Effective Date: 29 December 2018
Definition of Personal Data
Collection of your Personal Data
Bitstarter collects personal data in a number of ways. We collect your personal data, when you:
- visit, browse, and use our Website;
- fill in registration and other forms;
- provide full name and other requested information during identity verification;
- send us an email with personal data;
- contact us with any enquiries;
- use any Services of Bitstarter;
- chat with us in customer support form or via email;
- deposit your wallet;
- submit offers and other trading information;
- submit any content;
- open a dispute or become a party to a dispute with other user;
- provide any information to Bitstarter using other methods;
- subscribe or unsubscribe to our newsletters.
Bitstarter may receive the following personal data:
- information provided by the user during account registration, including, user name, full name, phone number, date of birth, postal address and email address;
- your ID/passport and details containing in these documents, proof of address;
- information about your transactions that you conduct on the Website, including, without limitation, payment method, currency, trade value, trade price, etc;
- information that you provide to Bitstarter support manager;
- any other personal data which you directly provide to Bitstarter; and
- any other personal data requested or required by the Website.
Our Website can be visited anonymously. The Website processes anonymous metadata through cookies such as the URL of the requested file, the amount of data transferred, the date and time of the request from the user, Internet browser information, operating system type, the IP address of the used device, the Internet service provider, reference links such as user clicks on certain links. This metadata cannot be used by the Website to obtain personally identifiable information. This information is only used for general purposes, such as technical improvements, statistical and marketing analysis.
When you visit our Website and use our Services, we may automatically receive some information that identifies, for each page accessed:
- the type of browser and operating system you have used;
- the IP (Internet Protocol) address of the device which has accessed it (example PC, tablet);
- the date and time of your visit to the Website;
- the pages accessed and documents downloaded;
- your top-level domain name (for example .com, .io, .eu, etc.);
- the address of your server;
- the previous website visited;
- the average duration of page view;
- the navigation behaviour and preferences of the user.
Bitstarter collects and processes personal data about users and customers only if Bitstarter has lawful basis. Lawful basis includes:
- consent (where you have given consent);
- legitimate interests.
Where we rely on your consent to process personal data, you have the right to withdraw or decline your consent at any time and where we rely on legitimate interests, you have the right to object.
The legitimate interests are:
- analysing and understanding your behaviour on the Website;
- performing our Services;
- conducting an identity verification to protect our users from illegal or fraudulent actions;
- making improvements to the Website and Services;
- enabling us to enhance, customise or modify our Services and communications;
- improving data security;
- determining whether marketing campaigns are effective.
If you have any questions about the lawful basis upon which we collect and use your personal data, please contact our Data Protection Officer at firstname.lastname@example.org. Please put “DPO” in the subject of your email.
Bitstarter does not knowingly provide Services and collect personal information from anyone under 18 years of age. Our Services are available only to the users over 18 years old. If we learn that we have collected the personal information of a child under 13, or equivalent minimum age depending on jurisdiction, we will take steps to delete the information as soon as possible.
Sharing your Personal Data
Bitstarter may share your information with:
- service providers we work with to deliver some Services;
- legal and regulatory authorities, as required by applicable laws and regulations;
- our employees;
- our auditors, lawyers, accountants, consultants and other professional advisors, where it is reasonably necessary for obtaining advice, professional services, or managing legal disputes;
The details of our main service provider are as follows:
What information is shared
About Service Provider
Conducting KYC and AML verification of users
Your passport or ID as well as other documents and information that is required by applicable laws for KYC and AML verification
Sum And Substance Ltd (UK)
Services are used to receive membership payments, and store BTC, dash, etc.
User contact details
Services are used to process exchange features
Information in order to process exchange
Hot Bit srl
Services are used to allow fiat withdrawals
Information in order to process withdrawals
Safenetpay Services Company Ltd.
We do not collect or request your sensitive data (including, but not limited to, information about your religious or political beliefs, opinions). Where you have provided it to us voluntarily, you shall be solely responsible for security of any sensitive data, and we do not intend to use this data for any purpose, nor share this data with any third parties. Please do not post or add sensitive and other personal data that you would not want to be publicly available.
Use of Personal Data
Personal data will be collected, held, used and disclosed for the following purposes jointly and/or severally:
- to provide you with Services requested;
- to identify you;
- to verify your identity as described in the Terms;
- to process registration and log in to our Website;
- to provide you with newsletters you subscribed to;
- to process any requests;
- to resolve disputes;
- to perform marketing analysis and to conduct market research;
- to the extent permissible or necessary by law, for any other purpose as may be deemed reasonably necessary by Bitstarter in the circumstances;
Users’ Rights in relation to its Personal Data
You may access your personal data held by us to correct, update and remove inaccurate or incorrect data. You have the following rights:
- delete some or all personal data that we held about you;
- change or correct your personal data that we held about you;
- object to, or limit or restrict, use of your personal data;
- right to access and/or take your personal data: you can ask us for a copy of your personal information in machine readable form;
- ask not to use your personal data for marketing purposes;
- access information we hold about you.
If you want your personal data to be corrected, updated or removed, please contact our Data Protection Officer at email@example.com. Please put “DPO” in the subject of your email.
Security of Personal Data
We use certain technologies to ensure the confidentiality of your personal data. Bitstarter uses several security measures, including, without limitation, SSL method, two-factor authentication and other industry-leading measures to protect your data.
While we strive to use commercially acceptable means to protect your personal data, no method of transmission over the Internet, or method of electronic storage, is completely secure, and we cannot guarantee absolute security of your personal data.
We process information both inside and outside of the European Union and European Economic Area and rely on legally-provided mechanisms to lawfully transfer information across borders. Countries where we process information may have laws which are different, and potentially not as protective, as the laws of your own country.
We retain your personal data for as long as your account is in existence or necessary to fulfil the purposes for which we collect it or as needed to provide you with the services, except if required otherwise by law. However, when your account is terminated for any reason, we will delete your personal information entirely.
In some cases we may determine the period of data retention based on the period we need to access the data for the provision of services, receiving payment, resolving your customer support issues or for any other auditing or legal purposes.
Retention periods may be changed from time to time based on regulatory requirements.
The email notifications sent by Bitstarter are of two types:
- system notification sent by the Website via email (examples of such emails may include an invite email, registration confirmation, verification emails, or any other emails that are required to operate your account);
- product and service notifications that you directly subscribed to.
It should be noted that you may not unsubscribe from system notification emails as these emails contain important user information and are sent for your legitimate interests. You may unsubscribe from product and service notifications any time by visiting an opt-out page. Such notifications contain information about our Website updates, new services and products added as well as other notifications for information use only.
Merge of Company
Data Controller Person
To communicate with our Data Protection Officer, please contact us at firstname.lastname@example.org. Please put “DPO” in the subject of your email.