Polish provider

Ecosystem for processing

B2B

English
Talk to the team English
Back

Privacy Policy

Effective Date: December 15, 2025

This Privacy Policy (“Policy”) explains how Peloton (“Peloton”, “we”, “us”, or “our”) processes personal data when you use our website pelotontek.com (the “Website”) and any products, tools or services we provide (collectively, the “Services”).

We are committed to handling your personal data responsibly, transparently, and in accordance with applicable European and Polish data-protection laws, including the General Data Protection Regulation (GDPR) and the Polish Act on Personal Data Protection.

By using our Services, you acknowledge that you have read and understood this Policy.

1. Data Controller

The controller responsible for processing your personal data is:

Peloton
Company Number: RZ.XII NS-REJ.KRS/21992/24/699
Registered Address: JANA III SOBIESKIEGO, house no 17 RZESZÓW, post code 35-002, POLAND
Email: info@pelotontek.com

Peloton determines the purposes and means of processing your personal data.

2. Data Protection Officer

If you have questions about this Policy or your rights, you may contact our Data Protection Officer (DPO):

Email: info@pelotontek.com

3. Categories of Personal Data We Process

We process personal data that you provide directly, data collected automatically when you use our Services, and data obtained from third-party sources where legally permitted.

3.1. Data You Provide to Us

This includes:

  • Full name
  • Contact information (email, phone number, address)
  • Account registration details
  • Documents for identity verification (e.g., passport, ID card)
  • Date of birth
  • Financial or transaction-related information (if required for providing Services)
  • Communications with our support team
  • Any other information voluntarily submitted when using the Services

3.2. Data Collected Automatically

We may automatically collect:

  • IP address, browser type, device information
  • Website usage data and interaction logs
  • Performance and diagnostic data
  • Cookie identifiers and tracking information (see Section 9)

3.3. Data from Third-Party Sources

Where permitted by law, we may obtain data from:

  • Payment service providers
  • Fraud-prevention databases
  • Verification vendors
  • Public registers
  • Analytics providers

4. Legal Basis for Processing

We process your personal data according to the following legal grounds under GDPR:

Contract Performance (Art. 6(1)(b))

To:

  • Provide and operate the Services
  • Manage your account
  • Process transactions and verify identity
  • Deliver support and technical assistance

Legal Obligations (Art. 6(1)(c))

To:

  • Comply with tax, accounting, AML, or KYC requirements
  • Respond to lawful requests from authorities
  • Maintain mandatory records

Legitimate Interests (Art. 6(1)(f))

For purposes such as:

  • Improving and securing our Services
  • Preventing fraud and abuse
  • Internal analytics and service optimization
  • Communicating important product updates

Consent (Art. 6(1)(a))

For:

  • Marketing communications
  • Use of non-essential cookies

You may withdraw consent at any time.

5. How We Use Personal Data

Peloton uses personal data to:

  • Provide and maintain the Services
  • Verify user identity where required
  • Ensure security, detect fraud, prevent misuse
  • Process transactions and send related notifications
  • Improve the Website and user experience
  • Deliver marketing communications (if consented)
  • Generate aggregated, anonymized insights
  • Comply with applicable legal obligations

We do not sell your personal data.

6. Sharing Your Information

We may share personal data with:

6.1. Service Providers

Such as:

  • IT and infrastructure vendors
  • Cloud hosting providers
  • Payment processors
  • KYC/AML or identity-verification partners
  • Customer support software providers

All vendors operate under contractual Data Processing Agreements (DPAs) ensuring GDPR compliance.

6.2. Authorities and Legal Bodies

When required by law, for example:

  • Courts
  • Supervisory authorities
  • Financial investigation units

6.3. Business Transfers

If Peloton is involved in a merger, acquisition, restructuring or sale of assets, personal data may be transferred to the acquiring entity under contractual safeguards.

We never share personal data without a valid legal basis.

7. International Transfers

If personal data is transferred outside the EU/EEA, Peloton uses one or more of the following safeguards:

  • European Commission Adequacy Decisions
  • Standard Contractual Clauses (SCCs)
  • Additional safeguards where required

You may request a copy of the appropriate safeguards by contacting us.

8. Data Security

We apply technical and organizational security measures aligned with GDPR standards, including:

  • Encryption of data in transit and at rest
  • Access control and authentication procedures
  • Regular security audits
  • Secure development practices
  • Monitoring for suspicious activity
  • Employee confidentiality obligations

No transmission method is fully secure, but we continuously work to minimize risks.

9. Cookies and Tracking Technologies

We use cookies to ensure Website functionality, enhance performance, and analyze usage.

You may manage cookie settings in your browser or decline non-essential cookies via our cookie banner.

For details, please see our Cookies Policy.

10. Your Rights Under GDPR

You have the following rights:

  • Right to access — request copies of your data
  • Right to rectification — correct inaccurate data
  • Right to erasure — ask us to delete data in specific circumstances
  • Right to restrict processing
  • Right to object, including to marketing
  • Right to data portability
  • Right to withdraw consent
  • Right to lodge a complaint with a supervisory authority

To exercise your rights, contact us at: info@pelotontek.com

We may require identity confirmation for security purposes.

11. Data Retention

Peloton stores personal data only as long as necessary for:

  • Providing the Services
  • Fulfilling legal obligations
  • Resolving disputes
  • Enforcing agreements

Specific retention periods depend on the category of data and legal requirements.

When data is no longer needed, we securely delete or anonymize it.

12. Automated Decision-Making

Peloton may use automated tools for:

  • Fraud detection
  • Risk scoring
  • Security monitoring

You have the right to request human review of decisions that significantly affect you.

13. Updates to This Policy

We may update this Policy from time to time. The “Effective Date” will be revised accordingly.

If changes significantly affect your rights, we will notify you through the Website or via email.

14. Contact & Complaints

For questions or concerns regarding this Policy, please contact:

Peloton
Email: info@pelotontek.com
Address: JANA III SOBIESKIEGO, house no 17 RZESZÓW, post code 35-002, POLAND

If you believe your data protection rights have been violated, you may file a complaint with your local EU supervisory authority, such as the Polish President of the Personal Data Protection Office (UODO).

15. Legal Information

Company Name: Peloton
Company Number: RZ.XII NS-REJ.KRS/21992/24/699
Registered Address: JANA III SOBIESKIEGO, house no 17 RZESZÓW, post code 35-002, POLAND
Email: info@pelotontek.com

 

© Peloton. All rights reserved.

Let’s discuss your use case

PELOTON SPÓŁKA Z OGRANICZONĄ
ODPOWIEDZIALNOŚCIĄ
JANA III SOBIESKIEGO, house no 17
RZESZÓW, post code 35-002
POLAND

Not supervised by KNF.
AML Obligated Institution.

Contact team
Sales team Info@pelotontek.com

Share a few details about your company and needs. Our team will get back to you with possible models, timelines and next steps.

Investing in cryptoassets involves significant risk. You should not invest more than you can afford to lose, and you should ensure that you fully understand the risks involved. We are not regulated by the Financial Conduct Authority and investments in cryptoassets are not covered by the Financial Ombudsman Service or subject to protection under the Financial Services Compensation Scheme.

Regulatory Status in Poland

Peloton sp. z o.o. is registered in Poland and operates as a virtual asset service provider (VASP) / crypto-asset service provider (CASP) in accordance with applicable Polish and EU law.

Registered office: JANA III SOBIESKIEGO, house no 17 RZESZÓW, post code 35-002, POLAND
KRS: 0001132722
REGON: 529920461
NIP: 8133922725
Entry in the Register of Virtual Currency Activities (RDWW) / CASP authorisation: RDWW-1567 / 24.10.2024

Peloton is an “obligated institution” under the Polish Act on Counteracting Money Laundering and Terrorist Financing and applies internal AML / CFT procedures, including customer due diligence, transaction monitoring and reporting obligations.
Peloton sp. z o.o. is not supervised by the Polish Financial Supervision Authority (KNF).
Our operations fall under:

  • The Polish AML/CFT Act
  • EU Regulation standards (including MiCA transition rules)
  • Registration in the Polish Register of Virtual Currency Activities (RDWW)

We do not provide payment services or investment services in the meaning of Polish or EU financial regulations.

Compliance with Polish AML/CFT Regulations

We operate under a robust AML / CFT framework:

  • Customer identification and verification (KYC) for natural and legal persons
  • Ongoing monitoring of business relationships and transactions
  • Screening against sanctions lists and PEP databases
  • Suspicious activity reporting to competent authorities

Our policies are regularly reviewed and updated in line with Polish legislation and EU regulation (including MiCA and the Travel Rule, where applicable).
Certain transactions may be delayed, restricted, or declined due to legal or internal AML/CFT procedures.

High - risk crypto- asset warning

Transactions involving crypto-assets carry a high risk of financial loss, including the possible loss of the entire amount invested. The value of crypto-assets is highly volatile and may change rapidly over short periods of time. Past performance of a crypto-asset is not a reliable indicator of future results.
Before using our services or engaging in any transaction involving crypto-assets, users should:

  • carefully review information about the specific crypto-asset, including its technology, purpose and risk profile;
  • assess their own financial situation and ability to bear potential losses; and
  • consider obtaining independent legal, tax or investment advice.

Peloton does not provide investment, tax or legal advice and does not guarantee any profit or capital protection.

Supervision disclaimer

Unless explicitly stated otherwise, Peloton is not a bank, payment institution or investment firm and does not provide payment services or investment services within the meaning of applicable EU and Polish financial regulations.
The provision of services in the field of virtual currencies may not be subject to prudential supervision in the same way as traditional financial institutions. Please consult our legal documentation for detailed information.

Get in Touch

    Business Type
    Digital Services (SaaS, VPN, hosting, subscriptions) Fintech Platforms E-commerce Gaming Travel Other

    *Select business type

    Enter a valid country*

    Expected volume
    €10,000 €10,000 – €50,000 €50,000 – €250,000 €250,000 – €1,000,000 > €1,000,000

    Choose expected monthly volume*

    I consent to data processing (Privacy Policy)