Xcoins.com, owned and operated by CF Technologies Limited, (hereinafter referred to as “Xcoins.com”, the “Company” “we”, “our” or “us”), respects the privacy of the users of our platform (the “Platform”) and/or our website at Xcoins.com (the “Site”), and is committed to protect the personal information that users share with us in connection with the use of our Platform and/or Site (hereinafter collectively referred to as – the “Service”).
1. Data Controller
2. Data Protection Principles
3. Your Consent
4. Which information may we collect on our users
5. How do we collect information on our users
6. What are the purposes of the collection of Personal Information
7. Disclosing your Personal Data
8. Changes to your Personal Data
9. Sharing Information with Third Parties
10. Retention of Personal Information
11. International Transfers
12. Minors Policy
13. Management of Cookies
14. Data Subject and Data Subject (Your) Rights
16. Third party websites
We, as the Data Controller, are responsible for deciding the way we collect, process and manage the personal information collected from our users. We may, in certain circumstances, deliver services in partnership with other entities. In such events, we will be a Joint Controller with the other entity.
For general contact, please send us an email on [email protected] or use of our live chat as directed from our Website address www.xcoins.com.
Our Risk Officer is responsible for compliance within the GDPR and is responsible for matters relating to Privacy and Data Protection. The Risk Officer may be reached on [email protected] or by calling using International telephone number +1 305 946 1796 or toll free for US 888-712-6467.’
We are committed towards compliance within the applicable Regulations. If we need to collect, use or store Your personal data, we will abide by the following data protection principles.
The processing of personal data shall take place in a lawful, fair and transparent manner. Collection of personal data shall only be performed for specified, explicit and legitimate purposes and shall not be further processed in a manner which renders it incompatible with those purposes. The collection of personal data shall only be adequate, relevant and limited to what is necessary in relation to the purpose for which it is being processed. The personal data shall be accurate and where necessary kept up to date. Having regard to the purpose for which personal data is processed, the Company shall take every reasonable step to ensure that inaccurate personal data is erased or rectified without undue delay. Personal data shall be kept in a form which permits identification of the data subject, for no longer than is necessary for the purpose for which the personal data is processed. Personal data shall be kept confidential and stored in a manner which ensures appropriate security. Personal data shall not be shared with third parties except when necessary and with a justifiable legal basis.
We collect two types of information from our Users:
The second type of information is the personal information that identifies or may identify an individual with reasonable efforts (“Personal Information”). Personal Information which is being gathered may consist of the following:
● The User’s IP address, as well as other persistent device identifiers, which is automatically recorded from the User’s device and used mainly for enhancing the User’s experience and for geolocation, personalization, security and fraud prevention purposes, as further detailed below.
● In the event that following the preliminary examinations of Non-personal Information as noted above, such user is determined as qualified to use the Service (as shall be determined in our sole discretion), then after clicking the Service button the User will be requested to fill out the registration form available on the Service, and such User will be required to provide certain information such as his/her contact details, including the following:
● Full name
● Physical Address
● E-mail address
● Copy of a government-issued ID (such as a passport or driver’s license) – this is collected as means for official proof of identity
● Details regarding the government-issued ID, such as the number, issuing country and expiration date
● Country of residence
● Date of birth
● Billing addressWallet ID (if applicable)
● Credit card details – however, please note that such data is transmitted directly to our trusted third party payment processors. We do not retain the full details of the credit card.
● Any additional required information in order to render the service.
● Please note that without providing the above information you may not be able to complete the transaction.
● In addition, we also collect the User’s publicly available social network information, provided that the User has an existing third-party social network account (namely, a Facebook or Google account) (“SN Account”) registered under the same name and/or e-mail provided by User when registering to the Service.
● In the event a User registers to the Service or otherwise grants us with certain access permissions to his/her SN Account, the third-party social network(s) operating such SN Account(s) may provide us with certain information about the User, as is stored in and/or made available by the User through his/her SN Account and in accordance with the permissions granted to us by the User. For example, such information may consist, as applicable and/or made available by the User, of the User’s name, public profile picture.
● URL address, SN Account User ID, e-mail address, date of birth, gender, occupation or work information, education and other information which the User made public.
● In addition, we may also collect the behavior of the User on our Services, which includes keystrokes, recording of mouse movements and other activities in our Services.
● Any Personal Information provided voluntarily by the User via its use of the Service, such as the User’s e-mail address in order to be contacted (and any additional information related to such contacts), transaction details provided through use of the Service, and/or other actions performed by the User in connection with the Service.
● We also collect additional data from third-party sources regarding the User. This includes the User’s credit rating and other information available through publicly available credit card blacklists and official limited bank account lists, as well as non-public information provided by credit rating agencies, banks or other organizations.
Please note that the Personal Information we collect is required in order for us to contractually provide the Services, as well as for us to meet our legal and regulatory requirements (such as Anti-Money Laundering and Know-Your-Customer regulations), and to safeguard our legitimate interests. In the event that you will not provide such information, we may not be able to provide our Services.
We store the Personal Information either independently or through the help of our authorized third-party service providers as detailed below.
We collect Non-Personal Information and Personal Information in order to:
We also undertake that we will not share your information with any third parties for the purposes of direct marketing.
We use data processors who are third parties and who provide elements of services from us. In this regard, we have agreements in place with our data processors, binding them not to do anything with your personal data unless we have instructed them to do so. Such agreements also cover the requirement of holding the personal data securely and retain it for the period that we instruct them.
There are circumstances where we are legally bound to share information such as when we are required to cooperate with the Authorities or Regulatory bodies. In such situations, we will ensure that we have a lawful basis to do so.
We may disclose information to third parties in connection with the above-mentioned purposes in the circumstances that the requirement falls under an applicable legal basis.
The personal information we hold about you shall be current and accurate. If any of your personal information changes, it is within your responsibility to update us.
As required by Law, you bind yourself to furnish us with recent suitable documentation for confirmation, on a regular basis, upon our verbal request. These may be required for KYC and due diligence purposes and to allow us to correctly perform the terms of our engagement, as per our internal operating procedures in force at the time.
The Company discloses Personal Information in the following cases:
All our third-party service providers are required to take appropriate security measures to protect your personal data in line with our policies. Processing your personal data with our third parties is limited for specified purposes and in accordance with our legal binding agreements.
The Company will not retain data longer than is necessary to fulfill the purposes for which it was collected or as required by applicable laws or regulations, such as for KYC (Know Your Customer) and AML (Anti-Money Laundering) purposes. In this regard, we retain your personal data for as long as it is within the applicable laws, to enforce our contractual agreements and if needed, for the exercise and defense of legal claims.
We undertake to review your personal data that we collect, process and store and will delete or anonymize it in a secure manner when it is no longer needed to be retained in terms of legal, business or customer need.
If for any reason you wish to delete your Personal Information stored with us and identifying to you, please send us an e-mail to [email protected] and we will make reasonable efforts to address your request.
Where possible, we specify the periods for which your personal data will be retained in advance.
The retention period is determined based on the following criteria:
Information provided to us may be shared with third parties situated in other European Economic Area (‘EEA’) Member States and in countries outside the EEA.
To use the Service, you must be over the age of eighteen (18). The Company does not knowingly collect Personal Information from children under the age of eighteen (18) and does not wish to do so. We reserve the right to request proof of age at any stage so that we can verify that minors under the age of eighteen (18) are not using the Service. In the event that it comes to our knowledge that a person under the age of eighteen (18) is using the Service, we will prohibit and block such User from accessing the Service and will make all efforts to promptly delete or effectively anonymize any Personal Information stored with us with regard to such a user.
When you access or use the Service, we may use industry-wide technologies such as “cookies” or similar technologies, which stores certain information on your computer and which will allow us to enable automatic activation of certain features, and make your Service experience much more convenient and effortless.
We may also use certain third-party tracking technologies like Google Analytics. These are a different kind of cookies, stored on your computer by third parties, rather than by us. This kind of tracking technology is deployed or used each time you visit the Service, and also when you visit certain websites or applications that use similar cookies.
How to manage your cookie settings
Please note that we do not recognize or respond to automated browser signals regarding Tracking Technologies, including “Do Not Track” requests. However, there are various ways in which you can manage and control your cookie settings. Please remember that, by deleting or blocking cookies, some of the features of the Services may not work properly or as effectively.
● Turning off cookies via your web browser.
Most web browsers will provide you with some general information about cookies, enable you to see what cookies are stored on your device, allow you to delete them all or on an individual basis, and enable you to block or allow cookies for all websites or individually selected websites. You can also normally turn off third-party cookies separately. Please note that the settings offered by a browser or device often only apply to that particular browser or device.
● Information about cookies is usually found in the “Help” section of the web browser. Below are some links to some commonly used web browsers:
– Internet Explorer and Microsoft Edge
– Mozilla Firefox
Data Subject refers to You, as the individual who can be directly or indirectly identified through the information collected and processed Us.
As a Data Subject, you have a number of rights in relation to your personal data. The Company respects your privacy rights and will endeavor to abide by such rights to the extent that they apply and where the processing of your data is applied.
Your rights include:
– the rights to be informed and the right to access your personal data that is being collected, processed and stored;
– the rights to amend, delete your personal data;
– the rights to object and restrict processing of your personal data;
– the rights to know about the existence of automated decision making and data portability;
– the right to lodge a complaint with the Office of Information and Data Protection and/or seek judicial remedy in those cases where you believe that your data protection rights have been infringed;
– the right to withdraw your consent.
If you reside in the EU or in another location that affords you with the below rights, you may contact us at any time at [email protected] and request:
1. To access (including asking for supplementary information), delete, change or update any Personal Information relating to you (for example, if you believe that your personal information is incorrect, you may ask to have it corrected or deleted);
2. That we will restrict or cease any further use of your Personal Information;
3. That we will provide the Personal Information you volunteered to us in a machine-readable format.
Please note that these rights are not absolute and requests are subject to any applicable legal requirements, including legal and ethical reporting or document retention obligations (such as KYC and AML regulations).
If you have any general questions about the Personal Information that we collect about you how we use it, please contact us at [email protected]. Any requests received will be given appropriate consideration within the time periods required by the data protection legislation. We also exert the right to request from you a proof of your identity, prior to processing your request. In this way, we ensure that the personal data is not disclosed to unauthorised third parties. We may require additional information in relation to such requests in order to speed up the response process. We reserve our right to withhold your personal data, if disclosing it would adversely affect the rights and freedom to others.
We take great care in implementing and maintaining the security of the Service, and our Users’ Personal Information. The Personal Information is hosted on Amazon Web Services, which provides advanced security features. The Company employs industry standard procedures and policies to ensure the safety of its Users’ Personal Information, and prevent unauthorized use of any such information. In addition, in order to safeguard the privacy expectation of the Users, Our Merchant Processing Partner is Payment Card Industry Data Security Standards (“PCI DSS”) certified. Please note that while we take reasonable measures to safeguard your personal data, we cannot fully guarantee its security.
This service is supplied by CF Technologies Ltd.
Centris Business Gateway, Level 2M, Triq Is-Salib Tal-Imriehel, Zone 3, Central Business District, Birkirkara CBD3020, Malta.