Privacy

Privacy Policy

Last updated: 17.12.2025

1. Introduction

IAMCRYPTO S.L. ("IamCRYPTO", "we", "us", "our") is committed to protecting personal data and privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you access or interact with our website https://iamcrypto.com, our APIs, products, and services (collectively, the "Services").

IamCRYPTO is established in the European Union and operates in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).

2. Scope

  • Website visitors
  • Business customers and partners
  • Prospective customers and partners
  • End users of services provided through our customers, where applicable

3. Personal Data We Process

3.1 Data Provided Directly

  • Name and surname
  • Business email address
  • Phone number
  • Company name and position
  • Business communications
  • Contractual and billing-related information (B2B)

3.2 Data Collected Automatically

  • IP address
  • Browser and device information
  • Website usage data
  • Cookies and similar technologies

3.3 Data Processed via Telecom APIs

When providing mobile identity and fraud prevention services, the following categories of data may be processed:

  • Mobile phone number (MSISDN)
  • Network-based verification signals (for example, SIM change status or number-device match result)
  • Transaction and request metadata (timestamps, API call identifiers, technical logs)

IamCRYPTO does not process communication content, call detail records, or precise location data.

4. Purposes of Processing

  • Provision and operation of the Services
  • Customer onboarding and partner engagement
  • Performance of contractual and pre-contractual obligations
  • Fraud prevention, secure authentication, and abuse detection
  • Compliance with legal and regulatory obligations
  • Service improvement and analytics
  • Business and service-related communications

Mobile Identity and Fraud Prevention Services

IamCRYPTO provides mobile identity and fraud prevention services using standardized telecom APIs, including GSMA Open Gateway / CAMARA APIs, such as SIM Swap Detection and Number Verification.

These services are used by business customers to enhance security during sensitive actions, including onboarding, login, account recovery, transaction authorization, and digital asset withdrawals. Verification may be performed silently at network level without user interaction.

5. Legal Basis

  • Legitimate interests, in particular fraud prevention and service security
  • Performance of a contract or pre-contractual steps
  • Compliance with legal obligations (including AML/CFT requirements)
  • Consent, where required by applicable law or customer implementation

6. Roles and Data Sharing

Depending on the context:

  • IamCRYPTO acts as a data controller for website visitors and business contacts
  • IamCRYPTO may act as a data processor or technical facilitator when providing API-based services to its customers
  • Mobile network operators act as independent data controllers for telecom network data
  • API aggregation and routing partners act as processors, facilitating technical transmission of data

Personal data may be shared with mobile network operators, telecom and API partners, cloud and infrastructure providers, compliance and identity verification providers, professional advisors and authorities where required by law.

7. International Transfers

Where data is transferred outside the EEA, appropriate safeguards are applied, including Standard Contractual Clauses or equivalent mechanisms.

8. Data Retention

Personal data is retained only for as long as necessary for the stated purposes.

API transaction logs are retained for limited periods required for billing, audit, security monitoring, and regulatory compliance. No persistent storage of end-user personal data is performed beyond legal or contractual requirements.

9. Security Measures

IamCRYPTO implements appropriate technical and organizational measures, including encryption, access controls, monitoring, and industry-standard security practices.

10. Your Rights

You have the right to:

  • Access your personal data
  • Rectify inaccurate data
  • Request erasure
  • Restrict or object to processing
  • Data portability
  • Withdraw consent (where applicable)
  • Lodge a complaint with a supervisory authority

Requests can be submitted to: privacy@iamcrypto.com

11. Updates

This Privacy Policy may be updated from time to time. Changes will be published on this page.