coinmerce will not store your personal data any longer than necessary for the purposes for which it was collected and will comply with the applicable laws and regulations in this regard. The information you provide to us for the purpose of trading on our platform will be kept for a maximum of 1 year if no activity takes place in the account. If there has been activity in your account, Coinmerce is obligated to retain all information for 7 years (statutory retention period).
After the retention period has expired, your data will be deleted/erased within a period of three months. This period is necessary due to the processing time of this operation.
Coinmerce will make every effort to take appropriate organizational and technical measures to protect your personal data against unlawful processing and/or loss. Where Coinmerce makes use of (sub) processors, Coinmerce has entered into agreements with these (sub) processors in order to ensure that appropriate organizational and technical measures are taken.
Coinmerce employees and employees of (sub)processors who have access to your personal data are bound by a non-disclosure clause.
Data that we process from website visitors
What are your rights?
If you would like to access, receive a copy, correct, add, delete or object to the processing of your personal data, you can. You can contact us by writing an email in which you indicate whether you:
- request access to, or a copy of your personal data;
- request the rectification of inaccurate or incomplete personal data;
- to request the erasure (‘right to be forgotten‘) of personal data;
- request the restriction of the processing of personal data if they are processed incorrectly or incompletely;
- request that your personal data be transferred to you or another controller (data portability);
- have a different wish or question.
Please indicate as clearly as possible what data is involved and what you expect from us.
Enclose a copy of a valid identity document with your request. Cross out the BSN, for example use the ‘Kopie ID‘ app from the Dutch government (Rijksoverheid). Write on the copy the purpose and date.
Send your email to: [email protected]
Questions, comments or complaints
For questions, comments or complaints regarding this privacy statement or the way in which Coinmerce registers, uses and processes your data, please contact:
Attn. Data Protection Officer
1119 PR Schiphol-Rijk
Coinmerce will respond to your request, comment or complaint as quickly as possible but at the latest within one month. An extension of another 2 months, depending on the complexity and number of requests, comments or complaints, is possible. We will inform you of this within one month of receiving your request.
Right to lodge a complaint with a supervisory authority
Do you think that Coinmerce has violated your rights as stipulated in the GDPR and were you unable to reach a solution with us? If so, you can lodge a complaint about this with the Dutch Data Protection Authority (‘Autoriteit Persoonsgegevens‘). Please consult the website: www.autoriteitpersoonsgegevens.nl
Modification of privacy statement
Coinmerce may unilaterally amend this privacy statement at any time. The most up-to-date version of the statement can always be consulted on our website. The version date is always at the beginning of the declaration.