Esta traducción en español se expide por razones de conveniencia. En caso de conflicto entre las versiones en ambos idiomas, prevalecerá la redactada en inglés
Última actualización: 3 de marzo de 2023
En Coinbase (las entidades de Coinbase enumeradas en la Sección 11 situada más adelante, denominadas en el presente documento «nosotros», «nos» o «nuestro») respetamos y protegemos la privacidad de quienes usan y acceden a nuestros Servicios («Usuarios») y Usuarios («usted» y «su»), y de quienes exploran nuestros servicios («Usuarios»).
Esta política de privacidad describe cómo recopilamos y compartimos la información personal cuando usted explora, crea una cuenta o accede a nuestros «Servicios», que incluyen los servicios que se ofrecen en nuestros sitios web, como coinbase.com, coinbase.com/exchange, coinbase.com/prime, custody.coinbase.com y coinbase.com/cloud (cada «Sitio web» y, en conjunto, los «Sitios web»), o cuando usted utiliza la aplicación para dispositivos móviles de Coinbase, la Coinbase Card App, Coinbase Exchange, Coinbase Prime, Dapp Wallet o la interfaz de programación de aplicaciones Coinbase Custody («API») o aplicaciones de terceros que dependen de esas API (en conjunto, nuestras «Aplicaciones») y servicios relacionados.
Si usted reside fuera del Reino Unido y del Espacio Económico Europeo (el «EEE»), usted acepta esta política de privacidad y sus condiciones al acceder y utilizar nuestros Servicios.
Es importante que entienda cómo utilizamos sus datos. Debe leer esta página en su totalidad, aunque le mostramos más abajo los aspectos más destacados y algunos enlaces útiles:
Nuestro objetivo es simplificar su experiencia con las criptomonedas. Si no desea que se recopilen, se utilicen y se divulguen sus datos personales como se describe en esta política de privacidad o tiene menos de 18 años de edad, debe dejar de acceder a nuestros Servicios.
Recopilamos y utilizamos sus datos para ofrecer y mejorar nuestros Servicios y su experiencia, proteger la seguridad y la integridad de nuestra plataforma y cumplir con nuestras obligaciones legales.
Para obtener más información, consulte la Sección 1. Qué datos recopilamosy la Sección 2. Cómo utilizamos sus datos
Compartimos sus datos con otras empresas de Coinbase, además de con terceros y proveedores de servicios de confianza, con el fin de ofrecer nuestros Servicios y cumplir con los requisitos legales.
Para obtener más información, consulte la Sección 3. Cómo y por qué compartimos sus datos.
Le ofrecemos herramientas de privacidad para que solicite el acceso o la supresión de los datos que tenemos sobre usted, puede utilizar estas herramientas entrando en su Panel de derechos de privacidad. En función de su lugar de residencia, también puede tener otros derechos de privacidad en virtud de la ley.
Si tiene alguna pregunta, contacte con nosotros a través de nuestro portal de asistencia o por correo electrónico, escribiéndonos a dpo@coinbase.com. Para obtener más información, consulte la Sección 9. Cómo contactarnos si tiene alguna pregunta.
We collect the following personal information and documentation:
Information You Provide to Us
Information Collected Automatically
Information we obtain from Affiliates and third parties
We use your personal information to deliver, personalize, operate, improve, create, and develop our Services, to provide you with a secure, smooth, efficient and customized experience as you use them, and for legal compliance, loss prevention, and anti-fraud purposes. Learn more about how we use your personal information and our legal basis for each such data use:
Data use necessary to perform our contract with you
Data use to comply with our legal obligations
Data use for our Legitimate Interests
Data use based on your consent
Data use to protect your or others’ vital interests
We work with service providers, partners and other third parties to help us provide our Services, and as a result we need to share certain information with these third parties. Here’s how:
Affiliates
Linked Third Party Websites
TRUST
Professional advisors, industry partners, authorities and regulators
Asset Transfer or Company Acquisition
Third-Party Service Providers
We retain your information as needed to provide our Services, comply with legal obligations, or protect our or others’ interests. While retention requirements vary by country, we maintain internal retention policies on the basis of how information needs to be used. This includes considerations such as when the information was collected or created, whether it is necessary in order to continue offering you our Services, whether we are required to hold the information to comply with our legal obligations, including AML/KYC compliance or other financial regulatory obligations, or information preservation requirements. We also keep certain information where necessary to protect the safety, security and integrity of our Services, Customers, and Users. Our third-party electronic identity verification providers collect and retain biometric information for the period required for financial regulatory compliance or otherwise as required by applicable law. They retain this information for as long as set out in their applicable notices/policies. In line with these considerations, we delete information that is no longer needed for the above purposes when you close your account, or when you request deletion of your information (which you can initiate through your Privacy Rights Dashboard).
The Sites and Services are not directed to persons under the age of 18, and we do not knowingly request or collect any information about persons under the age of 18. If you are under the age of 18, please do not provide any personal information through the Sites or Services. If a User or Customer submitting personal information is suspected of being younger than 18 years of age, Coinbase will require the relevant Customer or User to close his or her account, and will take steps to delete the individual’s information as soon as possible.
To facilitate our global operations, Coinbase, its Affiliates, third-party partners, and service providers may transfer, store, and process your personal information throughout the world, including Ireland, Germany, Singapore, the UK, the US, and the Philippines. See here for more information.
If you reside in the EEA, Switzerland, or the United Kingdom, we rely upon a variety of legal mechanisms to facilitate these transfers of your personal information (collectively, “European Personal Data”).
We rely primarily on the European Commission’s Standard Contractual Clauses to facilitate the international and onward transfer of European Personal Data to third countries, including from our EU operating entities to Coinbase, Inc. in the United States. For a copy of the Standard Contractual Clauses, please contact dpo@coinbase.com.
In addition, we may rely on certain exemptions provided for under data protection law for our international transfers. We also rely on adequacy decisions from the European Commission where available and exemptions provided for under data protection law. For example, because Coinbase operates and provides its Services globally, we need to share information with our Affiliates and to data centers outside the EEA in order to develop, offer, and improve our Services (Article 49(1)(b) GDPR). In addition, we may rely on certain exemptions for sharing personal information with law enforcement outside of the EEA in emergency situations (Article 49(1)(f) GDPR).
EU-US, UK-US, and Swiss-US Data Privacy Framework
Coinbase complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (together referred to as the “Data Privacy Frameworks”) and the DPF Principles as set forth by the U.S. Department of Commerce. Coinbase has certified to the U.S. Department of Commerce that it adheres to:
the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF;
the UK-U.S. Data Privacy Framework Principles (EU-UK DPF Principles) with regard to the processing of personal data received from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF; and
the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.
In the context of an onward transfer, Coinbase has responsibility for the processing of personal data it receives under the DPF and subsequently transfers to a third party acting as a service provider, partner and/or other third party to help us provide our Services on our behalf (as described in Section 4 of this policy). Coinbase remains liable under the DPF if any such third party processes personal data in a manner inconsistent with the DPF, unless Coinbase can prove that we are not responsible for the event giving rise to the damage. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, visit https://www.dataprivacyframework.gov
In compliance with the Data Privacy Frameworks, Coinbase commits to resolve all DPF Principles-related complaints about our collection and use of your personal information. EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the relevant Data Privacy Frameworks should first contact Coinbase at: dpo@coinbase.com
For unresolved complaints concerning our handling of personal information in reliance on the Data Privacy Frameworks, Coinbase is a member of and relies upon the ICDR-AAA services for the Data Privacy Framework Program, see here https://go.adr.org/dpf_irm.html, which may involve, under certain conditions, binding arbitration.
The Federal Trade Commission has jurisdiction over Coinbase’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).
Depending on where you live, you may be able to exercise certain privacy rights related to your personal information. For any of your privacy rights and choices referenced below, requests relating to your personal information can be made by logging into your account and going to your Privacy Rights Dashboard or by submitting a request via our Support Portal or at dpo@coinbase.com. If any of the rights listed below are not provided under law for your operating entity or jurisdiction, Coinbase has absolute discretion in providing you with these rights.
Right to access and portability:
You may request that we provide you a copy of your personal information held by us through your Privacy Rights Dashboard, or by submitting a request via our Support Portal.
Right to rectification:
You may request us to rectify or update any of your personal information held by Coinbase that is incomplete or inaccurate by logging in to your account and clicking the Profile or My Account tab.
Right to deletion/erasure:
You may request to erase your personal information, subject to applicable law. If you close your Coinbase Account, we will retain or delete information associated with your account as described in Section 4. How Long We Keep Your Personal Information.
Right to withdraw your consent:
To the extent the processing of your personal information is based on your consent, you may withdraw your consent at any time. The lawfulness of Coinbase’s processing before you withdraw your consent will not be affected by such withdrawal.
Right to object to or restrict processing:
You may have the right to restrict or object to us using or transferring your personal information based on our legitimate interests, in the public interest, or for direct marketing. We may continue to process your personal information where permitted or required by applicable law. You can opt-out of receiving marketing communications from Coinbase through your account settings or by submitting a request via our Support Portal.
Right to non-discrimination: We will not discriminate against you for exercising any of your rights provided to you under law.
Right to lodge a complaint:
If you reside in the EEA, Switzerland, or the UK, you have the right to lodge a complaint about our practices with respect to your personal information with the supervisory authority of your country or state. In the UK, the relevant data protection authority is the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, +44 (0303) 123 1113, email: casework@ico.org.uk. In Ireland, the relevant data protection authority is the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, +353 017650100 / + 353 1800437737, email: info@dataprotection.ie or by using the following online form: Forms for Data Protection.
If you reside in Australia or the Philippines, you may lodge a complaint about our practices with respect to your personal information with the supervisory authority of your country. In Australia, the relevant data protection authority is the Office of the Australian Information Commissioner, and complaints may be made through their website at www.oaic.gov.au. In the Philippines, the relevant data protection authority is the National Privacy Commission, email: complaints@privacy.gov.ph.
To protect your privacy and security, we may take steps to verify your identity before complying with your request and we may decline your request if we are unable to verify your identity.
Under certain US data privacy laws, as well as in Brazil, you may also designate an authorized agent to make these requests on your behalf.
These rights are not absolute, and may be denied: (a) when granting access or assisting portability would adversely affect the rights and freedoms of others; (b) to protect our rights and properties; (c) where the request is frivolous or vexatious; or (d) as otherwise permitted by law.
If you are a United States Resident, you can learn more about how we use your information and your privacy rights by reviewing our United States Privacy Notice. Any terms defined in the California Consumer Privacy Act (as amended) (“CCPA”) have the same meaning when used in the US Privacy Notice.
If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, please contact us on our Support Portal, at dpo@coinbase.com, or by writing to us at the address of your Coinbase service provider (provided in Section 11. Our Relationship With You below).
We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. We post any changes we make to our Privacy Policy on this page and, where appropriate, we will provide you with reasonable notice of any material changes before they take effect or as otherwise required by law. The date the Privacy Policy was last updated is identified at the top of this page.
We may provide additional "just-in-time" disclosures or information about how we collect or use your information in the context of specific Services; these in-product notices may supplement or clarify our privacy practices or may provide you with additional choices about how we use your information.
If you reside in the EEA or Switzerland, Coinbase Ireland Limited, Coinbase Europe Limited and Coinbase Germany GmbH act as joint controllers in respect of your personal information. Coinbase Ireland Limited is the joint controller with primary responsibility for your personal information, including with respect to providing you with information and responding to any requests you may make under the GDPR. Please see more about how you can exercise your rights under the GDPR through our Privacy Rights Dashboard.
CONSUMER/INSTITUTIONAL SERVICES
DEVELOPER SERVICES