Privacy Notice

Introduction

As part of our daily business operations, we collect personal information from our clients and prospective clients to provide them with our products and services and ensure that we can meet their needs when providing these products and services, as well as when providing them with any respective information.

Your privacy is of utmost importance to us, and our policy is to safeguard and respect the confidentiality of the information and the privacy of individuals. This Privacy Notice sets out how CoinMarkets API products and services provided by Payward Inc.; its affiliates and subsidiaries (collectively, “CoinMarkets”, “the Company”, “We”, “Us”, and the trading and direct sales services provided by CoinMarkets (collectively the “CoinMarkets”), collects, uses and manages the personal information we receive from you, or a third party, in connection with our provision of services to you or which we collect from your use of our services and/or our website. The Privacy Notice also informs you of your rights concerning processing your personal information.

Our privacy notice is reviewed regularly to ensure that any new obligations and technologies and any changes to our business operations and practices are considered and that it remains abreast of the changing regulatory environment. Our most recent privacy notice will govern any personal information we hold.

Please note that if you are an employee of the company, a contractor to the Company, or a third-party provider, your personal information will be used in connection with your employment contract or your contractual relationship, whichever applies.

This privacy notice applies to the processing activities performed by CoinMarkets to the personal information of its clients and its potential clients and website visitors.

We may amend this privacy notice at any time by posting the amended version on this site, including the effective date of the amended version. In addition, we will announce any material changes to this privacy notice on our website.

Definitions

As used herein, the following terms are defined as follows:

“Digital asset” is a digital representation of value (also referred to as “cryptocurrency,” “virtual currency,” “digital currency,” “crypto token,” “crypto asset,” or “digital commodity”), such as bitcoin, XRP or ether, which is based on the cryptographic protocol of a computer network that may be (i) centralised or decentralised, (ii) closed or open-source, and (iii) used as a medium of exchange and/or store of value.

“We,” and “Us” refers to CoinMarkets.

“Personal information” or “personal data” or “your data” refers to any information relating to you as an identified or identifiable natural person, including your name, an identification number, location data, or an online identifier or to one or more factors specific to the physical, economic, cultural or social identity of you as a natural person.

Your data controller

The company you are contracting with is your data controller and is responsible for the collection, use, disclosure, retention, and protection of your personal information per our global privacy standards, this privacy notice, and any applicable national laws. The company uses encryption to protect your information and store decryption keys in separate systems. We process and retain your personal information on our servers in multiple data centre locations, including the European Union, Japan, Australia, the United Kingdom, the United States of America, and elsewhere.

How do we protect personal information?

The company respects the privacy of any users who access its website. It is, therefore, committed to taking all reasonable steps to safeguard any existing or prospective clients, applicants, and website visitors.

The company keeps any personal data of its clients and its potential clients by the applicable privacy and data protection laws and regulations.

We have the necessary and appropriate technical and organisational measures and procedures to ensure that your information always remains secure. We regularly train and raise awareness for all our employees of the importance of maintaining, safeguarding, and respecting their personal information and privacy. We regard breaches of individuals’ privacy very seriously and will impose appropriate disciplinary measures, including dismissal from employment. We have also appointed a group data protection officer to ensure that our Company manages and processes your personal information in compliance with the applicable privacy and data protection laws and regulations and by this privacy notice.

The personal information you provide us with when applying to open an account, applying for a role within the company, or using our website is classified as registered information, which is protected in several ways. You can access your recorded information after logging in to your account by entering your username and the password that you have selected. You are responsible for ensuring that your password is only known to you and not disclosed to anyone else. The registered information is securely stored in a safe location, and only authorised personnel can access it via a username and password. All personal information is transferred to the company over a secure connection, and thus all reasonable measures are taken to prevent unauthorised parties from viewing such information. Personal information provided to the company that does not classify as registered information is also kept in a safe environment and accessible by authorised personnel only through username and password.

Information we may collect about you

To open an account with us, you must complete and submit a “create account” form by completing the required information. By completing this form, you are requested to disclose personal information to enable the company to assess your application and comply with the relevant laws (including their regulations)."

The information that we collected from you is as follows:

  • Full name, residential address, and contact details (e.g. email address, telephone number, fax, etc.);
  • Date of birth, place of birth, gender, citizenship;• Bank account information, credit card details, including details about your source of funds, assets and liabilities, and OFAC information;
  • Trading account balances, trading activity, your inquiries, and our responses;
  • Information on whether you hold a prominent public function (PEP);
  • Verification information, which includes information necessary to verify your identities such as a passport, driver’s license, or Government-issued identity card);

Information we collect about you automatically.

  • Browser information – Information that is automatically collected via analytics systems providers from your browser, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;
  • Log information – Information generated by your use of CoinMarkets that is automatically collected and stored in our server logs. This may include, but is not limited to, device-specific information, location information, system activity, and any internal and external information related to pages that you visit, including the full Uniform Resource Locators (URL) clickstream to, through, and from our website or app (including date and time; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page;

Information we receive about you from other sources.

We obtain information about you through your services, including through any of our websites, the account opening process, webinar sign-up forms, event subscribing, news and updates subscribing, and information provided during ongoing support service communications. We also receive information about you from third parties, such as your payment providers and through publicly available sources. For example:

  • The banks you use to transfer money to us will provide us with your basic personal information, such as your name and address, as well as your financial information, such as your bank account details;
  • your business partners may provide us with your name and address, as well as financial information;
  • advertising networks, analytics providers, and search information providers may provide us with anonymised or de-identified information about you, such as confirming how you found our website;
  • credit reference agencies do not provide us with any personal information about you but may be used to corroborate your provided information.

Lawful basis for processing your personal information

We will process your data on the following bases and for the following purposes:

Performance of a contractWe process personal data to provide our services and products and information regarding our products and services based on the contractual relationship with our clients (i.e. to perform our contractual obligations). In addition, the processing of personal data takes place to enable the completion of our client onboarding process.

Given the above, we must verify your identity to accept you as our client, and we will use your data to manage your trading account with us effectively. This may include third parties carrying out credit or identity checks on our behalf. In addition, using your personal information is necessary for us to know who you are, as we have a legal obligation to comply with “Know Your Customer” and customer due diligence regulatory obligations.

Compliance with a legal obligationThere are several legal obligations imposed by relevant laws to which we are subject, as well as specific statutory requirements, e.g. anti-money laundering laws, financial services laws, corporation laws, privacy laws, and tax laws. There are also various supervisory authorities whose laws and regulations apply to us. Such obligations and requirements imposed on us necessary personal data processing activities for identity verification, payment processing, compliance with court orders, tax laws or other reporting obligations, and anti-money laundering controls.

These obligations apply at various times, including client onboarding, payments, and systemic checks for risk management.

To safeguard legitimate interestsWe process personal data to safeguard the legitimate interests pursued by a third party or by us. A legitimate interest is when we have a business or commercial reason to use your information. Examples of such processing activities include the following:

  • initiating legal claims and preparing our defence in litigation procedures;
  • means and processes we undertake to provide for the company’s IT and system security, preventing potential crime, asset security, and access controls;
  • measures for managing the business and for further developing products and services;
  • risk management.

To provide you with products and services, or information about our products and services, and to review your ongoing needs.Once you successfully open an account with us or subscribe to information, we must use your personal information to perform our services and comply with our obligations to you. It is also in our legitimate interests to ensure that we provide the best products and services so we may periodically review your needs based on our assessment of your personal information to ensure that you benefit from the best possible products and services from us.

To help us improve our products and services, including support services, and develop and market new products and services. We may use your personal information through your use of the services and/or client surveys to help us improve our products and services. It is in our legitimate interests to use your personal information in this way to ensure the highest standards when providing you with our products and services and to continue to be a market leader within the Cryptocurrency financial service industry.

To investigate or settle inquiries or disputesWe may need to use personal information collected from you to investigate issues or settle disputes with you because it is in our legitimate interest to ensure that problems and disputes get investigated and resolved promptly and efficiently.

To comply with applicable laws, subpoenas, court orders, other judicial processes, or the requirements of any relevant regulatory authoritiesWe may need to use your personal information to comply with applicable laws and regulations, subpoenas, court orders or other judicial processes, or requirements of any relevant regulatory authority. We do this not only to comply with our legal obligations but because it may also be in our legitimate interest to do so.

To send you surveys
Occasionally, we send you surveys as part of our client feedback process. It is our legitimate interest to ask for such feedback to ensure we provide our products and services at the highest standard. However, we may also ask you to participate in other surveys. If you agree to participate in such surveys, we rely on your consent to use the personal information we collect as part of such surveys. All responses to any survey we send out, whether for client feedback or otherwise, will be aggregated and depersonalised before the results are published and shared.

Data analysis

Our website pages and emails may contain web beacons, pixel tags, or similar types of data analysis tools that allow us to track the receipt of correspondence and count the number of users that have visited our webpage or opened our correspondence. In addition, we may aggregate your personal information with the personal data of our other clients on an anonymous basis (with your identifiers removed) so that more rigorous statistical analysis of general patterns may lead us to provide better products and services.If your personal information is completely anonymised, we do not require a legal basis as the information will no longer constitute personal information. However, suppose your personal information is not in an anonymised form. In that case, it is in our legitimate interest to continually evaluate that personal information to ensure that the products and services we provide are relevant to the market.

Marketing purposesWe may use your personal information to send you marketing communications by email or other agreed forms (including social media campaigns) to ensure you are always up-to-date with our latest products and services. We will do so if we send you marketing communications based on your consent and registered marketing preferences.

Internal business purposes and record keepingWe may need to process your personal information for internal business, research, and record-keeping purposes. Such processing is in our legitimate interests and is required to comply with our legal obligations. This may include any communications we have with you about the products and services we provide and our relationship with you. We will also keep records to ensure you comply with your contractual obligations under the agreement (‘Terms of Service”) governing our relationship.

Legal notificationsThe law often requires us to advise you of specific product, service, or regulation changes. In addition, we need to inform you of changes to the terms of the features of our products or services. Therefore, we need to process your personal information to send you these legal notifications. You will continue to receive this information from us even if you choose not to receive direct marketing information from us.

Where we store your data
Our operations are supported by a network of computers, servers, and other infrastructure and information technology, including, but not limited to, third-party service providers. Our third-party service providers and business partners store and process your data in the European Union, Japan, the United Kingdom, the United States of America, and elsewhere.

Data retention

Safeguarding the privacy of your personal information is of utmost importance to us, whether you interact with us by phone, email, internet, or any other electronic medium. We will hold personal information for as long as we have a business relationship with you in secure computer storage facilities. We take the necessary measures to protect our personal information from misuse, loss, unauthorised access, modification, or modification disclosure.

When we consider that personal information is no longer necessary for the purpose for which it was collected, we will remove any details that will identify you or securely destroy the records. However, we may need to maintain records for a significant period (after you cease being our client). For example, we are subject to specific anti-money laundering laws, which require us to retain the following for 5 years after our business relationship with you has ended.

  • A copy of the records we used to comply with our client's due diligence obligations;
  • Supporting evidence and records of transactions with you and your relationship with us.

Also, the personal information we hold in the form of recorded data, by telephone, electronically or otherwise, will be stored in line with local regulatory requirements (i.e. 5 years after our business relationship with you has ended or longer if you have legitimate interests (such as handling a dispute with you)). If you have opted out of receiving marketing communications, we will hold your details on our suppression list so that we know you want to avoid receiving these communications.

We may keep your data for over 5 years if we cannot delete it for legal, regulatory, or technical reasons.

Cookies

When you use our products and services, we may use the standard practice of placing tiny data files called cookies, flash cookies, pixel tags, or other tracking tools (herein, “Cookies”) on your computer or other devices used when engaging with us. We use Cookies to (i) help us recognise you as a customer, collect information about your use of our products and services, to better customise our services and content for you, and to collect information about your computer or other access devices to ensure our compliance with our BSA and AML obligations.

Changes to this privacy notice

Our Privacy Notice is reviewed regularly to ensure that any new obligations and technologies, as well as any changes to our business operations and practices, are taken into consideration and that it remains abreast of the changing regulatory environment. Our most recent Privacy Notice will govern any personal information we hold.If we decide to change our Privacy Notice, we will post those changes to this Privacy Notice and other places we deem appropriate.

Our products and services are not available to children

Our products and services are not directed to persons under 18, from now on, “children” or “child”; we do not knowingly collect personal information from children. If we learn that we have inadvertently gathered personal information from a child, we will take legally permissible measures to remove that information from our records. The company will require the user to close their account and will not allow using our products and services. If you are a parent or guardian of a child, and you become aware that a child has provided us with personal information, please get in touch with us. You may request to exercise your applicable access, rectification, cancellation, and/or objection rights.

Contact information

Any questions, complaints, comments, and requests regarding this privacy notice are welcome to talk to our customer services team.