Privacy Policy
Last updated: 12 June 2026
1. Data we collect
We collect identification data (name, email, country), authentication data (hashed password, 2FA secret), transaction data (deposits, withdrawals, plans), and technical data (IP, device, browser) used for security and AML compliance.
2. How we use your data
To operate your account, process transactions, comply with KYC/AML obligations, detect fraud, and improve the Platform. We do not sell your personal data.
3. Legal basis (GDPR)
We process your data on the basis of contract performance, legal obligation (AML), legitimate interest (security, fraud prevention), and consent (marketing communications, which you can withdraw at any time).
4. Storage and security
Data is encrypted in transit (TLS 1.3) and at rest (AES-256). Passwords are hashed using Argon2id with per-user salt. Access is logged and reviewed.
5. Your rights
You may request access, correction, deletion, portability, or restriction of your data. Contact privacy@coinvault.example.
6. Cookies
We use strictly necessary cookies (session, CSRF) and optional analytics cookies. You can manage preferences from your browser settings.
7. International transfers
Where data is transferred outside the EEA, we rely on Standard Contractual Clauses or adequacy decisions. A copy of the safeguards can be provided on request.
8. Retention
We retain account data for the duration of the account plus 5 years after closure, in line with AML obligations.