processing, use and storage of your personal data by Deribit.
Deribit is a platform operated by Deribit B.V., incorporated in the Netherlands and registered with the Dutch Chamber of Commerce under the number 69402132, with its registered address Stationsstraat 2, 3851 NH Ermelo, in the Netherlands.
- The types of personal data we collect and how it may be used;
- How and why we may disclose your personal data to third parties;
- The transfer of your personal data within and outside of the European Economic Ares (‘EEA’);
- Your rights concerning your personal data;
- The security measures we use to protect and prevent the loss, misuse or alternation of your personal data, and
- Our retention of your personal data.
Collection and use of personal data
We collect personal data that you provide to us when you create an account on our website.
We may collect the following personal data from you:
- Email address
- Identity verification information (images of passport/driver’s license/ID card)
- Residency verification information (e.g. utility bill)
- Login details (username and password)
- Information about the use of our services (when you were logged in and what your activities were)
- Information from communication between you and us (email, chat support)
In addition, we collect data about your device, browser, operating system, network system and IP address when you visit our website or use our services. This is for statistical purposes, so it does not identify individuals.
Lastly, we may collect data from public sources (e.g. Chamber of Commerce) to verify your (corporate) information.
Why we collect your personal data
We need your personal data, such as your contact details, to provide our services. In addition, we are required to collect your personal data in order to be compliant with regulations regarding Know-Your-Customer (KYC), Anti-Money Laundering (AML) and Counter Financing of Terrorism. For this reason, we may choose to not delete your personal data if relevant to an investigation or dispute.
We are obliged to retain your personal data for the mandatory retention period based on the applicable law.
It is possible to disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features on our website.
How we use your personal data
We may use your personal data to:
- Create and administer your Deribit account;
- Verify your identity;
- Process your trades;
- Analyse your use of our website;
- Provide you customer support;
- Contact you about our services and updates.
We may provide you with updates and newsletters by email. We may also administer a survey or promotion. We shall do this only if you have given your consent or if we are permitted to do so otherwise. If you do not wish to receive emails about our updates, newsletters, surveys or promotions, please send an email to firstname.lastname@example.org.
Disclosure to third parties
We may transfer your personal data to a public or regulatory authority if we are required to do so by law or under any regulatory code or practice we follow.
We may share your personal data with law enforcement, data protection authorities, government officials and other authorities when compelled by court order or other legal procedure or when disclosure is necessary to report suspected illegal activity.
We may transfer your personal data if we are defending a legal claim.
We will not sell, exchange or share your personal data with any other third parties without your consent, except to provide our services or if we are required by law.
Your statutory rights
You have certain rights concerning your personal data. Please find below a list of your rights. If you would like to exercise these rights, please send an email to email@example.com.
Access: you are entitled to ask us if we are processing your personal data. If we are, you are entitled to ask which personal data we are processing and request us to have access to your personal data. You are entitled to receive a copy of the personal data we hold about you.
Correction: you are entitled to request us to correct any incomplete or inaccurate personal data we hold about you.
Deletion: you are entitled to request us to delete your personal data. There are exceptions where we may refuse such a request, for example if we are required to hold your personal data for compliance with law or in connection with claims.
Restriction: you are entitled to ask us to suspend the processing of (certain of) your personal data.
Objection: you are entitled to object the process of your personal data by us. However, we are entitled to deny your appeal and continue processing your personal data if we are legally required to do so or if the process is relevant legal claims. During the investigation of your objection, will suspend the process of your personal data.
File a complaint: you are entitled to file a complaint about the way we process your personal data with the supervisory authority in the EU country where you are resident, where we are based or where an alleged infringement of the GDPR has taken place. In the Netherlands, you can file a complaint with the Dutch supervisory authority, the Autoriteit Persoonsgegevens (www.autoriteitpersoonsgegevens.nl).
Transfer: you are entitled to request us to transfer (certain of) your personal data to you or to another party.
Security: We use several security measures to ensure the confidentiality of your personal data, and to protect your personal data from loss, theft, unauthorised access, misuse, alteration or destruction. Your personal data is encrypted with Secure Sockets Layered (SSL) technology. Our directories and databases are password protected.
Only authorised personnel have access to your personal data. These personnel are required to treat the information as highly confidential.
We never ask you for financial information or payment details, such as your credit card number, bank account number, password, passcode or pin number in an email, text or any other communication that we send to you. If you receive a suspicious request for your personal data or financial information, please do not provide any information, and contact us immediately via firstname.lastname@example.org.
Never share your password with anyone. Representatives of Deribit will never ask you to provide them with your password. If you suspect an unauthorized use or any other breach of security involving your personal data, please notify us immediately via email@example.com.
Retention of personal data
To fulfil our legal and regulatory obligations, we are required to retain your personal data for at least five years after you have closed your account. If there is an ongoing legal or financial claim, we may retain your personal data longer.