This privacy policy describes how Crypto Law Index ("we", "us", "the publication") processes personal data of website visitors and contributors under Regulation (EU) 2016/679 ("GDPR").
1. Data we collect
Website visitors
- Technical data (IP address, browser, device, referring page) — legitimate interest in maintaining and securing the site.
- Cookies — see our Cookie Policy.
Contributors and submissions
- Identifying data (name, email, firm) submitted via correction or firm-submission email — consent and editorial process.
- Information you choose to share about your firm or correction request — consent.
2. How we use your data
- To process correction requests against the published index.
- To process firm-inclusion submissions for the next index review cycle.
- To respond to editorial enquiries and complaints.
- To maintain and secure the website.
We do not sell personal data, do not share it for marketing purposes, and do not use it to train machine-learning models.
3. Sharing
We share personal data only with our IT service providers (cloud hosting, email, document management) under written data-processing agreements, and where required by law.
4. International transfers
Some of our processors are located outside the European Economic Area. Where this is the case, transfers are made under Standard Contractual Clauses adopted by the European Commission, supplemented where necessary by additional safeguards following the Schrems II ruling.
5. Retention
- Editorial correspondence: 24 months from last contact unless earlier deletion is requested.
- Correction requests: retained as part of the editorial record for the lifetime of the affected firm profile.
- Website analytics: 14 months.
6. Your rights
Under GDPR you have the right to access, correct, erase, restrict, port, and object to processing of your personal data, and to lodge a complaint with the data protection authority of your habitual residence.
7. Contact
Privacy questions: editor@cryptolawindex.com.