1. Introduction

At CryptoSafe Escrow, we prioritize your privacy and are committed to safeguarding your personal information with the highest standards of security and transparency. This Privacy Policy outlines how we collect, use, disclose, and protect your data when you use our cryptocurrency escrow service (“Service”). By accessing or using the Service, you consent to the practices described herein. We comply with applicable global privacy regulations, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Data Minimization Principle

We adhere to the principle of data minimization, collecting only the information necessary to provide the Service and fulfill legal obligations. This ensures that your exposure to data-related risks is kept to a minimum.

3. Information We Collect

We collect the following types of information to operate the Service effectively:

• Personal Information: Name, email address, username, and security answers provided during account creation, password reset, or identity verification processes.
• Transaction Information: Details of escrow transactions, including cryptocurrency wallet addresses, transaction amounts, and related metadata.
• Technical Information: IP addresses, browser types, device identifiers, operating system details, and usage data collected through cookies or analytics tools.
• Communication Data: Evidence or documentation submitted during disputes or support inquiries.

We do not collect messages between buyers and sellers during escrow transactions unless a dispute is opened. In such cases, messages are collected solely to verify and understand the dispute. All messages are fully encrypted end-to-end, ensuring that no one, including CryptoSafe Escrow staff, can access their content.

4. How We Use Your Information

We process your information for the following purposes:

• Service Delivery: Facilitate secure escrow transactions, including fund holding and release.
• Account Security: Verify identities, enable two-factor authentication, and process password resets.
• Communication: Send transactional emails (e.g., transaction updates, dispute notifications) and respond to support inquiries.
• Dispute Resolution: Review evidence to resolve disputes fairly and transparently.
• Analytics and Improvement: Analyze usage patterns to enhance platform functionality and user experience.
• Legal Compliance: Adhere to anti-money laundering (AML), know-your-customer (KYC), and other regulatory requirements.

5. How We Share Your Information

We share your information only when necessary and under strict conditions:

• Transaction Parties: Share wallet addresses and transaction details with buyers or sellers involved in an escrow.
• Service Providers: Engage trusted third parties (e.g., email providers, cloud hosting) under strict data protection agreements.
• Legal Obligations: Disclose information to comply with lawful requests, such as court orders or regulatory audits.
• Anonymized Data: Use aggregated, anonymized data for analytics, research, or reporting purposes.

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

6. Data Security

We deploy state-of-the-art security measures to protect your data, leveraging some of the most advanced encryption and authentication technologies available. Our comprehensive safeguards include:

• Industry-leading encryption protocols, comparable to standards like AES, to secure sensitive data in transit and at rest.
• Advanced hashing techniques for secure password storage, ensuring unauthorized access is prevented.
• Encrypted communication channels, for secure email and data transmission.
• Continuous monitoring and vulnerability assessments to maintain a secure environment.

While we strive to provide unparalleled security, no system is entirely risk-free. You are responsible for safeguarding your account credentials and using strong, unique passwords.

7. Your Privacy Rights

Depending on your jurisdiction (e.g., EU, California), you may have the following rights regarding your personal information:

• Right to Access: Request a copy of the data we hold about you.
• Right to Rectification: Correct inaccurate or incomplete data.
• Right to Erasure: Request deletion of your data, subject to legal retention requirements.
• Right to Data Portability: Receive your data in a structured, machine-readable format.
• Right to Object: Object to processing for certain purposes, such as direct marketing.
• Right to Restrict Processing: Limit how we process your data under specific circumstances.
• Right to Opt-Out: Opt out of non-essential communications or data sharing (e.g., analytics).

To exercise these rights, contact us at support-cryptosafeescrow@csetrust.com. We will respond within 30 days, or as required by law. Identity verification may be required to process requests.

8. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience:

• Essential Cookies: Maintain user sessions and ensure secure login functionality.
• Analytics Cookies: Collect anonymized data on page views and user interactions to improve the Service.
• Preference Cookies: Store user settings, such as language or display preferences.

You can manage cookie preferences through your browser settings or our cookie consent tool (if applicable). Disabling essential cookies may impair Service functionality.

9. International Data Transfers

As a global service, your data may be transferred to and processed in countries outside your jurisdiction, including the United States. We ensure such transfers comply with applicable laws (e.g., GDPR’s Standard Contractual Clauses, CCPA requirements) and implement safeguards to maintain equivalent levels of data protection.

10. Children’s Privacy

The Service is not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If we become aware of such data, we will take immediate steps to delete it. Contact us if you believe we have inadvertently collected data from a minor.

11. Third-Party Links

The Service may include links to third-party websites, such as blockchain explorers or external wallets. We are not responsible for the privacy practices or content of these sites. We encourage you to review their privacy policies before sharing personal information.

12. Data Retention

We retain personal information only for as long as necessary to fulfill the purposes outlined in this policy or to comply with legal obligations. For example:

• Account data is retained until you request deletion or your account is terminated.
• Transaction records are kept for up to 7 years to comply with AML and tax regulations.
• Dispute-related data is retained until resolution and any applicable legal periods.

After retention periods, data is securely deleted or anonymized using industry-standard methods.

13. Incident Response

In the unlikely event of a data breach, we have a robust incident response plan to:

• Investigate and contain the incident promptly.
• Notify affected users and relevant authorities within 72 hours, as required by law (e.g., GDPR).
• Implement corrective measures to prevent recurrence.

Users will be informed via email and platform notifications if their data is impacted.

14. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices, legal requirements, or Service enhancements. Updates will be posted on this page, and significant changes will be communicated via email or platform notifications. Your continued use of the Service constitutes acceptance of the revised policy.

15. Contact Information

For questions, concerns, or to exercise your privacy rights, contact our Data Protection Officer at:
Email: support-cryptosafeescrow@csetrust.com

If you are in the EU, you may also contact your local data protection authority or lodge a complaint if you believe our practices do not comply with GDPR.