Last Updated: March 27th, 2020
1. GENERAL PROVISIONS
the kinds of Personal Information which we may collect about you, the reasons for collecting this information, how it may be used and for how long we will keep it;
disclosure of Personal Information to third parties;
information on international data transfer;
your ability to access, correct, update, restrict use, ask us to transfer and/or delete your Personal Information;
the extent of automated decision-making or profiling that we carry out using your Personal Information;
the security measures we have in place to prevent the loss, misuse, or alteration of Personal Information under our control, and
your rights to lodge a complaint.
2. COLLECTING AND USE OF PERSONAL INFORMATION
The types of Personal Information which we collect may include:
your photographic identification;
details from your identity documents (such as driver license, passport), number of the document, date of issue and expiration, photographic identification, address etc.;
your phone number;
your e-mail address;
your IP address, Browser and Operating System information, geolocation details;
your banking details including account numbers and payment card data;
your date of birth;
your employment details;
your trades; and
information on sources of your funds.
We will process your Personal Information only for the purpose(s) of providing to you the service(s) that you ask us to provide you, to satisfy the legal obligations stemming from regulatory obligations that arise from providing you the service(s) and our legitimate interest.
Based on our legal obligations and legitimate interest we may request other documents for your identity verification and the sources of your funds confirmation for the purposes of money laundering and fraud prevention. To know more about it please see our AML/KYC policy.
3. PURPOSES OF COLLECTING PERSONAL INFORMATION
We may use your Personal Information for the following purposes:
to allow you to open and operate an Account on the Platform;
to enable you to complete Transactions on the Platform;
if you contact us, to reply to your queries;
to analyze use of our Sites;
as required for regulatory purposes such as Tax, prevention of Money Laundering, prevention of Fraud, adherence to Company statistical reporting obligations etc.;
to provide you with information about products and promotions that may be of interest to you, from ourselves and third parties, although only if you have specifically agreed to receive such information;
for market research e.g. surveying our Users' needs and opinions on issues, such as our performance etc. Unless consented, your data for this purpose would be anonymized.
4. DISCLOSURE OF PERSONAL INFORMATION
We may make available the Personal Information that you provide to us for the limited purpose indicated for and during the provision of the service that you would have requested in particular to:
our affiliates, agents and representatives;
payment service providers and financial institutions;
customer communications platforms;
our contractors providing software for identity verification purposes;
our contractors providing us information on sanctions lists from publicly accessible sources.
We may also share Users’ Personal Information with financial institutions, insurance companies or other companies in the case of a merger, divestiture, or other corporate re-organisation and notify you of such sharing of your information to be able to exercise any of your rights where applicable.
We may also share Users' Personal Information with law enforcement or regulatory agencies, as may be required by law. In certain cases, we may not be able to inform you of such sharing of data due to legal restrictions.
Any third party which receives or has access to Personal Information shall be required by us to protect such Personal Information and to use it only to carry out the services they are performing for you or for BITHERA, unless otherwise required or permitted by law. Such a third party, except for regulatory authorities, would be contractually bound to adhere to the same security and confidentiality policies as BITHERA and assume the same responsibilities as BITHERA.
The legitimate exercise of any of your rights with BITHERA will also be notified to be applied by any such third parties having been given access to your Personal Information.
5. INTERNATIONAL DATA TRANSFERS
Our contractors and affiliates are situated at different locations (including countries located outside the EU) and we sometimes need to transfer your personal data to third countries to provide our services to you. We strive to ensure adequate level of your personal data protection wherever our contractor is located. Be sure we may transfer your Personal Information only in the following cases:
if the country where we transfer your Personal Information to provides the adequate level of personal data protection (based on the relevant decision of European Commission (you may click here to see the list of such countries);
if we take appropriate safeguards to ensure that your rights as data subject are protected;
if any derogations for specific situations apply (for instance, if is such transfer is necessary for the establishment, exercise or defence of legal claims or for important reason of public interest).
6. YOUR RIGHTS
You have the right to access your Personal Information and to require the correction, updating and blocking of inaccurate and/or incorrect data by sending an email to us at [email protected] or where possible, you can do these actions in your account profile page yourself.
Upon your written request at [email protected], we will inform you of the Personal Information relating to you that we hold and the use and general disclosure of your Personal Information. We will also give you a copy of the Personal Information we have retained. There may be a minimal charge for providing you additional copies of your Personal Information to cover administrative costs.
You may also request the deletion or destruction of both the Account and Personal Information by sending an email to us at: [email protected] will action your request immediately, except, where this is not consistent with its legal and regulatory obligations.
You may also ask us to transfer your Personal Information to another controller of your choice.
To ensure the confidentiality, integrity and availability of your information to yourself, we may request you to confirm your identity by providing identification documentation and/or other methods prior to assisting you in exercising any of your rights.
If you refuse to prove your identity, we may decline to take actions in respect of your data, save restricting processing, until we can ensure that such actions are the true wish of the data subject.
In the carrying out of our services we may use automated processing and profiling to reduce the risks of fraud, money laundering and abuse of our services. Through this automated processing, we carry out an analysis of your identification, transactional and behavioral patterns.
We may not able to provide you with some or all our services if you do not wish this automated processing to be carried out. If you feel that this processing might be detrimental to you, please contact us on [email protected], and our compliance officer will review your application.
We have implemented technical and organizational security measures to ensure the confidentiality, integrity and accountability of your Personal Information and to protect your Personal Information from loss, misuse, alteration or destruction. Such measures include:
the pseudonymization and encryption of personal data;
the access control;
the ability to ensure the ongoing confidentiality, integrity, availability and resilience of our processing systems and services;
the ability to restore the availability and access to personal data in a timely manner in the event of a physical or technical incident.
Only authorized personnel of BITHERA have access to your Personal Information, and these personnel are required to treat the information as confidential.
Where you have consented to, or we are obliged to pass on Personal Information to third parties to provide you with a requested service or in the carrying out of a regulatory or legal obligation, we will request that the same levels of technical and organisational security measure be applied through contractual arrangements, where possible.
We conduct testing, assessment and evaluation of our technical and organisational measures effectiveness on a regular basis. Technical and organisational security measures in place will, from time to time, be reviewed in line with legal and technical developments.
In the event of a personal data breach or the failure of the measures of protection of such information we will immediately notify you without undue delay.
8. CHILDREN'S PERSONAL DATA
Please note that our services are exclusively offered to individuals at least 18 years old. We do not process any Personal Information of children under this age.
9. IP ADDRESSES
We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and will not be used to identify any individual unless that same individual.
We use third party service provider(s), to assist us in better understanding the use of our Sites. Our service provider(s) will place cookies on the hard drive of your computer and will receive information that we select that will educate us on such things as how visitors navigate around our Sites, what products are browsed, and general Transaction information. Our service provider(s) analyses this information and provides us with aggregate reports. The information and analysis provided by our service provider(s) will be used to assist us in better understanding our visitors' interests in our Sites and how to better serve those interests. The information collected by our service provider(s) may be linked to and combined with information that we collect about you while you are using the Platform. Our service provider(s) is/are contractually restricted from using information they receive from our Sites other than to assist us.
The company will keep records of all transfers of Personal Information to third parties and this information, where possible, can be provided to you.
11. RETENTION OF PERSONAL INFORMATION
Your information is held within our servers located within the European Union. Access to this information is provided to employees of BITHERA whose office may also be outside of the European Union but who adhere to the same principles of data security and processes as those within the European Union (please see the Section on International data transfers for more details).
Your payment method information that you may use to effect or receive payments from BITHERA are passed on to a third-party payment processor(s) which is/are based in the EU and with which BITHERA has a contractual agreement to safeguard your rights. Unless you create an account with us and conduct transactions, we do not retain your payment method information.
In accordance with record keeping activities for Anti-Money Laundering, Tax and Company legal obligations and considering the period during which you may bring legal claims against us under the law of the United Kingdom, we will retain Personal Information for a period of six years after our User closes his or her Account and terminates legal relationships with us for six years from the end of the tax period in which the User conducts his or her last transaction.
Data stored for regulatory purposes only will be protected from unnecessary processing and will be held only for the purpose of being able to provide information or access to relevant authorities.
12. DISPOSAL OF PERSONAL INFORMATION
Once we do not have any obligation to providing you with a service you requested, nor an obligation to hold Personal Information for regulatory or legal purpose, we will anonymize or dispose of your Personal Information in line with acceptable industry and security standards so that this cannot be subsequently retrieved and associated to you.
Where we cannot directly remove such records, such as in archived backups, we will retain a log of which Personal Information should be removed if ever the backup data is restored.
If we consider that your rights may be affected by any such changes, we will request you to confirm your consideration and acceptance prior to continue our relationship with you.
14. CONTACT INFORMATION