Skip to main content
Legal

Privacy Policy

Last updated: 2026-05-13 · Draft — pending counsel review.

This page summarises the personal data Metaverse Trading Ltd processes when you visit our website or use our products. It is a working draft and will be replaced with the counsel-reviewed version before our production launch. Until then, use this text as guidance only.

1. Who we are

METAVERSE TRADING LTD is a UK-incorporated software vendor (the "company", "we", "us"). We are registered in England and Wales under company number 16644748. Our registered office is 71–75 Shelton Street, Covent Garden, London, WC2H 9JQ, United Kingdom. Contact: info@metaversetradingltd.co.uk.

2. What data we process

  • Website visitors: standard web-server logs (IP, user agent, requested URL) for security and analytics. No third-party trackers are used on this site.
  • End-users of merchant products (e.g. Crypto-pay): email address and a public blockchain address, plus on-chain transaction records. Private keys are never collected — by architecture, they cannot reach our servers.
  • Merchants: business contact details, API key hash, webhook URL, and operational logs.

3. Lawful basis

For end-users we rely on contract (between the merchant and the end-user) and legitimate interest (security and fraud prevention). For merchants we rely on contract.

4. Your rights

  • Article 15 — access: request a copy of the personal data we hold for you. Merchants can self-serve via the GET /v1/users/:userId/export API; individual end-users should contact the merchant first.
  • Article 17 — erasure: request deletion of your data. Merchants can self-serve via DELETE /v1/users/:userId; end-users should contact the merchant first.
  • Article 16 — rectification, Article 21 — objection: contact us at the email above.
  • Complaints: you may complain to the UK ICO or your local data protection authority.

5. Retention

Operational logs are kept for 90 days. Audit-trail records and transaction history are kept for the period required by applicable financial-records law (typically 5–10 years). Marketing-related communications are deleted on request.

6. International transfers

We use service providers based in the UK, EU and the US. Where personal data leaves the UK/EU, transfers are protected by Standard Contractual Clauses or an adequacy decision.

7. Changes

We will revise this policy from time to time. Significant changes will be announced via the email address you used to sign up and the date above will be bumped.

← Back to home