Safellos kundtjänst kommer att vara på utbildning från klockan 12 PM. Alla transaktioner som kräver manuell hantering kommer att hanteras i turordning.

Köp & sälj kryptovaluta
Bitcoin Ethereum XRP
Mer från Safello
Mobilapp Safello Premium Blogg


Effective as of November 4th 2020.



Privacy Policy

We are very keen on being compliant with the European data protection rules and principles to protect you and your personal data. We at Safello will always go the extra mile to protect your privacy data and never sell it to any third parties. This Privacy Policy contains all information related to the data processing of Safello, concerning the collection, use, storage, disclosure and erasure of data. Please, revise this Privacy Policy carefully before you disclose any of your personal data to us.

1. Preamble

1.1. Safello AB as data controller (hereinafter: ’Safello’) is a cryptocurrency exchange company registered in Sweden, operating a brokerage platform offering and enabling users to safely and securely buy and sell established cryptocurrencies such as Bitcoin (BTC), Ethereum (ETH) and Ripple (XRP) (hereinafter: ‘Services’). If you, as our customer, use our Service or are interested in it (hereinafter: ‘Customer’ or ‘Data Subject’), you may disclose certain personal data to us.

1.2. For the purposes of this Privacy Policy, the terms ‘we’ or ‘our’ etc. shall mean Safello.

1.3. Capitalized words and terms used in this Privacy Policy have the same meaning as described in our Terms of Service.

1.4. This Privacy Policy requires your expressed consent, which you may withdraw at any time. You give your consent by placing a tick in the box during the Sign Up Process. Your consent shall be voluntary, expressed and based on the related, detailed information we provide to you.

1.5. Safello is responsible for the conclusion, enforcement, updating and amending of this Privacy Policy. Safello may amend this Privacy Policy unilaterally, at any time as the business processes and the relevant legal requirements develop. If you don’t agree with the modifications, you can delete your Account anytime. Please, keep in mind that deleting your Account does not mean that we delete your personal data too. This Policy gives you detailed information on how long we keep your personal data even after you delete your Account.

1.6. This Policy comes into effect upon its publication. The prevailing (current) version of this Policy is available on the website: https://safello.com/legal/privacy/.

1.7. Safello handles your personal data confidentiality and is committed to take all the safety, technical and organizational measures that guarantee the security of your data.

1.8. Safello is also committed to process your personal data lawfully, fairly and in a transparent manner; we only collect and process data that are suitable and relevant for the purposes of data processing, and are necessary to achieve such purposes.

1.9. Safello attempts to ensure the accuracy and up-to-date nature of the personal data; therefore, we take all necessary measures for the immediate erasure or rectification of inaccurate data.

1.10. Your personal data is only yours, therefore, you can request the restriction of data processing, rectification or erasure of your data and you can object to our data processing at any time, free of charge via email: . We respond to you without undue delay, but the latest within one month from the receipt of the request. If we have to reject to perform your request, we will provide a proper justification of rejection. In justified cases, depending on the complexity and number of requests, we may extend the deadline by two further months. We will inform you about such extension within one month of the receipt of your request, together with the reasons for the delay.

2. Service provider’s data

Name of Safello Safello AB
Registered seat of Safello Mäster Samuelsgatan 36, 111 57 Stockholm, Stockholms län
The contact details of Safello, its electronic mailing address used for regular communication with Customers (for general requests) (for privacy policy related requests)
Company org. number 556954-4165
The company’s tax number SE 556954416501
The name of the registering authority Swedish Companies Registration Office (Se. Bolagsverket)
Website https://safello.com

3. Applicable laws

Safello hereby declares to process your personal data in compliance with the prevailing laws and regulations, with special regard to the following:

4.1. The legal ground for personal data processing is one or more of the followings:

a) your voluntary consent (Article 6 (1) (a) of GDPR)

b) contract concluded by and between Safello and the Customer for contractual performance (Article 6(1) (b) of GDPR)

c) the processing of the personal data is necessary for the performance of Safello’s legal obligations, such as auditing and accounting liabilities, or anti-money laundering and counter-terrorist financing purposes (Article 6(1) © of GDPR).

d) for the enforcement of the legitimate interest of Safello or a third party (Article 6(1) (f) of GDPR).

4.2. You can grant and withdraw your consent to the use of your personal data for advertisement purposes. To do so you can choose such an option after logging in to https://app.safello.com

5. The Data Processed by Safello

5.1. In order to be able to use the Services, you shall disclose certain personal information to Safello through its Website, Widget or Mobile App. If you refuse to comply with such a request; Safello is entitled to lawfully reject the provision of Services, so you may be unable to use them.

5.2. Within the scope of data processing, we can in particular pursue the following activities: to collect, record, register, systematize, store and use the personal data for the purposes of data processing, to query, block, erase and destruct your data and to prevent the further use thereof. In lack of a related legal obligation, we never publish, align or coordinate your personal data with each other.

5.3. Mandatory data provision by Customers

5.3.1. Safello may process the following data provided by the Customers. The disclosure of these data is necessary for the provision of the Services with special regard to the Sign Up Process:

Data Subject Legal grounds Data category Purpose of Data Processing
Customer registering on Safello Website,
the Mobile App,
or Customer registering via a Partner Agent,
using the Widget
4.1. c),d) BankID Conclusion, amendment and performance of the contract
Identification and verification of the Customer and ensuring the communication
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Name via BankID (all first names and last name) Conclusion, amendment and performance of the contract
Information used by the payment system, service fee invoicing
Identification and verification of the Customer and ensuring the communication
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Personal number via BankdID Conclusion, amendment and performance of the contract
Identification and verification of the Customer and ensuring the communication
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Date of birth via BankID Conclusion, amendment and performance of the contract
Identification and verification of the Customer and ensuring the communication
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights

5.3.2. Safello may be obligated by law to process the following data provided by the Customers. In case Safello determines, based on internal policies, the disclosure of these data is necessary for the provision of the Services:

Data Subject Legal grounds Data category Purpose of Data Processing
Registered Customers 4.1. c) Address and proof of address (such as utility bill, property tax receipt) Identification and verification of the Customer
Ensuring genuineness of Transactions
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Additional ID Identification and verification of the Customer
Ensuring genuineness of Transactions
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Information on employment status (such as employment contract) Identification and verification of the Customer
Ensuring genuineness of Transactions
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights
Proof of source of funds/wealth (e.g. income statement) Identification and verification of the Customer
Ensuring genuineness of Transactions
Establishment and maintenance of a reliable and safe environment
Enforcement of claims and rights

5.3.3. Safello may process the following data provided by the Customer to Safello in the course of the performance of Services, in addition to the data set out in 5.3.1 The disclosure of these data is necessary for the proper performance of the parties’ contractual obligations, and the actual categories of data in case of a Customer may depend on the individual circumstances, such as the payment options they choose or the content of the claim submitted:

Data Subject Legal grounds Data category Purpose of Data Processing
Transaction data 4.1. b),c) Mobile phone number connected with the Swish account Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Bank Account Number and Bank
Identification Code from which FIAT has been sent to Safello
Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Card processing information (such as last four digits, brand, holder and
expiry date of the credit card of the Customer)
Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Cryptocurrency wallet to which the customer desires to receive their
transfer in crypto, or the wallet and hash of the incoming Transaction in case of a Sell order.
Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Amount of FIAT (SEK) expected, amount arrived to Safello, exchange
rate and Safello Fee at the time of the Transaction in case of a Buy order
Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Amount of cryptocurrency expected,
amount arrived at Safello, exchange
rate at the time of initiation of the Transaction and FIAT payout amount
from Safello after deduction of the
Safello Fee in case of a Sell order.
Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment


Data Subject Legal grounds Data category Purpose of Data Processing
Complainant, claimant, inquirer 4.1. a),c) Data provided in the complaint/ claimant/ inquirer when contacting Safello Conducting the complaint management process, carrying out a request or claim submitted to Safello
Identification and verification of the user and ensuring the communication

5.4. Optional data provision by Customers or other persons

5.4.1. Safello may process the following data provided by the Customers voluntarily and manually. We do not collect them during the Sign Up Process and they are not collected automatically if not included in the data processing covered by 5.3.:

Data Subject Legal grounds Data category Purpose of Data Processing
Data provided after the Sign Up Process of the Customers in case of a data change 4.1. a),b) (Name (first name and last names) Conclusion, amendment and performance of the contract
Identification of the user and ensuring the communication
Other documents to prove data change Conclusion, amendment and performance of the contract
Identification of the user and ensuring the communication
Date provided by Customer after processing a Transaction 4.1. a) Email address Conclusion, amendment and performance of the contract with special regard to the invoicing requests
Ensuring the communication
Advertisement, marketing activities

5.4.2. We may also collect data from other persons who are not our Customers. The collection of these data is carried out voluntarily and manually, they are not collected automatically:

Data Subject Legal grounds Data category Purpose of Data Processing
Contractual contact person designated by the business
partner of Safello or networking contacts provided by the partner
4.1. a),d) Other data provided voluntary during networking Establishment of business partnerships
Identification of the partner
Ensuring the communication
Conclusion, amendment and performance of contract


Data Subject Legal grounds Data category Purpose of Data Processing
Job applicant 4.1 a) Name (first name and last name) Conducting the professional selection process
Identification of the applicant and ensuring the communication
Establishment of the legal relationship
E-mail address Conducting the professional selection process
Identification of the applicant and ensuring the communication
Establishment of the legal relationship
Telephone number Conducting the professional selection process
Identification of the applicant and ensuring the communication
Other data provided voluntarily
in the CV, such as educational background, employment history,
language skills, certificates and obtained licenses.
Conducting the professional selection process
Data Subject Legal grounds Data category Purpose of Data Processing
Employee, Subcontractor 4.1. b),c) Name (first name and last name) Conclusion, amendment and performance of the legal relationship;
Identification of the applicant
Ensuring the communication.
Compliance with legal obligations relating to employment (e.g. informing necessary authorities)
Social Security number Conclusion, amendment and performance of the legal relationship
Compliance with legal obligations relating to employment (e.g. informing necessary authorities)
Criminal background check (see details in point 10.3.) Conclusion of the legal relationship
Establishment and maintenance of a reliable and safe environment
Address Conclusion, amendment and performance of the legal relationship
Compliance with legal obligations relating to employment (e.g. informing necessary authorities)
Bank Account Number Conclusion, amendment and performance of the legal relationship
4.1. a) Telephone number Conclusion, amendment and performance of the legal relationship
Ensuring the communication

5.5. Automatic collection of data in the course of the Services

Data Subject Legal grounds Data category Purpose of Data Processing
Customers using the Services 4.1. a) Timestamp of the registration Maintenance and development of the Service
Login history Maintenance and development of the Service
Log data and device information Maintenance and development of the Service
Data collected by Google Analytics Maintenance and development of the Service
Data collected by Intercom Maintenance and development of the Service
Data collected by Identification, BankID processor Provider (see the actual data categories in Section 5.3.1.) Maintenance and development of the Service
Possible data collected by Liquidity Partner Maintenance and development of the Service
It is possible that our liquidity partner might request Safello for proof of funds for larger transaction
Customer initiating a Transaction 4.1. c) Sanction list verification Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment
Politically Exposed Person verification Conclusion, amendment and performance of the contract
Establishment and maintenance of a reliable and safe environment

5.6. Data collected from third parties

5.6.1. We only collect your personal data collected by third parties in order to comply with our legal obligations, or, in other cases, if you have given your explicit consent to the data transfer directly to/from those third parties, which is your responsibility to arrange. We do not supervise that your consent is properly given, we trust both you and those third parties who shall also be compliant with the data protection rules. Therefore, we are not liable for the collection and processing of such data by third parties.

5.6.2. Due to the nature of the Service, Customers use services of third parties, related to payment and payment methods. Safello has no influence on the operation of these service providers, they are obliged to ensure their data protection measures in their own competence. Currently, we support the following service providers: Swish, Bankgirot, SEPA, Bank Giro, Credit/Debit Cards (including Apple Pay and GPay), Direct Payment or Payment initiation (hereinafter together: Online Payment System).

5.6.3. Safello is not a cryptocurrency wallet provider. In order to use our Service, you also need to set up and use a cryptocurrency wallet, for which you may choose any third-party provider. Safello has no influence on the operation of these service providers, they are obliged to ensure their data protection measures in their own competence.

5.6.4. When using our Services, you have the option to increase your Tier Level, and therefore your Transaction Limit using the services of our Account Analysation Partner. The details of this voluntary option are described in our Terms of Service. During this verification, we receive certain data from them, which data are described in their Privacy Policy that you separately agree to when using the verification service.

5.6.5. If you use the services of a third-party service provider (such as Facebook, Linkedin, Instagram, Google, Skype, etc.) in order to contact Safello, we do not request any data of yours from the concerned third party. To the provision or change of such data, the privacy policies of the concerned third-party service provider shall apply.

5.7. Cookies applied by Safello

5.7.1. What is a cookie? Cookies are small data files of information that our website transfers to your hard drive or mobile device to store and sometimes track information about you. Although cookies do identify a Customer’s device, cookies do not personally identify Customers. Additionally, mobile devices may use other tracking files which are similar to cookies (for example iOS devices use Apple’s ‘identifier for advertisers’ (IDFA) and Android devices use Google’s Android ID). In the context of tracking within Safello, the concept of a cookie will include an IDFA and an Android ID for the purpose of this Policy.

5.7.2 Why we use cookies: Our website uses cookies to distinguish you from other Customers. This helps us to improve our website and to provide you with a good experience when you browse.

5.7.3. Types of cookies we use:

Strictly necessary cookies: these are cookies that are required for the operation of a website, such as to enable you to log into secure areas.

Performance cookies: these types of cookies recognise and count the number of visitors to a website and are used to see how users move around. This information is used to improve the way the website works.

Functionality cookies: these cookies recognise when you return to a website, enable personalised content and recognise and remember your preferences.

Targeting cookies: these cookies record your visit to a website, including the individual pages visited and the links followed.

Generally, the strictly necessary cookies and some performance and functionality cookies only last for the duration of your visit to a website or expire when you close the website: these are known as ‘session cookies’. The functionality cookies and some targeting and performance cookies will last for a longer period of time: these are known as ‘persistent cookies’.

Third party cookies: Some of the persistent and session cookies used by our website may be set by us, and some are set by third parties who are delivering services on our behalf. For example, we use Google Analytics to track what users do on the website so we can improve the design and functionality.

5.7.4. Blocking cookies: Most browsers, mobile devices and apps automatically accept cookies but, if you prefer, you can change your browser, device or app settings to prevent that or to notify you each time a cookie is set. You can also learn more about cookies by visiting www.allaboutcookies.org which includes additional useful information on cookies and how to block cookies using different types of browser or device. To block the IDFA on your iOS mobile device, you should follow this path: Settings > General > About > Advertising and then turn on ‘Limit Ad Tracking’. To block Android ID on your Android device, you should follow this path: Google Settings > Ads and then turn on ‘Opt out of interest-based ads’.

6. The method and term of the use of the data collected

6.1. We only process your personal data if it is essential, suitable for and limited to the extent and duration required to the achievement of the purposes set for processing.

Purpose of Data Processing Justification of purpose Duration of data processing
Conclusion, amendment and performance of the contract Safello shall use the data collected by it or through third party service providers for the following purposes, to create, modify and conclude the contract. The personal data collected during the use of the Service serves to facilitate and enable the Transaction initiated by the Customer. Safello uses the Customer’s personal data to enable the creation of the contractual background of the Customer’s service order and to facilitate the fulfilment of the contract. Safello shall process the personal data during the term of the contractual relationship or in case a contractual relationship has not been established, until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. Customer may request for the erasure of his/her data in a letter sent to the email address. For the purposes of evidencing in the case of a dispute, the data of the concerned Customer shall be processed during the term of the general limitation period and for five (5) years when the Customer didn’t process a transaction or seven (7) years after when the Customer has made full use of the Service from the final and binding closure of the dispute.
Maintenance and development of the Service Safello shall use the data collected by it or through third-party service providers for the following purposes of maintenance and development of the Service. Safello shall use the personal data of the Customer to enable the continuous development and improvement of the Services.
Identification and verification of the Customer, user or applicant and ensuring the communication Safello may use the Customer’s personal data to ensure the identification and verification of the Customer, and for the purposes of effective communication with the Customer, in the course of which Safello contacts and identifies Customer through their contact data provided. Safello may use the applicant’s and other data subjects’ personal data in order to identify them and ensure effective communication through the contact data provided.
Establishment and maintenance of a reliable and safe environment, enforcement of claims and rights Safello may use the personal data of the Customer to secure the legitimate interests of Customers in the course of the use of Services. In the scope of the above, Safello shall be entitled to the following activities: the prevention and termination of fraud, spam, misuses and other harmful activities, to perform security investigations and risk analysis, to check and verify the data provided by the Customer.
Information used by the payment system, service fee, invoicing The service is subject to a fee, during which Safello may perform the following by entering the used payment data: by entering the bank card data, the Service Provider authorizes access to and use of the payment services. Safello is not responsible for the further operation of the Online Payment System and does not manage the data contained therein, it has no effect on its operation and data protection settings. Safello may use Customer’s personal data in order to send receipts of Transactions initiated by the Customer, upon the Customer’s request.
Advertisement, marketing activities Safello may use the personal data of Customers solely for the following advertisement and marketing activities: to send promotion messages, advertisements, newsletters, other information popularizing the Services via phone or email, to display the sponsored news, games, surveys, promotion activities and events of Safello and its cooperating partners. The Customer may unsubscribe from advertisement-related communication at any time after logging in to www.app.safello.com. In the absence of such an act, Safello shall process data for at least 5 years.
Conducting the complaint management process, carrying out a request or claim submitted to Safello Documentation and verification of the conduct of the procedure, the actual examination. Safello shall process the personal data concerned until the purpose of processing has ceased, or erases them in case further processing of such data is no longer necessary for the purpose of processing. The data shall be stored for 5 years according to consumer protection rules.
Compliance with legal obligations relating to employment (e.g. informing necessary authorities) Compliance with relevant information, reporting obligations and obligations connected to anti-money laundering, counter-terrorism financing, taxation, contributions, etc. Safello processes the data for ten (10) years starting from the last day of the calendar year in which employment ends, with the prohibition to discard labor, wage and social security records. Otherwise the limitation period in labor law is seven (7) years.

7. The persons having access to the data processed, data transfers

7.1. To be able to provide you with undisturbed Services, for quality assurance purposes, as well as to enable the investigation of customer claims and complaints, we might have to transfer your data to third parties. By accepting this Privacy Policy you give your expressed consent to these data transfers.

7.2. Data transfer may take place in the following cases:

Recipient of data transfer Scope of data that may be transferred
Transfer of data to employees The personal data processed by us shall also be made available to the employees of Safello, but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category and only in relation to their employment tasks.
Transfer of data to Safello’s subcontractors Some of the members of our team are not employees of Safello, and are in a contractual relationship with Safello. The personal data shall also be made available to these subcontractors of Safello, but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category and only in relation to their relevant tasks.
Data transfer within the company group To the personal data processed by us, Safello’s company group shall have access, but only if their access to and processing of personal data is required for the purposes of data processing related to the given data category only in relation to their relevant tasks.
Data transfer to the payment service providers, liquidity providers The payment for orders via Safello is made through our partner operating the Online Payment System. Customer registers his / her data directly in our partner’s system, therefore the actual data categories may differ for each partner Customer uses. Safello does not have direct access to this data.
Electronic invoice system During using the service, it is possible to request the issuance of an electronic receipt. To receive such a document, you will be required to share your email address with us.
Accounting Company Data on employees, contributors and invoicing will be forwarded to our partner providing accounting services.
Law Firm All data necessary for the performance of the activity of the Law Firm shall be forwarded to our legal advisory partner.
Publicly displayable information Safello may only display your information publicly in case you have consented to their disclosure on the social media or other platforms of Safello or our partners. We never display any information publicly without your explicit consent.
Compliance with Laws Except for the cases defined in the section 7 and the case if Safello is instructed by various authorities to transfer data upon provisions prescribing mandatory data transfer to a specific authority, state or administrative organ and such instruction cannot be lawfully rejected, Safello may not transfer the personal data provided to it to third parties.
Account Analysation Partner Confirmation of Bank Account. As a Tier 3 Customer of Safello, you may choose to confirm your Bank Account, in order to raise your Transaction Limits. This is optional, and if you do so, our partner will get access to your personal data.
Banking Partner Record keeping of all of our transactional data by the bank which executes Fiat transactions.
Sanction List and PEP scan Partner We use a partner to perform our obligations according to anti-money laundering and counter-terrorism regulations. In the process of monitoring, we send to our partner the data from BankID (name, birthday and personnummer) via an API call.

7.3. To be able to provide you with undisturbed Services, we use the contribution of the following third-party service providers:

Hosting service provider, or a company providing system operation services to Safello upon contractual relationship (Data Processor) Name: Amazon Web Services EMEA SARL
The address of the hosting service provider: 38, avenue John F. Kennedy
L - 1855 Luxembourg
Company reg. no.: B186284 (Luxembourg)

Contact page of the hosting service provider: https://aws.amazon.com/contact-us/?nc1=f_m
The website of the hosting service provider: https://aws.amazon.com/
Provider of identity solutions: Name: Zignsec
The address of the identity solution provider:
Bibliotekstorget 8
SE- 171 45 Solna
Companies page of the identity solution provider:
559016-5261
Contact page and website of the hosting service provider:
https://zignsec.com
Provider of PEP and Sanction data: Name: Pliance (Plisec AB)
The address of the PEP and Sanction data provider:
Doktor Widerstroms Gata 40
SE - 129 54 Hägersten
Companies page of the PEP and Sanction data provider:
559161-4275
Contact page and website of the pep and sanction data provider:
https://pliance.io
Provider of income verification data: Name: Tink AB
The address of the income verification data provider:
Vasagatan 11 7tr.
SE-111 20 Stockholm
Companies page of the income verification data provider:
556898-2192
Contact page and website of the income verification data provider:
https://tink.se

7.4. The Data Processor assists Safello in the smooth operation of the IT infrastructure that facilitates the storage of personal data provided to Safello, Data Processor has no direct access to personal data. We expressly declare that we have no direct or indirect liability with respect to the data processing activity of the Data Processor and the security of personal data in the course thereof; in this regard, the privacy policies and regulations of the Data Processor shall apply.

7.5. If we need to involve further Data Processors, we will notify you about that by the modification of our Privacy Policy.

8. Rights and obligations of the Parties

8.1. Processing of Customer’ data, rights of information, access to data

8.1.1. You can access your personal data which have been collected by us. Please, notify us of any change in your data, at dataprotection@safello.com. You are responsible for ensuring the up-to-date status of the personal data. In order to protect you, in case of any requests coming concerning your data, we need to verify the person requesting the data. We do not retain personal data for the sole purpose of being able to react to potential requests.

8.1.2. Safello shall take appropriate measures to provide you with all information concerning the processing of personal data, in a concise, transparent, comprehensible and easily accessible form, in a clear and comprehensible way. The information is mainly provided electronically on request at the e-mail address . Proof of your identity is always required for the information.

8.1.3. Safello shall, without undue delay, but in any case within one month from the receipt of the request, inform you of the action taken following his / her request. If necessary, taking into account the complexity of the application and the number of applications, this time limit may be extended by a further two months. Safello shall inform you of the extension of the deadline, indicating the reasons for the delay, within one month from the receipt of the request.

8.1.4. If Safello does not take action at your request, it shall inform you without delay, but no later than within one month from the receipt of the request, of the reasons for non-action and that you may lodge a complaint with one of its supervisory authorities and may exercise its right of judicial review.

8.1.5. The first request is free of charge. The second and all additional requests repeatedly filed can be subject to a fee, if the request is related to the same subject or subject matter in the ongoing year, the request is not for information purposes and Safello legally disregards the rectification, erasure or restriction of the personal data handled on the basis of the repeated application. The current fees can always be found here. If a repeated request is justified because the act giving rise to the request has been caused by omission or activity attributable to Safello, Safello may waive the charges set out.

8.1.6. If we process a large quantity of information concerning you, we may need you to specify the information or processing activities to which the request relates before the information is delivered.

8.2. Rectification and erasure: You can ask us to rectify your personal data if necessary or to delete them where the retention of such data infringes the provisions of the related laws and regulations or if they are no longer necessary in relation to the purposes for which they are originally processed. In practice, this means that we may deny erasure of your data in cases where we have legal grounds other than your consent for the processing of those data. For example, we are legally obligated to retain your personal data in case you have carried out a Transaction with Safello.

8.3. Withdrawal of consent and restriction of processing: In case you withdraw your consent to our processing of your personal data, we might not do that if processing is necessary for the protection of exercising the right of freedom of expression and information, for compliance with a legal obligation etc. The processing of personal data is essential until the proper, contractual completion of the contract concluded by and between Safello and you.

8.4. Right to object: You still have the right to object against the processing of your personal data considering your individual circumstances even if it is lawfully processed by Safello, for example on grounds of the legitimate interests of the controller or a third party.

8.5. Right to data portability: If you need it, we can provide you with a structured, commonly used and machine-readable format of all of your personal data processed by us and you can transmit those data to another controller.

8.6. The Obligation of the User: You are the only one who is responsible for the lawfulness, reality and accuracy (i.e. the quality) of your data under criminal liability.

9. Automated decision making, profiling

9.1. Safello carries out automated decision-making in applying the following functions:

/ Operation of the automated decision-making Technology Purpose, grounds
Age verification via BankID When Customer initiates a Sign Up Process, Safello verifies the Customer’s identity using BankID. If the BankID verification determines that Customer is underaged (under 18 years old), and is therefore not eligible to use Safello’s Services, the Customer is denied onboarding and cannot finish the Sign Up Process. By means of the digital certificate provided by BankID Providing Customers with a safe user environment and ensuring that minors, who are considered an at risk group for online fraud, and are less likely to understand the complexity of cryptocurrency transactions, do not use Safello’s Services and therefore cannot be exploited.
Setting the Transaction Limit via our Account Analysation Partner Based on Customer’s specific choice, Customer can verify their bank account via our Account Analysation Partner, which allows the Customer to increase their Tier Level and Transaction Limits. These higher Transaction Limits are set up automatically after completing the verification process, and are based on the information received during the process. By means of the open banking platform and API offered by our Account Analysation Partner. Providing the Customer with additional opportunities for the Customer’s comfort and benefit, in order for the Customer to be able to perform Transactions with higher Transaction Limits than what they are allowed to during the normal use of the Services, without the verification.

9.2. The Age verification via BankID is applied through the integration of the BankID identification and verification into Safello’s Sign Up Process. In order to meet the legal requirements concerning money laundering and terrorism financing prevention, we must obtain certain knowledge of our Customers. For this reason, we have a legal obligation to check and verify the identity of our Customers, and we do that via BankID, to make the process as convenient as possible for our Customers. The only automated decision making we apply in relation to the Sign Up Process via BankID, is the automated dismissal of Customers who are underaged, and only for their own protection. This automated decision making is necessary of the conclusion and performance of the contract, because minors are considered an at-risk group for online fraud and other cybercrimes and they are less likely to comprehend the complexity of cryptocurrency transactions and understand their risks and consequences. Therefore, we are not offering our Services to minors and the safest way to avoid doing so, is by automated dismissal based on the BankID verification, so they are not able to finish the Sign Up Process. If, according to the Customer, a mistake happened and they are in fact over the age of eighteen, the Customer may always contact Safello support at .

9.3. Setting the Transaction Limit via our Account Analysation Partner will be applied only if Customers enable them specifically in their Account through an opt-in function within our Services. Customers may also opt out and disable the function in all cases upon their own discretion by sending a request to Safello support at support@safello.com. In the latter case, the automated decision-making in connection with the verification of the Customer’s bank account via our Account Analysation Partner will not be applied anymore, however, the increased Transaction Limits will decrease back to the previous state, before the verification and automated decision making. If, according to the Customer, a mistake happened and the Transaction Limits and Tier Level were set lower or higher than it should have been, or if Customer is unsure on the success of the verification process, the Customer may contact Safello support at .

9.4. Based on the above, we always ensure the right to request human intervention through Safello support, as well as, the right to object to a decision in accordance with our related complaint handling procedures. The Customer shall not be subject to discrimination or any legal disadvantage due to automated decision-making, such form of decision-making does not significantly affect the Customer either individually or as a group and it is subject to the Customer’s consent, or necessary for the performance of the contract. The use of the data collected is always limited to the direct purpose, such data shall not be used for other purposes (e.g. marketing) and may be stored only until when this is necessary for the contractual and complaint-free performance of the specific Service. The Customer may refuse automated decision-making at any time, however, in the first case, Safello cannot provide the Service, in the second case, Safello cannot provide the benefits to the increased Transaction Limits.

9.5. The following are considered to be important by us for the Customer to gain transparent information:

Function Personal data concerned Data use Consequence of use
Age verification via BankID Age The identity and therefore the age of the Customer is verified. The identity data is utilized to comply with our legal obligations and to maintain a safe user environment for our Customers. The Sign Up Process of minors under the age of eighteen is terminated.
Setting the Transaction Limit via our Account Analysation Partner Bank account information The bank account of the Customer is verified via our Bank Account Analysation Partner. The data is used to provide Customers with additional opportunities and a wider use of our Services. The Tier Level and Transaction Limits of the Customer are increased.

9.6. We do conduct profiling, e.g. individual examination of the transaction habits without making deduction in respect of the individual.

10. Further important information

10.1. Data Protection Officer: In our standpoint, Safello is not obliged to appoint a data protection officer, as the main activities do not involve data processing operations that would allow a regular, systematic and high-scale follow-up monitoring of the users; furthermore, Safello does not process any special categories of personal data or crime-related data which have relevance from criminal law aspect.

10.2. Supervisory organs and other authorities: The territorial scope of this Privacy Policy may cover also foreign authorities, if the Customer has a registered seat or business site out of Safello’s area of operation, in a foreign country. Our supervisory authority who you can turn to regarding our data processing is:

Swedish Data Protection
Authority, with regards to
the owner of Safello
Name: Swedish Data Protection Authority (DPA)
Address: Drottninggatan 29, plan 5, 10420 Stockholm
Post address: Datainspektionen Box 8114, 10420 Stockholm
Phone: 08-657 61 00
Email: datainspektionen@datainspektionen.se

Foreign data protection authorities may also be involved if you have your location or place of business outside Sweden. You can search the relevant authority here.

10.3. Processing of sensitive data:

We do not process personal data of our Customers which are, by their nature, particularly sensitive in relation to fundamental rights and freedoms, merit specific protection as the context of their processing could create significant risks to the fundamental rights and freedoms. If we decide to process such sensitive data, this activity shall be pursued with special care and diligence, having your expressed consent thereto, and only the extent it is required.

We do not process personal data or our Customers revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and we do not carry out processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person’s sex life or sexual orientation.

As a result of checking the criminal background of our employees and subcontractors, as mentioned in Section 5.3., we may have access to special categories of data. Legal ground of the data management of the criminal background check is that this is necessary for the performance of Safello’s legal obligations. We do not share this data with anyone outside of Safello’s organization and take all necessary precautions to maintain the safety and confidential nature of these data.

10.4. Processing children’s data:

We do not knowingly collect personal information online from children under the age of 18.

11. Personal data breach

11.1. In case of personal data breach, where the incident is likely to pose a high risk to the rights and freedoms of those concerned, we submit the report towards the data protection supervisory authority stated in sec. 10.2 and as required by the laws and regulations, without undue delay, but in any case, within 72 hours from getting aware of the incident. We have developed internal procedures in case of personal data breach, and personal data breaches are also recorded into a registry. If you are affected by such personal data breach will also be notified, if the prevailing laws and regulations require so.

11.2. If you detect a threat of personal data breach, we ask to report it immediately via email at . Furthermore, in case of personal data breach, you may initiate a court case against Safello.

12. Changes of the Privacy Policy

12.1. Safello reserves the right to amend this Privacy Policy at any time. Amendments will be published immediately on the website

12.2. In case of amendment, you will be notified thereof thirty (30) days prior to the date of effectiveness of amendment, via e-mail or through the website.

12.3. In case you object to such amendment, he/she may notify Safello thereof and disclose his/her respective comments and notices via email, furthermore, he/she may request the erasure of his/her personal data.