Coin&Coin is a community for trading VFAs (or also known as virtual financial assets, cryptographic tokens or digital tokens or cryptographic currency) and digital asset derivatives, and operates the Website https://www.coinandcoin.io, mobile Website, and Mobile Application (hereinafter referred to as the 'Website'), which is a platform dedicated to the transaction of VFAs and the provision of related services (hereinafter referred to as 'the Service'). For the convenience of wording in this Agreement, Coin&Coin and the Website are referred to collectively as 'we' or other applicable forms of the first-person pronouns in this Agreement.
Natural persons or other subjects who log onto this Website shall be users of this Website. For the convenience of wording in this Agreement, the users are referred to as 'you' or any other applicable forms of the second-person pronouns.
For the convenience of wording in this Agreement, you and we are collectively referred to as “both parties”, and individually as “one party”.
i) the information that we collect and process about you (that you provide directly to us or is provided to us by third parties);
ii) the purposes for which we collect and process information about you; and
iii) the basis on which we collect and process information about you when you log in this Website, your registration with this Website, and/or use this Website and the Services provided to you.
We recommend that you read this policy carefully in order to understand what we do with your personal information. Your use of our Website and Services and any dispute over privacy is subject to this Policy and any of our applicable Terms of Services, including their applicable limitations on damages and the resolution of disputes. Our Terms of Services are incorporated by reference into this Policy. [By visiting www.coinandcoin.io you are accepting and consenting to the practices described in this Policy.] Regardless of the applicable law set forth in the Coin&Coin Terms of Services, however, please note that any disputes arising under this Policy will be interpreted in accordance with the Governing Law provision set forth below.
3. INFORMATION COLLECTED
3.1 We collect information directly from you, about you from third parties such as our marketing affiliates and service providers used to verify your identity and prevent fraudulent activity, and automatically as you use our Website and the Services. At this time, the use of our Services through our Mobile Application is only available to users who register for our Services.
3.2 When you apply for and use our Services, you contact us with questions, and you otherwise choose to provide information to us.
We collect the information you provide during the Coin&Coin onboarding process, which may be a completed, incomplete, or abandoned process. We receive information about you from banking references, credit reporting agencies, affiliates, [other Coin&Coin users (including as part of our referral programs)], and other third parties (e.g., entities that assist us in validating your identity, among others). We may combine this with other information that we collect about you.
3.3 If you are willing to use the services offered by this Website, we may collect the following information about you depends on your particular interaction with our Website and our Services, and includes, where permitted by applicable law. You are responsible for providing accurate and up-to-date information.
3.3.1 Identity Information. Such information can help us verify whether you are eligible to be registered as a member of this Website. It includes but is not limited to your name, email address, phone number, residence address, billing or mailing address, IP address, date of birth, national identification numbers and other certificates and corresponding numbers thereof that are issued by your country or government to certify your identity information, as well as all other information that can help us to verify your identity (hereinafter referred to as 'identity information’). The identity information could be sourced directly from you, third parties on your behalf and as instructed by you, other Coin&Coin users and customers, our service providers and affiliates.
3.3.2 Financial Information. Such information helps us to provide you with the services, including but not limited to your bank and credit account information, credit history as applicable, details of any transactions carried out using any of the Services (hereinafter collectively referred to as 'Financial information’).
3.3.3 Other information. We will also collect information such as your interaction with our website, information collected through Cookies and other tracking technologies, information about your business, your geolocation, and any other information that you choose to provide to us (e.g., when you send us an email/otherwise contact us through calls or other correspondence).
3.4 When you use this Website or the services this Website offers, we may collect more information necessary from our exclusive mailboxes or in other manners that we consider as in compliance with relevant requirements, for the purpose of improving the functions of this Website, enhancing your experience of using this Website and its services as well as the security thereof, or as is required by any court order, any applicable law, administrative regulation or any order of any other competent government agency.
4. HOW WE USE YOUR INFORMATION
Coin&Coin will use your information:
(a) To validate your identity (including via SMS as applicable);
(b) To provide our Services to you, to communicate with you about your use of our Services or any changes in our Terms of Services that apply to you;
(c) For the purpose for which you specifically provide the information to us, including, to respond to your inquiries, to provide any information that you request, and to provide customer support;
(d) To tailor the content and information that we may send or display to you, to provide personalized help and instructions, and to otherwise personalize your experiences while using our Website and our Services, such as developing and offering you new and/or additional services or new and/or additional features to existing services;
(e) For marketing and promotional purposes, for example, where permitted by law (other than if (where applicable) you opted out), to send you newsletters, special offers and promotions, or to otherwise contact you about services or information we think may interest you, or to conduct draws for campaigns and the like and deliver prizes and rewards;
(f) To generate generic data out of any information we collect and use it for our own purposes, so as to better understand how users, access and use our Website and our Services, both on an aggregated and individualized basis, to administer, monitor, and improve our Website and Services, for our internal purposes, and for other research and analytical purposes;
(g) To protect us, our customers, employees or property — for instance, to investigate fraud and prevent fraudulent activity, abuse of the Services, harassment or other types of unlawful activities involving us or other companies that we do business with, to enforce this Policy, as well as our Terms of Services.
5. WHEN WE SHARE YOUR INFORMATION
We share your information with third parties, including service providers, regulated institutions (e.g., financial institutions), affiliated entities, and business partners as set out below:
(a) If we think that sharing it is necessary to enforce the Terms of Service；
(b) to comply with government agencies, including regulators, law enforcement and/or justice departments;
(c) in response to legal process, to comply with the law, a judicial proceeding, subpoena, court order, or other legal processes;
(d) with our service providers and affiliates – to assist us with the provision of the Services and our everyday business purposes, such as to verify your identity, detect and prevent fraudulent activity, abuse of the Services, conduct internal research and analytical assessments, process your transactions, maintain your account(s) and provide you with customer care services.
(e) for marketing purposes, to market our own products and services;
(f) in connection with the sale or transfer of our business or any part thereof;
(g) to protect us and others – we have implemented international standards to prevent money laundering, terrorist financing and circumventing trade and economic sanctions and will implement final Virtual Financial Asset rules and regulations when effective, which will likely require us to undertake due diligence on our customers. This may include the use of third-party data and service providers which we will cross-reference with your personal information. We may disclose your information when we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Terms of Services or this Policy, or as evidence in litigation in which we are involved.
(h) With other Coin&Coin users or third parties using our services - to perform the Services, assist in carrying out your transactions with such users or third parties or for purposes of our refer-a-friend program(s).
We do not sell your personal information.
6. HOW WE STORE YOUR INFORMATION
All information you provide to us is stored on our secure servers. Any payment transactions will be encrypted using SSL technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. We ask you not to share a password with anyone.
7. PROTECTION OF PERSONAL DATA
7.1 We adopt appropriate physical, electronic, management and technical measures so as to protect and safeguard the security of your personal data. We will, to the greatest extent possible, ensure that any personal data collected through our Website shall be free from being subject to nuisance by any third party unrelated to us. The security measures that we may take include but not limited to:
7.1.1 Physical measures: records of your personal data will be stored in a properly locked place.
7.1.2 Electronic measures: The computer data that contain your personal information will be stored in computer systems and storage medias that are subject to strict login restrictions.
7.1.3 Management measures: only staff members duly authorized by us can access your personal data, and these staff members shall comply with our internal code concerning personal data confidentiality.
7.1.4 Technical measures: such encryption techniques as Secure Socket Layer Encryption may be used to convey your personal data.
7.1.5 Other measures: our network servers are protected by proper ‘firewall’.
7.2 If you are aware of any security flaws in our Website, please contact us immediately so that we can take appropriate action as soon as possible.
7.3 Despite the above-mentioned technical and security measures, we cannot guarantee that the information transmitted via the Internet is absolutely safe. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our Website, any transmission is at your own risk. We will not be held liable for any loss or damage arising from or caused by any event that may occur in connection with unauthorized access to your personal data, and we shall not be held liable for compensation for such loss or damage.
8. COOKIES AND OTHER TRACKING MECHANISMS
8.1 Cookies. Cookies are alphanumeric identifiers that we transfer to your computer’s hard drive through your web browser for record-keeping purposes. Cookies help us recognize you as a customer, collect information about your use of Coin&Coin to better customize our services and better your experience. We may also use the information collected to ensure compliance with our compliance program and to ensure your account security has not been compromised by detecting irregular or suspicious account activities.
Most browsers are set up to accept cookies automatically. Some Cookies expire when you finalize the session and other Cookies remain on your computer or other devices until deleted or expired. You have the option to decline the use of our Cookies, but this may affect the functionality of Coin&Coin services or your user experience.
8.2 Other Tracking Mechanisms. We may use Flash Local Storage Objects (“Flash LSOs”) to store your Website preferences and to personalize your visit. We may also store your user information and Website preferences locally within your web browser via HTML5. We may use clear GIFs (a.k.a. web beacons, web bugs or pixel tags), in connection with our Website or Services to, among other things, track the activities of Website visitors, help us manage content, and compile statistics about Website and Services usage. We and our third-party service providers also use clear GIFs in HTML emails to our customers, to help us track email response rates, identify when our emails are viewed, and track whether our emails are forwarded.
10. COMMUNICATION WITH US
10.1 If you have any requests and comments, you can send an email to [email protected], which is the only valid and official email through which we communicate with you, so we will not bear any liability for your failure to using effective contact information, any act or omission.
10.2 We only publish announcements and information on the basis of the valid and effective contact information on this Website or post announcements on this Website; therefore, we shall not be held liable for any loss arising from your trust in the information that has not been obtained through the above-mentioned means.
Any and all content provided on this Website or the Services, including links to other websites are provided for information purposes only and do not constitute advice, recommendation or support of such content or website. Coin&Coin makes every effort to provide true and accurate content on its Website. However, Coin&Coin provides no warranty, express or implied, of the accuracy, completeness, timeliness, or applicability of such content. Coin&Coin accepts no responsibility for and excludes all liability in connection with the information provided on the Coin&Coin website, including but not limited to any liability for errors, inaccuracies or omissions.
ADDITIONAL TERMS FOR EEA CUSTOMERS
Operating within the European Economic Area (“EEA”), we collect, store, and process your personal information in accordance with the provisions of the General Data Protection Regulation (GDPR) and Data Protection Act.
We may collect Personal Data from customers located in the EEA. To facilitate the services we provide to customers located in the EEA, we request explicit consent for the transfer of Personal Data from the EEA to outside of the area. If you are an individual located in the EEA and you decline to consent to such transfer, you will no longer be able to use Coin&Coin and our services. You will have the ability to withdraw your digital assets; however, all other functionalities will be disabled.
The information below is required pursuant to EEA law regarding privacy and data protection. The terms below apply to EEA customers in addition to the terms in the rest of the Policy.
WHEN DO WE SHARE YOUR INFORMATION
The table headed “How and Why We Share Your Information” in the main part of the Policy under the heading “When We Share Your Information” lists who we may share your information with, which include transfers for reasons of legal compliance and necessity in order to provide you with our Services.
You should be aware that when sharing your information, it may be transferred to, and stored at, a destination outside the EEA. Please note that where data is transferred outside of the EEA, non-EEA countries may not offer the same level of protection for personal data as is available in the EEA. Coin&Coin will take various measures to ensure that your data is treated securely and only transferring your data via an appropriate safeguard as described in Article 46 of GDPR.
DO YOU HAVE TO GIVE US YOUR INFORMATION?
In most cases, providing your personal data to us is optional, however, if you do not provide it, you will not be able to use our Services. For example, we need details such as your name, address and bank account details so that we can make payments to you and receive payments from you. In other cases, you have a choice over whether we collect your personal data, for example, you can turn off cookies on your browser and we will not place any cookies on your device or computer (although in this case, you may not be able to use all parts of our website).
HOW LONG DO WE KEEP YOUR INFORMATION?
Coin&Coin retains your personal data for the duration of your engagement with us and for a period following termination of your engagement with us, as required by applicable laws or regulations and/or in accordance with Coin&Coin’s internal policies and procedures for purposes of prevention of fraudulent activity, risk management and security. Coin&Coin will periodically review the necessity of retention of your data.
EEA CUSTOMERS ONLY: YOUR RIGHTS UNDER GDPR
You have several rights in relation to your personal data which are described in more detail below.
You can exercise your rights at any time by contacting us at [email protected].
1. Accessing your data
You can ask us to:
Confirm whether we are processing your personal data
Give you a copy of that data
Provide you with other information about your personal data such as what data we have, what we use it for, who we disclose it to, whether we transfer it outside of the EEA and how we protect it, how long we keep it for, what rights you have, how you can make a complaint, where we got your data from and whether we carry out any automated decision making or profiling.
You do not have to pay a fee for a copy of your information unless your request is unfounded, respective or excessive, in which case we will charge a reasonable amount in the circumstances. We will let you know of any charges before completing your request.
2. Correcting your data
You can ask us to correct any data which is inaccurate or incomplete. This is free of charge.
If we have shared the data with anyone else, we will tell them about the correction wherever possible.
If we cannot action a request to correct your data, we will let you know and explain why this is.
3. Erasing your data
This right is sometimes referred to as “the right to be forgotten”. This is not an absolute right but you have the right to have your data erased, free of charge, in certain circumstances.
You can ask for your data to be erased where:
it is no longer necessary for the purpose for which it was originally collected or processed;
we are processing your data based on your consent, and you withdraw that consent;
you object to the processing and we do not have an overriding legitimate interest for continuing;
your data has been unlawfully processed;
your data must be erased to comply with a legal obligation;
the data was processed to offer information society services to a child.
There are some exceptions to this right. If one of these applies, we do not have to delete the data.
If we have shared your data with third parties, we will tell them about the erasure of your data unless this is impossible or would involve disproportionate effort.
4. Restricting the processing of your data
You can ask us to restrict the processing of your personal data in some circumstances, free of charge. This is not an absolute right. If processing is restricted we can store the data and retain enough information to make sure the restriction is respected unless you consent or the processing is necessary for relation to a legal claim or to protect the rights of another person or for reasons of important public interest, but we cannot further process your data.
You can restrict the processing of your personal data in the following cases:
if you contest the accuracy of your data, we will restrict processing until we have made sure the data is accurate;
if you object to our processing pending the verification of whether or not our legitimate interests override your interests, rights and freedoms or in connection with legal proceedings;
if the processing is unlawful but you do not want us to erase your data;
if we no longer need the personal data but you require the data to establish, exercise or defend a legal claim.
If we have disclosed the data to a third party, we will inform them about the restriction unless it is impossible or would require a disproportionate effort. We will tell you if we decide to lift a restriction on processing your data.
5. Objecting to the processing of your data
You have a right to object to the processing of your data at any time. This request will be free of charge. It is not an absolute right but you can object to our processing of your data where it is:
based on the legitimate interests ground; or
for the purposes of scientific/historical research and statistics.
We will stop processing your personal data unless we have compelling legitimate grounds for the processing which override your interests and rights, or unless we are processing the data for the establishment, exercise or defense of legal claims.
You can require us to stop using your data for direct marketing purposes. We will stop as soon as we receive your request. There are no exemptions or reasons for us to refuse.
6. Data Portability
This allows you to obtain and reuse your personal data for your own purposes across different services. It applies where the following conditions are met:
you provided the personal data to us yourself;
we are processing the data either based on your consent or because it is necessary for the performance of a contract; and
the processing is carried out by automated means.
We will provide your data free of charge in a structured, commonly used and machine-readable form.
7. Automated decision making and profiling
You have the right not to be subject to a decision that is based solely on automated processing and which produces a legal (or similarly significant) effect on you.
We will tell you about any automated decision making that affects you. You have the right to:
request human intervention;
express your point of view;
ask for the decision to be explained; and
challenge the decision.
These rights are not absolute. We may not be able to comply with this request if the processing of personal data is:
necessary for us to enter into or perform a contract with you;
authorized by law (e.g. for fraud prevention) and which also lays down suitable measures to safeguard your right, freedoms and legitimate interests; or
based on your explicit consent.
8. Dealing with requests to exercise your rights
We will respond to your request without undue delay at the latest within one (1) month of receiving your request unless it is particularly complicated or you have made several requests, in which case we may extend this by two (2) months. We will let you know if we are going to take longer than one (1) month in dealing with your request. If we have a lot of information about you, we might ask you if you can tell us what exactly you want to receive. This will help us action your request more quickly.