Privacy Policy | IamCRYPTO
Last updated: 17.12.2025

1. Introduction
IAMCRYPTO S.L. (“IamCRYPTO”, “we”, “us”, “our”) is committed to protecting personal data and privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal data when you access or interact with our website https://iamcrypto.com, our APIs, products, and services (collectively, the “Services”).
IamCRYPTO is established in the European Union and operates in accordance with applicable data protection laws, including the EU General Data Protection Regulation (GDPR).
2. Scope
This Privacy Policy applies to:
  • Website visitors
  • Business customers and partners
  • Prospective customers and partners
  • End users of services provided through our customers, where applicable
3. Personal Data We Process
3.1 Data Provided Directly
  • Name and surname
  • Business email address
  • Phone number
  • Company name and position
  • Business communications
  • Contractual and billing-related information (B2B)
3.2 Data Collected Automatically
  • IP address
  • Browser and device information
  • Website usage data
  • Cookies and similar technologies
3.3 Data Processed via Telecom APIs
When providing mobile identity and fraud prevention services, the following categories of data may be processed:
  • Mobile phone number (MSISDN)
  • Network-based verification signals (for example, SIM change status or number-device match result)
  • Transaction and request metadata (timestamps, API call identifiers, technical logs)
IamCRYPTO does not process communication content, call detail records, or precise location data.
4. Purposes of Processing
Personal data is processed for the following purposes:
  • Provision and operation of the Services
  • Customer onboarding and partner engagement
  • Performance of contractual and pre-contractual obligations
  • Fraud prevention, secure authentication, and abuse detection
  • Compliance with legal and regulatory obligations
  • Service improvement and analytics
  • Business and service-related communications
Mobile Identity and Fraud Prevention Services
IamCRYPTO provides mobile identity and fraud prevention services using standardized telecom APIs, including GSMA Open Gateway / CAMARA APIs, such as:
  • SIM Swap Detection
  • Number Verification
These services are used by business customers to enhance security during sensitive actions, including onboarding, login, account recovery, transaction authorization, and digital asset withdrawals. Verification may be performed silently at network level without user interaction.
5. Legal Basis
Processing is based on one or more of the following legal grounds under GDPR:
  • Legitimate interests, in particular fraud prevention and service security
  • Performance of a contract or pre-contractual steps
  • Compliance with legal obligations (including AML/CFT requirements)
  • Consent, where required by applicable law or customer implementation
6. Roles and Data Sharing
Depending on the context:
  • IamCRYPTO acts as a data controller for website visitors and business contacts
  • IamCRYPTO may act as a data processor or technical facilitator when providing API-based services to its customers
  • Mobile network operators act as independent data controllers for telecom network data
  • API aggregation and routing partners act as processors, facilitating technical transmission of data
Personal data may be shared with:
  • Mobile network operators
  • Telecom and API partners
  • Cloud and infrastructure providers
  • Compliance and identity verification providers
  • Professional advisors and authorities where required by law.
7. International Transfers
Where data is transferred outside the EEA, appropriate safeguards are applied, including Standard Contractual Clauses or equivalent mechanisms.
8. Data Retention
Personal data is retained only for as long as necessary for the stated purposes.
API transaction logs are retained for limited periods required for billing, audit, security monitoring, and regulatory compliance. No persistent storage of end-user personal data is performed beyond legal or contractual requirements.
9. Security Measures
IamCRYPTO implements appropriate technical and organizational measures, including encryption, access controls, monitoring, and industry-standard security practices.
10. Your Rights
You have the right to:
  • Access your personal data
  • Rectify inaccurate data
  • Request erasure
  • Restrict or object to processing
  • Data portability
  • Withdraw consent (where applicable)
  • Lodge a complaint with a supervisory authority
Requests can be submitted to: privacy@iamcrypto.com
11. Updates
This Privacy Policy may be updated from time to time. Changes will be published on this page.
Made on
Tilda