Privacy Policy
Last Updated: June 2, 2025
Introduction
Welcome to CryptoComply ("we," "our," or "us"), a service provided by Canaria Consulting, LLC. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our Web3 compliance software solution and related services (collectively, the "Service").
CryptoComply acts as a data controller for the personal information it collects directly from users and as a data processor for information our customers input into the Service for compliance purposes. Customers are responsible for ensuring they have the right to provide such data under applicable law.
"Personal Data" or "personal information" refers to any information that relates to an identified or identifiable individual, including as defined under applicable data protection laws such as the GDPR and CCPA/CPRA.
Information We Collect
Information You Provide
- Account Information: Business contact details, user credentials, and profile information
- Business Information: Company details, compliance documentation, and transaction records
- User Content: Information you input into our platform for compliance purposes
Information Automatically Collected
- Technical Data: IP addresses, browser type, device information
- Usage Data: Feature interaction, access logs, and platform analytics
- Blockchain Data: Public blockchain addresses and transaction data processed through our service
How We Use Your Information
We use the information we collect for the following purposes:
- Service Provision: To provide, operate, and maintain the Service, including user authentication, account setup, and customer support.
- Compliance Screening: To screen names, wallet addresses, and other identifiers against watchlists (e.g., sanctions, PEP, enforcement lists), public blockchain records, and adverse media databases.
- Ongoing Monitoring: To continuously monitor submitted or linked wallet addresses and party names for updates on sanctions designations, enforcement actions, or negative news.
- Risk Analysis: To assess risk levels associated with parties and transactions based on compliance data, behavior, or public reputation.
- Fraud Detection & Security: To detect, prevent, and investigate security incidents, fraud, and unauthorized access or misuse of the Service.
- Product Improvement: To improve our Service, develop new features, and understand usage trends through aggregated analytics.
- Legal & Regulatory Compliance: To comply with applicable laws, regulations, and legal obligations, including responding to lawful requests from authorities.
- Communications: To contact you with Service-related communications, account updates, or administrative notices.
Information Sharing and Disclosure
We may share your information with:
- Service providers who assist in operating our platform
- Law enforcement or regulatory bodies when legally required
- Business partners with your explicit consent
- Professional advisors (attorneys, accountants, auditors)
We do not sell your personal information to third parties.
Data Security
We implement industry-standard security measures to protect your information, including:
- Encryption of data in transit and at rest
- Regular security assessments and penetration testing
- Access controls and authentication mechanisms
- Secure data backup and recovery procedures
Data Retention
We retain your information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, including to comply with our legal obligations, resolve disputes, and enforce our agreements. Retention periods vary depending on the type of data:
- Account and profile information: Retained until the account is deleted or inactive for 3 years
- Compliance-related documentation: Retained for up to 7 years or as required by law
- Technical and usage data: Retained for 12 months unless otherwise required
Cookies and Tracking Technologies
We may use cookies and similar technologies to enhance your experience, analyze usage patterns, and improve our Service. You can manage cookie preferences through your browser settings or opt-out tools provided in your region.
Your Rights and Choices
You have the right to:
- Access your personal information
- Correct inaccurate data
- Request deletion of your data (subject to legal requirements)
- Opt-out of marketing communications
- Request exporting your data in a structured format
International Data Transfers
We may transfer your information to servers located outside your country of residence. We rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission for data transfers outside the EEA and UK. These clauses ensure your personal data is protected when transferred internationally.
Changes to This Policy
We may update this Privacy Policy periodically. We will notify you of any material changes by:
- Posting the new policy on our website
- Sending an email to registered users
- Displaying a notice within our Service
Contact Us
If you have questions about this Privacy Policy or our privacy practices, please contact us at:
Company: Canaria Consulting, LLC
Email: privacy@cryptocomply.co
Additional Information for Specific Jurisdictions
California Residents
If you are a California resident and the processing of Personal Data about you is subject to the California Consumer Privacy Act (CCPA) and California Privacy Rights Act (CPRA), you have the following rights:
Notice at Collection
You have the right to receive notice of our data practices at or before the point of collection, including:
- Categories of Personal Data collected
- Purposes for collection and use
- Whether information is sold or shared
- Retention period for collected information
These details are provided throughout this privacy policy.
Right to Know
You have the right to request disclosure of the Personal Data we have collected about you, including:
- Categories of Personal Data collected
- Sources of Personal Data
- Business purposes for collection
- Categories of third parties with whom we share Personal Data
To make a "request to know": Email us at privacy@cryptocomply.co
Rights to Request Correction or Deletion
You have the right to:
- Request correction of inaccurate Personal Data
- Request deletion of Personal Data (subject to certain exceptions)
To make a correction or deletion request: Email us at privacy@cryptocomply.co
Right to Opt-Out / "Do Not Sell or Share My Personal Information"
The CCPA/CPRA defines "sell," "share," and "personal information" broadly. While we do not sell Personal Data in the traditional sense, some of our data sharing practices (such as using advertising and analytics providers) may be considered "selling" or "sharing" under the CCPA/CPRA.
You can exercise your right to opt out of the sale or sharing of personal information by clicking the “Do Not Sell or Share My Personal Information” link on our homepage or by emailing us atprivacy@cryptocomply.co.
We do not knowingly sell or share Personal Data of minors under 16 years of age.
Right to Limit Use of Sensitive Personal Information
You have the right to limit our use of sensitive Personal Data to only what is necessary to provide our services or as otherwise permitted by law. We do not collect or use Sensitive Personal Information, as defined by the CCPA/CPRA (e.g., precise geolocation, government identifiers, or racial/ethnic data), for any purposes other than those necessary to provide our Service or comply with the law.
Authorized Agents
You may designate an authorized agent to make requests on your behalf. We will:
- Require proof of authorization
- Verify your identity directly for certain requests
Verification Process
To fulfill requests related to specific pieces of Personal Data, we will verify your identity to the degree required by law by:
- Confirming requests from your registered email address
- Requesting additional verification information as needed
Non-Discrimination
We will not discriminate against you for exercising your CCPA/CPRA rights.
Shine the Light Law
Under California Civil Code Section 1798.83 (the "Shine the Light" law), California residents may request information about our disclosure of Personal Data to third parties for their direct marketing purposes. We do not disclose Personal Data to third parties for their direct marketing purposes as defined by this law.
For questions about our California privacy practices, email privacy@cryptocomply.co. We will respond to one request per California resident each year.
European Economic Area Residents, UK
If you are located in the European Union or United Kingdom, the processing of your Personal Data is subject to additional rights and protections under applicable data protection laws (including GDPR and UK GDPR).
Legal Basis for Processing
We collect and process your Personal Data based on one or more of the following legal bases:
Your Rights
Under these laws, you have the following rights:
Access and Portability
- Request access to your Personal Data
- Receive a copy of your Personal Data in a structured, commonly used, and machine-readable format
- Transfer your Personal Data to another service provider where technically feasible
Control and Rectification
- Request correction of inaccurate Personal Data
- Object to the processing of your Personal Data
- Restrict the processing of your Personal Data under certain circumstances
- Request erasure of your Personal Data ("right to be forgotten")
- Withdraw your consent at any time for future processing where we rely on consent
Special Rights
France residents: You may provide specific instructions regarding the use of your Personal Data after your death.
Exercising Your Rights
We have appointed a Data Protection Officer (DPO) to oversee our privacy practices.
To exercise any of these rights:
- Email our DPO at privacy@cryptocomply.co
We will respond to your request within the timeframe required by applicable law.
Supervisory Authority
While we encourage you to contact us first with any questions or concerns, you have the right to lodge a complaint with your local data protection supervisory authority.
For more information about our data protection practices or to exercise your rights, please contact our Data Protection Officer at privacy@cryptocomply.co.