Last Update: April 21, 2022
The following provides examples of the type of information we collect and how that information is handled.
|Context||Types of Data||Primary Purpose for Collection and Use of Data|
|Account Creation||We collect your name, email address, company name, date of birth, phone number, and country/home currency when you create an account.||We have a legitimate interest in providing account related functionality to users. Accounts can be used to receive payments, send payments, convert funds, initiate bank and bitcoin transfers, define account settings, and view/download transaction history.|
|Cookies and Third Party Tracking||We participate in behavior-based advertising, this means that a third party uses technology (e.g., a cookie) to collect information about your use of our website so that they can provide advertising about products and services tailored to your interests on our website, or on other websites. Third party cookies collect your email address, IP address, country code, technical data, website errors, and your actions on our site.||We have a legitimate interest in engaging in behavior-based advertising and capturing website analytics.|
|Email Interconnectivity||If you receive email from us, we may use certain tools to capture data related to your interaction with our messages.||We have a legitimate interest in understanding how you interact with our communications to you.|
|Feedback/Support||If you provide us feedback or contact us for support we collect your name and e-mail address, as well as any other content that you send to us, in order to reply.||We have a legitimate interest in receiving, and acting upon, your feedback or issues.|
|Mailing List||When you sign up for one of our mailing lists we collect your email address.||We share our newsletter, as well as information about our products and services with individuals who consent to receive such information. We also have a legitimate interest in sharing information about our products and services.|
|Payment Data||When you initiate a payment request or payout, we collect information to confirm and process it. This may include: transaction ID, payment method, the payment value in fiat currency and bitcoin, the price, the choice of fiat currency used, time stamps, and business information. This information may be shared with our regulated bank/exchange partners to facilitate the transaction.||We require this information in order to perform our contract with you.|
|KYC/KYB, Bank Verification, and Account Activity||In order to activate your account, we need to collect information to verify your identity. This may include images of your face and identification documents, identity verification information from other sources including third-parties, as well as bank account information. We may also collect your email address and mobile phone number from third-parties if you initiate or receive a transaction. We also collect information relating to the actions that you perform while logged into your account.||We have a legitimate interest in the prevention, detection, and investigation of fraud, money laundering, criminal activity, and other misuse of our services. We may also have a legal obligation to collect this information or validate your identity for compliance with Anti-Money Laundering and other finance laws in the jurisdictions where we operate. We have a legitimate interest in confirming that you are an active OpenNode account holder, that you have enabled payments and transfers, and to notify you when funds have been sent and received. We also have a legitimate interest in creating a trustworthy, safe, and reliable platform.|
|Web logs||We collect information, including your browser type, operating system, Internet Protocol (IP) address (a number that is automatically assigned to a computer when the Internet is used), domain name, click-activity, referring website, and/or a date/time stamp for visitors.||We have a legitimate interest in monitoring our networks and the visitors to our platform. Among other things, it helps us understand how users are interacting with capabilities.|
|User Data||User personal information, company information, phone number, country, ID, and proof of address.||Compliance with international regulatory laws for payment processing services. While collecting this information, we are GDPR and CCPA compliant. All data is encrypted by bank level security in private secured servers. General international data protection information followed by OpenNode can be found here: GDPR, and in Section 7 entitled “Information for California Residents,” for the CCPA|
In addition to the information that we collect from you directly, we may also receive information about you from other sources, including third parties, business partners, our affiliates, or publicly available sources. For example, we may supplement our identity verification by comparing your information against a third-party database.
In addition to the purposes and uses described above, we use information in the following ways:
Although the sections above describe our primary purpose in collecting your information, in many situations we have more than one purpose. For example, if you complete a transaction we will collect your information to perform our contract with you, but we also collect your information as we have a legitimate interest in maintaining your information after your transaction is complete so that we can quickly and easily respond to any questions about your transaction. As a result, our collection and processing of your information is based in different contexts upon your consent, our need to perform a contract, our obligations under law, and/or our legitimate interest in conducting our business.
We disclose your personal information to third parties for a variety of business purposes, including to provide our Services, to protect us or others, or in the event of a major business transaction such as a merger, sale, or asset transfer, and as described below:
You can make the following choices regarding your personal information:
We believe in the utmost care and security of our user data. We use best in class security practices and partner with Compliance partners that physically and programmatically encrypt all user data, within reasonable industry standards. Our data systems are constantly audited to ensure up to date security standards and prevent data leaks. While no data transmission system is entirely secure, we will notify all relevant regulatory and enforcement agencies of any data breach that is required under applicable law.
Data Retention We do not store any personal data longer than is necessary for payment processing purposes. Our retention policy is to utilize minimal data as needed for processing before deletion in accordance to all regulatory and applicable laws regarding retention periods.
User Protections Under the GDPR, CCPA, and other relevant data implementation acts, users have statutory rights to their personal data. Every user should be well informed of their protection; you can find more information about the GDPR here and the CCPA, in Section 7 entitled “Information for California Residents.” Please understand that these rights are not absolute and may be subject to change or certain conditions.
Key user protections are as follows:
If you wish to utilize any of the aforementioned rights in the regulatory links or stated in this document, please feel free to connect with us at email@example.com
No method of transmission over the Internet, or method of electronic storage, is fully secure. While we use reasonable efforts to protect your personal information from unauthorized access, use, or disclosure, we cannot guarantee the security of your personal information. In the event that we are required by law to inform you of a breach to your personal information we may notify you electronically, in writing, or by telephone, if permitted to do so by law.
Some of our websites permit you to create an account. When you do you will be prompted to create a password. You are responsible for maintaining the confidentiality of your password, and you are responsible for any access to or use of your account by someone else that has obtained your password, whether or not such access or use has been authorized by you. You should notify us of any unauthorized use of your password or account.
For purposes of the CCPA, we do not “sell” personal information, nor do we have actual knowledge of any “sale” of personal information of minors under 16 years of age. We may, however, share information with third-party advertising partners for the purpose of promoting our Services as described above, such as for cross-context behavioral advertising. To the extent that such sharing is considered a “sale” under California law, you may limit such sharing by following the instructions found in Section 5 above, entitled “Data Protection.”
This supplemental notice for California Residents only applies to our processing of personal information that is subject to the California Consumer Privacy Act of 2018 (“CCPA”). The CCPA provides California residents with the right to know what categories of personal information we have collected about them, and whether we disclose that personal information for a business (e.g., to a service provider) in the preceding twelve months. California Residents can find this information below:
|Category of Personal Information||Is information collected by us?||Is information transferred for valuable consideration?||Is information transferred for business purposes?|
|Audio, electronic, visual, thermal, olfactory, or similar information||✔||✔|
|Bank account number||✔||✔|
|Characteristics of protected classifications (e.g., age, sex, race, ethnicity, physical or mental handicap, etc.)||✔||✔|
|Commercial information (e.g., products or services purchased, or other purchasing or consuming histories or tendencies)||✔||✔|
|Driver’s License Number / State ID||✔||✔|
|Electronic network activity (e.g., browsing history)||✔||✔|
|Identifiers (e.g., name or alias)||✔||✔|
|Online identifier (e.g. IP address)||✔||✔|
|Other financial information||✔||✔|
|Social Security Number||✔||✔|
|Non-Discrimination. California residents have the right not to receive discriminatory treatment by us for the exercise of their rights conferred by the CCPA.|
Authorized Agent. Only you, or someone legally authorized to act on your behalf, may make a verifiable consumer request related to your personal information. You may also make a verifiable consumer request on behalf of your minor child. To authorize an agent, provide written authorization signed by you and your designated agent and contact us as set forth in Section 5, above, entitled “Data Protection.”
Verification. To protect your privacy, we will take steps to reasonably verify your identity before fulfilling your request. These steps may involve asking you to provide sufficient information that allows us to reasonably verify you are the person about whom we collected personal information or an authorized representative, or to answer questions regarding your account and use of our Services.
If you are a California resident and would like to exercise any of your rights under the CCPA, please contact us as set forth in Section 5, above, entitled “Data Protection.” We will process such requests in accordance with applicable laws.
De-Identified Information. If we create or receive de-identified information, we will not attempt to reidentify such information, except to comply with applicable law.
The following additional information relates to our privacy practices:
Contact Information. If you have any questions, comments, or complaints concerning our privacy practices please contact us at the appropriate address below. We will attempt to respond to your requests and to provide you with additional privacy-related information.
5700 Wilshire Blvd, Suite 460, Los Angeles 90036
+1 (818) 497-5574
If you are not satisfied with our response, you may have a right to lodge a complaint with your local supervisory authority.
PaymentsPayments Overview Integrations Payouts Conversion Rates Settlement &