Legal

Privacy Policy

Last updated: March 2026

KryptoSwiss Investment SA (“KryptoSwiss,” “we,” “us,” or “our”) is committed to protecting the privacy of our users. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our platform and services. By using KryptoSwiss, you consent to the practices described in this policy.

Information We Collect

We collect information that you provide directly to us, as well as information generated through your use of the Platform. This includes:

  • Account Information: Name, email address, phone number, date of birth, and nationality provided during registration.
  • Identity Verification Data: Government-issued identification documents, proof of address, selfie photographs, and other information required for KYC/AML compliance.
  • Financial Information: Wallet addresses, transaction history, trading activity, and account balances.
  • Technical Data: IP address, browser type and version, device identifiers, operating system, time zone, and access timestamps.
  • Usage Data: Pages visited, features used, clickstream data, and interaction patterns on the Platform.
  • Communications: Records of correspondence with our support team, feedback, and survey responses.

How We Use Your Information

We process your personal information for the following purposes:

  • To provide, operate, and maintain the Services, including executing trades and processing transactions
  • To verify your identity and comply with KYC/AML and other regulatory obligations
  • To communicate with you, including sending service-related notices, security alerts, and support messages
  • To detect, prevent, and address fraud, abuse, security incidents, and technical issues
  • To analyze usage trends and improve the Platform's functionality, performance, and user experience
  • To enforce our Terms of Service and protect the rights, property, and safety of KryptoSwiss and its users
  • To comply with applicable laws, regulations, legal processes, and governmental requests

Data Sharing

We do not sell your personal information to third parties. We may share your information in the following limited circumstances:

  • Service Providers: We engage trusted third-party vendors to perform services on our behalf, such as identity verification, cloud hosting, analytics, and customer support. These providers are contractually obligated to protect your data.
  • Legal Requirements: We may disclose your information when required by law, regulation, court order, or governmental authority, or when we believe disclosure is necessary to protect our rights or the safety of our users.
  • Business Transfers: In the event of a merger, acquisition, or sale of assets, your personal information may be transferred as part of that transaction, subject to standard confidentiality agreements.
  • With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

Cookies and Tracking Technologies

We use cookies and similar tracking technologies to collect information about your browsing activity and preferences. These technologies help us:

  • Maintain your session and remember your preferences
  • Analyze platform usage and performance metrics
  • Enhance security and detect fraudulent activity
  • Deliver relevant content and improve user experience

You can manage your cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of the Platform.

Data Retention

We retain your personal information for as long as your account is active or as needed to provide you with the Services. After account closure, we may retain certain data for a period of up to seven (7) years to comply with legal, regulatory, and accounting obligations, resolve disputes, and enforce our agreements.

Transaction records and identity verification data may be retained for longer periods as required by applicable anti-money laundering regulations and Swiss financial law.

Your Rights (GDPR)

If you are located in the European Economic Area (EEA), the United Kingdom, or Switzerland, you have the following rights under applicable data protection laws:

  • Right of Access: You may request a copy of the personal data we hold about you.
  • Right to Rectification: You may request that we correct any inaccurate or incomplete personal data.
  • Right to Erasure: You may request the deletion of your personal data, subject to our legal obligations to retain certain information.
  • Right to Restriction: You may request that we restrict the processing of your personal data in certain circumstances.
  • Right to Data Portability: You may request to receive your personal data in a structured, commonly used, machine-readable format.
  • Right to Object: You may object to the processing of your personal data for direct marketing or other purposes based on legitimate interests.
  • Right to Withdraw Consent: Where processing is based on your consent, you may withdraw consent at any time without affecting the lawfulness of prior processing.

To exercise any of these rights, please contact us at support@kryptoswiss.io. We will respond to your request within 30 days.

Security

We implement robust technical and organisational measures to protect your personal information against unauthorised access, alteration, disclosure, or destruction. These measures include:

  • End-to-end encryption for data in transit and at rest
  • Multi-factor authentication and access controls
  • Regular security audits and penetration testing
  • Intrusion detection and monitoring systems
  • Employee training on data protection and security best practices

While we strive to protect your personal information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security and encourage you to take steps to protect your own account credentials.

International Transfers

Your personal information may be transferred to and processed in countries other than your country of residence. These countries may have data protection laws that are different from the laws of your country.

When we transfer personal data outside of the EEA or Switzerland, we ensure that appropriate safeguards are in place, including Standard Contractual Clauses (SCCs) approved by the European Commission, or reliance on adequacy decisions where applicable.

Children's Privacy

The Services are not directed to individuals under the age of 18, and we do not knowingly collect personal information from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to promptly delete that information. If you believe we have collected information from a child, please contact us immediately at support@kryptoswiss.io.

Contact Us

If you have any questions about this Privacy Policy or our data practices, please contact our Data Protection Officer:

KryptoSwiss Investment SA — Data Protection Officer
Pl. de Longemalle 1, 1204 Genève, Switzerland
Email: support@kryptoswiss.io
Web: kryptoswiss.io