Legal

Privacy Policy

Cryptic — Crypto Marketing Agency

Effective: 19 May 2026 Last reviewed: 19 May 2026
Quick Answer

In plain terms, here is what this policy covers:

  • We collect contact details, business information, and website analytics data. We collect nothing more than we need.
  • We use it to deliver our services, run our business, and stay compliant with the law.
  • We never sell your data. We share it only with vetted vendors and where required by law or by the services you have asked us to deliver (e.g. PR placements, KOL campaigns).
  • You have full rights to access, correct, delete, or export your data. Write to [email protected].
1.

Who We Are

This Privacy Policy applies to crypticweb3.com (the “Website”) and to the marketing, public relations, and growth services provided under the Cryptic brand (the “Services”).

The data controller is:

  • Legal entity: Cryptic Web3 – FZCO
  • Registered office: Building A1, Digital Park Dubai Silicon Oasis, Dubai, United Arab Emirates
  • Registration number: 43417

Cryptic operates through offices in Dubai, London, Amsterdam, and Riyadh. Our Dubai entity is the primary data controller; our regional offices act as joint controllers or processors for clients and prospects in their respective regions.

Privacy contact: [email protected]

2.

Information We Collect

We collect three categories of data, depending on how you interact with us.

Personal Information (about identifiable individuals)

  • Name, job title, and company
  • Business email and phone number
  • Business address (where relevant)
  • Information you share with us during onboarding, calls, or in client communications
  • Billing details and payment references (handled by our payment processors. We do not store full card numbers)

Website Visitor Data (anonymous or pseudonymous)

  • IP address, browser type, device, and operating system
  • Pages viewed, time on site, referring source
  • Cookie identifiers (see Section 4)

Service Delivery Data (data you ask us to process)

When you engage us for marketing or PR services, you may share data about your project, audience, KOL relationships, or campaign performance. We process this data strictly to deliver the Services. You remain the data controller of any third-party Personal Information you transfer to us, and you confirm you have a lawful basis to share it with us.

3.

How We Use Your Information

We use Personal Information for the following purposes, and only as needed:

Service Delivery & Client Management

  • Deliver crypto marketing, PR, KOL, and community services
  • Manage client relationships, contracts, and communications
  • Process project workflows, deliverables, and reports
  • Provide consultations, proposals, and onboarding

Business Operations

  • Run accounting, billing, and tax compliance
  • Improve our website, services, and internal tools
  • Conduct market research and competitor analysis
  • Develop new service offerings

Marketing & Content (with appropriate basis)

  • Send service updates and relevant industry newsletters
  • Share case studies and proposals tailored to your project
  • Respond to inquiries and demo requests

Legal & Compliance

  • Enforce our Terms of Use and this Privacy Policy
  • Prevent fraud and misuse of our Services
  • Comply with legal, tax, regulatory, and government obligations
  • Defend our rights in disputes
4.

Cookies & Tracking

We use a small set of cookies and similar technologies. We do not run advertising pixels, behavioural retargeting, or session-replay tools on crypticweb3.com.

Cookies in use:

Cookie Provider Purpose Retention
_ga, _ga_* Google Analytics (via GTM) Analytics — measures site usage and traffic sources Up to 2 years
GTM container Google Tag Manager Loads and manages other tags on the site Session
__cf_bm, _cfuvid Cloudflare Essential — bot mitigation and load balancing 30 minutes – 1 year
Clutch widget Clutch.co Renders Clutch reviews widget in footer Per Clutch policy
cryptic_consent Cryptic Essential. Stores your cookie consent choice 365 days

You can control cookies through your browser settings. Disabling analytics cookies will not affect your ability to use the Website.

5.

Sharing & Third Parties

We do not sell, rent, or trade your Personal Information. We share data only in the following circumstances:

Service vendors we rely on

  • Cloud and hosting (AWS, for crypticweb3.com)
  • Email and communication (Google Workspace)
  • Analytics (Google Analytics)
  • Scheduling (Calendly)
  • CRM and outreach tools used by our team
  • Accounting and legal advisors

Service delivery partners

To deliver our Services, we may share project-specific information with:

  • Journalists, editors, and media outlets (for PR placements)
  • KOLs, influencers, and creators (for KOL campaigns)
  • Ad platforms and search engines (for paid and SEO work, on your authorisation)
  • Industry partners necessary to deliver agreed Services

Legal disclosures

We may disclose information when required by law, court order, or competent authority, or to protect our rights, property, or safety, or that of our clients.

All vendors are bound by contractual confidentiality and data-protection obligations equivalent to those in this Policy.

6.

Your Rights

Depending on where you live, you have a range of rights over your Personal Information. The table below summarises what is available under the three main frameworks we operate under:

Right EU / GDPR UK GDPR UAE PDPL
Access your data Yes Yes Yes
Correct inaccurate data Yes Yes Yes
Delete your data (“right to be forgotten”) Yes Yes Yes
Restrict or object to processing Yes Yes Yes
Data portability Yes Yes Yes
Withdraw consent Yes Yes Yes
Lodge a complaint with a regulator Yes — your national DPA Yes — ICO Yes — UAE Data Office

To exercise any of these rights, write to [email protected]. We respond within 30 days. If you are unhappy with our response, you can complain to the supervisory authority in your jurisdiction.

7.

International Data Transfers

Cryptic operates from Dubai with offices in London, Amsterdam, and Riyadh, and uses cloud infrastructure based in the EU and the US. Personal Information may be transferred between these jurisdictions when needed to deliver the Services.

When we transfer Personal Information outside the EU, UK, or UAE, we use appropriate safeguards, including:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • UK International Data Transfer Agreement (IDTA), where applicable
  • Vendor contracts with equivalent data-protection commitments
8.

Data Retention

We hold Personal Information only for as long as we need it. Typical retention periods:

Data type How long we keep it
Client contract and project files Duration of the engagement + 7 years (tax & legal)
Prospect and lead data Up to 24 months after last contact, then deleted
Marketing email subscribers Until you unsubscribe
Website analytics (GA) Up to 14 months (Google Analytics default)
Billing and accounting records 7 years (legal requirement)

Once data is no longer needed, we delete or anonymise it.

9.

Security

We protect Personal Information with reasonable technical and organisational measures, including:

  • Encryption in transit (HTTPS / TLS 1.2+) across all our public-facing systems
  • Encryption at rest for client and prospect data stored in our cloud infrastructure
  • Role-based access controls and least-privilege principles for our team
  • Regular security reviews of our hosting (AWS), DNS (Cloudflare), and core SaaS vendors
  • Mandatory privacy and security training for all employees handling client data

No system is completely secure. If a breach affects your Personal Information, we will notify you and the relevant supervisory authority as required by law.

10.

Changes, Complaints & Contact

Changes to this policy

We may update this Privacy Policy from time to time. Material changes take effect 15 days after we post the updated version on crypticweb3.com. We will notify clients and active subscribers by email when changes are significant.

Questions, rights requests, and complaints

If you have any question about this policy, want to exercise your rights, or believe we have handled your data improperly, write to us:

Email: [email protected]
Post: Cryptic Web3 FZCO, Building A1, Digital Park Dubai Silicon Oasis, Dubai, United Arab Emirates

We respond within 30 days. If you are not satisfied with our response, you can lodge a complaint with the supervisory authority in your jurisdiction (your national EU DPA, the UK ICO, or the UAE Data Office).