Last updated: 1 December 2025
-(“Privacy Policy”)
-- We are committed to protecting your privacy. The following document outlines - our policy concerning your personal data. -
-- By accessing and using our websites and services, such as the - Trezor Shop, Trezor Suite and - Trezor Suite Lite, you accept the practices described in this - Privacy Policy. -
-- Trezor is an ecosystem operated by our company mainly on the - https://www.trezor.io/ website and its - subdomains (the “Website”) on which we sell Trezor Devices - and also operate several software interfaces that allow you, amongst other - things, to access the Devices and manage, receive and send cryptocurrencies, - purchase, sell and exchange cryptocurrencies, such as the - Trezor Suite and the Trezor Suite Lite (the - “Services”). -
-- You may have heard about Regulation (EU) 2016/679 of the European Parliament - and of the Council of 27 April 2016 (the ”Regulation”) more - commonly known as GDPR. -
-- Under the Article 13 and 14 of the Regulation, we must provide our customers - and other data subjects with information on the collection, handling, - protection and processing of their personal data. -
-- Therefore, in this Privacy Policy you may learn more about these topics - regarding the personal data that we collect when you access the Website and/or - access and use the Services. -
-- If you are located in Brazil, the processing of your personal data is also - governed by the Lei Geral de Proteção de Dados Pessoais (LGPD, Law No. - 13.709/2018). This Privacy Policy is intended to comply with LGPD, in addition - to applicable EU and Czech laws. -
-- We are a commercial company called Trezor Company s.r.o., - incorporated and existing under the laws of the Czech Republic, Id. No. 024 40 - 032, with registered office at Kundratka 2359/17a, Libeň, 180 00 Prague 8, - Czech Republic, registered in the commercial register kept by the Metropolitan - Court in Prague under file No. C 219483. -
-- When you access the Website and/or access to and use of the Services, we will, - as a data controller, collect, store and process your personal data. -
-- The collection of your personal data in connection to the use of the Website - and access to and use of the Services is as limited as possible. We usually - collect and process only the following personal data: -
-- When you send us a message requesting customer support, or when you start a - chat with Hal, our virtual support agent, we will try to answer your question - or help you solve any problem related to the Website and/or the access to and - use of the Services. In connection with provision of the above support, we - collect and process also the following personal data: -
-- On the Website, you may subscribe to our newsletter by entering your email and - clicking on the subscribe box or by clicking on the subscribe box during the - order placement procedure in the Trezor Shop. If you subscribe to our - newsletter, we will regularly inform you about the latest news from Trezor, in - particular about our services and products. -
-- As a data controller, we collect, store and process the email addresses and - names (if subscribed during the order placement procedure) of users who - subscribe to our newsletter. -
-- In case you change your mind and you do not want to receive the newsletter - anymore, you can unsubscribe any time for free. We will always indicate within - the newsletter how to unsubscribe. -
-- On the respective part of the Website, you may order products from the Trezor - Shop. To ensure a smooth experience and fulfill our legal obligations, we - collect and process the following personal data: -
-- Our Website contains links to payment gateways provided by third parties which - you may use in order to make payments while using the Services. You will have - to fill in your personal data related to the payment when using the payment - gateways. -
-- These data are processed by the respective provider of the payment gateway as - a data controller and the data processing is governed by terms and conditions - and privacy policy of the payment gateway provider. - We do not process these data and we do not have any access to such data - unless stated otherwise herein. -
-- We will always include the name of the payment gateway provider on the - Website, so you may contact them to find all the information about how the - payment gateway provider treats your personal data. -
-- It is quite simple. We collect, store and process the above mentioned personal - data in order to allow you an use of the Website and/or the access to the - Services, as well as to provide you with customer support. -
-- To comply with legal requirements, we must mention that we collect, store and - process such personal data pursuant to Article 6 (1) (b) of the Regulation. - That means that processing of such personal data is necessary for the - performance of a contract which we concluded - the contract established - between you and our company when you access and use the Website and/or attempt - to access the Services. -
-- We may collect, store and process such personal data pursuant to Article 6 (1) - (f) of the Regulation. That means that it is in our legitimate interest to - collect, store and process such personal data (even when the contract is - terminated), since we have to be able to protect ourselves during the period - when you or any third party may contest that we have broken any of our - obligations or have violated any applicable laws in relation to the requested - issue. -
-- As we have stated above, we collect, store and process these personal data - because you subscribed to our newsletter. So we are processing your email and - name (if subscribed during the order placement procedure) in order to send you - the newsletters. -
-- To comply with legal requirements, we must mention that we collect, store and - process such personal data pursuant to Article 6 (1) (a) of the Regulation. - That means that you have given us consent to the processing of your personal - data for the commercial communications purpose. -
-- In order to be able to prove that you have given us your consent to sending - our newsletter (and processing your personal data for the commercial - communications purposes), we may collect and store the information that you - have given us this consent (e.g. the logs). We collect and store these data - pursuant to Article 6 (1) (f) of the Regulation. That means that it is in our - legitimate interest to collect, store and process such personal data. -
-- We collect, store and process these personal data because you order products - from the Trezor Shop. In case you place your order using a discount code - provided under our Refer-A-Friend program, we may also process these personal - data to ensure that the person who provided you with the discount code - receives their reward. When you - leave a review and choose to display your name, we may also process your name, specifically, we will display your - name next to your review. -
-- To comply with legal requirements, we must mention that we collect, store and - process such personal data pursuant to Article 6 (1) (b) of the Regulation. - That means that processing of such personal data is necessary for the - performance of a contract which we concluded - the contract established - between you and our company when you order products from the Trezor Shop. -
-- In order to fulfill our legal obligations such as those arising out of - accounting laws, we may store certain parts of your personal data for various - time periods as stated in those laws. We collect and store these data pursuant - to Article 6 (1) (f) of the Regulation. That means that it is in our - legitimate interest to collect, store and process such personal data. -
-- For users in Brazil, we process your personal data in accordance with the - legal bases set forth by LGPD, which may include your consent, compliance with - legal or regulatory obligations, the performance of contracts, the regular - exercise of rights, the protection of credit, or our legitimate interests, - provided such processing does not violate your fundamental rights and - freedoms. -
-- We process and store your personal data only for the time necessary to meet - the purposes of its processing specified above, or for the time consented by - you, or for the time that is either necessary to comply with our obligations - under the applicable law or set forth by the applicable law or in accordance - therewith. We comply with the mandatory rules for data archiving. -
-- Once the purpose of the personal data processing disappears, we will destroy - the personal data. -
-- We will process and store such personal data for the duration of the contract - established between you and our company when you use and access the Website - and/or access the Services or until an issue requested by you is solved and - also for the subsequent period thereafter that is either necessary to comply - with our obligations under the applicable law or set forth by the applicable - law or in accordance therewith, or during which you or any third party may - contest that we have broken any of our obligations or have violated any - applicable laws in relation to the requested issue. -
-- We will process and store such personal data until you unsubscribe to our - newsletter. You can unsubscribe any time for free. We will indicate how to - unsubscribe within the newsletter. -
-- We will process and store the information that you have given us the consent - (e.g. the logs) to send you newsletter for the duration of the consent and - also for the subsequent period thereafter that is either necessary to comply - with our obligations under the applicable law or set forth by the applicable - law or in accordance therewith, or during which you or any third party may - contest that we have broken any of our obligations or have violated any - applicable laws in relation to the commercial communications sent to you. -
-- We will process such personal data only for such a period of time that allows - us to deliver you the products and fulfill our other legal obligations - connected to the sale of the products. We anonymize this data no later than 3 - months after the sale of the product to the fullest possible extent and store - them only in this anonymized form in case you contact us with an issue so we - can verify that the data you provide us with, after anonymization, match the - anonymized database inputs. After the expiry of the warranty period, we delete - the data altogether. -
-- We take care of your personal data security and so we choose the partners to - whom we entrust your personal data very carefully. -
-- All our partners must be able to provide sufficient security of your personal - data to prevent unauthorized or accidental access thereto or other abuse - thereof and all our partners must undertake a confidentiality obligation and - must not use your personal data for any purpose other than the purpose for - which the data were made available to them. -
-- The services listed below are used to help us keep the Website and Services - running by storing or processing your personal data on our behalf: -
-| Service provider | -User action | -Data collected | -Purpose | + + +
|---|
|
+ Service provider + |
+
+ User action + |
+
+ Data collected + |
+
+ Purpose + |
|||
| - ShipBob Central Warehouse Solution (Skladon) + | ||||||
|
+ ShipBob +Central Warehouse Solution (Skladon) + |
+
+ Order of goods from the Trezor Shop. |
- Order of goods from the Trezor Shop. | -- Your name, address, email address and phone number. + |
+ Your name, address, email address and phone number. |
- - We use these providers as our logistics partners. + |
+ We use these providers as our logistics partners. |
| Service provider | -User action | -Data collected | -Purpose | +
|---|
+
Communications:
+|
+ Service provider + |
+
+ User action + |
+
+ Data collected + |
+
+ Purpose + |
||
| Freshworks (Freshdesk) | -- Sending us an email requesting customer support, or contacting us via - our virtual support agent Hal. + | ||||
|
+ Freshworks (Freshdesk) |
- - Your name, email address and physical address in case of refunds. + |
+ Sending us an email requesting customer support, or contacting us via our virtual + support agent Hal. |
- - We use this service as a ticketing portal for customer communications. + |
+ Your name, email address and physical address in case of refunds. + |
+
+ We use this service as a ticketing portal for customer communications. |
| Ada Support | -- Starting a chat with our virtual support agent Hal. + | ||||
|
+ Ada Support + |
+
+ Starting a chat with our virtual support agent Hal. |
- - Your name, email address and order ID in case of asking about order - details. + |
+ Your name, email address and order ID in case of asking about order + details. +
|
- - We use this service for customer service automation. + |
+ We use this service for customer service automation. |
| Sendinblue (Brevo) | -Subscribing to our newsletter. | -- Your name (if you subscribe during the order placement procedure in the - Trezor Shop) and email address. + | |||
|
+ Sendinblue (Brevo) + |
+
+ Subscribing to our newsletter. + |
+
+ Your name (if you subscribe during the order placement procedure in the Trezor + Shop) and email address. |
- - We use this service for sending marketing emails to those who have - opted-in. + |
+ We use this service for sending marketing emails to those who have + opted-in. |
| Service provider | -User action | -Data collected | -Purpose | +
|---|
+
Payment gateways:
+|
+ Service provider + |
+
+ User action + |
+
+ Data collected + |
+
+ Purpose + |
||
| Confirmo | -- Making a bitcoin payment in the Trezor Shop. + | ||||
|
+ Confirmo + |
+
+ Making a bitcoin payment in the Trezor Shop. |
- - Your crypto address, email address and order ID in case of refunds. + |
+ Your crypto address, email address and order ID in case of refunds. |
- - This service handles bitcoin payments for us. + |
+ This service handles bitcoin payments for us. |
| Adyen | -- Making a fiat payment in the Trezor Shop. + | ||||
|
+ Adyen + |
+
+ Making a fiat payment in the Trezor Shop. |
- - Your payment card data, name, address, email address and phone number. + |
+ Your payment card data, name, address, email address and phone number. |
- - This service handles fiat payments for us. + |
+ This service handles fiat payments for us. |
| Service provider | -Data collected | -Purpose | +
|---|
+
Infrastructure:
+|
+ Service provider + |
+
+ Data collected + |
+
+ Purpose + |
|
| Amazon Web Services (AWS) | -- Data you generate by using the Website and/or Services. + | ||
|
+ Amazon Web Services (AWS) |
- - We use AWS to store data securely in the cloud. + |
+ Data you generate by using the Website and/or Services. + |
+
+ We use AWS to store data securely in the cloud. |
| Google Cloud | -Emails that you send to us. | -Emails sent to us pass through Google. | +|
|
+ Google Cloud + |
+
+ Emails that you send to us. + |
+
+ Emails sent to us pass through Google. + |
| Service provider | -User action | -Data collected | -Purpose | +
|---|
+
Referral Program:
+|
+ Service provider + |
+
+ User action + |
+
+ Data collected + |
+
+ Purpose + |
| Referral Candy | -- Order of goods from the Trezor Shop using a discount code provided under - our Refer-A-Friend program. - | -Your email address and your name. | -- Referral Candy provides us with our Refer-A-Friend program, the data is - used to distribute the rewards. + |
|
+ Referral Candy + |
+
+ Order of goods from the Trezor Shop using a discount code provided under our Refer-A-Friend program. + |
+
+ Your email address and your name. + |
+
+ Referral Candy provides us with our Refer-A-Friend program, the data is used to + distribute the rewards. |
- Another recipients that may have access to your personal data are our - providers of technological, security, accounting, legal and administrative - services. -
-- Also, in connection with the cryptocurrency buy, sell and exchange services, - the possible recipient of your personal data is a member company of the - SatoshiLabs Group group of companies, the commercial company Invity.io s.r.o., - Id. No. 083 88 032, with its registered office at Kundratka 2359/17a, Libeň, - 180 00 Prague 8, the Czech Republic, registered by the Municipal Court in - Prague, Section C, Insert 318166. -
-- Our aim is and always will be to ensure your personal data are as anonymous as - possible and unavailable to all third parties. However, under certain - specifically defined conditions we will be under some circumstances required, - in accordance with the applicable law, to transfer certain personal data to - public authorities. -
-- When collecting, storing and processing personal data we sometimes may use - personal data processors, which under some circumstances transmit your - personal data to third countries. In such an event we always make sure such - transmission is compliant with the Regulation. In particular, we specify that - the personal data may be transmitted to the United States of America and in - such event the transmission is compliant with the “Privacy Shield” program. -
-- For Brazilian users, if we transfer your personal data outside Brazil, we will - take steps to ensure that such transfer complies with the LGPD and that - adequate protection is provided for your data. -
-- All your personal data is secured by standard procedures and technologies - using the industry best practice approach. We provide data protection against - unauthorized or accidental access, alteration, destruction, loss, unauthorized - transmission or any other unauthorized processing, as well as against any - other abuse of records containing the personal data. -
-- We are not able to guarantee the security of your personal data without your - help and responsible behavior. Therefore, we ask you to help us ensure the - security of your data by keeping it secret. -
-- On our Website we use cookies to analyze traffic and to personalize content - and ads. We also use cookies for other purposes, such as to provide mechanisms - for online shopping and to enable traffic monitoring under our Affiliate - Program. We will, as a data controller, collect, store and process any - personal data collected by such cookies (the personal data may include your IP - address, information about your activity on our Website, information about - your advertisement preferences etc.). -
-- It is in our legitimate interest to collect, store and process such personal - data for marketing purposes and for website traffic analysis, since (i) it - allows us to improve our products and services and to provide you with - personalized content and advertisement, (ii) we do not attempt to identify you - using such personal data, (iii) there is little to no restriction of your - interests, rights and freedoms, and (iv) you may at any time delete stored - cookies permanently and change your cookie settings to disable or limit - storage of any new cookies. -
-- Please, read our Cookie Policy available on our Website to learn more about - the cookies that we use. -
-- In relation to the personal data you shall have in particular the following - rights: -
-a right to withdraw your consent at any time;
a right to correct or make additions to the personal data;
a right to request restrictions to processing of your personal data;
-- a right to object or complain against processing of your personal data - under certain circumstances; -
-a right to request transfer of your personal data;
a right to access your personal data;
- a right to be informed of the personal data security breach under certain - circumstances; -
-- a right to request deletion of your personal data (a right to be - „forgotten“) under certain circumstances; and -
-- other rights set forth in Act No. 110/2019 Coll., on personal data - processing (Personal Data Protection Act) and the Regulation. -
-- You have a right to object, on grounds relating to your particular situation, - at any time to processing your personal data which is based on Article 6 (1) - (f) of Regulation (it means that we have legitimate interest to process such - personal data). You have also a right to object to processing your personal - data for direct marketing purposes. -
-- Additionally, you have a right to contact the Office for Personal Data - Protection with a request for remedial measures in case of any violation of - the obligations set forth in the Regulation at the following address: Office - for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, Czech - Republic, phone number +420 234 665 111 (central telephone exchange). -
-- If you are located in Brazil, you also have the following rights under the - LGPD: -
-a right to confirm the existence of processing;
- a right to obtain information about public and private entities with which - we share your data; -
-- a right to obtain information about the possibility of not providing - consent and the consequences of such refusal. -
-- You may exercise these rights by contacting us at - info@trezor.io. We will - respond to requests in accordance with applicable law. -
-- If you have any questions regarding this Privacy Policy, please do not - hesitate to contact us using the contact details below: -
-- Contact address: Kundratka 2359/17a, Libeň, 180 00 Prague 8, Czech Republic -
-- Email address: - info@trezor.io -
- +Another recipients that may have access to your personal data are our providers of technological, security, + accounting, legal and administrative services.
+Also, in connection with the cryptocurrency buy, sell and exchange services, the + possible recipient of your personal data is a member company of the SatoshiLabs Group group of companies, the + commercial company Invity.io s.r.o., Id. No. 083 88 032, with its registered office at Kundratka 2359/17a, + Libeň, 180 00 Prague 8, the Czech Republic, registered by the Municipal Court in Prague, Section C, Insert + 318166.
+Our aim is and always will be to ensure your personal data are as anonymous as + possible and unavailable to all third parties. However, under certain specifically defined conditions we will be + under some circumstances required, in accordance with the applicable law, to transfer certain personal data to + public authorities.
+When collecting, storing and processing personal data we sometimes may use personal + data processors, which under some circumstances transmit your personal data to third countries. In such an event + we always make sure such transmission is compliant with the Regulation. In particular, we specify that the + personal data may be transmitted to the United States of America and in such event the transmission is compliant + with the “Privacy Shield” program.
+For Brazilian users, if we transfer your personal data outside Brazil, we will take + steps to ensure that such transfer complies with the LGPD and that adequate protection is provided for your + data.
++
All your personal data is secured by standard procedures and technologies using the + industry best practice approach. We provide data protection against unauthorized or accidental access, alteration, + destruction, loss, unauthorized transmission or any other unauthorized processing, as well as against any other + abuse of records containing the personal data.
+We are not able to guarantee the security of your personal data without your help and + responsible behavior. Therefore, we ask you to help us ensure the security of your data by keeping it + secret.
+On our Website we use cookies to analyze traffic and to personalize content and ads. We + also use cookies for other purposes, such as to provide mechanisms for online shopping and to enable traffic + monitoring under our Affiliate Program. We will, as a data controller, collect, store and process any personal + data collected by such cookies (the personal data may include your IP address, information about your activity on + our Website, information about your advertisement preferences etc.).
+It is in our legitimate interest to collect, store and process such personal data for + marketing purposes and for website traffic analysis, since (i) it allows us to improve our products and services + and to provide you with personalized content and advertisement, (ii) we do not attempt to identify you using such + personal data, (iii) there is little to no restriction of your interests, rights and freedoms, and (iv) you may at + any time delete stored cookies permanently and change your cookie settings to disable or limit storage of any new + cookies.
+Please, read our Cookie Policy available on our Website to learn more about the cookies + that we use.
++
In relation to the personal data you shall have in particular the following + rights:
+You have a right to object, on grounds relating to your particular situation, at any + time to processing your personal data which is based on Article 6 (1) (f) of Regulation (it means that we have + legitimate interest to process such personal data). You have also a right to object to processing your personal + data for direct marketing purposes.
+Additionally, you have a right to contact the Office for Personal Data Protection with + a request for remedial measures in case of any violation of the obligations set forth in the Regulation at the + following address: Office for Personal Data Protection, Pplk. Sochora 27, 170 00 Prague 7, Czech Republic, phone + number +420 234 665 111 (central telephone exchange).
+If you are located in Brazil, you also have the following rights under the LGPD: +
+You may exercise these rights by contacting us at info@trezor.io. We will respond to + requests in accordance with applicable law.
++
If you have any questions regarding this Privacy Policy, please do not hesitate to + contact us using the contact details below:
+Contact address: Kundratka 2359/17a, Libeň, 180 00 Prague 8, Czech Republic +
+Email address: info@trezor.io
+