1. Definitions

In this Privacy Policy (Privacy Policy):

• (Cookies) mean data files that are placed on your device or computer and often contain an anonymous unique identifier. These data may be used for authentication, user session identification, user preferences, or anything else that can be accomplished through storing data on your computer. For more information about cookies and how to disable cookies, visit http://www.allaboutcookies.org.
• (CryptoRise) means a set of related web pages and services located in the same domain with the name CryptoRise.com.
• (Google) means Google LLC.
• (Log Files) mean tracking actions occurring on CryptoRise, and data including your IP address, browser type, internet service provider, referring/exit pages, and date/time stamps.
• (Personal Data) mean (a) data that can be used to identify or establish the identity of a person, and (b) cookies, log files, tags, and pixels.
• (Tags) and (Pixels) mean electronic files used to record information about how you browse CryptoRise.

2. General

This Privacy Policy applies to Personal Data that we collect when you use our services or visit CryptoRise.

Personal Data is processed in accordance with the provisions of Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation) and the Personal Data Protection Act of 10 May 2018.

We would like to assure you that we are committed to the following personal data protection principles:

• any Personal Data you provide to us will be protected and will only be collected for the purposes set out in this Privacy Policy;
• we will not rent or sell your Personal Data to any third party;
• we adhere to certain principles of personal data protection in accordance with the General Data Protection Regulation that came into force on 25 May 2018;
• we will provide you with the opportunity to contact us with any questions or requests regarding this Privacy Policy or Personal Data.

By using our services or visiting CryptoRise, you confirm your agreement with this Privacy Policy. In this regard, if you do not agree with this Privacy Policy, please do not visit CryptoRise and do not use our services.

3. Cookies

A cookie is a data element that a website can send to your browser, which can then store it in your system. We use cookies on some of our pages to store your preferences and record session information. The collected information is then used to provide a more personalized level of service to our users. You can configure your browser settings to receive notifications when cookies are received. Please refer to your browser documentation to check if cookies are enabled on your computer or to set a cookie blocking.

Since cookies allow you to use some basic features of the Website, we recommend that you accept them. For example, if you block or otherwise reject our cookies, you will not be able to use the products or services on the site that may require you to log in. It is important to prevent unauthorized access to your password and your computer. You should always log out after using a shared computer. Information collected through cookies is used by us to evaluate the effectiveness of our site, analyze trends, and manage the platform. Information collected through cookies allows us to determine which sections of our site are most visited and what difficulties visitors may encounter when accessing our site.

With this knowledge, we can improve the quality of your stay on the platform by recognizing and providing more of the most requested features and information, as well as resolving access issues. We also use cookies and/or technology known as web bugs or clear gifs, which are typically stored in emails, to help us confirm receipt of and response to our emails and provide you with a more personalized experience when using our site. Your continued use of this site, as well as any subsequent use, will be considered your consent to store cookies on your device.

4. Why and when we process your information

We will use and process your information:

• For internal business analytics purposes, to conduct research, develop and improve products;
• To inform you about changes made to our Services;
• For promotional purposes, we may send emails to your email address. You can opt out of receiving these emails by following the instructions contained in these emails or by contacting us at [email protected];
• To provide the most effective presentation of our Service content for you and your computer;
• To display content based on your interests;
• To respond to your questions and provide appropriate customer services;
• To verify your identity when and if such procedure may be required;
• To monitor and protect the security of our information, systems, and network;
• For residents of the European Economic Area (EEA), the United Kingdom, and Switzerland, in accordance with Art. 6 GDPR, we process this information to fulfill our legal obligations;
• When we need it to provide the Services, ensure customer support, and personalized features;
• To protect the security and protection of the Services;
• When it serves legitimate interests (which do not contradict your rights), for example, for research and development, for marketing and promotion of the Services;
• To protect our legal rights and interests;
• When you give us your consent for a specific purpose;
• When we need to process your information in accordance with legal obligations or requests from government or legal authorities.

Your information may be processed for risk management purposes, to identify and prevent fraud and illegal activities, and to ensure compliance with all applicable laws. Such processing is part of our anti-money laundering measures and is carried out using automated software or manually. For more information, please refer to our AML/CFT Policy.

5. To whom, why and when such information may be disclosed

Such information may be disclosed to law enforcement agencies, officials, or third parties:

• When we are required to do so by government request, court decision, official request from a competent authority, or similar legal procedure;
• In good faith believing that disclosure is reasonably necessary to prevent, report, and protect against fraud, money laundering, financial losses, and other suspected illegal activities;
• For internal or external investigation of violations of our Terms of Service or any other applicable policies and laws to ensure compliance with our legal obligations;
• In some cases, processing and transferring your information to partner companies may be necessary to continue providing you with our services.

6. Data retention period

We store your personal data and confidential information only for the period necessary to achieve the purposes outlined in our Privacy Policy or in accordance with legal requirements. This includes storage for identity verification, regulatory compliance, and service improvement, among other things specified in this Policy.

For most types of data, including transaction history, contact information, and other personal data, we store this information for up to five years. Biometric data is typically stored for a shorter period of time, exactly as long as necessary for identity verification, or for a maximum of three years from your last interaction with The Change Solutions Limited, whichever comes first.

After the relevant periods or after achieving specific data collection purposes, your data will be securely and irrevocably destroyed in accordance with our legal requirements.

7. How we protect your information

For us, maintaining your confidentiality and preventing misuse or unauthorized disclosure of your information is a priority, so CryptoRise, with absolute responsibility to its users and their rights, applies various technical, physical, and administrative security measures to protect the security and confidentiality of the information you entrust to us.

We will store your information in a form that allows us to identify you no longer than is necessary for the purpose for which the information is processed. We store your information only as long as necessary to comply with our legal obligations, resolve disputes, enforce our agreements and rights, and for any other reason as described in the sections above, or if it is technically and reasonably impossible to delete it.

Upon your appropriate request, we will promptly delete your information regarding your rights as described below in the section on your rights of this Privacy Policy. To request deletion of your information, contact us at [email protected].

In addition, we cannot ensure or guarantee the security or confidentiality of any information you transmit to us or receive from us over the Internet or wireless connection, including email, phone, or SMS, as we have no way to protect that information after it is transmitted and until it reaches us.

Your data will not be sold, rented, exchanged, or otherwise profited from. We will not disclose or distribute your data to third parties, except when required by law or for specific identity verification purposes as specified in this Policy and AML Policy.

8. Children

We do not intend to request or collect information from persons under the age of 18 or under the age of majority established by law in your country if it is higher. If you are under 18 years of age or have not reached the age of majority established by law in your country, do not enter any information in our Services.

9. Explicit consent

By using our Services, you agree to the collection, storage, processing, and use of your personal data as set out in this Policy, for purposes such as identity verification, regulatory compliance, and service improvement, among other things as specified in this Policy. We undertake to handle your personal data responsibly and in accordance with applicable laws and privacy rules.

By agreeing to this Policy, you give explicit consent to the processing of your personal data on the terms set out herein. You confirm that you have been informed in writing about the purposes of collecting your data, the duration of their storage, and our commitment to handling your information securely and confidentially.

10. Your rights

10.1 Right of access

You have the right to access information about your information that is processed by us, and you may request a copy of it. This means that we are obliged to provide you with all information regarding what categories of your information we use, how long we store them, who are the recipients of this data, and what are the purposes of their processing. The legal basis is Art. 15 of the General Data Protection Regulation.

10.2 Right to rectification

If you notice that your information is incomplete, you may provide us with an additional statement. If you notice that your information contains inaccuracies, you may exercise your right to rectification, which means that we are obliged to make substantial corrections. The legal basis is Art. 16 of the General Data Protection Regulation.

10.3 Right to erasure

You have the right to request the deletion of your personal information, and we are obliged to comply without undue delay under the following conditions:

• The information is no longer necessary in relation to the purposes for which it was collected or processed;
• You withdraw your consent to our Terms of Service, and there is no other legal basis for the processing;
• You exercise your right to object;
• The information has been unlawfully processed;
• The information must be erased to comply with a legal obligation under Union or Member State law to which the controller is subject.

The above conditions shall not apply to the extent that processing is necessary for compliance with a legal obligation which requires processing under Union or Member State law to which we are subject, or for the performance of a task carried out in the public interest or in the exercise of official authority vested in us, for the establishment, exercise, or defense of legal claims, as well as other exceptions listed in Article 17(3) GDPR. The legal basis is Art. 17 of the General Data Protection Regulation.

To request deletion of your personal information, go to your account dashboard settings and deactivate your account by clicking the "Deactivate Account" button. By deactivating your account, you withdraw your consent to our Terms of Service, and your account is restricted for further use. After deactivating your account, you can contact us at [email protected] with the subject "Erasure of information" and request deletion of your personal information.

10.4 Right to object

If there are no compelling reasons for processing your data, you have the right to object to the processing of your information under certain circumstances. In particular, you may object if the processing is intended for:

• A task carried out in the public interest;
• The exercise of official authority vested in us;
• Our legitimate interests (or those of a third party).
• Where processing is for direct marketing purposes, including profiling, your right to object is absolute, and you may exercise it at any time and free of charge. The legal basis is Art. 21 of the General Data Protection Regulation.

10.5 Right to restriction

Furthermore, you have the right to obtain restriction of processing of information concerning you under the following conditions:

• The accuracy of the information is contested by you for a period enabling us to verify the accuracy of the information;
• The processing is unlawful, and you oppose the erasure of the information and request the restriction of their use instead;
• We no longer need the information for the purposes of the processing, but they are required by you for the establishment, exercise, or defense of legal claims;
• You have objected to processing pending the verification whether our legitimate grounds override yours.

In all the above circumstances, such information shall only be processed with your consent or for the establishment, exercise, or defense of legal claims, or for the protection of the rights of another natural or legal person, or for reasons of important public interest of the Union or of a Member State. The legal basis is Art. 18 of the General Data Protection Regulation.

10.6 Right to lodge a complaint

If you consider that the processing of your information by us is unlawful, you have the right to lodge a complaint with a supervisory authority. The legal basis is Art. 12(4) GDPR. These are the authorized data protection authorities; the contact person responsible for you can be found, for example, at the following URL: https://www.cpdp.bg/

10.7 Right to data portability

You have the right to data portability, which means that you have the right to receive the information we process in a structured, commonly used, and machine-readable format and to transmit those data to another controller without hindrance from us. The legal basis is Art. 20 of the General Data Protection Regulation.

10.8 Right to information

You have the right to obtain information about any rectification or erasure of your information or restriction of processing carried out in accordance with Article 16, Article 17(1), and Article 18 GDPR to each recipient to whom the information has been disclosed, unless this proves impossible or involves disproportionate effort. We shall inform you about those recipients if you request it. The legal basis is Art. 19 of the General Data Protection Regulation.

10.9 Right to withdraw consent

You have the right to withdraw your consent to the processing of your data at any time. However, please note that withdrawal of your consent may affect your ability to use some of our services. The withdrawal of consent shall not affect the lawfulness of processing based on consent before its withdrawal.

11. Policy changes

This Policy may be amended at our sole discretion without prior notice. We encourage you to review it periodically to stay informed of any changes we may have made. Careful reading and checking for changes is your responsibility. By using the Services, you accept and agree to the Privacy Policy, Terms of Service, and AML Policy.

12. Contacts

If you have any questions regarding our policy or privacy practices, please contact us at [email protected].