Last Updated: November 2025
This privacy policy (the **"Policy"**) explains how Ronin EM Limited and, where applicable, its affiliated entities (collectively, **"Ronin EM"**, **"we"**, **"us"** or **"our"**) collect, use, store and disclose personal information through our websites (including https://em.ron.in/), web platforms, mobile applications and other online products and services that link to, reference or otherwise apply this Policy (collectively, the **"Services"**), or when you otherwise interact with us.
Ronin EM is a licensed Crypto Asset Services Provider (**"CASP"**) authorised and regulated by the Cyprus Securities and Exchange Commission (**"CySEC"**). We provide, among other things, services relating to exchange between crypto-assets and fiat currency, exchange between crypto-assets, custody and safekeeping of crypto-assets and cryptographic keys, and other crypto-asset related and investment services made available to you from time to time via the Services (collectively, the **"Ronin EM Services"**).
We encourage you to read this Policy carefully as it forms part of the terms and conditions, terms of business, agreement with you and/or terms of use applicable to the Services (collectively, the **"Terms"**). By accessing or using the Services, you acknowledge that you have read and understood this Policy.
If you accept or agree to this Policy on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to this Policy and, in such event, **"you"** and **"your"** will refer and apply to that company or other legal entity.
For the purposes of applicable data protection laws (including, where applicable, the EU **General Data Protection Regulation ("GDPR")**), **Ronin EM Limited is the "controller"** of the personal information collected via em.ron.in, any other Ronin EM websites, widgets, mobile applications and other platforms that link to this Policy (together, the **"Site"**). Ronin EM is the entity to contact if you have questions about our use of your personal information (see the "Contact Us" section below).
This Policy also applies to personal data about each **authorised representative** of a client and about other **natural persons** whose personal data we process in the course of providing the Services (for example, directors or beneficial owners of corporate clients, payees, and other connected individuals).
We collect information that you provide **directly to us**. For example, we collect information when you create an account with Ronin EM (**"Ronin EM Account"**), subscribe for or use any of the Services, participate in interactive features of the Services, fill out a form, participate in a promotion or campaign, complete a survey, make a transaction, communicate with us via third-party social media sites, request customer support, or otherwise communicate with us.
If you sign up for a Ronin EM Account or otherwise use the Services, we will collect **basic information** about you, which typically includes your name, email address, telephone number, and any other contact details you choose to provide. You may provide this information to us directly, or by signing in to the Services using a third-party authentication provider (for example, where available, via a social network or single-sign-on provider).
We use the information that we collect about you at registration to:
Once you have created a Ronin EM Account, we are required to collect **additional information** in order to comply with anti-money laundering, counter-terrorist financing, sanctions, fraud-prevention, and other regulatory obligations, and to enable you to make full use of the Services.
This may include collecting copies of **identification documents** (such as your passport, national identity card, residence permit, or visa), **proof of address** (such as a recent utility bill or bank statement) and other information or documentation required for our **"know your customer" ("KYC") checks**.
Depending on the Services you use and the jurisdiction in which you are located, we may also ask you to provide additional information such as your gender, date and place of birth, nationality, citizenship and residency status, tax identification number, employment status, occupation, employer, source of funds and source of wealth, approximate annual income, overall financial situation, investment experience and objectives, risk tolerance and any other details that may be required to conduct suitability or appropriateness assessments.
It may be optional for you to provide some of this information; however, for legal and regulatory reasons we will not be able to provide certain features or Services to you unless you provide the information we are required to collect.
We use the information you provide during onboarding and in your profile to, among other things:
You can review and update certain profile information via your account settings. You should ensure that your information is accurate and up to date and promptly inform us of any material changes. We may rely on the accuracy of the information provided and you are responsible for any loss or damage that may arise from any inaccuracies.
If you contact us by telephone, video call, email, post, live chat, ticketing system, or similar communication channel, we will collect information about your communication with us, including the content of the communication and any additional information you choose to provide. We use this information to review, investigate, and respond to your enquiry, to improve our Services, and for training and quality-assurance purposes.
We may record and retain telephone calls, video calls, and other communications with you (where permitted or required by law) and may use such recordings for compliance, dispute-resolution, and fraud-prevention purposes.
When you access or use the Services, we automatically collect certain information about you and your activity, which may include:
We may receive personal information about you from third parties, including:
We may combine information we receive from third parties with information we collect directly from you or automatically through the Services and treat the combined information as personal data in accordance with this Policy.
If you provide us with personal information that we have not requested, we will handle it in accordance with this Policy. If we reasonably determine that such information is not required for the purposes described in this Policy, we will endeavour to delete it or anonymise it, provided that it is not mixed with information that we are required or entitled to retain. Where such information is mixed, you acknowledge that it may be retained and processed by us in the same manner as the rest of your personal information.
We use the information we collect about you for the following purposes (to the extent permitted by applicable law):
Where required by applicable data protection laws, we rely on one or more of the following legal bases to process your personal data:
Depending on your jurisdiction and subject to applicable law, you may have the following rights in relation to your personal data:
These rights may be subject to certain limitations and exemptions under applicable law. For example, we may be unable to delete or restrict processing of information that we are required to retain for legal or regulatory purposes.
If you wish to exercise any of these rights, you may contact us using the details provided in the "Contact Us" section below. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal data (or to exercise any of your other rights).
Right to Lodge a Complaint:
If you are located in the European Economic Area (**"EEA"**) or another jurisdiction that provides for a right to lodge a complaint with a data protection authority, you also have the right to lodge such a complaint with your local supervisory authority if you are concerned about how we process your personal data. We would, however, appreciate the chance to address your concerns before you approach a supervisory authority, so please contact us in the first instance.
If you install our mobile applications and enable push notifications, we may send non-promotional push notifications to your device. You can disable these notifications at any time through your device or app settings.
We are based in the Republic of Cyprus (“Cyprus”), and your personal data may be processed and stored in Cyprus, in other countries within the EEA, and in other jurisdictions where our service providers, partners or group entities are located. These countries may have data-protection laws that differ from the laws of your country of residence and, in some cases, may not provide the same level of protection.
Where we transfer personal data from the EEA, or other jurisdictions with data-transfer restrictions to countries that are not recognised as providing an adequate level of protection, we implement appropriate safeguards to protect your personal data. These may include entering into data-transfer agreements based on the Standard Contractual Clauses approved by the European Commission or relying on other lawful transfer mechanisms.
You may contact us using our contact details in “Contact Us” section if you would like more information about the specific mechanism used by us when transferring your personal data.
We retain your personal information for as long as is reasonably necessary to fulfil the purposes for which we collected it, including to provide the Services, to comply with our legal, regulatory, accounting and reporting obligations, to resolve disputes and to enforce our agreements.
The retention period will depend on a number of factors, including the type of data, the nature of our relationship with you, the purposes for which the data is used and applicable legal or regulatory requirements. For example, financial-services and anti-money-laundering regulations may require us to retain certain information for a minimum number of years after the end of our business relationship with you.
When we no longer require your personal information for the purposes described in this Policy, we will take steps to delete it or anonymise it, unless we are required or permitted by law to retain it for a longer period.
We use a combination of technical, organisational, and physical safeguards designed to protect your personal information against unauthorised or unlawful access, use, disclosure, alteration, or destruction and against accidental loss or damage. These measures include, among other things, encryption, firewalls, access-controls, segregation of duties and regular monitoring of our systems and infrastructure.
Access to personal information within Ronin EM is limited to those officers, employees, agents, contractors and other third parties who have a business need to know such information. They will only process your personal information on our instructions and are subject to duties of confidentiality.
Your Responsibility:
You are responsible for maintaining the confidentiality and security of your account credentials and for all activities that occur under your Ronin EM Account. You should use a strong, unique password and enable multi-factor authentication (where available), and you must not share your password or authentication codes with anyone else. If you believe your account has been compromised, you should notify us immediately.
The Services are not directed to, and may not be used by, persons under the age of eighteen or under the age of legal majority in their jurisdiction (whichever is higher) (a **"Minor"**).
We do not knowingly collect personal information from Minors. If we become aware that we have collected personal information from a Minor, we will take steps to delete such information and, where appropriate, close the relevant account.
If you are a parent or guardian and believe that a Minor has provided personal information to us, please contact us using our contact details stated in “Contact Us” section of this Policy.
We may update this Policy from time to time to reflect changes in our practices, technologies, legal or regulatory requirements, or for other operational reasons. When we make changes, we will revise the **"Last Updated"** date at the top of this Policy and, where required by applicable law, provide you with additional notice or seek your consent to material changes.
We encourage you to review this Policy periodically to stay informed about our information-handling practices. Your continued use of the Services after any changes to this Policy will constitute your acknowledgment of the revised Policy.
The Site may contain links to third-party websites, applications, or services. We are not responsible for the privacy practices or the content of such third-party sites. If you choose to visit or use any third-party services, the collection, use and disclosure of your information will be subject to the privacy policies of those third parties, not this Policy. We encourage you to read the privacy policies of every website or service you visit or use.
If you have any questions or concerns about this Policy or our processing of your personal information, or if you wish to exercise any of your data-protection rights, you can contact us using the following details:
When contacting us, please provide your name, contact details and sufficient information to allow us to identify your account (if applicable) and understand your request. We may request additional information to verify your identity before we respond to certain requests.