Skip to main content

Now live in the US: the beginner-friendly way to start with crypto. How it works →

CryptoUnity

Last updated · 2026-04-17

Privacy Policy

PRIVACY POLICY

This Privacy Policy (the “Policy”) describes how CU Global Inc., a corporation incorporated under the laws of the State of Delaware, United States, with its registered office at 131 Continental Dr, Suite 305, Newark, Delaware 19713 (“CryptoUnity”, “we”, “us”, or “our”), collects, uses, discloses, stores, and otherwise processes Personal Data in connection with the use of the CryptoUnity platform (the “Platform”).

CryptoUnity acts as a technology platform and, depending on the processing activity, may act as an independent controller or facilitate data processing by third-party providers such as BitGo.

This Policy applies to users located in the United States and has been drafted in accordance with applicable U.S. federal and state privacy laws and regulations, including, where applicable, the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), and other applicable consumer privacy and data protection requirements.

This Policy forms an integral part of the Terms of Service and should be read together with them.

By creating an account, accessing, or using the Platform, you acknowledge that you have read and understood this Policy. Acceptance of this Policy as part of the account registration or platform access process does not, by itself, constitute consent where consent is separately required under applicable law.

Where required by applicable law, CryptoUnity will provide additional notices at collection and obtain any required consents in relation to specific categories of Personal Data or processing activities.

For users residing in certain U.S. states, additional privacy rights and disclosures may apply, including the right to know, access, correct, delete, and opt out of certain uses or disclosures of Personal Data, as described in this Policy.

 

1. ROLE OF THE PARTIES AND DATA CONTROLLERSHIP

CryptoUnity acts as a data controller (or “business,” where applicable under U.S. privacy laws) with respect to Personal Data processed in connection with the operation of the Platform, including user account management, platform functionality, communications, analytics, and certain onboarding-related processes.

The Platform enables access to services provided by independent third-party service providers, including BitGo Technologies LLC and its affiliates (“BitGo”), which act as independent data controllers (or “businesses”) with respect to Personal Data processed in connection with their regulated services.

In particular, CryptoUnity facilitates access to digital asset services, including custody, transaction execution, and compliance-related processes, which are performed exclusively by BitGo or its affiliates. In this context, Personal Data may be disclosed or made available to BitGo as part of onboarding, identity verification (KYC), compliance (AML/CTF), and transaction-related processes.

BitGo independently determines the purposes and means of processing Personal Data within the scope of its services, including but not limited to custody, transaction processing, identity verification, sanctions screening, and regulatory compliance.

CryptoUnity does not control and is not responsible for the data processing practices of BitGo or any other third-party service provider. Users are advised to review the privacy policies of such providers before using their services.

CryptoUnity may share Personal Data with third-party service providers, including BitGo, for the purposes described in this Policy. Such sharing may constitute a “disclosure” or “sharing” under applicable U.S. privacy laws.

This Policy applies to both individual users and legal entities, including their authorized representatives, beneficial owners, and other individuals whose Personal Data is processed in connection with the use of the Platform.

 

2. CATEGORIES OF PERSONAL DATA

CryptoUnity collects and processes Personal Data that is reasonably necessary and proportionate for the operation of the Platform and compliance with applicable legal and regulatory obligations.

The categories of Personal Data we may collect and process include:

• Identifiers, such as name, surname, date of birth, nationality, country of residence, and other similar identifiers;

• Contact information, such as email address and telephone number;

• Account information, including login credentials, authentication data, account preferences, and account settings;

• Transactional information, including transaction history, balances, account activity, and interactions with third-party services;

• Technical and usage data, including IP address, device identifiers, browser type, operating system, and usage logs;

• Communication data, including correspondence with customer support and other communications with CryptoUnity;

• Compliance and verification data, including information required for identity verification (KYC), anti-money laundering (AML), counter-terrorist financing (CTF), sanctions screening, and fraud prevention.

In addition, certain Personal Data required for identity verification, customer due diligence, and regulatory compliance may be disclosed to or collected directly by third-party providers, including BitGo. Such data may include identity documents, biometric data (where applicable), proof of address, source of funds information, and verification reports.

CryptoUnity does not have full visibility into or access to all Personal Data processed within third-party onboarding or verification systems, including certain identity verification documentation processed directly by such providers.

Where Users act on behalf of legal entities, Personal Data relating to directors, beneficial owners, and authorized representatives may be processed as part of compliance and verification procedures.

Under applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA/CPRA), the categories of Personal Data described above may correspond to the following categories of personal information:

• Identifiers;

• Personal information described in Cal. Civ. Code § 1798.80(e);

• Commercial information;

• Internet or other electronic network activity information;

• Geolocation data (inferred from IP address or device data);

• Professional or employment-related information (where applicable);

• Sensitive personal information, including government identification data and biometric information (where applicable).

CryptoUnity does not collect Personal Data beyond what is necessary for the purposes described in this Policy.

 

3. SOURCES OF PERSONAL DATA

CryptoUnity collects Personal Data directly from Users when they create an account, complete onboarding, use the Platform, or otherwise interact with our services.

We also automatically collect certain information through the use of the Platform, including technical data, device information, and usage data.

In addition, we may receive Personal Data from third-party sources, including identity verification providers, financial institutions, fraud prevention services, analytics providers, and third-party service providers such as BitGo, where necessary to provide services or comply with legal and regulatory obligations.

This Policy also applies, where relevant, to individuals who access or interact with the Platform without creating an account, including through the use of cookies, tracking technologies, and similar tools.

We use cookies and similar technologies in accordance with our Cookie Policy. Depending on your location and applicable law, you may have the ability to manage your preferences regarding certain categories of cookies and tracking technologies. Where required by law, we obtain consent prior to the use of non-essential cookies.

We may also collect or receive additional information from third-party sources for purposes such as risk assessment, fraud prevention, compliance checks, identity verification, and sanctions screening, including reputational or financial risk indicators where permitted by law.

We may use third-party service providers (such as analytics or marketing tools) that collect information about your interaction with the Platform. These providers may act as service providers or independent businesses under applicable U.S. privacy laws.

Where Personal Data is obtained from social media platforms or other third-party services, such platforms act as independent data controllers, and their respective privacy policies apply.

We collect only the Personal Data that is reasonably necessary and proportionate for the purposes described in this Policy and retain it only for as long as required or permitted under applicable law.

Access to third-party websites or services is at your own risk, and CryptoUnity does not endorse or assume responsibility for the privacy practices or content of such external services.

 

4. PURPOSES AND LEGAL BASIS FOR PROCESSING

We process Personal Data for specific, legitimate business and operational purposes, in accordance with applicable U.S. privacy laws.

4.1 Account creation and platform access

We process Personal Data to create and manage user accounts, provide access to the Platform, and enable core functionalities.

This includes processing identification data, contact information, authentication credentials, and account-related information.

We use this data to:

• create and manage user accounts;

• authenticate users and maintain account security;

• provide Platform features and services;

• process user requests (e.g., password resets, account updates, account closure); and

• provide customer support.

We may also process Personal Data to verify user identity, prevent unauthorized access, and detect fraudulent or suspicious activity.

The legal basis for such processing includes the performance of a contract and our legitimate business interests in maintaining the security and integrity of the Platform.

4.2 Compliance and regulatory obligations

We process Personal Data to comply with applicable legal and regulatory requirements, including anti-money laundering (AML), counter-terrorist financing (CTF), sanctions compliance, fraud prevention, and financial regulatory obligations.

Where required, Personal Data is disclosed to or processed by regulated third-party providers, including BitGo, which act as independent data controllers.

Such processing may include:

• identity verification (KYC);

• biometric verification (where applicable);

• document validation;

• sanctions and watchlist screening;

• transaction monitoring; and

• risk assessment.

Personal Data may also be disclosed to financial institutions, virtual asset service providers, or other entities where required under applicable laws (including “Travel Rule” requirements).

We may also process Personal Data using blockchain analytics tools to detect suspicious activity and ensure regulatory compliance.

We may disclose Personal Data to regulators, law enforcement authorities, courts, auditors, and legal advisors where required by law or necessary to establish, exercise, or defend legal claims.

The legal basis for such processing includes compliance with legal obligations and, where applicable, the performance of a contract.

4.3 Transactions and service enablement

We process Personal Data to facilitate access to transaction-related services provided by third-party providers, including BitGo.

Personal Data may be disclosed to such providers to enable:

• transaction execution;

• account operations;

• compliance checks; and

• service delivery.

CryptoUnity does not execute transactions or provide custody services and does not determine how such providers process Personal Data.

The legal basis for such processing includes the performance of a contract and compliance with applicable legal obligations.

4.4 Security, fraud prevention, and risk management

We process Personal Data to maintain the security, integrity, and reliability of the Platform.

This includes:

• detecting and preventing fraud, abuse, and unauthorized access;

• monitoring system activity;

• protecting user accounts and data; and

• ensuring Platform stability and performance.

We implement appropriate technical and organizational safeguards, including encryption, access controls, and monitoring systems.

Certain processing may involve automated decision-making (e.g., fraud detection or risk scoring). Where required by law, appropriate safeguards are implemented, including the possibility of human review.

The legal basis for such processing is our legitimate business interests in protecting the Platform and its users.

4.5 Analytics and service improvement

We process Personal Data to improve the Platform, develop new features, and analyze user behavior.

This may include:

• analyzing usage patterns;

• improving functionality and performance; and

• conducting internal research and development.

Where possible, data is aggregated or de-identified.

We may use third-party analytics providers, which may process Personal Data on our behalf or as independent service providers, subject to applicable contractual and legal safeguards.

The legal basis for such processing is our legitimate business interests in improving our services.

4.6 Communications and customer support

We process Personal Data to communicate with users and provide customer support.

This includes:

• responding to inquiries and requests;

• sending service-related communications (e.g., account notifications, transaction alerts);

• managing complaints; and

• maintaining communication records.

Users may manage certain communication preferences through Platform settings where available.

The legal basis for such processing includes the performance of a contract and compliance with legal obligations.

4.7 Marketing and promotional communications

We may process Personal Data to send marketing and promotional communications, where permitted by applicable law.

This may include:

• updates about services and features;

• promotional offers; and

• educational or informational content.

Where required by law, we will obtain your consent before sending marketing communications.

You may opt out of marketing communications at any time by using the unsubscribe link or adjusting your account settings.

We may personalize communications based on your interactions with the Platform, subject to applicable law.

We do not engage in automated decision-making or profiling that produces legal or similarly significant effects in connection with marketing.

The Platform is not intended for individuals under the age of 18, and we do not knowingly collect Personal Data from such individuals.

 

5. DISCLOSURE AND SHARING OF PERSONAL DATA

We may disclose Personal Data to third parties for business, operational, compliance, and legal purposes, as described in this Policy.

Certain third parties, including financial institutions, payment providers, and regulated service providers such as BitGo Technologies LLC (“BitGo”), act as independent data controllers (or “businesses”) and process Personal Data in accordance with their own privacy policies.

In particular, Personal Data may be disclosed or made available to BitGo for the purposes of onboarding, identity verification (KYC), compliance (AML/CTF), transaction execution, and custody services. BitGo acts as an independent data controller with respect to such processing.

We may also disclose Personal Data to service providers that perform services on our behalf, including but not limited to:

• cloud infrastructure providers;

• hosting and IT service providers;

• communication and customer support providers;

• analytics and marketing providers; and

• fraud prevention and security service providers.

Such entities may act as “service providers” or “contractors” under applicable U.S. privacy laws and are contractually obligated to process Personal Data only for specified purposes and in accordance with applicable legal requirements.

We may disclose Personal Data to regulators, courts, law enforcement agencies, and other governmental or public authorities where required by applicable law, legal process, or regulatory obligations, or where necessary to establish, exercise, or defend legal claims.

We may also disclose Personal Data:

• to comply with applicable laws, regulations, or legal obligations;

• to enforce our Terms of Service or other agreements;

• to detect, prevent, or investigate fraud, security incidents, or unlawful activity; or

• to protect the rights, property, or safety of CryptoUnity, our users, or others.

Under applicable U.S. privacy laws, certain disclosures of Personal Data may be considered “sharing” or “selling,” depending on the context. CryptoUnity does not sell Personal Data for monetary consideration.

However, we may disclose or make available certain Personal Data to third-party providers (such as analytics or advertising partners) in a manner that could be considered “sharing” under applicable law.

Where required by law, users have the right to opt out of such “sharing” or “selling” of Personal Data, as further described in this Policy.

We disclose Personal Data only to the extent reasonably necessary and proportionate for the purposes described in this Policy and in accordance with applicable law.

We do not use or disclose sensitive personal information for purposes other than those permitted under applicable law.

Where required, we implement appropriate contractual, technical, and organizational safeguards to protect Personal Data when shared with third parties.

6. DATA TRANSFERS

CryptoUnity may transfer, store, and process Personal Data in the United States and other jurisdictions where we or our service providers operate.

Personal Data may be disclosed to third-party service providers, including BitGo and other partners, which may be located in different jurisdictions.

By using the Platform, you acknowledge and agree that your Personal Data may be transferred to, processed in, and stored in countries that may have data protection laws different from those of your state or country of residence.

Where required by applicable law, CryptoUnity implements reasonable and appropriate safeguards to protect Personal Data during such transfers, including contractual protections and security measures.

We take steps to ensure that Personal Data is handled securely and in accordance with this Privacy Policy, regardless of where it is processed.

 

7. DATA RETENTION

We retain Personal Data only for as long as reasonably necessary to fulfill the purposes described in this Privacy Policy, including providing the Platform, maintaining user accounts, and complying with legal, regulatory, and contractual obligations.

Retention periods may vary depending on the type of Personal Data and the purposes for which it is processed. We may retain Personal Data for longer periods where required or permitted by applicable law, including for compliance with anti-money laundering (AML), financial, tax, and regulatory requirements.

In particular, certain Personal Data may be retained for a period of up to ten (10) years following the termination of the business relationship, where required by applicable law or regulatory obligations.

We may also retain Personal Data as necessary to:

• resolve disputes;

• enforce our agreements;

• detect and prevent fraud or abuse; and

• comply with legal obligations.

Where Personal Data is no longer required, we will take reasonable steps to delete, de-identify, or anonymize such data, unless retention is required or permitted by law.

In the event of a user’s death, we may process Personal Data where necessary to respond to lawful requests from authorized individuals or authorities, in accordance with applicable laws.

 

8. DATA SECURITY

CryptoUnity implements reasonable and appropriate technical, administrative, and organizational measures designed to protect Personal Data against unauthorized access, use, disclosure, alteration, or destruction.

Such measures may include, but are not limited to, encryption, access controls, authentication mechanisms, system monitoring, and regular security assessments.

Access to Personal Data is limited to authorized personnel and service providers who require such access to perform their duties, subject to confidentiality obligations.

We also take steps to ensure that our service providers implement appropriate security measures consistent with applicable data protection requirements.

However, no method of transmission over the internet or method of electronic storage is completely secure. Accordingly, while we strive to protect your Personal Data, we cannot guarantee absolute security.

In the event of a data breach, we will take appropriate steps in accordance with applicable law, including notifying affected individuals and authorities where required.

 

9. YOUR PRIVACY RIGHTS

Depending on your state of residence, you may have certain rights regarding your Personal Data under applicable U.S. privacy laws, including the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), and other state laws.

These rights may include:

• Right to Know / Access – to request information about the Personal Data we collect, use, disclose, or sell/share;

• Right to Correct – to request correction of inaccurate Personal Data;

• Right to Delete – to request deletion of your Personal Data, subject to certain exceptions;

• Right to Data Portability – to receive a copy of your Personal Data in a portable and, where technically feasible, readily usable format;

• Right to Opt-Out – to opt out of the sale or sharing of Personal Data (if applicable);

• Right to Limit Use of Sensitive Personal Data – where applicable;

• Right to Non-Discrimination – to not be discriminated against for exercising your privacy rights.

We do not sell Personal Data in exchange for monetary consideration. However, certain data sharing for analytics or marketing purposes may be considered a “sale” or “sharing” under applicable laws. You may opt out of such activities where required.

To exercise your rights, you may contact us at: info@cryptounity.org

We may need to verify your identity before processing your request. In certain cases, we may decline a request where permitted by law.

Authorized agents may submit requests on behalf of users, subject to verification requirements.

If you are a California resident, you may designate an authorized agent to make requests on your behalf.

We will respond to verifiable requests within the timeframes required by applicable law.

If you have concerns about how we handle your Personal Data, you may contact us directly. You may also have the right to lodge a complaint with your state’s Attorney General or relevant regulatory authority.

9.1 DO NOT SELL OR SHARE PERSONAL INFORMATION

Under applicable U.S. privacy laws, including the CCPA/CPRA, you may have the right to opt out of the “sale” or “sharing” of your Personal Data.

CryptoUnity does not sell Personal Data for monetary consideration.

However, certain disclosures of Personal Data to third parties (such as analytics or advertising partners) may be considered “sharing” under applicable law.

You have the right to opt out of such sharing at any time.

To exercise your right to opt out, you may:

• contact us at: info@cryptounity.org; or

• use any available opt-out mechanisms provided within the Platform.

We will process such requests in accordance with applicable law.

9.2 NOTICE TO CALIFORNIA RESIDENTS

This section applies to California residents and supplements the information contained in this Privacy Policy.

In the preceding 12 months, CryptoUnity has collected the categories of Personal Data described in Section 2 of this Policy.

We collect and use Personal Data for the business and commercial purposes described in Section 4.

We may disclose Personal Data to third parties as described in Section 5, including service providers, contractors, and independent third parties such as BitGo.

We do not sell Personal Data for monetary consideration.

However, certain disclosures may be considered “sharing” under California law.

California residents have the rights described in Section 9, including the right to request access, deletion, correction, and to opt out of sharing.

To exercise your rights, please contact us at: info@cryptounity.org

 

10. CORPORATE TRANSACTIONS

In the event of a merger, acquisition, reorganization, sale of assets, financing, or other corporate transaction, your Personal Data may be transferred to or shared with the relevant parties, including prospective or actual buyers, investors, lenders, or advisors, subject to appropriate confidentiality obligations.

If such a transaction results in a change of control or processing entity, your Personal Data may be transferred as part of that transaction. We will take reasonable steps to ensure that your Personal Data continues to be protected in accordance with this Privacy Policy.

11. THIRD-PARTY SERVICES

The Platform may integrate or provide access to third-party services, including but not limited to BitGo and other service providers.

These third parties may act as independent data controllers and process your Personal Data in accordance with their own privacy policies and legal obligations.

CryptoUnity does not control and is not responsible for the privacy practices, security, or data processing activities of such third parties. Users are encouraged to review the privacy policies of any third-party services they access.

 

12. AUTOMATED DECISION-MAKING

Certain processing activities may involve automated decision-making, including onboarding eligibility, fraud detection, and risk assessment, particularly where required for compliance with applicable laws and regulations.

Such processing may include profiling based on Personal Data to assess risk, detect suspicious activity, or prevent fraud.

Where required by applicable law, you may have the right to request human intervention, express your point of view, and contest decisions made solely through automated processing.

Appropriate safeguards are implemented to protect your rights in connection with such processing.

13. AMENDMENTS

CryptoUnity reserves the right to modify or update this Privacy Policy at any time.

Where required by applicable law, we will provide notice of material changes through appropriate means, such as email, in-app notifications, or updates on the Platform.

Any changes will become effective upon posting of the updated Privacy Policy, unless otherwise required by law.

Your continued use of the Platform after such changes constitutes your acceptance of the updated Privacy Policy.

 

14. DATA PROCESSING FRAMEWORK

CryptoUnity processes Personal Data in a structured and controlled manner, ensuring that processing activities are limited to what is reasonably necessary for the operation of the Platform and compliance with applicable laws.

Personal Data is processed for purposes including account creation, authentication, platform access, communication, analytics, onboarding, and service facilitation. This may include identification data, contact data, technical data, and transaction-related information.

The Platform enables access to services provided by third-party providers, including BitGo and other regulated entities. These providers operate independently and process Personal Data under their own legal and regulatory frameworks.

Where required for compliance with applicable laws, including anti-money laundering (AML) and other financial regulations, Personal Data may be shared with such third-party providers for identity verification, transaction monitoring, and related services.

CryptoUnity does not provide custody of digital assets and does not act as a regulated financial institution. Certain regulated services are performed exclusively by third-party providers acting as independent data controllers.

CryptoUnity may not have access to certain categories of Personal Data processed directly by such providers, including identity verification documentation, biometric data, or other compliance-related information.

We implement reasonable safeguards designed to ensure the confidentiality, integrity, and availability of Personal Data and require our service providers to maintain appropriate data protection standards under contractual obligations.

All processing activities are conducted in accordance with applicable data protection laws and this Privacy Policy.


15. DATA FLOW AND RESPONSIBILITIES

The provision of services through the Platform involves multiple independent parties, each with distinct roles and responsibilities in relation to Personal Data.

CryptoUnity operates the Platform interface and provides access to digital asset services. In this role, CryptoUnity collects certain Personal Data directly from users and may transmit such data to third-party providers where necessary to provide services and comply with legal obligations.

Third-party providers, including BitGo and other regulated entities, are responsible for performing certain services such as custody, transaction execution, identity verification, and compliance with financial regulations. These providers act as independent data controllers and process Personal Data in accordance with their own privacy policies and legal obligations.

Personal Data is initially provided by the user through the Platform and is processed by CryptoUnity for account creation, authentication, and Platform functionality.

Where required for onboarding, compliance, or transaction processing, Personal Data may be securely transmitted to third-party providers. Upon transmission, such providers process Personal Data independently for purposes including identity verification, compliance checks, transaction monitoring, and related services.

Certain categories of Personal Data may be collected directly by third-party providers or their partners, and may not be accessible to CryptoUnity.

CryptoUnity does not determine the purposes or means of processing carried out by such third-party providers and does not act as a processor on their behalf.

Users may enter into separate contractual relationships with third-party providers, and the processing of Personal Data by such providers is governed by their respective privacy policies and applicable laws.


16. RECORDS OF PROCESSING

CryptoUnity maintains internal records of its data processing activities as required by applicable laws and internal compliance standards.

Such records may include information about the categories of Personal Data processed, purposes of processing, categories of recipients, data retention practices, and security measures.

Personal Data is processed for purposes including:

• account registration, authentication, and account management;

• compliance with legal and regulatory obligations, including anti-money laundering (AML) and fraud prevention;

• platform security, monitoring, and protection against unauthorized access;

• communication with users, including customer support and complaint handling; and

• internal analytics and service improvement, subject to appropriate safeguards.

Processing activities are limited to what is reasonably necessary and proportionate to the purposes for which Personal Data is collected.

CryptoUnity regularly reviews its data processing practices to ensure alignment with applicable legal requirements and industry standards.

 

17. UPDATES TO THIS PRIVACY POLICY

We may update this Privacy Policy from time to time.

Where required by applicable law, we will notify you of material changes through appropriate means, such as email, in-app notifications, or updates on the Platform.

The most current version of this Privacy Policy will always be available on the Platform, along with the effective date of the latest update.

Your continued use of the Platform after any updates constitutes your acceptance of the revised Privacy Policy.

Effective date: 17.4.2026