Any information stored on CryptoUnity platform is treated as confidential. All information is stored securely and is accessed by authorized personnel only. CryptoUnity implements and maintains appropriate technical, security and organizational measures to protect Personal Data against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure.
This policy applies where we are acting as a data controller with respect to the personal data of our website visitors and service users; in other words, where we determine the purposes and means of the processing of that personal data.
Our website incorporates strict privacy controls which will have an impact on how we will process your personal data. By using the privacy controls, you can specify whether you would like to receive direct marketing communications and limit the publication of your information.
For the purposes of this Policy, CryptoUnity defines the term “User”, “Visitor”, “Client” or “You” as a natural or legal person, either a visitor of www.cryptounity.org website or as user with a trading account at CryptoUnity. The term “we”, “us”, “our” refers to CryptoUnity.
2. Collection and use of information
The following sections cover the specifics of each of the two groups from which data is collected: website Visitors and Users of our Services.
2.1 Website Visitors and collection of Visitors Data
If you are a Visitor to our website only, and not a User of our Services or the CryptoUnity platform otherwise, then this section is relevant for you.
If you do not agree with the terms of this policy set out herein, we ask you to not visit this website www.cryptounity.org.
In cases when required by the applicable law, we will ask for your explicit consent to process Personal Data, which shall be collected on this website or volunteered by you. Kindly note that any consent will be entirely voluntary. However, if you do not grant the requested consent to the processing of your Personal Data, the use of this website may not be possible or may be limited.
The source of the usage data is our analytics tracking system. This usage data may be processed for the purposes of analyzing the use of the website and services and improving users’ experience, performance and future development of the service.
The legal basis for this processing is our legitimate interest in monitoring and improving our website and services.
CryptoUnity may add information collected by way of page view activity. Furthermore, CryptoUnity may collect and process Personal Data that you voluntarily and with your consent give to CryptoUnity in our website’s forms, such as when you sign up for information and newsletters. You can unsubscribe from the newsletters by opening the CryptoUnity email, which you received, and clicking “unsubscribe” at the bottom of the page. You can also send us an email to firstname.lastname@example.org and ask us to unsubscribe you.
If you provide CryptoUnity with your social media details, CryptoUnity may retrieve publicly available information about you from your social media. CryptoUnity uses such information for a better user experience, and when applicable, enabling users to make a login to our website with the users’ Facebook profile.
Such Personal Data may comprise your IP address, first and last name, your postal and email address, your telephone number, your job title, data for social networks, your areas of interest, interest in CryptoUnity services as well as information as to the type of relationship that exists between CryptoUnity and yourself. The information is collected for the purpose of improved user experience.
CryptoUnity gathers data about visits to the website, including numbers of Visitors and visits, Geo-location data, length of time spent on the site, pages clicked on or where Visitors came from.
2.1.1 Purpose of processing personal data
CryptoUnity uses the collected data to communicate with Visitors, to customize content for Visitors, to show ads on other websites to Visitors, and to improve its website by analyzing how Visitors navigate its website. CryptoUnity will process all Data in order to monitor and improve website and Services.
2.1.2 Sharing and storing personal data
CryptoUnity may also share such information with service vendors or contractors in order to provide a requested service or transaction or in order to analyze the Visitor behavior on its website.
The data that we collect from you is stored within the territories of the European Union. Automatically collected data (Google Analytics) by third parties may be stored outside the EU.
Cookies are files (small pieces of data) sent by web servers to web browsers that are downloaded to users` hard disk, serving to improve their experience and are. Cookies cannot be used to run programs or deliver viruses to your computer.
2.1.4 Links to other websites
2.1.5. Geographical location of collection and storing Personal Data
The website CryptoUnity runs on servers in European data regions. A CryptoUnity “Data Region” is a set of data centers located within a defined geographical area where User data is stored. Personal Data is not transmitted to other Data Regions. For CryptoUnity website visitors, all Personal Data of visitors are located in CryptoUnity European Data Region, all Personal Data is processed in the EEA.
In order to provide services to its Users, CryptoUnity collects certain types of data from them. This section will describe how Users` data is collected and used by CryptoUnity. For the purpose of this chapter, users are everyone who uses CryptoUnity services as a natural or legal person for the purpose of investing, buying CUT tokens, trading, exchanging, storing, buying or selling cryptocurrencies, including CUT tokens.
Data entered or transferred into CryptoUnity by Users such as texts, questions, contacts, media files, etc., remain the property of the User and may not be shared with a third party by CryptoUnity without express consent from the User.
In case a user has an account, CryptoUnity will process your account data you provide when you open a CryptoUnity account, perform transactions on CryptoUnity platform, or use other CryptoUnity Services. This information may include, but not limited to:
- Contact information, such as name, home address, email address, date and place of birth, mobile phone number.
- Account information, such as username and password.
- Financial and source of funds/wealth information, such as bank account numbers, bank statements, proof/source of funds or wealth, and trading information.
- Identity verification information, such as image of your government issued ID, passport, national ID card or driving license, and under special conditions also a social security number (US residents)
- Residence verification information, such as utility bill details, phone bill or similar document.
The source of the account data is the user who opens an account. The account opening data will be used and processed for the purposes of performing a detailed Know Your Customer (Hereinafter: KYC) procedure according to necessary Anti-Money Laundering and Anti-Terrorist Regulations.
Users are visitors of the CryptoUnity website and therefore their Personal Information is collected as described in the previous section. This Personal Information will be used for operating our website, providing our services, ensuring the security of our website and services, maintaining back-ups of our databases and communicating with Users.
CryptoUnity will use users’ email phone number and residential address for communication purposes with users regarding: login, registration, transactions, orders, safety requirements, notifications about safety measures, reminders about the status of orders, transactions, user profile level, and other necessary communication with users. Users will also receive occasional notifications about new token listing and other promotions.
2.2.2 Collection of User data
During a User’s registration at CryptoUnity platform, Users provide information such as name, company name, email, address and nationality (registered seat of the legal entity), bank account, ID number and image of the ID document, date and place of birth, personal picture, phone number, utility bill and other relevant data.
The Users Data shall be collected and processed by CU Ltd.., with its registered office at Vesca 16, 1217 Vodice, who is a trusted partner of CryptoUnity for collecting and processing Users data on behalf of CryptoUnity.
CU Ltd. is an experienced identity verification company that will process Personal Data for the purposes of the necessary KYC/AML procedures. CU Ltd. will obtain and process all the above stated Personal Data and run KYC/AML procedures and ensure the compliance with the relevant AML legislation.
If you wish to stop receiving marketing communications from us, please contact us at email@example.com to opt-out.
Users of CryptoUnity services can at any time access and edit, update or delete their contact details by logging in with their username and password to CryptoUnity platform and using the “Delete User Account” setting. CryptoUnity will not retain User data longer than is necessary to fulfill the purposes for which it was collected or as required by the applicable laws and regulations.
2.2.3. Geographical location of processing Personal Data
All Personal Data, which will be collected and processed within KYC procedure by Sum and Substance and CryptoUnity are stored on servers in European data regions. Such Personal Data is not transmitted to other Data Regions.
CryptoUnity has servers in European data regions. A CryptoUnity “Data Region” is a set of data centers located within a defined geographical area where User data is stored. Personal Data is not transmitted to other Data Regions. For CryptoUnity Users, all accounts are located in CryptoUnity European Data Region, all Personal Data is processed in the EEA.
It has to be noted that CryptoUnity is a platform that offers buying, selling and storing virtual currencies. Trading virtual currencies takes place on the blockchains (Ethereum, Bitcoin, etc.) which are decentralized databases software platforms for virtual assets. Blockchains are a list of records, called blocks, which are linked and secured using cryptography. Each block typically contains a cryptographic hash of the previous block, a timestamp and transaction data. By design, a blockchain is inherently resistant to modification of the data. Therefore Data cannot be modified or deleted, since there are no servers involved. Data is dispersed among computers all around the world in encrypted versions.
If you trade virtual currencies you agree that your Personal Data may be collected, stored, processed and that you will not be able to delete it or invoke the right to be forgotten. Your data is encrypted, meaning they are coded (anonymized). Note that also encrypted personal data that is your crypto wallet address with CryptoUnity can still be traced back to a person if enough effort is put into it by experts or someone holds the key to decryption. With trading virtual assets via CryptoUnity platform you expressly agree to give your Personal Data on the (public) blockchain that these Data (even though encrypted) cannot be deleted and that Personal Data may be transferred outside European territory.
You acknowledge and expressly agree that by the nature of the technology it is not possible to delete personal data from the blockchain and invoke the right to be forgotten. You also agree that by the nature of the technology it is not possible to keep personal data within the EU borders.
2.2.4. Processing in accordance with General Data Protection Regulation
The processing of Personal Data is performed in accordance with privacy rights and regulations following the EU Directive 95/46/EC of the European Parliament and of the Council of 24 October 1995 (the Directive), and the implementations of the Directive in local legislation. From May 25th, 2018, the Directive and local legislation based on the Directive will be replaced by the Regulations (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal Data and on the free movement of such data, known as the General Data Protection Regulation (GDPR), and our processing will take place in accordance with the GDPR.
CryptoUnity processes Personal Data as a Controller, as defined in the Directive and the GDPR: CU Ltd, Vesca 16, Vodice which you as a Visitor entered an agreement with when using CryptoUnity’s platform as a Visitor, will be the Controller for Visitors data, as outlined above in “Collection of Visitor data” section.
For Users data, as outlined in the “Collection of Users data” section, the CryptoUnity will be the Controller in accordance with GDPR. The Users Data shall be processed by a third party Processor – CU Ltd, to Collect and process Users data on behalf of CryptoUnity. CU Ltd. is an experienced identity verification company that will process Personal Data for the purposes of the necessary KYC/AML procedures. The processor shall obtain and process users: name, surname, address, residency, date and place of birth, ID number, copy ID, users’ picture, email, phone number, utility bill and other personal information. The processor is a certified ID verification company having sufficient guarantees to implement appropriate technical and organizational measures in such a manner that processing will meet the requirements of GDPR and ensure the protection of the rights of the data subject.
CryptoUnity has data processing agreements in place with its providers, ensuring compliance with GDPR. All hosting is performed in accordance with the highest security regulations. All transfers of data internally are done in accordance with this data processing agreement.
CryptoUnity adheres to the Directive of 1995 and the GDPR from May 25th, 2018. Consequently, CryptoUnity processes all data provided by its Users with accounts in its European Data Region, in the European Union, EGS and Switzerland only.
3. Retention and deletion of Personal Information
CryptoUnity will not retain data longer than is necessary to fulfill the purposes for which it was obtained for or as required by applicable laws or regulations. When a users’ account is terminated or expired, all Personal Data collected through the platform will be deleted, as required by applicable law.
Every user or visitor can invoke the right to be forgotten at any time. Users and visitors can request a list of his or her personal data. In case you wish to obtain such data send an email to firstname.lastname@example.org. You will receive the list within one month from receiving your request by CryptoUnity.
4. Acceptance of these policy
In case of the change in the types or purpose or processing procedure of your personal data, CryptoUnity will ask for your consent if required by EU and national regulations.
5. Legal Obligation to Disclose Personal Information
5.1. Disclosure to third parties
5.2. Disclosure to prevent damage and disclosure to legal authorities without consent
We will reveal user’s personal information without his/her prior permission only when we have reason to believe that the disclosure of this information is required to establish the identity of, to contact or to initiate legal proceedings against a person or persons who are suspected of infringing rights or property belonging to CryptoUnity or to others who could be harmed by the user’s activities or of persons who could (deliberately or otherwise) transgress upon these rights and property. We are permitted to disclose personal information when we have good reason to believe that this is legally required and when the competent authorities have required to present them with such Personal Information.
6. Security of Personal Information
We use a variety of security measures to ensure the confidentiality, integrity, availability and privacy of your Personal Information and to protect your Personal Information from loss, theft, unauthorized access, misuse, alteration or destruction.
These security measures may include, among others:
- Password protected directories and databases.
- Secure Sockets Layered (SSL) technology to ensure that your information is fully encrypted and sent across the Internet securely.
- Vulnerability Scanning to actively protect our servers from hackers and other vulnerabilities.
- Regular penetration testing.
- Secure coding principles.
- Encryption of sensitive data during transfer and at rest.
- 2 factor authentication.
- Logging of activities performed on the platform.
- Access controls and
- other measures to mitigate risks identified during the risk assessment process.
All financially sensitive and/or credit information is transmitted via SSL technology and encrypted in our database. Only authorized CryptoUnity personnel are permitted access to your Personal Information, and these personnel are required to treat the information as highly confidential. The security measures will be reviewed regularly in light of new and relevant legal and technical developments.
7. Access right to your personal information
You have the right to access your Personal Information to correct, update, and block inaccurate and/or incorrect data. To exercise this right, contact us at email@example.com.
8. Information, Complaints and Contact
If you have any further questions regarding the data CryptoUnity collects, or how we use it, then please feel free to contact us by email at: firstname.lastname@example.org or in writing at: CU Ltd., Vesca 16, Vodice, Slovenia.
You have a right to lodge a complaint with a supervisory authority, to enforce your rights, as specified above. You can find out how to do this at the Slovenian Data Protection Inspectorate (Informacijski pooblaščenec), Dunajska cesta 22, Ljubljana, https://www.ip-rs.si/varstvo-osebnih-podatkov/inspekcijski-nadzor/ or European Data Protection Supervisor https://edps.europa.eu/.
Last update: 31.3.2022
Previous update: 31.3.2022