As of June 24th, 2021
The following provides examples of the type of information that we collect from you and how we use that information.
|Context||Types of Data||Primary Purpose for Collection and Use of Data|
|Account Creation||We collect your name, email address, company name, date of birth, phone number, and country/home currency when you create an account.||We have a legitimate interest in providing account related functionalities to our users. Accounts can be used to receive payments from customers, initiate transfers to your bank, and to save your preferences and transaction history.|
|Cookies and Third Party Tracking||We participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests on our website, or on other websites. Third party cookies collect your email address, IP address, country code, technical data, website errors, and your actions on our site.||We have a legitimate interest in engaging in behavior-based advertising and capturing website analytics.|
|Email Interconnectivity||If you receive email from us, we use certain tools to capture data related to when you open our message and click on any links or banners it contains.||We have a legitimate interest in understanding how you interact with our communications to you.|
|Feedback/Support||If you provide us feedback or contact us for support we will collect your name and e-mail address, as well as any other content that you send to us, in order to reply.||We have a legitimate interest in receiving, and acting upon, your feedback or issues.|
|Mailing List||When you sign up for one of our mailing lists we collect your email address or postal address.||We share information about our products and services with individuals that consent to receive such information. We also have a legitimate interest in sharing information about our products or services.|
|Trade Data||When you initiate or agree to a trade, we collect information to confirm and process it. This may include: transaction ID, payment method, the buyer’s and seller’s usernames, the trade value in fiat currency and cryptocurrency, the price, the choice of fiat currency used, time stamps, and merchant invoice information. This information may be shared with third parties to facilitate the transaction.||We require this information in order to perform our contract with you.|
|Transactions, including bank withdrawals and exchanges||In order to process a transaction, we will first need to collect information to verify your identity. This may include images of your face and your identification documents, identity verification information from other sources including third-parties, as well as your bank account information. We may also collect your email address and mobile phone number from third-parties if you initiate or receive a transaction. We also collect information relating to the actions that you perform while logged into your account.||We have a legitimate interest in the prevention, detection, and investigation of fraud, money laundering, criminal activity, and other misuse of our services. We may also have a legal obligation to collect this information or validate your identity for compliance with Anti-Money Laundering and other finance laws in the jurisdictions where we operate. We have a legitimate interest in confirming that you are an active OpenNode account holder, that you have enabled digital currency transfers, and to notify you when you have received the currency. We also have a legitimate interest in creating a trustworthy, safe, and reliable platform.|
|Web logs||We collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.||We have a legitimate interest in monitoring our networks and the visitors to our websites. Among other things, it helps us understand which of our services is the most popular.|
|User Data||User personal information, company information, phone number, country, ID, and proof of address.||Compliance with international regulatory laws for payment processing services. While collecting this information, we are GDPR and CCPA compliant. All data is encrypted by bank level security in private secured servers. General international data protection information followed by OpenNode can be found here: GDPR, CCPA|
In addition to the information that we collect from you directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources. For example, we may supplement our identity verification by comparing your information against a third-party database.
In addition to the purposes and uses described above, we use information in the following ways:
Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you complete a transaction we will collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your transaction. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.
In addition to the specific situations discussed elsewhere in this policy, we disclose information in the following situations:
Affiliates and Acquisitions. We may share information with our corporate affiliates (e.g., parent company, sister companies, subsidiaries, joint ventures, or other companies under common control). If another company acquires, or plans to acquire, our company, business, or our assets, we will also share information with that company, including at the negotiation stage.
Blockchain. When a digital currency or digital asset transfer is completed, the transaction may be recorded on a public block chain which constitutes a publicly distributed ledger. Because block chain are decentralized networks that are beyond the control of OpenNode or its affiliates, we are unable to modify or erase these transactions once recorded.
Other Disclosures with Your Consent. You may request that we validate your status as an OpenNode customer with a third party, and we will do so. We may ask if you would like us to share your information with other unaffiliated third parties who are not described elsewhere in this policy.
Other Disclosures without Your Consent. We may disclose information in response to subpoenas, warrants, or court orders, or in connection with any legal process, or to comply with relevant laws. We may also share your information in order to establish or exercise our rights, to defend against a legal claim, to investigate, prevent, or take action regarding possible illegal activities, suspected fraud, safety of person or property, or a violation of our policies, or to comply with your request for the provision of services by a third party intermediary.
Service Providers. We may share your information with service providers. Among other things service providers may help us to administer our website, conduct surveys, provide technical support, process payments, and assist in the fulfillment of transactions.
You can make the following choices regarding your personal information:
Access To Your Personal Information. You may request access to your personal information by contacting us at the address described below. If required by law, upon request, we will grant you reasonable access to the personal information that we have about you.
Changes To Your Personal Information. We rely on you to update and correct your personal information. Most of our websites allow you to modify or delete your account profile. Note that we may keep historical information in our backup files as permitted by law. If our website does not permit you to update or correct certain information contact us at the address described below.
Deletion Of Your Personal Information. Typically we retain your personal information for the period necessary to fulfill the purposes outlined in this policy, unless a longer retention period is required or permitted by law. You may, however, request information about how long we keep a specific type of information, or request that we delete your personal information by contacting us at the address described below. If required by law we will grant a request to delete information, but you should note that in many situations we must keep your personal information to comply with our legal obligations, resolve disputes, enforce our agreements, or for another one of our business purposes.
Objection to Certain Processing. You may object to our use or disclosure of your personal information by contacting us at the address described below. For example, California residents may be entitled to object, or opt-out, of having their information sold to third parties.
Automated Decision-Making. We may use automated decision-making to decide whether we can provide services to you based on automated identity verification. If you wish to have a human review the decision or otherwise object, you may do so by contacting us at the address described below.
Online Tracking. We do not currently recognize automated browser signals regarding tracking mechanisms, which may include "Do Not Track" instructions.
Promotional Emails. You may choose to provide us with your email address for the purpose of allowing us to send free newsletters, surveys, offers, and other promotional materials to you, as well as targeted offers from third parties. You can stop receiving promotional emails by following the unsubscribe instructions in e-mails that you receive. If you decide not to receive promotional emails, we may still send you service related communications.
Revocation Of Consent. If you revoke your consent for the processing of personal information then we may no longer be able to provide you services. In some cases, we may limit or deny your request to revoke consent if the law permits or requires us to do so, or if we are unable to adequately verify your identity. You may revoke consent to processing (where such processing is based upon consent) by contacting us at the address described below.
We believe in the utmost care and security of our user data. We use best in class security practices and partner with Compliance partners that physically and programmatically encrypt all user data. Our data systems are constantly audited to ensure up to date security standards and prevent data leaks. While no data transmission system is entirely secure, we will notify all relevant regulatory and enforcement agencies of any data breach that is required under applicable law.
Data Retention We do not store any personal data longer than is necessary for payment processing purposes. Our retention policy is to utilize minimal data as needed for processing before deletion in accordance to all regulatory and applicable laws regarding retention periods.
User Protections Under the GDPR, CCPA, and other relevant data implementation acts, users have statutory rights to their personal data. Every user should be well informed of their protection; you can find more information about the GDPR here and the CCPA here. Please understand that these rights are not absolute and may be subject to change or certain conditions.
Key user protections are as follows:
Right to erasure - You have the right to request erasure of your personal data
Right to restriction - You have the right to request restrictions of processing your personal data
Right of access - You have the right to request access to your personal data
Right of recertification - You have the right to request we recertify the information we have about you
Right to object - You have the right to object to the processing of your personal data. Under most circumstances we will have a compelling legal reason for the continuation of processing of your data. But for personal data in regards to profiling, marketing, etc, your requests will always be honored
If you wish to utilize any of the aforementioned rights in the regulatory links or stated in this document, please feel free to connect with us at firstname.lastname@example.org
No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Some of our websites permit you to create an account. When you do you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
The following additional information relates to our privacy practices:
Transmission Of Information To Other Countries. As we are an American company, your information will be transferred out of the European Economic Area. By submitting your personal information to us you agree to the transfer, storage and processing of your information in a country other than your country of residence including, but not necessarily limited to, the United States. Where possible we take steps to treat personal information using the same privacy principles that apply pursuant to the law of the country in which we first received your information. If you would like more information concerning our attempts to apply the privacy principles applicable in one jurisdiction to data when it goes to another jurisdiction you can contact us using the contact information below.
Third Party Applications/Websites. We have no control over the privacy practices of websites or applications that we do not own.
Information for California Residents. California Civil Code 1798.115(c), 1798.130(a)(5)(c), 1798.130(c), and 1798.140 indicate that organizations should disclose whether certain categories of information are “sold” or transferred for an organization’s “business purpose” as those terms are defined under California law. You can find a list of the categories of information that we share here. Please note that because this list is comprehensive it may refer to types of information that we share about people other than yourself. If you would like more information concerning the categories of personal information (if any) we share with third parties or affiliates for those parties to use for direct marketing please submit a written request to us using the information in the "Contact Information" section below.
Contact Information. If you have any questions, comments, or complaints concerning our privacy practices please contact us at the appropriate address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.
5700 Wilshire Blvd, Suite 460, Los Angeles 90036
+1 (818) 497-5574
If you are not satisfied with our response, you may have a right to lodge a complaint with your local supervisory authority.
Last Revised: June 24th, 2021
Effective Date: August 21st, 2019
PaymentsPayments Overview Integrations Payouts Conversion Rates Settlement &