Effective Date: February 12, 2021
At Simply Digital we take privacy and data security seriously. We are committed to transparency in the collection and use of your personal information. The Privacy Notice describes how we collect and use personal information and the circumstances under which we may share this information.
Depending on the location of customers of the service, different entities within the Simply Digital group provide the service and are responsible for customers’ personal information. If you live in:
This Privacy Notice applies to the privacy practices of Simply Digital on its trademarked CoinSmart website located at https://www.coinsmart.com/ and to the CoinSmart mobile app (together the “CoinSmart Service”).
We ensure, within the framework of data protection legislation, the confidentiality of client data and implement appropriate physical, technical and organizational measures to help safeguard your data from unauthorized access, use, disclosure and accidental loss, modification, destruction or any other unlawful processing.
Collection and Use of Personal Information
What personal information do we collect?
Name, personal identification code or date of birth, signature.
Address, phone number, e-mail address.
Bank account information, payment information, liabilities, online payments and money transfers, payment methods, prices paid, quantity of order, time stamps associated with orders and payments, payment authorization information, and order activity history.
Transaction information on the purchase or sale of digital currencies or other transaction-based data that you generate or that is connected to your account including (including quantity, product, price of transactions); data about agreements entered into, amended or terminated with us; data about the performance of agreements, including data about suspected or actual violations of the agreement; and communications with you regarding the Services, including notices, service fees, enquiries and complaints, submitted Requests.
Anti-money laundering (AML) and Counter-Terrorist Financing (CTF) Data
Your government-issued photo identification or other identity document, country of residence, source of funds, data about your assets, the origin of assets, place of work, position, nature of your work, whether you are a politically exposed person or the family member or close associate of a politically exposed persons.
|Communication Data||Data contained in requests we receive from you, including customer service requests or your other communications with us via any channel, including communication by phone, e-mail, messages and other manners of communication.|
|Service Usage Information||Data about the date and time you access our Service, data about your device (such as device type, IP address, and device identifiers), operating system and hardware settings, browser type and characteristics, length of visits, pages viewed, geographic location, language preferences, referring URLs, time spent on pages, scrolling, mouse movements, and links clicked, and information derived from SIM card, network operator, IP address, GPS geolocation data.|
|Legal Compliance Data||Data obtained while performing our legal obligations, including data relating to enquiries made by investigative bodies, notaries, tax authorities, bailiff courts and other state institutions.|
How do we process your data?
We process your data in order to perform the services you request and to establish a client relationship with you, to respond to your requests and otherwise communicate with you, and to comply with our legal obligations, including our Know Your Customer and due diligence obligations under applicable laws. We use your data in the following ways:
How do we collect your data?
Most of the data we collect and process is directly provided by you. We collect and process the information about you in the following situations:
We also may collect information about you from public or third-party sources, such as public databases, ID verification partners, payment providers, companies providing services for money laundering and terrorist financing checks, credit risk reduction and other fraud and crime prevention purposes and companies providing similar services.
How we share your data with third parties
Except as set forth in this Privacy Notice and as required or permitted by law, we do not sell or share your personal information with third parties. We will not disclose more data than necessary for the purpose of disclosure and in compliance with regulatory legislation and data protection legislation.
Service Providers: We may transfer or otherwise make your data available to our third-party service providers who provide services to us in accordance with our instructions and on our behalf. Our service providers are only given the information they need to perform their designated functions, and are not authorized to use or disclose personal information for their own marketing or other purposes. We may transfer your data to third-party service providers as set out below:
Affiliates: We share data with entities within our group of Simply Digital companies who provide related services (with consent where required by applicable law) or provide us with support and ancillary services (including information security and customer account maintenance). Your personal information may be maintained and processed by us, our affiliates and other third party service providers in the US or other jurisdictions. In the event that personal information is transferred to the US or other foreign jurisdiction, it will be subject to the laws of that jurisdiction and may be disclosed to or accessed by the courts, law enforcement and governmental authorities in accordance with those laws. See also Data Transfers – EEA Customers for further information.
Legal and Compliance: We may also provide your information in response to a search warrant or other legally valid inquiry or order, including to public authorities and state institutions such as law enforcement agencies, bailiffs, notaries, tax authorities, supervisory authorities, financial intelligence agencies such as , Financial Crimes Enforcement Network and Financial Transactions and Reports Analysis Centre of Canada (FINTRAC), or as otherwise required or permitted by Canadian, US, European, or other law or legal process. Your data may also be disclosed where necessary for the establishment, exercise, or defence of legal claims, or when we believe disclosure is appropriate to comply with the law or protect ours or others’ rights, property, or safety, including to investigate or prevent actual or suspected loss or harm to persons or property.
Sale of Business: Your data may be provided to third parties in connection with a merger or sale (including transfers made as part of insolvency or bankruptcy proceedings) involving all or part of Simply Digital, or as part of a corporate reorganization or stock sale or other change in corporate control, including for the purpose of determining whether to proceed or continue with such transaction or business relationship.
Safeguarding and Retention of Personal Information
We have implemented reasonable administrative, technical and physical measures in an effort to safeguard the personal information in our custody and control against theft, loss and unauthorized access, use, modification and disclosure. We restrict access to your personal information on a need-to-know basis to employees and authorized service providers who require access to fulfill their job requirements.
We have personal information retention processes designed to retain personal information for no longer than necessary for the purposes stated above or to otherwise meet legal requirements. We may retain personal information, including financial information relating to transactions, for accounting and auditing purposes and otherwise in accordance with our obligations under applicable law.
Access to Personal Information
You have the right to access, update and correct inaccuracies in your personal information in our custody and control, subject to certain exceptions prescribed by law. You may request access, updating and corrections of inaccuracies in other personal information we have in our custody or control by emailing email@example.com. We may request certain personal information for the purposes of verifying the identity of the individual seeking access to their personal information records.
Your Additional Rights
You may have certain additional rights in relation to your personal information, depending on your jurisdiction. While some of these rights are general and unrestricted, other rights only apply in certain circumstances. The manner in which these rights apply may vary depending on the jurisdiction in which you are located.
Your rights may include:
If you wish to exercise any of your rights, please contact us at the details below. If you are located outside of the US and Canada, you also have the right to lodge a complaint with the Estonian Data Protection Inspectorate (Andmekaitse Inspektsioon), S.D.T OÜ’s lead supervisory authority. You can also contact your local data protection authority.
Privacy when using digital assets.
Your funding of bitcoin or other digital assets, may be recorded on a public blockchain. Many blockchains are open to forensic analysis which can lead to deanonymization and the unintentional disclosure of private financial information, especially when blockchain data is combined with other data. Because blockchains are decentralized or third-party networks that are not controlled by us, we are not able to erase, modify, or alter personal information from such networks.
Data Transfers- EEA Customers
We transfer your personal information to Simply Digital affiliates or third-party service providers located in countries outside of the EEA in connection with the above purposes. Countries that are outside the EEA may not offer the same level of data protection as in your home country, although the collection, storage and use of your personal information will continue to be governed by this Privacy Notice.
Standard contractual clauses
We use a legal mechanism known as “standard contractual clauses” to protect personal information transferred outside the EEA where there is no adequacy decision in respect of the country in which the data importer is located; for example, the United States of America. Standard contractual clauses refer to contracts between companies transferring personal information (for example, from Simply Digital Technologies OU to Simply Digital Technologies USA Inc.) that contain standard commitments approved by the EU Commission for protecting the privacy and security of the personal information transferred. To request a copy of the clauses, please email us at firstname.lastname@example.org.
In certain limited circumstances, we may use derogations, such as the contractual necessity or public interest derogation, where appropriate to process personal information, when there are no other data transfer mechanisms applicable.
Third Party Websites
The CoinSmart Service may contain links to other websites that are not owned or controlled by us. Please note that this Privacy Notice applies only to personal information that we collect through the CoinSmart Service. We have no control over, do not review and are not responsible for the privacy policies of or content displayed on such other websites. When you click on such a link, you will leave our service and go to another site. During this process, another entity may collect personal information from you. We may also collect information about your interactions with our accounts on third party social media platforms.
Updates to the Privacy Notice
We may update this Privacy Notice to reflect changes to our privacy practices. We encourage you to periodically review this page for the latest information on our privacy practices. If we materially change our Privacy Notice, we will take steps to notify you in advance of the change.
Simply Digital welcomes your comments and questions regarding this Privacy Notice and the use of your personal information. If you have questions or concerns please contact our Privacy Officer: email@example.com