Privacy Policy
Cryptonly
Effective date: 26 March 2026. Legal entity: Cryptonly.
1. Introduction
This Privacy Policy explains how Cryptonly, trading as "Cryptonly" ("Cryptonly", "we", "us", or "our"), collects, uses, stores, transfers, and otherwise processes personal data in connection with the website, dashboard, APIs, account registration, support communications, and custodial crypto payment services.
This Privacy Policy is drafted for a global business-to-business service. It should be reviewed and updated following incorporation of the Cryptonly operating entity and before launch in any jurisdiction where local law imposes additional or different notice requirements.
2. Data controller
The data controller for the purposes of this Privacy Policy is:
Cryptonly
Contact email: [email protected]
3. Categories of personal data
We may collect and process the following categories of personal data:
Account and identity data, including full name, email address, company name, Telegram username or contact, phone number, job title, account credentials, and other account profile information.
Communications data, including support messages, correspondence, onboarding materials, and records of interactions with us.
Transaction and service data, including wallet addresses, blockchain transaction identifiers, amounts, timestamps, internal ledger activity, payment records, withdrawal requests, and API usage data.
Technical data, including IP address, browser type, operating system, device information, access logs, security event data, and approximate location inferred from IP address.
Analytics data collected through Google Analytics and related website measurement tools.
4. Sources of personal data
We collect personal data directly from the individual or business using the Services, automatically through use of the website, dashboard, and APIs, and, where relevant, from publicly available sources, compliance screening sources, counterparties, service providers, or professional advisers.
5. Purposes of processing
We may process personal data for the following purposes:
to create, administer, secure, and maintain accounts and authorised user access;
to provide the Services, including custodial balance management, transaction processing, internal ledgering, and withdrawal functionality;
to communicate with Customers, respond to enquiries, deliver support, and provide operational notices;
to monitor, review, investigate, and prevent fraud, abuse, sanctions exposure, money laundering, terrorist financing, and other unlawful or high-risk activity;
to comply with legal, regulatory, audit, accounting, tax, reporting, and law-enforcement obligations;
to improve, test, maintain, secure, and develop the website, dashboard, APIs, and related systems;
to protect the rights, property, security, and legitimate interests of Cryptonly, its Customers, and third parties.
6. Legal bases for processing
Where applicable law requires identification of a legal basis, we process personal data on one or more of the following bases:
performance of a contract or steps taken at the request of the data subject before entering into a contract;
compliance with legal or regulatory obligations;
our legitimate interests, including service administration, security, fraud prevention, sanctions compliance, business continuity, analytics, and service improvement; and
consent, where consent is required by applicable law.
7. Compliance, AML, and sanctions monitoring
Because Cryptonly operates in the digital asset sector, we may process personal data to verify identity and business information, assess transaction behaviour, screen wallet addresses and counterparties, detect prohibited jurisdictions or sanctioned parties, identify suspicious activity, and comply with sanctions, anti-money laundering, fraud-prevention, and related risk-control obligations.
8. Disclosure of personal data
We do not sell personal data.
We may disclose personal data only where reasonably necessary to: (a) hosting, infrastructure, analytics, communications, and security service providers acting on our behalf; (b) professional advisers including lawyers, auditors, and consultants; (c) competent regulators, supervisory authorities, law enforcement agencies, courts, or governmental bodies; (d) acquirers, investors, financing counterparties, or successor entities in connection with a merger, acquisition, restructuring, financing, or sale of business or assets; or (e) any other person where disclosure is required by law or reasonably necessary to protect rights, security, or the integrity of the Services.
At present, we use Google Analytics for website analytics. Google may process certain device, cookie, and usage information in accordance with its own role and privacy documentation.
9. International transfers
Personal data may be processed and stored in jurisdictions other than the country in which the relevant individual is located. Where applicable law requires safeguards for international transfers, we will implement such safeguards as we consider appropriate or as required by law.
10. Retention
We retain personal data for as long as necessary to provide the Services, maintain accounts, ensure security, resolve disputes, enforce agreements, comply with legal, regulatory, AML, accounting, tax, and audit obligations, and protect against fraud or abuse.
Where deletion is requested, we will delete or anonymise personal data within a reasonable period unless retention is necessary or permitted for legal, compliance, security, fraud-prevention, dispute-resolution, or legitimate business purposes.
11. Security
We implement reasonable technical, organisational, and administrative measures designed to protect personal data against unauthorised access, disclosure, alteration, loss, or destruction. However, no method of electronic transmission, storage, or processing is completely secure, and we cannot guarantee absolute security.
12. Cookies and analytics
The website may use cookies, log technologies, and similar tools for security, performance, and analytics purposes.
Cryptonly currently uses Google Analytics. Depending on the website configuration and the jurisdictions in which the website is made available, a separate cookie notice or consent mechanism may be required.
13. Data subject rights
Subject to applicable law, individuals may have the right to request access to personal data, rectification of inaccurate data, deletion, restriction of processing, objection to certain processing, portability of personal data, withdrawal of consent where processing is based on consent, and the right to lodge a complaint with a competent supervisory authority.
Requests concerning personal data may be submitted to [email protected]. We may request additional information to verify the identity and authority of the requestor before responding.
14. Children
The Services are intended for business users and are not directed to children. We do not knowingly collect personal data from children.
15. Third-party services
The Services may integrate with or link to third-party wallets, exchanges, blockchain infrastructure providers, websites, or other services. We are not responsible for the privacy practices of third parties, and users should review the relevant third-party notices separately.
16. Changes to this Privacy Policy
We may amend this Privacy Policy from time to time. The updated version shall become effective on the date stated in the revised policy or, if no date is stated, upon publication through the website or Services.
17. Contact
Questions, complaints, or requests concerning this Privacy Policy may be directed to [email protected].