Privacy Policy

At BITmarkets a brand of UAB BITmarkets („BITmarkets“, “Company“) we understand that your privacy is important to you and are committed to being transparent about the technologies we use. 

We respect your privacy and are committed to protecting your personal data. This Privacy Policy is designed to help you understand how we collect, use and share your personal data and what are your rights with regards to Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter „GDPR“), as well as other applicable laws when you visit our website at www.bitmarkets.com and/or when you use our mobile application, or any other application (collectively, the "Interface") developed for the provision of services offered through the Interface ("Services").

This Privacy Policy applies to all BITmarkets Interface. By using BITmarkets Services you are consenting to the collection, storage, processing and transfer of your personal information as described in this Privacy Policy.

UAB BITmarkets (Registration No.: 306062346), is a company incorporated in Lithuania, operating the BitMarkets Exchange Platform and providing Services. Address: Architektu g. 56-101, Vilnius, Lithuania.

UAB BITmarkets is the data controller responsible for processing your personal data.

If you have any questions, you may contact us at [email protected].

We collect Personal Data by the following Means of Collection:

1.     Direct interaction with Client

2.     Automated Interaction by Technology

3.     Third parties’ sources of publicly available sources

The categories and types of personal information we collect depend on whether you are a customer, user, applicant or visitor, and the requirements of applicable law.

BITmarkets will use, store, process and handle Your Personal Data in accordance with GDPR and other applicable laws.

Your personal data shall be processed lawfully, fairly and in transparent manner (“lawfulness, fairness and transparency”) in adequate, relevant and limited extent necessary in relation to purposes (“data minimization”).

Your personal data will be collected and processed explicitly and specifically only for the purposes that have been collected for (‘purpose limitation’) while BITmarkets must require only the information necessary in relation to the purposes for which they have been originally collected.

We have implemented processes to ensure accuracy (“data accuracy”) and appropriate security (“integrity and confidentiality”) of personal data.

We do not keep personal data in a form that permits identification of data subject for longer than necessary for the purposes for which the personal data are processed (“storage limitation”).

We may transfer your personal information outside the EEA (European Economic Area). If we will make such a transfer, we will ensure that the transfer is lawful and that there are appropriate security arrangements in place to safeguard your personal data as provided by applicable regulations.

BITmarkets shall process your personal data in accordance with data protection laws and only for purposes they were collected for. These are the lawful basis for our use of personal information:

• Performance of a contract

Processing is necessary for the performance of a contract to which the person is party, or in order to take measures of the person’s request prior entering into a contract. The Company processes personal data in order to provide its services based on the contractual relationship with its clients (i.e. so as to perform its contractual obligations). In addition, processing of personal data takes place to be able to complete the client on-boarding/acceptance procedures and to enter in contractual relationship with the client.

• Legal obligation

Compliance with various legal obligations and requirements (e.g. anti-money laundering laws, financial regulation laws, tax laws etc.) which are sufficient as a legitimate basis for processing of personal data.

• Legitimate interests

Processing is necessary for the purposes of the legitimate interests pursued by the controller or by the third party to whom the personal data are communicated, on condition that such interests override the rights, interests and fundamental freedoms of the persons. For instance, personal data might be processed in connection with litigation, internal reporting, statistical processes etc.

• Consent

If processing of your personal data is not based on reasons described above it is based on your consent. For example, you might agree that your personal information will be used to send you marketing communications by email or phone or other agreed forms. The consent shall be freely provided, specific, informed and will unambiguously indicate your desire, which by statement or by clear affirmative action, signifies agreement to the processing.

As part of using your personal information for the purposes set put above, we may disclose your information to third parties. We require from third parties who handle or obtain personal information on our behalf in order to comply with their contractual obligations with us to acknowledge the confidentiality of this information, undertake to respect any individual’s right to privacy and comply with all the relevant data protection laws and this Privacy Policy. We will never sell your personal data, nor will we disclose it to third party without contractual obligation for security measures and privacy.

• Service providers

We may share personal data we collect about you with our third- party service providers, whose services we us while providing our Services. The categories of service providers to whom we disclose personal information include: ID and identity verification services, IT services; banks and payment processors; credit reference agencies, anti-fraud or AML databases, credit agencies, customer service providers; and vendors to support the provision of the Services.

• Advertising partners

Through our Services, we may allow third party advertising partners to set Technologies and other tracking tools to collect information regarding your activities and your device. We may also combine and share such information and other information with third party advertising partners.  These advertising partners may use this information (and similar information collected from other websites) for purposes of delivering targeted advertisements to you when you visit third party websites within their networks.

• Disclosure to protect rights and compliance with authorities’ requirements

We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

We store the personal information we receive as described in this Privacy Policy for as long as you use our Services or as necessary to fulfill the purpose(s) for which it was collected, and as may be required by law such as for audit purposes, tax, accounting , AML/KYC compliance, etc.

Retention periods will be determined taking into account the type of information that is collected and the purpose for which it is collected, bearing in mind the requirements applicable to the situation and the need to destroy outdated, unused information at the earliest reasonable time.

We store and process your data on our servers in our facilities and data centres of cloud services providers around the world, As such, we may carry out cross-border transfers of your personal data outside of EEA.

We may transfer your Personal Data outside of the European Union or outside of your country of origin. If we transfer personal information to countries outside the EEA, we will put in place appropriate safeguards to ensure that this transfer complies with the applicable laws and regulations.

Some of the countries to which your Personal Data may be transferred to for these purposes that are located outside the EU do not benefit from the adequacy decision issued by the EU Commission regarding protection afforded to Personal Data in that country. Even such transfers are undertaken in accordance with our legal and regulatory obligations, and appropriate safeguards under applicable DP Law will be implemented.

We have taken all the appropriate organizational measures to ensure that your personal data are secured (Art. 32 GDPR). Moreover, we have established an Internal Educational Training for our employees. The employees that are processing your data are being trained to respect the confidentiality of customer information and the privacy of individuals. We consider breaches of your privacy as top priority, and we will enhance our internal procedures to prevent any such event.

We use a variety of security measures to ensure the confidentiality of your Personal Data, and to protect your Personal Data. These security measures include, but are not limited to

• SSL technologies for encryption

• PCI scanning for active protection of our server

• Cryptographic protection of databases

• Antivirus software

Furthermore, we hold personal information in a combination of secure computer storage, secure servers and from time to time and if it is deemed necessary, we will store them in paper-based files. The Company has taken all the necessary steps to protect the personal information that it holds from misuse, loss, unauthorized access, modification, or disclosure.

While we will use all reasonable efforts to safeguard Your Information, you acknowledge that the use of the internet is not entirely secure and for this reason we cannot guarantee the security or integrity of any personal data transferred from you, or to you via the internet.

• The Right to access

You have the right to be provided a copy of the personal information we have about you, as well as information about how we use your personal information. In most cases, your personal information will be provided electronically, unless otherwise requested.

• The Right to rectification          

We take reasonable steps to ensure the accuracy, completeness and timeliness of the information we have about you. If you believe that the information we hold is inaccurate, incomplete or outdated, please feel free to ask us to modify, update or complete this information.

• The Right to be forgotten

You have the right to ask us to delete your personal data, for example, if the personal data we have collected about you is no longer necessary to fulfill the original purpose of the processing. However, your right must be assessed in the light of all relevant circumstances. For example, we may have certain legal and regulatory obligations, which means that we will be unable to comply with your request.

• The Right to object to processing

In certain circumstances, you may ask us to stop using your personal information. For example, if you think that the personal information, we have about you may be inaccurate, or if you think we no longer need to use your personal information.

• The Right to withdraw consent

We may process your personal data with your consent. We will be informed in advance about such processing. In cases where we process your personal data with your consent, you have the right to revoke that consent at any time. You may withdraw the consent electronically, at the Responsible Person's address, in writing, by notice of withdrawal of consent or in person at the Office. Revocation of consent does not affect the lawfulness of the processing of personal data that we have processed for you.

• The Right of data portability

In certain circumstances, you have the right to ask us to transfer the personal information you have provided to another third party of your choice. However, the right to portability applies only to personal data that we have obtained from you under consent or under a contract to which you are a party.

• The Right to restrict processing

You have the right to object to data processing that is based on our legitimate legitimate interests. If we do not have a valid legitimate reason for processing and you object, we will no longer process your personal data.

• The Right to notify the Data Protection Authority (DPA)

If you believe that we are processing your personal data unfairly or unlawfully or violating applicable law, you may lodge a complaint with the supervisory authority, if applicable in your country of residence or with Lituanian State Data Protection Inspectorate, L. Sapiegos str. 17, LT-10312 Vilnius, +370 5 271 2804, [email protected].

• Right to object to profiling

Generally, we do not make decisions about you based solely on an automated process (e.g. through automatic profiling) that affects your ability to use the services or has another significant effect on you However, if we do so, you have the right to be informed on it and you can request not to be subject to such a decision unless we can demonstrate to you that such decision is necessary for entering into, or the performance of, a contract between you and us.

We do not intentionally direct our Services to children under 18 (or other age as required by local law) and we do not knowingly collect personal information from children.  If you learn that your child has provided us with personal information without your consent, please contact us.  If we learn that we have processed any personal information in violation of applicable law, we will promptly take steps to delete such information and terminate the child’s account.

If you have any questions regarding this Privacy Policy, wish to access or change your information or have a complaint, or if you have any questions about data security, you may email us at  [email protected].

This Privacy Policy is subject to change without notice. For this reason, you are advised to look for updates from time to time.