Changenow — Privacy

Information We Collect

When you use ChangeNOW, we collect certain information necessary to process your cryptocurrency exchange requests. This includes wallet addresses you provide as the sending and receiving destinations, transaction amounts, and the cryptocurrencies selected for the swap. In some cases, where regulatory compliance requires it, the platform may collect identity verification documents and personal details such as your full name and government-issued identification. We also collect technical data automatically, including your IP address, browser type, device identifiers, and usage patterns on the site. This information is gathered to facilitate your transactions, improve service quality, and ensure compliance with applicable financial regulations. We are committed to collecting only the data that is strictly necessary for the purposes outlined in this policy, and we do not engage in excessive or unnecessary data collection practices.

How We Use Your Data

The data collected by ChangeNOW is used primarily to process and complete your cryptocurrency exchange transactions. Beyond transaction processing, we use the information to verify user identity when required by law, to detect and prevent fraudulent activity, and to comply with anti-money laundering obligations. Aggregated, anonymized usage data helps the platform improve its features, optimize performance, and develop new services that better serve the community. We may also use your contact information, where voluntarily provided, to send you important service updates, security alerts, and promotional communications — though you retain the right to opt out of marketing messages at any time. We do not sell your personal information to third parties for advertising purposes, and we use your data only in ways that are consistent with this privacy policy and applicable law.

Cookies and Tracking Technologies

ChangeNOW uses cookies and similar tracking technologies to enhance your browsing experience and ensure the platform functions correctly. Essential cookies are required for core functionalities such as remembering your exchange preferences and maintaining session security. Analytical cookies allow us to understand how visitors interact with the service, which pages are most frequently visited, and where improvements can be made. We may also use third-party analytics providers that set their own cookies to help us understand traffic patterns and user behavior in aggregate. You have the right to control cookie settings through your browser preferences, and where required by law, we will seek your explicit consent before placing non-essential cookies. Disabling certain cookies may affect the functionality of the platform, but the core exchange service will remain accessible.

Third-Party Sharing

We share your personal data with third parties only to the extent necessary to deliver our services and meet our legal obligations. ChangeNOW works with trusted partners including liquidity providers, blockchain analytics firms, and compliance service providers, each of whom receives only the data they need to perform their specific function. These third parties are contractually bound to process your data securely and in accordance with applicable privacy laws. The platform may also disclose personal information to law enforcement or regulatory authorities when required to do so by a valid legal order, subpoena, or government request. We do not sell, rent, or trade your personal information to advertisers, data brokers, or any other commercial third parties. Any third-party tools or APIs integrated into the service are evaluated for their data handling practices before they are deployed.

Data Security Measures

Protecting your personal and transactional data is a top priority for ChangeNOW. The platform employs industry-standard encryption — including TLS (Transport Layer Security) — to protect all data transmitted between your device and our servers. Sensitive data stored on our systems is encrypted at rest using robust cryptographic standards. Access to personal data is restricted to authorized personnel only, and all staff with data access are subject to strict confidentiality obligations. We conduct regular security audits and penetration testing to identify vulnerabilities and address them proactively. In the event of a data breach that poses a risk to your rights and freedoms, we will notify you and the relevant supervisory authorities within the timeframes required by law. While no system can guarantee absolute security, the service is designed with multiple layers of protection to minimize risk at every point.

Your Rights as a User

Depending on your jurisdiction, you may hold a range of rights with respect to the personal data that ChangeNOW holds about you. These may include the right to access a copy of your personal information, the right to correct inaccurate data, and the right to request deletion of your data where it is no longer necessary for the purposes for which it was collected. Users in the European Economic Area and the United Kingdom benefit from additional rights under GDPR, including the right to data portability and the right to object to certain types of processing. To exercise any of these rights, you may contact our data protection team using the contact information provided in this policy. We will respond to all verified requests within the timeframe required by applicable law. We will never discriminate against users who exercise their privacy rights.

Data Retention

ChangeNOW retains personal data only for as long as it is necessary to fulfill the purposes described in this privacy policy. Transaction records are retained for a period consistent with our legal and regulatory obligations, which may require us to keep certain financial records for up to seven years in some jurisdictions. Where data is collected solely to improve the user experience and is not subject to regulatory retention requirements, the platform will delete or anonymize it as soon as it is no longer needed. If you request the deletion of your data and no legal obligation requires us to retain it, we will process your request promptly and confirm the deletion in writing. Anonymized and aggregated data, which cannot be linked back to any individual, may be retained indefinitely for analytical and research purposes.

International Data Transfers

As a globally operated service, ChangeNOW may transfer your personal data to countries outside your home jurisdiction, including countries that may have different data protection laws. When transferring data internationally, the platform takes appropriate safeguards to ensure that your information remains protected to the same standard as required by applicable law. For transfers from the European Economic Area to third countries, we rely on legally recognized mechanisms such as Standard Contractual Clauses or adequacy decisions issued by the European Commission. Users based in jurisdictions with specific cross-border data transfer restrictions will have their data handled in accordance with those local requirements. If you have questions about the international transfer of your data, you are encouraged to contact our privacy team for more detailed information about the specific mechanisms in use.

Children's Privacy

ChangeNOW is not intended for use by individuals under the age of 18. The platform does not knowingly collect personal information from minors, and anyone under the age of 18 is prohibited from using the service. If we become aware that we have inadvertently collected data from a child under the applicable age threshold, we will take immediate steps to delete that information from our systems. Parents and guardians who believe their child has provided personal data to this exchange are encouraged to contact us immediately so that we can take appropriate action. We are committed to protecting the privacy and safety of young people online, and we support the principles of child online protection as outlined in applicable national and international regulations.

Updates to This Policy

ChangeNOW reserves the right to update this privacy policy at any time in response to changes in law, business practices, or service features. When material changes are made, the platform will notify users by posting a prominent notice on the website and, where appropriate, by sending a direct notification to users who have provided contact information. The effective date of the most recent version of this policy will always be displayed at the top of the document. Continued use of the service after changes have been posted constitutes acceptance of the updated policy. We encourage you to review this policy periodically to stay informed about how we protect your information. If you do not agree with any changes made to this policy, you should discontinue use of the service and contact us to exercise your data rights.

Contact Information

If you have any questions, concerns, or requests regarding this privacy policy or the handling of your personal data, you are welcome to reach out to the ChangeNOW privacy team. You may contact us via the official support channels listed on the changenow.io website, including the help desk and dedicated email addresses for privacy and compliance inquiries. Our data protection team is committed to responding to all privacy-related inquiries in a timely manner and in accordance with applicable legal requirements. If you are located in the European Union and believe that your data protection rights have been violated, you also have the right to lodge a complaint with your national supervisory authority. We value transparency and open communication with our users, and we are always available to address any concerns about how your data is managed.

Consent

By using ChangeNOW and its associated services, you acknowledge that you have read and understood this privacy policy and consent to the collection, use, and sharing of your personal information as described herein. Where applicable law requires explicit consent for specific types of data processing — such as the use of non-essential cookies or the processing of sensitive personal data — the platform will seek that consent through a clear and affirmative action before processing begins. You may withdraw your consent at any time by contacting our privacy team, though withdrawal of consent may affect your ability to use certain features of the service. Consent to receive marketing communications may be withdrawn separately at any time by using the unsubscribe link included in any marketing email or by contacting us directly. We will always make the process of withdrawing consent as easy as the process of giving it.