Find Nearest BTM
Click to text or call 844-744-6100

Last Updated: October 25,2020

Scope and Consent

This policy describes the ways CoinGrab and its subsidiaries (hereinafter, “CoinGrab”, “we”, “our” or “us”) collect, store, use and protect Personal Data. The purpose of this policy is to ensure that CoinGrab complies with applicable United States (US) federal and state regulations, and European Union (hereinafter, “EU”) data protection laws such as the General Data Protection Regulation (hereinafter, “GDPR”). CoinGrab’s Services include merchant processing services, products, or any other features, technologies or functionalities (hereinafter: “Services”) offered by CoinGrab.

This policy describes the ways CoinGrab and its subsidiaries (hereinafter, “CoinGrab”, “we”, “our” or “us”) collect, store, use and protect Personal Data. The purpose of this policy is to ensure that CoinGrab complies with applicable United States (US) federal and state regulations, and European Union (hereinafter, “EU”) data protection laws such as the General Data Protection Regulation (hereinafter, “GDPR”). CoinGrab’s Services include merchant processing services, products, or any other features, technologies or functionalities (hereinafter: “Services”) offered by CoinGrab. Users accept this Policy by visiting our website and/or by using our Services.

There are six types of data subjects whose personal data we may process:

  1. Visitors of our websites (CoinGrabATM.com);
  2. Merchants that sign up for our Services;
  3. Shoppers who indirectly interface with CoinGrab when paying a merchant’s invoice that is forwarded by CoinGrab to merchants during checkout (refer to Section III for more details);
  4. CoinGrab cardholders that have signed up for a CoinGrab Prepaid Visa® DebitCard;
  5. CoinGrab wallet users that have downloaded and installed either the CoinGrab or Copay app on their mobile device;
  6. Shoppers who indirectly interface with CoinGrab when requesting a cryptocurrency withdrawal via a Merchant that is using CoinGrab’s Services.

What is “personally identifiable information?”

Personally Identifiable Information” (hereinafter: “Personal Data”) is any information that can be directly associated with a specific person and can be used to identify that person. A prime example of identifiable information is a person’s name.

What kind of personal data do we collect?

The Personal Data we collect depends on the type of user:

  1. 1. Visitors: We may collect the following Personal Data for visitors of our websites (https://coingrabatm.com): IP address Email address (e.g. when you subscribe to our blog or opt in to receive other marketing materials) Phone number (e.g. when you contact our sales team or media team or opt in to our media list) Name (e.g. when you submit a support request) We may collect information about a visitor’s computer or other access devices for fraud prevention purposes.
  2. Merchants: When opening an account, we may collect the following types of Personal Data of the beneficial owner or any user that is added to the account: Name Email address Date of birth Identification documents (such as a passport or driver’s license) We may use this Personal Data for risk-management purposes (i.e. to verify merchant’s identity or address). We may also obtain information about our merchants from third parties such as credit bureaus and identity verification services. We ensure that such third parties adhere to the same data protection principles as CoinGrab.
  3. Shoppers of merchants: When a shopper is paying a CoinGrab invoice, the following Personal Data is captured: Email address IP addresses used to view the CoinGrab invoice The email address is either automatically provided by the merchant or manually entered by the shopper. This enables our system to send an email to Shoppers directly to obtain a cryptocurrency refund address in case of a payment exception (e.g. overpayments, underpayments, etc.). This creates a more seamless payment experience for both the merchant and the shopper.
    Additionally, only upon the merchant’s explicit request, we will collect and store Personal Data for the merchant’s benefit only and as a service through our invoicing service. Personal Data that merchants may request from the shoppers are: Name Address Phone number Additionally, for donations that are made through CoinGrab’s processing platform, the merchant might opt for CoinGrab to collect the following Personal Data as required by the US Federal Election Commission (FEC) or other applicable local regulations: Donor’s name Donor’s email address Donor’s address Donor’s phone number Donor’s employer Donor’s job title Donor’s city of employment In all cases mentioned above, Shoppers’ or Donors’ information is processed and stored according to the same principles as we process / store our merchant’s Personal Data.
  4. Cardholders: When a user signs up for a CoinGrab Visa® Prepaid Card, the following information is collected as part of the onboarding program: Name Address Date of birth IP address Phone number Email address Social Security Number Please note that our Card Program is currently only available to US residents. CoinGrab only stores date of birth and social security number until the time the card application is accepted or archived.
  5. Wallet holders: For wallet holders, CoinGrab collects the following Personal Data: Email address The email address collection is optional in case the user would like to receive email notifications and (if selected) CoinGrab news and product updates and can be removed at any point in time.
  6. Shoppers that use CoinGrab’s cryptocurrency withdrawal service: The following Personal Data is collected for shoppers that would like to process more than 3000 USD per day: Name Email address Identification documents (such as a passport or a driver’s license) Proof of address document (such as a bank statement or a utility bill)

Sensitive or special categories of personal data

Why we collect personal information

Our primary purpose for collecting Personal Data is to provide you with a secure, smooth, efficient, and customized experience. We may use your Personal Data to: comply with applicable laws and regulations; provide the CoinGrab Services and customer support you request; process transactions and send notices about your transactions; resolve disputes, collect fees, and troubleshoot problems; prevent potentially prohibited or illegal activities, and enforce our Terms of Use; customize, measure, and improve the CoinGrab Services and the content and layout of our website and applications; deliver targeted marketing, service update notices, and promotional offers based on your communication preferences; compare information for accuracy and verify it with third parties.

How we protect and store personal information

We take security of data very seriously. We use computer safeguards such as firewalls and data encryption, we enforce physical access controls to our buildings and files, and we authorize access to Personal Data only for those employees who require it to fulfill their job responsibilities. In addition to this Privacy Policy, we have several other (internal) policies and procedures in place that deal with data security: IT Security Policy: This policy describes how we store and process your Personal Data on our servers in the United States and elsewhere in the world where CoinGrab facilities are located. It also describes how we protect it by maintaining physical, electronic and procedural safeguards in compliance with applicable US federal and state regulations, and EU data protection laws. Incident Response Policy: This policy describes our response to an information security incident. Data Breach Policy: This policy specifically describes what steps will be taken by us in case of a data breach. This includes notifying the supervisory authorities and the affected data subjects when required. Business Continuity and Disaster Recovery Policy: This policy describes how we recover from a disaster and what steps will be taken to continue or resume routine business operations. Cookie Policy: This policy describes how CoinGrab uses cookies to customize the CoinGrab Services, content and advertising; measure promotional effectiveness, and promote trust and safety.

Data Retention

We are a regulated Financial Institution in the United States and per the applicable Bank Secrecy Act provisions, we will retain Personal Data that has been obtained as a part of our Customer Identification Program for a period of 5 years after an account has been closed or became dormant.

Marketing

We may sell your Personal Data to third parties for their marketing purposes. We may combine your information with information we collect from other companies and use it to improve and personalize the CoinGrab Services, content and advertising. If you do not wish to receive marketing communications from us or participate in our ad-customization programs, you can send an email to support@coingrabatm.com.

Contact

To communicate with our Data Protection Officer, please email support@coingrabatm.com.

How we use cookies

What are cookies? A cookie is a small piece of data that a website asks your browser to store on your computer or mobile device. The cookie allows the website to “remember” your actions or preferences over time. Most browsers support cookies, but you can set your browser to decline them and can delete them whenever you like.

What type of cookies do we use? When you access our website, we, or companies we hire to track how our website is used, may place small data files called “cookies” on your computer. We and our service providers also use cookies to customize the CoinGrab Services, content and advertising; measure promotional effectiveness, and promote trust and safety.

We send a “session cookie” to your computer when you log in to your account or otherwise use the CoinGrab Services. This type of cookie helps us to recognize you if you visit multiple pages on our site during the same session, so that we do not need to ask you for your password on each page. Once you logout or close your browser, this cookie expires and no longer has any effect.

We also use longer-lasting cookies for other purposes such as to display your email address on our login page, so that you don’t need to retype the email address each time you login to your account. We encode our cookies so that only we can interpret the information stored in them. You are free to decline our cookies if your browser permits, but doing so may interfere with your use of our website.

We may also collect information about your computer or other access device to mitigate risk and for fraud prevention purposes. You may encounter cookies from third parties when using the CoinGrab Services on websites that we do not control (for example, if you view a web page created by a third party or use an application developed by a third party, there may be a cookie placed by that web page or application.)

Managing your cookie settings

You can manage cookies through the settings of your Internet browser. You can have the browser notify you when you receive a new cookie, delete individual cookies or delete all cookies. Please note that, if you choose to delete CoinGrab cookies, your access to some functionalities and areas of our website may be degraded or restricted.

For more information on cookies and how to opt-out of them, please visit the following third party website: Your Online Choices.

Changes to this policy

We may amend this policy at any time by posting a revised version on our website. The revised version will be effective at the time we post it. In addition, if the revised version includes any substantial changes to the manner in which your Personal Data will be processed, we will provide you with 30 days prior notice by posting notification of the change on the “Privacy Policy” area of our website.

Questions about privacy?

Please contact us. If you have questions concerning this Privacy Policy, please feel free to send us an email at support@coingrabatm.com.