Last updated: 06 November 2024
Binance (âBinanceâ, âweâ, or âusâ) is committed to protecting the privacy of our customers, and we take our data protection responsibilities with the utmost seriousness.
This Privacy Notice describes how Binance collects and processes your personal data through the Binance websites and applications that are referenced in this Privacy Notice. Binance refers to an ecosystem comprising Binance websites (whose domain names include but are not limited to www.binance.com/en), mobile applications, clients, applets and other applications that are developed to offer Binance Services, and includes independently-operated platforms, websites and clients within the ecosystem (e.g., Binanceâs Open Platform, Binance Launchpad, Binance Labs, Binance Charity, Binance DEX, Binance X, JEX, and fiat gateways).Â
This Privacy Notice applies to all Personal data processing activities carried out by us, across platforms, websites, and departments of Binance.
To the extent that you are a customer or user of our services, this Privacy Notice applies together with any terms of business and other contractual documents, including but not limited to any agreements we may have with you.
To the extent that you are not a relevant stakeholder, customer, or user of our services, but are using our website, this Privacy Notice also applies to you together with our Cookie Notice.
This Notice should therefore be read together with our Cookie Notice, which provides further details on our use of cookies on the website. Our Cookie Notice can be accessed here.
1. Binance Relationship with you
The Binance group is made up of different legal entities. In this regard, the controller of your personal data is the legal entity that determines the "means" and the "purposes" of any processing activities that it carries out.Â
For global users, i.e. users that are not registered with a local regulated exchange, Nest Services Limited (a company incorporated under the laws of the Republic of Seychelles with registration number 238045 and address at House of Francis, Room 303, Ile Du Port, Mahe, Seychelles) is your operating entity and data controller, as of 31 August 2023.
For users within the European Economic Area and Switzerland that are registered with a local regulated exchange, your data controller is that entity, joint with Binance (Services) Holdings Limited (âBSHLâ) (a company incorporated under the laws of Ireland with registration number 704568 and address at 6th Floor, South Bank House, Barrow Street, Dublin 4).Â
For users outside the European Economic Area and Switzerland that are registered with a local regulated exchange, that exchange is your operating entity and your data controller.
For United Kingdom users, your operating entity is Nest Services Limited.
For users within the European Economic Area and Switzerland (excluding the countries referenced in the table above), Nest Services Limited is your operating entity and Nest Services Limited is a joint controller with BSHL. BSHL has primary responsibility for your personal data.
Binance companies may share your personal data with each other and if they do so, they will use it consistently with this Privacy Notice.
2. What Personal Data does Binance collect and process?
Personal data is data that identifies an individual or relates to an identifiable individual. This includes information you provide to us, information which is collected about you automatically, and information we obtain from third parties.
Information you provide to us. To open an account and access our services, we'll ask you to provide us with some information about yourself. This information is either required by law (e.g., to verify your identity and comply with âKnow Your Customerâ obligations), necessary to provide the requested services (e.g., you will need to provide your email address in order to open your account), or is relevant for certain specified purposes, described in greater detail below. In some cases, if we add services and features you may be asked to provide us with additional information.
Failure in providing the data required implies that Binance will not be able to offer you our services.
We may collect the following types of information from you:
Information we collect from you automatically. To the extent permitted under the applicable law, we may collect certain types of information automatically, for example whenever you interact with us or use the services. This information helps us address customer support issues, improve the performance of our sites and services, maintain and or improve your user experience, and protect your account from fraud by detecting unauthorized access.   Â
Â
Information collected automatically includes:
Information we collect from our affiliates and third parties.
From time to time, we may obtain information about you from our affiliates or third party sources such as KYC vendors as required or permitted by applicable law.
3. Why does Binance process my personal data? Which legal bases are we relying on for our collection and processing of your personal data?
Our primary purpose in collecting personal data is to provide our services in a secure, efficient, and smooth way. We generally use your personal data to deliver, provide, operate, our services, and for content and advertising, and for loss prevention and anti-fraud purposes. Below youâll find an explanation on how we use Automated individual decision-making, including profiling. Binance does not rely solely on automated tools to help determine whether a transaction or a customer account presents a fraud or legal risk.
4.Can Children Use Binance Services?
Binance does not allow anyone under the age of 18 to use Binance Services and we do not knowingly request or collect any information about persons under the age of 18. If you are under the age of 18, please do not provide any personal information to Binance Services.
If a User or Customer submitting personal information is suspected of being younger than 18 years of age, Binance will require the relevant Customer or User to close his or her account, and will take steps to delete the individualâs information as soon as possible.   Â
5. What About Cookies and Other Identifiers?
We use cookies and similar tools to enhance your user experience, provide our services, enhance our marketing efforts and understand how customers use our services so we can make improvements. Depending on applicable laws in the region you are located in, the cookie banner on your browser will tell you how to accept or refuse cookies. A copy of our cookie policy is available here.   Â
6. How and Why We Share Your Personal Data?
We may share your Personal Data with third parties (including other Binance entities) if we believe that sharing your Personal Data is in accordance with, or required by, any contractual relationship with you (including Binance Terms & Conditions) or us, applicable law, regulation or legal process. When sharing your Personal Data with other Binance entities, we will use our best endeavours to ensure that such entities are either subject to this Privacy Notice, or follow practices at least as protective as those described in this Privacy Notice. For example, depending on where you reside and the entity responsible for running KYC checks. For more information please refer to Section 1.
We may also share personal data with the following persons or in the following circumstances:
Affiliates: Personal data that we process and collect may be transferred between Binance companies as a normal part of conducting business and offering our Services to you. See Section 1 âBinance Relationship with youâ and Section 2. âWhat Personal Data does Binance collect and process?â.
Third parties: We employ other companies and individuals to perform functions on our behalf. Examples include analysing data, providing marketing assistance, processing payments, transmitting content, and assessing and managing credit risk, CTF/AML service providers (for the purposes of transaction monitoring), security service providers (for investigating fraud and security incidents). The third-party service providers only have access to personal information needed to perform their functions but may not use it for other purposes. Further, they must process the personal information in accordance with our contractual agreements and only as permitted by applicable data protection laws. In accordance with and as far as provided by applicable law, your personal data may also be shared by third parties (i.e. another data controller) upon exercising your right to data portability. Please refer to Section 10 for more information on data portability. When you use third-party services (like when you connect your Binance account with your bank account) or websites that are linked through our Services, the providers of those services or products may receive information about you that Binance, you, or others share with them. Please note that when you use third-party services or Binance affiliate services which are not governed by this Privacy Policy, their own terms and privacy policies will govern your use of those services and products.
Third Party Independent Controllers
Within the context of the services rendered by Binance, some of the third party service providers may process your personal data as independent data controllers for their own purposes which may include but are not limited to:
- compliance with legal or regulatory obligations under applicable laws;
- prevention of criminal activity, fraud (including impersonation fraud), money laundering or other illicit activities by checking data against records of confirmed or suspected illegal activities; in connection with this purpose, the service provider may carry out profiling, statistical analysis and analytics in AML/CFT tendency using machine learning
- enhancing the effectiveness and quality of its fraud prevention services;
- user onboarding as the third partyâs own client or customer;
- to use the services of financial institutions for fiat related transactions - user identification necessary to respond to data subject requests;
- establishment, exercise, or defense of legal claims (if applicable).
The service providers rely on legal bases for data processing as disclosed in their respective privacy notices, accessible from their websites. Your personal data will be processed no longer than necessary for the above processing purposes and will be retained according to the service providersâ retention schedules. You can request for more information about the identity of the third party service providers and their processing activities by contacting Binance (see Section 10).Â
Legal Authorities or Legal requirements: We may share your information with courts, law enforcement authorities, regulators, attorneys or other third parties: (a) to comply with laws and legal obligations; (b) for the establishment, exercise, or defence of a legal or equitable claim; (c) to respond to law enforcement and regulatory requests, including (1) when we are compelled to do so by a subpoena, court order, search or seizure warrant, or similar legal procedure, or (2) for international law enforcement requests, pursuant to a mutual legal assistance treaty (MLAT) or letters of request; (d) to comply with one or more forms of âtravel rulesâ that require our transmitting of your information to another financial institution, regulatory authorities or other industry partners; (e) when we believe in good faith that the disclosure of personal information is necessary to protect the rights, property or safety of our customers, Binance, or others, including to prevent imminent physical harm or material financial loss; (f) to investigate violations of our Terms of Use or other applicable policies; or (g) to detect, investigate, prevent or address fraud or credit risk, other illegal activity or security and technical issues, to report suspected illegal activity or to assist law enforcement in the investigation of suspected illegal or wrongful activity.
Business transfers: As we continue to develop our business, we might sell or buy other businesses or services. In such transactions, user information generally is one of the transferred business assets but remains subject to the promises made in any pre-existing Privacy Notice (unless, of course, the user consents otherwise). Also, in the unlikely event that Binance or substantially all of its assets are acquired by a third party, user information will be one of the transferred assets.
With your Consent: We also may disclose your Personal Data as may be described in a notice to you at the time the information is collected or before it is shared, or in any other manner to which you consent.
7. International transfers of Personal Information
To facilitate our global operations, Binance may transfer your personal information outside of the European Economic Area (âEEAâ), UK and Switzerland. The EEA includes the European Union countries as well as Iceland, Liechtenstein, and Norway. Transfers outside of the EEA are sometimes referred to as âthird country transfersâ.
We may transfer your personal information to our Affiliates, third-party partners, and service providers based throughout the world. In cases where we intend to transfer personal information to third countries or international organisations outside of the EEA, Binance puts in place suitable technical, organizational and contractual safeguards (including Standard Contractual Clauses), to ensure that such transfer is carried out in compliance with applicable data protection rules.
We also rely on decisions from the European Commission where they recognise that certain countries and territories outside of the European Economic Area ensure an adequate level of protection for personal information. These decisions are referred to as âadequacy decisionsâ.
8. How Secure is My Information?
We design our systems with your security and privacy in mind. We have appropriate security measures in place to prevent your information being accidentally lost, used or accessed in an unauthorised way, altered or disclosed. We work to protect the security of your personal data during transmission and while stored by using encryption protocols and softwares. We maintain physical, electronic and procedural safeguards in connection with the collection, storage and disclosure of your personal data. In addition, we limit access to your personal data to those employees, agents, contractors and other third parties who have a business need to know.
Our security procedures mean that we may ask you to verify your identity to protect you against unauthorised access to your account. We recommend using a unique password for your Binance account that is not utilized for other online accounts and to sign off when you finish using a shared computer.
9. What About Advertising?
In order for us to provide you with the best user experience, we may share your personal data with our marketing partners for the purposes of targeting, modelling, and/or analytics as well as marketing and advertising. You have a right to object at any time to processing of your personal data for direct marketing purposes (see Section 10 below).
10. What Rights Do I Have?
Subject to applicable law, as outlined below, you have a number of rights in relation to your privacy and the protection of your personal data. You have the right to request access to, correct, and delete your personal data, and to ask for data portability. You may also object to our processing of your personal data or ask that we restrict the processing of your personal data in certain instances. In addition, when you consent to our processing of your personal data for a specified purpose, you may withdraw your consent at any time. If you want to exercise any of your rights please contact us using the webform available here. These rights may be limited in some situations - for example, where we can demonstrate we have a legal requirement to process your personal data.
Right to access: you have the right to obtain confirmation that your personal data are processed and to obtain a copy of it as well as certain information related to its processing. Please follow the FAQ for further information on how to access your account statement yourself. You can also check your device and IP address loginâs via the dedicated âAccount Activity Recordsâ page located here. Please note that you have to login to your account first to obtain access;
Right to rectify: you can request the rectification of your personal data which are inaccurate, and also add to it. You can also change your personal data in your account at any time.
Right to delete: you can, in some cases, have your personal data deleted. Please follow the FAQ for further self-help information on how you can request that your account is deleted yourself. Please note that personal data may still be retained in the event of account deletion to comply with our legal obligations.
Right to object: you can object, for reasons relating to your situation, to the processing of your personal data For instance, you have the right to object where we rely on legitimate interest or where we process your data for direct marketing purposes;
Right to restrict processing: You have the right, in certain cases, to temporarily restrict the processing of your personal data by us, provided there are valid grounds for doing so. We may continue to process your personal data if it is necessary for the defense of legal claims, or for any other exceptions permitted by applicable law;Â Â Â Â
Right to contest to a decision based solely on automated processing: You have the right to require that decisions be reconsidered if they are made solely by automated means, without human involvement; we use automated tools to make sure that you are eligible to be our customer taking into account our interests and legal obligations; if these automated tools indicate that you do not meet our acceptance criteria, we will not onboard you as our customer;
Right to portability: in some cases, you can ask to receive your personal data which you have provided to us in a structured, commonly used and machine-readable format, or, when this is possible, that we communicate your personal data on your behalf directly to another data controller;
Right to withdraw your consent: for processing requiring your consent, you have the right to withdraw your consent at any time. Exercising this right does not affect the lawfulness of the processing based on the consent given before the withdrawal of the latter;
Right to lodge a complaint with the relevant data protection authority: We hope that we can satisfy any queries you may have about the way in which we process your personal data. However, if you have unresolved concerns, you also have the right to complain to the data protection authority in the location in which you live, work or believe a data protection breach has occurred.
If you have any questions or objection as to how we collect and process your personal data, please contact us using the webform available here.Â
11. How Long Does Binance Keep My Personal Data?
We keep your personal data to enable your continued use of Binance Services, for as long as it is required in order to fulfil the relevant purposes described in this Privacy Notice, and as may be required by law such as for tax and accounting purposes, compliance with Anti-Money Laundering laws, or to resolve disputes and/or legal claims or as otherwise communicated to you.
While retention requirements vary by jurisdiction, information about our typical retention periods for different aspects of your personal data are described below.
Personal Identifiable Data collected to comply with our legal obligations under financial or anti-money laundering laws may be retained after account closure for as long as is required under such laws.
Contact Information such as your name, email address and telephone number for marketing purposes is retained on an ongoing basis and until you (a) unsubscribe, or we (b) delete your account. Thereafter we will add your details to an unsubscribed list to ensure we do not inadvertently market to you.
Content that you post on our website such as support desk comments, photographs, videos, blog posts, and other content may be kept after you close your account for audit and crime prevention purposes.
Recording of voice calls with you may be kept for a period of up to six years, for audit/ compliance purposes and to resolve disputes and/or legal claims.
Information collected via cookies, web page counters and other analytics tools is kept for a period of up to one year from the date of the collection of the cookie of the relevant cookie.
12. Notices and Revisions
If you have any concerns about privacy at Binance, please contact us, and we will try to resolve it. You also have the right to contact your local Data Protection Authority.
Our business changes regularly, and our Privacy Notice may change also. You should check our websites frequently to see recent changes. We will update the âLast Updatedâ date accordingly at the beginning of this Privacy Notice. We will announce any material changes to this Privacy Notice on our Platform or by sending an email that you have provided under your account. Your continued use of Binance after the changes to this Privacy Notice means that you understand and agree to such changes.Â
Unless stated otherwise, our most recent Privacy Notice applies to all information that we have about you and your account.
13. Languages
This Privacy Policy may be published in different languages. In case of any discrepancy, this English version shall prevail.
14. Contact Information
Our data protection officer can be contacted using the webform available below, or via email and will work to address any questions or issues that you have with respect to the collection and processing of your personal data.
If you have a question about your account management, or Binance products or services the Data Protection Officer will not be able to assist you. In that case, please contact our Customer Support team using the following link.
Please read the FAQ for further information on how you can delete your account.