Last updated: June 21, 2018
2. Personal Information We Collect
We collect the following types of information:
- Personal Identification Information: Full name, date of birth, age, nationality, gender, utility bills, photographs, phone number, home address, and/or email.
- Formal Identification Information: Passport number, driver’s license details, national identity card details and/or photograph identification cards.
- Transaction Information: Information about the transactions you make on our Services, such as the name of the recipient, your name, the amount, and/or timestamp.
- Online Identifiers: Geo location/tracking details, browser fingerprint, OS, browser name and version, and/or personal IP addresses.
- Communication: Communication between you and us.
3. How We Use Personal Information We Collect
Bitqist only processes personal information in a way that is compatible with and relevant for the purpose for which it was collected or authorized. As a general matter, for all categories of data we collect, we may use the information we collect (including personal information, to the extent applicable) to:
- provide, operate, maintain, improve, and promote the Sites and Services;
- maintain legal and regulatory compliance;
- process and complete transactions, and send you related information, including transaction notifications;
- send administrative or account-related information;
- enhance security, prevent fraud, monitor and verify identity or service access, combat spam or other malware or security risks;
- to prevent and investigate potentially prohibited or illegal activities, and/or violations of our posted terms of service;
- provide customer service and support;
- send transactional messages, including responses to your comments, questions, and requests; and send you technical notices, updates, security alerts, and support and administrative messages;
- send commercial communications, in accordance with your communication preferences, such as providing you with information about products and services, features, surveys, newsletters, offers, promotions, and events about us and our partners; and send other news or information about us and our partners.
- monitor and analyze trends, usage, and activities in connection with the Sites and Services and for marketing or advertising purposes;
- personalize the Sites and Services, including by providing features or content that match your interests and preferences; and
- process for other purposes for which we obtain your consent.
4. Personal Information from Third Party Services
We may combine information we collect as described above with personal information we obtain from third parties. For example, we obtain information about you from public databases and ID verification partners for purposes of verifying your identity. ID verification partners use a combination of government records and publically available information about you to verify your identity. Such information may include your name, address, job role, public employment profile, status on any sanctions lists maintained by public authorities, and other relevant data. In some cases, we may process additional data about you based on public interest grounds to ensure our Services are not used fraudulently or for other illicit activities.
5. Collection & Use Of Information Collected Automatically
We receive and store certain types of information automatically, such as whenever you interact with the Sites or use the Services. This information does not necessarily reveal your identity directly but may include information about the specific device you are using, such as the hardware model, device ID, operating system version, web-browser software (such as Firefox, Safari, or Internet Explorer) and your Internet Protocol (IP) address/MAC address/device identifier.
For example, we automatically receive and record information on our server logs from your browser, including how you came to and used the Services; your IP address; device type and unique device identification numbers, device event information (such as crashes, system activity and hardware settings, browser type, browser language, the date and time of your request and referral URL), broad geographic location (e.g. country or city-level location) and other technical data collected through cookies, pixel tags and other similar technologies that uniquely identify your browser. We may also collect information about how your device has interacted with our website, including pages accessed and links clicked. We may use identifiers to recognise you when you arrive at the Site via an external link, such as a link appearing on a third party site.
6. Personal Information Sharing
We take care to allow your personal information to be accessed only by those who really need to in order to perform their tasks and duties, and to share with third parties who have a legitimate purpose for accessing it. Bitqist will never sell or rent your personal information. We will only share your information in the following circumstances:
We share your information with third party identity verification services in order to prevent fraud. This allows Bitqist to confirm your identity by comparing the information you provide us to public records and other third party databases. These service providers may create derivative data based on your personal information that can be used solely in connection with provision of identity verification and fraud prevention services.
We may share your information with service providers under contract who help with parts of our business operations such as bill collection, marketing, and technology services. Our contracts require these service providers to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.
We may share your information with law enforcement, officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Terms of Service or any other applicable policies.
If you register for an account on the Services ("Bitqist Account") indirectly on a third party website or via a third party application, any information that you enter on that website or application (and not directly on a Bitqist website) will be shared with the owner of the third party website or application and your information will be subject to their privacy policies.
7. Personal Data Retention
In general, Bitqist will retain your personal data for as long as is necessary for the purposes of our business relationship with you, to perform our contractual obligations to you, or if longer, as required by law and regulations or internal policy. Information about our typical retention periods for different aspects of your personal information are described below.
- data obtained during the identity verification process for at least five years following termination of the business relationship or following the provision of services;
- data related to transactions for at least five years after the transaction was carried out.
8. Children's Personal Information
We do not knowingly request to collect personal information from any person under the age of 18. If a user submitting personal information is suspected of being younger than 18 years of age, Bitqist will require the user to close his or her account and will not allow the user to continue buying or selling digital currencies. We will also take steps to delete the information as soon as possible. Please notify us if you know of any individuals under the age of 18 using our Services so we can take action to prevent access to our Services.
9. International Information Transfers
To facilitate our operations, we may access, store, process and transmit your information in/to locations around the world - including those outside your country or the European Economic Area (the "EEA") for the purposes described in this policy. Such a transfer will not occur without adequate protection. Bitqist shall only access, store, process and transmit personal information in accordance with applicable European privacy laws.
10. Rights In Relation To Your Personal Information
For individuals who reside in the European Economic Area (including the United Kingdom) or Switzerland (collectively “EEA Residents”), see section 14.
You have the right to access, correct, update, export, or delete your personal information. You may do this at any time by logging in to your Bitqist Account via our Services and clicking on 'Settings' or by emailing us at firstname.lastname@example.org.
You can object to our use of your personal information for direct marketing purposes at any time and you may have the right to object to our processing of some or all of your personal information (and require them to be deleted) in some other circumstances.
11. Communication Preferences
You may manage your receipt of commercial communications by clicking on the “unsubscribe” link located on the bottom of such emails or you may send a request to email@example.com. Settings with regard to notifications that are being sent can be managed by logging in to your account, navigating to 'Settings' and subsequently clicking on 'Preferences'.
12. Data Security, Data Integrity, And Access
We take all reasonable steps to protect information we receive from you from loss, misuse or unauthorized access, disclosure, alteration, and/or destruction. We have put in place appropriate physical, technical, and administrative measures to safeguard and secure your information, and we make use of privacy-enhancing technologies such as encryption.
However, we cannot guarantee that loss, misuse, unauthorised acquisition, or alteration of your data will not occur. Please recognise that you play a vital role in protecting your own personal information. When registering with our Services, it is important to choose a password of sufficient length and complexity, to not reveal this password to any third-parties, and to immediately notify us if you become aware of any unauthorised access to or use of your account.
If you have any questions about the security of your personal information, you can contact us at firstname.lastname@example.org.
13. Automated Decision Making
We use automated decision making and profiling in the process of verifying your identity. Depending on the information that is verified, decisions are made by checking the information and/or documents you provided with public databases and ID verification partners and by analyzing the authenticity of the information and/or documents.
14. EEA Users & Data
This section applies to EEA Residents. Bitqist B.V. determines the purposes and means of the processing of personal information and is therefore the controller with respect to your personal information.
Legal Basis for Processing Information
Our legal basis for collecting and using your personal information will depend on the personal information collected and the specific context in which we collect it. We normally will collect personal information from you only where: (a) we have your consent to do so, (b) where we need your personal information to perform a contract with you (e.g. to deliver the Services you have requested), or (c) where the processing is in our legitimate interests. Please note that in most cases, if you do not provide the requested information, Bitqist will not be able to provide the requested service to you.
In some cases, we may also have a legal obligation to collect personal information from you, or may otherwise need the personal information to protect your vital interests or those of another person.
If you have any questions about or need further information concerning the legal basis on which we collect and use your personal information, please contact us at email@example.com.
EEA Residents have the following rights, which can be exercised by going to your logging in to your account and clicking on "Settings" or contacting us at firstname.lastname@example.org. We will respond to requests as soon as possible, but in any case within thirty days.
- Right to withdraw consent. You have the right to withdraw your consent to the processing of your personal information collected on the basis of your consent at any time.
- Right of access to your personal information. You have a right to request that we provide you a copy of your personal information held by us.
- Right of rectification of your personal information. You have the right to rectify or update any of your personal information held by us that is inaccurate.
- Right to erasure of your personal information. You have the right to request erasure of your personal information that: (a) is no longer necessary in relation to the purposes for which it was collected or otherwise processed; (b) was collected in relation to processing that you previously consented, but later withdraw such consent; or (c) was collected in relation to processing activities to which you object, and there are no overriding legitimate grounds for our processing.
- Right to data portability. If we process your personal information based on a contract with you or based on your consent, or the processing is carried out by automated means, you may request to receive your personal information in a structured, commonly used and machine-readable format, and to have us transfer your personal information directly to another “controller”, where technically feasible, unless exercise of this right adversely affects the rights and freedoms of others. A “controller” is a natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of your personal information.
- Automated individual decision-making, including profiling. You have the right not to be subject to a decision based solely on automated processing of your personal information, including profiling, which produces legal or similarly significant effects on you, save for the exceptions applicable under relevant data protection laws.
- Right to restriction of or processing. You have the right to restrict or object to us processing your personal information where one of the following applies:
(a) You contest the accuracy of your personal information that we processed. In such instances, we will restrict processing during the period necessary for us to verify the accuracy of your personal information.
(b) The processing is unlawful and you oppose the erasure of your personal information and request the restriction of its use instead.
(c) We no longer need your personal information for the purposes of the processing, but it is required by you to establish, exercise or defense of legal claims.
(d) You have objected to processing, pending the verification whether the legitimate grounds of Bitqist’s processing override your rights.
- Right to object to processing. Where the processing of your personal information is based on consent, contract or legitimate interests you may restrict or object, at any time, to the processing of your personal information as permitted by applicable law.
- Right to lodge a complaint. If you believe that we have infringed your rights, we encourage you to contact us first at email@example.com so that we can try to resolve the issue or dispute informally. You can also complain about our processing of your personal information to the relevant data protection authority. In the Netherlands, the relevant data protection authority is de Autoriteit Persoonsgegevens.
3013 AL Rotterdam