The General Data Protection Regulation (GDPR) is a new comprehensive data law in the European Union (“EU”) which updates existing data protection laws to strengthen the protection of personal data for individuals who reside in the EU. The GDPR aims to increase transparency for how personal data is used and to provide EU residents (“data subjects”) with more control over their data. This law goes into effect on 25 May 2018.  


How does the GDPR affect my data? GDPR regulates the processing of personal data of data subjects by service providers like Coinbase, and allows users to exercise certain rights with respect to their data. These include the rights to access, correct, restrict processing, export or delete their data. For more information about the GDPR, please refer to the UK Information Commissioner’s Office’s guide to the general data protection regulation.  


What type of data does xcoex collect? We may collect the following types of information: 


Personal Identification Information: Full legal name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email. 


Formal Identification Information: Tax ID number, passport number, driver’s license details, national identity card details, photograph identification cards, and/or visa information. 


Financial Information: Bank account information, payment card primary account number (PAN), transaction history, trading data, and/or tax identification. 


Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp. 


Employment Information: Office location, job title, and/or description of role. 


Usage Data: Survey responses, information provided to our support team, public social networking posts, authentication data, security questions, user ID, click-stream data and other data collected via cookies and similar technologies.