Contact the Cryptonix sales team
Our team is ready to guide your business through every step of its crypto adoption journey.
Book a demo with Cryptonix
Schedule a session with our team and discover how Cryptonix's crypto payments ecosystem can meet your business needs.
Register

    *

    Allready have an account? Please Login
    Thank you for reaching out!

    Our team will contact you within one business day to begin the integration process.

    Contact us
    Businesses
    Integration Methods
    Tools
    • Cryptonix
    • Privacy policy for cryptonix mobile application

    Privacy policy for cryptonix mobile application

      Effective Date: October 13, 2025

      Data Controller: CRYPTONIX d.o.o., Spasovdanska 41a, Lukavica, Istočno Novo Sarajevo, JIB: 4405474360002, MB: 18102250

      Contact Email for Privacy Inquiries: [email protected] 

       

      1. Introduction

      This Privacy Policy (“Policy”) explains how CRYPTONIX d.o.o. (“we,” “us,” “our”) collects, uses, discloses, and protects your personal information when you use the Cryptonix mobile application (“the App”) and its related services, including cryptocurrency wallet, invoicing, exchange services, and future debit card integration.

      By using the App, you consent to the data practices described in this Policy. If you do not agree with these practices, you must not use our App.

       

      2. Information we collect

      We collect information to provide, secure, and improve our services, and to comply with legal obligations. The data we collect falls into the following categories:

       

      2.1. Information You Provide Directly:

      a) Account Information: When you create an account or undergo verification, we may collect your name, email address, telephone number, and date of birth.

      b) KYC/AML Data: To access certain features, we may require you to provide identification documents (such as a passport, driver’s license, or national ID), proof of address, and a “selfie” for identity verification, processed by our third-party providers.

      c) Communications: Records of your communications with our support team.

       

      2.2. Information Collected Automatically:

      a) Technical Device Data: Your device’s IP address, unique device identifiers (e.g., IDFA, Android ID), operating system, browser type, and mobile network information.

      b) App Usage Data: Information about your interactions with the App, such as features you use, transaction history, session length, and crash logs.

      c) Wallet Addresses and Transaction Hashes: Public blockchain addresses you control and the hashes of transactions you initiate.

       

      2.3. Information from Third Parties:

      a) We receive verification results and risk scores from our KYC/AML providers (e.g., Sumsub).

      b) We may obtain information about your transaction success/failure status from our exchange and payment partners.

      c) We may use analytics providers (e.g., Google Firebase) to collect aggregated usage data.

       

      3. The special nature of blockchain data

      CRITICAL NOTE ON PUBLIC BLOCKCHAINS: The App is a non-custodial wallet interfacing with public, decentralized blockchain networks. Any transactions you broadcast are confirmed and recorded on the respective public ledger. This means:

      Permanent and Public: Your blockchain addresses and transaction details (including amount, sender, and receiver) are publicly accessible and immutable. They cannot be altered, hidden, or deleted.

      No Control: We have no control over and cannot be responsible for the information you choose to record on a public blockchain.

      Pseudonymity: While your wallet address is public, it may not directly identify you. However, through sophisticated analysis or by linking your address to other information, third parties may be able to de-anonymize your transactions.

       

      4. How we use your information

      We use the information we collect for the following purposes:

      Purpose of Use Legal Basis (under GDPR)
      To provide, operate, and maintain the App (e.g., processing transactions, creating invoices). Performance of a Contract
      To verify your identity and comply with KYC/AML regulations. Legal Obligation
      To protect you and our services from fraud, security threats, and abuse. Legitimate Interest
      To provide customer support and respond to your inquiries. Performance of a Contract
      To send you critical service updates, security alerts, and administrative messages. Legitimate Interest / Legal Obligation
      To improve the App’s functionality, user experience, and develop new features. Legitimate Interest
      To comply with applicable laws, regulations, and lawful requests from authorities. Legal Obligation

      5. Sharing and Disclosing Your Information

      We do not sell your personal data. We may share your information in the following limited circumstances:

      With Your Consent: For specific purposes not listed here, with your explicit consent.

      Third-Party Service Providers: We engage trusted partners who process data on our behalf under strict Data Processing Agreements (DPAs). These include:

      KYC/AML Verification Services: (e.g., Sumsub) to verify your identity.

      Cloud and Infrastructure Providers: (e.g., AWS, Google Cloud) for hosting and data storage.

      Analytics Providers: (e.g., Google Firebase) to understand app usage patterns.

      Exchange and Payment Partners: To facilitate cryptocurrency exchanges and future card operations.

      For Legal Reasons: We may disclose information if required by law, subpoena, or other legal processes, or to protect the rights, property, and safety of our users, ourselves, or the public.

      Business Transfers: In the event of a merger, acquisition, or sale of all or a portion of our assets, your data may be transferred to the new entity, subject to the same Privacy Policy.

       

      6. International Data Transfers

      Your personal data may be processed in countries outside of Bosnia and Herzegovina (e.g., by our third-party providers). When we transfer data to a country not deemed to provide an adequate level of protection, we ensure appropriate safeguards are in place, such as the European Commission’s Standard Contractual Clauses (SCCs) or your explicit consent.

       

      7. Data Security

      We implement robust technical and organizational measures to protect your data, including:

      a) Encryption of sensitive data in transit and at rest.

      b) Strict access controls and authentication procedures.

      c) Regular security assessments and monitoring.

      d) Physical security measures at our data centers.

      However, no method of transmission over the Internet or electronic storage is 100% secure. Therefore, while we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security.

       

      8. Data Retention

      We retain your personal data only for as long as necessary to fulfill the purposes outlined in this Policy, unless a longer retention period is required or permitted by law (e.g., for tax, accounting, KYC/AML compliance purposes). When we no longer need to process your data, we will securely delete or anonymize it.

       

      9. Your Rights (Under GDPR and Other Regulations)

      Depending on your jurisdiction, you have the following rights regarding your personal data:

      Right of Access: To request a copy of the personal data we hold about you.

      Right to Rectification: To correct inaccurate or incomplete data.

      Right to Erasure (“Right to be Forgotten”): To request the deletion of your data, subject to legal limitations.

      Right to Restriction of Processing: To request a temporary halt on processing your data in certain circumstances.

      Right to Data Portability: To receive your data in a structured, machine-readable format.

      Right to Object: To object to processing based on our legitimate interests.

      Right to Withdraw Consent: Where we rely on consent, you can withdraw it at any time, without affecting the lawfulness of processing based on consent before its withdrawal.

      To exercise any of these rights, please contact us at [email protected]. We will respond to your request within one month, as required by law. We may need to verify your identity before processing your request.

       

      10. Children’s Privacy

      Our App is not intended for individuals under the age of 18 (“Children”). We do not knowingly collect personal information from Children. If you are a parent or guardian and believe your Child has provided us with personal data, please contact us immediately. If we become aware that we have collected personal data from a Child without verification of parental consent, we will take steps to remove that information from our servers.

       

      11. Changes to This Privacy Policy

      We may update this Policy from time to time to reflect changes in our practices, technology, legal requirements, or other reasons. We will notify you of any material changes by posting the new Policy in the App and updating the “Effective Date.” We encourage you to review this Policy periodically.

       

      12. Contact Us

      If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Data Protection team at:

      Email: [email protected]

      Postal Address: CRYPTONIX d.o.o., Spasovdanska 41a, Lukavica, Istočno Novo Sarajevo