Data Protection Laws: any applicable law relating to the processing of Personal Data, including the GDPR, the UK GDPR, the DPA 2018 and any national implementing laws, regulations and secondary legislation effective in the UK;
DPA 2018: Data Protection Act 2018 (UK);
GDPR: the General Data Protection Regulation (EU) 2016/679;
Coincover, we, us, or our – Digital Assets Limited (trading as Coincover), a company incorporated in England and Wales with registered number 11356137 whose registered office is at C/O Capital Law Limited Capital Building, Tyndall Street, Cardiff, Wales, CF10 4AZ;
Personal Data, Controller, Processing and Data Subject all have the meanings attributed to them in Data Protection Laws;
UK GDPR: the GDPR as it forms part of the law of England and Wales, Scotland and Northern Ireland by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019; and
You or you: means the user of this website or platform.
For purposes of the Data Protection Laws, Coincover is the Controller of any Personal Data collected by it. This means that Coincover determines the purposes for which, and the manner in which, Personal Data is processed.
We may collect, use, store and transfer the following categories of Personal Data:
We also collect, use, store and transfer aggregated data such as statistical or demographic data for any purpose. Aggregated data could be derived from your Personal Data but is not considered Personal Data in law as this data will not directly or indirectly reveal your identity.
We do not collect any Special Categories of Personal Data about you (this includes details about your race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). We also do not collect any information about criminal convictions and offences.
Coincover may receive Personal Data about you from the following third parties:
We will only use your Personal Data when the law allows us to. Most commonly, we will use your Personal Data in the following circumstances:
Generally, we do not rely on consent as a legal basis for processing your Personal Data although we will get your consent before sending direct marketing communications to you via email or text message. You have the right to withdraw consent to marketing at any time by contacting us.
We have set out below, in a table format, a description of all the ways we plan to use your Personal Data, and which of the legal bases we rely on to do so. We have also identified what our legitimate interests are where appropriate.
Note that we may process Personal Data on more than one lawful ground where more than one lawful ground applies, depending on the specific purpose for which we are using your Personal Data.
We strive to provide you with choices regarding certain Personal Data uses, particularly around marketing and advertising.
We will get your express opt-in consent before we share your Personal Data with any third party for marketing purposes.
You can ask us or third parties to stop sending you marketing messages by contacting us at any time.
We will only use your Personal Data for the purposes for which we collected it (which are set out in the table above), unless we reasonably consider that we need to use it for another reason and that reason is compatible with the original purpose. If you wish to get an explanation as to how the processing for the new purpose is compatible with the original purpose, please contact us.
If we need to use your Personal Data for an unrelated purpose, we will notify you and we will explain the legal basis which allows us to do so.
Please note that we may process your Personal Data without your knowledge or consent, in compliance with the above rules, where this is required or permitted by law.
We require all third parties to respect the security of your Personal Data and to treat it in accordance with the law. We require our third-party service providers to use your Personal Data for for specified purposes and in accordance with our instructions.
We will use technical and organisational measures to safeguard your Personal Data, for example:
Right to access – the right to request access to and copies of the Personal Data we hold about you at any time. If we provide you with access to and copies of the Personal Data we hold about you, we will not charge you for this, unless your request is “manifestly unfounded or excessive”. Where we are legally permitted to do so, we may refuse your request. If we refuse your request, we will tell you the reasons why.
Right to rectification – the right to have your Personal Data rectified if it is inaccurate or incomplete.
Right to erasure – the right to request that we delete or remove your Personal Data from our systems. We will we always comply with such request unless we need to retain your Personal Data in order to comply with a legal obligation or in order to establish, exercise or defend legal claims.
Right to restriction of processing – the right to request that we limit our processing of your Personal Data where:
Right to data portability – if we process your Personal Data by automated means on the grounds that you have consented to such processing, or if we process your Personal Data by automated means on the grounds that such processing is necessary for the performance of a contract with you, the right to request that we move, copy, or transfer your Personal Data to you or a third party in a structured, commonly used and machine-readable format..
Right to object – if we process your Personal Data on the grounds that such processoing is necessary for our legitimate interests, the right to object to our use of your Personal Data. We will we always comply with such request unless there are overriding grounds for our contrinued processing of your Personal Data, such as in order to comply with a legal obligation or in order to establish, exercise, or defend legal claims
To make enquiries, exercise any of your rights set out above, or withdraw any consent upon which we rely as the legal basis to process your Personal Data, please contact us via firstname.lastname@example.org.
If you are not satisfied with the way a complaint you make in relation to your Personal Data is handled by us, you may be able to refer your complaint to the relevant data protection authority. For the UK, this is the Information Commissioner’s Office (ICO). The ICO’s contact details can be found on their website at ico.org.uk. However, we would appreciate the chance to deal with your concerns and welcome you contacting us first.
Personal Data which we collect from you may be stored and processed in, and transferred to, countries outside of the UK or European Economic Area (EEA). For example, this could occur if our servers are located in a country outside the UK or EEA or one of our service providers is situated in a country outside the UK or EEA.
We will only transfer Personal Data outside the UK or EEA where such transfer is compliant with data protection legislation and the means of transfer provides adequate safeguards in relation to your Personal Data. For example, we may transfer your Personal Data pursuant to an agreement incorporating the current standard contractual clauses adopted by the UK in relation to Personal Data relating to UK Data Subjects and the European standard contractual clauses adopted by the European Commission in relation to Personal Data relating to EEA Data Subjects.
To ensure that your Personal Data receives an adequate level of protection, we have put in place appropriate safeguards and procedures with the third parties with whom we share your Personal Data. This ensures your Personal Data is treated by those third parties in a way that is consistent with the Data Protection Laws.