Last Updated: March 7, 2026
This Privacy Policy ("Policy") is established and maintained by CRYPTD.TO, a digital asset exchange platform ("Company," "We," "Us," "Our"). This Policy governs the collection, retention, processing, and disclosure of personal data, including but not limited to personally identifiable information ("Personal Data" or "PII"), as provided by users, customers, and third parties in connection with the Company's cryptocurrency voucher redemption services ("Services").
For purposes of this Policy, "Personal Data" shall include any information relating to an identified or identifiable individual, including but not limited to names, email addresses, digital wallet addresses, transaction identifiers, and any other information that may reasonably identify an individual, whether collected directly or indirectly through technological means.
The Company collects Personal Data in accordance with applicable international data protection regulations and anti-money laundering ("AML") directives. Data may be collected through:
The Company reserves the right to collect and process such Personal Data as reasonably necessary to operate the Services, comply with applicable law, and fulfill contractual obligations. The collection of Personal Data shall be limited to what is necessary for the stated purposes.
Personal Data is processed on one or more of the following legal bases:
The Company utilizes Personal Data for various purposes, which may include but are not limited to:
Personal Data may be disclosed to:
Personal Data shall be retained for so long as necessary to fulfill the purposes for which it was collected, subject to applicable legal retention requirements. Retention periods may vary depending on the nature of the data and regulatory obligations. The Company shall retain transaction records and identity verification data for a minimum of five (5) years in accordance with AML/KYC regulations and applicable law.
Upon expiration of applicable retention periods, Personal Data shall be securely deleted or anonymized, unless legal obligations require further retention.
The Company implements technical, organizational, and administrative safeguards designed to protect Personal Data against unauthorized access, alteration, loss, or destruction. However, no method of transmission or storage is entirely secure. While the Company employs industry-standard security measures, it cannot guarantee absolute security or freedom from unauthorized access.
Data subjects may have certain rights regarding their Personal Data, which may include the right to access, correction, erasure, and portability of data, subject to applicable law and legal limitations. Requests should be directed to the Company via the contact information provided herein. The Company shall respond to such requests in accordance with applicable legal timeframes.
The Services may contain links to third-party websites and services. This Policy applies solely to the Company's Services. The Company is not responsible for the privacy practices of third-party services and encourages users to review the privacy policies of such services independently.
The Company reserves the right to modify this Policy at any time. Material changes shall be communicated to users via notice on the Services or by email. Continued use of the Services following notification of changes constitutes acceptance of the modified Policy.
This Privacy Policy shall be governed by and construed in accordance with the laws of the Republic of Seychelles, without regard to its conflict of law principles. Any disputes arising from this Policy or the Company's privacy practices shall be subject to the exclusive jurisdiction of the courts of the Republic of Seychelles.
For questions or requests regarding this Privacy Policy, please contact: privacy@cryptd.to