The General Data Protection Regulation (GDPR) is a new comprehensive data law in the European Union ('EU') which updates existing data protection laws to strengthen the protection of personal data for individuals who reside in the EU. The GDPR aims to increase transparency for how personal data is used and to provide EU residents ('data subjects') with more control over their data. This law goes into effect on 25 May 2018.
How does Coinbase use my data?
As we build products here at Coinbase, protecting your data and your privacy are top of mind. We only use your data to verify your identity, enable transactions, and improve our product. Coinbase does not and will not sell your data to third parties.
We collect personal information to provide you with our services. When we do collect data it is primarily because it is mandated by law — such as when we must comply with anti money laundering laws — or to verify your identity and protect you from potential fraudulent activity.
What type of data does Coinbase collect?
We may collect the following types of information:
- Personal Identification Information: Full legal name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email.
- Formal Identification Information: Tax ID number, passport number, driver's license details, national identity card details, photograph identification cards, and/or visa information.
- Financial Information: Bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification.
- Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp.
- Employment Information: Office location, job title, and/or description of role.
- Online Identifiers: Geo location/tracking details, browser fingerprint, OS, browser name and version, and/or personal IP addresses.
How does the GDPR affect my data?
GDPR regulates the processing of personal data of data subjects by service providers like Coinbase, and allows users to exercise certain rights with respect to their data. These include the rights to access, correct, restrict processing, export or delete their data. For more information about the GDPR, please refer to the UK Information Commissioner's Office's guide to the general data protection regulation.
How do I get access to my information?
In order to access your information, you'll need to be logged in to your Coinbase account via a web browser or the mobile app. This is to ensure the safety of your data and privacy. Once you're logged in, follow these steps to access your information.
If you are attempting to request access or export data, you will need to submit these requests via web browser. We are unable to support these request types via the mobile app at this time.
What if I'm unable to access my account or privacy settings page?
If you are unable to login to your account or cannot access the privacy settings page, please submit a request through our support center. When submitting a request, select the 'data access' category and pick which subtype is most applicable to your situation.
How do I submit questions or concerns?
If you still have questions or concerns regarding how Coinbase collects or uses your data, contact us at firstname.lastname@example.org. You may also register a complaint with the UK Information Commissioner's Office. Please visit ico.org.uk for additional instructions.
What if I'm not an EU customer?
Security of user data is central to Coinbase's mission to make this safest platform to use. As part of our GDPR efforts we have improved many of our internal data controls and management practices. However, only EU residents have access to our new privacy rights dashboard at this time.