We understand that privacy is an important issue to you and we respect the privacy of all of our customers and aim to protect the security and confidentiality of non-public personal information about you that we acquire.
Under the law you have the right to limit some, but not all, sharing of your personal information. The law also requires us to disclose to you how we collect, share and protect your personal information.
Personal Information Collected
We collect information about you when you provide it to us and when you use our services and products, open an account with us, request information or otherwise interact with our website. We also receive information about you from third-parties who you have authorized to disclose information about you that we need for the account opening process, to satisfy our know-your-customer and anti-money laundering obligations, and for effecting transactions for your account.
The personal information we may collect includes:
- your name, address, telephone and mobile phone numbers, date of birth, government issued identification, social security number, tax identification number, bank account details, cryptocurrency wallet address(es);
- information relating to your transactions, including details regarding cryptocurrency wallet addresses or related information for deposits or withdrawals;
- information that may be received from consumer reporting agencies, such as credit bureau reports;
- information in any emails, chat messages, phone conversations, or other communications you send to us;
- information which may be received from other sources with your consent.
Other Information Collected
We also collect other information that does not uniquely identify you as an individual. This information is referred to as “Non-Personally Identifiable Information (“Non-PII”). We collect Non-PII when you interact with us and use our services and products. Examples of Non-PII that we collect includes, information on the links that you click, the features of our website that you use, what types of information you upload, information about your hardware, including your computer, phone, tablet or other devices you use to access our website, and about your software, including your operating system, browser type, Internet protocol, your connection type and your settings and related information. We may share Non-PII with our advertising and marketing agents to evaluate the effectiveness of our marketing programs. We may use Non-PII to analyze your usage of our website and for other research that help us improve the services and products we offer.
Information From Third Party Sources
From time to time, we may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms.
We also receive information about you when you link a third-party service to our services. Such linkage may include interactions with our social media sites. Third-party sites are governed by their own privacy policies, and you should review those privacy policies before using those sites.
Use of Your Personal Information
We use your personal information in connection with our provision of services and products to you in order to meet our contractual obligations to you. We will also process your PII to meet our legitimate interests, for example to verify your background, open your account, send you notices regarding your money/cryptocurrency transfers to and from BlockFi, send confirmations and other information on your cryptocurrency transactions, to create your account statements, to maintain records on your transactions and to support your account generally. We may use your personal information and information about how your use our services to send promotional and other information to you. We also may use your personal information to conduct analysis regarding your usage of our services and products and the effectiveness of our marketing initiatives.
We will not use your personal information for purposes other than those purposes we have disclosed to you, without your permission. From time to time we may request your permission to allow us to share your personal information with third parties. You may opt out of having your personal information shared with third parties, or from allowing us to use your personal information for any purpose that is incompatible with the purposes for which we originally collected it or subsequently obtained your authorization. If you choose to so limit the use of your personal information, certain features or BlockFi services may not be available to you.
Sharing of Your Personal Information
BlockFi does not disclose nonpublic personal information relating to current or former customers to any third-parties, except to those who require access to the data in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. This may include but is not limited to, any obligations of BlockFi under the USA PATRIOT Act, and in order to facilitate the execution of our customers’ cryptocurrency transactions in the ordinary course of business.
BlockFi has multiple affiliates and relationships with third-party companies. Examples of these companies include financial and non‐financial companies that perform services such as data processing, administrative services, regulatory support, legal services, liquidity providers, banks, cloud storage, Google in connection with its Google Analytic services, companies that host our wallets, auditors, accountants, cryptocurrency exchange and custodians, cryptocurrency forensic analysis services and other service providers we engage from time to time that enable us to provide our services to you. We may share PII with such service providers. We may share information among our affiliates, as permitted by law, in order to better service your financial needs.
We do not sell, license, lease or otherwise disclose your personal information to any third-party for any reason other than the purposes described below:
- We may disclose personal information to qualified third-parties in order to administer or process a transaction, product or service you have authorized or requested, or in the context of facilitating the execution of a transaction.
- We are required to validate our customers’ identities by applicable laws and regulatory requirements and rely on qualified third-party services to perform these validations. PII that you provide to us during the account opening process is passed to these services at account opening and on an ongoing basis thereafter.
- We provide PII that you provide during the account opening process, as required by applicable laws and regulatory requirements, to carry out or aid in certain functions, such as, but not limited to, account processing, surveillance, reconciliation, execution, document retention requirements, and document dissemination.
- We share your information with financial institutions with which we partner to process payments which you have authorized.
- We may share analyses based on anonymous customer information or behavior with our affiliate companies in order to operate and improve products and services.
- We may disclose or transfer information we collect to a purchaser of our business.
- We may disclose or transfer information we collect upon account closing where you have a deficient balance, or upon excessive instances where you do not have sufficient funds in your account.
- We may disclose personal information to qualified third-parties and/or affiliate companies who provide services, such as, but not limited to, consulting, sales, customer support operations, payment processing, authentication services, and technical support or services.
- We may share your information with law enforcement, and officials, or other third-parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of any of our terms and conditions or any other applicable policies.
- We may disclose information to third-parties about your account or the transactions you make if you give us your written permission.
Other circumstances under which we may disclose your personal information in order to:
- Comply, as necessary, with applicable laws and regulatory requirements, as well as legal process;
- Respond to mandatory legal or governmental requests or demands for information;
- Meet national security requirements;
- Protect ourselves, our affiliates, our customers or the general public from illegal activities; and
- Respond to an emergency that requires disclosure of specified
We may have links to third-party websites on our website. Third-party websites have their own privacy policies. We have no involvement with their policies. You are encouraged to review the privacy policies of all third-party websites you visit.
BlockFi also uses Google Analytics. The following link explains how Google uses data when you use its partners’ websites and applications: www.google.com/policies/privacy/partners/. Your use of BlockFi’s website is evidence of your consent to BlockFi storing and accessing cookies and other information on your computer or phone and BlockFi’s use of Google Analytics in connection with such activities. Please read the information at the link provided so you understand what you are consenting to.
BlockFi strives to ensure that our systems are secure and that they meet industry standards. We seek to protect non-public personal information that is provided to BlockFi by third-parties and by you by implementing physical and electronic safeguards. Where we believe appropriate, we employ firewalls, intrusion prevention, encryption technology, user authentication systems (i.e. passwords and personal identification numbers) and access control mechanisms to control access to systems and data. BlockFi endeavors to engage third-party service providers that have security and confidentiality policies, if such third-party service providers have access to our customer’s PII. We instruct our employees to use strict standards of care in handling the personal financial information of customers. As a general policy our staff will not discuss or disclose information regarding an account except with authorized personnel of our service providers or as required by applicable law and regulatory requirements law or pursuant to regulatory request and/or authority.
Despite our efforts to protect the security of your information, no security system is always effective and we cannot guarantee that our systems will be completely secure.
How You Can Request to Access, Change, or Erase Your Information
You are entitled to make requests regarding the processing and storage of your PII. Specifically, you may submit a request to us to take the following actions in relation to your personal information that we hold:
- Opt-out. You may request that we stop sending you direct marketing communications which you have previously consented to receive. We may continue to send you service-related and other non-marketing communications.
- Access. You may request we provide you with information about our processing of your personal information and give you access to your personal information.
- Rectify. You may request we update or correct inaccuracies in your personal information.
- Erase. You may request we erase your personal information.
- Export. You may request we transfer a machine-readable copy of your personal information to you or a third party of your choice.
- Restrict. You may request we restrict the processing of your personal information.
- Object. You may object to our reliance on our legitimate interests as the basis of our processing of your personal information that impacts your rights.
You may do this at any time by logging in to your account and clicking the Profile or My Account tab or by emailing email@example.com. Note that we may refuse to grant your requests in whole or in part as permitted by applicable law.
Retention of Personal Information
We are required under applicable laws and regulatory requirements to retain certain information, including personal information of customers, customer profiles, identification verification materials, information we used to satisfy our know-your-customer and anti-money laundering obligations, account information, account agreements, trade orders, trade confirmations and other agreements between us, account statements, and other records.
Such records are generally retained as required by law, rule or regulation or for the minimum amount of time necessary to accomplish the purpose for which it was collected, and thereafter no longer than is permitted under BlockFi’s data retention policies.
However, even after you deactivate your account, we can retain copies of information about you and any transactions or services in which you may have participated for a period of time that is consistent with applicable law, applicable statute of limitations or as we believe is reasonably necessary to comply with applicable law, regulation, legal process, or governmental request, to detect or prevent fraud, to collect fees owed, to resolve disputes, to address problems with our services, to assist with investigations, to enforce any of our terms and conditions or other applicable agreements or policies, or to take any other actions consistent with applicable law.
“Do Not Track” Policy
California law requires us to inform you how we respond to web browser Do Not Track (“DNT”) signals. Because no industry or legal standard exists for recognizing or honoring DNT signals, we do not respond to them at this time. This policy is subject to change as the privacy community and industry develop best practices for responding to DNT signals.
NOTICE TO CALIFORNIA RESIDENTS – YOUR CALIFORNIA PRIVACY RIGHTS (AS PROVIDED BY CALIFORNIA CIVIL CODE SECTION 1798.83)
A CALIFORNIA RESIDENT WHO HAS PROVIDED PERSONAL DATA TO A BUSINESS WITH WHOM HE/SHE HAS ESTABLISHED A BUSINESS RELATIONSHIP FOR PERSONAL, FAMILY, OR HOUSEHOLD PURPOSES (A “CALIFORNIA CUSTOMER”) MAY REQUEST INFORMATION ABOUT WHETHER THE BUSINESS HAS DISCLOSED PERSONAL INFORMATION TO ANY THIRD PARTIES FOR THE THIRD PARTIES’ DIRECT MARKETING PURPOSES. IN GENERAL, IF THE BUSINESS HAS MADE SUCH A DISCLOSURE OF PERSONAL DATA, UPON RECEIPT OF A REQUEST BY A CALIFORNIA CUSTOMER, THE BUSINESS IS REQUIRED TO PROVIDE A LIST OF ALL THIRD PARTIES TO WHOM PERSONAL DATA WAS DISCLOSED IN THE PRECEDING CALENDAR YEAR, AS WELL AS A LIST OF THE CATEGORIES OF PERSONAL DATA THAT WERE DISCLOSED. CALIFORNIA CUSTOMERS MAY REQUEST FURTHER INFORMATION ABOUT OUR COMPLIANCE WITH THIS LAW BY E-MAILING PRIVACY@BLOCKFI.COM. PLEASE NOTE THAT WE ARE REQUIRED TO RESPOND TO ONE REQUEST PER CALIFORNIA CUSTOMER EACH YEAR AND WE ARE NOT REQUIRED TO RESPOND TO REQUESTS MADE BY MEANS OTHER THAN THROUGH THIS E-MAIL ADDRESS.
When Do We Store, Transfer or Process PII Internationally?
If you would like to submit a complaint about our use of your PII or response to your requests regarding your PII, you may contact us at firstname.lastname@example.org or submit a complaint to the data protection regulator in your jurisdiction. You can find your data protection regulator here.
Last Updated: November 19, 2019