1
PRIVACY AND COOKIES POLICY
Tangem AG (“Tangem”, "us", "we", or "our"), a company organized and existing under the
laws of Switzerland, operates the “tangem.com” and the “https://tangem.com” websites
and the Tangem mobile applications ("Services").
This Privacy Policy (the “Privacy Policy”) is applicable between you as user of our Services (“you”,
“User”) and us as operator of the Services. This Privacy Policy applies to the use of any Personal
Data we collect or that you provide to us in connection with your use of the Service.
The purpose of this Privacy Policy is to inform you how your Personal Data is collected, processed,
used, and disclosed when you use our Services.
We can assure you that we comply with the European General Data Protection Regulation (“GDPR”)
and any other applicable laws and regulations and that we process your personal data lawfully,
fairly and transparently.
We use your data to provide and improve our Services. By using the Services, you agree to the
collection and use of Personal Data in accordance with this Privacy Policy.
DEFINITIONS
SERVICES
Service means the tangem.com website and the Tangem mobile applications operated by
Tangem.
PARTNER SERVICE
Partner Service means a service or feature offered by a third-party partner directly to users of the
Services.
PERSONAL DATA
Personal Data means all information making you directly or indirectly identifiable (e.g. your
name, first name, address, phone number or email address but also the IP address of your
computer, for example, or the information relating to your browsing of our Website).
DEVICE INFORMATION
Device Information means Personal Data collected automatically, either generated by the use of
the Services or from the Services’ infrastructure itself (for example, the duration of a website visit).
DATA CONTROLLER
Data Controller means the natural or legal person determines the purposes for which and the
manner in which any personal information are, or are to be, processed. For the purpose of this
Privacy Policy, we are a Data Controller of your Personal Data.
DATA PROCESSORS
Data Processor means any natural or legal person who processes the data on behalf of the Data
Controller. We may use the services of various Partner Service in order to process your data more
effectively as stated in this Privacy Policy.
2
RESPONSIBLE PERSON / REPRESENTATIVE IN THE EU
Responsible Person for the Personal Data collected is Patrick Storchenegger (“Responsible
Person”). For any matters relating to data protection you may contact Patrick Storchenegger by
letter to the following address:
Tangem AG, Baarerstrasse 10, 6300 Zug, Switzerland
Representative in the EU according to article 27 of GDPR is: Patrick Storchenegger.
DATA WE COLLECT
We collect several different types of Personal Data for various purposes described in this
Privacy Policy.
PERSONAL DATA YOU PROVIDE US
If you sign up for our newsletter or product deck or chat with us through our Services, you
will be asked to provide the following and you may provide it:
name
email address
When you make a purchase or attempt to make a purchase through our Services, a Partner
Service may ask you to provide Personal Data including, but not limited to, the following:
name;
billing address;
shipping address;
email address;
payment information (including credit card number);
phone number;
identity document (for top-up and withdrawal services only);
username and password used for the Services;
information about orders; and
any other information you provide to us.
If provided, your email address may be used to contact you with newsletters, marketing or
promotional materials, and other information that may be of interest to you. You may opt out of
receiving any, or all, of these communications from us by following the unsubscribe link or
instructions provided in any email we send or by contacting us.
PERSONAL DATA COLLECTED AUTOMATICALLY LIKE DEVICE INFORMATION / WEBSITE
COOKIES / GOOGLE ANALYTICS
When you use the Services, we may automatically collect certain information that your browser
sends, including information about your computer's Internet Protocol address (e.g. IP address),
browser type, browser version, the pages of our Services that you visit, the time and date of your
visit, the time spent on those pages, unique device identifiers, and other diagnostic data.
When you access the Services by or through a mobile device, we may automatically collect
information such as the type of mobile device you use, your mobile device unique ID, the IP
address of your mobile device, your mobile operating system, the type of mobile Internet browser
you use, unique device identifiers and other diagnostic data.
3
Additionally, we collect information about the individual web pages or products that you view, what
sites or search terms referred you to the Services, and information about how you interact with
the Services. We refer to this type of data as “Tracking Cookies Data”.
We collect Device Information and Tracking Cookies Data using the following technologies:
- “Cookies”. Cookies are files with small amount of data which may include an anonymous
unique identifier. Cookies are sent to your browser from a website and stored on your device.
You can instruct your browser to refuse all cookies or to indicate when a cookie is being sent.
For more information about cookies, and how to disable cookies, visit
http://www.allaboutcookies.org.
Two types of cookies may be used on the Website - "session cookies" and "persistent cookies".
Session cookies are temporary cookies that remain on your device until you leave the
Services. A persistent cookie remains on your device for much longer or until you manually
delete it (how long the cookie remains on your device will depend on the duration or "lifetime"
of the specific cookie and your browser settings).
We collect “Necessary Cookies” and “Performance Cookies” which do not identify you as an
individual.
If you do not agree to our use of Cookies, you should set your browser settings accordingly
or not use our Services. By continuing to use our Services without changing your settings,
you are agreeing to our use of Cookies and the terms with regard to Cookies of this Privacy
Policy. - “Log files”. Log files track actions occurring in the Services, and collect data including your IP
address, browser type, Internet service provider, referring/exit pages, and date/time stamps. - “Web beacons”, “tags”, and “pixels” are electronic files used to record information about how you
browse the Services. - “Google Analytics”. Google Analytics is a web analytics service offered by Google Inc. that
tracks and reports website traffic (such as navigation path, length of stay, returning or new
user, end device). Google uses the data collected to track and monitor the use of our Services.
This data is shared with other Google services. Google may use the collected data to
contextualize and personalize the ads of its own advertising network. We do not use the
information and personal data collected by Google Analytics to identify individuals unless we
become aware of specific indications of illegal use. For more information on the privacy practices
of Google, please visit the Google Privacy Terms web page:
http://www.google.com/intl/en/policies/privacy/. We also encourage you to review the
Google's policy for safeguarding your data:
https://support.google.com/analytics/answer/6004245. You can also opt-out of Google
Analytics here: https://tools.google.com/dlpage/gaoptout. By continuing to use our Services
without opting out to Google Analytics, you are agreeing to the collection of data by Google
Analytics. - “Firebase”. Firebase is analytics service for mobile applications, provided by Google Inc. You
may opt-out of certain Firebase features by following the instructions provided by Google in
their Privacy Policy: http://www.google.com/intl/en/policies/privacy/. For more information
on what type of information Firebase collects, please visit the Google Privacy Terms web
page: http://www.google.com/intl/en/policies/privacy/.
PURPOSE OF THE COLLECTION OF PERSONAL DATA
Tangem uses the Personal Data you provided to us for the following purposes: - To fulfill and deliver any purchase orders placed through the Services;
- To screen the purchase orders for potential risk or fraud;
- To deliver our products and / or provide the Services;
- To allow you to participate in interactive features of our Services when you choose to do so;
- To provide customer support;
4 - To process invoices payments and transaction history;
- To manage unpaid bills and claims;
- To provide you with news, special offers and general information about other goods, services
and events which we offer that are similar to those that you have already purchased or
enquired about unless you have opted not to receive such information.
Tangem uses the Personal Data collected automatically like Device Information and Tracking
Cookies Data for the following purposes: - To enable the use of our Services;
- To gather analysis or valuable information so that we can improve our Services and offer you
more enjoyable and efficient experience; - To monitor the usage of our Services;
- To detect, prevent and address technical issues;
- For internal statistical purposes.
LEGAL BASIS FOR PROCESSING PERSONAL DATA UNDER GENERAL DATA PROTECTION
REGULATION (GDPR)
Tangem’s legal basis according to the GDPR for collecting and using the personal Data
described in this Privacy Policy depends on the Personal Data we collect and the specific
context in which we collect it.
Tangem may process your Personal Data because:
We need to perform a contract with you (fulfillment of an agreement in accordance
with Art. 6 Par. 1 lit. b of GDPR),
You have given us permission to do so (consent in accordance with Art. 6 Par. 1 lit. a
of GDPR),
The processing is in our legitimate interests and is not overridden by your rights
(legitimate interest in the processing of Data in the sense of Art. 6 Par. 1 lit. f. of
GDPR),
It is required to comply with a legal obligation (Art. 6 Par. 1 lit. c of GDPR).
RETENTION OF DATA
The retention period of Personal Data processed by Tangem may vary depending on common
practice, and considered in accordance with the legal obligations and the applicable limitation
rules. In any way, Tangem will process and store the Personal Data only for the period
necessary to achieve the purpose of storage or as far as this is granted by the applicable laws
or regulations.
If the storage purpose is not applicable anymore, or if the storage period prescribed by the
applicable laws and regulations expires, the Personal Data is routinely erased in accordance
with legal requirements.
TRANSFER OF DATA
Your data, including Personal Data, may be transferred to — and maintained on — computers
located outside of your state, province, country or other governmental jurisdiction where the
data protection laws may differ than those from your jurisdiction.
Your consent to this Privacy Policy followed by your submission of such information represents
your agreement to that transfer.
Tangem will take all steps reasonably necessary to ensure that your data is treated securely
and in accordance with this Privacy Policy and no transfer of your Personal Data will take place
5
to an organization or a country unless there are adequate controls in place including the
security of your data and other personal information.
DATA DISCLOSURE
We do not sell, lease, rent, or otherwise disclose your Personal Data to third parties except to the
technical and logistic service provider of our Website and to suppliers, who are contractually bound
to confidentiality, such as outsourcing service providers, logistics, storage providers, marketing
and communication providers. When we do so we take steps to ensure they meet our data security
standards, so that your Personal Data remains secure.
Tangem may further disclose your Personal Data in the good faith belief that such action is
necessary to:
To comply with a legal obligation;
To protect and defend the rights or property of Tangem;
To prevent or investigate possible wrongdoing in connection with the Services;
To protect the personal safety of users of the Services or the public;
To protect against legal liability.
The transfer of data is for purpose of providing and maintaining the functionality of our
Website. This is our legitimate interest in the sense of Art. 6 Par.1 lit. b and lit f of GDPR.
If you pay by credit card through the website, we forward your credit card information to the
credit card issuer and the credit card acquirer. If you choose to pay by credit card, you will
be asked to provide all the necessary information. The legal basis for passing on the data lies
in the fulfilment of an agreement in the sense of Art. 6 Par. Lit. b GDPR.
We transmit your Personal Data only to such our employees who are authorized to process
them as part of their duties.
All Personal Data used by these third parties is solely used for the purposes of the services
provided at your request. Any use for other purposes is strictly prohibited. In addition, any
Personal Data processed by third parties will be in accordance with the terms of this Privacy
Policy and in compliance with the GDPR and any other applicable laws and regulations. The
third party providers we use will only collect and use your information to the extent necessary
to enable them to perform the services they provide to us.
If the level of data protection in a country where a service provider is located does not
correspond to the European data protection level, we contractually ensure that the protection
of your personal data corresponds to that in the EU at all times by concluding agreements
using the standard contractual clauses complying with the GDPR.
SECURITY OF DATA
The security of your data is important to us, but remember that no method of transmission
over the Internet, or method of electronic storage is 100% secure. While we guarantee to use
commercially acceptable means to protect your Personal Data in accordance with the GDPR
and other applicable laws and regulations, we cannot guarantee the absolute security and
accept no liability of the transmission of your Personal Data through our Services.
We also periodically review and adjust security safeguards as the threat landscape evolves.
Ultimately no security system is impenetrable, and we cannot guarantee the security of our
systems 100%. In the event that any information under our control is compromised as a
result of a breach of security, our policy is to take reasonable steps to investigate the situation
and, where appropriate, communicate with affected individuals.
SERVICE PROVIDERS
6
We may engage the below mentioned Partner Service providers to facilitate our Services, to
provide the Services on our behalf, to perform Services’ related services or to assist us in
analyzing how our Service is used.
These Partner Services have access to your Personal Data only to perform these tasks on our
behalf and are obligated not to disclose or use it for any other purpose.
We use Moonpay to provide you with the on-ramp and off-ramp services - you can read
more about how Moonpay uses your Personal Data here: https://www.moonpay.com/
privacy_policy.
You can read more about how Google uses your Personal Data here:
https://www.google.com/intl/en/policies/privacy/.
As described above, we use your Personal Data to provide you with targeted advertisements or
marketing communications we believe may be of interest to you. For more information about how
targeted advertising works, you can visit the Network Advertising Initiative’s (“NAI”) educational
page at http://www.networkadvertising.org/understanding-online-advertising/how-does-it-work.
You can opt out of targeted advertising by using the links below: - Facebook: https://www.facebook.com/settings/?tab=ads
- Google: https://www.google.com/settings/ads/anonymous
Additionally, you can opt out of some of these services by visiting the Digital Advertising Alliance’s
opt-out portal at: http://optout.aboutads.info/.
By continuing to use our Services without opting out as described above, you are agreeing to the
collection of data by the mentioned Partner Service providers.
DO NOT TRACK
Please note that we do not alter our Service’s data collection and use practices when we see a Do
Not Track (“DNT”) signal from your browser.
Our third party partners, such as web analytics companies, may collect information about you and
your online activities over time and across our Services and other online properties. These third
parties may not change their tracking practices in response to DNT settings in your web browser
and we do not obligate these parties to honor DNT settings.
YOUR DATA PROTECTION RIGHTS UNDER GENERAL DATA PROTECTION REGULATION
(GDPR)
Depending on your jurisdiction you may have certain data protection rights. Tangem aims to take
reasonable steps to allow you to correct, amend, delete, or limit the use of your Personal Data.
If you wish to be informed what Personal Data we hold about you and if you want it to be removed
from our systems, please contact the Responsible Person as stated in this Privacy Policy.
In certain circumstances, you have the following data protection rights:
The right to access, update or to delete the information we have on you. If you would like
to exercise this right, please contact us through the contact information below.
The right of rectification. You have the right to have your information rectified if that
information is inaccurate or incomplete.
The right to object. You have the right to object to our processing of your Personal Data.
The right of restriction. You have the right to request that we restrict the processing of
your Personal Data.
The right to data portability. You have the right to be provided with a copy of the
information we have on you in a structured, machine-readable and commonly used format.
7
The right to withdraw consent. You also have the right to withdraw your consent at any
time where Tangem relied on your consent to process your Personal Data. Please note that
we may ask you to verify your identity before responding to such requests.
You have the right to complain to a Data Protection Authority about our collection and use
of your Personal Data.
CUSTOMERS FROM CALIFORNIA
California law provides California customers with specific rights with regard to the collection, sale,
and disclosure of their Personal Data. If you are a California resident, you have the following rights:
The right to request that we delete any Personal Data about you which we have collected from
you. Nevertheless, we will not be required to comply with your request to delete your Personal
Data if it is necessary for us to maintain your Personal Data for the reasons provided under
California Civil Code Section 1798.105(d).
The right to request that we disclose to you the following:
(1) The categories of Personal Data we have collected about you;
(2) The categories of sources from which your Personal Data is collected;
(3) The business or commercial purpose for collecting or selling your Personal Data;
(4) The categories of third parties with whom the business shares your Personal Data; and
(5) The specific pieces of Personal Data we have collected about you.
The right not to be discriminated against because you have exercised any of your rights under
the CCPA.
We do not sell your Personal Data or collect data to facilitate or enable third parties to advertise
to you.
LINKS
The activation of certain links in the Services may cause you to leave the Services. Tangem does
not review any of these linked websites and does not warrant or guarantee, either expressly or
implicitly, the quality, pertinence, accuracy, completeness, update status, availability or legality of
the content of these sites, nor will it be in any way responsible for the products, services,
information and other content offered via these linked sites or the processing of your Personal
Data through these websites. The same applies to websites offering links to the Services.
Furthermore, prior written approval must always be obtained before a link from an external
website or mobile application to Services can be created. We advise you to read the privacy policy
applicable to such other websites before using them.
MINORS
You must be at least eighteen (18) years of age to register with and use the Services. This Service
is not directed to children under 18. We do not intend to collect Personal Data from children under
18.
CONTACT US
For more information about our privacy practices, if you have questions, or if you would like to
make a complaint, please contact us by e‑mail at store@tangem.com or by mail using the details
provided below:
Tangem AG
Re: Privacy Compliance
Baarerstrasse 10, Zug CH-6300, Switzerland
8
CHANGES TO THE PRIVACY POLICY
From time to time we may change this Privacy Policy in order to reflect, for example, changes
to our practices or for other operational, legal or regulatory reasons. You can tell when changes
have been made to the Privacy Policy by referring to the “Last Updated” legend at the top of
this page. If we materially change the ways in which we use and disclose personal data, we
will post a notice in the Services and send an email to our registered users. Your continued
use of the Services following any changes to this Privacy Policy constitutes your acceptance
of any such changes made.
LAST UPDATED: [June 27, 2022]