Privacy policy

Privacy Policy

1. General Provisions

1.1. This Privacy Policy defines the procedure for the collection, processing, storage, and protection of personal data of users of the online exchange service (hereinafter — the “Service”).

1.2. This Policy is developed in accordance with applicable laws and international data protection standards, as well as AML/KYC requirements.

1.3. By using the Service, the User confirms their acceptance of the terms of this Policy.

2. Personal Data Collected

2.1. The Service may collect the following personal data:

• full name;

• date of birth;

• residential address;

• contact details (email, phone number);

• IP address, browser and device data;

• financial information and transaction data;

• cryptocurrency addresses and transaction history;

• verification (KYC) documents, including:

 • identity documents;

 • selfie with the document;

 • proof of address;

 • documents confirming the source of funds (SoF).

2.2. Data may be collected directly from the User, automatically, or via third-party services.

3. Purpose of Data Processing

3.1. Personal data is processed for the following purposes:

• performing AML/KYC procedures;

• preventing fraud and illegal activities;

• processing and executing transactions;

• complying with legal obligations;

• communicating with users (support, notifications);

• improving the Service quality.

4. Legal Basis for Processing

4.1. Personal data is processed on the following legal grounds:

• User consent;

• necessity for the performance of a contract;

• compliance with legal obligations;

• legitimate interests of the Service related to security and risk prevention.

5. Data Sharing with Third Parties

5.1. The Service may share personal data with:

• payment systems and cryptocurrency platforms (including Bybit);

• AML/KYC service providers;

• government authorities — where required by law;

• partners — strictly to the extent necessary to provide services.

5.2. Data transfer is carried out in compliance with confidentiality and security requirements.

6. Data Retention

6.1. Personal data is stored for the period necessary to:

• comply with AML/KYC requirements;

• fulfill legal obligations;

• resolve disputes and protect the Service’s rights.

6.2. Data may be retained after termination of Service use where required by law.

7. Data Protection

7.1. The Service implements appropriate technical and organizational measures to protect personal data, including:

• data encryption;

• access restriction;

• storage on secure servers;

• monitoring and prevention of unauthorized access.

7.2. Access to personal data is granted only to authorized personnel.

8. User Rights

8.1. The User has the right to:

• obtain information about their personal data;

• request correction or updates;

• request restriction of processing;

• withdraw consent (where applicable and not conflicting with legal obligations);

• lodge a complaint with a competent authority.

8.2. To exercise their rights, the User may contact the Service using the contact details provided on the website.

9. Cookies and Tracking Technologies

9.1. The Service uses cookies to:

• ensure proper website functionality;

• analyze user behavior;

• improve the Service.

9.2. The User may adjust cookie settings in their browser.

10. Confidentiality and Security

10.1. User information is treated as confidential.

10.2. The Service does not sell or disclose personal data to third parties without legal grounds.

11. Final Provisions

11.1. The Service reserves the right to amend this Privacy Policy.

11.2. The current version is published on the website and becomes effective upon publication.