Privacy Policy

Privacy Policy


Updated: July 31, 2023


CoInvestor Ltd.(hereinafter referred to as the “Company”) respects privacy of individual users (“User”) and is committed to protecting it through the Company’s compliance with this Privacy Policy (hereinafter referred to as this “Policy”). This Policy is applicable to personal information collected in “Coinvestor platform” services (“Platform”) operated by the Company.

The Company is the controller of the personal information provided by a User or collected from a User in the Application. This Policy describes the types of personal information the Company may collect from a User or that User may provide, and the Company’s practices and purpose for collecting, using, maintaining, protecting, and disclosing the personal information.

This Policy shall take effect on July 20, 2021 and, in case of modification thereof, the Company will make public notice of it by posting them on the Company’s Platform or by using other methods (via text, e-mail, messenger or pop-up screen requesting acceptance at the time of a sign-in).

Terms used in this Privacy Policy shall have the meaning set forth in the relevant laws and regulations and the Company's terms and conditions; other matters shall be subject to general commercial practice.

You must be at least eighteen (18) years old or equivalent minimum age in your province, territory, or country ("Minimum Age") to use the Platform. By using the Platform, you represent and warrant that you are of Minimum Age. The Company may request you to provide proof of your age and may terminate your use of the Platform without prior notice in case of your misrepresentation.


1. Types of Personal Information Collected and Collection Methods


1.1. Types of Personal Information Collected

(a) Personal Information Provided by Users

When a user signs up for membership and uses a Platform, the Company collects personal information provided directly by the user.

  • E-mail and password will be collected as required items when signing up by email.
  • When a user withdraws digital assets exceeding a certain amount, the user’s mobile phone number, OTP, or passport number will be collected as required items necessary for identity verification.

(b) Personal Information Collected When Users Use the Platform

In addition to the information directly provided by a user, the Company may collect personal information while the user uses the Company's Platform.

  • When a member sets up 2-Step verification after signing up, verification information will be collected as optional items.
  • When a user contacts the Company through the customer center, information including name and e-mail will be collected as optional items.
  • When using the Platform, information generated during use will be collected, including, but not limited to, the browser type and settings, environment information such as device data, as well as usage type and.
  • IP addresses, cookies, device information, date and time of visit, service usage records, and improper usage records may be generated and collected.

(c) Personal Information Collected from Third Party Service Provider

The Company may receive the following personal information from third party service providers during and after the user’s registration at the Platform

  • Email address and contact information


1.2. Collection Methods

The Company collects user’s personal information in the following ways:

  • Web page, written form, fax, telephone, e-mail, data collection tool, etc.;
  • Provision through partner companies.


2. Use of Collected Information

The Company uses the collected personal information for the following purposes:

  • To provide the Company’s services to users

  • To protect users and services provided and operated by the Company, including by preventing and sanctioning actions that may interfere with the Company’s ability to comply with applicable laws and legal obligations or smoothly operate the Platform, preventing account thefts, preserving records for dispute settlements, and handling customer inquires

  • To fulfill the Company’s contractual obligations including sell and purchase crypto assets as requested by users

  • To improve the Company’s existing services, and to develop new services

  • To collect statistical data on users' use of the Platform, and to provide services or advertisements based on the statistical data collected

  • To notify users of any changes to Company's websites, Platform, or policies

  • To notify users of any promotional events and opportunities for participation therein

  • To comply with applicable laws or legal obligations

  • To pursue legitimate interest of the Company, except where such interests are overridden by the interests or fundamental rights and freedoms of the users

  • To use personal information with the user's prior consent.

If it is necessary to use the information for purposes other than those specified in this Policy, the Company shall obtain the user's consent.


3. Disclosure of Collected Information

The Company will not disclose the collected personal information to third parties except in the following cases:

  • Legal Needs
    • Where the Company is obliged to disclose it in accordance with the applicable laws
    • Where an investigative authority requests disclosure of personal information in accordance with the procedures and methods prescribed by the law for investigation purposes
  • Disclosures to Company's Partners and Service Providers
    • Where the Company's partners or service providers perform services on behalf of the company, including but not limited to security authentication (Two-factor, 2fa), identity verification, and dispute resolution
  • With user's Prior Consent
    • Where a user chooses to share the user's personal information with a certain company to receive information on the service of the company
    • Where a user otherwise agrees in advance


4. Cookies, Beacons and Similar Technologies

The Company may collect aggregated, non-personal information through cookies or web beacons.

A cookie is a small piece of data sent by the Company's web server to the user's browser and stored on the user computer's hard disk.

Web beacons are small strings of code that are placed on a website or in an email. They allow checking that a user has interacted with specific web or email content. If cookie technology is not available, as in mobile applications, the Company may also use technology that performs similar functions to cookies (for example, advertising identifiers).

These features are used to customize the user experience by evaluating and improving the services and to enable the Company to provide better services for our users.


5. Users' Rights

The Users or their legal representatives, as main agents of the personal information, may exercise the following rights regarding the collection, use and sharing of personal information by the Company:

  • Request access to personal information;

  • Request corrections or erasure of personal information;

  • Object to processing of personal information or request temporary suspension or restriction of processing personal information;

  • Request transfer of personal information;

  • Request information, in case of automated decision-making processes, of the logic underlying the system and the importance and consequences envisaged by the processing for the user concerned; or

  • Withdraw consent.

If a user contacts the Company (or personal information manager or a deputy) via electronic mail in order to exercise any of the above rights as a user, the Company will take measures without delay; provided that the Company may reject a user’s request only to the extent that there exists either a proper cause as prescribed in the laws or an equivalent cause.

User’s withdrawal of consent will not affect the lawfulness of any processing carried out before such withdrawal of consent. If a user withdraws consent, the Company may not be able to provide certain products or services to such user. The Company will advise that user if this is the case at the time he or she withdraws consent.

Users have the right to file complaints with supervisory authority. The Company requests such users to contact the Company before submitting any complaints with the said supervisory authority to seek a mutually acceptable solution.


6. Users' Obligations

Users have not only rights to be protected in relation to personal information, but also obligations themselves to protect their personal information and not to infringe on others' personal information. Please ensure that their personal information is secure. Users shall protect personal information by choosing sufficiently strong password and keep his or her credentials and password confidential at all times.Users shall refrain from disclosing his or her personal information such as password, and from damaging a third party’s personal information, including any postings.

It is important that personal information the Company holds about a user is accurate and current. Users shall keep the Company informed if any of the user’s personal information changes. A user shall be responsible for incidents caused by incorrect information entered by such a user.

If a user fails to fulfill the foregoing responsibilities and causes damages to a third party’s personal information and dignity, such user may be held liable in accordance with relevant laws.


7. Security

In order to prevent the loss, theft, unauthorized disclosure, leakage, alteration or damage of personal information of the users, the Company has implemented a system of protection. Such measures including technical and managerial measures for security include those described in Articles 8 and 9 below.


8. Protection of Personal Information of Minors

The Company prohibits membership registration from a person under the age of 18, and refrains from collecting his or her personal information.


9. Technical and Managerial Protection Measures for Personal Information

  • Countermeasures against Hacking
    • The Company endeavors to prevent the leakage of or damage to members' personal information from hacking or computer viruses. The Company prevents users' personal information or data from being leaked or damaged; and ensure a secure transmission of personal information on the network through encrypted communications. In addition, the Company uses a firewall system to control unauthorized access from outside.
  • Minimization and Training of Personnel Handling Personal Information
    • The Company's staff handling personal information is limited to personnel directly performing the relevant task. To this end, a separate password is given and updated regularly. The Company ensures its personnel to comply with relevant regulations such as the Company's Policy and protection measures through regular training of personnel.
  • Operation of Organization Exclusively for Protection of Personal Information
    • The Company maintains an in-house organization exclusively for protecting personal information responsible for checking compliance of the Company's Policy and protection measures. If a problem is discovered from checking the observance of the personnel in charge, the Company does immediately take measures to rectify and contain it. However, the Company is not responsible for any problems caused by the leakage of personal information due to the negligence of the members themselves or for reasons other than the Company's intention or gross negligence.


10. Destruction of Personal Information

  • The Company destructs personal information of users without delay when: the purpose of its collection and use has been achieved; a user withdraws from the website; the legal or managerial needs are satisfied; or receipt of users’ request. However, if it is required by relevant laws and regulations, the Company will retain the information for the duration specified therein. In such an event, the personal information which is stored and managed separately will not be used for other purposes.

  • The Company destroys hard copies of personal information by shredding with a shredder or incinerating it; and deletes personal information stored in the form of electronic file by using methods to make that personal information cannot be restored.


11. Change of Policy

The Company reserves the right to modify or change this Policy at any time. The revised Policy will be announced through notice on the Platform or Company’s website (or through individual notice such as by email). If required by relevant law, the Company will ask for the user's consent.


12. Contact Information for Company

If you have any questions about this Policy or wish to update your information held by the Company, please contact the Company at the following contact information:


13. Miscellaneous

This Policy will not be applicable to the collection and processing of personal information performed by third party service providers, such as any websites that are linked at the Application.