Privacy Policy

Privacy Policy

Last updated: November 14, 2023

This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You.

We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy.

Interpretation and Definitions


The words of which the initial letter is capitalized have meanings defined under the following conditions. The following definitions shall have the same meaning regardless of whether they appear in singular or in plural.


For the purposes of this Privacy Policy:

  • Account means a unique account created for You to access our Service or parts of our Service.

  • Company (referred to as either “the Company”, “We”, “Us”; or “Our” in this document) refers to BitCanna.

  • Cookies are small files that are placed on Your computer, mobile device or any other device by a website, containing the details of Your browsing history on that website among its many uses.

  • Country refers to: Netherlands

  • Device means any device that can access the Service such as a computer, a mobile phone or a digital tablet.

  • Personal Data is any information that relates to an identified or identifiable individual.

  • Service refers to our services, namely the webwallet, our main website, the payment plugin Cosmos Pay and the e-mail list for sending updates

  • Usage Data refers to data collected automatically, either generated by the use of the Service or from the Service infrastructure itself (for example, the duration of a page visit).

  • Website refers to the applicable websites, accessible from for the webwallet, for our main website.

  • Communication data refers to data You actively provide to us, for example by corresponding with us through email or by subscribing to our services.

  • You means the individual accessing or using the Service, or the company, or other legal entity on behalf of which such individual is accessing or using the Service, as applicable.

Collecting and Using Your Personal Data

Types of Data Collected

Usage Data

Usage Data is collected automatically when using the Service. This data is gathered in the logs of the servers used to host the Service. Usage Data may include information such as Your Device's Internet Protocol address (e.g. IP address), browser type, browser version and the time and date of Your visit.

When You access the Service by or through a mobile device, We may collect certain information automatically, including, but not limited to, the type of mobile device You use, Your mobile device unique ID, the IP address of Your mobile device, Your mobile operating system and the type of mobile Internet browser You use.

Communication Data

Communication Data is data that You actively provide to Us. For example: when You subscribe to our Services, we process the personal data You enter into our subscription form. When You communicate with Us via email, we will process what You write to Us and we may keep Your emails for a while, in order to keep track of what we discussed and/or agreed with You.

Use of Your Personal Data

Transfer of Your Personal Data

We take all reasonably possible steps to ensure that Your Personal Data is treated securely and in accordance with this Privacy Policy and that no transfer of Your Personal Data will take place to another organization or another country unless there are adequate controls in place for private and secure handling of Your Personal Data.

The Usage Data and Communication Data are stored on servers that are located in the EEA. These servers are hosted by EU companies. However: please note that these EU companies have parent companies in the USA.

The USA have certain provisions in law that afford their investigative authorities a right to access data that is processed by USA-based companies or their subsidiaries, even if such data is processed outside the USA. One such provision is Section 702 of the Foreign Intelligence Surveillance Act ("FISA", Foreign Intelligence Surveillance Act, a law that regulates foreign intelligence and counterintelligence of the United States). Another relevant provision is the so-called "Cloud Act" (Clarifying Lawful Overseas Use of Data Act), which applies specifically to USA-based companies in the telecommunications sector and "remote computing services" (which includes cloud hosting providers).

Following the adequacy decision taken by the European Commission in July 2023 it is allowed to use Google Analytics in combination with meeting the requirements set forth by the GDPR.

If You find it important to take 0% chance that Your encrypted Usage Data might be accessed by USA government agencies, we must advise You to not use Our Service.

Your rights regarding Your Personal Data

You have the right to ask us for an overview of the Personal Data that we process about You (“right of access”). Please note that the Usage Data that we process is only subject to data protection rules because this data could theoretically be traced back to individuals, if we were to combine it with additional information gathered elsewhere. In our normal course of business, we do not actually do this, so we generally cannot trace Usage Data back to You. If You use Your right of access, we will show You the Personal Data that we can connect to You without actively gathering additional information. For Personal Data that we process on the basis of Your consent, You have the right to withdraw Your consent at any time. Withdrawing Your consent does not affect the lawfulness of processing based on Your consent before its withdrawal. For Personal Data that we process on the basis of a legitimate interest, You have the right to object on grounds relating to Your particular situation. We do our solid best to only process Personal Data that is correct, and only when it is necessary and lawful. Should it ever turn out that Personal Data we process about You is incorrect or unlawful for us to process, then You have the right to have Your Personal Data rectified or erased, or have its processing restricted. You can invoke any of these rights by sending us an email through: Please note that we may have to ask You certain control questions or request that You provide identification, when You invoke a right regarding Personal Data. We have to be able to authenticate You as the data subject. If You are unhappy with the way we are processing Your Personal Data or the way we handled a request to exercise Your rights, please tell us, so we can try to resolve the issue. If we are unable to resolve it, you have the right to lodge a complaint with the Data Protection Authority in the Netherlands:

Disclosure of Your Personal Data

Law enforcement

Under certain circumstances, We may be required to disclose Your Personal Data to third parties. For example: if we are required to do so by law or in response to valid requests by public authorities (e.g. a court or a government agency).

Other legal requirements

We may disclose Personal Data to third parties in the good faith belief that such action is necessary to:

  • Comply with a legal obligation

  • Prevent or investigate possible wrongdoing in connection with the Service

  • Defend or exercise the rights or property of Ourselves, Our employees, Users of the Service or members of the public

  • Protect the personal safety of Our employees, Users of the Service or members of the public

  • Assess issues of legal liability and/or defend against claims

  • Assess and ensure the security of our business information, including Personal Data


The security of Your Personal Data is important to Us, but remember that no method of transmission over the Internet, or method of electronic storage is 100% secure. While We strive to use commercially acceptable means to protect Your Personal Data, We cannot guarantee its absolute security.

Our Service may contain links to other websites that are not operated by Us. If You click on a third party link, You will be directed to that third party's site. We strongly advise You to review the Privacy Policy of every site You visit.

We have no control over and assume no responsibility for the content, privacy policies or practices of any third party sites or services.

Changes to this Privacy Policy

We may update Our Privacy Policy from time to time. We will notify You of any changes by posting the new Privacy Policy on this page.

We will let You know via email and/or a prominent notice on Our Service, prior to the change becoming effective and update the “Last updated” date at the top of this Privacy Policy.

You are advised to review this Privacy Policy periodically for any changes. Changes to this Privacy Policy are effective when they are posted on this page.

Contact Us

If you have any questions about this Privacy Policy, You can contact us by visiting this page on our website:

Last updated