Coinbase Global Privacy Policy

Last Updated: March 26, 2024.

We at Coinbase (the Coinbase entities listed in Section 11 below, referred to here as “we”, “us” or “our”) respect and protect the privacy of those who explore our Services (“Users”) and Users who sign up for and access our Services (“Customers”) (together referred throughout this policy as “you” and “your”).

This Privacy Policy describes how we collect, use, and share personal information when you explore, sign up for or access our “Services”, which include the services offered on our websites, including coinbase.comcoinbase.com/exchangecoinbase.com/primecoinbase.com/futures, coinbase.com/cloud (each a “Site” and collectively the "Sites") or when you use the Coinbase mobile app, the Coinbase Card App, Coinbase Exchange, Coinbase Prime, Dapp Wallet, or Coinbase Custody application programming interface (“API”) or third party applications relying on such APIs (together, our “Apps”) and related services. 

If you reside outside of the UK and the European Economic Area (the “EEA”), accessing and using our Services means that you accept this Privacy Policy and its terms. 

It is important that you understand how we use your information. You should read this page in full, but below are the key highlights and some helpful links:

  • Our goal is to simplify your crypto experience. If you do not wish for your personal information to be collected, used, or disclosed as described in this Privacy Policy, or you are under 18 years of age, you should stop accessing our Services.

  • We collect and use your information in order to provide and improve our Services and your experience, protect the security and integrity of our platform, and meet our legal obligations.

  • We share your information with other Coinbase companies, as well as trusted third parties and service providers, in order to offer our Services and fulfill legal requirements.

  • We offer privacy tools for you to request access to or deletion of information we hold about you. You can use these tools by visiting your Privacy Rights Dashboard. Depending on where you live, you may also have other privacy rights under law.

  • If you have any questions, please contact us on our Support Portal or at dpo@coinbase.com. See Section 9. How to Contact Us With Questions for more information.

1. WHAT INFORMATION WE COLLECT

We collect the following personal information and documentation:

Information You Provide to Us

Information CategoryDescription

Basic Customer Information

Name, Address, Date of birth, Nationality, Country of residence, Gender, Phone number, Email Address

Supplemental Identification Information 

Utility bills (for your billing address), Photographs and/or videos, Government-issued identity document, e.g. passport, driver’s license, or state identification card, Social security number, Employment information (e.g. company name), Proof of residency, including visa information

Electronic Identification (“EIDV”) Information

Biometric information generated based on photos or videos you provide in order for us to verify your identity

Institutional Information (if you are an institutional Customer)

Employer Identification number (or comparable number issued by a government), Personal identification information for all material beneficial owners of your business

Financial Information

Bank account number, Payment card primary account number ("PAN"), Trading and investment experience, Tax identification number, Income/net assets/wealth verification statements 

Wallet Information

When you sign up to use our Web3 browser, self-custody, or multi-coin crypto wallet, and connect it to your Coinbase account, we collect your Wallet address and information related to integrations that you select

Preferences

The digital asset(s) you choose to be paid in through our Direct Deposit service, Settings and preferences you select in the Coinbase app

Transaction Information

Information about the transactions made on our Services, such as the name of the sender, the name of the recipient, the amount, currency preferences, payment method, date, and/or timestamp

Additional information you submit to us

Communications: Survey responses, information (including call recordings) provided to our Customer Support team or User Research team, including communications with interfaces such as our chatbots.

Referral Information: Your contacts’ phone or email addresses if you choose to invite friends to Coinbase (available only in certain countries outside the EEA)

Information Collected Automatically

Information CategoryDescription

App, browser, and device information

Information about the device, operating system, and browser you’re using

Other device characteristics or identifiers (e.g. plugins, the network you connect to)

IP address

Product Usage Information

Activity information: Information about what you view or click on while visiting our Sites and Apps and how you use our Services

Diagnostic and Troubleshooting Information: Information about how our Services are performing when you use them, i.e. service-related diagnostic and performance information, including timestamps, crash data, website performance logs, and error messages or reports

Information from cookies and similar technologies

See our Cookies Policy for more information

Information we obtain from Affiliates and third parties

Information CategoryDescription

Coinbase Group of Companies (“Affiliates”) 

We may obtain information about you, such as Basic Customer Information, Transaction Information and Product Usage Information, from our Affiliates as a normal part of conducting business. For instance, if you link your various Coinbase accounts e.g. your Coinbase Wallet account or your Coinbase Commerce account, we may utilize your Wallet Information and Financial Information in order to convert cryptocurrency into fiat and allow you to make withdrawals into your bank account. For more information, please see Section 3. How and Why We Share Your Information

Public Database Information 

We obtain information about you from public databases, such as the United Nations Sanctions List, US ITA Consolidated Screening List, and the SEC EDGAR, including your name, address, email address, phone number, gender, national ID number and nationality/country of residence, date of birth, job role, public employment profile, listing on any sanctions lists maintained by public authorities, and other data as necessary

Blockchain Data

We may analyze public blockchain data, including timestamps of transactions or events, transaction IDs, digital signatures, transaction amounts, and wallet addresses

Information from our Marketing and Advertising Partners

We receive information such as your name and contact information from our marketing partners, including in some instances what marketing content you viewed or the  actions you take on our Sites

Information from Analytics Providers

We receive information about your Site usage, interactions, age group, and survey responses (including prior to account creation, in some cases)

Retail Merchant Information

If you use your Coinbase account to conduct a transaction with a third party merchant, the merchant may provide us with data about you, such as your name and contact details, and your transaction with that merchant

Research and In-App Survey Information

We use third party service providers to conduct in-app surveys to better understand our Customers’ experience and improve our Services. The information we receive from our research partners is pseudonymous

2. HOW WE USE YOUR INFORMATION

We use your personal information to deliver, personalize, operate, improve, create, and develop our Services, to provide you with a secure, smooth, efficient and customized experience as you use them, and for legal compliance, loss prevention, and anti-fraud purposes. Learn more about how we use your personal information and our legal basis for each such data use:

Data use necessary to perform our contract with you

We use certain information that is necessary to conclude and perform our Customer Agreement or other relevant contract(s) with you. We will need to terminate your account if we cannot process your personal information for such purposes.

Why and How We Use Your InformationInformation Categories Used

To create and maintain your Coinbase account

In order to provide you with our Services, and to allow you to set up a customer account and profile.

Basic Customer Information, Supplemental Identification Information, Financial Information

To provide you with Consumer Services

In order to provide you with personalized Services to invest (such as buy or sell), save, earn, spend, stake, and borrow within your account, including hosting and maintaining your digital wallets, including your E-Money Wallet, Digital Currency Wallet, and Web3 Wallet (when you connect them to your Coinbase account) and to provide you with Verified by Coinbase.

Basic Customer Information, Supplemental Identification Information, Financial Information, Institutional Information, Transaction Information, Wallet Information, Preferences, Blockchain Data, Product Usage Information, Additional information you submit to us (not including Referral Information, which we do not retain)

To provide you with Institutional Services

In order to provide Services to you, investors and institutions to allow investing, payment, asset listings, and account management.

Basic Customer Information, Supplemental Identification Information, Financial Information, Institutional Information, Additional information you submit to us, Wallet Information, Transaction Information

To provide you with Developer Services

In order to provide you with Coinbase Pay,  a payment feature that allows you to buy or transfer supported crypto on Coinbase to your wallet, and Direct Deposit, which allows you to get your salary paid in the cryptocurrency of your choice, asset controls, and connects merchants to Users or Customers to allow acceptance and provision of crypto payments.

Basic Customer Information, Supplemental Identification Information, Financial Information, Preferences

To provide you with Coinbase Cloud Services

In order to provide you with our Coinbase Cloud services, which offers tools, APIs and infrastructure for Web3 development and, staking services.

Basic Customer Information, Transaction Information, Wallet Information, Financial Information, Blockchain Data

To provide customer support

To address your request for support in the Apps, via the Sites or by email and to respond to customer care and other inquiries, including providing telephone-based premium customer support to Customers (who provide their telephone numbers), chat message support (including chatbots), and social support.

Basic Customer Information, Supplemental Identification Information, Transaction Information, Product Usage Information (including Location Information), Communications

To send Service communications

To send you administrative or account-related communications about our Services, which can include security updates or transaction-related information, through email, telephone, or in-product/push notifications. You may not opt-out of receiving critical service communications, such as emails or mobile notifications sent for legal or security purposes.

Basic Customer Information, Product Usage Information, Communications, Transaction Information

To promote the safety, security and integrity of our Services

To verify accounts and related activity, find and address violations of our Customer Agreement or policies (including our Prohibited & Conditional Use Policy), investigate suspicious activity, detect, prevent and combat harmful or unlawful behaviour, detect fraudulent behaviour and to maintain the integrity of our Services, including account takeover (“ATO”) prevention and support.

Basic Customer Information, Transaction Information, Product Usage Information, Supplemental Identification Information,  Institutional Information, Financial Information, Communications, Additional information you submit to us

Data use to comply with our legal obligations

Our Services are subject to laws and regulations requiring us to collect, use, and store your personal information in certain ways. If you do not provide the personal information required by law, we will have to close your account.

Why and How We Use Your InformationInformation Categories Used

To verify your identity

We are generally required to collect various pieces of personal information to properly identify or verify your identity and comply with other specific anti-money laundering (“AML”) or sanctions laws/regulations (e.g. funds transfer rules).  Our verification processes also involve electronic identification through the comparison of your ‘selfie’ against your provided verification information.  All such information is securely maintained by Coinbase and its service providers, and is only disclosed where permitted by law.

Basic Customer Information, Supplemental Identification Information, EIDV Information

To determine your legal eligibility for certain regulated products

When you use certain locally regulated products or engage in certain advanced trading activities, we may be required to carry out additional checks to ensure your suitability (e.g. under the European Market Infrastructure Regulation).

Basic Customer Information, Financial Information, Supplemental Identification Information

To comply with other legal and regulatory obligations

We may access, read, preserve, and disclose information when we believe it is reasonably necessary to comply with law, legal obligations, regulations, law enforcement, governmental, and other legal requests, court orders, or for disclosure to tax authorities. 

Examples of laws that may require us to collect, use or disclose your information:

Civil, commercial, criminal, or consumer protection matters: where we are in receipt of a court order to disclose information for the purposes of court proceedings or regulatory inquiries (e.g. orders or mandatory requests under the Irish Competition and Consumer Protection Act 2014, US federal and state consumer protection and privacy laws, subpoenas from any court with jurisdiction, and/or Singapore Criminal Procedure Code 2010).

Corporate and taxation matters: obligations such as the Irish Companies Act 2014 and the Taxes Consolidation Act 1997, and the Internal Revenue Service code.

Regulatory matters: to comply with our regulatory obligations, including  engaging with our regulators, such as (but not limited to) the U.S. Commodity Futures Trading Commission, the National Futures Association, the U.S. Securities and Exchange Commission, the Central Bank of Ireland, the UK Financial Conduct Authority, the German federal financial supervisory authority ("BaFin"), the Monetary Authority of Singapore, and the Australian Securities and Investments Commission.

Basic Customer Information, Supplemental Identification Information , Institutional Information, Wallet Information, Transaction Information, Product Usage Information, Communications Information, Blockchain Data

Data use for our Legitimate Interests

We rely on our legitimate interests or those of third parties (like our other Customers and in some cases, the general public) where they are not outweighed by your rights and freedoms. In the EEA and UK, you have the right to object to, and seek the restriction of, this processing. See Section 7. Your Privacy Rights and Choices for more information.

Why and How We Use Your InformationLegitimate Interests Relied OnInformation Categories Used 

To customize your experience with our Services and otherwise improve our Services

In order to perform core metrics, customize your experience with our Services and to generally improve our Services, we collect information about your online activity while you are using the Services (for example, when and how often pages on our Sites are visited, and our Services are used).

It is in our interest to understand how you interact with the Services in order to customize and/or improve our products and Services and enable accurate and reliable reporting.

Basic Customer Information, Product Usage Information, Transaction Information

To provide marketing communications to you

We use your information to send you targeted  marketing communications through email, mobile, in-app and push notifications or by SMS.

You may also see ads for our Services when you visit other apps and websites.

It is in our interest to promote Coinbase products and Services that you may be interested in.

Basic Customer Information, Institutional Information, Product Usage Information, Transaction Information, Information from our Marketing Partners

To provide you with promotions

We use your information to provide promotions, including sweepstakes offers or other incentives and rewards for using our Services.

It is in our interest and your interest to reward customer loyalty.

Basic Customer Information, Wallet Information, Supplemental Identification Information, Transaction Information

We preserve and share information with others, including law enforcement, civil litigants, and others who may issue legal requests 

Where not otherwise required by law, and depending on the circumstances, we may preserve and share your information:

- in response to requests from third parties, such as civil litigants, law enforcement, and other government authorities, for example to assist authorities in the investigation of fraud;

- to promote the safety, security, and integrity of the Coinbase Service, network, our Customers, Users, employees, property and the public;

- when we seek to protect ourselves in the context of litigation or other disputes, such as violations of our Customer Agreement and policies; and/or

- to respond to Customer/claimant requests or communications, reviewing Customer accounts and transactions for litigation disputes, and recording account details for litigation and settlement purposes.

It is in our interest and the interest of the general public to prevent and address fraud, unauthorized use of the Services, violations of our terms or policies, or other harmful or illegal activity; to protect ourselves (including our rights, Coinbase personnel and property or the Service), our Customers or others, including as part of investigations or regulatory inquiries; to defend our legal rights and resolve disputes; to secure our platform and network, to verify accounts and activity, to combat harmful conduct, to detect, prevent and address fraud, abuse, spam and other bad experiences or to prevent death or imminent bodily harm.

Basic Customer Information, Supplemental Identification Information, Institutional Information, Wallet Information, Transaction Information, Product Usage Information, Communications Information, Blockchain Data

To promote safety, security and integrity 

Outside of performing our contract with you, we may use and analyze your information  to protect the integrity of our Services. For example, we may use it to:

- log customer reports and patterns of suspicious behaviour to understand techniques being used by bad actors who may wish to interfere with the Services; and

- to identify and investigate patterns of suspicious behaviour or violations of our policies and Terms.

It is in our interest and the interests of our Users and Customers to secure our platform and network, to verify accounts and activity, to combat harmful conduct, to detect, prevent and address fraud, abuse, spam and other bad experiences.

Any of the categories of information listed in Section 1. What Information We Collect.

To research and innovate

We carry out surveys of your experience using the Services and the trading that you engage in to conduct and support research and innovation on topics related to our Services.

It is in our interest and our Customers’ interest to improve and iterate our Services through information obtained from these research surveys and interviews.

Basic Customer Information, Transaction Information, Product Usage Information, Communications, Research and In-App Survey Information

To provide customer support

To provide communications and customer support through our Customer Support team and User Research team, including communications with interfaces such as our chatbots.

It is in our interest and our Customers’ interest to provide customer support and improve our Services.

Basic Customer Information, Supplemental Identification Information, Additional Information you submit to us

Data use based on your consent

When we use your information based on your consent, you have the right to withdraw your consent at any time on a go-forward basis (which will not affect our prior use of your data, based on your previously given consent). You may change your device-based or in-app settings anytime as described in Section 7. Your Privacy Rights and Choices.

Why and How We Use Your InformationInformation Categories Used

To enable device-based settings

Collecting information that you allow us to receive through the device-based settings you enable (such as access to your GPS location, camera or photos) which we use to provide the features or services described when you enable the setting.

App, browser, and device information

To provide marketing communications to you

To send you targeted marketing communications through email, mobile, in-app, and push notifications or by SMS.

You may also see ads for our Services when you visit other apps and websites

Basic Customer Information, Institutional Information, Product Usage Information, Transaction Information, Information from our Marketing Partners, Additional information You Provide to Us

Data use to protect your or others’ vital interests

Why and How We Use Your InformationInformation Categories Used

Preserving, reviewing, and sharing information with law enforcement and others

We may preserve, review, and share information with law enforcement and others in circumstances where someone’s vital interests require protection, such as in the case of emergencies. For example, where there is a risk to the well-being or life of a Coinbase Customer.

Basic Customer Information, Supplemental Identification Information, Institutional Information, Wallet Information, Transaction Information, Product Usage Information, Communications Information, Blockchain Data

If you reside outside the United Kingdom or EEA, the legal bases on which we rely in your country may differ from those listed above.

3. HOW AND WHY WE SHARE YOUR INFORMATION

We work with service providers, partners and other third parties to help us provide our Services, and as a result we need to share certain information with these third parties.  Here’s how:

Affiliates

Personal information that we process and collect may be transferred between companies, Services, and employees affiliated with us as a normal part of conducting business and offering our Services to you. See Section 11. Our Relationship With You for a list of our affiliated companies and Services. 

Linked Third Party Websites

When you use third-party services (like when you connect your Coinbase account with your bank account) or websites that are linked through our Services, the providers of those services or products may receive information about you that Coinbase, you, or others share with them. Please note that when you use third-party services or Coinbase Affiliate Services which are not governed by this Privacy Policy, their own terms and privacy policies will govern your use of those services and products.

TRUST

TRUST is a global, secure, and industry-driven solution designed to comply with a requirement known as the Travel Rule while protecting your security and privacy. Coinbase and other custodial cryptocurrency exchanges and financial institutions share certain basic information about their customers when sending funds over a certain amount to another financial institution. To learn more, see Travel Rule FinCEN Advisory.

Professional advisors, industry partners, authorities and regulators

We share your information described in Section 1. What Information We Collect with our advisors, regulators, tax authorities, law enforcement, government agencies, and industry partners to:

- respond pursuant to applicable law or regulations, court orders, legal process or government requests; 

- comply with our reporting and information sharing obligations with industry partners, including other Virtual Asset Service Providers (“VASPs”) and regulatory authorities; 

- detect, investigate, prevent, or address fraud and other illegal activity or security and technical issues; and 

- protect the rights, property, and safety of our Customers, Coinbase and its Affiliates, or others, including to prevent death or imminent bodily harm.

Asset Transfer or Company Acquisition

We may choose to buy or sell assets, and may share and/or transfer information about our Customers in connection with the evaluation of and entry into such transactions. Also, if we (or our assets) are acquired, merged, reorganized, or if we go out of business, enter bankruptcy, or go through some other change of control or similar event, your personal information could be one of the assets transferred to the acquiring party. 

Third-Party Service Providers

We work with third-party service providers to help us provide our Services. When we share information with third-party service providers in this capacity, we require them to use your information on our behalf in accordance with our instructions and terms and only process as necessary for the purpose of the contract. We work with different types of third-party service providers, including:

Types of Third-Party Service Providers We UseWhat Information We Share

Third-Party Electronic ID Verification Service Vendors, including those that process biometric information

Vendors for tax reporting

Derivatives service providers

Retail merchants (to provide rewards/incentives)

Marketing and promotions providers (to promote our Services)

Telecommunications technology providers (to send you messages, including SMS messages)

CTF/AML service providers (for the purposes of transaction monitoring)

Data hosting service providers and payment vendors (for off-site data hosting)

Security service providers (for investigating fraud and security incidents)

Analytics providers (to understand how you use our Services)

Payment processing companies (to process transactions on our behalf)

Document repository services providers

Customer support vendors

Chatbots

Basic Customer Information, Supplemental Identification Information, EIDV Information, Institutional Information, Usage Information, Transaction Information, Blockchain Data, Wallet Information, Additional information you submit to us

4. HOW LONG WE RETAIN YOUR PERSONAL INFORMATION

We retain your information as needed to provide our Services, comply with legal obligations, or protect our or others’ interests. While retention requirements vary by country, we maintain internal retention policies on the basis of how information needs to be used. This includes considerations such as when the information was collected or created, whether it is necessary in order to continue offering you our Services, whether we are required to hold the information to comply with our legal obligations, including AML/KYC compliance or other financial regulatory obligations, or information preservation requirements. We also keep certain information where necessary to protect the safety, security and integrity of our Services, Customers, and Users. Our third-party electronic identity verification providers collect and retain biometric information for the period required for financial regulatory compliance or otherwise as required by applicable law. They retain this information for as long as set out in their applicable notices/policies. In line with these considerations, we delete information that is no longer needed for the above purposes when you close your account, or when you request deletion of your information (which you can initiate through your Privacy Rights Dashboard).

5. CHILDREN'S PERSONAL INFORMATION

The Sites and Services are not directed to persons under the age of 18, and we do not knowingly request or collect any information about persons under the age of 18. If you are under the age of 18, please do not provide any personal information through the Sites or Services. If a User or Customer submitting personal information is suspected of being younger than 18 years of age, Coinbase will require the relevant Customer or User to close his or her account, and will take steps to delete the individual’s information as soon as possible.

6. INTERNATIONAL TRANSFERS

To facilitate our global operations, Coinbase, its Affiliates, third-party partners, and service providers may transfer, store, and process your personal information throughout the world, including Ireland, Germany, Singapore, the UK, the US, and the Philippines. See here for more information

If you reside in the EEA, Switzerland, or the United Kingdom, we rely upon a variety of legal mechanisms to facilitate these transfers of your personal information (collectively, “European Personal Data”).

  • We rely primarily on the European Commission’s Standard Contractual Clauses to facilitate the international and onward transfer of European Personal Data to third countries, including from our EU operating entities to Coinbase, Inc. in the United States. For a copy of the Standard Contractual Clauses, please contact dpo@coinbase.com. 

  • In addition, we may rely on certain exemptions provided for under data protection law for our international transfers. We also rely on adequacy decisions from the European Commission where available and exemptions provided for under data protection law. For example, because Coinbase operates and provides its Services globally, we need to share information with our Affiliates and to data centers outside the EEA in order to develop, offer, and improve our Services (Article 49(1)(b) GDPR). In addition, we may rely on certain exemptions for sharing personal information with law enforcement outside of the EEA in emergency situations (Article 49(1)(f) GDPR).

EU-US, UK-US, and Swiss-US  Data Privacy Framework

Coinbase complies with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF) (together referred to as the “Data Privacy Frameworks”) and the DPF Principles as set forth by the U.S. Department of Commerce. Coinbase has certified to the U.S. Department of Commerce that it adheres to:

  • the EU-U.S. Data Privacy Framework Principles (EU-U.S. DPF Principles) with regard to the processing of personal data received from the European Union in reliance on the EU-U.S. DPF;

  • the UK-U.S. Data Privacy Framework Principles (EU-UK DPF Principles) with regard to the processing of personal data received from the United Kingdom (and Gibraltar) in reliance on the UK Extension to the EU-U.S. DPF; and

  • the Swiss-U.S. Data Privacy Framework Principles (Swiss-U.S. DPF Principles) with regard to the processing of personal data received from Switzerland in reliance on the Swiss-U.S. DPF.  

In the context of an onward transfer, Coinbase has responsibility for the processing of personal data it receives under the DPF and subsequently transfers to a third party acting as a service provider, partner and/or other third party to help us provide our Services on our behalf (as described in Section 4 of this policy). Coinbase remains liable under the DPF if any such third party processes personal data in a manner inconsistent with the DPF, unless Coinbase can prove that we are not responsible for the event giving rise to the damage. To learn more about the Data Privacy Framework (DPF) program, and to view our certification, visit https://www.dataprivacyframework.gov  

In compliance with the Data Privacy Frameworks, Coinbase commits to resolve all DPF Principles-related complaints about our collection and use of your personal information.  EU, UK, and Swiss individuals with inquiries or complaints regarding our handling of personal data received in reliance on the relevant Data Privacy Frameworks should first contact Coinbase at: dpo@coinbase.com 

For unresolved complaints concerning our handling of personal information in reliance on the Data Privacy Frameworks, Coinbase is a member of and relies upon the ICDR-AAA services for the Data Privacy Framework Program, see here https://go.adr.org/dpf_irm.html, which may involve, under certain conditions, binding arbitration.

The Federal Trade Commission has jurisdiction over Coinbase’s compliance with the EU-U.S. Data Privacy Framework (EU-U.S. DPF), the UK Extension to the EU-U.S. DPF and the Swiss-U.S. Data Privacy Framework (Swiss-U.S. DPF).

7. YOUR PRIVACY RIGHTS AND CHOICES

Depending on where you live, you may be able to exercise certain privacy rights related to your personal information. For any of your privacy rights and choices referenced below, requests relating to your personal information can be made by logging into your account and going to your Privacy Rights Dashboard or by submitting a request via our Support Portal or at dpo@coinbase.com. If any of the rights listed below are not provided under law for your operating entity or jurisdiction, Coinbase has absolute discretion in providing you with these rights.

  • Right to access and portability

  • Right to rectification: 

    • You may request us to rectify or update any of your personal information held by Coinbase that is incomplete or inaccurate by logging in to your account and clicking the Profile or My Account tab.

  • Right to deletion/erasure: 

  • Right to withdraw your consent: 

    • To the extent the processing of your personal information is based on your consent, you may withdraw your consent at any time. The lawfulness of Coinbase’s processing before you withdraw your consent will not be affected by such withdrawal.

  • Right to object to or restrict processing: 

    • You may have the right to restrict or object to us using or transferring your personal information based on our legitimate interests, in the public interest, or for direct marketing. We may continue to process your personal information where permitted or required by applicable law. You can opt-out of receiving marketing communications from Coinbase through your account settings or by submitting a request via our Support Portal.  

  • Right to non-discrimination: We will not discriminate against you for exercising any of your rights provided to you under law.

  • Right to lodge a complaint:  

    • If you reside in the EEA, Switzerland, or the UK, you have the right to lodge a complaint about our practices with respect to your personal information with the supervisory authority of your country or state. In the UK, the relevant data protection authority is the Information Commissioner's Office, Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, +44 (0303) 123 1113, email: casework@ico.org.uk. In Ireland, the relevant data protection authority is the Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, +353 017650100 / + 353 1800437737, email: info@dataprotection.ie or by using the following online form: Forms for Data Protection.

    • If you reside in Australia or the Philippines, you may lodge a complaint about our practices with respect to your personal information with the supervisory authority of your country. In Australia, the relevant data protection authority is the Office of the Australian Information Commissioner, and complaints may be made through their website at www.oaic.gov.au. In the Philippines, the relevant data protection authority is the National Privacy Commission, email: complaints@privacy.gov.ph.

To protect your privacy and security, we may take steps to verify your identity before complying with your request and we may decline your request if we are unable to verify your identity.

Under certain US data privacy laws, as well as in Brazil, you may also designate an authorized agent to make these requests on your behalf. 

These rights are not absolute, and may be denied: (a) when granting access or assisting portability would adversely affect the rights and freedoms of others; (b) to protect our rights and properties; (c) where the request is frivolous or vexatious; or (d) as otherwise permitted by law.

8. PRIVACY NOTICE FOR UNITED STATES RESIDENTS

If you are a United States Resident, you can learn more about how we use your information and your privacy rights by reviewing our United States Privacy Notice. Any terms defined in the California Consumer Privacy Act (as amended) (“CCPA”) have the same meaning when used in the US Privacy Notice.

9. HOW TO CONTACT US WITH QUESTIONS

If you have questions or concerns regarding this Privacy Policy, or if you have a complaint, please contact us on our Support Portal, at dpo@coinbase.com, or by writing to us at the address of your Coinbase service provider (provided in Section 11. Our Relationship With You below).

10. CHANGES TO THIS PRIVACY POLICY

We’re constantly trying to improve our Services, so we may need to change this Privacy Policy from time to time as well. We post any changes we make to our Privacy Policy on this page and, where appropriate, we will provide you with reasonable notice of any material changes before they take effect or as otherwise required by law. The date the Privacy Policy was last updated is identified at the top of this page.

We may provide additional "just-in-time" disclosures or information about how we collect or use your information in the context of specific Services; these in-product notices may supplement or clarify our privacy practices or may provide you with additional choices about how we use your information.

11. OUR RELATIONSHIP WITH YOU

If you reside in the EEA or Switzerland, Coinbase Ireland Limited, Coinbase Europe Limited and Coinbase Germany GmbH act as joint controllers in respect of your personal information. Coinbase Ireland Limited is the joint controller with primary responsibility for your personal information, including with respect to providing you with information and responding to any requests you may make under the GDPR. Please see more about how you can  exercise your rights under the GDPR through our Privacy Rights Dashboard.

CONSUMER/INSTITUTIONAL SERVICES

NORTH AMERICA (UNITED STATES & CANADA)

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

United States

Digital Asset Services, Fiat Wallet services

Coinbase, Inc. CA Entity No.: C3548456

Coinbase, Inc. c/o C T Corporation System 818 West Seventh St., Ste. 930 Los Angeles, California 90017

United States

Custodial Services

Coinbase Custody Trust Company, LLC (unless otherwise indicated in your service contract) NYS License # 122506

Coinbase Custody Trust Company, LLC c/o C T Corporation System 28 Liberty Street New York, New York 10005

United States

Credit and Lending Services

Coinbase Credit, Inc. CA Entity No.: C4315976

Coinbase Credit, Inc. c/o C T Corporation System 818 West Seventh St., Ste. 930 Los Angeles, California 90017

United States

Futures Trading

Coinbase Financial Markets, Inc. Entity No.: 4742037

100 Pine Street, Suite 1250, San Francisco, CA 94111

Canada 

Digital Asset Services, Fiat Wallet services

Coinbase Canada, Inc.

2600-1066 West Hastings Street; Vancouver BC  V6E3X1

APAC

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

Singapore

Digital Asset Services, Fiat Wallet Services

Coinbase Singapore Pte. Ltd. Unique Entity No.: 201935002N

One Marina Boulevard, #28-00, Singapore 018989

Australia

Digital Asset Services, Fiat Wallet Services

Coinbase Australia Pty Ltd; ACN 654 922 442

Coinbase Australia c/o TMF Corporate Services (Aust) Pty Limited, Suite 1 Level 11, 66 Goulburn Street, Sydney NSW 2000 Australia

Anywhere

Custodial Services

Coinbase Custody International Limited (unless otherwise indicated in your service contract) Company No: 657718

70 Sir John Rogerson's Quay Dublin 2, Ireland

Anywhere but Singapore, and New Zealand

Digital Asset Services

Coinbase Ascending Markets Kenya Limited

P.O. Box 10643, G.P.O. Nairobi, Kenya

New Zealand

Digital Asset Services, Fiat Wallet Services

Coinbase Europe Limited. Company No: 675475

CB Payments, Ltd Company No: 09708629 FCA Register No: 900635

70 Sir John Rogerson's Quay Dublin 2, Ireland

The Scalpel, 18th Floor, 52 Lime Street, London, United Kingdom, EC3M 7AF

EEA (European Economic Area)

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

EEA and the United Kingdom

Digital Asset Services

Coinbase Europe Limited. Company No: 675475

70 Sir John Rogerson's Quay Dublin 2, Ireland

Germany

Digital Asset Services

Coinbase Germany GmbH. Company No: HRB 213709 B. BaFin-ID 10158674

Kurfürstendamm 22, 10719 Berlin, Germany

EEA

Fiat Wallet Services

Coinbase Ireland Limited. Company No: 630350 CBI Register No: C188493

70 Sir John Rogerson's Quay Dublin 2, Ireland

United Kingdom (and select non-EEA countries in Europe)

Fiat Wallet Services

CB Payments, Ltd Company No: 09708629 FCA Register No: 900635

The Scalpel, 18th Floor, 52 Lime Street, London, United Kingdom, EC3M 7AF

EEA

Custodial Services

Coinbase Custody International Limited (unless otherwise indicated in your service contract) Company No: 657718

70 Sir John Rogerson's Quay Dublin 2, Ireland

OUTSIDE EU, US, UK, APAC

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

Anywhere but North America, APAC, EEA

Digital Asset Services

Coinbase Ascending Markets Kenya Limited

P.O. Box 10643, G.P.O. Nairobi, Kenya

OTHER

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

Anywhere but the USA

Digital Asset Services

Coinbase Bermuda Limited

Park Place, 55 Par La Ville Road, Hamilton, HM11 Bermuda

Anywhere but US, UK, APAC, EEA

Digital Asset Services

Coinbase Bermuda Services Limited

Park Place, 55 Par La Ville Road, Hamilton, HM11 Bermuda

Brazil

Digital Asset Services

Coinbase Brasil Ltda

City of Sao Paulo, State of Sao Paulo, at Alameda Santos, 2300, Suite 11 part, Cerqueira Cesar, ZIP Code 01418-200

DEVELOPER SERVICES

Where You ResideServices ProvidedYour Coinbase Service Provider Contact Address

Anywhere

Coinbase Pay SDK, Exchange API , Rosetta, Prime API, Sign In with Coinbase

Coinbase, Inc. CA Entity No.: C4315976

Coinbase, Inc. c/o C T Corporation System 818 West Seventh St., Ste. 930 Los Angeles, California 90017

Anywhere

Wallet SDK and Commerce API

Toshi Holdings Pte. Ltd.

One Marina Boulevard, Postal 018989, Singapore

Anywhere but the United States 

Delegate & Participate

Coinbase Cloud Pte. Ltd.

One Marina Boulevard, #28-00018989, Singapore

United States

Delegate & Participate

Coinbase Crypto Services, LLC

1209 Orange Street, Corporation Trust Center City of Wilmington, DE 19801