Privacy Policy

Privacy Policy for Credit Union Company Ltd Effective Date: April 8, 2026 1. Introduction At Credit Union Company Ltd ("the Company," "we," "us"), we respect your privacy and are committed to protecting your personal data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our cryptocurrency exchange and trading platform. 2. Information We Collect To provide a secure trading environment and meet regulatory requirements, we collect: Identity Data: Full name, date of birth, gender, and tax identification number. Verification Data: Government-issued ID (Passport, Driver’s License), "selfie" photos for facial recognition, and proof of residence. Financial Data: Bank account details, source of funds, and credit/debit card information. Transaction Data: Details about the digital assets you buy, sell, or trade, including wallet addresses and transaction timestamps. Technical & Usage Data: IP address, browser type, device fingerprints, and geolocation data (to ensure compliance with regional restrictions). 3. How We Use Your Data We process your data based on legal obligations, contract necessity, and legitimate business interests: Identity Verification: To fulfill mandatory KYC (Know Your Customer) and AML (Anti-Money Laundering) legal requirements. Service Delivery: To process your trades, manage your wallet, and provide customer support. Security & Fraud Prevention: To monitor for suspicious login activity, "wash trading," or unauthorized access. Communication: To send you transaction receipts, security alerts, and updates to our terms. 4. Blockchain Transparency (Crucial Disclosure) By using our services, you acknowledge that: Public Record: Transaction data (such as your wallet address and the amount of assets sent) is recorded on a public blockchain. Immutability: Data recorded on a blockchain cannot be deleted or changed. While we can delete your account data from our private servers, your transaction history on the blockchain is permanent and public. 5. Data Sharing and Disclosure We do not sell your personal information. However, we may share data with: Regulatory Authorities: When required by law, subpoena, or a formal request from financial intelligence units. Verification Partners: Third-party services that assist in validating your identity and screening against global sanctions lists. Banking Partners: Financial institutions that facilitate fiat-to-crypto transfers. 6. International Data Transfers Your data may be transferred to and maintained on servers located outside of your home country. We implement Standard Contractual Clauses (SCCs) and utilize AES-256 encryption to ensure your data remains protected under equivalent privacy standards (such as GDPR and CCPA). 7. Your Data Rights Under modern privacy regulations (as of 2026), you have the right to: Access: Request a copy of the personal data we hold about you. Correction: Request that we update or fix inaccurate information. Deletion ("Right to be Forgotten"): Request that we delete your data (subject to our 5-year legal retention requirements for financial records). Opt-Out: Stop your data from being used for non-essential marketing or automated profiling. 8. Data Retention In accordance with global financial regulations, we are required to retain Identity and Transaction data for a minimum of five (5) years after an account is closed. After this period, data is securely purged or anonymized. 9. Security Measures We employ industry-leading security, including: Cold storage for the majority of digital assets. Multi-factor authentication (MFA). End-to-end encryption for all sensitive personal data. 10. Contact Us For any privacy-related inquiries or to exercise your data rights, please contact our Data Protection Officer at: Email: privacy@creditunioncompany.ltd