Privacy Policy for Payers

Coinify ApS (“Coinify”) is a private limited company incorporated in Denmark with company number DK35847995 and whose registered office is located at Grønnegade 10, 1, 1107 Copenhagen K, Denmark.

Coinify complies with applicable European data protection laws, including the General Data Protection Regulation and its implementing acts (hereinafter referred to as “GDPR”).

Coinify ApS handles crypto-asset transactions globally. Coinify ApS is the data controller for the processing of personal data in connection with crypto-asset transactions.

As data controllers, we determine the means and purposes of processing data concerning the use of our services within the crypto-asset industry. If you have any questions about your Coinify Account, your personal information, or this privacy policy, please direct your questions to legal@coinify.com.

Travel Rule Compliance

As part of our obligations under the EU Transfer of Funds Regulation and the Danish Anti-Money Laundering Act (Hvidvaskloven), Coinify ApS is required to collect and transmit certain personal information related to crypto-asset transfers, commonly known as the “Travel Rule”.

The Travel Rule is a legal framework designed to prevent financial crime by requiring Crypto-Asset Service Providers (CASPs) to obtain and transmit specific identifying information about the payer (originator) in a crypto-asset transaction.

Purpose and Legal Basis

The processing of Travel Rule data is based on Article 6(1)(c) of the GDPR, i.e., compliance with a legal obligation. This means we are legally required to collect, verify, retain, and share certain personal data as part of anti-money laundering and counter-terrorist financing efforts.

Personal Data Collected

To fulfil these obligations, Coinify collects, at a minimum, the following information related to the payer:

• Full name
• Date of birth
• Residential address
• Wallet address

Where applicable, we may also collect additional identifiers.

Recipients

Travel Rule data may be shared with beneficiary CASPs, financial counterparties, regulators, and law enforcement. All such transfers of information are carried out under appropriate safeguards and legal mechanisms to protect your personal data.

Data Retention

Coinify is committed to ensuring that the data we collect from you is stored for no longer than necessary. This means that we only store your information for as long as necessary to deliver our services to you and to fulfil our legal obligations, currently 5 years.

Your Rights

When we process your personal data, you have several rights under the General Data Protection Regulation:

• You have a right of access to Coinify’s processing of your data, including a copy of your data.
• You have the right to request the transmission of your personal data to another enterprise, where technically feasible.
• You have the right to object to our processing of your data. If your objection is accepted, we will stop processing the data in question.
• Your right to erasure may be limited where we are legally required to retain personal data under anti-money laundering and Travel Rule obligations.

If you wish to make use of your rights under the General Data Protection Regulation, please contact Coinify at legal@coinify.com.

Complaints

Complaints regarding our processing of your personal data can be submitted to the Danish Data Protection Agency.

You can contact the Danish Data Protection Agency via your digital mailbox at borger.dk, by email to dt@datatilsynet.dk, or by post to:

Danish Data Protection Agency
Borgergade 28, 5.
1300 Copenhagen K, Denmark