We use cookies to improve your experience. Cookie Declaration
ACCEPT ALL
youhodler logo svgyouhodler logo svg
en

PRIVACY POLICY

This privacy policy (“Policy”) describes how YouHodler (“YouHodler”, “our”, “we” or “us”) collects, uses and discloses information about Users (hereinafter “Users” or also “User” in the singular) who visit using this website https://www.youhodler.eu (the “Site”) in accordance with the EU General Data Protection Regulation 2016/679 (“GDPR”) and the Swiss Federal Data Protection Act of 1 September 2023 (“DPA”) and related laws.

This Policy also applies when you contact our customer service, download our Platform and/or App (as defined in the “Definitions” section), and contact us via social media and other official channels. 

1. DEFINITIONS

Application or App: refers to the mobile application available on Android and iOS under the name “YouHodler”, which allows Users to access services via their electronic device.

Cryptocurrency: refers to a digital currency in which cryptographic techniques are used to regulate the generation of currency units and verify the transfer of funds, operating independently of a central bank.

CVM: Cardholder Verification Method.

Cookie(s): A piece of information that is automatically placed on your electronic device’s hard drive when you access the App and which is listed in the Cookie Statement available at: https://www.youhodler.eu/cookies.Il Cookies uniquely identify your browser to the server. Cookies allow the Company to store information on the server (e.g. language preferences, technical information, click or route information, etc.).

External Wallet: means a cryptocurrency wallet to which a User may choose to send Cryptocurrencies or from which a User transfers or receives Cryptocurrencies.

Fiat Currency: refers to a centrally issued currency that is not backed by a physical commodity.

KYC: refers to the set of procedures used to verify the identity of customers and assess their risk profile. The main objective is to prevent illegal activities such as money laundering, terrorist financing and other frauds.

Miner Refer Program (Miner Refer Program): refers to the promotional miner programme of “refer a friend” that allows existing customers to earn specific rewards by inviting friends and family to use the cloud mining feature on the Platform.

Payment Data: refers to data relating to your means of payment, including but not limited to credit card payment, bank references, account holder name, card number, expiry date and other similar data.

PCI-DSS: refers to the Payment Card Industry Data Secure Standards.

Platform: refers to the online platform available (after providing login credentials) at https://app.youhodler.com/sign-in where services are offered by YouHodler.

User Account: means the personal account created during registration for the Platform.

Site (Website): means the website available at the URL https://www.youhodler.eu, and the relevant domain extensions.

Website Content: means all the features, text, design, layout, wireframes, software, information, documents or content displayed and/or technical information associated with the Website.

2. DATA CONTROLLER 

The Data Controller is YouHodler SA (“YouHodler”), based at Avenue du Theatre 7, Lausanne, Switzerland, which processes personal data in connection with the use of the Site and the Platform.  

3. TYPE OF DATA COLLECTED, PURPOSE AND LEGAL BASIS

YouHodler informs Users that the request to provide certain of the personal data listed and described below may be received by the User at various times during interaction, browsing the Site and/or use of the Platform. 

  • Visitor/User Data

In order to access the services of the Platform, the following data is collected: Cookies; the User’s geographical location; the type of browser used by the User; the name of the User’s server; the User’s IP address through which the User accesses the Internet; the date and time at which the User accesses the Platform/Application or visits the Site; the pages visited by the User; the Internet address of the websites, if any, from which the User has made a direct connection to the Platform.

Legal basis: consent and legitimate interest of the Controller (Art. 6(1) (a) (f) GDPR; Art. 34 DPA)

  • Registration Data

Telephone number; email address; country of residence.

Legal basis: performance of a contract (Art. 6(1) (b) GDPR; Art. 34 DPA)

  • KYC and AML data

Personal Data collected for KYC purposes and to make services available on the User’s account, including but not limited to: first and last name, date of birth, gender, address (full details), nationality, country of birth, country of residence, photographic image of an ID, valid ID (for facial comparison, visual authenticity and face comparison, image integrity, validation/comparison/coherence of data that can be matched to the ID, for criminal registration purposes), selfie or video for facial similarity check, document extract (ID report), document extract (assets), document extract (AML), document extract (residence or utility bill), video verification call recordings, documents whose content tends to verify your source of wealth and source of funds.

Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

  • Eligibility Data of the User

You may have to answer questions and provide certain Personal Data to help us understand which services are best suited to you. This could include: basic employment-based eligibility form, investment and cryptocurrency experience, answers to questions about source of funds, answers to questions for advanced eligibility, answers to questions measuring level of risk, proof of residence, proof of wealth and checklist report.

Legal basis: consent (Art. 6 (1) (a) GDPR; Art. 34 DPA)

  • Financial Data

Information relating to the origin of the fiat currency account, fiat currency account address, fiat currency account details, fiat currency account balance, External Wallet address(es), global User account balance, cryptocurrency balance, fiat currency balance, global balance in the External Wallet (if required).

Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

  • Transaction Data

Information relating to the execution of a transaction or the use of YouHodler’s support services, including cryptocurrency amounts, date of request, details relating to the Agreement (including content viewed, downloaded or sent), billing information, User account activity log, communication log, User account level, currency displayed, public address of the virtual asset service provider (VASP) to which the cryptocurrency funds are sent, sender information and beneficiary (recipient) information of the transactions, the address of the External Wallets, the digital assets in the External Wallets, and any available details (if required).

Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

  • Credit data

Data collected (relating to the User) before using the services via the Platform, including full name, address, date of birth, all information and documents relating to the pledgeable part of the income:

  1. all income of any kind
  2. all income from employment;
  3. all usufruct rights and their products/all life annuities;
  4. all maintenance contributions;
  5. all pensions and benefits of any kind intended to cover a loss of earnings or a claim arising from the right to maintenance, in particular pensions and lump-sum benefits;
  6. a reference pay slip, if you are self-employed; all relevant information and documents proving income; all relevant information and documents on your financial situation; rent; an extract from the rental agreement; an extract from your tax return; the amount of all credits already obtained; an extract from the debt enforcement register; and all relevant information and documents on expenses.

Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

  • Automatically collected data (in this case it depends on the State where the User is located, in Italy at the moment these data are not collected)
  1. Location Data - Information that is automatically collected through analytics providers to determine your location, including your IP address and/or domain name, the internet address of websites from which you have directly linked to the Application, login information, browser type and version, date and time you access the Application, browser plugin types and versions, operating system and platform. This information is collected to verify the User’s location in order to provide proof of address (PoA).
  2. Log Data - Information generated from Platform usage that is automatically collected and stored by YouHodler. This information may include, but is not limited to, device specific information, location information, system activity and any internal and external information relating to pages visited.

 Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

  • Data Collected from Third Party Providers
  1. Bank Transaction and/or Payment Provider Information - Information from banks and/or payment providers used to transfer money to YouHodler, such as basic personal information, name and address, as well as financial information such as bank account details and, where possible, card details when making card payments.
  2. Advertising Data - Information from advertising networks, analytics providers and search engine information providers that is anonymous or anonymised information.
  3. PEP Screening and Sanctions Information - Information collected and conducted by our third party AML service providers or from public domain databases based on information extracted from your ID.

Legal basis: Performance of a contract and fulfilment of legal obligations (Art. 6(1) (b) (c) GDPR; Art. 34 DPA)

4. DISCLOSURE OF PERSONAL DATA TO THIRD PARTIES 

We share personal data in the following circumstances

  • parties, companies or agencies that provide support and/or services to YouHodler (e.g. IT services, marketing services and analysis or consulting activities), who process personal data as data controllers or on behalf of YouHodler as data processors;
  • third parties who are required to know the data by law (e.g. police forces or public authorities), in accordance with the principles of proportionality and minimisation

We also share aggregated or de-identified information that cannot reasonably be used to identify you.

5. ANALYSIS

We allow others to provide analytics services on our behalf on the web and in mobile applications. These entities may use cookies, web beacons, device identifiers, and other technologies to collect information about your use of our Site and other sites and applications, including your IP address, web browser, mobile network information, pages viewed, time spent on pages or in mobile applications, links clicked, and conversion information. For more details please see our Cookie Policy

6. TRANSFER OF DATA TO EUROPEAN AND NON-EUROPEAN COUNTRIES 

YouHodler operates and uses service providers in different jurisdictions. 

Therefore, we and our service providers may transfer personal information collected from you to jurisdictions and countries that may not provide equivalent or adequate levels of data protection. 

By using our Site and App, you acknowledge and agree to such transfers and processing from countries outside the European Union or the European Economic Area (so-called Third Countries) to Europe and vice versa, which are nevertheless recognised by the European Commission as providing an adequate level of data protection or other contractual safeguards under the GDPR and the DPA (for example, by signing standard contractual clauses provided by the European Commission). 

Further information can be requested by writing to support@youhodler.com.

7. SINGLE SIGN ON (SSO) INTEGRATION

We offer you the ability to sign-in to our services using your Google Sign-in or Apple ID account: when you choose to use Google Sign-in or Apple ID login, we collect and process certain information from your Google or Apple ID account to create and manage your profile, which may include your name and email address.

By using Google Sign-in to access our services, you consent to the collection and processing of this information: we only use this information to manage your authentication and profile; we do not access or store any other personal information or sensitive data from your Google Account.

Your use of Google Sign-in is subject to Google’s privacy policy and terms of service, so we encourage you to review Google’s privacy policy to understand how they manage your data.

In accordance with applicable data protection regulations, you have the right to revoke this consent at any time and request removal of your account by contacting our team at support@youhodler.com.

8. DATA RETENTION

We retain other personal information for as long as necessary to fulfill the purposes for which we originally collected it and subject to (i) the time necessary to retain the information to fulfill the purpose for which it was obtained, (ii) any legal or regulatory requirements applicable to such information, (iii) internal operational needs, and (iv) any information needs based on actual or anticipated investigations or litigation.

9. EXERCISE OF RIGHTS 

Subject to certain limitations, you have the right to request access to the personal information we hold about you and to receive it in portable format, the right to request rectification or erasure of your personal information and the right to object to or request restriction of certain processing. If you wish to exercise any of these rights, please contact us at support@youhodler.com.

10. COMPLAINTS

You have the right to lodge a complaint with the Italian or Swiss Data Protection Authority, whose contact details can be found on the websites of the respective authorities. 

This Privacy Policy may be amended from time to time, so we encourage Users to review this Privacy Policy regularly to stay informed about our information practices and the choices available to you.

Updated 7 July 2025

ANNEX 1 - LIST OF CROSS-BORDER TRANSFERS 

EU Member States GDPR

- United Kingdom Adequacy Decision

- United States of America Additional security measures and organisation

- Switzerland Adequacy decision

Other recipients of personal data for processing purposes (Sub-processors)

AWS - Compliance Programme; GDPR Centre; Supplementary Measures Addendum;

Ireland

Infrastructure provider providing hosting and storage services

Data essential for the operation of services and the construction of the contractual relationship

Infomaniak SA 

Switzerland

Infrastructure provider providing hosting and archiving services

Essential data for the functioning of the services and the construction of the contractual relationship

Atlassian

Netherlands; USA; Australia; UK

Infrastructure provider; Customer service management

Essential data for operation of services and construction of the contractual relationship

Cloudflare.com

Infrastructure provider;

ANONYMISED DATA

SumSub Ltd.

Germany

KYC provider, Data validation, Document control, Biometric processing, Fraud detection

Data essential for the operation of services and the building of the contractual relationship; Data collected for compliance with AML and/or EU laws; Data collected for compliance with other applicable laws and regulations

Intercom

Ireland

Customer account support and communications

Data essential for the operation of the services and the building of the contractual relationship; Data collected for marketing purposes

Twilio

US/EU/Switzerland

Communications technology provider

Data essential to the operation of the services and the building of the contractual relationship

Applicable ONLY if users choose to use SMS for 2FA

Sendgrid

US/EU/Switzerland

Communications Technology Provider

Data essential for the operation of the services and the construction of the contractual relationship;

Applicable ONLY if users choose to use Email for 2FA

Sift

EU/US

Data analysis tool using artificial intelligence

Data collected for compliance with AML and/or EU laws; Payment data

Elliptic

United Kingdom

Data analysis tool

Data collected for compliance with AML and/or EU laws;

Lightspark

USA

DLT infrastructure enabling certain operational services

Data essential for operation of the service; Data collected for compliance with AML and/or EU laws; Payment data

Checkout

USA, UK, EU

Payment service provider

Data collected for compliance with AML and/or EU laws; payment data

Unlimint

EU

Payment Service Provider

Data collected for compliance with AML and/or EU laws; Payment data

Volet

Canada

Payment Services Provider

Data collected for compliance with AML and/or EU laws; Payment data

Intergiro

EU

Payment Service Provider

Data collected for AML and/or EU law compliance; Payment data

Mixpanel

UK/Spain/Singapore

Product analysis

Data essential for operating services and building the contractual relationship; Data collected for marketing purposes

Customer.io

USA

Communications technology provider

Data essential for operation of services and building the contractual relationship; Data collected for marketing purposes

PandaDoc

USA

Digital signature platform

Data essential for operation of services and building of contractual relationship; Data collected for compliance with AML and/or EU laws; Data collected for compliance with other applicable laws and regulations

Docusign

France, UK, Italy, Germany, Netherlands, Spain

Digital signature platform

Data essential for the operation of the services and the building of the contractual relationship; Data collected for compliance with AML and/or EU laws; Data collected for compliance with other applicable laws and regulations

Typeform

USA, Luxembourg

Forms management

Data collected for marketing purposes

Affise

Cyprus

Affiliate marketing management platform

Data essential for the operation of services and building the contractual relationship with affiliates; Data collected for marketing purposes

Applicable ONLY if user is part of affiliate network

Google Inc

Ireland, Belgium, Germany, Switzerland, UK

Infrastructure provider providing hosting and storage services; Internal communications

Data essential for the operation of services and the construction of the contractual relationship

Slack

USA

Internal communications

Essential data for the operation of services and construction of the contractual relationship

WEGLOT.COM

Used by YouHodler.com to store the user’s language and automatically load the preferred language version of the website

ANONYMISED DATA

Annex 2 - Standard Contractual Clauses for International Transfers

The standard contractual clauses for the transfer of personal data to third countries in accordance with Regulation (EU) 2016/679 of the European Parliament and of the Council are incorporated herein by reference and made available at the following link:

https://commission.europa.eu/system/files/2021-06/1_en_annexe_acte_autonome_cp_part1_v5_0.pdf 

Forms are available upon request by email to: legal@youhodler.com.

Trustpilot
LEGAL INFO

YouHodler italy Srl

 
    FOLLOW US

    Cryptocurrencies are a high risk investment and cryptocurrency exchange rates have exhibited strong volatility. Exposure to potential loss could extend to your cryptocurrency investment. Products, services, information and/or materials contained herein may not be legally available for residents of certain jurisdictions such as the USA, countries under embargoes or sanctions and/or other countries under sanctions. If such restrictions apply to you, you are prohibited from accessing the website and/or consume any services provided on this platform. You are requested to leave this website. The Company reserves its legal rights in cases where misleading information will be provided by you. It is noted that the Company bears no responsibility whatsoever in the event where financial loss occurs as a result of unauthorized use of the Company’s website.

    YouHodler italy Srl