CoinDuffleDocs
Trust & Safety

Privacy & Data

What data CoinDuffle collects, how it's used, how long it's retained, and your rights as a user.

Privacy & Data

Your privacy matters to us. This page explains what data CoinDuffle collects, why we collect it, how we use it, and what rights you have over your personal information. For the full legal terms, please refer to our Privacy Policy — this page is a user-friendly summary.

What Data We Collect

Account Information

When you create an account, we collect:

  • Email address — Used for authentication, order notifications, and account communications.
  • Password — Stored as a secure hash (we never see or store your actual password).
  • Name — Used for shipping labels, payment processing, and identity verification.
  • Phone number — Optional. Used for delivery-related communication and account recovery.

Identity Verification Data

If you complete KYC verification, the following is collected by our verification partner, Sumsub:

  • Government-issued photo ID (passport, driver's license, or national ID card)
  • Selfie photo for facial matching
  • Verification status and results

Important: Your identity documents are processed and stored by Sumsub, not on CoinDuffle's servers. See Verifying Your Identity for details.

Transaction Data

When you make purchases or participate in the buyback program:

  • Order details (items, quantities, prices, dates)
  • Payment method type (we do not store full card numbers — that's handled by Stripe)
  • Shipping addresses
  • Transaction history

Technical Data

When you use CoinDuffle, we automatically collect:

  • IP address — Used for fraud prevention and security.
  • Device information — Browser type, operating system, and screen resolution. Used for optimizing your experience and fraud detection.
  • Device fingerprint — A technical identifier used for fraud prevention (see Fraud Prevention).
  • Usage data — Pages visited, search queries, products viewed, and clicks. Used for improving the marketplace experience.
  • Cookies — Small files stored on your device to maintain your session, remember preferences, and enable analytics.

Communication Data

  • Customer support inquiries and conversations
  • Product Q&A questions and answers you post
  • Email communication preferences

How We Use Your Data

We use the data we collect for the following purposes:

Essential Operations

  • Processing orders — Fulfilling your purchases, processing payments, and coordinating shipping.
  • Account management — Maintaining your account, authenticating logins, and managing your preferences.
  • Communication — Sending order confirmations, shipping updates, payment receipts, and important account notifications.
  • Identity verification — Complying with KYC/AML (Know Your Customer / Anti-Money Laundering) regulations.

Security and Fraud Prevention

  • Fraud detection — Analyzing transactions and behavior patterns to detect and prevent fraudulent activity.
  • Account security — Detecting unauthorized access attempts and protecting your account.
  • Risk scoring — Assessing transaction risk to protect both buyers and sellers.

Improvement and Analytics

  • Product improvement — Understanding how you use CoinDuffle to improve features, design, and performance.
  • Analytics — Aggregated, anonymized usage data helps us understand marketplace trends and optimize the user experience.
  • Search optimization — Improving search results and product recommendations.
  • Regulatory requirements — Maintaining records as required by financial regulations, tax laws, and other legal obligations.
  • Law enforcement — Responding to valid legal requests from law enforcement agencies (subpoenas, court orders, etc.).

What We Don't Do

  • We don't sell your personal data — Your information is never sold to third parties for marketing purposes.
  • We don't share data for unrelated advertising — We don't share your browsing history or purchase data with advertisers.
  • We don't store your full payment details — Card numbers and bank account details are handled exclusively by Stripe.

Data Sharing

We share data only with the following parties, and only as necessary:

RecipientWhat's SharedWhy
StripePayment and payout informationProcessing transactions securely
SumsubIdentity documents (for KYC)Identity verification
USPS / EasyPostShipping addresses, namesDelivering your orders
SellersShipping address, name, order detailsFulfilling your purchases
Cloud infrastructure providersEncrypted application dataHosting and operating CoinDuffle

We require all third-party partners to maintain appropriate security measures and handle your data in accordance with applicable privacy laws.

Data Retention

We retain your data for as long as necessary to fulfill the purposes described above:

Data TypeRetention Period
Account informationAs long as your account is active, plus 30 days after deletion
Transaction records7 years (required by financial regulations)
Identity verification resultsAs required by law (typically 5 years after the last transaction)
Technical/usage data2 years (then anonymized or deleted)
Customer support conversations3 years
CookiesVaries by cookie type (session cookies expire when you close your browser; persistent cookies typically last 1 year)

Your Rights

You have the following rights regarding your personal data:

Access

You can request a copy of the personal data we hold about you. To do so, contact support@coinduffle.com with your request.

Correction

If any of your personal information is inaccurate or outdated, you can update it in your account settings or contact us to correct it.

Deletion

You can request deletion of your CoinDuffle account and associated personal data. Contact support@coinduffle.com to initiate this process. Note that:

  • We may need to retain certain transaction records for legal and regulatory compliance.
  • Data that has been shared with third parties (Stripe, Sumsub, etc.) is subject to those parties' data retention policies.

Data Portability

You can request your data in a portable format. Contact support for assistance.

Opt-Out

  • Marketing emails — You can unsubscribe from marketing emails using the "Unsubscribe" link at the bottom of any marketing email. Transactional emails (order confirmations, shipping updates, etc.) cannot be opted out of.
  • Cookies — You can manage cookie preferences through your browser settings. Disabling certain cookies may affect your experience on CoinDuffle.

Cookies

CoinDuffle uses cookies for:

  • Essential cookies — Required for the site to function (session management, authentication, cart functionality). These cannot be disabled.
  • Analytics cookies — Help us understand how visitors use the site. These can be opted out of.
  • Preference cookies — Remember your settings and preferences for a better experience.

Children's Privacy

CoinDuffle is not intended for users under the age of 18. We do not knowingly collect personal data from minors. If we become aware that a user under 18 has created an account, we will take steps to remove their data and close the account.

Contact Us

If you have questions about your privacy or want to exercise any of your data rights, contact us at:

We aim to respond to all privacy-related requests within 30 days.

Secure Transactions

How CoinDuffle ensures your payments and personal data are secure — Stripe PCI compliance, encryption, HTTPS, and data protection.

On this page

Privacy & DataWhat Data We CollectAccount InformationIdentity Verification DataTransaction DataTechnical DataCommunication DataHow We Use Your DataEssential OperationsSecurity and Fraud PreventionImprovement and AnalyticsLegal ComplianceWhat We Don't DoData SharingData RetentionYour RightsAccessCorrectionDeletionData PortabilityOpt-OutCookiesChildren's PrivacyContact Us
Privacy & Data | CoinDuffle