On May 25, 2018, the General Data Protection Regulation (GDPR) has come into force. With this European regulation the privacy legislation has been modernized. The GDPR contains rules about the processing of personal data and the free movement of these data.
Privacy and protection of personal data
Byecoin is subjected to legislation that regulates financial institutions and markets, the AMLD5 implementation. Following from this legislation we are obligated to maintain a compliancy system for detecting fraud and money laundering on the digital currency market in a very early stage. We do this, for example, by conducting a ‘Know Your Customer’ policy. Would you like to use our services? Then we will have to ask you for documentation which confirms your identity. In case we detect alleged fraud, money laundering or financing of terrorism we will report this to the FIU instantly. Only in these particular cases we will have to share personal data with external agencies.
Only with your permission
Your personal data
Would you like to use our services? Then you will need to register on our platform and share personal data such as:
- Basic information such as your first- and last name, title, gender, the company you work at or your function title (if applicable);
- Contact information such as residential address, (mobile) phone number or email address;
- Additional personal data such as your identification document, your bank account number and your wallet addresses;
- Technical information such as your IP address, the device you are using to visit our website and the pages you visit;
- All other personal data that we receive from or about you or that we can obtain ourselves and that we use for the purposes stated below.
- Salary slips or other information that support your explanation of the origin of certain amounts of funds.
In addition, we will save the time and date of your registration. We do this to protect ourselves against misuse of your data by third parties who have registered on our platform without your knowledge.
In most cases we receive your personal data from you, for example when creating an account with our Byecoin app or when you are applying for higher trading volume tiers. We may also obtain your personal data in other ways, for example from third parties, via (public) registers (such as the Trade Register) or from other public sources and websites.
Special personal data
With your permission we will also process so called special personal data. We receive a copy of every user’s Identity Document. The passport photo that is visible on that document is considered special personal data. We can also ask for income and asset data. We need this information for additional customer research. This is considered special personal data as well.
Why do we process personal data?
We want to provide you with the best possible service and we want to comply with all laws and regulations. That is why it is necessary for us to process your personal data. We process personal data to:
- conduct transactions on our platform in a correct manner;
- inform you and to maintain our relationship by email, phone or otherwise;
- improve our service;
- invite you for a customer satisfaction survey;
- determine your identity for a safe use of your account and to prevent fraud;
When are we allowed to process personal data?
We can only process your personal data if there is a legal reason behind it. The entire KYC process has been outsourced to a third party, certified and qualified to perform KYC assessments with respecting the GDPR legislation:
- The execution of the agreement
- due to a legal obligation
- with your permission
- for legitimate interest
Who do we work with?
We could share your personal data with third parties. Data will be shared during the following events:
- to improve and test the usability of our app. The easier our platform is, the easier you are able to navigate on our app;
- to be able to meet legal obligations, for example a report to a supervisor;
- to be able to provide you with support. For example, software which our support team uses and the chat and phone service that we use to communicate with you. This way we can provide you with the fast and correct support you are accustomed to;
- to make payments on our platform possible. For this we work together with several Payment Service Providers and various banks;
- to establish your identity in a professional manner, for example our automated way of checking your proof of identity. Your safety is very important to us;
- to prevent fraud or money laundering, for example checking for sanction lists and PEP lists to prevent criminals from using our platform;
- external suppliers that we engage for processing, as described in this privacy statement, such as our IT suppliers, software to trace the origin of the cryptocurrencies or a translation agency;
We store data regarding your transactions for at least seven years. Storing this data for our financial administration is a legal obligation. Other data, such as your Identity Document or Residential Address, will be stored until you withdraw your consent. When there is a legal requirement, we will keep the data as well.
In line with the General Data Protection Regulation, you have the right to access, correct, and supplement your personal data. You also have the right to have your personal data removed. Would you like to do so? Send an email to: firstname.lastname@example.org. In addition, users of our platform have the right to file a complaint with the Dutch Data Protection Authority.
You can contact us by email, chat, phone and via the contact form on our website. When you do, we store the data to handle your request, such as your phone number, email address, and name.