Privacy Policy

Last updated 7 June 2026

Privacy Policy

Last updated: 7 June 2026

This Privacy Policy explains how DMMC Digital Concierge FZCO ("The Crypto Shop", "we", "us", or "our") collects, uses, stores, and shares personal data when you use the The Crypto Shop website and related services (the "Service").

By using The Crypto Shop, you acknowledge that you have read this Privacy Policy. If you do not agree, please do not use the Service.

1. Who Is Responsible for Your Data

Data controller

DMMC Digital Concierge FZCO
Unit No: UT-12-CO-358, DMCC Business Centre, Level No 12, Uptown Tower
Dubai, United Arab Emirates

Contact: info@cryptoshop.com

We aim to respond to privacy enquiries within two (2) business days.

2. Scope

This Privacy Policy applies to personal data we process when you:

  • Visit or browse the The Crypto Shop website
  • Create or use a The Crypto Shop account
  • Deposit cryptocurrency and receive store credit
  • Purchase digital gift cards or similar products
  • Contact our support team

This policy does not apply to third-party websites, apps, or services you may access through gift card redemption links. Those issuers and merchants have their own privacy practices.

3. Personal Data We Collect

We collect only the data needed to operate the Service. The categories below depend on how you use The Crypto Shop.

3.1 Account and identity data

When you register or sign in, we receive information from our authentication provider, including:

  • Email address
  • Name, first name, and last name (if provided)
  • Profile image URL (if provided)
  • Phone number (if provided)
  • A unique account identifier from our auth provider

We store this information in our systems and link it to your The Crypto Shop account, balance, deposits, orders, and transaction history.

3.2 Deposit and payment data

When you fund your account, we process:

  • Deposit wallet addresses assigned to your account
  • Blockchain transaction hashes
  • Token type, network, and deposit amounts
  • Sender wallet addresses
  • Deposit status and timestamps
  • Conversion and crediting details needed to update your store credit balance

We do not receive or store your private keys, seed phrases, or exchange login credentials.

3.3 Order and transaction data

When you purchase products or use store credit, we process:

  • Order details (brand, denomination, currency, and price)
  • Store credit debits and refunds
  • Transaction and ledger records
  • Order status and fulfilment timestamps
  • Encrypted gift card redemption details (such as codes, URLs, PINs, and expiry information)

Redemption details are encrypted at rest. We do not log cleartext gift card codes in our application logs.

3.4 Communications data

If you contact us, we process:

  • Your email address
  • The content of your message
  • Any order or account details you include so we can help you

If an order is fulfilled, we may send transactional emails to the address associated with your account. These emails can include redemption information for the product you purchased.

3.5 Technical and usage data

When you use the website, we may automatically collect:

  • IP address
  • Browser type, device information, and operating system
  • Pages viewed, actions taken, and approximate usage patterns
  • Referring URLs and session information
  • Error and performance data
  • Region and currency preferences stored in cookies

On checkout, we use an anti-abuse verification service that may process your IP address and browser signals to help prevent fraud.

3.6 Administrative and security records

For security, fraud prevention, and internal operations, we may also process:

  • Records of suspicious or suspended account activity
  • Immutable admin audit logs for sensitive internal actions (which may include administrator identifiers, action type, timestamps, and IP addresses)
  • Server and application logs needed to operate and secure the Service

We currently do not run a customer identity verification (KYC) programme. If we introduce verification in future, we may collect additional documents or information and will update this policy accordingly.

4. How We Collect Data

We collect personal data from:

  • You directly - when you create an account, make a purchase, or contact support
  • Our authentication provider - when you sign up or sign in
  • Our deposit infrastructure provider - when cryptocurrency deposits are detected and confirmed
  • Our gift card fulfilment providers - when orders are processed and delivered
  • Automated technologies - such as cookies, server logs, analytics tools, and security services

5. How We Use Personal Data

We use personal data to:

  • Create and manage your account
  • Authenticate you and provide access to the Service
  • Process deposits and maintain your store credit balance
  • Fulfil gift card orders and display or email redemption details
  • Send transactional communications related to your account or orders
  • Provide customer support and handle refund requests
  • Detect, prevent, and investigate fraud, abuse, and security incidents
  • Maintain financial, order, and audit records
  • Monitor reliability, diagnose errors, and improve the Service
  • Comply with legal obligations and enforce our Terms and Conditions
  • Protect our rights, users, and third-party providers

We do not use your personal data to sell gift cards on behalf of third-party merchants beyond fulfilling the orders you place.

6. Legal Bases for Processing

Depending on your location and the activity involved, we rely on one or more of the following legal bases:

  • Contract - to provide the Service you request, including account access, deposits, and purchases
  • Legitimate interests - to secure the platform, prevent abuse, improve performance, and keep business records
  • Legal obligation - where we must retain or disclose data to comply with applicable law
  • Consent - where required for optional activities such as certain analytics or cookies, or where you explicitly agree

If you are in a jurisdiction that requires a specific legal basis, you may contact us for more information about how it applies to your data.

7. How We Share Personal Data

We do not sell your personal data.

We share personal data only with trusted service providers that help us operate The Crypto Shop, including providers for:

PurposeExamples of data shared
Account authenticationEmail, name, account identifiers
Cryptocurrency depositsAccount identifiers, deposit addresses, transaction details
Gift card sourcing and fulfilmentOrder details needed to deliver the product
Transactional email deliveryEmail address, order and redemption details
Website hosting and infrastructureTechnical logs and account-related application data
Database and workflow processingAccount, order, deposit, and transaction records
Fraud prevention and bot protectionIP address and browser signals at checkout
Error monitoringTechnical diagnostics, which we configure to avoid sensitive redemption data
Product analytics (storefront only)Usage events and, where enabled, session replay data

We may also share data:

  • With professional advisers, regulators, or law enforcement where required by law or reasonably necessary to protect rights, safety, and security
  • In connection with a merger, acquisition, restructuring, or sale of assets, subject to appropriate safeguards
  • With your direction or consent

When we share data with service providers, we require them to process it only for the purposes we specify and to protect it appropriately.

8. International Data Transfers

The Crypto Shop is operated from the United Arab Emirates. Our service providers may process personal data in the UAE and in other countries, including the United States and countries in the European Economic Area.

Where personal data is transferred internationally, we take reasonable steps to ensure appropriate safeguards are in place, such as contractual protections with our providers.

9. Cookies and Similar Technologies

We use cookies and similar technologies to operate and improve the Service.

Examples include:

  • Essential cookies - needed for sign-in, security, and core site functionality
  • Preference cookies - such as your selected country and currency
  • Analytics cookies - to understand how the storefront is used and to improve the experience
  • Security technologies - to help protect checkout and other sensitive actions

You can control cookies through your browser settings. Disabling certain cookies may affect how the Service works, including your ability to remain signed in or complete purchases.

We do not currently operate a separate cookie policy page. If that changes, we will update this section or publish a dedicated cookie notice.

10. Analytics and Session Replay

On the customer storefront only, we may use product analytics tools that collect usage data such as page views, button clicks, and navigation patterns.

Where enabled, these tools may also record session replay data showing how you interact with the site. We use this information to understand product behaviour and fix usability issues.

The admin back-office does not use the same product analytics tooling.

11. Data Retention

We keep personal data only for as long as necessary for the purposes described in this policy, unless a longer period is required or permitted by law.

In general:

  • Account data is retained while your account remains active
  • Deposit, order, and transaction records are retained as needed for operations, accounting, dispute handling, and legal compliance
  • Support communications are retained for as long as needed to resolve your enquiry and maintain a record of our response
  • Security and admin audit logs may be retained for a longer period to investigate incidents and meet compliance obligations

If you request account deletion, we will delete or anonymise personal data where we are not required or permitted to keep it.

12. Security

We use administrative, technical, and organisational measures designed to protect personal data, including:

  • Encrypted storage of gift card redemption details
  • Access controls on internal systems
  • Restricted access to sensitive admin actions
  • Monitoring and logging for operational security
  • Configuration of error reporting tools to reduce exposure of sensitive information

No method of transmission or storage is completely secure. We cannot guarantee absolute security, but we work to protect data against unauthorised access, loss, misuse, or alteration.

You are responsible for keeping your login credentials secure and for using strong device and account security practices.

13. Your Rights

Depending on where you live, you may have rights over your personal data, including the right to:

  • Access the personal data we hold about you
  • Request correction of inaccurate data
  • Request deletion of your data
  • Object to or restrict certain processing
  • Request a copy of your data in a portable format
  • Withdraw consent where processing is based on consent

To exercise these rights, contact info@cryptoshop.com. We may need to verify your identity before responding.

We will respond within a reasonable time and in line with applicable law. In some cases, we may be unable to fulfil a request because we must retain data for legal, security, accounting, or fraud-prevention reasons.

If you are unhappy with our response, you may have the right to complain to a data protection authority in your country.

14. Children

The Crypto Shop is intended for users aged 18 and over only. We do not knowingly collect personal data from anyone under 18. If you believe a minor has provided us with personal data, contact us and we will take appropriate steps to delete it.

15. Third-Party Links and Issuers

The Crypto Shop sells products issued by third parties. When you redeem a gift card, you may be redirected to an issuer or merchant website with its own privacy practices.

We are not responsible for how those third parties handle your information.

16. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. When we do, we will revise the "Last updated" date at the top of this page.

If changes are material, we may also notify you by email or through a notice on the Service. Your continued use of The Crypto Shop after an update takes effect means you accept the revised policy, to the extent permitted by law.

17. Contact Us

For privacy questions, data requests, or complaints:

Email: info@cryptoshop.com

Postal address:
DMMC Digital Concierge FZCO
Unit No: UT-12-CO-358, DMCC Business Centre, Level No 12, Uptown Tower
Dubai, United Arab Emirates

© 2026 DMMC Digital Concierge FZCO. All rights reserved.