Privacy Policy

Creditcoin OÜ Privacy Policy

Last revised on: August 27, 2024


Thank you for choosing to be part of our community at Creditcoin OÜ. We are committed to protecting your personal information (also known as personally identifiable information or “PII”) and your right to privacy. If you have any questions or concerns about our Privacy Policy, or our practices with regards to your PII, please contact us at team@creditcoin.org.

This Privacy Policy explains what you can expect from Creditcoin in protecting your PII and what we need from you to ensure such efforts succeed.

This Privacy Policy applies to: (i) all information collected through our websites located at https://creditcoin.org/ (the “Website(s)”), (ii) your access to and use of our API or Apps, (iii) and/or any related services, marketing, or events (collectively, the “Services”); and to the extent applicable, (iv) your access to and use of the Credit Wallet in connection with any biometric data – please also see the Creditcoin Terms, including Section 2 on biometric data: https://docs.creditcoin.org/wallet/legal/terms. The Creditcoin Terms are incorporated by reference into these Privacy Policy, and all capitalized terms (unless defined in this document) are defined in the Creditcoin Terms.

Please read this Privacy Policy carefully as it is legally binding when you access or use our Services, and will help you make informed decisions about sharing your PII with us. If you do not agree with our Privacy Policy as contained herein, do not use our Services. By accessing or using our Services, you agree to be bound by this Privacy Policy. This Privacy Policy may change from time to time (see Changes to Our Privacy Policy). Your continued use of our Services after we make changes is deemed to be acceptance of those changes, so please check back periodically for updates.

1. WHAT INFORMATION DO WE COLLECT?

We collect your PII directly from you when you provide it to us when utilizing the Services, automatically as you navigate through the Websites and when you participate in activities on the Websites, Apps, or when you otherwise contact us.

The PII we collect may include (but is not limited to):

  • Email address

  • Public wallet address

  • Biometric data, such as your fingerprint(s), facial scan, or other physical or behavioral identifiers in connection with your use of the Services or Creditcoin’s Wallet.

  • Usage details, IP addresses, etc.

  • Blockchain-related information, blockchain identifiers, such as: blockchain addresses and public keys

  • Transaction information, transactions you make via our Services, including: names of recipients, amounts of transactions, time stamps.

  • Third-party wallet (“Third-Party Wallet”) information, such as: public wallet address, encrypted Wallet private keys (although private keys are not visible on to us), and token IDs that you own. (See Third-Party Wallet Extensions below).

  • Other PII that is deemed helpful in verifying whether you are eligible to register on our Services.

  • Other PII that is deemed helpful in ensuring our compliance with legal obligations under applicable anti-money laundering (AML) obligations, including but not limited to the U.S. Bank Secrecy Act (BSA) and/or the European Union’s Fourth AML Directive.

  • Other PII that is required by any court order, applicable law, administrative regulation or any order by a competent government agency.

2. HOW DO WE USE YOUR INFORMATION?

We only use your PII when we are permitted to do so under applicable legislation. We always ensure that we have a lawful basis for any use of PII. Most commonly, we will use your PII: (1) to perform pursuant to a contract , (2) pursuant to our own legitimate interests, (3) to comply with legal obligations, and (4) pursuant to customer consent.

We use the PII we collect or receive to:

  • Provide Services to you. We may use your PII to provide the Wallet Services and Browsing Services to you, such as your biometric data. We may use your PII in connection with, or during your use of our Services to facilitate interaction and/or collaboration with other users of our Services.

  • Send administrative information to you. We may use your PII to send you information about changes to our terms, conditions, and policies.

  • Send marketing communications to you. We may use your PII to send you marketing communications regarding our newsletters and other promotional materials. You may opt out of these communications at any time by emailing us at team@creditcoin.org.

  • Request Feedback. We may use your PII to request feedback and to contact you about your use of our Websites or Apps.

  • Protect our Websites and Apps. We may use your PII as part of our efforts to keep our Websites and Apps safe and secure (for example, for fraud monitoring and prevention).

  • Enforce our terms. We may use your PII to assist with enforcement of the Creditcoin Terms and this Privacy Policy and other agreements.

  • Respond to legal requests and prevent harm. If we receive a subpoena or other legal, regulatory or compliance request, we may need to inspect the information we hold to determine how to respond.

  • Verify your identity. We may use your PII to verify your identity, the nature and ownership of your business, source of funds, to facilitate the processing of funds, to evaluate the risk of doing business with you, or for other purposes related to the provision of the Services.

3. WHO WILL YOUR INFORMATION BE SHARED WITH?

Data Processors

We use carefully selected service providers (data processors) in processing your PII. We only use service providers that provide sufficient guarantees to implement appropriate technical and organizational security measures to protect your PII. Such data processors may include the following: email service providers, website analytics service providers, liquidity providers and data hosting service providers. Should you require more detailed information as regards the data processors we use, please contact us at team@creditcoin.org.

Third Parties.

In some circumstances, we share your PII with third parties who act as independent data controllers as regards to your PII. We only share and disclose your PII with the following third parties. We have categorized each party so that you may easily understand the purpose of our data collection and processing practices.

  • Business Partners. We may share or transfer your PII in connection with, or during your use of our Services for, facilitating interaction and/or collaboration with other users of our Services; including by not limited to third-party partners like Veriff for identity verification and certification services.

  • Purchasers of Our Business. We may share or transfer your PII to an acquirer, successor, or assignee/licensee in connection with, or during negotiations of, any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. The legal basis for this is our legitimate interest to exercise our right to business. In such case, we ensure that your rights and conditions as a data subject shall not be harmed or affected.

  • Law Enforcement. We may share your PII in order to comply with our legal, compliance, regulatory, insurance policy and record-keeping obligations as well as to respond to mandatory legal or governmental requests or demands for information, enforce our agreements, policies, procedures and terms of use, and protect ourselves, our Users, or the general public from illegal activities.

  • Parties Pursuant to Protecting Our Legal Rights We may also need to share your PII with third parties in relation to our need to protect our legal rights (which may include attorneys and debt collection agencies). This is done under our own legitimate interest to protect our legal rights and ensure the performance of this Privacy Policy and any other agreements related to our Services.

  • Parties Pursuant to Our Legal Obligations We may need to share your PII with third persons in order to fulfill our legal obligations. Such third persons may include auditors, national regulators or other authorities. The legal basis for such sharing is to maintain compliance with our legal obligations and statutory requirements.

4. HOW LONG DO WE KEEP YOUR INFORMATION?

To determine the appropriate retention period for PII, we consider the amount, nature and sensitivity of the PII, the potential risk of harm from unauthorized use of or disclosure of your PII, the purposes for which we process your PII and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting or other requirements. We will only keep your PII for as long as it is necessary for the purposes set out in this Privacy Policy, unless a longer retention period is required or permitted by law (such as tax, accounting, reporting, national and international AML or other legal requirements).

When we have no ongoing legitimate business need to process PII, we will either delete or anonymize it, or, if this is not possible (for example, because the PII has been stored in backup archives), then we will securely store the PII and isolate it from any further processing until deletion is possible. Your PII will only be accessed internally on a need-to-know basis, and it will only be accessed or processed if absolutely necessary. We will constantly monitor and delete data that is no longer required by any relevant law or jurisdiction in which we operate. If your PII is processed for several different purposes, the longest retention period shall apply.

5. HOW DO WE KEEP YOUR INFORMATION SAFE?

Security. Creditcoin strives to ensure that our systems are secure and that they meet industry standards. We seek to protect PII that is provided to Creditcoin by implementing physical and electronic safeguards, including measures designed to secure your PII from accidental loss and from unauthorized access, use, alteration, and disclosure. Creditcoin endeavors to engage third-party service providers that have security and confidentiality policies, if such third-party service providers have access to our PII. Despite our best efforts to protect the security of your PII, no security system is always effective and we cannot guarantee that our systems will be completely secure. Any transmission of PII is at your own risk. We are not responsible for circumvention of any privacy settings or security measures contained on the Websites.

6. DO WE COLLECT INFORMATION FROM MINORS?

Persons under the age of 18 are not allowed to use the Websites or Apps and we do not knowingly collect PII from persons under 18 years of age. By using the Websites or Apps, you represent that you are at least 18. If we learn that we have collected PII about a person under the age of 18 years of age, we will deactivate the account and take reasonable measures to promptly delete such data from our records. If you become aware of any PII we have collected from a person under age 18, please contact us at team@creditcoin.org.

7. USE OF COOKIES

Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your web browser (if you permit it) that enables the site to recognize your browser and capture and remember certain information. Creditcoin uses cookies in order to provide better service, to facilitate our Users’ use of our Websites, to track usage of the Websites, to collect data and to address certain security issues. When you access our Websites, we send the cookies to your computer or phone. Your computer or phone stores the cookie in a file located inside your web browser. The cookies help Creditcoin keep track of your visits to our Websites and your activity on our Websites and to understand how you interact with us.

We may link the information collected by cookies with other information we collect from you pursuant to this Privacy Policy and use the combined information as set forth herein. Similarly, the third parties who serve cookies on our Websites may link your name or email address to other information they collect, which may include past purchases made offline or online, or your online usage information.

You can generally activate or later deactivate the use of cookies through a functionality built into your web browser. Please note that removing or deactivating cookies can impact your user experience on our Services, including limiting the functionality of certain features. If you want to learn more about cookies, or how to control, disable or delete them, please visit this site for detailed guidance. In addition, certain third-party advertising networks, including Google, permit users to opt out of or customize preferences associated with your internet browsing. To learn more about this feature from Google, click here. Creditcoin also uses Google Analytics, which uses cookies and similar technologies to collect and analyze information about the use of the Websites and report on activities and trends. The following link explains how Google uses data when you use its partners’ websites and applications: https://www.google.com/policies/privacy/partners. Your use of Creditcoin’s website is evidence of your consent to Creditcoin storing and accessing cookies and other information on your computer or phone and Creditcoin’s use of Google Analytics in connection with such activities. Please read the information at the link provided so you understand what you are consenting to. Should you wish to opt-out of Google’s practices, you may do so by downloading the Google Analytics opt-out browser add-on, available at https://tools.google.com/dlpage/gaoptout.

8. CONTROLS FOR DO-NOT-TRACK FEATURES

Most web browsers and some mobile operating systems and mobile applications include a Do-Not-Track (“DNT”) feature or setting you can activate to signal your privacy preference not to have data about your online browsing activities monitored and collected. No uniform technology standard for recognizing and implementing DNT signals has been finalized. As such, we do not currently respond to DNT browser signals or any other mechanism that automatically communicates your choice not to be tracked online. If a standard for online tracking is adopted that we must follow in the future, we will inform you about that practice in a revised version of this Privacy Policy.

9. THIRD-PARTY WALLET INFORMATION AND EXTENSIONS

We collect Third-Party Wallet information in order to facilitate your use of the Services.

Certain transactions conducted via our Services, will require you to connect a Third-Party Wallet to the Services. By using such Third-Party Wallet to conduct such transactions via the Services, you agree that your interactions with such Third-Party Wallets are governed by the privacy policy for the applicable Third-Party Wallet. We expressly disclaim any and all liability for actions arising from your use of Third-Party Wallets, including but without limitation, to actions relating to the use and/or disclosure of PII by such Third-Party Wallets.

10. PRIVACY RIGHTS WITH RESPECT TO YOUR PII

Depending on the jurisdiction, you may have the right to access, correct, delete, or restrict the use of your PII covered by this Privacy Policy. Depending on the jurisdiction, you may also have the right to request that we refrain from processing your PII. Please bear in mind that if you choose to exercise such rights, this may affect our ability to provide Creditcoin services. For further inquiries about your PII, please contact us by sending an email to team@Creditcoin.org and Creditcoin will make reasonable efforts to accommodate your request. However, we also reserve the right to impose certain restrictions and requirements on such requests, if allowed or required by applicable laws. Please also note that it may take some time to process your requests, consistent with applicable law across jurisdictions.

11. PRIVACY RIGHTS UNDER THE EUROPEAN GENERAL DATA PROTECTION REGULATION (“GDPR”)

Residents of the European Economic Area (“EEA”) and Switzerland (“EEA Residents”) are entitled to make requests regarding the processing and storage of their PII. Specifically, if you are an EEA Resident, you may submit a request to us to take the following actions in relation to your PII that we hold:

  • Opt-out. You may request that we stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you service-related and other non-marketing communications.

  • Access. You may request we provide you with information about our processing of your PII and give you access to your PII.

  • Rectify. You may request we update or correct inaccuracies in your PII.

  • Erase. You may request we erase your PII.

  • Export. You may request we transfer a machine-readable copy of your PII to you or a third party of your choice.

  • Restrict. You may request we restrict the processing of your PII.

  • Object. You may object to our reliance on our legitimate interests as the basis of our processing of your PII that impacts your rights.

You may do this at any time by emailing team@Creditcoin.org. Note that we may refuse to grant your requests in whole or in part as permitted by applicable law.

You have the right to complain to a data protection authority about our collection and use of your PII. For more information, please contact your local data protection authority. To find contact details, click here.

Our legal basis for collecting and using the PII described above will depend on the PII concerned and the specific context in which we collect it. However, we will normally collect PII from you only (i) where we need the PII to perform a contract with you; (ii) where the processing is in our legitimate interests and not overridden by your rights; or (iii) where we have your consent to do so. We have a legitimate interest in operating our Services and communicating with you as necessary to provide these Services, for example when responding to your queries, improving our Services, undertaking marketing, or for the purposes of detecting or preventing illegal activities.

In some cases, we may also have a legal obligation to collect PII from you or may otherwise need the PII to protect your vital interests or those of another person. If we ask you to provide PII to comply with a legal requirement or to perform a contract with you, we will make this clear at the relevant time and advise you whether the provision of your PII is mandatory or not (as well as of the possible consequences if you do not provide your PII).

13. INTERNATIONAL TRANSFERS OF PII

Your PII will be stored and processed in the United States and will be governed by applicable United States laws and regulations, as well as the rules outlined in this Privacy Policy. If you use the Services from outside the United States, you acknowledge that we will transfer your PII to, and store your PII in, the United States, which may have different data protection rules than in your country. PII may become accessible as permitted by law in the United States, including to law enforcement and/or national security authorities in the United States. Additionally, your PII may be transferred to, processed, and stored by our service providers in other countries. For instance, we may engage ID verification services located outside the United States, which may use non-US servers to store and process your PII. By submitting your PII, you consent to its transfer to and storage in both the United States and other countries designated by us, its exclusive governance by the law and regulations of the United States and any applicable state laws, and its use in accordance with the purposes for which it was originally collected and as set forth in this Privacy Policy.

14. NOTICE TO CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS (AS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83)

CALIFORNIA RESIDENT WHO HAS PROVIDED PII TO A BUSINESS WITH WHOM HE/SHE HAS ESTABLISHED A BUSINESS RELATIONSHIP FOR PERSONAL, FAMILY, OR HOUSEHOLD PURPOSES (A “CALIFORNIA CUSTOMER”) MAY REQUEST INFORMATION ABOUT WHETHER THE BUSINESS HAS DISCLOSED PII TO ANY THIRD PARTIES FOR THE THIRD PARTIES’ DIRECT MARKETING PURPOSES. IN GENERAL, IF THE BUSINESS HAS MADE SUCH A DISCLOSURE OF PII, UPON RECEIPT OF A REQUEST BY A CALIFORNIA CUSTOMER, THE BUSINESS IS REQUIRED TO PROVIDE A LIST OF ALL THIRD PARTIES TO WHOM PII WAS DISCLOSED IN THE PRECEDING CALENDAR YEAR, AS WELL AS A LIST OF THE CATEGORIES OF PII THAT WERE DISCLOSED. CALIFORNIA CUSTOMERS MAY REQUEST FURTHER INFORMATION ABOUT OUR COMPLIANCE WITH THIS LAW BY E-MAILING TEAM@CREDITCOIN.ORG. PLEASE NOTE THAT WE ARE REQUIRED TO RESPOND TO ONE REQUEST PER CALIFORNIA CUSTOMER EACH YEAR AND WE ARE NOT REQUIRED TO RESPOND TO REQUESTS MADE BY MEANS OTHER THAN THROUGH THIS E-MAIL ADDRESS.

15. CHANGES TO OUR PRIVACY POLICY

Creditcoin reserves the right to make changes to this Privacy Policy from time to time, and you are responsible for periodically checking this policy for any changes. If we make material changes to our Privacy Policy, our revised Privacy Policy will be promptly posted at https://docs.creditcoin.org/wallet/legal/privacy-policy, and it will either be prominently noted on our Websites that material changes have been made or we will notify our Users by email. The date of the most recent update to our Privacy Policy will be set forth in the header to the Privacy Policy.

16. HOW CAN YOU CONTACT US ABOUT THIS PRIVACY POLICY?

If you have questions or concerns about our Privacy Policy practices, you may email us at team@Creditcoin.org.

Last updated