General CEX.IO Ltd. and its affiliates (hereinafter, "CEX.IO", "we", "us" or "our") are committed to protecting and respecting your privacy.
Established in 2013 as the first cloud mining provider, CEX.IO has become a multi-functional cryptocurrency exchange, trusted by over a million users.
CEX.IO offers cross-platform trading via website, mobile app, WebSocket and REST API, providing access to high liquidity orderbook for top currency pairs on the market. Instant cryptocurrency buying and selling is available via simplified bundle interface.
The exchange has developed a multi-level account system with individual approach to each customer, from crypto beginners to institutional traders. Worldwide coverage, multiple payment options, and 24/7 support are accompanied by time-proven platform stability that guarantees safety of assets and data.
The types of Personal Information which we collect may include:
your name; your photographic identification; details from your identity documents (such as driver license, passport), number of the document, date of issue and expiration, photographic identification, address etc.; your address; your phone number; your e-mail address; your IP address, Browser and Operating System information, geolocation details; your banking details including account numbers and payment card data; your date of birth; your employment details; your trades; and information on sources of your funds; and video footage identifying you. We will process your Personal Information only for the purpose(s) of providing to you the service(s) that you ask us to provide you, to satisfy the legal obligations stemming from regulatory obligations that arise from providing you the service(s) and our legitimate interest.
Based on our legal obligations and legitimate interest we may request other documents for your identity verification and the sources of your funds confirmation for the purposes of money laundering and fraud prevention. To know more about it please see our AML/KYC and Anti-Fraud policies.
We may use your Personal Information for the following purposes:
to allow you to open and operate an Account on the Platform; to enable you to complete Transactions on the Platform; if you contact us, to reply to your queries; to contact you via email or calls; to ensure security of your Account (for instance, if you make a request to disable 2-factor authentication on your account we can ask you to provide additional Personal Information to confirm your identity); to analyse use of our Sites; as required for regulatory purposes such as Tax, prevention of Money Laundering, prevention of Fraud, adherence to Company statistical reporting obligations etc.; to provide you with information about products and promotions that may be of interest to you, from ourselves and third parties, although only if you have specifically agreed to receive such information; for market research e.g. surveying our Users' needs and opinions on issues, such as our performance etc. Unless consented, your data for this purpose would be anonymised. Children's personal data Please note that our services are exclusively offered to individuals at least 18 years old. We do not process any Personal Information of children under this age.
IP Addresses We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and will not be used to identify any individual unless that same individual.
We use third party service provider(s), to assist us in better understanding the use of our Sites. Our service provider( s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our Sites, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our visitors' interests in our Sites and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Platform. Our service provider(s) is/are contractually restricted from using information they receive from our Sites other than to assist us.
You may control the cookies through the browser settings. Find out how to manage cookies on browsers:
We may make available the Personal Information that you provide to us for the limited purpose indicated for and during the provision of the service that you would have requested in particular to:
our affiliates, agents and representatives; payment service providers and financial institutions; customer communications platforms; our contractors providing software for identity verification purposes; our contractors providing us information on sanctions lists from publicly accessible sources. We may also share Users’ Personal Information with financial institutions, insurance companies or other companies in the case of a merger, divestiture, or other corporate re-organisation and notify you of such sharing of your information to be able to exercise any of your rights where applicable.
We may also share Users' Personal Information with law enforcement or regulatory agencies, as may be required by law. In certain cases, we may not be able to inform you of such sharing of data due to legal restrictions.
Any third party which receives or has access to Personal Information shall be required by us to protect such Personal Information and to use it only to carry out the services they are performing for you or for CEX.IO, unless otherwise required or permitted by law. Such a third party, except for regulatory authorities, would be contractually bound to adhere to the same security and confidentiality policies as CEX.IO and assume the same responsibilities as CEX.IO.
The legitimate exercise of any of your rights with CEX.IO will also be notified to be applied by any such third parties having been given access to your Personal Information.
International data transfers Our contractors and affiliates are situated at different locations (including countries located outside the EU) and we sometimes need to transfer your personal data to third countries to provide our services to you. We strive to ensure adequate level of your personal data protection wherever our contractor is located. Be sure we may transfer your Personal Information only in the following cases:
if the country where we transfer your Personal Information to provides the adequate level of personal data protection ( based on the relevant decision of European Commission (you may click here to see the list of such countries); if we take appropriate safeguards to ensure that your rights as data subject are protected; if any derogations for specific situations apply (for instance, if is such transfer is necessary for the establishment, exercise or defence of legal claims or for important reason of public interest). Your rights You have the right to access your Personal Information and to require the correction, updating and blocking of inaccurate and/or incorrect data by sending an email to us at [email protected] or where possible, you can do these actions in your account profile page yourself.
Upon your written request at [email protected], we will inform you of the Personal Information relating to you that we hold and the use and general disclosure of your Personal Information. We will also give you a copy of the Personal Information we have retained. There may be a minimal charge for providing you additional copies of your Personal Information to cover administrative costs.
You may also request the erasure of both the Account and Personal Information by sending an email to us at: [email protected]. CEX.IO will action your request, unless we have a legal or regulatory obligation or overriding legitimate interest to store your Personal Information (for instance, in cases you have performed transactions).
You have the right to ask us to rectify information you think is inaccurate. You also have the right to ask us to complete information you think is incomplete. Moreover, you have the right to restrict and object to the processing of your personal data in certain circumstances.
You may also ask us to transfer your Personal Information to another controller of your choice.
To ensure the confidentiality, integrity and availability of your information to yourself, we may request you to confirm your identity by providing identification documentation and/or other methods prior to assisting you in exercising any of your rights.
If you refuse to prove your identity, we may decline to take actions in respect of your data, save restricting processing, until we can ensure that such actions are the true wish of the data subject.
In the carrying out of our services we may use automated processing and profiling to reduce the risks of fraud, money laundering and abuse of our services. Through this automated processing, we carry out an analysis of your identification, transactional and behavioural patterns.
We may not able to provide you with some or all our services if you do not wish this automated processing to be carried out. If you feel that this processing might be detrimental to you, please contact us on [email protected], and our compliance officer will review your application.
Please note, if you make a request, we have one month to respond to you.
Security We have implemented technical and organisational security measures to ensure the confidentiality, integrity and accountability of your Personal Information and to protect your Personal Information from loss, misuse, alteration or destruction. Such measures include:
the pseudonymisation and TLS 1.2 encryption of personal data; 2-factor authentication; the access control; the ability to ensure the ongoing confidentiality, integrity, availability and resilience of our processing systems and services; the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident. Only authorised personnel of CEX.IO have access to your Personal Information, and these personnel are required to treat the information as confidential.
Where you have consented to, or we are obliged to pass on Personal Information to third parties to provide you with a requested service or in the carrying out of a regulatory or legal obligation, we will request that the same levels of technical and organisational security measure be applied through contractual arrangements, where possible.
We conduct testing, assessment and evaluation of our technical and organisational measures effectiveness on a regular basis. Technical and organisational security measures in place will, from time to time, be reviewed in line with legal and technical developments.
In the event of a personal data breach or the failure of the measures of protection of such information we will immediately notify you without undue delay.
Security Capabilities and Policy for Transmission of Payment Card Details CEX.IO Ltd is fully compliant with PCI DSS ( Level 1 Service Provider). PCI DSS (Payment Card Industry Data Security Standard) is an information security standard designated for merchants, financial institutions and payment service providers in order to ensure the safety of cardholders' data.
You can check our Certificate of compliance here.
Please note that our trusted payment service providers are PCI DSS compliant as well.
We do not control those third party sites or any of the content contained therein and you agree that we are in no way responsible or liable for any of those third party sites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those sites. We encourage you to review all policies, rules, terms and regulations, including the privacy policies, of each site that you visit.
Retention of Personal Information Your information is held within our servers located within the European Union. Access to this information is provided to employees of CEX.IO whose office may also be outside of the European Union but who adhere to the same principles of data security and processes as those within the European Union (please see the Section on International data transfers for more details).
Your payment method information that you may use to effect or receive payments from CEX.IO are passed on to a third-party payment processor(s) which is/are based in the EU and with which CEX.IO has a contractual agreement to safeguard your rights. Unless you create an account with us and conduct transactions, we do not retain your payment method information.
In accordance with record keeping activities for Anti-Money Laundering, Tax and Company legal obligations and considering the period during which you may bring legal claims against us under the law of the United Kingdom, we will retain Personal Information for a period of five years after our User closes his or her Account and terminates legal relationships with us for five years from the end of the tax period in which the User conducts his or her last transaction.
Data stored for regulatory purposes only will be protected from unnecessary processing and will be held only for the purpose of being able to provide information or access to relevant authorities.
Disposal of Personal Information Once we do not have any obligation to providing you with a service you requested, nor an obligation to hold Personal Information for regulatory or legal purpose, we will anonymise or dispose of your Personal Information in line with acceptable industry and security standards so that this cannot be subsequently retrieved and associated to you.
Where we cannot directly remove such records, such as in archived backups, we will retain a log of which Personal Information should be removed if ever the backup data is restored.
Marketing We will ask you for your consent on registration or post-registration, by providing you the ability to check marketing preferences check boxes located within your account profile page to allow us to contact you or use your Personal Information for marketing purposes. We may also notify our existing Users on our own products or services similar to those we have already provided based on our legitimate interest.
You have the right to retract the consent for us to process your Personal Information for marketing purposes. You can exercise your right to prevent such processing by unchecking marketing preferences check boxes on your account profile or by contacting us at any time on [email protected]
If we consider that your rights may be affected by any such changes, we will request you to confirm your consideration and acceptance prior to continue our relationship with you.
Fraud, Phishing and Email scams disclaimer Please be notified that CEX.IO is not in any partnership with entities who represent themselves as customer support agents, providing customer support services via phone and/or social media and promise to help solve your issues for money. Remember - customer support is provided only via the CEX.IO website and is always provided free of charge.
If you discovered what you believe is a fraud, phishing, or scam which impersonates CEX.IO, please contact us by live chat on the website
You may also wish to check our Help Centre on https://support.cex.io/en for frequently asked questions where a solution may easily be found ready for you.