Privacy Policy

Welcome to Coinygram!

Coinygram is a legal organisation which endeavours to ensure all of its policies and procedures are fully compliant with GDPR (General Data Protection Regulation 2016/679) requirements. We also endeavour to treat your privacy concerns very seriously.

Coinygram shall mean and include below –

Coinygram Ltd. [C 88670], a Maltese Registered Company with Office Address situated at: Coinygram Ltd., Phoenix Business Centre, Old Railway Track, 9022 Santa Venera, Malta, which owns and operates the ‘Coinygram’ VFA Exchange Platform in Malta, hereinafter referred to as “Coinygram Ltd.” or “Coinygram” or “company”, which term shall refer to and include its owners, its subsidiaries and affiliated companies, directors, investors, employees, officers, representatives, affiliates, or other related parties.

Persons using the Coinygram Platform, directly or indirectly, are referred to herein, as “Users”.

This Privacy Policy describes our information handling practices when you access content we own or operate on the websites or app of Coinygram or any other websites, pages, features, or content we own or operate (collectively, the “Site(s)”).

In order to prevent misuse of the Coinygram Platform, Users are required to strictly comply with the terms contained herein, which forms part and parcel of the user Terms of Service. Terms not defined herein shall carry the same interpretation, as in the User Agreement and in the absence thereof to general usage and parlance.

These Terms and Conditions of Privacy supersedes and replaces any and all prior oral or written understandings or agreements between Coinygram and the user with respect to the Privacy Policy.

Risk Warning Disclaimer: Trading in Virtual Financial Assets on Crypto-Exchange Platforms involves a high degree of risk to your capital. Virtual Financial Assets may not be appropriate for all investors and you should seek independent advice if necessary. Trading with Virtual Financial Assets may result in total loss of your investment.

1. Definitions

1.1 “Applicable Law” means the law in force for the time being within the territory of the Republic of Malta.

1.2 ‘AML’ means ‘Anti-Money Laundering’, and in this connection, the applicable legislation shall be the Directive (EU) 2018/843 of the European Parliament and of the Council of 30th May 2018 amending Directive (EU) 2015/849 on the prevention of the use of the financial system for the purposes of money laundering or terrorist financing, and amending Directives 2009/138/EC and 2013/36/EU

1.3 “Coinygram Platform” shall mean and include Coinygram Android App, Coinygram iOS App (collectively, “Coinygram App”) or Coinygram Web app (“Web version”) and Coinygram website “www.coinygram.com” (“Coinygram Website”). Collectively along with the Coinygram Developer Portal, Public APIs and secure authentication for Coinygram users is referred to as the “Coinygram Platform”.

1.4 “GDPR” refers to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data.

2. Privacy Policy

2.1 Coinygram is committed to ensuring the safety and protection of all data and information shared with Coinygram by its users in accordance with GDPR, Applicable Laws and the terms and conditions set out hereunder and processes established by Coinygram in compliance with the applicable reasonable security practices and procedures, prescribed by Government or Regulatory authorities, as the case may be.

2.2 Coinygram shall not be liable for any breach or violation of its systems or policies due to malicious attacks, errors, commissions or omissions not wilfully initiated by Coinygram, leading to breach of data or information of the user.

3. Personal Information and Data we collect

3.1 Personal information is data that can be used to identify you directly or indirectly, or to contact you. Our Privacy Policy covers all personal information that you submit to us and that we obtain from our partners. This Privacy Policy does not apply to anonymized data, as it cannot be used to identify you.

3.2 We can ask you to provide personal information anytime you are in contact with or using the Coinygram Platform. Coinygram group of companies may share your personal information with each other and use it consistently with this Privacy Policy. They may also combine it with other information to provide and improve our products, services, and content. Except as described in this Privacy Policy, Coinygram will not sell, rent or loan any personal Information to any third party.

4. Personal Credentials and Data Collection

How to contact Coinygram for data protection inquiries:

4.1 We have endeavoured to nominate an independent Data Protection Officer (“DPO”) who is responsible for overseeing questions in relation to this Privacy Policy. If you have any questions about this Privacy Policy, including any requests to exercise your legal rights, please contact the DPO using the details set-out below. DPO: [email protected]

4.2 Coinygram may collect required personal data and information of the user to provide its services. Use of the Coinygram Platform is contingent upon acceptance of the terms and conditions contained herein. User shall be deemed to have volunteered the data and information collected, retained, used and disseminated by Coinygram, upon accepting the terms herein and those contained in the Terms of Service and User Agreement of Coinygram.

4.3 Coinygram processes your personal data and information of the user in accordance with the guidelines laid by GDPR regulations. GDPR Defines Personal Data as “personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;

4.4 Coinygram collects your personal information to provide our services. Coinygram ensures that your personal data is processed lawfully, fairly and in a transparent manner and is collected for specified, explicit and legitimate purposes shared with you. Any information you provide to us that is not required, is voluntary. You are free to choose whether to provide us with the types of personal information requested, but we may not be able to serve you as effectively or offer you all our Services when you do choose not to share certain information with us. We may collect the following types of information provided / shared by the user as applicable for

1) Personal Identification Information: Full name, date of birth, nationality, gender, signature, utility bills, photographs, phone number, national ID proof, home address, and/or email.

Why we collect this information

  • To complete your user profile and process your registration request on the Coinygram Platform allowing you to enter in a contract with us.
  • To provide Coinygram products, services and support and enhance the performance of our contract with you.
  • To communicate with you about your account and our services, including informing you of changes to our fees and our terms and conditions related to our services.
  • to conduct market research and analysis eg. surveying our users’ needs and opinions on issues, such as our performance;
  • For Managing services including your account with us.
  • For sending customized offers to you if you have consented to receive our offers.
  • To deal with enquiries, complaints, and feedback from you and our service providers.
  • To communicate with you regarding your account and our services.
  • To maintain legal and regulatory compliance.

2) Recognized Identification Information: Tax ID number, passport number, driver’s license details, national identity card details, photograph identification cards, and/or visa information.

Why we collect this information

  • To complete your user profile and verify your registration request on the Coinygram Platform allowing you to enter in a contract with us.
  • To complete KYC (Know your customer) form to complete the regulatory requirements of Trading.
  • To ensure that our customers are genuine and preventing Identity theft.
  • To detect any Fraud, Anti national activity, Money Laundering and Criminal Activities.
  • To prevent anti-national and terrorist finances and protect our users and business from any threat or Damage.

3) Monetary Information: Bank account information, Permanent account Number, Credit or Debit Card Number, transaction history, trading data, and/or tax identification.

Why we collect this information

  • To maintain legal and regulatory compliance.
  • To provide Coinygram products, services and support and enhance the performance of our contract with you.
  • To detect any fraud, anti-national activity, money laundering and criminal activities.
  • To prevent anti-national and terrorist finances and protect our users and business from any threat or Damage
  • To ensure that our customers are genuine and preventing Identity theft.

4) Transaction Information: Information about the transactions by using the Coinygram Platform, such as the name of the recipient, digital currency address, your name, the amount, and/or timestamped.

Why we collect this information

  • To provide Coinygram products, services and support and enhance the performance of our contract with you.
  • To facilitate transactions of users
  • To detect any fraud, anti-national activity, money laundering and criminal activities.
  • To prevent anti-national and terrorist finances and protect our users and business from any threat or Damage
  • To maintain legal and regulatory compliance.
  • To deal with enquiries, complaints, and feedback from you and our service providers.
  • To provide you customer Service.
  • To communicate with you regarding your account and our services.

5) Employment or Business Information: Office location, job title, and/or description of business, role, etc.

Why we collect this information

  • To complete your user profile and verify your registration request on the Coinygram Platform allowing you to enter in a contract with us.
  • To complete KYC (Know your customer) form to complete the regulatory requirements of Trading.
  • To ensure that our customers are genuine and preventing Identity theft.
  • To detect any Fraud, anti-national activity, money laundering and criminal activities
  • To maintain legal and regulatory compliance.

6) Online Identifiers: User’s device information including but not limited to IMEI or equipment identification number, IMSI or subscriber identification, UUID, MAC address, OS version, device details, network operator, contact list information, Wi-Fi / Data Network connectivity. Cookie information generated by the user’s use of the app and the website, including cookies and IP addresses. Geolocation of a user’s device or such or other automatically collated data or information of the user. Please visit our Cookie Policy.

Why we collect this information

  • To ensure that our customers are genuine and preventing Identity theft.
  • To detect fraud, anti-national activity, money laundering and criminal activities.
  • To maintain legal and regulatory compliance.
  • To check if you are in a location or using a device consistent with our records in order to help prevent unauthorized user access your account and prevent threat.
  • To develop and improve our services based on analysing the behaviours of our users and the technical capabilities of our users.
  • To enhance our technical capability by making our app compatible with your devices and to enhance your app browsing experience and ease of operation.
  • To identify technical issue and monitor the health of the Coinygram Platform.

7) Access to User’s Photo Gallery / Media / Files / Camera for using the Coinygram Platform more efficiently.

Why we collect this information

  • To complete your user profile and verify your registration request on the Coinygram Platform allowing you to enter in a contract with us.
  • To allow you to upload KYC Documents, profile picture on the Coinygram Platform.
  • To provide you customer service.

8) Access to user’s apps and services including messaging through SMS; Storage data, device details;

Why we collect this information

  • To complete your user profile and verify your registration request on the Coinygram Platform allowing you to enter in a contract with us.
  • To read & auto-fill the OTP SMS so that we can verify your mobile number. This is helpful in your account verification (KYC).

9) Leave a message – We may collect your name, email id, mobile number, country, etc when you leave a message on our website.

Why we collect this information

  • To provide Coinygram products, services and support and enhance the performance of our services.
  • To inform you about Coinygram products, services or any other activities that Coinygram may undertake.

5. Our Legal Basis for Data Processing

Depending on the purpose of our processing activity, the processing of your personal data will be based on one of the following:

  • It is necessary for the legitimate interests of Coinygram, without unduly affecting your interests or fundamental rights and freedoms, to provide you with communications related to our products, services, promotions, offers and events. You have a right to opt-out of receiving marketing messages by clicking on the unsubscribe link in the bottom of our marketing emails or by using the personal settings in your user area;
  • It is necessary for taking steps to enter into or executing a contract with you for the services or products you request, or for carrying out our obligations under such a contract;
  • Required to meet our legal or regulatory responsibilities; or
  • Processed with your explicit and free consent which we obtain from you from time to time.

6. Collection of Automatic Data

Cookies

6.1 Coinygram uses cookies on its App and website to collect data about user. For a detailed policy on use and collection of Cookies, please visit our Cookie Policy

7. Data Retention and Protection

7.1 Coinygram may collect, use and share aggregated data to create anonymised statistical data. Coinygram may provide this statistical data to its business partners or third parties.

7.2 Aggregated Data may be derived from your personal data but is not considered personal data in law as this data does not directly or indirectly reveal your identity. For example, we may aggregate your Usage Data to calculate the percentage of users accessing a specific website / app feature. However, if we combine or connect aggregated data with your personal data so that it can directly or indirectly identify you, we treat the combined data as personal data which will be used in accordance with this Privacy Policy. You are entitled to inform Coinygram at any time that your personal details have changed or otherwise request erasure of your personal data by emailing customer support at [email protected]

7.3 We will only retain your personal data for as long as necessary to fulfil the purpose for which we have collected it, including for the purposes of satisfying any legal, accounting or reporting requirements.

7.4 To determine the appropriate retention period for personal data, we consider the amount, nature and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means and the applicable legal requirements.

7.5 By law we have to keep basic information about our customers (including contact, identity, financial and transaction data) for ten (10) years after they cease being customers for online trading purposes. In some circumstances we may anonymize your personal data (so that it can no longer be associated with you) for research or statistical purposes in which case we may use this information indefinitely without further notice to you. When you use this website or other services we provide to you, you may be able to link to other third-party websites, plug-ins and applications.

7.6 This Privacy Policy does not apply to those sites. Clicking on those links or enabling those connections may allow third parties to collect or share data about you. We do not control these third-party websites and are not responsible for their privacy policies. When you leave our website, we encourage you to read the privacy policies on such sites.

7.7 Coinygram uses cookies to gather information about your access to this website and other services we provide to you. Cookies are small pieces of information which use a unique identification tag and are stored on your device as a result of you using this website or other service we provide to you.

When cookies are used by us, they collect statistical and factual information about how you use our services. Most internet browsers are set up to accept cookies. If you do not wish to receive cookies, you may be able to change the settings of your browser to refuse all cookies or to have your computer notify you each time a cookie is sent to it, and thereby give yourself the choice whether to accept it or not. If you disable or refuse cookies, please note that some parts of this website may become inadmissible or not function properly and impair the quality of the services that we provide to you in relation to your account. For more information about the types of cookies Coinygram uses, please refer to our specific Cookie Policy (in terms of GDPR).

7.8 Coinygram protects your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations.

7.9 The retention period may be extended to comply with legal obligations, resolve disputes, and enforce agreements for a period of ten (10) years after termination of the account or such period, under applicable laws. Coinygram may retain data for further periods but is not obligated to do so in all instances. Coinygram shall not be liable or responsible for non–availability or non–retention of data or information beyond the termination of the user account.

7.10 The retention period may extend beyond the termination of the user account, but it will be only as long as it is necessary for Coinygram to have sufficient information to respond to any issues that may arise later, including but not limited to retention for the purpose of investigations or ongoing prosecutions or in case of Suspicious transactions or if Coinygram requires the information for its records or to support legal proceedings, or if Coinygram believes in good faith that a law, regulation, rule or guideline requires it.

7.11 Please note that Coinygram cannot guarantee that loss, misuse, unauthorised acquisition, or alteration of your data will not occur, and you play a vital role in protecting your own personal information. While registering with the Coinygram Platform, it is important to choose a password or PIN of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorised access to or use of your account

7.12 Subsequently, Coinygram cannot ensure or warrant the security or confidentiality of information you transmit to us or receive from us by Internet or wireless connection, including email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us at [email protected] Coinygram however takes all reasonable steps to secure data and information pertaining to its Users, including those prescribed under applicable laws and regulations framed thereunder.

7.13 We will keep information about visitors to our websites (not being customers) for a reasonable length of time, that lets us understand how people use our website and any technical issues they have.

7.14 We try to respond to all legitimate requests within one (1) month. Occasionally, it may take us longer than a month if your request is particularly complex or you have a number of requests. In this case, we will notify you and keep you updated.

7.15 You have a right to make a complaint at any time to the Office of the Information and Data Protection Commissioner (“IDPC”), the Maltese supervisory authority for data protection issues. We would, however, appreciate the chance to deal with your concerns before you approach the IDPC so please contact us or our DPO in the first instance at the email specified above.

8. Updation of User Data and withdrawal of User Consent

8.1 The user shall ensure that all data and information shared with Coinygram is accurate, correct and complete. The user shall ensure that address changes or any change in circumstances impacting the use of the Coinygram Platform, is promptly communicated to Coinygram.

8.2 Coinygram will not be held liable or responsible for any incorrect information provided by the user to Coinygram.

8.3 User may, upon termination of the use of the Coinygram Platform, as provided in the Terms of Service, withdraw consent granted herein to Coinygram. The same shall however not affect actions undertaken or data and information collated, or technological processes initiated prior to such withdrawal of consent. Such withdrawal of consent shall also not affect retention of data and information collected prior to such withdrawal.

9. Sharing of Infromation with Third Parties

9.1 Whenever we transfer your personal data out of the European Economic Area (EEA), we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

9.2 We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission. For further details, see European Commission: Adequacy of the protection of personal data in non-EU countries (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/adequacy-protection-personal-data-non-eu-countries_en).

9.3 Where we use certain service providers which are not located in the EEA and not designated above, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe. For further details, see European Commission: Model contracts for the transfer of personal data to third countries. You may access such standard EU model contracts on the following link https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en

9.4 Where we use providers based in the US (if applicable), we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US. For further details, see European Commission: EU-US Privacy Shield.

In all other instances, the user generally agrees and consents to Coinygram sharing the following anonymized data or to otherwise gives Coinygram permission to share its Data with third-parties for the following:

  1. For referral, operations, additional services and technology services (such as hosting providers, identity verification, support, payment, and email service providers) or;
  2. If required by applicable law or legal process, or if Coinygram believes that it is in accordance with applicable law or legal process; or
  3. To protect the rights, property and safety of Coinygram, its users and the public, including, including but not limited to usage in court proceedings, or to detect or prevent criminal activity, fraud, material misrepresentation, or to establish its rights or defend against legal claims; or
  4. In connection with selling, merging, acquiring, transferring, or reorganizing all or parts of Coinygram’s business.

10. Users Rights

Residents of the European Economic Area (EEA) have the following rights, which can be exercised by contacting us at [email protected] so that we may consider your request under applicable law.

Right to withdraw consent – You have the right to withdraw your consent to the processing of your personal information collected on the basis of your consent at any time. Your withdrawal will not affect the lawfulness of Coinygram’s data processing based on consent before your withdrawal.

Right of access to and rectification of your personal information – You have a right to request that we provide you a copy of your personal information held by us. This information will be provided without undue delay subject to some fee associated (if applicable) with gathering of the information (as permitted by law), unless such provision adversely affects the rights and freedoms of others. You may also request us to rectify or update any of your personal information held by Coinygram that is inaccurate.

Right to erasure [right to be forgotten] – You have the right to request erasure of your personal information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing that you previously consented, but later withdraw such consent; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing. The above is subject to limitations by relevant data protection laws.

Right to data portability – If we process your personal information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request [in terms of GDPR] to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another “controller”, where

technically feasible and once our platform interface allows for the ‘exportation’ of such data. In this connection, Coinygram is committed towards creating a robust function ensuring data portability in due course.

Without prejudice to the aforesaid, data portability will be prohibited if the requested migration of said data adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of your personal information.

Right to restriction or objections for processing – You have the right to restrict or object to us processing your personal information where one of the following applies:

You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.

The processing is unlawful, and you oppose the erasure of your personal information and request the restriction of its use instead.

We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defense of legal claims.

You have objected to processing, pending the verification whether the legitimate grounds of Coinygram’s processing override your rights.

Restricted personal information shall only be processed with your consent or for the establishment, exercise or defense of legal claims or for the protection of the rights of another natural or legal person or for reasons of important public interest. We will inform you if the restriction is lifted.

Notification of erasure, rectification and restriction – We will communicate any rectification or erasure of your personal information or restriction of processing to each recipient to whom your personal information have been disclosed, unless this proves impossible or involves disproportionate effort. We will inform you about those recipients if you request this information.

Right to object to processing – Where the processing of your personal information is based on consent, contract or legitimate interests you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law. We can continue to process your personal information if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law.

Automated individual decision-making, including profiling – You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws.

Right to lodge a complaint – If you believe that we have infringed your rights, we encourage you to contact us first at [email protected], so that we can try to resolve the issue or dispute informally.

Your rights to personal information are not absolute. Access may be denied when:

  • Denial of access is required or authorized by law;
  • Granting access would have a negative impact on other’s privacy;
  • Granting access would have a negative impact on other’s privacy;
  • To protect our rights and properties; and Where the request is frivolous or vexatious

To Invoke or exercise any of your rights, please contact our Data Protection Officer (DPO) at: [email protected]

11. Reasonable Security Practices

11.1 Protection of the user’s personal information is of utmost importance to Coinygram and it takes all reasonable steps to secure data and information pertaining to its users, including those prescribed under applicable laws and regulations framed thereunder

11.2 Coinygram takes appropriate legal, administrative, physical, and reasonable electronic measures designed to protect the information that users share with Coinygram

11.3 Coinygram however does not extend any warranties with respect to the security or safety of data and information transmitted through digital platforms or online, both of which are susceptible to malicious attacks.

12. Modifications

These terms may be periodically reviewed and revised when required by law, or due to business reasons. We will notify you of changes to this Privacy Policy. The revised Policy will be uploaded on the Coinygram website and will reflect the modified date of the terms. Continued use of the Coinygram Platform constitutes the agreement of the user to the terms contained herein and any amendments thereto. Coinygram may for any important changes in the policy would send an email to user’s registered email id.

We reserve the right to modify this Privacy Policy at any time, and when required by law, we will notify you of changes to this Privacy Policy. If we make any material changes we will notify you by email (sent to the e-mail address specified in your account) or by means of a notice on our Services prior to the change becoming effective. Coinygram also encourages users to periodically visit our policies from time to time

13. Miscellaneous

All other provisions of the Coinygram Terms of Service and user agreement shall be read along with this policy and shall form part hereof, including governing laws and jurisdiction, notices, severability, assignment and such or other provisions.

If you have questions, please contact our Data Protection Officer (DPO) at: [email protected]