Last Update: March 16, 2020
CryptoProcessing commits to protect your privacy. We have implemented all necessary legal, technical and organisational measures to ensure confidentiality, integrity and availability of your Personal Information.
Under “Personal Information” or “Personal Data” we mean any data you can be identified with or which may help to identify you.
The General Data Protection Regulation 2016/679 as of April 27, 2016 (further, the “GDPR”) applies to processing of Personal Information by CryptoProcessing.
Our Contact Details
All references to “CryptoProcessing”, “us”, “we” or “our” apply to Dream Finance OÜ, a company incorporated under the laws of the Republic of Estonia with the registration number 14783543.
Dream Finance OÜ is an authorized virtual currency service provider (License No FVT000166) by the FIUE. Our registered office is at: Kai 4, Tallinn, 10111, Estonia
For all the issues related to data protection please contact us at: firstname.lastname@example.org
The types of Personal Information we may collect include:
- Contact details (email, telephone number or messenger ID)
- Details of your identity document
- Residence address
- Financial information
- Employment details
- Geolocation details
- History of your logs and activity on the Website
- IP address, browser and operating system information, device fingerprint.
Most information we collect is provided by you directly. We could also receive some information from publicly available sources (for example, on sanctions) or from our contractors. We make use of screening lists provided by data vendors, ID verification, anti-fraud and transaction monitoring services.
Please note that we will not be able to provide our services to you if you refuse to provide us information according to our KYC/AML requirements communicated to you once you decide to apply for any of our services that require verification of identity and ongoing monitoring of activity. Please keep in mind that in some cases we may require additional details and documents for KYC and AML/CTF purposes.
Please note that processing of your Personal Data may include automated decision-making including profiling. We may apply automated decision-making including profiling for onboarding, maintaining the account with us and fraud prevention purposes.
We process our clients’ data for the following purposes:
- to provide our services to you, as individual, or a corporate client you represent;
- to contact you or reply to your requests;
- to comply with our legal obligations (e.g. KYC/AML requirements);
- to provide assistance in case of criminal investigation and regulatory action;
- to protect your assets from unauthorized access;
- to prevent any fraud and scam activity;
- to provide you information on our products, news and updates;
- to resolve disputes and protect your interests or interests of other users.
Under the GDPR, the lawful bases we rely on for processing this information are:
- Your consent. You are able to withdraw your consent at any time by contacting us at email@example.com;
- We have a contractual obligation;
- We have a legal obligation to comply with AML/CTF requirements under the applicable laws and regulations, keep records for tax purposes;
- We have a legitimate interest in providing the necessary updates regarding our services, prevent any fraudulent activity proactively and retrospectively, and contacting employees of our clients and business partners.
We may share this information with:
- our affiliates, agents and representatives;
- our contractors providing software for identity verification and anti-fraud purposes;
- our contractors providing us information from publicly accessible sources (for instance on sanctions);
- our financial service providers through which we facilitate fiat currency transactions to/from our services;
- law enforcement or regulatory agencies if required or permitted by law.
We may transfer your Personal Information outside of the European Economic Area only in the following cases:
- if the country where we transfer your Personal Information to provides adequate level of personal data protection (based on the relevant decision of European Commission);
- if we take appropriate safeguards to ensure that your rights as a data subject are protected (e.g., conclude standard contractual clauses or ask for your consent for such transfer);
- if any derogations for specific situations apply (for instance, if is such transfer is necessary for the establishment, exercise or defence of legal claims or for important reason of public interest).
We will ensure that any information we need for any purpose shall not be kept for longer than it is necessary. We retain your personal data just to comply with our legal obligations, resolve disputes, and protect your and our legitimate interests.
We will keep your Personal Information for a maximum period of seven (7) years upon termination of legal relationships with us.
Under data protection law, you have rights including:
- Your right of access – You have the right to ask us for copies of your personal information.
- Your right to rectification – You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete.
- Your right to erasure – You have the right to ask us to erase your personal information.
- Your right to restriction of processing – You have the right to ask us to restrict the processing of your information.
- Your right to object to processing – You have the right to object to the processing of your personal data.
- Your right to data portability – You have the right to ask that we transfer the information you gave us to another organisation, or to you.
You are not required to pay any charge for exercising your rights. If you make a request, we have one month to respond to you. Please contact us at firstname.lastname@example.org if you wish to make a request.
Please note that in some cases we will not be able to fulfill your request due to our legal obligations or overriding legitimate interest. In such cases we will explain you the reasons why your request cannot be fulfilled and how you can complain.
CryptoProcessing has implemented security measures to comply with acknowledged international security standards. Our platform also uses SSL or TLS encryption for security reasons and for the protection of confidential content transmission when you send us requests.
Our Data Protection Officer
Our Data Protection Officer (DPO) is a person in charge of data protection compliance. You may contact DPO if you have any concerns with respect to our data protection practices at: email@example.com.
Our Data Protection Authority
Our Data Protection Supervisory Authority is Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon). You can complain to Data Protection Inspectorate if you are unhappy with our data protection practices
The address of Data Protection Inspectorate is:
CryptoProcessing may introduce amendments to the current Policy at any time. We shall notify you on our Website or via E-mail Newsletters.