Thank you for using OpenNode! ("OpenNode", "we", "us" and "our")
Please find below a description of types and examples of information we collect and the purpose of the collection:
|Type of Data||Examples of Data||Purpose /Legal Basis|
|Registration Data: Information used to access the service||Username, email address.||For purpose of consent and performance of contract between OpenNode and User as well as acting in furtherance of execution of said contact.|
|Account Data: All information provided about user.||Full name, email address, username, country and telephone number.||For the purpose of providing our services, maintaining security of our users and services, and for communication with the User.For the purpose of verification of the transactions, providing alternative access to open trades.|
|ID Data: Digital copy of User's identification card||Full name, country, date of birth, social security number and gender.||For purpose of protection, detection and investigation of fraud, money laundering, criminal activity or other misuse of our service.For purpose of creating trustworthy, safe and reliable platform.|
|Usage Data: Information about the use of Services||Web browser type, server, IP address, language preference, referring site, and the time of each visit: analytics data: your email address, IP address and country code ;** technical data** website error, certain events and actions.||To customize, measure, and improve OpenNode Services and the content and layout of our website and applications.For behaviour statistics, business intelligence and email campaigns and to aid Google Analytics monitoring.For technical, security and/or fraud prevention.For quality control monitoring and improve our website and services as well as to prevent, detect and investigate fraud, criminal activity or other misuse of the services and to prevent security issues. To deliver targeted marketing, service update notices, and promotional offers based on your communication preferences.|
|Trade Data||Trade ID, initiated trades, payment method, advertisement information, buyer username, seller username, trade value (in fiat), trade value (in cryptocurrency), price, currency, timestamps of trade and trade chats as well as possible merchant invoice information and ATM trade data.||Consent; the performance of a contract, actions taken to enter into such a contract.For purpose. of our business model's operation.|
|Communication Data Exchanges of information||All communications such as messages, requests and other communication with our customer support.Communications through chat or email: Chats, email address, username, IP address, full name, audio and video files and in the case of manual ID verification: photo of the user's personal ID, photo of the user, and photo of the user's utility bill or related document.||For the purposes of communicating with you, record-keeping, in order to review and resolve disputes, serve our customers better and improve our service. For proper the purpose of administration of our website and business.|
|Notification Data Notifications by email, SMS notifications and/or newsletters||Email address, phone number, username and full name||For the purposes of sending you the relevant notifications and/or newsletters. The legal basis for this processing is consent. You can unsubscribe at any point by contacting us or by clicking the unsubscribe link in the email.|
In connection with a Digital Currency transfer between you, as a merchant, and a third party, the latter may share information about you with us, such as your email address or mobile phone number which may be used to inform you that a transfer has been sent to or received from the third party. We may use this information in connection with such transfers to confirm that you are an OpenNode customer, that Digital Currency transfers are enabled, and/or to notify you that you have received Digital Currency. If you request that we validate your status as an OpenNode customer with a third party, we will do so. You may also choose to send Digital Currency to or request Digital Currency from an email address. In such cases, your user name will be displayed in an email message notifying the user of the designated email address of your action.
Please note that merchants you interact with may have their own privacy policies, and OpenNode is not responsible for their operations, including, but not limited to, their information practices. Information collected by third parties, which may include such things as contact details or location data, is governed by their privacy practices. We encourage you to learn about the privacy practices of those third parties.
If you authorize one or more third-party applications to access your OpenNode Account, then information you have provided to OpenNode may be shared with those third parties. Unless you provide further authorization, these third parties are not allowed to use this information for any purpose other than to facilitate your transactions using OpenNode Services.
However, we cannot guarantee that loss, misuse, unauthorized acquisition, or alteration of your data will not occur. Please recognize that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorized access to or use of your account.
In addition, we may be compelled to share Personal Information with law enforcement, government officials, and regulators.
Section 326 of the USA PATRIOT ACT requires all financial institutions to obtain, verify, and record Personal Information that identifies each person who opens an account. This federal requirement applies to all new customers. This Personal Information is used to assist the United States government in the fight against the funding of terrorism and money-laundering activities. What this means for you: when you open an account, we ask you for your name, address, date of birth, and other identifying Personal Information.
In addition, we are a global company and thus may conduct business and collect Personal Information from individuals and institutions located within the European Economic Area ("EEA"). We are required to protect Personal Information processed in the EEA in accordance with the General Data Protection Regulation ("GDPR"). To understand more about how we protect the data we collect from individuals and institutions located within the EEA, please see the "Privacy Statement for Data Subjects Whose Personal Information May Be Collected in or from the EEA" section below.
If you want to opt out of receiving promotional and marketing emails, text messages, post and other forms of communications from us [or our promotional partners] in relation to which you might receive in accordance with this section, you can best opt out by using one of the following ways:
Log into your account and update your profile.
Click "unsubscribe" at the bottom of an email we sent you.
Contact us at firstname.lastname@example.org to opt-out.
If you do opt out of receiving promotional and marketing messages, we can still contact you regarding our business relationship with you, such as account status and activity updates, survey requests in respect of products and services we have provided to you after you reserve from us, reservation confirmations or respond to your inquiries or complaints, and similar communications.
You can opt-out of receiving promotional communications from OpenNode by unsubscribing in the settings on the Account Info page or by pressing the unsubscribe button in the message.
We may in some instances use your personal data, such as your country of residence and trade history, in order to better address your needs. When we do this, we take all necessary measures to ensure that your privacy and security are protected, and we only use anonymous or de-identified data.
We may use Automated Decision Making (ADM) in order to improve your experience, or to help fight financial crime. For example, so that we can provide you with a fast and efficient service, we may use ADM to verify your identity documents, or to confirm the accuracy of the information you have provided to us. None of our ADM processes have a legal effect on you.
Public Databases, Credit Bureaus & ID Verification Partners.** We obtain information about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publically available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. In some cases, we may process additional data about you based on public interest grounds to ensure our Services are not used fraudulently or for other illicit activities.
International transfers of personal information.** OpenNode participates in and has certified its compliance with the EU-U.S. Privacy Shield Framework. OpenNode is committed to subjecting all personal information received from European Union (EU) member countries, in reliance on the Privacy Shield Framework, to the Framework's applicable Principles. To learn more about the Privacy Shield Framework, visit the U.S. Department of Commerce's Privacy Shield List at https://www.privacyshield.gov.
OpenNode is responsible for the processing of personal information it receives under the Privacy Shield Framework and subsequently transfers to a third party acting as an agent on its behalf. Pursuant to the Privacy Shield Principles, OpenNode will use personal information only in ways that are compatible with the purposes for which it was collected or subsequently authorized by the individual. We will take all reasonable steps to ensure that personal information we process is limited to only what is relevant to the purposes for which it was collected and that it is accurate, complete, and up-to-date.
OpenNode complies with the Privacy Shield Principles for all onward transfers of personal information from the EU, including the onward transfer liability provisions. Consequently, before OpenNode shares your information with any third party that is not also certified under the E.U.-U.S. Privacy Shield Framework, OpenNode will enter into a written agreement that the third party provides at least the same level of privacy safeguard as required under those Frameworks and assures the same level of protection for the personal information as required under applicable data protection laws.
OpenNode commits to resolve European data subjects' complaints about their privacy and our collection, use or disclosure of their personal information in compliance with the EU-U.S. Privacy Shield Principles.
If you are a European data subject with an unresolved complaint or dispute arising under the requirements of the Privacy Shield Framework, we agree to refer your complaint under the Framework to an independent dispute resolution mechanism. Please refer to our terms and conditions for more details on the resolution of conflict mechanism and jurisdiction.
In some cases it is not possible for us to specify in advance the periods for which your personal data will be retained. In such cases, we will determine the period of retention based on the period we need to access the data for the provision of services, receiving payment, resolving your customer support issue or other issues or for any other auditing or legal reasons.
Notwithstanding the foregoing, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Children' personal information **. We do not knowingly request of collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, OpenNode will require the user to close his or her account and will not allow him to receive transfers in cryptocurrency. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
Anti-money-laundering and Combating terrorism**. For purposes of AML (anti-money-laundering) and CFT (Combating the Financing of Terrorism) OpenNode conducts - based on its legitimate interest to prevent fraud and misuse of its services (Art 6 para 1 lit f GDPR) - an examination of politically exposed persons and sanctioned persons in the course of the compliance department verification process by verifying User's identity through third party provider. Based on this Verification process, the Third Party provider will inform OpenNode whether the User is a politically exposed persons or sanctioned persons. For further information on the consequences resulting from violation of these provisions, please refer to OpenNode's Terms and Conditions.
Privacy related to digital assets and blockchain**. The completion of a Digital Asset transaction may be recorded on a public blockchain which constitutes a public distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Because blockchain are decentralized or third-party networks which are not controlled or operated by OpenNode or its affiliates, we are not able to erase, modify, or alter personal data from such networks.
Cookies may be either "persistent" cookies or "session" cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies. When you create an account, cookies may be used for the management of the signup process, for general administration and as prevention for abuse and misuse of our services. For example, cookies allow us to remember that you are logged your account.
You can prevent the setting of cookies by adjusting the settings on your browser which will cause automatic disabling of all functionality and features of this site or its applications. We strongly recommended that you do not disable cookies.