PRIVACY POLICY
Effective Date: 20 November 2025
Approved By: Management Board
CRP Unio Limited s.r.o. ("theCompany") is committed to protecting the privacy of its clients andwebsite users. This Privacy Policy explains how personal data is collected,used, stored, and shared when accessing or using the Company’s services,including crypto deposits, fiat loading, and payment card services.
The Company complies with the General DataProtection Regulation (GDPR) and other applicable privacy laws. By using theCompany’s services, you consent to the collection and use of your informationin accordance with this Privacy Policy.
The Company collects personal and financialinformation to provide services and comply with legal obligations. This mayinclude:
· Full name, date of birth, nationality
· Identification documents (ID, passport,driver’s license)
· Proof of address
· Corporate documentation for KYB purposes
· Transaction information, including crypto andfiat transfers
· Device, IP address, and geolocation data
· Communication records with the Company
The Company processes personal data on thefollowing lawful bases:
· Performance of a contract (providing servicesto clients)
· Compliance with legal obligations (AML, KYC,CTF, regulatory reporting)
· Legitimate interests (preventing fraud,ensuring system security, improving services)
· Consent (where specific processing requiresexplicit user consent)
Collected information is used for thefollowing purposes:
· Verify identity and perform KYC/KYB procedures
· Conduct transaction monitoring (KYT)
· Prevent money laundering, terrorist financing,and fraud
· Comply with regulatory and legal requirements
· Improve services, user experience, andcommunication
Your personal data may be shared with:
· Partner Financial Institutions for onboardingand compliance
· Blockchain analytics providers for transactionmonitoring
· Regulatory authorities (e.g., FIU) as requiredby law
· Law enforcement agencies when legallyobligated
The Company does not sell or rent personalinformation to third parties.
The Company retains personal and transactionaldata for a minimum of 5 years or longer if required by applicable law. Data issecurely stored and disposed of once retention requirements are met.
The Company employs strict technical and organizationalmeasures to protect personal data, including:
· Encryption of data at rest and in transit
· Multi-factor authentication for accounts
· Secure storage and access control
· Regular security audits and vulnerabilityassessments
Under the GDPR, clients have the followingrights:
· Right of Access:Obtain confirmation and a copy of personal data held.
· Right to Rectification: Correct inaccurate or incomplete personal data.
· Right to Erasure:Request deletion of personal data, subject to legal and regulatory obligations.
· Right to Restrict Processing: Limit processing in certain situations.
· Right to Object:Object to data processing for direct marketing or legitimate interests.
· Right to Data Portability: Receive personal data in a structured, commonly used,machine-readable format.
· Right to Withdraw Consent: Withdraw consent at any time without affecting processing done priorto withdrawal.
Requests can be submitted via the Company’ssupport channels.
The Company may use cookies, analytics tools,and similar technologies to improve website functionality and analyze serviceusage. Users can manage cookies through their browser settings.
Clients have the right to lodge a complaintwith a supervisory authority in their jurisdiction if they believe dataprocessing violates GDPR or other applicable privacy laws.
The Company may update this Privacy Policy toreflect changes in legal obligations or operational practices. Users are encouragedto review the policy periodically. Continued use of the services after updatesindicates acceptance of the revised policy.
Approved:
Oleksandr Taranczuk | Director | CRP Unio Limited s.r.o.