Legal

Privacy Policy

Last updated: November 13, 2025

1. Introduction

Domus Crypto S.r.l. ("we", "us", or "our") respects your privacy and is committed to protecting your personal data. This privacy policy will inform you about how we look after your personal data when you visit our website and tell you about your privacy rights and how the law protects you.

This privacy policy applies to information we collect about you when you use our website, products, and services (collectively, "Services").

2. Data Controller

Domus Crypto S.r.l. is the data controller responsible for your personal data.

Company: Domus Crypto S.r.l.

Address: Via Cefalonia, 70, 25124 Brescia, Italy

VAT: IT04412270987

Email: [email protected]

3. Information We Collect

We collect and process the following categories of personal data:

3.1 Information You Provide

  • Account information (name, email address, password)
  • Profile information (username, preferences)
  • Communication data (support requests, feedback)
  • Transaction data (if applicable)

3.2 Information Collected Automatically

  • Device information (IP address, browser type, operating system)
  • Usage data (pages visited, time spent, features used)
  • Cookies and similar technologies (see our Cookie Policy)
  • Log data (access times, error logs)

3.3 Blockchain Data

  • Wallet addresses (public blockchain addresses)
  • Transaction history (on-chain activity)
  • Smart contract interactions

Note: Blockchain data is publicly available and immutable by nature. We do not control data recorded on public blockchains.

4. How We Use Your Information

We use your personal data for the following purposes under GDPR Article 6:

4.1 Contract Performance (Art. 6(1)(b) GDPR)

  • Providing and maintaining our Services
  • Processing transactions and executing trades
  • Managing your account and authentication
  • Customer support and communication

4.2 Legitimate Interests (Art. 6(1)(f) GDPR)

  • Improving and optimizing our Services
  • Security monitoring and fraud prevention
  • Analytics and performance measurement
  • Marketing communications (with opt-out option)

4.3 Legal Obligations (Art. 6(1)(c) GDPR)

  • Compliance with applicable laws and regulations
  • Responding to legal requests and court orders
  • Anti-money laundering (AML) and know-your-customer (KYC) requirements

4.4 Consent (Art. 6(1)(a) GDPR)

  • Marketing communications (where required)
  • Optional features and services
  • Cookies and similar technologies (see Cookie Policy)

5. Data Sharing and Disclosure

We may share your personal data with the following categories of recipients:

5.1 Service Providers

  • Cloud hosting providers (infrastructure)
  • Payment processors and financial institutions
  • Analytics and monitoring services
  • Customer support platforms

All service providers are contractually bound to protect your data and only process it according to our instructions.

5.2 Legal Requirements

We may disclose your information when required by law, regulation, legal process, or governmental request.

5.3 Business Transfers

In the event of a merger, acquisition, or sale of assets, your personal data may be transferred to the successor entity.

6. International Data Transfers

Your personal data may be transferred to and processed in countries outside the European Economic Area (EEA). When we transfer data internationally, we ensure appropriate safeguards are in place, including:

  • EU Standard Contractual Clauses (SCCs)
  • Adequacy decisions by the European Commission
  • Privacy Shield certification (where applicable)
  • Other legally recognized transfer mechanisms

7. Data Retention

We retain your personal data only for as long as necessary to fulfill the purposes outlined in this privacy policy, unless a longer retention period is required or permitted by law.

Account data: Retained while your account is active and for up to 7 years after closure for legal and regulatory compliance

Transaction data: Retained for 10 years to comply with financial regulations

Marketing data: Retained until you withdraw consent or for 3 years of inactivity

Technical logs: Retained for up to 12 months for security and debugging purposes

8. Your Rights Under GDPR

Under the General Data Protection Regulation (GDPR), you have the following rights:

Right to Access (Art. 15)

Request a copy of your personal data we hold

Right to Rectification (Art. 16)

Correct inaccurate or incomplete personal data

Right to Erasure (Art. 17)

Request deletion of your personal data ("right to be forgotten")

Right to Restriction (Art. 18)

Restrict processing of your personal data in certain circumstances

Right to Data Portability (Art. 20)

Receive your personal data in a structured, machine-readable format

Right to Object (Art. 21)

Object to processing based on legitimate interests or direct marketing

Right to Withdraw Consent (Art. 7(3))

Withdraw consent at any time where processing is based on consent

Right to Lodge a Complaint

File a complaint with your local data protection authority

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within 30 days.

9. Security Measures

We implement appropriate technical and organizational measures to protect your personal data against unauthorized access, alteration, disclosure, or destruction, including:

  • Encryption in transit (TLS/SSL) and at rest
  • Access controls and authentication mechanisms
  • Regular security audits and penetration testing
  • Employee training on data protection
  • Incident response and breach notification procedures

However, no method of transmission over the Internet is 100% secure. While we strive to protect your data, we cannot guarantee absolute security.

10. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us immediately, and we will take steps to delete such information.

11. Third-Party Links

Our website may contain links to third-party websites, plugins, and applications. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

12. Changes to This Privacy Policy

We may update this privacy policy from time to time. We will notify you of any material changes by posting the new policy on this page and updating the "Last updated" date. Your continued use of our Services after such changes constitutes acceptance of the updated policy.

13. Contact Us

If you have any questions about this privacy policy or our data practices, please contact us:

Email: [email protected]

Address: Via Cefalonia, 70, 25124 Brescia, Italy

Data Protection Officer: [email protected]

You also have the right to lodge a complaint with the Italian Data Protection Authority (Garante per la protezione dei dati personali): www.garanteprivacy.it