LAST UPDATED: 14 April 2022
1. Agreement to this Policy
2. Changes to this Policy
From time to time, we may revise, amend or supplement this Policy to reflect necessary changes in law, our personal data collection and usage practices, the features of our Services or the Platform, or certain advances in technology. If any material changes are made to this Policy, the changes may be prominently posted on the Platform. However, this is not obligatory for us; the onus is on you to periodically familiarize yourself with the contents of this Policy for your own information; and particularly to do so every time you access our Platform or make use of our Services. Changes to this Policy are effective when they are published. You can determine when this Policy were last revised by referring to the “LAST UPDATED” legend at the top of this Policy. Your continued access of the Platform after such changes conclusively demonstrates your acceptance of those changes.
3.1 Age. By accessing or using the Platform, you represent and warrant that you are at least eighteen (18) years of age or are of legal age to form a binding contract under applicable laws. If you are under the age of eighteen (18) or are of legal age to form a binding contract under applicable laws, you may not, under any circumstances or for any reason, use the Platform.
3.2 Legality. You are solely responsible for ensuring that this Policy follows all laws, rules, and regulations applicable to you and in your specific jurisdiction. If your use of the Platform, or any functionality provided or activity enabled thereby, is prohibited or conflicts with any applicable law, rule or regulation in your jurisdiction, you may not, under any circumstances or for any reason, use the Platform.
3.3 Criteria. We may in our sole discretion refuse to offer the Platform to any person or entity and change the eligibility criteria for use thereof at any time.
4. Privacy of children
Our Platform is not directed to collect any data from people under the age of 18 years. We do not knowingly allow anyone under the age of 18 years to submit any data to our Platform. If you believe your child may have provided us with their data, you can contact us using the information in the Contact section of this Policy and we will delete the data from our Platform.
This Policy applies to all your interactions with us via the Platform, and your interactions with us in connection therewith.
6. CONSEn FOR LEGAL OBLIGATIONS AND LEGITIMATE INTERESTS.
You provide consent to your personal data (whether provided directly by you, whether collected by us, or received by us from third parties or otherwise) being processed to satisfy all legal obligations arising from any contracts entered into/with/ involving you or to deliver any services to you; or to take steps at your request prior to entering into a contract with you; or for our legitimate interests to protect our property, rights or safety of either the Company, its users, customers, clients, other persons or other entities.
7. Data processing in connection with the PLATFORM
The information you provide, or which we obtain from other sources will be used by us, in accordance with this Policy, our other policies, applicable laws, and the European Union’s General Data Protection Regulation (“GDPR”). The below specifies which data points we collect, for what purposes, and legal basis for our use of personal information.
The types of personal information which we collect may include:
- details from your identity documents (such as deriver license, passport), number of the document, date of issue and expiration, photographic identification, etc.;
- date of birth;
- home address;
- phone number;
- video footage identifying you;
- device ID;
- IP address, browser and operating system information, geolocation details;
- login, e-mail address, password and location of your device or computer;
- version and time zone settings.
- BITFLEX services metrics (e.g. the occurrences of technical errors, your interactions with service features and content, and your settings preferences);
- banking details, including account numbers and payment card data;
- information on sources of your funds;
- transactional information;
- transaction history;
- Information from other sources: we may receive information about you from other sources such credit history information from credit bureaus;
- Information about your behavior: we may process information about you on your behavior and your activity for marketing and advertising purposes.
We may use your personal information for the following purposes:
- to allow you to open and operate an BITFLEX Account on the Platform;
- to enable you to complete transactions on the Platform;
- if you contact us, to reply to your queries;
- to contact you via email or calls;
- to analyse use of our Platform and provide functionality, analyze performance, fix errors, and improve the usability and effectiveness of our services;
- as required for regulatory purposes such as tax, prevention of money laundering, prevention of fraud, adherence to company statistical reporting obligations etc.;
- to provide you with information about products and promotions that may be of interest to you, from ourselves and third parties, although only if you have specifically agreed to receive such information;
- for market research e.g. surveying our users' needs and opinions on issues, such as our performance etc. Unless consented, your data for this purpose would be anonymised.
Legal basis for our use of personal information:
- Performance of a contract when we provide you with products or Services, or communicate with you about them. This includes when we use your personal information to take and handle orders, and process payments.
- Our legitimate interest to improve our Services.
- Our legitimate interest and the interests of our users when, for example, we detect and prevent fraud and abuse in order to protect the security of our users, ourselves, or others.
- Your consent when we ask for your consent to process your personal information for a specific purpose that we communicate to you. When you consent to processing your personal information for a specified purpose, you may withdraw your consent at any time and we will stop processing your data for that purpose.
8. We process and use Aggregated, anonymised and de-identified data.
8.1 We may also create, process, collect, use, and share aggregated, anonymized or de-identified data such as statistical or demographic data for any purpose which may be derived from your personal data. We may use this data to comply with legal or regulatory obligations.
8.2 We may share your data with members of our group, service providers and our key partners. Some of these third parties may be in a jurisdiction not covered by the laws stated in this Policy, in which case we will take all necessary steps to ensure that your personal information is treated securely and that such transfers are permitted under the applicable data protection laws.
9. Blockchain Data
Please note that we are not responsible for your use of any applicable blockchains and your data processed in this decentralized and permissionless network. We are neither the data controllers nor the data processors for any personal or non-personal data submitted to and stored on a blockchain’s network and/or any other decentralized and permissionless network.
10. We may share your personal information with third parties
10.1 We may have to share your personal data with a selected and trusted group of third party/parties to fulfil our obligations under our contract with you, to meet government, regulatory and law enforcement requests, and to continue providing you with the Services. We will only disclose your personal information to third party service providers under strict terms of confidentiality. We do not allow our third party service providers to use your personal data and information for their own purposes and only permit them to process your personal information for specified purposes and in accordance with our instructions.
10.2 We may have to share or transfer your personal information in the specific circumstances listed below:
- Merger, Acquisition etc. In connection with, or during negotiations of, any merger, sale of company assets, financing, acquisition of all or a portion of our business to another company, any dissolution transaction or proceeding involving sale, transfer, divestiture, or disclosure of all or a portion of our business or assets. In the event of an insolvency, bankruptcy, or receivership, your personal data may also be transferred as a business asset forming part of our goodwill. If another company acquires us, our business or assets, that company will possess the personal information collected by us and will assume the rights and obligations held by us regarding your personal information, as described in this Policy.
- Advertisements. Where we use third party advertising companies to serve ads when you visit or use the Platform. These companies may use information about your visits to our Platform and other websites that are contained in web cookies and other tracking technologies in order to provide advertisements about goods and services of interest to you, provided you have consented to the same.
- Affiliates. We may share your personal information with our affiliates, in which case we will require those affiliates to honour this Policy. Affiliates include our parent company and any subsidiaries, joint venture partners or other companies that we control or that are under common control with us. We may share your information with our business partners to offer you certain products, services or promotions.
- Select Third Party Vendors. In connection with the provision of our services, we may share your personal information with third party vendors, service providers, contractors or agents who perform services for us or on our behalf and require access to such information to do that work. Examples of such third parties include payment processing, customer relationship management, data analysis, email delivery, hosting services, customer service, quality assurance testing, technical support, operational support and maintenance services and marketing efforts. We have provided a list of such third-party vendors below.
11. Links to third-party websites
11.2 We specifically recommend that you, as a user (under this Policy) visit, familiarize, understand the privacy policies of such entities, as they are our partners in providing services under the facilities to you. However, even if not done as mandated herein, you undertake that you as the user accept their terms and conditions, their individual privacy policies, cookies policies, as third-party service providers to us.
12. DATA STORAGE AND DATA TRANSFERS.
12.1 Your personal data is stored and transferred in compliance with the applicable legislation or regulations of every jurisdiction in which we operate.
12.2 If you are based in the United Kingdom (“UK”), the European Union (“EU”) or the European Economic Area (“EEA”), any storage, processing and transfer of your personal data outside these territories will adhere to the relevant legal requirements, particularly the GDPR, as and however applicable and/or required.
12.3 Many of our external third-party service providers may also be based outside of the UK, EU, or EEA, so their processing, storage and transfer of your personal data will involve the transfer to and from and storage of data outside the UK, EU, or EEA. We reiterate that by using our Services you accept the terms of their individual privacy policies, cookies policies, as well as terms and conditions.
12.4 Some of the international organisations and countries to which your personal data may be transferred do not benefit from an appropriate data protection regulatory framework. For such international organisations and countries, we shall transfer your personal information only upon ensuring that a suitable degree of protection is afforded to it through the implementation of the necessary safeguards. These safeguards include an adequacy decision by the relevant authority, adequate binding corporate rules or through the inclusion of standard contractual clauses in our agreements with such organisations and countries. We shall notify you with regards to the specific safeguard we shall adopt in transferring your personal information to such an international organisation and/or country if you must require such data.
12.5 In respect of GDPR compliance (if applicable): we may use specific contracts approved by the European Commission which give personal information the same protection it has in Europe.
12.6 Please contact us at support@Bitflex.com if you want further information on the specific mechanism used by us when transferring your personal information.
13. Your rights under GDPR.
If you are a citizen of the EU, then you have these rights under the GDPR:
13.1 Right To Be Informed. This means you have a right to know:
- The identity and the contact details of the Company and its European representative;
- The contact details of our data privacy officer;
- The purposes of the processing your personal information as well as the legal basis for the processing;
- The legitimate interests pursued by us or by a third party who processes your personal information;
- The recipients or categories of recipients of your personal data;
- Our intention to transfer your personal data to a third country or international organisation and the existence or absence of an adequacy decision by the relevant supervisory authority, or where applicable, reference to the appropriate safeguards and the means to obtain their copy;
- The period for which your personal data will be stored, or if that is not possible, the criteria used to determine that period;
- Whether the provision of personal data is a statutory or contractual requirement, or a requirement necessary to enter into a contract, as well as whether you are obligated to provide the personal data and of the possible consequences of failure to provide such data;
- The existence of automated decision-making, including profiling and meaningful information about the logic involved.
- Where we intend to further process your personal data for a purpose other than that for which the personal information was collected for, we must apprise you, prior to such further processing, with information on those other purposes and with any other relevant information.
13.2 Right Of Access. This is your right to see what personal data is held about you by us. Particularly you have the right to:
- Receive confirmation as to whether or not your personal data is being processed;
- Access your personal data which we are processing along with the purposes of processing; the categories of personal data being processed; the recipients or categories of recipients to whom the personal data has been or will be disclosed; the envisaged period for which the personal data will be stored, or, if not possible, the criteria used to determine that period; where the personal data is not collected from you, any available information as to their source;
- Where your personal data is transferred to a third country or to an international organization, you have the right to be informed of the appropriate safeguards relating to the transfer;
- A copy of your personal data being processed; and
- Any further copies requested by you, upon paying a reasonable fee.
13.3 Right To Rectification. This is your right to have your personal data corrected, rectified or amended, if what is held by us or a third party onboarded by us is incorrect/ inaccurate in some way.
13.4 Right To Erasure. This is your right under certain circumstances to ask for your personal data to be deleted. This would apply if your personal data is no longer required for the purposes it was collected for, or your consent for the processing of that personal data has been expressly withdrawn, or where your personal data has been unlawfully processed. Once deleted all your personal data will be removed from our systems and will not be recoverable.
13.5 Right To Restrict Processing. This is your right to ask for a temporary halt or pause in processing your personal data, such as in the case where a dispute or legal case must be concluded, or the data is being corrected.
13.6 Right To Data Portability. This is your right to ask for your personal data supplied directly to us, which we have processed pursuant to your consent, under a contract, or by automated means, to be provided to you in a structured, commonly used, and machine-readable or electronic format.
13.7 Right To Object. This is your right to object to the further processing of your personal data which is inconsistent with the primary purpose for which it was collected, which includes profiling, automation and direct marketing.
13.8 Rights In Relation To Automated Decision Making And Profiling. This is your right not to be subject to a decision based solely on automated processing.
13.9 Right To Lodge A Complaint With The Supervisory Authority. You have the right to lodge a complaint with the supervisory authority of the member state in which you are habitually resident, or with the supervisory authority of the member state in which you work or in which your rights under the GDPR have been infringed if you believe such infringement has taken place.
13.10 Right To Contest Automated Decisions. You may contest any automated decision by us, which has been made about you and where this has a legal or similar significant effect and ask for it to be reconsidered.
13.11 If you wish to exercise any of the rights set out above or any other laws concerning your personal information (in so far as same is applicable), please contact us at support@Bitflex.com in the first instance, so that we may resolve your query, feedback or complaint amicably.
13.12 Automated Decisions. You may contest any automated decision by us, which has been made about you and where this has a legal or similar significant effect and ask for it to be reconsidered.
13.13 We aim to respond to all legitimate requests without undue delay and within seven (7) business days of receipt of any request from you. Occasionally it may take us longer than seven (7) business days, if your request is particularly complex, or if you have made duplicated or numerous requests. In this case, we will notify you of receipt of such request(s) and keep you updated as to the status of progress concerning such request(s).
13.4 If you wish to exercise any of the rights set out above, please contact us at support@Bitflex.com. We may need to request specific information from you to help us confirm your identity and ensure your right to access your personal information (or to exercise any of your other rights). This security measure is to ensure that your personal information is not disclosed to any person who has no right to receive it.
14. SECURITY PRECAUTIONS AND MEASURES EXERCISED BY us FOR PROTECTION OF YOUR personal information DATA
14.1 Your personal information is contained behind secured networks and is only accessible by a limited number of individuals who have special access rights to such systems and are required to keep the information confidential.
14.2 No Guarantee.
14.3 Please note that no transmission over the Internet or any method of electronic storage can be guaranteed to be absolutely secure. However, our best endeavours will be made to secure data and the ability to access your personal data.
14.4 Without prejudice to our efforts on protection of your data, nothing contained in this Policy constitutes a warranty of security of the facilities, and you agree to transmit personal data at your own risk.
14.5 Please note, that we do not guarantee that your personal data may not be accessed, disclosed, altered, or destroyed by breach of any of our physical, technical, or managerial safeguards.
14.6 Please always check that any site on which you are asked for financial or payment information in relation to our reservations or services is in fact legitimately owned or operated by us. The risk of impersonating hackers exists and should be taken into account when using our Platform and/or services.
14.7 If you do receive any suspicious communication of any kind or request, do not provide your information and report it us by contacting our offices immediately at support@Bitflex.com.
14.8 Since we cannot guarantee against any loss, misuse, unauthorised acquisition, or alteration of your personal data, please accept that you play a vital role in protecting your own personal data, including the adoption of sufficient safety measures such as your choosing of an appropriate password (where applicable) of sufficient length and complexity and to not reveal this password to any third-parties.
14.9 Furthermore, we cannot ensure and do not warrant the security or confidentiality of data transmitted to us, or sent and received from us by Internet or wireless connection, including: email, phone, or SMS, since we have no way of protecting that information once it leaves and until it reaches us. If you have reason to believe that your data is no longer secure, please contact us support@Bitflex.com.
14.10 Please note that should your personal data be breached, and the security of your rights be at high risk, we shall promptly and immediately communicate to you the nature of the breach which has taken place, the likely consequences of such a breach and shall describe thoroughly the measures we have implemented to address the breach and to mitigate any and all adverse effects to you and your rights. In the unlikely event of a breach occurring, please reach out to us at support@Bitflex.com for further information and for further advise on how to mitigate the potential adverse effects of such a breach.
14.11 We also aim to conduct all applicable security risk assessments to ensure the availability of risk mitigation controls, to better safeguard the integrity of user data.
15.2 Information collected from cookies is used by us to evaluate the effectiveness of our Platform and analyze trends. The information collected from cookies allows us to determine such things as which parts of the Platform are most visited and difficulties our users may experience in accessing the Platform. With this knowledge, we can improve the quality of your experience on the Platform by recognizing and delivering more of the most desired features and information, as well as by resolving access difficulties.
15.3 If you want to avoid using cookies altogether, you can disable cookies in your browser. However, disabling cookies might make it impossible for you to use certain features of the Platform. Your use of the Platform with a browser that is configured to accept cookies constitutes acceptance of our and third-party cookies.
16. Data Retention Period
16.1 We retain your personal data for a period of five (5) years. When we no longer need personal data, we securely delete or destroy it.
16.2 Aggregated de-identified data, which cannot identify a device/ browser/ individual and are used for purposes of reporting and analysis, are maintained for as long as commercially necessary.
16.3 Sometimes business and legal requirements oblige us to retain certain information, for specific purposes, for an extended period of time. When we do so, we will take your explicit consent for the same. Reasons we might retain some data for longer periods of time include:
- Security, fraud & abuse prevention;
- Financial record-keeping;
- Complying with legal or regulatory requirements; and
- Ensuring the continuity of our services at our Platform.
17. Your Inquiries
17.1 You may contact us by email to the following email address: support@Bitflex.com. We use the data that you provide in an email to us, which you may give voluntarily, only to answer your questions or to reply to your email in the best possible manner.
18. LEGAL RECOURSE TO RELEVANT AUTHORITIES
18.1 If you are based in the UK, EU or the EEA region, then you have the right to make a complaint at any time to a supervisory or regulatory authority, in particular within the UK, or a member state in the EU or EEA where you are habitually resident, where we may be based (if applicable), or where an alleged infringement of any data protection law has taken place. However, we would appreciate the opportunity to address your concerns before you approach any such authority. Please contact us in the first instance so that we may try to resolve your complaint swiftly and satisfactorily. Please contact us via email at support@Bitflex.com.
19.1 In the case of abuse or breach of security, we are not responsible for any breach of security or for any actions of any third parties which receive the information illegally.
19.2 We will not distribute customer information to be used in mailing lists, surveys, or any other purpose other than what is required to perform our services.
19.3 If you choose to restrict the collection or use of your confidential and personal information, please exit our Platform.
Please contact us with questions, comments, or concerns regarding our Policy as well as with any requests at support@Bitflex.com.