Ambassador Applicants Privacy Notice
Date of publication: 7 August 2023
As a responsible company, we are aware that it is very important to you to understand how we collect, store,
share and use your personal data as an applicant for a Crypto.com Ambassador. We are committed to
ensuring that the personal data of our Ambassador applicants is handled in accordance with the principles set
out in the applicable legislation.
This privacy notice applies to our Ambassador applicants. However, the information we will process about
you will vary depending on your personal circumstances. The purpose of the notice is to tell you what to
expect when the company from the Crypto.com group with which you have negotiated or concluded a
contract collects personal data about you. Such a company is the data user or data controller for this
information unless this notice specifically states otherwise.
Please review this privacy notice carefully before applying to become an Ambassador with us having in mind
that you should read it in conjunction with any other additional documents we may address to you. Please
note that this privacy notice does not grant you any contractual rights, nor creates legal obligations for us.
When appropriate we will provide a “just in time” notice to cover any additional processing activities not
mentioned in this notice. For further questions, you may contact our Data Protection Officer at
In this notice
How do we get your information 2
What personal data we process and why 2
Application stage 2
Assessments 3
Onboarding 3
Lawful basis for processing your personal data 3
How long we keep your personal data 4
How we protect your personal data 4
Data sharing 4
Our service providers 4
Companies from our corporate group 5
Data recipients upon reorganization and changes to our business 5
State bodies 5
Do we use any data processors 5
Your rights in relation to this processing 5
Transfers of personal data 6
Further information 6
Confidential references 6
Annex A – Data Processors 6
How do we get your information
We may get information about you from the following sources:
● directly from you;
● from referees, either external or internal;
● public sources, such as professionally related social networks.
What personal data we process and why
This privacy notice applies to any personal data concerning you, regardless of the form they are incorporated
in – such as emails, hard copies of documents or electronic documents. The categories of personal data will
depend on the stage of the application process.
We do not envisage processing any sensitive data (or special categories of personal data) concerning you,
such as health information. In case such processing is necessary, we will comply with the respective statutory
requirements.
Application stage
You may apply to become an Ambassador with us by using our online application system available on our
website, where your details will be collected on our behalf by a specialized service provider.
At this stage we may process the following personal data concerning you:
● personal contact details such as your first and last name, contact phone number and personal email
address, Telegram username;
● professional or social media profile;
● your age and gender;
● your nationality, country of residence, city of residence and occupation;
● your previous experience, qualifications and skills;
● data concerning your motivation and expectations regarding the role of an Ambassador;
● a photo of you;
● video and voice recordings;
● other information you may provide us with.
Access to the above information will be provided to carefully selected members of our team involved in the
application management process.
Assessments
We may ask you to attend an interview or more than one interview. This process will involve that one or more
members of our team involved in the application management process review the information provided by
you. During the interviews we may ask you additional questions in order to assess whether you are a suitable
fit for the role.
Onboarding
If you are selected to be part of our Ambassador Program, we will need you to confirm part of the
information already provided and we will collect some additional information from you in order to prepare
the contractual documentation for your engagement:
● full legal name;
● Telegram username;
● Crypto.com registered email address;
● identification document details;
● passport picture.
We do not use your data for automated individual decision making, which means we do not take decisions
about you by way of technological means and without personal participation.
Lawful basis for processing your personal data
Note that we may process your personal data for more than one lawful basis depending on the specific
purpose for which we are using your data. You may contact us if you need details about the specific legal basis
we are relying on to process your personal data:
● processing is necessary to take steps at your request prior to entering into a contract (for instance, in
order to administer your application);
● processing is necessary for compliance with a legal obligation to which we are subject;
● processing is necessary for the purposes of the legitimate interests pursued by us as contracting
entity and our interests do not contradict your interests, fundamental rights or freedoms (for
instance, the interest in assessing your suitability for the role, organizing and conducting of
interviews, selection of the most suitable applicants).
We do not usually need your consent for processing personal data concerning you. If we need it, we will ask
for it and provide you with the respective information as required by law. Depending on the applicable data
protection framework, for example, if you are a resident of the European Economic Area (“EEA”) or the
United Kingdom (“UK”), you may also have the right to withdraw your consent at any time, but please note
that this will not affect the lawfulness of processing based on your consent before its withdrawal.
What will we do with the information you give us?
We will use all the information you provide to manage your application with a view to assess your suitability
for the role, offer a role as an Ambassador and to fulfill legal requirements, if necessary.
We may use any feedback you provide about your application process to develop and improve our future
application campaigns.
We will not share any of the information you provide with any third parties for marketing purposes.
How long we keep your personal data
Our general approach is to keep your personal data for as long as necessary in order to meet the purpose for
which they have been collected by us.
In some cases the period for which we may keep your data is provided by law.
How we protect your personal data
We follow the necessary physical, technical and administrative security standards with the aim to protect
your personal data from loss, misuse, alteration, destruction or damage, as required by law.
If you need more information on our security and privacy practices, we would be glad to give you more
details – please contact our Data Protection Officer at [email protected]om. Do not forget that you also play a
major role in the process of protection of your personal data and shall observe to whom you share your data
and how you protect your communications and devices.
Data sharing
In some circumstances, such as under a court order, we may disclose your personal data to specific categories
of persons, entities, state bodies or other organizations. We may also share information about you with third
parties including external auditors further described below.
Our service providers
We use service providers in order to facilitate the management of our business. Such may be, for example,
lawyers or other legal advisors – in case of disputes or in regard to other legal procedures; experts – in order
to comply with our obligations; other service providers, such as IT maintenance and platforms management;
other business partners.
Our service providers have access to your data and may use it only for the completion of the respective tasks
assigned to them and based on our instructions.
Companies from our corporate group
Since we are an international business, we may need to share your personal data within our corporate group.
Data recipients upon reorganization and changes to our business
In case we are part of sale negotiations concerning our business or a part thereof, merging our business with
other business, we are acquired by other business or we are subject to other kind of reorganization, we may
have to share your personal data or a part thereof to the respective business or to its legal consultants as part
of any due diligence process for the purposes of the analyzing of the proposed sale or reorganization. We may
need to share your data to the reorganized business structure or to a third structure after the reorganization
has been finalized.
State bodies
If provided by law and upon compliance with the statutory provided procedure, we may share your personal
data to the respective state bodies.
Do we use any data processors
Yes - a list of our current data processors can be found at Annex A – Data Processors.
Your rights in relation to this processing
As an individual you have certain rights regarding our processing of your personal data. The rights available to
you depend on our reason for processing your personal data. If you need more detailed information or wish
to exercise any of the rights set out below, please contact our Data Protection Officer at [email protected].
If you are an EEA resident, you may find more information on your rights here (attention: a link to a
third-party website). You may make a complaint about the way we process your personal data to the
supervisory authority in the EEA Member State of your habitual residence, place of work or place of the
alleged infringement. Information about your supervisory authority could be found here (attention: a link to a
third-party website).
If you are a UK resident, you may find more information on your rights here (attention: a link to a third-party
website). You may make a complaint about the way we process your personal data to the Information
Commissioner’s Office.
If you do not reside in an EEA Member State or the UK, your rights provided by law may be more limited.
However, we will strive to make sure you enjoy to the maximum extent the rights available to EEA and UK
residents. You may contact your local data protection regulatory authority as regards your right to make a
complaint. The local data protection regulatory authority for Hong Kong is the Office of the Privacy
Commissioner for Personal Data.
You may also seek a defense of legal claims before the competent court.
We would, however, appreciate the chance to deal with your concerns before you approach a data protection
regulatory authority, so please feel free to contact us in the first instance.
Please also note that depending on the applicable data protection framework, we may have different time
periods to respond to your request. We usually have one month for EEA and UK residents (which may be
extended by two further months where necessary, taking into account the complexity and number of the
requests) and we strive to comply with the same period even if the respective applicable law provides for a
longer period. If the law provides for a period shorter than one month, we will act accordingly.
Transfers of personal data
We share your personal data within our group. This will involve transferring your personal data outside Hong
Kong, EEA, the UK or the origin of where your data is collected.
We follow the specific legal framework applicable to such transfers. For example, whenever we transfer your
personal data out of the EEA or the UK, we ensure a similar degree of protection is afforded to it by ensuring
at least one of the following safeguards is implemented:
● the country to which we transfer your personal data has been deemed to provide an adequate level
of protection (attention: a link to a third-party website) for personal data by the European
Commission;
● a specific contract approved by the European Commission which gives safeguards to the processing
of personal data, the so-called Standard Contractual Clauses;
● a specific contract approved by the UK Parliamentary, which gives safeguards of the processing of
personal data, the so-called International data transfer agreement (IDTA).
Please contact our Data Protection Officer at [email protected]om if you want further information on the specific
mechanism used by us when transferring your personal data out of the EEA or the UK.
Further information
Confidential references
In the course of your application for our Ambassador Program we may give or receive references about you.
We usually treat such references as confidential. Please note that the personal data included in such
confidential reference may be exempt from the right of access.
Annex A – Data Processors
Data processors are third parties who provide certain parts of our staff services for us. We have contracts in
place with them and they cannot do anything with your personal data unless we have instructed them to do
so. You may find below more specific information in this respect. If you have any additional questions in this
Data Processor
Purpose
Privacy Policy
Google
Storage and communications
Third party link
