Gizlilik Politikası

This Privacy Policy (“Policy”) is designed to help you understand how we collect, retain, use and share your personal data through the Company website and mobile application as referenced in this Privacy Policy, and what are your rights with regard to the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation hereinafter “GDPR”), as well as other applicable laws when you visit our platform at www.bitmarkets.com and/or when you use our mobile application developed for the provision of the products and services (“Services”).

This Policy applies to the BITmarkets platform and application and operates in conjunction with any terms of business and other contractual documents, including but not limited to any agreements the Company may have with you as a client or user of the services. Additionally, this Policy, along with our Cookie Policy, shall apply to visitors who are neither clients, users, nor applicants for the use and/or access of our services in the platform and/or application but are using it nonetheless. 

The BITmarkets Operators are the parties that run BITmarkets, including but not limited to legal persons such as UAB BITmarkets and Unicorn Technologies Ltd. The entity responsible for your personal data is the specific legal entity that determines both the purposes and means of any processing activities it undertakes. This means that the legal entity in charge of processing your personal data is the one that decides how and why your data is collected, used, and managed. Each entity within the BITmarkets Operators may have distinct roles and responsibilities regarding personal data, and the handling of your data will be governed by the policies and practices of the controlling entity that processes it.

By using our services, you hereby affirm and consent to the collection, retention, processing and transfer of your personal information as described in this Policy.

The categories and types of personal information we collect vary depending on whether you are a customer, user, applicant, or visitor, and in accordance with applicable laws and regulations. We gather personal data by the following means of collection:

1.     Direct interaction with Client;

2.     Automated Interaction via Technology;

3.     Third-party sources, such as publicly available sources.

BITmarkets will use, store, process and handle your personal data in accordance with the GDPR and other applicable laws.

Your personal data will be explicitly and specifically collected and processed only for the purposes for which they were originally collected. Thus, BITmarkets will request only the information necessary in relation to these purposes.

Your personal data will be processed lawfully, fairly, and transparently, in an adequate, relevant, and limited manner, following the principle of "data minimization”, necessary in relation to the purpose herein. Thus, we have implemented processes to ensure the accuracy and appropriate security of personal data.

We do not retain personal data in a form which allows the identification of data subjects for longer than necessary for the purposes for which the personal data are processed. Nevertheless, we may transfer your personal information outside the European Economic Area (“EEA”). Should such transfer occur, we will ensure that it is lawful and that appropriate security arrangements are in place to safeguard your personal data, as required by applicable laws and regulations.

BITmarkets will process your personal data in compliance with data protection laws and solely for the purposes for which they were collected. The following are the lawful bases for our utilization of personal information:

• Performance of a Contract

Processing is necessary for the performance of a contract to which the individual is a party, or to take measures at the individual's request prior to entering a contract. The Company processes personal data to provide BITmarkets services based on the contractual relationship with its clients, fulfilling its contractual obligations. Additionally, personal data processing occurs to facilitate client onboarding or acceptance procedures and to establish a contractual relationship with the client.

• Legal Obligation

Compliance with various legal obligations and requirements (e.g. anti-money laundering laws, financial regulation laws, tax laws etc.)  serves as a legitimate basis for processing personal data.

• Legitimate Interests

Processing may be necessary for the determination of the legitimate interests pursued by the controller or by a third party to whom the personal data is disclosed, provided that such interests override the rights, interests, and fundamental freedoms of individuals. 

• Consent

If the processing of your personal data is not based on the reasons described above, it is based on your consent. Consent must be freely given and provided in a manner that clearly indicates the truthfulness of the information which can be given through a statement or a clear affirmative action that signifies agreement to the processing.

We require third parties who handle or acquire personal information on our behalf to acknowledge the confidentiality of this information and commit to respecting individuals' right to privacy, as well as complying with all relevant data protection laws and this Privacy Policy, as part of their contractual obligations with us. We will neither sell your personal data, nor will we disclose the same to third parties without contractual obligations for security measures and privacy.

• Service Providers

We may share personal data we collect about you with our third-party service providers, whose services we use while providing our Services. The categories of service providers to whom we disclose personal information include: ID and identity verification services; IT services; banks and payment processors; credit reference agencies; anti-fraud or AML databases; credit agencies; customer service providers; and vendors to support the provision of the Services.

• Advertising Partners

Through our Services, we may permit third party advertising partners to set technologies and other tracking tools to collect information regarding your activities and your device. We may also combine and share such information and other information with third party advertising partners.  These advertising partners may use this information, along with similar information collected from other websites, for purposes of delivering targeted advertisements to you when you visit third party websites within their networks.

• Disclosure to Protect Rights and Compliance with Authorities’ Requirements

We may access, preserve, and disclose any information we store associated with you to external parties if we, in good faith, believe that doing so is required or appropriate to: comply with law enforcement or national security requests and legal process, such as a court order or subpoena; protect your, our or others’ rights, property, or safety; enforce our policies or contracts; collect amounts owed to us; or assist with an investigation or prosecution of suspected or actual illegal activity.

We store and keep personal information we receive as described in this Privacy Policy for as long as you use our Services, in order to fulfil the relevant purposes described in this Policy, as may be necessary to fulfil the purpose/s for which it was collected, and as may be required by law such as for purposes of, including but not limited to, audit, tax, accounting, AML/KYC compliance. 

We are subject to certain anti-money laundering laws that may require us to retain personal information for a period of not less than six years from the date of the expiration or termination of the contractual relationship with you. We may retain your personal data for longer than six years if we are unable to remove your personal information by reason of legal, regulatory, or technical reasons.

We store and process your data on our servers in our facilities and data centres of cloud services providers around the world. Thus, we may carry out cross-border transfers of your personal data outside of the EEA.

We may transfer your Personal Data to our affiliates, third party partners, and service providers based throughout the world. If we transfer personal information to countries outside the EEA, we will put in place appropriate safeguards to ensure that this transfer complies with the applicable laws and regulations.

Some of the countries to which your Personal Data may be transferred for these purposes, located outside the EU, do not benefit from the adequacy decision issued by the EU Commission regarding protection afforded to Personal Data in that country. However, even such transfers are conducted in accordance with our legal and regulatory obligations, and appropriate safeguards under applicable Data Protection Law will be implemented.

We have implemented all appropriate organizational measures to ensure the security of your personal data (Art. 32, GDPR), and we use a variety of security measures to ensure the confidentiality of your personal data, and to protect your personal data. These security measures include, but are not limited to:

• SSL technologies for encryption

• PCI scanning for active protection of our server

• Cryptographic protection of databases

• Antivirus software

Additionally, we store personal information using a combination of secure computer storage, secure servers, and, if deemed necessary, paper-based files. The Company has implemented all necessary measures to safeguard the personal information it holds from misuse, loss, unauthorized access, modification, or disclosure.

Furthermore, we have established an Internal Educational Training program for our employees. Those who handle your data receive training to uphold the confidentiality of customer information and respect the privacy of individuals. We prioritize the prevention of breaches of your privacy and continually enhance our internal procedures to mitigate any such events.

While we will use all reasonable efforts to safeguard your information, you acknowledge that the use of the internet is not entirely secure and for this reason, we cannot guarantee the security or integrity of any personal data transferred from you, or to you via the internet.

• Your Rights

• The Right to Access

You have the right to be provided a copy of the personal information we have about you, as well as the information about how we use your personal information. In most cases, your personal information will be provided electronically, unless otherwise requested and agreed by the Company and of the client.

• The Right to Rectification          

We take reasonable steps to ensure the accuracy, completeness and timeliness of the information we have about you. If you believe that the information we hold is inaccurate, incomplete or outdated, please do not hesitate to request for modification, update, or completion of such information.

• The Right to be Forgotten

You have the right to request the deletion of your personal data. However, the exercise of such right will undergo assessment, review and approval in consideration of all relevant circumstances. 

• The Right to Object to Processing

In certain circumstances, you may request us to cease using your personal information. For instance, if you believe that the personal information we have about you is inaccurate, or if you believe that we no longer need to use your personal information.

• The Right to Withdraw Consent

We may process your personal data with your consent, and you will be informed in advance about such processing. In cases where we process your personal data with your consent, you have the right to revoke that consent at any time. You may withdraw the consent electronically, at the Responsible Person's address, in writing, by notice of withdrawal of consent or in person at the Office. Revocation of consent does not affect the lawfulness of the processing of personal data that we have processed for you.

• The Right of Data Portability

In certain circumstances, you have the right to request us to transfer the personal information you have provided to another third party of your choice. However, the right to portability applies only to personal data that we have obtained from you under consent or under a contract to which you are a party.

• The Right to Restrict Processing

You have the right to object to data processing that is based on our legitimate interests. If we do not have a valid legitimate reason for processing your personal data and you object, we will cease processing your personal data.

• The Right to Notify the Data Protection Authority (DPA)

If you believe that we are processing your personal data unfairly or unlawfully or violating applicable law, you may lodge a complaint with the data protection authority, if applicable in your country of residence, or with Lithuanian State Data Protection Inspectorate. However, we kindly request you to first contact us through [email protected] to provide us with the reasonable opportunity to address any concerns you may have.

• Right to Object to Profiling

Generally, we do not make decisions about you based solely on an automated process (e.g. through automatic profiling) that affects your ability to use the services or has another significant effect on you. However, if we do so, you have the right to be informed about it and you can request not to be subject to such a decision unless we can demonstrate to you that such decision is necessary for entering into, or the performance of, a contract between you and us.

We do not intentionally direct our Services to children under the age of 18 (or other age as may be required by local law) and we do not knowingly collect personal information from children.  If you become aware that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. If we discover that we have processed any personal information contradictory to this Policy, we will promptly take action to delete and remove such personal information and terminate his or her account to prevent the child from using our services.

This Policy may be published in various languages. In case of discrepancy in the interpretation of this Policy, the English version shall prevail.

We respect your privacy and we are committed to protecting your personal data.

If you have any questions regarding your account management or you intend to exercise any of your rights as abovementioned, you may contact us at  [email protected]. 

If you intend to raise a concern with regard to your personal information, or to address a question or issue with regard to the collection and/or processing of your personal information, you may contact us at [email protected]. 

This Policy is subject to change without notice. Therefore, we recommend checking for updates periodically.

Last updated: August 2024