CryptoMate logo

Privacy Policy

Last Updated: October 8, 2025

I. GENERAL PROVISIONS

CryptoMate UAB, (private limited company, company code 306087584, registered at Vilnius, Architektų g. 56-101, Lithuania) (the "Company", "we", "us", or "our") administrates Cryptomate.me (the "Website" or the "Platform") and offers CryptoMate API services (the "APIs") and other services (all together hereinafter referred to as the "Services") available through the Platform.

This Privacy Policy (the "Policy") applies to any personal data you provide to us as an applicant, current customer, or former customer, and to your use of the Website and the Services. It explains how we collect, use, disclose, and protect your personal data in accordance with the Regulation (EU) 2016/679 (General Data Protection Regulation or "GDPR"), applicable U.S. federal and state privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CRPA), and U.S. financial privacy laws like the Gramm-Leach-Bliley Act (GLBA).

The Company is committed to protecting your personal data against unauthorized or unlawful processing and against accidental loss, destruction, or damage. We implement and maintain appropriate legal, organizational, technical, and physical security measures to safeguard your information.

By using our Website and Services, you confirm you have read, understood, and agree with this Policy. We reserve the right to amend this Policy at any time. The most current version will always be posted on our Website, and we will notify you of any material changes as required by law.

II. PERSONAL DATA MANAGEMENT PRINCIPLES

The Company undertakes to ensure your personal data is:

III. LAWFULNESS OF PERSONAL DATA PROCESSING

Your personal data will be processed based on one or more of the following legal grounds:

IV. PURPOSES FOR PROCESSING YOUR PERSONAL DATA

In addition to the purposes stated elsewhere, we use your data for the following:

V. HOW WE COLLECT YOUR DATA

The Company collects your personal data when you:

VI. CATEGORIES OF DATA WE PROCESS

We may process the following categories of personal data (this list is not exhaustive):

VII. PERSONAL DATA RECIPIENTS

Your personal data may be shared with the following categories of recipients:

We process your data primarily within the European Economic Area (EEA). If we transfer your data outside the EEA, we will ensure it is protected by implementing safeguards such as Standard Contractual Clauses approved by the European Commission or by transferring to countries deemed to provide an adequate level of data protection.

VIII. U.S. GRAMM-LEACH-BLILEY ACT (GLBA) NOTICE

For U.S. customers, this notice explains how we collect, use, and share your "nonpublic personal information" (NPI) under the GLBA.

What does CryptoMate UAB do with your personal information?

Why? Financial companies choose how they share your personal information. Federal law gives consumers the right to limit some but not all sharing. This notice tells you how we collect, share, and protect your personal information.

What? The types of personal information we collect and share depend on the product or service you have with us. This information can include: Social Security number and income; Account balances and transaction history; Credit history and payment history.

How? All financial companies need to share customers' personal information to run their everyday business. In the section below, we list the reasons financial companies can share their customers' personal information; the reasons CryptoMate UAB chooses to share; and whether you can limit this sharing.

Reasons we can share your personal informationDoes CryptoMate UAB share?Can you limit this sharing?
For our everyday business purposes—such as to process your transactions, maintain your account(s), respond to court orders and legal investigations, or report to credit bureausYesNo
For our marketing purposes—to offer our products and services to youYesNo
For joint marketing with other financial companiesNoWe don't share
For our affiliates' everyday business purposes—information about your transactions and experiencesYesNo
For our affiliates to market to youNoWe don't share
For nonaffiliates to market to youNoWe don't share

Who is providing this notice? CryptoMate UAB.

IX. DATA RETENTION AND STORAGE

We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, regulatory, accounting, or reporting requirements.

To comply with financial regulations, including AML and anti-fraud obligations, we are required to retain personal data related to your account and transaction history for a period of at least five (5) years after the termination of your business relationship with us. After this period, your personal data will be securely deleted or anonymized.

X. INFORMATION SECURITY

We are committed to protecting your information. We implement robust technical and organizational security measures to protect your personal data against unauthorized access, processing, disclosure, alteration, or destruction. These measures include:

XI. CHILDREN'S PRIVACY

Our Services are not intended for or directed at individuals under the age of 18 ("Children"). We do not knowingly collect personal data from Children. If you are a parent or guardian and you become aware that your child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

XII. YOUR RIGHTS REGARDING PERSONAL DATA (GDPR)

For individuals in the EEA, you have certain legal rights in relation to your personal data, including:

You may exercise these rights by contacting us at support@cryptomate.me. We will respond to your request within one month, though this period may be extended for complex requests.

XIII. YOUR U.S. STATE PRIVACY RIGHTS

This section provides additional details for residents of certain U.S. states, such as California, Colorado, and Virginia. Your rights may vary depending on your state of residence.

For California Residents (CCPA/CRPA):

You have the following rights regarding your personal information:

To exercise these rights, please contact us at support@cryptomate.me. We will verify your request using the information associated with your account.

Do Not Track Signals: Some web browsers transmit "do-not-track" signals. At this time, we do not take action in response to these signals.

XIV. YOUR RESPONSIBILITIES

You are responsible for providing correct and up-to-date information. You are also responsible for maintaining the security of your account credentials and for any activity that occurs under your account. We strongly recommend you use a unique, complex password and enable all available security features.

XV. DISPUTE RESOLUTION BY BINDING ARBITRATION

Please read this section carefully as it requires you to arbitrate disputes with us and limits the manner in which you can seek relief.

You agree that any dispute, claim, or controversy arising out of or relating to this Privacy Policy shall be resolved by binding arbitration on an individual basis. The arbitration will be administered by a mutually agreed-upon arbitration service. This arbitration provision shall not apply to disputes in which either party seeks equitable relief for the alleged unlawful use of copyrights, trademarks, or other intellectual property.

You and CryptoMate UAB also agree to waive any right to a jury trial and to participate in a class action lawsuit or class-wide arbitration.

XVI. CONTACT DETAILS

If you have any questions regarding this Policy or wish to exercise your rights, please contact our Data Protection Officer at: support@cryptomate.me

For formal notices, you may also contact us by mail at:

CryptoMate UAB
Architektų g. 56-101
Vilnius, Lithuania

If you believe your data protection rights have been violated, you have the right to lodge a complaint with the State Data Protection Inspectorate of Lithuania or your local supervisory authority.

XVII. FINAL PROVISIONS

This Policy shall be governed by and construed in accordance with the laws of the Republic of Lithuania, without regard to its conflict of law provisions.

Our Website may contain links to third-party sites. This Policy does not apply to those sites, and we are not responsible for their privacy practices. Please review the privacy policies of any third-party sites you visit.