Monni ApS takes processing of your personal data very seriously, and we comply with the relevant personal data legislation in order to ensure fair and transparent processing of personal data.
Civil reg. no.: 39653699
Nørrebrogade 47, 1.
2200 Copenhagen N
If you have any questions or concerns regarding our processing of your personal data, you are always welcome to contact us.
Collection of personal information via our website
We collect personal data about you that you have provided us with in connection with your purchase or sale of cryptocurrencies via our websites, as well as information about:
- your computer, such as browser type, operating system and IP address
- usage statistics, such as referral sites, length of visit, page views and website navigation
- location information
When you place an order, we collect the following information about you:
- Telephone number
- Crypto address
- Bank account information
- IP address
If you place an order on behalf of a company, we also collect the following information:
- Company name
- Company address
- Tax no. or CVR-no.
- Other contact information
Depending of the size of the transaction, we may also request and process the following information in order to verify your identity (please see below under “purpose of data processing”):
- Copy of your passport or other government issued ID , including social security number
- Proof of residency, such as utility bill or government issued ID clearly stating your address
- Historical and current financial information from both public sources and third parties
Purpose of processing personal data
We process your personal data for the following purposes:
- Registration of your personal information in order to complete the purchase or sale of cryptocurrencies via our website, Monni.com and the application app.Monni.com. It is your responsibility to ensure that data provided to us are correct and updated
- To verify your identity
- For us to comply with the Danish AML legislation, EU AMLD5 and any of FATF recommendations, including the travel rule
- To avoid fraud as well as comply with anti-money laundering and anti-terrorist practices
- Marketing of our products, including sending out newsletters via email, if we have obtained your explicit consent
The processing of your personal data is based on the following legal grounds:
- Your consent, according to the Data Protection Regulation (GDPR) article 6(1)(a),
- in order to fulfill our contract with you, cf. GDPR article 6(1)(b),
- in order to protect your or another data subject’s vital interests, cf. GDPR article 6(1)(d),
- under the consideration that the abovementioned purposes override your fundamental rights or freedoms, cf. GDPR, article 6(1)(f)).
How we process your personal data
We only collect, store and process personal data about you for the specific purposes mentioned above or for other lawful purposes that we are obligated to under applicable legislation.
We only process personal data about you which are relevant, sufficient and necessary for achieving the purposes mentioned above and we will minimize the processing of your personal data as much as possible, including the volume of processed personal data.
Storing of data
We delete your personal data when they are no longer necessary for achieving the purposes for which the data were collected, processed and stored. Your personal data is stored for a maximum of 5 years in accordance with good anti-money laundering practices and legislation.
We do not disclose your personal data to third parties, unless you specifically give your consent to this. However, we will not obtain your consent if we are obligated to disclose your personal data by request from a public authority, and we will cooperate with relevant authorities, including the police, and present them with the necessary information.
In charge-back matters or in cases of suspected fraud we may disclose your information, including a copy of your passport of driver’s license to our credit card partners. This is done to protect your or another data subject’s vital interests. These parties may include: Our banking partner, principal members of the Visa and Mastercard networks (acquirers) and organisations that holds financial licenses in general.
In connection with the processing of your personal data, we use the following data processors:
– Google Inc.
– Twillio Inc.
– BitGo Inc.
– Chainalysis Inc.
– Digital Ocean Inc.
– Blocktech IVS
Transfer of data outside the EU/EEA
We will in certain situations in connection with our processing of personal data transfer your personal data to recipients in India, which are considered by the EU-commission to be unsafe third countries.
The appropriate safe guards may be provided for by either that the relevant data processor has agreed to comply with the standard data protection clauses adopted by the EU-commission.
If you wish to use any of the rights that are described below, you are welcome to contact us via the contact information provided under “contact info”, or to submit your application via the following link: https://Monni.com/DataProtectionApplication.
We will process and respond to your inquiry as quickly as possible and at the latest within a month after receiving your request, unless the complexity and extent of you request makes it impossible for us to reply within a month. If that is the case, it may take us up to three months to reply to your request.
You are entitled to gain access to the personal data, we processes about you (GDPR art. 15). Your access may be limited due to our protection of trade secrets or intellectual property rights.
Rectification or erasure
If you believe the data we process about you are incorrect, you are entitled to rectification or deletion of inaccurate personal data (GDPR art. 16 and 17). If we agree with you, we will delete or correct your information as soon as possible.
Rectification or deletion of personal data will not take place if we are legally obligated to store all or parts of your personal data, or if it is necessary to store the personal data in order for a legal claim to be established or defended. In that case, we will only store the data, are legally obligated or entitled to store and will delete all other personal data about you.
Withdrawal of consent
You may withdraw your consent to our processing of your personal data partly or wholly at any time, according to the GDPR article 7. Withdrawal of your consent does not affect the legality of our processing of your personal date done prior to the withdrawal.
At any point in time, you are entitled to object to our processing of your personal data, if the processing is based on GDPR article 6(1)(e) or (f). You may also object if your data is processed with the purpose of sending direct marketing to you (GDPR art. 21). We will not send you marketing via email unless we have obtained your explicit consent.
You are entitled to restrict our processing of your personal data in the following circumstances (GDPR art. 18):
- While we process an objection from you regarding the accuracy of the personal data we process about you, or regarding the lawfulness of our processing. The restriction applies until we have finalized our processing of your complaint.
- If our processing is illegal, but you do not wish that your data are erased, only that the processing is restricted.
When we process your personal data based on your consent or a contract and the processing is automatic, you have the right to data portability. The right to data portability means that you have a right to receive the personal data concerning you, which have informed us of, in a structured, commonly used and machine-readable format, which you have the right to transmit to another data controller (GDPR art. 20).
You are entitled to complain
You are entitled to complain to the Danish Data Protection Agency about our processing of your personal data.
You can contact the Danish Data Protection Agency here:
Borgergade 28, 5
1300 København K
Tel.: +45 33193200