Third Party Verification providers: Information may be shared with third parties who
provide Know Your Customer and Anti-Money Laundering services, credit review, and
identification verification services, including verifying qualified users.
● Token Developers: Information collected from and about Users may be shared with
Token Developers to facilitate User directed participation and to communicate
independently with you.
● Financial institutions: In order to process payments, we share information with our
banking and custodial partners.
● Third party service providers: Information collected is used only in connection with
services performed for us. These include services such as website hosting, data analysis,
customer service, email delivery, marketing, auditing,
security threat detection, payment
processing, fraud prevention,
and other services.
● Business Transfers: A potential or actual acquirer, successor, or assignee as part of any
reorganization, merger, sale, joint venture, assignment, transfer or other disposition of
all or any portion of our business, assets or stock (including in bankruptcy or similar
proceedings) may receive information.
● Law enforcement, legal process or emergency situation: If required to do so by law or in
the good faith belief that such action is appropriate, we may share information: (a)
under applicable law, including laws outside your country of residence; (b) to comply
with legal process; (c) to respond to requests from public and government authorities,
including public and government authorities outside your country of residence; (d) to
enforce our terms and conditions; (e) to protect our operations or those of any of our
subsidiaries; (f) to protect our rights, privacy, safety or property, and/or that of our
subsidiaries, you or others; and (g) to allow us to pursue available remedies or limit the
damages that we may sustain.
We may use and disclose aggregate information that does not identify or otherwise relate to an
individual for any purpose, unless we are prohibited from doing so under applicable law.
4. Cookies

CoinList may make use of the standard practice of placing cookies, flash cookies, pixel tags, or
other tracking tools (herein, “Cookies”) on your computer or other devices used to visit CoinList.
We use Cookies to help us collect information in order to detect and prevent fraud and in order
to enhance your experience.
We may rely on marketing and analytical cookies on our website by our advertising and
marketing service providers and partners. We also work with analytics providers which use
cookies and similar technologies to collect and analyze information about use of the Service and
report on activities and trends. For example, Google and Facebook. Learn more about these
platforms
here
and
here
. You may refer to
http://www.allaboutcookies.org/manage-cookies/index.html
to learn more about cookies and
your browser. Please note, if you reject some cookies, you may not be able to access some or all
of CoinList’s services.
We do not share your information with these third parties, but analytics service providers may
set and access their own cookies, pixel tags, and similar technologies on the Service and they
may otherwise collect or have access to information about you which they may collect over
time and across different websites
5. Third Party Services
We may display third-party content on the Service. Third-party content may use cookies, web
beacons, or other mechanisms for obtaining data in connection with your viewing of and/or
interacting with the third-party content on the Service. This Policy does not address, and we are
not responsible for, the privacy, information or other practices of any third parties, including any
third party operating any site or service to which the Service links. The inclusion of a link on the
Service does not imply endorsement of the linked site or service by us or by our affiliates.
6. Your Choices
From time to time, we send marketing materials including e-mail messages to our users,
subject
to applicable laws and regulations
. If you no longer want to receive such materials, you may opt
out via the "unsubscribe" link provided in every email communication or by sending us an email
with your request at
team@coinlist.co
. Otherwise, you may change your setting preference by
accessing your account on your profile dashboard and selecting ‘email preferences’.

7. Security
We use certain physical, organizational, and technical safeguards that are designed to maintain
the integrity and security of information that we collect. Some measures we take include
encryption of the CoinList website communications with SSL; required two-factor authentication
for all sessions, and periodic review of information security and storage.
Please be aware that
no security measures are perfect or impenetrable and thus we cannot and do not guarantee the
security of your data. It is important that you maintain the security and control of your account
credentials, and not share your password with anyone.
8. Retaining Your Information
CoinList takes privacy and security seriously. We will only retain your personal information for as
long as necessary to fulfill the purposes for which we collected it. In some cases, we will retain
information for a period of time required after an account is closed in order to comply with legal
and reporting requirements. These include applicable financial services and anti-money
laundering laws. Information collected for marketing purposes will be retained unless you
unsubscribe, at which point preferences will be marked in our databases and you will no longer
receive direct marketing material
.
9. Use of Service by Minors
The Service is not directed to individuals under the age of eighteen (18), and we request that
you not provide personal information through the Service if you are under 18.
10. International Cross-border Data Transfer
CoinList uses servers hosted in the United States. Please note that we may be transferring your
information outside of your region for storage and processing in the United States and around
the globe. By using the Service you consent to the transfer of information to countries outside
of your country of residence, including the United States, which may have data protection rules
that are different from those of your country.

EEA PRIVACY RIGHTS
If you are located in the EEA, UK, or Switzerland, the following information applies with respect
to personal data collected through your use of our Services.
Legal Basis for Processing Your Information
CoinList processes your information in order to perform the services it offers. In order to
process personal information, CoinList relies on the legal basis as outlined in Article 6 of the EU
General Data Protection Regulation (“GDPR”), as applicable. CoinList processes personal
information (1) as necessary to perform our agreement to provide the Service; (2) as necessary
to comply with CoinList’s legal obligations; (3) as necessary for our legitimate interests in
providing the Service where those interests do not override your fundamental rights and
freedoms related to data privacy; and (4) with your consent.
Purpose
Legal Basis
1. To enforce our Terms of Service or other
legal rights; 3. To operate, maintain, enhance
and provide features of the Service; 4. To
provide customer support; 6. To provide
service related communications
Based on our contract with you
2. To conduct identity verification; 10. To
aggregate data or create anonymized data;
11. To comply with legal obligations; 12.To
detect and prevent fraud
Necessary to comply with legal obligations
5. To conduct research and development; 7.
To deliver marketing opportunities; 8. To
operate and manage CoinList’s Karma
reward program;
CoinList’s legitimate interest
9. To conduct content analytics
Your consent

Data Transfers out of EU
Pursuant to Article 49 of the EU GDPR,
the transfer of data is necessary for the performance of a
contract between the data subject and the controller or the implementation of pre-contractual
measures taken at the data subject’s request;
Your Privacy Rights
If you are an individual in the European Economic Area (EEA),You have the right to:
● Request a copy of your information,
● To object to our use of your information. (including for marketing purposes.
We will
contact you by electronic means for marketing purposes only if you have consented to
such communication. You may object to initial or further processing for purposes of
direct marketing
),
● To correct any inaccurate personal information, where applicable,
● You have the right to request the deletion of your information. If you choose to close
your CoinList account, your account will be marked closed. Your information will no
longer be used by CoinList for further processing purposes, except as required by
applicable laws. Information will be retained as required by financial and anti money
laundering regulations which include but are not limited to the prevention of fraud.
You can exercise any of these rights by contacting us at privacy@coinlist.co
CALIFORNIA PRIVACY RIGHTS
For purposes of this section, “Personal Information” has the meaning given in the California
Consumer Privacy Act of 2018 (“CCPA”) but does not include information exempted from the
scope of the CCPA.
The sources from which we collect information are described in Section 1 of this Privacy Policy;
the business and commercial purposes for which we collect this information are described in
Section 2 of this Privacy Policy; and the categories of third parties to whom we “disclose” the
information for a business purpose are described in Section 3 of this Privacy Policy

As a California resident, you have rights
under the California Consumer Privacy Act (“CCPA”)
.
However, these rights are not absolute, and in certain cases we may decline your request as
permitted by law. You may request to know more details about the categories or specific pieces
of Personal Data we collect (including how we use and disclose this information), to delete your
Personal Data, subject to certain exceptions, and to not be discriminated against for exercising
these rights.
You may submit a request to access or delete your personal information by emailing us at
privacy@coinlist.co. We are legally obligated to verify your identity when you submit a request.
We may request additional information from you to verify your identity.
CoinList does not sell your data and has not sold your personal data in the previous 12 months.
Updates to this Privacy Policy
We may make changes to this Policy. The "Last Updated" date at the top of this page indicates
when this Policy was last revised. If we make material changes, we may notify you through the
Service or by sending you an email or other communication. We encourage you to read this
Policy periodically to stay up-to-date about our privacy practices. Your use of the Service
following these changes means that you accept the revised Policy.
U.S. Consumer Privacy Notice
Companies choose how they share your personal information. Under federal law, that means
personally identifiable information. Federal law gives consumers the right to limit some but not
all sharing. Federal law also requires us to tell you how we collect, share, and protect your
personal information. To understand what we do, please carefully read the U.S. Consumer
Privacy Notice, available
here
.
Contact us
If you have any questions about this Policy, please contact us at:
notice@coinlist.co
.
900 Kearny Street #350 San Francisco, CA 94133