CoinGate Privacy Policy

Date last updated: May 23, 2018

At CoinGate (CoinGate is owned and operated by UAB “Virtualios valiutos”) we care about protection of your information. We follow the requirements of the so-called European Union General Data Protection Regulation (GDPR) and other laws protecting information about you at our company. To know more please carefully read this Privacy Policy.

  1. How should I read this Privacy Policy?

    This Privacy Policy will answer the most important questions about how we collect, use and store information about you. In case you have any other questions or find any part of this Privacy Policy unclear, our Data Protection Officer is ready to help you as described in Section 12 of this Privacy Policy. Please note that any form of the word ‘we’ in this Privacy Policy stands for our company specified in Section 2 of this Privacy Policy.

  2. Who is responsible for protecting my information?

    We are: UAB “Virtualios valiutos”
    Our identification number is: 303423510
    Our address is: A. Gostauto str. 8, LT-01108, Vilnius, Lithuania
    Our e-mail address is: info@coingate.com

  3. Why and which information do you collect about me?

    We collect, use and store only that information that is necessary to:

    • provide you with CoinGate virtual currency purchasing and payment processing collection services
    • implement measures of anti-money laundering (AML) and combating the financing of terrorism
    • send you information on services of CoinGate
    • submit responses to your inquiries
    • ensure security of CoinGate’s website
    • continuously improve our website for you

    You can find the more detailed information in the table enclosed to this Privacy Policy.

  4. Do you use cookies?

    Yes. We use cookies as described in our Cookie Policy.

  5. Which information I have to provide you with and why?

    You have to provide us with the information which we need to provide you with the virtual currency purchasing and payment processing collection services. In case you do not provide us with this information, we will not be able to provide the services. You can find the more detailed information in the table enclosed to this Privacy Policy.

  6. Where do you get my information from?

    We get your information from:

    • You
    • Blockchains of Bitcoin and other cryptocurrencies
    • Facebook Ireland Ltd.
    • Google Ireland Ltd.
    • Coinfirm Ltd.

    You can find the more detailed information in the table enclosed to this Privacy Policy.

  7. Why you are legally allowed to collect my information?

    We collect information lawfully about you because:

    • We conclude and perform a contract with you (Art. 6 (1) (b) of the GDPR)
    • We have a legitimate interest to do that (Art. 6 (1) (f) of the GDPR)
    • You have given consent to the processing of your personal data (Art. 6 (1) (a) of the GDPR) (Law on Electronic Communications, Art. 69 (1) (Lithuania))

    For more detailed information please refer to the table enclosed to this Privacy Policy.

  8. Do you share information about me within the European Union?

    We share the information about you with the following entities only where needed for the reasons listed under the Answer 3 above and permitted by applicable laws:

    • Bitstamp Ltd.
    • Blockchain Luxembourg S.A.
    • BlueOrange Bank
    • Cex.io Ltd.
    • Coinfirm Ltd.
    • DaoPay GmbH
    • Facebook Ireland Ltd.
    • Google Ireland Ltd.
    • Mailjet SAS
    • Mayzus Financial Services Ltd.
    • SatoshiLabs Ltd.
    • UAB „Interneto vizija“
    • UAB „Mistertango“
  9. Do you share information about me with someone outside the European Economic Area (EEA)?

    We share the information about you with the following entities only where needed for the reasons listed under the Answer 3 above and permitted by applicable laws.

  10. How long you will keep information about me?

    We will store your information for 10 years after termination of your account, unless the enclosed table provides otherwise.

  11. What can I do about my information at your company?

    If you wish to do any of the following, please contact our Data Protection Officer as described in Part 12.

    • Request us to reveal to you information we have about you
    • Request us to correct information we have about you
    • Request us to delete your information
    • Request us to restrict use or deletion of your information
    • To object to collection, use and storage of your information at our company
    • Request us to export your data to you or transfer it other companies
    • To submit a complaint to data protection authority: Lithuanian State Data Protection Inspectorate, phone number (8 5) 279 14 45, e-mail address ada@ada.lt
    • To withdraw any consent you gave to us

    To file an inquiry or a complaint, please contact our Data Protection Officer as described in Part 12. Please note that these rights are subject to conditions and exemptions established by law as well as the procedure we will be following in order to assist you.

  12. How can your Data Protection Officer can help me?

    If you have any questions, comments or complaints regarding how we collect, use and store information about you, CoinGate has Data Protection Officer to help you. If you need his / her help, please send an e-mail to dpo@coingate.com.

Detailed Description of How We Collect, Use and Store Data Information About You

Why you collect information about me? Which information you collect about me? Why you are legally allowed to collect my information? Which provisions of GDPR and other laws apply? How long do you keep information about me?
Virtual currency purchasing and payment processing collection platform administration E-mail, password, country, name and surname, address, telephone number, cryptocurrency address, bank account number, account number of money withdrawal platform, PayPal address, transaction amount, transaction currency, transaction time, address of the sender of the transaction, address of the payee of the transaction, ID number, ID copy, photo of you, data provided in business registration certificate, data provided in the document of business address proof Contract (Art. 6 (1) (b) of the GDPR) 10 years after termination of your account
Prevention of Money Laundering and Terrorist Financing Name and surname, personal code, date of birth, nationality, country of residence for tax purposes, country, postal code, address, telephone number, e-mail, position, workplace city and state, sources of funds, states from which funds are received and transferred, planned turnover of services, services that use or plan to use, signature, risk level, name and surname of the manager, personal code of the manager, nationality of the manager, signature of the representative, name and surname of the representative, personal code of the representative, data of birth of the representative, the basis of representation, nationality of the representative, country of residence for tax purposes of the representative, representative country, representative postal code, representative country, postal code of the representative, address of the representative, telephone number of the representative, e-mail of the representative, position of the representative, workplace city and state of the representative, risk level of the representative Legitimate interest (Art. 6 (1) (f) of the GDPR) 10 years after the termination of business relations
Direct marketing Name and surname, e-mail Customer relationship (Law on Electronic Communications Art. 69 (2) (Lithuania))

Consent (Law on Electronic Communications Art. 69 (1) (Lithuania))
10 years after the end of the customer relationship, unless you withdraw your consent
Customer service E-mail address, subject of your inquiry, date of your inquiry, content of your inquiry, attachments to your inquiry, your name and (or) surname provided in your inquiry, reply to your inquiry, information provided by you Consent (Art. 6 (1) (a) of the GDPR) 10 years after receiving a query, request or complaint
Website security Internet protocol address (IP), user agent, referrer url, date and time of website visiting Legitimate interest (Art. 6 (1) (f) of the GDPR) 10 years after your last visit of our website