Privacy Policy

Dear Customer, dear interested Parties,

Thank you for your interest in our company and the services and products we offer.

With this Privacy Notice, Crypto Finance Deutschland GmbH (hereinafter ‘We’ or ‘Us’ or “CF-D”) informs you about how we process your personal data. Your personal data refers to information that concerns you (hereinafter ‘personal data’), such as your name or contact details.

We pay particular attention to the processing of personal data in accordance with the General Data Protection Regulation EU 2016/679 (‘GDPR’) and the applicable national data protection laws.

1. Controller

Our contact details are:

Crypto Finance (Deutschland) GmbH
Bockenheimer Anlage 46
60322 Frankfurt am Main
info@crypto-finance.com

Data Protection Officer (DPO)

Crypto Finance (Deutschland) GmbH
Bockenheimer Anlage 46
60322 Frankfurt am Main
dataprotection@crypto-finance.com

2. Purpose, Categories of Personal Data, Legal Basis, and Retention

We process the following categories of your personal data for the following purposes.

2.1.1 General contact by email,  chat, post, or phone
We collect your personal data when you provide it to us via our contact forms or when you contact us directly. Then we process the information that you have provided to us in the course of establishing contact. This includes, in particular, names and contact data provided (address, telephone number or e-mail address), date and reason for contact. The personal data that you collect will only be used to answer and fulfil your specific enquiries. The legal basis is Art. 6 para. 1 lit. (f) GDPR, which permits the processing of personal data for the purpose of our legitimate interest in processing and answering your enquiry. Your personal data processed in this respect will be stored by us for as long as it is necessary to carry out our relationship (communication) with you and in accordance with the applicable legal storage regulations.

2.1.2 Sales, marketing, and invitations
We may use your personal data (name, first name, address, company, telephone number, e-mail address) to send you information about our services, partners, promotions and events that we think may be of interest to you. We may contact you by e-mail based on our legitimate interests under Article 6 para. 1 lit. (f) of the GDPR if we have a direct business relationship with you or with the company for which you work, and if you have not objected. We may contact you by telephone if you have given your consent (Article 6 para. 1 lit. (a) GDPR) or on the basis of a presumed consent on the condition that you will welcome the call. We may contact you by post on the basis of our legitimate interests under Article 6 para.1 lit. (f) GDPR as long as you do not object. In such cases, it is our legitimate interest to inform business partners or potential customers about such services and products that may be of interest to them and thus to maintain our existing or future business relationship. Your personal data processed in this respect will be stored by us for as long as it is necessary to carry out our relationship (communication) with you and in accordance with the applicable legal storage regulations.

2.1.3 Newsletter
We offer circulars, readiness newsflashes and product newsletters to keep you regularly informed about ongoing initiatives and upcoming projects and any future updates or news about products and events. You can register for the categories you would like to subscribe to on our website by entering your email address. After entering your data, you will receive an e-mail in which you can confirm your registration in order to activate the newsletter. You can unsubscribe from this service in every newsletter and withdraw your consent with effect for the future. With regard to the processing of your personal data, the relevant legal basis is your consent in accordance with Article 6 Paragraph 1 lit. a in connection with Article 7 GDPR.

2.1.4 Events
If you participate in our events, we collect your participant data (e.g. name, contact data, e-mail address, billing data) for the organisation and execution of the respective event. In order to carry out and organise the event, your data may also be passed on to other parties involved in the event if this is necessary (e.g. for admission control). The legal basis is Art. 6 para. 1 lit. (b) of the GDPR, permitting the processing of Personal Data for the purposes of the performance of a contract. General information regarding data protection and events can be found at the end of this website. Further information may be provided in a privacy notice for the specific event, if this is necessary. Your personal data processed in this respect will be stored by us as long as it is necessary to maintain our relationship (participation in the event) with you and as long as it is necessary in accordance with the legal retention periods.

2.1.5 Performance of contracts and services
If you or your company want to be authorized as a customer of one of our services, we collect your personal data (first name, last name, contact data, company) to register you to our service and for the usage of our service. The sole responsible body is the respective company with which a contract is concluded or occurs in the case of pre-contractual measures. The purposes of personal data processing are determined by the specific service or product. This may include especially assessments, consultation, trading activities, and the execution of business accounting and tolls. The legal basis for processing this personal data is Article 6 (1) lit. b GDPR, as processing is necessary to fulfill a contract or for pre-contractual measures between us and the customer. If the user is not the customer who concluded the contract with us, but an employee of the customer or otherwise authorized by the customer to use our services, the legal basis for processing is Article 6 (1) lit. f GDPR, as the processing is in the legitimate interest of the customer. The legitimate interest of the customer is to enable the user to use our services in accordance with the contract. Your personal data processed in this regard will be stored by Us as long as it is necessary to carry out Our relationship (registration and use of our service) with you and required by applicable statutory retention laws.

2.1.6 General use of our websites
When you use our website and online platform, we will automatically log information about the browser that is used to access the website, such as your IP address, session time, pages viewed from that address and the website from which you are visiting the website. We may also collect device-specific information, such as your hardware model and operating system. We use this information to identify and prevent malpractice and crime and to investigate improper conduct. The legal basis for the processing of your personal data for these purposes is Art. 6 para. 1 lit. (c) GDPR in fulfilling our legal obligation to take technical and organisational measures to ensure secure data processing in accordance with Article 32 GDPR and Article 6 para. 1 lit. (f) GDPR in order to pursue our legitimate interests in data processing for network and information security. After the specified period of 30 days, the above data will be deleted. If data is processed for a longer period of time, we will anonymise or delete the data as soon as their storage no longer serves the respective purposes.

2.2 Do you have to provide your personal data with us?
The disclosure of your personal data is necessary in order to access the protected areas of the website, which are restricted to members of our customer groups, to contact us directly or to receive a newsletter. This means that it is necessary that you give us your personal data in the context of e.g. to provide a user registration process or contract.

2.3 Do we make automated decisions about you?
Apart from automatic processing, including profiling, we do not make automated decisions that have legal or similar effects for you.

2.4 Retention periods
The retention periods for personal data depend on the purpose of processing. Unless otherwise described, we will store the personal data mentioned in Section 2.1 above for as long as (i) necessary for the respective purpose and/or (ii) required by applicable legal retention laws. We will retain personal data you provide to us for as long as our business relationship with your company exists, plus any applicable retention periods required by law (e.g., based on tax regulations) or as long as it is necessary to pursue our legitimate interests after the termination of the business relationship (e.g., to assert claims within the statutory limitation periods).

3. Disclosure of personal data

We will not disclose your personal data to third parties unless such disclosure is permitted by law or you have explicitly consented to the transfer.

To provide our contractual services, we use selected service providers (data processing providers) and vicarious agents of the categories listed below who have access to your personal data to the extent necessary and can use it to process the orders placed by us.
We may transfer your personal data to public authorities where this is required by applicable law (e.g. the German Stock Exchange Act (Börsengesetz) or the German Securities Trading Act (Wertpapierhandelsgesetz)). A transfer of your personal data is also permitted if there is suspicion of a criminal offence or the abuse of the services offered on our website. In this event, we shall be entitled to transfer your Personal Data to the criminal prosecution authority.

Otherwise, your personal data will be stored exclusively in our database and on our servers or on those of our commissioned data processing providers. We will only share your Personal Data with other controllers for their own purposes such as cooperation or advertising partners under the condition that you explicitly and voluntarily agreed to such transfer of your Personal Data; in this case, we will obtain your consent separately from this Notice.
Sometimes the recipients to whom we transfer your personal data are located in countries in which applicable laws do not offer the same level of data protection as the laws of your home country. In such cases, we take measures to implement appropriate and suitable safeguards for the protection of your personal data.

Under these conditions, recipients of your personal data can be for example:
public bodies and institutions in the presence of a legal or regulatory obligation (eg. financial authorities),
other companies and service providers (processors) / vicarious agents in the following areas:

  • Print service providers
  • Telecommunications service provider
  • Billing service provider
  • Financial institutions
  • Collection agencies business and tax audit companies
  • Provider of the online platform
  • Newsletter provider

4. Cookies and similar applications

When you visit the website and Our online platform, information is stored on your terminal device in the form of a “cookie.” Cookies are small files that are stored on your terminal device and save certain settings and data to exchange with our websites via your browser.

For example, cookies enable us to tailor a website to better match your interests or to store your password so that you do not have to re-enter it every time. As a general rule, we never collect personal data via cookies, unless you have given us your express permission to do so.

If you do not want us to recognize your terminal device, please configure your Internet browser to erase all cookies from your device, to block all cookies or to receive a warning before a cookie is stored. You will find brief instructions on how to do this below.

Please note that certain functions of our website may no longer work, or not correctly, without cookies.

4.1 Types of cookies on website
Cookies can be assigned to four categories, depending on their function and intended purpose: absolutely necessary cookies, performance cookies, functional cookies, and cookies for marketing purposes.

4.1.1 Absolutely necessary cookies
Are needed for you to navigate within websites and operate basic website functions, such as the issuance of anonymous Session IDs for bundling several related queries to a server.

4.1.2 Performance cookies
Collect information on the usage of our websites, including for example the Internet browsers and operating systems used, the domain name of the website which you previously visited, the number of visits, average duration of visit, and pages called up. These cookies do not store any information that would make it possible to personally identify the user. The information collected with the aid of these cookies is aggregated and is therefore anonymous. Performance cookies serve the purpose of improving the user friendliness of a website and therefore enhancing the user’s experience. You can block the use of such cookies by creating an exclusion cookie (see “managing cookies” below).

4.1.3 Functional cookies
Enable a website to store information the user has already entered (such as user ID, language selection, or the user’s location), in order to offer improved, personalized functions to the user. Functional cookies are also used to enable requested functions such as playing videos and to make a user’s decision to block or disable a certain function (e.g. web analysis) – “opt-out cookies”.

4.1.4 Cookies for marketing purposes
Used to offer more relevant content to users, based on their specific interests. They are also used to limit the display frequency of an ad and to measure and control the effectiveness of advertising campaigns. They register whether users have visited a website or not, and which contents were used. This information may possibly also be shared with third parties, such as advertisers, for example. These cookies are often linked to the functions of third-party websites. You can block the use of such cookies by creating an opt-out cookie (see “Managing cookies” below).

4.2 Types of used cookies
4.2.1 Strictly necessary cookies
4.2.2 Performance-Cookies
4.2.3 Functional Cookies
4.2.4 Cookies for marketing purposes

4.3 Managing cookies
You can change your cookie preferences at any time by clicking on the ‘Cookies Preference Manager’ link. You can then adjust the available sliders to ‘On’ or ‘Off’, then clicking ‘Save and close’. You may need to refresh your page for your settings to take effect.

Please note: Not all of the cookies mentioned above will necessarily be used when you browse our website using a mobile terminal device.

In the following you will find a summary of links that provide detailed information on the deactivation of cookies in commonly used browsers.

4.4 Newsletter-tracking (tracking pixel)
CFD newsletters contain so-called tracking pixels. A tracking pixel is a miniature graphic that is embedded in such emails that are sent in HTML format to enable log file recording and log file analysis. This allows a statistical evaluation of the success or failure of online marketing campaigns. Based on the embedded tracking pixel, CF-D may see if and when an e-mail was opened by a data subject, and which links contained in the e-mail were called up by the data subject.

Such personal data collected via the tracking pixels contained in the newsletters are stored and evaluated by the person responsible for the processing or the electronic portal of a third-party provider commissioned by the latter, in order to optimize the newsletter dispatch and to adapt the content of future newsletters even better to the interests of the data subject. This personal data will not be passed on to third parties; nor will it be used for any other purposes outside those stated above.

Consent
The recipient of our newsletter consents to this form of data processing based on the information provided above by accepting the privacy policy.

In the event of a withdrawal by the data subject, this personal data shall be deleted by the controller. CFD automatically regard a withdrawal from the receipt of the newsletter as a revocation. CFD thereby unilaterally initiate the aforementioned measures.

4.5 SSL encryption
For security reasons and to protect the transmission of confidential content, such as enquiries that you send to us as the site operator, this site uses SSL encryption. You can recognize an encrypted connection by the fact that the address line of the browser changes from “http://” to “https://” and by the lock symbol in your browser line.

If SSL encryption is activated, the data you transmit to us cannot be read by third parties.

4.6 Registration function
The data entered as part of a registration will be used for the purposes of using the offer. Users may be informed by e-mail about information relevant to the offer or registration, such as changes to the scope of the offer or technical circumstances. The data collected can be seen from the input mask within the scope of registration. This includes, for example, name, postal address, e-mail address, IP address and their purpose.

4.7 Social media buttons (buttons with access to social media)
If functions (plug-ins) of third-party providers or social media platforms (Facebook, Twitter, LinkedIn, Google+, etc.) are integrated on the CF-D website, these plug-ins enable the user to share content on the aforementioned social networks. When the website is called up, the buttons are deactivated by default. This means that no personal data is transmitted to the respective third party providers without the user’s intervention. After the user has activated the buttons, the plug-ins automatically transmit data, including personal data, to the corresponding third-party provider. If the user is logged into the network of the respective third-party provider at the same time as visiting the website, the provider can assign the visit to the user’s network account. CF-D have no influence on this. The purpose and scope of this data collection and the further processing and use of personal data are set out in the data protection information of the respective social networks. Users can also obtain information on rights and setting options regarding the protection of privacy there.

4.8 Facebook plugins (like-button)
If Plugins of the social network Facebook, provider Facebook Inc., 1 Hacker Way, Menlo Park, California 94025, USA, are integrated on our pages you can recognize the Facebook plugins by the Facebook logo or the “Like” button on our site. You can find an overview of the Facebook plugins here: Social Plugins Documentation Facebook for Developers.

When you visit our pages, a direct connection may possibly established between your browser and the Facebook server via the plugin. Facebook thereby receives the information that you have visited our site with your IP address. If you click the Facebook “Like” button while you are logged into your Facebook account, you can link the content of our pages on your Facebook profile. This allows Facebook to associate the visit to our pages with your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Facebook.

You can find more information on this in Facebook’s privacy policy.

If you do not want Facebook to be able to assign your visit to our pages to your Facebook user account, please log out of your Facebook user account.

4.9 X (Twitter)
If functions of X (Twitter) service are integrated on our pages these functions are offered by Twitter Inc., 1355 Market Street, Suite 900, San Francisco, CA 94103, USA. By using Twitter and the “Re-Tweet” function, the websites you visit are linked to your Twitter account and made known to other users. In the process, data is also transferred to Twitter. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by Twitter.

Here you can find more information on Twitters data protection declaration.

You can change your Twitter privacy settings in the account settings.

4.10 LinkedIn
Our website uses functions of the LinkedIn network. The provider is LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. Each time one of our pages containing LinkedIn functions is accessed, a connection to LinkedIn servers is established. LinkedIn is informed that you have visited our website with your IP address. If you click the LinkedIn “Recommend” button and are logged into your LinkedIn account, it is possible for LinkedIn to associate your visit to our website with you and your user account. We would like to point out that we, as the provider of the pages, have no knowledge of the content of the transmitted data or its use by LinkedIn.

Here you can find more information on LinkedIn’s privacy policy.

4.11 XING
Our website may use features of the XING network. The provider is XING AG, Dammtorstraße 29-32, 20354 Hamburg, Germany. Each time you access one of our pages containing XING features, a connection to XING’s servers is established. To the best of our knowledge, no personal data is stored during this process. In particular, no IP addresses are stored during this process, and user behavior is not evaluated.

For more information on data protection and the XING Share button, please refer to XING privacy policy.

4.12 Integration of third party services and content
Despite the great care taken by CF-D, it can’t be ruled out that third-party content such as videos from YouTube, maps from Google Maps, RSS feeds or graphics from other websites will be integrated into CF-D’s online services. This always presupposes that the providers of this content (hereinafter referred to as “third party providers”) know the IP address of the user.

The IP address is a necessary basis for the third party provider to send the content to the user’s browser. The IP address is therefore necessary for the presentation of this content. We endeavour to use only content where the third party provider only uses the IP address to deliver the content. However, we have no control over whether these third parties store the IP address, e.g. for statistical purposes. To the extent that this is known to us, we will inform the user of this fact.

4.13 Objection to advertising emails
CF-D hereby object to the use of contact data published within the scope of the imprint obligation for the purpose of sending advertising and information material that has not been expressly requested. CF-D and the other operators of the pages expressly reserve the right to take legal action in the event of the unsolicited sending of advertising information, for example by spam emails.

5. Your rights

Under the applicable data protection laws, you have the right to:

  • request access, correction, and/or deletion of your personal data;
  • raise objections or restrictions against the processing of your personal data;
  • inform us that you do not wish to receive marketing information; and
  • (under certain circumstances) request the transfer of certain of your personal data to you or a third party.

If our processing of your personal data is based on your consent, you also have the right to revoke your consent for the future.

To exercise your rights, you can contact us as described in Section 1.1 above.

You also have the right to lodge a complaint about the processing of your personal data with a data protection authority. A list and contact details of local data protection authorities can be found here.