Privacy Policy

Introduction

Anycoin Direct is committed to providing you with a secure, serviceable, reliable and transparent Platform. Through this Privacy Policy we want to inform you of your rights and obligations and those of Anycoin Direct under the General Data Protection Regulation (GDPR). This Privacy Policy applies to all customers and users of the Services of Anycoin Direct and all visitors of the Platform (website: https://anycoindirect.eu (‘Website’), and the mobile application (‘Anycoin Direct App’). The Privacy Policy is complementary to the General Terms. The Cookie Policy is part of this Privacy Policy. By opening an Account and using any of the Services offered on the Platform, you acknowledge that you have read, understood, and accepted this Privacy Policy.

Definitions

Personal Data
Any information relating to an identified or identifiable natural person (‘Data Subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Data subject
A natural person who can be identified, directly or indirectly. In this Privacy Policy, the term "data subject" refers to "visitor", "customer" and/or "user".

Processing
Any operation or set of operations which is performed on Personal Data or on sets of Personal Data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.

Processor
A natural or legal person, public authority, agency or other body which processes Personal Data on behalf of the controller.

In this policy document, certain terms are capitalized to indicate that they have specific definitions provided in the General Terms document. For detailed definitions of these terms, please refer to https://anycoindirect.eu/en/terms.

Article 1.1 – Personal Data and purpose of processing

Anycoin Direct can process Personal Data on the basis of the following grounds:

  • The processing is necessary for the performance of a contract between you and Anycoin Direct;
  • The processing is necessary for compliance with legal obligations;
  • You have given consent to the processing of Personal Data;
  • The processing is necessary for the purpose of legitimate interests.

During Account creation and registration, you are obliged to provide certain Personal Data in accordance with European and/or national legislation. After registering the Account, Anycoin Direct assesses whether a business relationship/agreement is established. This agreement is a requirement to be able to offer you the Services of Anycoin Direct (see Article 2 of the General Terms and Conditions). This data, as described in this Privacy Policy, serves to identify and verify your identity and is required for Anycoin Direct to process, to comply with European and/or national laws and regulations. In addition, Anycoin Direct asks your consent to process certain Personal Data.

 

If no business relationship is established, the Personal Data must nevertheless be processed and stored by Anycoin Direct, in accordance with laws and regulations and on the basis of given permission. During registration, you must take note of the Privacy Policy and perform an affirmative action whereby consent to the collection, processing and/or storage requirements is recorded by Anycoin Direct.

Article 1.2 – Automated decision-making and profiling

Anycoin Direct hereby notifies you of the existence of automated decision-making and profiling. Processing of Personal Data by automated means results in weighing variables and adding value to the results. These endeavours are based on a legal obligation – in conjunction with the Anti-Money Laundering Directives of the European Union and national transposition thereof. Combating money laundering and the financing of terrorism requires the implementation of an automated Risk-Based Approach (RBA). This system encompasses many of the measures in place to react to (alleged) fraudulent use, however, the system is also capable to act in a vigilant and predictive manner. If you believe that your fundamental rights have been negatively impacted by the automated decision-making, you are welcomed to contact our Customer Support department for human revision. Anycoin Direct complies with article 22 of the GDPR.

Article 2.1 – Collection of Personal Data

The information below is collected, processed and/or stored by Anycoin Direct. The data is stored in the Platform including the Website and Anycoin Direct App:

  • Email address, first- and last name, address (county, city, zip code, street and number)

Mandatory information to be provided by you at the time of Account creation. You identify yourself and make sure the information is legally correct. This information is crucial for using the Services.

  • Date of birth

You must be at least eighteen (18) years old to use the Services.

  • Register IP

The IP address is automatically collected and stored at the time of Account creation and/or when using the Services. The IP address is part of security measures in place to safeguard your Account.

  • Bank account number and bank account holder

When using the Services, both the bank account number and bank account holder will be associated with the Account. This makes sure that you can only use your personal bank account when using the Services. Should you have a shared bank account, you must provide written proof that both persons are legally authorised to use the bank account.

  • Credit card number and credit card holder

The same conditions apply as to bank accounts.

  • Coin-address(es)

All used coin-addresses are automatically collected, processed and stored by Anycoin Direct and are continuously monitored for possible (previous) use to protect the security and Integrity of the platform.

  • Phone number

We ask your phone number for security and verification of your Account, the possibility to set up 2FA and possibly contact you.

  • Gender

For verification purposes enter: ‘female’, ‘male’, ‘other’ or ‘not disclosed’.

  • Verification questions

Based on laws and regulations Anycoin Direct may ask you risk based verification questions. The answers will be processed and stored in your Account. Questions may include your financial situation such as employment status and income. 

  • Travel document

To establish and verify your identity, Anycoin Direct is required to process a copy of your identification document.

  1. This may be a government issued identification document/card, passport or residence permit;
  2. If you are a resident of the Netherlands, Austria, France, Italy or the United Kingdom, you may verify a valid driving licence from your country.
  • Complaints in complaint register

If you file a complaint with Anycoin Direct, the description of your compliant and any Personal Data you provide will be recorded in a complaint register.

  • Proof of residence

You are able to voluntarily provide a proof of residence document in order to obtain higher limits. This is a document confirming registration at your address. We accept documents such as mail from authorities (government, municipality), or from entities such as the bank, educational institution, utility companies, service providers you have subscribed to. We may request such a document from you, including on a nonvoluntary basis, for verification of your account.

  • Vault balance

We keep track of the balance in your Vault. To do this, we process your volume per cryptocurrency, volume in EUR and totals.

  • Recordings of telephone and/or video calls

We process and store video and audio recordings of conversations between you and Anycoin Direct.

You have the voluntary choice to provide additional Personal Data in order to raise the spending limits of your Account. Higher spending limits equals higher buy, sell and trade limits. Anycoin Direct processes additional Personal Data for the purpose of legitimate interests which focus anti-fraud prevention. It is necessary to process additional Personal Data regarding the identity of the Customer when they pursue higher limits since higher buying, selling and trading limits are attracting fraudulent use. For ensuring a secure trading environment and protecting Anycoin Direct from damage it is essential to establish and verify your identity. In the light of the data minimisation principle, the scope of the required additional Personal Data depends on the limits pursued by you.

You must, prior to providing the additional Personal Data, take note of the Privacy Policy and, per component, complete the notification process with a confirmatory action which is recorded by Anycoin Direct.

You can provide the following information voluntarily and these are subsequently collected, processed and/or stored by Anycoin Direct in case you apply for higher limits:

  • Video verification recording
  • Source of funds

All other Personal Data provided by you directly or indirectly to Anycoin Direct will be deemed to have been provided voluntarily and with implied consent. Providing unsolicited (possibly special categories of) Personal Data is your own responsibility and own risk. Anycoin Direct will not be liable for the processing of such Personal Data. This data includes but is not limited to your BSN, financial and/or criminal information on proof of lawful residence or Personal Data of other individuals who do not have an Account with Anycoin Direct. You may mask this Personal Data when providing requested documents. Anycoin Direct may decide to use both the additional and this voluntarily provided (Personal) Data for internal purposes.

Anycoin Direct reserves the right, in order to provide adequate customer support, to ask you to prove your identity.

Article 2.2 - Customer Due Diligence and KYC

Anycoin Direct as a financial institution is required to adhere to the "Know Your Customer" (KYC) principle and perform Customer Due Diligence in accordance with European and National laws and regulations. The CDD and KYC process includes a number of verification steps, depending on the scope of Services required. The Know Your Customer policy is further explained in Article 7 of the Terms and Conditions. Some of your Personal Data (listed in Article 2.1) will need to be processed and retained by Anycoin Direct to comply with CDD and KYC obligations.

 

Article 3 – Confidentiality and transfer of Personal Data

Anycoin Direct respects the privacy of all its visitors and Customers. Anycoin Direct may transfer, share or otherwise make Personal Data available to related entities within the Anycoin Direct group.

Anycoin Direct will not transfer, sell, rent, lease or otherwise make available, Personal Data to third parties, unless required to do so under Union or member state law and/or to assist the Financial Intelligence Unit (FIU) and/or to assist with national law enforcement agencies (article 6 para 1 lit. c GDPR) and/or to protect Anycoin Direct’ financial position in case of fraudulent orders or default payments. Should a disclosure request be addressed to Anycoin Direct, Anycoin Direct will notify you without undue delay - unless Anycoin Direct is prohibited from doing so. Please also see Art. 10 General Terms.

Article 4 – Use of information

Anycoin Direct can use the information you provided for number of purposes, e.g.:

  • Complying with applicable laws and regulations.
  • Conducting client due diligence and what is therefore required under the law.
  • Detecting fraud, illegal activities, or infringements with regard to the Services.
  • Recording transaction data for financial administration.
  • Recording any claims or disputes for legal administration.

Performance of the Agreement

  • Facilitating and performing services requested by you and offered by Anycoin Direct.
  • Processing orders, transactions, and payments.
  • Having payments made to and from the Vault by Anycoin Direct Hodling Services Foundation. In this case, the IBAN and name of the Customer will be processed by the Foundation.
  • Communication via email, telephone, or by post for the purpose of offering and improving the cooperation between you and Anycoin Direct.
  • Responding to your messages and/or queries via chat, email, or telephone.
  • Sending you functional emails, for example, about account registration or transactions.
  • Improving the services and development of the Platform as a whole.
  • Occasional promotion of news and new functionalities and/or products related to our services.
  • Analysing data and statistics for improving the Services.
  • Facilitating the private investment service.
  • Contacting you via chat, email, or telephone for your review and feedback on our Services.

Legitimate interests

  • Communications and notifications for marketing purposes.
  • Preventing misuse of the Platform by fraudulent transactions and/or targeting money laundering and/or terrorism financing.
  • Ensuring the network and information security of our systems.
  • Ensuring a secure trading environment and protecting you, Anycoin Direct, and the crypto market from harm.

Consent

  • Establishing appropriate spending limits based on data you provide.
  • Processing personal data supplied but not requested during identification and verification.

Article 5 – Security

At Anycoin Direct we take various security measures to process and store Personal data in a safe way. These security measures ensure the confidentiality of visitors and Customer data and protect such data against loss, abuse or modification. Legal obligations require us to store certain Personal Data. The data is stored securely offline and online. In order to do this as effectively as possible, we have recruited a certified reputable partner who continues to optimize the security and processes surrounding it in accordance with the latest knowledge and updates. External parties do not have access to this data. Only authorized employees have access to Personal Data to perform the task for which this Personal Data was requested. Their accesses are logged. Furthermore, the online and offline accesses are secured with uniquely generated passwords and cannot be accessed without additional Two-factor authentications.

Article 6 – Retention period

Your Personal Data will be saved and stored if necessary. All data should be retained for a certain period of time after deletion of the customer account, in line with the General Data Protection Regulation and the Anti-Money Laundering Directives and any subsequent or additional Union or national legislation. Anycoin Direct applies the following legal retention periods:

  • A period of 5 (five) years, with the exception of customers residing in Austria;
  • A period of 7 (seven) years for financial personal data for financial administration purposes.
  • A period of 10 (ten) years for the Personal Data of customers residing in Austria, pursuant to Article 21 FM-GWG.

Regular inspections by Anycoin Direct’s compliance department and third party specialists warrant that Anycoin Direct data security and safety measures are up to standards.

Article 7 – Rights and obligations in relation to Personal Data

Article 7.1 – Deletion of the Account

You have the right to delete your Account at any time. You can initiate this process by following the instructions provided under "Account Settings" in your personal Account on the Platform. The Account can only be deleted if you have no outstanding purchase, sales or trading Orders or balances in the Vault and no disputes exist in relation to your Account.

Article 7.2 – Right of access

You have the right to access the Personal Data collected and stored by Anycoin Direct (Art. 15 GDPR). Any requests must be directed to the designated Data Protection Officer (DPO).

The DPO shall take the request under advisement and provide communication to you concerning; the Personal Data it collects, stores and processes; the purpose; retention period; right to lodge a complaint with the Supervisory Authority; right to rectification and right to erasure.

Anycoin Direct shall provide, within 1 (one) month, the requested data or reasons explaining the grounds on which it cannot provide such information. Considering the complexity and number of requests that period might be extended by two further months where necessary. In case Anycoin Direct will extend the period, you will be informed within one month of receipt of the request, together with the reasons for the delay.

The Personal Data shall, in principle, be provided to you, free of charge, in a structured, commonly used and machine-readable format unless you specifically request otherwise. You have the right to request Personal Data, from the DPO, free of charge, once per calendar-year.

The Data Protection Officer may be contacted, via email: privacy@anycoindirect.eu

You:

  • May request access to the collected, processed and/or stored data;
  • Include at least the following identifiable information with your request: registered first- and last names and the registered email-address;
  • May include additional information (such as an Order ID).

A well-structured enquiry is imperative because the Data Protection Officer has to be able to test, in a reasonable and simple manner, whether the applicant has legal right to receive (access to) the Personal Data. The DPO may require additional information from you in order to determine your identity.

Article 7.3 – Right to deletion, rectification and data portability

You have the right to get your data rectified in case Anycoin Direct processes inaccurate data concerning you (Art. 16 GDPR). Furthermore, you have the right to deletion, in case the legal requirements of this right are fulfilled. If there is a case in which Personal Data can be transmitted to another Controller, Anycoin Direct guarantees the right to data portability (Art. 20 GDPR).

You can submit a request to the Data Protection Officer by sending an email to: privacy@anycoindirect.eu. The following information must be sent with the request:

  • First and last name/names registered with Anycoin Direct;
  • Email address registered with Anycoin Direct.

If your name and/or email address do not match a customer account, the request cannot be granted.

Article 7.4 – Right to object

With regard to Personal Data processed for legitimate interests, you have the right to object to the processing at any time.

 

Article 8 – Processors

Pursuant to Art. 28 GDPR and in order to provide our Services to you, Anycoin Direct may enter into contract with third-party processors which support, or make available, certain (parts of the) Services.

Anycoin Direct will, at all times, protect the information it collects, processes or stores. Therefore, Anycoin Direct only chooses to do business with reputable companies that are transparent, approachable and are in possession of internationally recognised certificates. Furthermore, if any of these processors is not based in the European Union and/or may transfer data to a facility outside the European Union, Anycoin Direct contractually safeguards that the Personal Data is only processed for the purpose following instructions by Anycoin Direct.

Anycoin Direct can use the Services of the following categories of Processors/third party providers:

  • Payment service provider;
  • Data servers;
  • Hosting parties;
  • Enterprise software;
  • Communication software provider;
  • Customer support software provider;
  • Verification and identification partner;
  • Transaction monitoring system provider;
  • Telecommunications service providers;
  • Auditor;
  • Asset and investing manager.

Article 9 – Complaints

If you are not satisfied with the processing of your Personal Data or the handling of your privacy at Anycoin Direct, you may file a complaint with the Data Protection Officer at: privacy@anycoindirect.eu

You can also complain directly to the national Supervisory Authority. You can choose to file a complaint with the Supervisory Authority in your country of residence or with the Dutch Personal Data Authority.

The competent Dutch Supervisory Authority can be reached as follows:

Autoriteit Persoonsgegevens

Hoge Nieuwstraat 8

2514 EL, Den Haag

The Netherlands

Tel.: +31 70 888 8500

E-mail: info@autoriteitpersoonsgegevens.nl

Website: https://autoriteitpersoonsgegevens.nl

As Anycoin Direct is registered with the Austrian Financial Market Authority, customers residing in Austria may (also) file a complaint regarding the processing of their Personal Data with the Austrian supervisory authority.

Österreichische Datenschutzbehörde

Barichgasse 40-42

1030, Vienna

Tel. +43 1 52 152-0

E-mail: dsb@dsb.gv.at

Website: http://www.dsb.gv.at/

As Anycoin Direct GmbH has a licence with the German Federal Financial Supervisory Authority (BaFin), customers residing in Germany may (also) file a complaint regarding the processing of their Personal Data with the German supervisory authority.

Die Bundesbeauftragte für den Datenschutz und die Informationsfreiheit
Husarenstraße 30
53117, Bonn
Germany

Phone: +49 228 997799 0; +49 228 81995 0
Fax: +49 228 997799 550; +49 228 81995 550
Email: poststelle@bfdi.bund.de
Website: http://www.bfdi.bund.de

A full overview of all the national supervising authorities in the European Union and their contact information can be found here: europa.eu.

Article 10 - Cookies

When you visit our website or use our services, certain cookies are activated. Although the Cookie Policy is part of this Privacy Policy, it is detailed in a separate document. You can find and review our Cookie Policy, which explains the functionalities and types of cookies we use, by accessing the Cookie Policy Anycoin Direct.

Article 11 - Amendments

Anycoin Direct has the right to change the content of this Privacy Policy without prior notification to its visitors and Customers. Any modification to this Privacy Policy will take immediate effect and will apply to all further contacts, visits, transactions and agreements. Notifications of such changes will be posted on the Website or any other official communication channel, when deemed necessary. Customers and visitors are, nevertheless, strongly advised to consult this Privacy Policy regularly.

Article 12 – Questions

You are invited to contact Anycoin Direct if you have any questions about this Privacy Policy or other privacy related matters.

Email: support@anycoindirect.eu / privacy@anycoindirect.eu

Live chat: https://anycoindirect.eu

Article 13 – Company information

Phoenix Payments B.V. (Operating under name of: Anycoin Direct)

Marshallweg 5

5466 AH, Veghel, Nederland

support@anycoindirect.eu

Chamber of Commerce: 59466197

Tax number: NL853504234B01

Anycoin Direct GmbH

Im Hammereisen 27e

47559, Kranenburg, Germany

support@anycoindirect.eu

Chamber of Commerce: HRB 15190

Date of publication: October 2024