Effective Date: [Insert Date]
KRYPTO KNIGHT LTD (“KRYPTO KNIGHT,” “we,” “us,” or “our”) is dedicated to protecting your privacy. This Privacy Policy (“Policy”) outlines how we collect, use, share, and safeguard your personal information (“Personal Data”) when you interact with our website, krypto-knight.com (the “Website”), or use our products and services. It also explains your rights regarding your Personal Data under applicable data protection laws.
This Policy complies with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and any relevant data protection regulations.
1. Who We Are
KRYPTO KNIGHT LTD, a company incorporated in the Republic of Cyprus (Registration No. HE 434989), is the Data Controller responsible for deciding how and why your Personal Data is processed.
Registered Address:
Palias Ilektrikis 5, Nicosia, 1016, Cyprus
For inquiries or concerns regarding this Policy or your Personal Data, you can contact us at:
Email: info@krypto-knight.com
2. Personal Data We Collect
We may collect the following types of Personal Data:
- Contact Information: Email, telephone number
- Identity Verification Details: Information from identity documents
- Residential Address
- Financial Information
- Employment Information
- Geolocation Data
- Website Usage Data: Logs of activity, IP address, browser, and operating system details, device fingerprint
Refer to Annex 1 for a detailed breakdown of the purposes, legal bases, and retention periods for each type of Personal Data we process.
How We Collect Data:
- Directly from You: When you provide it during registration, onboarding, or communication.
- Publicly Available Sources: E.g., sanctions lists or other accessible data.
- Third Parties: Contractors, data vendors, and providers of identity verification, fraud detection, and transaction monitoring services.
Important Note:
Providing Personal Data may be mandatory for compliance with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations. Refusal to provide such data may prevent us from offering certain services. Additional details and documents may be required for KYC, AML, or Counter-Terrorism Financing (CTF) purposes.
3. Why We Process Your Personal Data
We process your Personal Data for the following purposes:
- Service Provision: To provide and manage our services for you or the corporate entity you represent.
- Communication: To contact you or respond to your inquiries.
- Legal Compliance: To fulfill KYC/AML obligations or cooperate with investigations.
- Security: To protect your assets from fraud or unauthorized access.
- Fraud Prevention: To detect, prevent, and mitigate fraudulent or illicit activity.
- Marketing: To provide information about our services, updates, or offers (with your consent).
- Dispute Resolution: To address disputes or enforce agreements.
Lawful Basis for Processing:
- Consent: You can withdraw consent at any time by contacting us at info@krypto-knight.com.
- Contractual Obligations: To provide the services you have requested.
- Legal Obligations: Compliance with laws and regulations (e.g., AML/CTF requirements).
- Legitimate Interests: To ensure service security, fraud prevention, and business operations.
4. Sharing Your Personal Data
We may share your Personal Data with:
- Affiliates, agents, and representatives
- Contractors for identity verification and fraud detection
- Financial service providers for fiat currency transactions
- Law enforcement or regulatory agencies, as required by law
5. International Data Transfers
Your Personal Data may be transferred outside the European Economic Area (EEA) under the following conditions:
- Adequacy Decision: Transfer to countries with adequate data protection as determined by the European Commission.
- Safeguards: Standard contractual clauses or similar mechanisms ensure data protection.
- Derogations: When necessary for legal claims, public interest, or other exceptions permitted under the GDPR.
6. Data Retention
We retain Personal Data only as long as necessary to fulfill the purposes outlined in this Policy or comply with legal obligations.
- General retention period: Up to five (5) years after termination of your relationship with us.
- Legal records (e.g., KYC/AML data): Retention periods as required by applicable laws.
You may request data deletion. However, in some cases, we may be legally required to retain certain data.
7. Your Rights
You have the following rights under data protection law:
- Access: Request copies of your Personal Data.
- Rectification: Correct inaccurate or incomplete data.
- Erasure: Request the deletion of your data.
- Restriction: Limit the processing of your data.
- Objection: Object to specific processing activities.
- Data Portability: Request the transfer of your data to another organization or yourself.
To exercise your rights, contact us at info@krypto-knight.com. We will respond within one month.
Limitations: In certain cases, we may not fulfill your request due to overriding legal obligations or legitimate interests. If this occurs, we will provide an explanation.
8. Security Measures
We employ advanced security measures to safeguard your Personal Data, including SSL/TLS encryption for secure communication and data transmission.
9. Data Protection Officer (DPO)
Our Data Protection Officer oversees compliance with this Policy and data protection laws. You may contact the DPO at: info@krypto-knight.com.
10. Supervisory Authority
If you believe your data protection rights have been violated, you can lodge a complaint with:
Office of the Commissioner for Personal Data Protection
Visit Website
11. Changes to This Policy
We may update this Policy periodically. Any changes will be communicated through the Website or email notifications.
Annex 1: Purposes, Legal Basis, and Retention Periods for Processing Personal Data
This annex provides detailed information on the purposes for processing Personal Data, the legal bases under GDPR, and the respective retention periods.
Purpose of Processing | Legal Basis (GDPR) | Retention Period | Legitimate Objective (if applicable) |
Conclusion and performance of contracts | Article 6(1)(b) and (f) GDPR: Contractual necessity and legitimate interests. | For the duration of the contract and up to six (6) years after its termination to manage claims and liabilities. | Facilitating contract execution and managing interactions with clients, their representatives, and business partners. |
Dealing with complaints | Article 6(1)(b) and (c) GDPR: Contractual necessity and legal obligation. | Up to three (3) years after the settlement of a complaint. | N/A |
Debt recovery or defense against legal claims | Article 6(1)(b) and (f) GDPR: Contractual necessity and legitimate interests. | Until legal claims are resolved or enforced, and until satisfaction of claims in case of enforcement proceedings. | Protecting the Controller’s legal and financial interests by asserting or defending against legal claims. |
Document archiving (e.g., contracts, settlements) | Article 6(1)(c) GDPR: Compliance with legal obligations. | For legally mandated periods or until storage is no longer necessary for legitimate interests. | N/A |
Marketing activities (non-electronic) | Article 6(1)(f) GDPR: Legitimate interests. | Until you object to receiving communications. | Promoting business activities and informing clients about products and services. |
Marketing activities (electronic communication) | Article 6(1)(a) and (f) GDPR: Consent and legitimate interests. | Until withdrawal of consent or up to six (6) years after withdrawal to demonstrate compliance with legal requirements. | Promoting business activities through email and other electronic means, provided appropriate consent is obtained. |
Recruitment processes | Article 6(1)(a), (b), (c), and (f) GDPR: Consent, contractual necessity, legal obligations, and legitimate interests. | Up to six (6) months after recruitment completion or one (1) year with consent for future opportunities. | Retaining candidate data to address staffing needs or evaluate suitability for future roles. |
Prevention of money laundering and terrorism financing | Article 6(1)(c) GDPR: Compliance with legal obligations. | As per applicable AML/CTF regulations. | N/A |
Explanatory Notes:
- Contractual Necessity (Art. 6(1)(b) GDPR): Processing is required to execute or fulfill contractual obligations.
- Legal Obligation (Art. 6(1)(c) GDPR): Processing is mandatory to comply with applicable laws and regulations.
- Legitimate Interests (Art. 6(1)(f) GDPR): Processing is necessary for the Controller’s legitimate business purposes, provided it does not override the rights and freedoms of the data subject.