Profile Picture

Coinmetro

Coinmetro Mobile App Privacy Policy (iOS & Android)

Effective date: 22 August 2025
Who we are: Coinmetro OÜ (Estonia, reg. no. 14448371), Tartu mnt 84a-402, Tallinn 10112, Estonia.
Contact: legal@coinmetro.com

This Mobile App Privacy Policy (“Policy”) explains how we collect, use, share, and protect personal data in the Coinmetro iOS and Android apps (the “App”). It complements the Coinmetro Privacy Policy (website) you provided and is tailored to App Store and Google Play requirements. Where there is any conflict, this Policy governs App-specific practices.

1) Scope

This Policy covers data handled by the Coinmetro mobile app in connection with account creation, identity verification (KYC/AML), app usage, support, and legal compliance. It does not replace platform terms from Apple or Google.

2) What we collect (App)

Depending on how you use the App, we may collect:

  • Account & identification: name, date of birth, nationality, tax ID, contact details; identity/addresses docs and selfies for KYC (via your camera or photo library); employment data (if required by law).
  • Financial data: bank details, payment instrument identifiers, transaction history on Coinmetro.
  • Blockchain identifiers: addresses and public keys; transaction metadata.
  • Device & app info: app version, device model/OS, IP address, language, crash/diagnostics, performance/interaction events.
  • Location (approximate): IP-based or OS signals (for fraud prevention, compliance, localization).
  • Communications: support messages, feedback, survey responses, and metadata.

3) Sources

  • Directly from you (registration, KYC, support).
  • Automatically via the App (device, diagnostics, usage).
  • From third parties where lawful (KYC/AML providers, sanctions/PEP lists, analytics/crash services), and public sources (e.g., blockchains).

4) Purposes & legal bases

  • Provide the App and services; perform our contract (create/secure your account, process transactions, support, notifications).
  • Legal obligations (KYC/AML, fraud prevention, recordkeeping, regulatory reporting).
  • Legitimate interests (service improvement, security, analytics, planning).
  • Consent (where required by law, e.g., certain marketing communications or specific OS permissions).

5) Mobile permissions (how we use them)

  • Camera / Photos: capture or upload identity documents and selfies for verification; optional document re-submissions.
  • Face ID / Touch ID: biometric unlock for convenience/authentication (stored by your device OS; we do not receive your biometric template).
  • Notifications: service and security alerts; you can disable in OS settings.
  • Location (approximate): compliance/fraud prevention and content localization.
  • We do not access Contacts, Calendar, SMS, or Microphone for App functionality.

6) Analytics, diagnostics & tracking

  • We use analytics and crash reporting to understand performance and fix issues.
  • Cross-app tracking for advertising: If we ever use Apple’s AppTrackingTransparency (ATT), we will request your permission first. At the time of this Policy, the App does not request ATT. Apple Developer

7) Sharing your data

We share personal data only as needed with:

  • Processors (KYC/AML vendors, cloud hosting, analytics/crash reporting, email/push providers) under data processing agreements;
  • Financial partners (payment institutions, banks, card networks) to execute transactions;
  • Authorities/regulators where required by law;
  • Professional advisers (legal, compliance, auditors);
  • Corporate transactions (merger/acquisition) with safeguards.
    We do not sell your personal data.

8) International transfers

Where data is transferred outside the EEA, we use safeguards such as the EU Standard Contractual Clauses or other lawful mechanisms.

9) Security

We apply technical and organizational measures appropriate to risk (encryption in transit, access controls, monitoring). On Google Play, your store listing will reflect that data is encrypted in transit and that you can request deletion (see section 12). Google Help

10) Retention

We retain data as long as needed for the purposes above and as required by law (e.g., AML recordkeeping). Different categories may have different retention periods per law and business needs.

11) Your rights

Subject to law (e.g., GDPR), you may request access, rectification, erasure, restriction, portability, or object where applicable. Some rights may be limited by legal obligations (e.g., AML). To exercise rights, contact legal@coinmetro.com or use in-app settings where available.

12) Account & data deletion (Google Play & iOS)

If you created an account, you can:

  • In-app: go to Profile/Settings → Account → Delete account (this triggers account closure and a data deletion workflow, subject to legal retention requirements).
  • Web request: submit a deletion request via legal@coinmetro.com with the email tied to your account.
    We will delete or anonymize data that we are not legally required to keep (e.g., AML laws may require us to retain certain records for a statutory period). This satisfies Google Play’s account/data deletion requirement and Apple’s transparency expectations.
    Google Help
    Apple Developer

13) Children

The App is not directed to children and is intended for adults only (financial services with KYC). We do not knowingly collect data from minors.

14) Cookies/SDKs

The App may use SDKs that function like cookies to deliver features, analytics, and diagnostics. Where an SDK acts as a processor, we bind it by contract; where a provider acts as an independent controller (rare), they must have a lawful basis and provide notice. A detailed list of processors is available on request.

15) Changes

We may update this Policy from time to time. Material changes will be communicated in-app and/or by email. The latest version will be available at the policy URL.

16) Contact & complaints

Controller: Coinmetro OÜ
Email: legal@coinmetro.com

You may also contact the Estonian Data Protection Inspectorate or your local authority.