Privacy Policy

This Privacy Policy explains how COIN Marketplace Limited, trading as COIN (Client-to-Operator Income Network) ("COIN", "we", "us"), collects, uses, stores, discloses and protects your personal information. We handle personal information in accordance with the Privacy Act 2020 and its Information Privacy Principles.

It applies to everyone who uses the COIN platform — both Clients who post tasks and Operators who carry out work. By using COIN you agree to the handling of your information as described here.

We only collect personal information we need to run the marketplace, process payments and keep it safe. This includes:

• Account details — your name, email address, and the password hash used to sign you in.
• Profile details — display name, role (client or operator), service city, approximate location, skills and bio.
• Verification information (operators) — government photo ID, proof of address, proof of insurance and qualifications, which we hold securely and restrict to authorised review staff only.
• Transaction information — tasks, bids, milestones, escrow movements, reviews and the messages you exchange with the other party to a job.
• Payment information — handled by our payment provider (Stripe); we store a customer/subscription reference, not your full card details.
• Technical information — limited log data such as IP address and browser type captured at key events (for example, when you accept the Terms) to keep the platform secure.

We use your personal information to:

• create and operate your account and the marketplace;
• match tasks with operators and enable bidding, messaging and milestones;
• hold funds in escrow and process payments, releases and refunds;
• verify identity and meet our Anti-Money Laundering and Countering Financing of Terrorism Act 2009 obligations;
• detect, prevent and investigate fraud, abuse and security incidents;
• provide support, send service notifications, and resolve disputes; and
• comply with our legal obligations.

We do not sell your personal information. We do not use it for unrelated marketing without your consent.

We share personal information only where necessary:

• with the other party to a job — for example, a client and the operator they hire can see each other's display name and exchange messages;
• with service providers who help us operate (such as our hosting, database and payment providers), under confidentiality obligations;
• with regulators, law enforcement or others where the law requires or permits it, including AML/CFT reporting; and
• if our business is sold or reorganised, with the relevant party, subject to this Policy.

We take reasonable steps to keep your information safe, including encryption in transit, access controls that restrict sensitive verification documents to authorised review staff, signed/secured sessions, and storing identity documents in private storage that is never publicly accessible.

We keep personal information only for as long as we need it for the purposes above or as required by law. AML/CFT records, for example, must be kept for at least five years. When information is no longer needed, we delete or de-identify it.

Under the Privacy Act 2020 you have the right to ask for access to the personal information we hold about you, and to request that we correct it if it is wrong. COIN also gives you self-service tools in your account:

• Download my data — export a machine-readable copy of your profile, tasks, bids, messages, reviews and notifications at any time.
• Delete my account — permanently remove your account and personal profile data. Some records tied to completed transactions, disputes or AML/CFT obligations may be retained in a minimised form where the law requires, and cannot be deleted while you have funds in escrow or an open dispute.

You can also contact us at admin@coinapp.co.nz to exercise any of these rights. If you are not satisfied with how we handle your information, you may complain to the Office of the Privacy Commissioner (privacy.org.nz).

We may update this Privacy Policy from time to time. The version and effective date are shown at the top. If we make material changes we will take reasonable steps to let you know.

Questions about privacy can be sent to admin@coinapp.co.nz.