Customer Complaint Policy

for Cryptanite Ltd.

Last revised: December 13, 2018 (v 1.2)



Cryptanite Ltd. (“Cryptanite Ltd.”, “Cryptanite”, “us” or “we”) aims to provide its customers, partners and suppliers (our customers) with an excellent customer service and support. We will listen to the needs of our customers and provide opportunities for feedback.



Cryptanite Ltd. wishes to put customer needs at the very heart of the way we develop and enhance our services. Customer feedback is part of our ongoing consultation process which we will use to learn and continuously improve our service.


Customer feedback and complaints will be analysed and viewed as an opportunity to assist in continuous improvement of our service.


We ensure that all our associates are trained and therefore competent in the delivery of excellent customer service and are fully aware of the relevant company policies and procedures. Associates will be encouraged to respond positively, be problem solvers and successfully resolve any issues as quickly as possible, and to refer on those which are more complex or remain unresolved.


An expression of dissatisfaction by one or more people about the standard of service provided by Cryptanite Ltd.

A complaint may relate to:

·         Failure to provide a service

·         Inadequate standard of service

·         Dissatisfaction with company policy

·         Attitude of a member of staff

·         Customer`s Personal Data


This list does not cover everything. A customer might say they ‘don’t want to complain’ but go on to express dissatisfaction in a way that amounts to a complaint. The customer will be told that we will consider all expressions of dissatisfaction and that complaints provide us with an opportunity to improve services, especially where things have gone wrong. We will record all complaints on our Customer database and regularly review them to identify trends and opportunities for service development.


A complaint can be made in person (by chat or by phone); in writing (by letter or email); via our social media or web sites. We will record all complaints on our database and regularly review them to identify trends and opportunities for service development.

Stage 1

Wherever possible, an employee will deal quickly and informally with any issue or complaint from a customer. This is only likely to be possible if the complaint is made in person. Frontline staff (Customer Support) will aim to resolve the matter at the point of service delivery and (if necessary) involve the Compliance Officer as appropriate. All frontline staff will be aware of, and be trained in, the operation of the complaints handling process and be empowered to deal with and resolve complaints as they arise.

If a complaint cannot be resolved at the Customer Support Chat, the complainant will be invited to refer their comment or complaint in writing to the Compliance Officer or Data Protection Officer (if applicable) by email or letter. The appropriate contact details should be given to the complainant if resolution is not achieved by Customer Support.


All complaints should be acknowledged in writing within 3 days.

Complaints requiring little or no Investigation

For issues which are straightforward and require little or no investigation, we have to provide an apology (if appropriate), explanation or other action to try to resolve the complaint within 48 hours or less. Responses will normally be by messages at the Chat or email, or letter.


The Customer Support can deal with the complaint themselves or invite a member of Compliance Department to deal with the complaint. Employees are empowered to provide a level of service recovery which is appropriate and proportionate to resolving the complaint.


Complaints that require an Investigation


Complaints handled by investigation are typically those that are complex or require examination to establish the relevant facts before a response can be given. In such cases the Customer Support will transfer such complaint to Compliance Department to carry out the investigation. An acknowledgement will be given within 3 days of receiving the written complaint and a definitive response provided within 20 days following a thorough investigation of the points raised. Sensitive complaints may require an additional internal review. Responses will be issued by the Compliance Department. If a full response cannot be given within 20 days the complainant must be advised within the 20 days that a longer time is required and given an indication of when to expect a full response. Responses will normally be by email or letter.


Examples of issues suitable for investigation:

·         Frontline resolution was attempted but the customer remains dissatisfied.

·         The customer refuses to engage with the frontline resolution process.

·         The issues raised are complex and will require detailed investigation.

·         The complaint relates to issues that have been identified as serious or high risk/high profile.

-         The complaint relates to customer`s Personal Data.


At the investigation stage, staff should aim to resolve the complaint first time. The goal is to establish all of the facts relevant to the points raised and provide a full, objective and proportionate response to the customer’s complaint.

Stage 2

Where the customer remains dissatisfied with the response or the way the complaint has been dealt with, it can be escalated to Chief Compliance Officer. The Chief Compliance Officer may review the complaint himself or invite a member of the Customer Support Team to explain reasons of client's dissatisfaction. Either way the Chief Compliance Officer will acknowledge the complainants (escalated) letter within 3 days and provide a full response within 20 days. If a full response cannot be given within 20 days the complainant must be advised within the 20 days that a longer time is required and given an indication of when to expect a full response. Responses will normally be by email or letter.



Details of the complaint and actions taken will be recorded on Cryptanite Ltd. customer database to assist with monitoring and improving our service. This database is password protected and accessible only by Compliance Department and Data Protection Officer.


Weekly and monthly performance reports are extracted from the database, providing details of each complaint and performance scores, which are set against the company key performance indicators.

We will ensure that the principles of the GDPR are adhered to in relation to retaining personal information and providing a fair and accessible procedure. Whilst no personal details of any customer will be published or disclosed by Cryptanite Ltd.e, improvements made as a result of customer complaints and comments will be displayed on our website or mobile App.



Cryptanite Ltd.e is committed to ensuring that all people are given full and equal access to give feedback. We will accept comments in the following ways:

·           By telephone.

·           Via our customer support chat.

·           Via our web site and selecting the ‘contact us’ tab.

·           By emailing us directly on

·           By leaving feedback at our mobile App`s pages on mobile Stores.

·           By writing us a letter to address below:

Cryptanite Ltd.,

Ground Floor,

Palace Court, Church Street,

St. Julian’s STJ3049, Malta

Where customers cannot provide the complaint or feedback in writing, a member of staff will assist the customer in compiling an accurate record of the complaint.

Cryptanite Ltd.e will also make sure, where necessary, to:

·         Provide assistance to people who have difficulty with spoken English or whose first language is not English.

·          Provide support for visually impaired customers.

·          Arrange sign language interpretation when appropriate and when prearranged.



The Chief Compliance Officer  will review regular reports from the base of customer complaints.

A summary report is presented annually to the Board.


Cryptanite Ltd. wants to ensure that complainants who are unreasonably persistent or demanding are dealt with fairly; honestly and properly; that the resources of the company are used as effectively as possible; and that other customers do not suffer any detriment as a result of their behaviour.


Persistent behaviour may be someone complaining in person or through repeated letters/emails or phone calls about the same issue. Demanding behaviour may be someone expecting a response within unreasonable time-scales; insisting on seeing or speaking to a particular member of staff; or repeatedly changing the substance of the complaint, or raising unrelated concerns.


Where we find that someone is unreasonably persistent or demanding the action we take will be appropriate and proportionate. This may mean that we apply  restrictions, such as communicating via letter only or restricting telephone calls to specified times with a named person. We will aim to do this in a way, wherever possible, that allows a complaint to progress to completion through our complaints process. If such problems arise they should be referred to Chief Compliance Officer or Data Protection Officer (if applicable) who shall make the decision as to when communication is restricted with regards to persistent and demanding complainants.


If a decision is taken to apply restrictions, the Compliance Department may write to inform the complainant why we believe the behaviour is considered unreasonably persistent or overly demanding, what action we are taking and the duration of that action. Alternatively, a member of the Compliance Depertment may convene a voice call directly with the complainant to discuss the complaint. This will be followed by a letter to clarify the outcome.


Cryptanite Ltd. acknowledges that some complaints may be extremely difficult to resolve and can cause anxiety and distress to complainants, and employees. Whilst Cryptanite Ltd. will always aim to try to find a way to resolve matters, there may be circumstances where a complainant persists in pursuing a complaint when the complaints procedure has been fully implemented. Such cases should be referred to the Chief Compliance Officer.

In such cases a review of the complainant’s case will be carried out to ensure that it does not contain new issues which merit a further response and we will advise them accordingly.

We will record all incidents of unacceptable actions by complainants.

Customer`s Personal Data related complaints

Types of Complaints concerned

All complaints about processing of Personal data will be handled in line with the procedure set out below  Non-exhaustive examples of the types of concerns likely to be raised include:

Where a concern falls outside the scope of this complaints procedure, customer will be notified of the most appropriate process to be followed.

Rights under GDPR

Cryptanite is committed to ensure protection of customers rights under GDPR and any other applicable law.

Accordingly, customer can request access to his/her Personal data. Customer may also request rectification of inaccurate Personal data, or to have incomplete data completed.

In addition, Customer`sr right to be forgotten entitles Customer to request erasure of the Personal data in cases where
(i) the data is no longer necessary in relation for the purposes of its collection or processing,
(ii) Customer choose to withdraw Customer's consent,
(ii) Customer object to the processing by automated means using technical specifications,
(iv) Customer`s Personal data has been unlawfully processed, and
(v) there is a legal obligation to erase Customer`s Personal data, and
(iv) erasure is required to ensure compliance with applicable laws.

Customer may also request the restriction of processing, in cases where (i) Customer contest the accuracy of the Personal data, (b) Cryptanite no longer needs the Personal data, for the purposes of the processing, and (c) Customer have objected to processing for legitimate reasons.

Moreover, Customer are entitled to request and receive the Personal data concerning to Customer.

Customer may also request, where applicable, the portability of Customer`s Personal data that Customer have provided to Cryptanite, in a structured, commonly used and machine-readable format or request to transmit it to a third party of Customer choice.

Customer may object (right to “opt-out”) to the processing of Customer`s Personal data (notably to profiling or to marketing communications). When we process Customer`s Personal data on the basis of Customer`s consent, Customer can withdraw Customer`s consent at any time.

What our teams will do they receive a complaint/DATA SUBJECT’s REQUEST?

Our approach is to engage positively and resolve Customer`sr complaint satisfactorily without Customer having to refer Customer`sr complaint to local Court or the relevant Data Protection Supervisory Authority.

If Customer have any concerns or problems with the way in which Customer`s personal data has been processed, Customer should not hesitate to raise Customer`s concern with contact to Data Protection Officer. To help us to deal with Customer`s complaint, Customer have to provide us with a full written explanation of Customer`s concerns.

Handling complaints

At the time of drafting Customer`s complaint and to allow Cryptanite to deal promptly and in the most efficient manner with Customer`s complaint, Customer are invited to follow the following steps:

STEP 1: Complete and submit the Complaint/Data Subject’s Request and send it out to Data Protection Officer.

STEP 2: Customer will receive a communication within two (02) business day from Cryptanite acknowledging receipt of Customer`s complaint.

STEP 3: Customer`s complaint will be treated confidentially and fully investigated where necessary. During this process, Customer may receive additional communications from the relevant Data Protection Officer to investigate Customer`s concern. If Customer have not provided sufficient information in Customer`s complaint, we will let Customer know the further information needed to process Customer`s complaint.

STEP 4: Once the information related to Customer`s complaint is complete, we will contact Customer within thirty (30) days to propose a solution. This deadline may be extended in certain circumstances, depending on the nature of the complaint. If Customer agree with the proposed solution, we will work with Customer to close the matter.

STEP 5: Should Customer remain unsatisfied with the outcome of the review by the  Data Protection Officer or Customer have not received an answer within the above-mentioned deadline, Customer may then seek further recourse by contacting the relevant Data Protection Supervisory Authority.



Certain types of complaint are not dealt with by the complaints policy. Complaints by Cryptanite Ltd.e employees – unless they are made as a customer, will be dealt with under the company’s Human Resources policies and procedures.


Cryptanite Ltd.e will involve the Police in cases where it is believed that complainant has committed a criminal offence (for example, assault of an employee or criminal damage), where assault is threatened or where a complainant refuses to leave Cryptanite Ltd. premises.


Cryptanite Ltd. staff will end telephone calls if the caller is considered aggressive, abusive or offensive. The employee taking the call has the right to make this decision, tell the caller that the behaviour is unacceptable and end the call if the behaviour does not stop. A record should be made of any such telephone calls and referred to the Customer Service & Events Officer.


Likewise, we do not deal with correspondence that is abusive to staff or contains allegations that lack substantive evidence. When this happens we will tell the complainant that we consider their language offensive, unnecessary and unhelpful. We will ask them to stop using such language and state that we will not respond. Such letters should be referred to Chief Compliance Officer.



All employees that have a role in delivering this policy will be provided with suitable training so they understand their role and responsibilities. This will include frontline staff (Customer Support) that may be approached by customers wishing to complain and staff with a responsibility for investigating complaints.


Staff with responsibility for investigating complaints will have training on the complaints policy and procedure.


Managers will have a responsibility to inform, support and monitor staff to ensure that the policy and procedure is properly implemented and that staff are aware of the process. Staff handling the complaint will have access to information on Data Protection and Freedom of Information legislation and practice and will be aware of the expectations of the public in respect of their information. Where appropriate, training will be provided.



We will publish this policy along with the Cryptanite Ltd. Privacy Policy, Terms of Services and AML/CFT  Policy on the company’s website.


This process will be reviewed every year.