← Back to home
Privacy Policy
Last updated: 17 June 2026 · Version 1.0
Cryptss Pay ("Cryptss", "we", "us", "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, store, and share your personal information when you use our website and services.
1. Information We Collect
1.1 Information You Provide
- Account information: email address, name, business name, country, business type.
- Identity verification (KYC/KYB): government-issued ID, selfie/liveness data, business registration documents, tax identification numbers. Collected only when you initiate a cash-out or reach a verification threshold.
- Payment information: bank account details for cash-out, payment method details for on-ramp purchases.
- Communications: support tickets, emails, dispute evidence.
1.2 Information Collected Automatically
- Device and usage data: IP address, browser type, operating system, device identifiers, pages visited, features used, timestamps.
- Transaction data: invoice details, payment amounts, settlement times, cash-out records.
- Cookies and similar technologies: session cookies, preference cookies, analytics cookies.
2. How We Use Your Information
- Provide, maintain, and improve our services.
- Process transactions and send payment confirmations.
- Verify your identity and comply with anti-money laundering (AML) and know-your-customer (KYC) regulations.
- Detect, prevent, and address fraud, abuse, and technical issues.
- Send transactional communications (payment receipts, security alerts, verification requests).
- With your consent, send marketing communications (you can opt out at any time).
- Comply with legal obligations.
3. Legal Basis for Processing (GDPR)
For users in the European Economic Area (EEA), we process your personal data on the following legal bases:
- Contract performance: processing necessary to provide our services to you.
- Legal obligation: processing necessary to comply with AML/KYC and other regulatory requirements.
- Legitimate interests: fraud prevention, security, service improvement, and analytics.
- Consent: for marketing communications and optional features.
4. How We Share Your Information
We do not sell your personal information. We share your information only with:
- Service providers: KYC/AML providers (e.g., Sumsub), payment processors (e.g., Bridge, MoonPay), wallet providers (e.g., Circle), email providers (e.g., Resend), cloud hosting (e.g., Render, Cloudflare), and analytics providers.
- Regulatory authorities: when required by law, court order, or governmental regulation.
- Business transfers: in connection with a merger, acquisition, or sale of assets.
- With your consent: when you direct us to share your information.
5. Data Retention
| Data Type | Retention Period |
|---|
| Account information | Duration of account + 7 years after closure (regulatory requirement) |
| KYC/KYB documents | 7 years after last transaction (AML requirement) |
| Transaction records | 7 years (financial records requirement) |
| Support communications | 3 years after resolution |
| Analytics data | 26 months (anonymized after 14 months) |
| Session/cookie data | As specified in cookie policy (typically 30 days–1 year) |
6. Data Security
We implement industry-standard security measures including:
- Encryption at rest and in transit (TLS 1.3, AES-256).
- MPC (Multi-Party Computation) wallet custody — no single point of key compromise.
- KYC documents stored in isolated, encrypted object storage — never on-chain.
- Regular security audits and penetration testing.
- Access controls with audit logging for all privileged operations.
7. Your Rights
7.1 All Users
- Access your personal data that we hold.
- Request correction of inaccurate data.
- Request deletion of your account and data (subject to regulatory retention requirements).
- Export your data in a portable format.
- Opt out of marketing communications.
7.2 EEA/UK Users (GDPR/UK GDPR)
- Right to restrict processing.
- Right to object to processing based on legitimate interests.
- Right to withdraw consent at any time.
- Right to lodge a complaint with your local data protection authority.
7.3 California Users (CCPA)
- Right to know what personal information is collected and how it is used.
- Right to delete personal information (subject to exceptions).
- Right to opt out of the sale of personal information (we do not sell personal information).
- Right to non-discrimination for exercising your rights.
To exercise any of these rights, contact us at privacy@yellow-scorpion-986337.hostingersite.com.
8. International Data Transfers
Your data may be transferred to and processed in countries outside your country of residence. These countries may have different data protection laws. When we transfer data internationally, we implement appropriate safeguards including Standard Contractual Clauses (SCCs) and data processing agreements with our service providers.
9. Cookies
We use the following types of cookies:
- Essential cookies: required for authentication and security (cannot be disabled).
- Preference cookies: remember your settings (theme, language).
- Analytics cookies: help us understand how you use our services (can be opted out).
You can manage cookie preferences through our cookie consent banner or your browser settings.
10. Children's Privacy
Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If you believe we have collected information from a child, please contact us immediately.
11. Changes to This Policy
We may update this Privacy Policy from time to time. We will notify you of material changes via email or through a prominent notice on our website at least 30 days before the changes take effect. Your continued use of our services after the effective date constitutes acceptance of the updated policy.
12. Contact Us
If you have questions about this Privacy Policy or our data practices: