Banking infrastructure – Solid and established

  • Coinfloor holds client fiat (i.e. GBP, EUR and USD) funds in segregated client fund accounts.
  • As banking relationships are a high priority for any Cryptocurrency company, we maintain accounts with several other banks in Europe to avoid any downtime to Coinfloor’s services. In all cases, the banks are fully aware of the nature of our business.
  • We are actively seeking to add further payment options through ongoing research and development, partnering with innovative payment providers and lobbying government and UK-based banking institutions.

Cryptocurrency and Bitcoin security – Paranoid about security

  • Coinfloor operates with a 100% cold storage policy. All our client cryptocurrencies are received, stored, and sent out from multiple underground vaults which maintain security standards similar to those of the Bank of England.
  • Coinfloor was the first bitcoin and cryptocurrency exchange to hold all client cryptocurrency in Multi-Signature Pay 2 Script Hash (P2SH) cold storage.
  • Our system has been built such that no single person, server, vault or device failure could compromise the integrity of client cryptocurrency.
  • No client cryptocurrencies are ever stored on a single online server, ensuring that in the unlikely event that an attacker gains complete access to any of our online servers, our client cryptocurrency can not be compromised.
  • Coinfloor provides company-owned bitcoin to fund the Advance Withdrawals service, allowing users to withdraw a certain amount of bitcoin or cryptocurrency without waiting for a cold storage withdrawal.
  • All users are required to set up either Authy or YubiKey two-factor authentication meaning that if someone were to find out a user’s username and password they would still not be able to log into their account without the user’s Authy one-time password token or YubiKey.
  • We have multiple levels of security and application separation. Starting from Web application firewalls provided by Cloudflare monitoring all incoming web traffic, through to multiple internal firewalls and security measures as well as logical and physical compartmentalisation of all key applications.
  • External penetration tests are regularly performed by a highly regarded penetration testing firm with extensive experience in testing financial institutions.

How we keep you safe

Coinfloor is a company registered in England & Wales with registration number 08493818 and maintain communication with the UK’s Financial Conduct Authority (FCA) and the European Commission. In order to comply with our registration, potential future regulatory requirements and any applicable laws, it is important that we have in place a series of policies and procedures designed to protect Coinfloor and our clients.

It is our responsibility to safeguard our services from being used for money laundering and the facilitation of terrorist financing. For this reason, we require all of our clients to go through an application and verification process before they are able to trade on the Coinfloor platform or conduct Over-the-Counter trades through us. Other safeguards include the ongoing monitoring and flagging of suspicious activities.

  • Data Protection: Coinfloor is registered with the Information Commissioner’s Office (ICO) under the Data Protection Act and we are required by law to store your information securely. Your financial information is safe with us. Our registration number is ZA002203. Coinfloor will never sell your data to third parties.

    All the information supplied by you is transmitted via Transport Layer Security (TLS) protocol. Once we have received your information, we use strict procedures and security processes to prevent any unauthorised access. Your data can only be accessed by authorised and vetted Coinfloor employees.

  • Two-Factor Authentication: We believe that Two-Factor Authentication (2FA) should be a required standard for any financial services company. Passwords alone are insecure and in order to follow the “something you have” and “something you know” standard of security, we require the use of 2FA for all users, all of the time.

Questions, comments, and requests regarding this Privacy Policy are welcomed and should be addressed to [email protected].