Purchase Crypto
Last updated on 04.03.2026

Privacy and Cookie Policy

This Privacy and Cookie Policy (hereinafter the "Privacy Policy") applies to personal data and the use of cookie files and analogous technologies on the unramp.com website and its sub-sites, including: buy.unramp.com, app.unramp.com, as well as mobile versions, referred to as the "Platform".

This Policy is prepared in accordance with Regulation (EU) 2016/679 (General Data Protection Regulation – GDPR) and the Bulgarian Personal Data Protection Act (PDPA), as in force. It explains how and why we process your personal data and how you can exercise your rights.

By engaging with the Platform, you consent to be bound by the provisions of this Privacy Policy, in particular with regard to processing based on consent (e.g. marketing communications and non‑essential cookies). For processing based on other legal grounds (e.g. contract, legal obligation, legitimate interest), this Policy serves as the information notice required under Articles 13 and 14 GDPR.

1. Personal Data Controller

The controller of your personal data is:

Unramp OOD
22 San Stefano Str., San Stefano Plaza, entr. B, 5th fl., office 16
City of Sofia 1104, Bulgaria
Company number: 207160415
(hereinafter the "Company" or "we").

Data Protection Officer: Maria Guzewska
Email: [email protected]

2. Contact

For any questions related to the processing of your personal data or to exercise your rights described in this Privacy Policy, you can contact us at:

You also have the right to lodge a complaint with the Bulgarian Commission for Personal Data Protection (CPDP) or with the supervisory authority of the EU/EEA member state of your habitual residence, place of work or place of the alleged infringement.

The Bulgarian supervisory authority is: Commission for Personal Data Protection (CPDP)

Address: 2 Prof. Tsvetan Lazarov Blvd. Sofia 1592, Bulgaria

Email: [email protected]

Website: www.cpdp.bg

3. Categories of Personal Data

A. Personal data processed in connection with the Services provided

Categories of data

In order to provide you with the Services available through the Platform, we process the following categories of personal data:

  • Identification data (e.g. name, surname, nationality, unique identifiers where required by law).
  • Address data (e.g. residential address, correspondence address, country of residence).
  • Contact data (e.g. email address, telephone number).
  • Payment‑related data (e.g. payment card details in tokenised/masked form via our payment processors, cryptocurrency wallet addresses used to carry out operations through the Platform).
  • AML/KYC data, including in particular: date and place of birth, nationality, copies and data from identification documents, beneficial ownership information, Source of Funds / Source of Wealth documentation, information obtained from sanctions and PEP screening, adverse media, and other data required under applicable AML/CFT laws and our AML/KYC Policy available here.
  • Service‑related data, such as transaction history, purchase of crypto-assets details, communication history with customer support and data related to security events (e.g. failed login attempts, fraud alerts).

We only collect data that is proportionate, relevant and limited to what is necessary in relation to the purposes for which it is processed (data minimization principle).

Purposes of processing

We process the above data for the following purposes, among others:

  • Provision of Services through the Platform, including processing of purchases and transactions, and servicing your use of the Platform.
  • Compliance with legal obligations relating to AML/CFT, sanctions, tax, accounting and other applicable regulations.
  • Customer support and handling of complaints, requests and inquiries.
  • Tailoring Services to your needs, including adjusting interface display and functions to your device, settings and preferences where legally permissible.
  • Ensuring the security and integrity of the Platform and Services, including authentication, fraud prevention, monitoring and incident management.
  • Communication with you in connection with the provided Services, including service messages, important notices and updates to our terms and policies.
  • General relationship management.
  • Establishment, exercise and defence of legal claims and participation in proceedings related to the provision of Services.

Legal bases of processing

We process your personal data on the following legal grounds:

  • Performance of a contract or taking steps at your request prior to entering into a contract, in particular for the provision of the Services.
  • Compliance with legal obligations, in particular obligations arising from:
    • anti‑money laundering and counter‑terrorist financing legislation (e.g. retention and verification of customer due diligence information for at least 5 years after the end of the business relationship or occasional transaction, as required under Bulgarian AML/CFT rules),​
    • tax and accounting rules (e.g. storage of accounting and tax‑related documents for up to 10 years from 1 January of the year following the reporting period, pursuant to the Bulgarian Accountancy Act),​
    • other applicable EU and national laws.
  • Our legitimate interests, consisting in:
    • ensuring security and preventing fraud and abuse,
    • processing and resolving complaints, requests and claims,
    • improving, developing and optimizing the operation of the Platform and Services,
    • ensuring the proper functioning of our internal IT and security systems,
    • establishing, exercising and defending against legal claims.

In such cases, we balance our legitimate interests with your interests and fundamental rights and freedoms, and we process your data only where our interests are not overridden by your rights.

Where required by law (e.g. for certain optional features), we will ask for your consent separately.

B. Personal data processed for marketing purposes

Categories of data

If you express interest in our Services (for example, by submitting a contact form available on the Platform, subscribing to a newsletter or ticking a marketing consent box), we process the following categories of personal data:

  • Name and surname.
  • Email address and/or telephone number.
  • Information about your role, company or area of interest, if provided.
  • Personal data which you may disclose in messages addressed to the Company.
  • Technical and interaction data relating to marketing communications (e.g. open and click‑through rates), where legally permitted.

Purpose of processing

We process the above data for the following purposes:

  • Answering contact requests and providing information about our Services.
  • Sending marketing communications and materials (e.g. newsletters, product updates, promotions) concerning our Services, including personalized offers where lawful.
  • Managing your marketing preferences and consents.

Legal bases of processing

We process your personal data for marketing purposes on the basis of:

  • Your consent, where we send you electronic marketing communications and where this is required by law. You may withdraw your consent at any time, without affecting the lawfulness of processing based on consent before its withdrawal.
  • Our legitimate interest in promoting and developing our Services, in cases where applicable law allows us to send marketing communications without consent (e.g. soft opt‑in for existing customers), subject to your right to object at any time.

You can withdraw consent or object to marketing at any time using the unsubscribe link in emails or by contacting us.

C. Other data and technical information

We may process data in connection with communication via social media channels (e.g. messages received through official company profiles). In such cases, we process personal data provided through the social media platform solely for communication, customer support and direct marketing of our Services (where lawful). The legal basis is your consent and our legitimate interest in answering inquiries and promoting our Services, subject to your rights to object and to manage your privacy settings on the relevant platform.

We also process certain information that may, depending on the circumstances, constitute personal data:

  • IP address and other identifiers of your device or connection.
  • Information on your activity on the Platform, such as the order in which pages are viewed, session identifiers, timestamps and interaction data.
  • Technical information regarding the device and software used by you (e.g. browser type and version, operating system, screen resolution, language settings).
  • Information on error logs and performance metrics.
  • Mobile device identification number and other identifiers, where applicable.

This information is used to:

  • keep statistics and analyze how the Platform is used,
  • adapt the Platform to your preferences and technical capabilities of your device,
  • ensure security, detect and prevent fraud and abuse,
  • ensure the stability and reliability of our IT systems.

As far as such information constitutes personal data, we process it in line with the principles of the Bulgarian Data Protection Act, especially data minimization, integrity, confidentiality and storage limitation, and we strive to pseudonymize or aggregate it where possible. The legal basis is our legitimate interest in improving the operation of the Platform and preventing and detecting fraud.

4. Sharing of Personal Data

We only share your personal data where this is necessary and lawful. We may entrust the processing of your personal data to entities acting on our behalf (processors) and in connection with the provision of Services. Such processing is carried out exclusively on the basis of a written data processing agreement that meets the requirements of Article 28 GDPR, and in accordance with documented instructions from the Company. We select processors carefully and require them to implement appropriate technical and organisational measures to protect your data.

In particular, we may use processors to:

  • store your data on secure and protected servers,
  • provide us with CRM and customer support solutions,
  • provide technical cookie‑management tools and consent platforms,
  • provide tracking and analytics solutions,
  • provide security and fraud‑prevention tools,
  • provide email and communication services,
  • provide advertising and remarketing networks, where lawful.

We also transfer your personal data to companies in the United Kingdom, listed in Section 5 below, to maintain security and compliance of transactions conducted through the Platform. Transfers to the UK are carried out in reliance on the European Commission’s adequacy decision for the United Kingdom.

We may have to share your personal data with competent public authorities (in particular law enforcement authorities, courts, regulators, tax authorities or the Bulgarian Financial Intelligence Directorate or other member state’s authorities) if they request it and where there is a valid legal basis for disclosure (e.g. court order, administrative decision, statutory reporting obligation).

Upon request, we can provide you with an up‑to‑date list of the main categories of processors and recipients of your personal data.

5. Transfer of Personal Data to Third Countries

Your data may be transferred to countries outside the European Economic Area (EEA) and the United Kingdom, for example, in connection with communications with cryptocurrency exchanges, blockchain analytics providers, or entities acting as custodians of crypto-assets that may be based outside the EEA.

We also use platforms and services of third parties whose servers may be located in the United States or other third countries, including:

  • Google Analytics (statistics and analytics),
  • Google Maps (location‑based display of certain elements, depending on your device settings),
  • Other IT, cloud and security service providers, as applicable.

Where transfers to third countries occur, we ensure that an adequate level of data protection is provided, in particular by applying one or more of the following safeguards:

  • an adequacy decision of the European Commission (e.g. for the United Kingdom or, where applicable, for US organisations certified under the EU–US Data Privacy Framework),
  • standard contractual clauses (SCCs) approved by the European Commission, possibly combined with additional technical and organisational measures,
  • binding corporate rules approved by the relevant supervisory authority,
  • other appropriate safeguards.

In order to maintain the security of transactions conducted through the Platform, personal data is transferred in particular to the following entities established in the United Kingdom:

  • Straal Ltd. (company number: 11185551),
  • Sum and Substance Ltd (company number: 09688671),
  • Elliptic Enterprises Limited (company number: 08458210).

Upon request, we can provide additional information about the safeguards in place for specific transfers and a copy of the relevant standard contractual clauses, where applicable.

6. Period of Storage of Personal Data

We store your personal data only for as long as necessary to fulfil the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. In particular:

a) For data processed in connection with the performance of a contract (e.g. provision of Services), we store the data for the duration of the contract and thereafter for the periods required by law or needed to protect our rights, including:

  • AML/KYC data: for at least 5 years from the end of the business relationship or from the date of an occasional transaction, and longer where required under anti‑money laundering and counter‑terrorist financing legislation.​
  • Accounting and tax‑related documents: for up to 10 years from 1 January of the year following the reporting period to which they relate, in accordance with the Bulgarian Accountancy Act.​

b) For data processed for the purpose of establishing, exercising or defending legal claims, we store such data for the duration of the relevant limitation periods under applicable civil, commercial and administrative laws.

c) For data processed for marketing purposes on the basis of consent or legitimate interest, we store such data until you withdraw your consent or effectively object to processing for these purposes. We may retain limited information (e.g. email address and opt‑out record) solely to document that you have opted out and to ensure we respect your preferences.

d) For data processed on the basis of your consent for other purposes, we process it until you withdraw your consent, unless a longer retention period is required by law or justified by our legitimate interests (e.g. to prove that we have complied with legal obligations).

After the relevant retention periods expire, we delete or irreversibly anonymise your personal data. We periodically review the data we hold to ensure it is up to date and no longer than necessary.

7. Your Rights

In connection with our processing of your personal data, you have the following rights under the PDPA:

a) Right of access – to obtain confirmation as to whether we process your personal data and, if so, to obtain a copy of the data and information about the processing.

b) Right to rectification – to have inaccurate or incomplete personal data corrected or completed.

c) Right to erasure ("right to be forgotten") – to request the deletion of your personal data, in particular where it is no longer necessary for the purposes for which it was collected, where you have withdrawn your consent and there is no other legal basis, or where you have objected to processing and there are no overriding legitimate grounds. This right is subject to limitations, in particular where processing is required by law (e.g. AML/CFT or tax obligations).

d) Right to restriction of processing – to request that we limit processing of your data in certain cases (e.g. when you contest accuracy, during the period we verify it; when processing is unlawful but you oppose erasure).

e) Right to data portability – to receive personal data you have provided to us in a structured, commonly used and machine‑readable format and, where technically feasible, to have it transmitted directly to another controller, where processing is based on consent or contract and carried out by automated means.

f) Right to object – to object at any time, on grounds relating to your particular situation, to processing based on our legitimate interests (including profiling), and to object at any time to processing for direct marketing purposes, including profiling to the extent that it is related to such direct marketing.

g) Right to withdraw consent – where processing is based on your consent, you may withdraw your consent at any time, in any form (e.g. via the unsubscribe link or by contacting us), without affecting the lawfulness of processing based on consent before its withdrawal.

h) Right to lodge a complaint – to lodge a complaint with the Commission for Personal Data Protection (CPDP) or another competent supervisory authority if you consider that the processing of your personal data infringes GDPR or applicable national law.

We respond to your requests without undue delay and in any event within one month of receipt. This period may be extended by two further months where necessary, taking into account the complexity and number of requests; in such cases, we will inform you of the extension and reasons for the delay. Exercising your rights is, in principle, free of charge. Where requests are manifestly unfounded or excessive, in particular because of their repetitive character, we may charge a reasonable fee or refuse to act.

To exercise your rights, please contact us using the details in Section 2 above.

8. Source of Data – Information on Personal Data Obtained from Sources Other Than the Data Subject

In some cases, we may obtain your personal data from sources other than you. These sources may include:

  • your legal representative or attorney,
  • a principal in the case of a power of attorney granted by you,
  • an entrepreneur or legal entity of which you are the beneficial owner, representative or employee,
  • business partners involved in a transaction or Services you use,
  • publicly available registers and databases (e.g. commercial registers, beneficial ownership registers, sanctions and PEP lists, official court or corporate publications),
  • providers of identity verification, sanctions and PEP screening, fraud‑prevention and blockchain analytics services, in accordance with AML/CFT regulations.

In such cases, we process this data for the same purposes and on the same legal bases as set out in this Privacy Policy.

9. Requirement to Provide Data

Provision of your personal data may be:

a) Required by law and/or necessary to conclude and perform the agreement regarding the Services provided by the Company – in particular for identification, AML/KYC checks and transaction processing. Failure to provide such data will prevent us from entering into or performing the agreement and from providing the Services (including due to legal restrictions).

b) Necessary for the proper functioning of the Platform and provision of certain functionalities – some technical and usage data are necessary for the Platform to operate properly and securely. In such cases, failure to provide data (e.g. by disabling all cookies or blocking certain scripts) may result in limited or no access to certain functionalities.

c) Necessary for processing complaints, requests or appeals – failure to provide relevant contact and identification details may make it impossible to process your complaint, request or appeal.

d) Voluntary for marketing and optional features – provision of data for marketing communications and personalised content is voluntary. If you do not provide such data or do not give consent (where required), you will not receive offers or marketing materials, but this will not affect your ability to use the core Services.

Where we ask you to provide personal data, we indicate whether it is mandatory or voluntary and what the consequences of not providing it are.

10. Automated Decision‑Making, Including Profiling

As a rule, the Company does not make decisions based solely on automated processing, including profiling, which produce legal effects concerning you or similarly significantly affect you, within the meaning of Article 22 GDPR.

If in the future we introduce such automated decision‑making (for example, for purely automated credit‑scoring or risk‑scoring that has legal or similarly significant effects), we will provide you with specific information about the logic involved, as well as the significance and envisaged consequences of such processing, and we will ensure that the safeguards required by PDPA are in place.

We may carry out limited profiling for purposes such as:

  • tailoring marketing communications, where permitted by law,
  • risk management and fraud prevention, as part of our AML/CFT obligations.

In such cases, profiling does not produce legal effects or similarly significant effects for you, and you have the right to object at any time

11. Additional Information and Children’s Data

We reserve the right to make changes to this Privacy Policy due to developments in Internet technologies, changes in data protection or other applicable laws, and future development of our Platform and Services. We will inform you of any material changes in a visible and comprehensible manner, for example, via a notice on the Platform or by email, where appropriate.

Links to other websites may be visible on the Platform. Such websites operate independently of the Platform and are not supervised by the Company. These websites may have their own privacy policies and terms and conditions, which we recommend that you review before providing personal data or using their services. We are not responsible for the privacy practices of such external sites.

Our Services are not directed at children under the age of 18 and we do not knowingly collect personal data from children under that age without parental consent. If we become aware that we have collected personal data of a child under 18 without appropriate consent, we will take steps to delete such data. If you believe we may have collected such data, please contact us.

12. Security of Personal Data

We implement appropriate technical and organisational measures to ensure a level of security appropriate to the risk. These measures include, in particular:

  • encryption of data in transit and at rest, where appropriate,
  • logical and physical access controls based on the need‑to‑know principle,
  • segmentation and protection of network infrastructure,
  • regular testing, assessment and evaluation of the effectiveness of technical and organisational measures,
  • secure development and maintenance practices for our IT systems,
  • incident‑response and business continuity procedures.

In the event of a personal data breach that is likely to result in a risk to your rights and freedoms, we will notify the competent supervisory authority without undue delay, and where the risk is high, also inform you, in accordance with the PDPA.

13. Cookies Policy

This Cookies Policy forms an integral part of the Privacy Policy. It explains how cookies and similar technologies are used on the Platform, what information is collected through them, and how you can manage your preferences.

We may amend this Cookies Policy from time to time, in particular due to developments in Internet technology, changes in the PDPA and the development of our Platform. We will inform you of material changes, for example via a banner or notice on the Platform.

On the Platform, there may appear links to other websites that may also use cookies. Such websites operate independently and are not supervised by the Company. These websites may have their own privacy and cookies policies, which we recommend that you review.

§1 GENERAL PROVISIONS

  1. The Cookies Policy governs the use of cookies and similar technologies on the Platform and explains how information about the customer ("customer") is processed through them.
  2. The Platform uses cookies and similar technologies to perform functions of obtaining information about the customer and their behaviour and to support the proper functioning and improvement of the Platform.
  3. Information about the customer is obtained in particular through:
    • a. saving cookies on the customer's terminal equipment (e.g. computer, smartphone, tablet);
    • b. collecting web server logs on the server managed on behalf of the Company;
    • c. using similar technologies (e.g. local storage, pixels), where applicable.
  4. Personal data collected using cookies and similar technologies may be processed only for the purposes specified in this Cookies Policy and in the Privacy Policy. Such data is protected using appropriate technical and organisational measures, including encryption and access controls, to prevent access by unauthorised persons.
  5. The entity placing cookies on the Platform customer's terminal equipment and accessing them is the Company, as well as third parties whose services we use (e.g. analytics and advertising providers), as specified in this Cookies Policy.
  6. Cookies allow, in particular, the recognition of the customer's device and displaying the Platform appropriately adapted to their individual preferences and device, enabling the Platform to be displayed in the customer's language remembered by these files, as well as using other settings of the Platform selected by the customer.
  7. Cookies usually contain the name of the website from which they originate, the time they are stored on the end device and a unique identifier.

§2 PURPOSES OF THE COOKIES POLICY

  1. The purposes of this Cookies Policy are to:
    • a. inform the customer about the extent to which information about them is processed through cookies and similar technologies, including, where applicable, their personal data, so that the customer can make a free and informed decision on whether and to what extent to use the Platform and to consent to cookies;
    • b. specify in general terms how and for what purpose the Company collects information about the customer and for what purposes it uses this information;
    • c. inform the customer to whom and where the Company makes such information available, in particular to providers of analytics, advertising and security solutions.
  2. With a view to maintaining customers' trust in the Platform, the Company exercises due diligence to ensure that data collected through cookies is processed in a secure, lawful, transparent and proportionate manner.

§3 PURPOSE OF USING COOKIES

Cookies and similar technologies are used, in particular, to:

  1. Adapt the content of the Platform to the customer's preferences and end device and to optimize the use of the Platform. These files allow, for example, recording the customer's choices as to language, browser, settings of selected elements of the Platform, as well as recording information about the customer's approximate location (e.g. country).
  2. Create anonymous, aggregated statistics that help to understand how customers use the Platform, which allows us to improve its structure and content, enhance performance and detect errors, excluding the identification of a specific customer where possible.
  3. Maintain the session of the customer of the Platform, for example after logging in, so that the customer does not have to re‑enter login details on each page.
  4. Ensure security and integrity of the Platform, including preventing misuse and fraud, and supporting authentication and access control mechanisms.

Legal bases

  • For cookies that are strictly necessary for the provision of the service explicitly requested by the customer (e.g. essential session cookies), the legal basis is our legitimate interest in ensuring the proper functioning and security of the Platform.
  • For all other cookies (e.g. analytics and advertising cookies that are not strictly necessary), the legal basis is the customer’s consent. Such cookies will only be used if the customer has given consent via the cookie banner or settings. The customer may withdraw their consent at any time.

§4 TYPES OF COOKIES

  1. The Company generally uses two basic types of cookies – "session" and "persistent" cookies. Session cookies are temporary files that remain on the customer's device until they log out of the Platform or close the web browser. Persistent cookies remain on the customer's device for the time specified in the parameters of the cookies or until they are manually deleted by the customer.
  2. The Company uses, in particular, the following categories of cookies:
    • a. By necessity for the service:
      • Essential cookies – absolutely necessary for the proper functioning of the Platform or for functionalities that the customer explicitly requests (e.g. maintaining a logged‑in session, remembering privacy settings). Without them, the Platform may not function correctly.
      • Functional cookies – important for the operation of the Platform, as they:
        1. enrich the functionality of the Platform; without them, the Platform will work properly, but it may not be tailored to the customer's preferences;
        2. help ensure a high level of functionality and customer experience; without them, the level of functionality may be reduced, but their absence should not prevent the use of the Platform;
        3. support specific functionalities; blocking them may result in selected functions not working properly.
    • b. By duration:
      • Session cookies – placed for the duration of using the browser (session) and deleted after closing the browser or logging out of the Platform.
      • Persistent cookies – not deleted when the browser is closed and remain on the customer's device for a specified period of time or until deleted by the customer.
    • c. By source:
      • First‑party cookies – placed on the Platform directly by the Company.
      • Third‑party cookies – placed on the Platform by entities other than the Company, for example providers of analytics, advertising, security or social media services (e.g. Google Analytics, Google Ads, social media plugins).
    • d. By purpose:
      • Configuration cookies – enable the setting of features and services on the Platform (e.g. language, region, display preferences).
      • Security and reliability cookies – enable verification of authenticity, support security mechanisms and help optimise performance.
      • Session‑status cookies – record information about how the customer uses the Platform, such as the most frequently visited pages or error messages, helping to improve the Platform and enhance the browsing experience.
      • Process cookies – enable the smooth operation of the Platform and the functions available on it (e.g. navigation, form submissions, transaction processes).
      • Location cookies – make it possible to adjust information displayed to the customer's approximate location (e.g. country, language).
      • Analytics cookies – help collect information about how customers use the Platform (e.g. which pages are visited, how long they are visited, which links are clicked), allowing us to improve Services and compile aggregate statistics.
      • Advertising and remarketing cookies – used to display more relevant advertisements on third‑party websites or to measure the effectiveness of advertising campaigns, where legal and based on your consent.
  3. Examples of third‑party cookies used include, in particular:
    • Google Analytics – analytics cookies used to compile statistics and analyze use of the Platform;
    • Other analytics, advertising or social media tools that may use cookies or similar technologies.

Details of the cookies currently used and their parameters (e.g. names, duration, providers, purposes) may be provided in a separate cookie table accessible via the cookie banner or a dedicated section of the Platform.

§5 COOKIES AND PERSONAL DATA

  1. Cookies and similar technologies do not always constitute personal data. However, certain information stored in such files (e.g. identifiers, IP address, preferences, device information), in combination with other information about the customer, may be treated as personal data within the meaning of GDPR.
  2. Personal data collected using cookies and similar technologies may be processed only for the purposes specified in this Cookies Policy and in the Privacy Policy. The Company applies appropriate safeguards, such as pseudonymisation or aggregation, where possible, and uses technical and organisational measures to protect personal data against unauthorised access.
  3. Where cookies involve transfers of data to third countries, such transfers are subject to the safeguards set out in Section 5 of this Privacy Policy.

§6 MANAGEMENT AND DELETION OF COOKIES

  1. The storage of and access to cookies that are not strictly necessary for the provision of the service explicitly requested by the customer is based on the customer’s consent. This consent is obtained through the configuration of the cookie banner or settings on the Platform, and can also be influenced through the settings of the customer's web browser or device.
  2. Web browsing software (i.e. web browsers) by default often allow cookies to be placed on the customer's terminal device. These settings can be changed so as to block the automatic handling of cookies or to inform the customer each time cookies are sent to their device.
  3. The customer may, at any time and without detriment, withdraw consent to non‑essential cookies or change their preferences through:
    • the cookie‑management tool or banner provided on the Platform, or
    • relevant browser or device settings (e.g. clearing cookies, enabling "Do Not Track").
  4. Restricting or disabling cookies may affect some of the functionalities available through the Platform, in particular those that rely on cookies to operate properly (e.g. maintaining logged‑in sessions, remembering preferences).
  5. Withdrawal of consent or blocking of cookies does not affect the lawfulness of processing based on consent before its withdrawal. In certain cases, it may be necessary to refresh the page, log out and log back in, or clear cookies on all devices in order for changes to take full effect.

§7 SYSTEM LOGS

  1. Information about certain behaviour of the customer is subject to logging at the server layer (system logs). This data is used solely for the purpose of administering the Platform, ensuring the most efficient operation of the hosting services provided to the Company, and for security purposes.
  2. Viewed resources are identified by URLs. In addition, the record may include, in particular:
    • a. time of arrival of the request;
    • b. time of sending the response;
    • c. name of the customer's station or identifier – identification performed via the HTTPS protocol or similar;
    • d. information about errors that occurred during the execution of the HTTPS transaction;
    • e. URL of the page previously visited by the customer (referrer link), if the access to the Platform was through such a link;
    • f. information about the customer's browser and device;
    • g. IP address information.
  3. As a rule, the above data is not associated with specific individuals using the Platform and is used solely for server administration, security, incident investigation, performance monitoring and statistical purposes. Where such data constitutes personal data, it is processed on the basis of our legitimate interest (Article 6(1)(f) GDPR) and is retained for no longer than necessary, typically for up to [e.g. 30] days, unless a longer period is required for security incident investigation or legal purposes.
Remember that past performance is not a guarantee of future returns. Cryptocurrencies involve high risk, and an investment may both increase and decrease in value. There is no guarantee that you will recover the full amount invested.