Privacy Policy

1. Introduction

Kotova ("we," "our," or "us") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website and use our cryptocurrency exchange and financial services.

By using our services, you agree to the collection and use of information in accordance with this policy. If you do not agree with our policies and practices, please do not use our services.

2. Data Controller

3. Information We Collect

Personal Information

We may collect the following types of personal information:

• Identity Data: Full name, date of birth
• Contact Data: Email address, telephone number, residential address
• Financial Data: Crypto token address, bank account details, transaction history
• Technical Data: IP address, browser type, device information, operating system
• Usage Data: Information about how you use our website and services

4. How We Use Your Information

We use the collected information for the following purposes:

• Service Provision: To provide, operate, and maintain our cryptocurrency exchange services
• Transaction Processing: To process your cryptocurrency and fiat currency transactions
• Communication: To send you service updates, security alerts, and support messages
• Legal Compliance: To comply with applicable laws, regulations, and legal processes
• Fraud Prevention: To detect, prevent, and address fraud and security issues
• Analytics: To analyze usage patterns and improve our services

5. Legal Basis for Processing (GDPR)

Under the General Data Protection Regulation (GDPR), we process your personal data based on the following legal grounds:

• Contract Performance: Processing necessary to fulfill our contractual obligations to you
• Legitimate Interests: Processing for our legitimate business interests, such as fraud prevention
• Consent: Where you have given explicit consent for specific processing activities

6. Data Sharing and Disclosure

We may share your personal information with:

• Service Providers: Third-party vendors who assist in our operations (payment processors, identity verification services)
• Legal Authorities: When required by law or in response to valid legal requests
• Financial Institutions: Banks and payment service providers for transaction processing
• Business Transfers: In connection with a merger, acquisition, or sale of assets

We do not sell your personal information to third parties for marketing purposes.

7. International Data Transfers

Your information may be transferred to and processed in countries outside of the European Economic Area (EEA). When we transfer data outside the EEA, we ensure appropriate safeguards are in place, such as:

• Standard Contractual Clauses approved by the European Commission
• Transfers to countries with adequate data protection laws
• Other legally approved transfer mechanisms

8. Data Retention

We retain your personal data for as long as necessary to:

• Provide our services to you
• Comply with legal obligations
• Resolve disputes and enforce our agreements

Your privacy matters. We permanently erase all information that could identify you or connect your crypto address to you or other activities the moment our systems no longer need it to process your transaction.

9. Your Rights (GDPR)

Under the GDPR, you have the following rights:

• Right of Access: Request a copy of your personal data
• Right to Rectification: Request correction of inaccurate data
• Right to Erasure: Request deletion of your data (subject to legal retention requirements)
• Right to Restrict Processing: Request limitation of data processing
• Right to Data Portability: Receive your data in a structured, machine-readable format
• Right to Object: Object to processing based on legitimate interests
• Right to Withdraw Consent: Withdraw consent at any time where processing is based on consent

To exercise these rights, please contact us at [Enable JavaScript].

10. Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Ensure proper functioning of our website
• Remember your preferences
• Analyze website traffic and usage patterns
• Enhance security

You can control cookie preferences through your browser settings. Note that disabling certain cookies may affect website functionality.

11. Security Measures

We implement appropriate technical and organizational measures to protect your personal data, including:

• Encryption of data in transit and at rest
• Secure access controls and authentication
• Regular security assessments and audits
• Employee training on data protection

While we strive to protect your data, no method of transmission over the internet is 100% secure. We cannot guarantee absolute security.

12. Children's Privacy

Our services are not intended for individuals under the age of 18. We do not knowingly collect personal information from minors. If you believe we have collected data from a minor, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. We encourage you to review this policy periodically.

14. Contact Us

If you have questions about this Privacy Policy or wish to exercise your rights, please contact us:

15. Supervisory Authority

You have the right to lodge a complaint with a supervisory authority. In Hamburg, this is: