Privacy Policy

1. Introduction

Welcome to BitPayPro. BitPayPro ("we," "our," or "us") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy explains in detail how we collect, use, disclose, and safeguard your information when you access or use our cryptocurrency exchange platform, website, mobile applications, and related services (collectively, the "Platform").

By accessing or using the BitPayPro Platform, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree with the terms of this Privacy Policy, please do not access or use our Platform. We reserve the right to make changes to this Privacy Policy at any time and for any reason. We will alert you about any changes by updating the "Last updated" date of this Privacy Policy.

This Privacy Policy is designed to comply with applicable data protection laws, including the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other relevant privacy regulations worldwide.

2. Information We Collect

2.1 Information You Provide to Us

We collect information that you voluntarily provide to us when you register for an account, use our services, or communicate with us. This information includes:

• Personal Identification Information: Full legal name, email address, phone number, date of birth, nationality, residential address, and government-issued identification documents (passport, driver's license, or national ID card)
• Financial Information: Bank account details, payment card information, billing address, transaction history, and trading preferences
• Verification Information: Documents and information required for identity verification, KYC (Know Your Customer), and AML (Anti-Money Laundering) compliance, including selfies, utility bills, and source of funds documentation
• Account Credentials: Username, password, security questions and answers, two-factor authentication settings, and API keys
• Communication Data: Records of your correspondence with our customer support team, feedback, survey responses, and any other information you choose to provide
• Professional Information: Employment status, occupation, and investment experience (required for certain account types)

2.2 Information Automatically Collected

When you access or use our Platform, we automatically collect certain information about your device and usage patterns:

• Device Information: IP address, browser type and version, operating system, device identifiers (such as UDID or IMEI), device model, screen resolution, and mobile network information
• Usage Data: Pages and features accessed, time spent on pages, links clicked, trading activity, order history, search queries, and navigation patterns
• Cookies and Similar Technologies: Information collected through cookies, web beacons, pixel tags, and similar tracking technologies to enhance user experience and analyze platform performance
• Location Data: Geographic location information derived from your IP address or, with your permission, precise location data from your mobile device
• Log Data: Server logs, error reports, system activity, and technical diagnostics

2.3 Information from Third Parties

We may receive information about you from third-party sources, including:

• Identity verification service providers and background check agencies
• Payment processors and financial institutions
• Blockchain data providers and analytics services
• Marketing partners and affiliate networks
• Public databases and government registries
• Social media platforms (if you choose to connect your social media accounts)

3. How We Use Your Information

We use the information we collect for legitimate business purposes and to fulfill our contractual obligations to you. Specifically, we use your information for:

3.1 Service Provision and Account Management

• Creating, maintaining, and managing your BitPayPro account
• Processing, executing, and settling your cryptocurrency transactions
• Providing access to our trading platform, mobile applications, and API services
• Enabling deposits, withdrawals, and transfers of digital assets and fiat currency
• Offering customer support and responding to your inquiries
• Providing personalized features, recommendations, and content based on your preferences

3.2 Security and Compliance

• Verifying your identity and conducting KYC (Know Your Customer) procedures
• Complying with AML (Anti-Money Laundering) and counter-terrorism financing regulations
• Detecting, preventing, and investigating fraud, money laundering, and other illegal activities
• Protecting against security threats, abuse, and unauthorized access
• Monitoring transactions for suspicious activity and reporting to relevant authorities when required
• Enforcing our Terms of Service and other legal agreements
• Complying with legal obligations, court orders, and regulatory requirements

3.3 Platform Improvement and Analytics

• Analyzing usage patterns and trends to improve our Platform functionality
• Conducting research and development for new products and features
• Testing new technologies and processes
• Troubleshooting technical issues and optimizing platform performance
• Generating aggregated, anonymized statistical data for internal and external purposes

3.4 Communications and Marketing

• Sending transactional notifications about your account activity
• Providing important updates about service changes, maintenance, or security alerts
• Delivering newsletters, promotional materials, and marketing communications (with your consent where required)
• Conducting surveys and soliciting feedback to enhance user experience
• Administering contests, promotions, and referral programs

The legal bases for processing your personal information include: (i) your consent; (ii) performance of a contract with you; (iii) compliance with our legal obligations; (iv) protection of your vital interests or those of another person; and (v) our legitimate interests, provided that such interests do not override your rights and freedoms.

4. Information Sharing and Disclosure

We take your privacy seriously and do not sell your personal information. However, we may share your information in the following limited circumstances:

4.1 Service Providers and Business Partners

We may share your information with trusted third-party service providers who assist us in operating our Platform, including:

• Identity verification and KYC service providers
• Payment processors and banking partners
• Cloud storage and hosting providers
• Customer support and communication platforms
• Analytics and data processing services
• Security and fraud prevention services
• Marketing and advertising partners (with your consent)

These service providers are contractually obligated to use your information only for the purposes we specify and to maintain appropriate security measures.

4.2 Legal and Regulatory Requirements

We may disclose your information when required by law or when we believe in good faith that such disclosure is necessary to:

• Comply with legal obligations, court orders, subpoenas, or government requests
• Cooperate with law enforcement, regulatory authorities, and tax authorities
• Enforce our Terms of Service and other legal agreements
• Protect the rights, property, or safety of BitPayPro, our users, or the public
• Respond to claims of illegal activity or violations of third-party rights
• Detect, prevent, or investigate fraud, security breaches, or criminal activity

4.3 Business Transfers

In the event of a merger, acquisition, reorganization, bankruptcy, or sale of all or substantially all of our assets, your personal information may be transferred to the successor entity. We will provide notice before your information is transferred and becomes subject to a different privacy policy.

4.4 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so, such as when you authorize us to share information with a third-party application or service.

4.5 Aggregated and Anonymized Data

We may share aggregated, anonymized, or de-identified information that cannot reasonably be used to identify you. This may include market trends, trading volumes, and platform usage statistics.

Important: We do not sell, rent, or trade your personal information to third parties for their marketing purposes.

5. Data Security

We implement comprehensive technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. Our security measures include:

• Encryption: We use industry-standard encryption protocols (TLS/SSL) to protect data in transit and AES-256 encryption for data at rest
• Secure Infrastructure: Our servers are hosted in secure, certified data centers with 24/7 monitoring, redundant systems, and regular backups
• Asset Protection: The majority of digital assets are stored in cold storage wallets with multi-signature authentication, isolated from internet connections
• Access Controls: Strict role-based access controls ensure that only authorized personnel can access sensitive information on a need-to-know basis
• Security Monitoring: Continuous monitoring and logging of system activities to detect and respond to security incidents in real-time
• Regular Audits: Periodic security audits, penetration testing, and vulnerability assessments conducted by independent third-party security firms
• Employee Training: Regular security awareness training for all employees to prevent social engineering and data breaches
• Two-Factor Authentication: Mandatory 2FA for all user accounts and administrative access

However, please be aware that no method of transmission over the Internet or method of electronic storage is 100% secure. While we strive to use commercially acceptable means to protect your personal information, we cannot guarantee its absolute security. You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account.

6. Cookies and Tracking Technologies

We use cookies and similar tracking technologies to enhance your experience on our Platform, analyze usage patterns, and deliver personalized content. Cookies are small data files stored on your device that help us recognize you and remember your preferences.

6.1 Types of Cookies We Use

• Essential Cookies: Required for the Platform to function properly, including authentication, security, and session management
• Performance Cookies: Help us analyze how visitors use our Platform, identify errors, and improve performance
• Functional Cookies: Remember your preferences and settings to provide a personalized experience
• Analytics Cookies: Collect information about Platform usage, visitor behavior, and traffic sources
• Marketing Cookies: Track your online activity to deliver relevant advertisements and measure campaign effectiveness

6.2 Managing Cookies

You can control and manage cookies through your browser settings. Most browsers allow you to refuse or delete cookies, but this may impact your ability to use certain features of our Platform. For more detailed information about cookies and how we use them, please see our Cookie Policy.

7. Your Rights (GDPR/CCPA Compliance)

Depending on your jurisdiction, you may have certain rights regarding your personal information. These rights may include:

7.1 Rights Under GDPR (European Users)

• Right to Access: Request confirmation of whether we process your personal data and obtain a copy of your data
• Right to Rectification: Request correction of inaccurate or incomplete personal information
• Right to Erasure: Request deletion of your personal information under certain circumstances (the "right to be forgotten")
• Right to Restriction: Request that we limit the processing of your personal information in certain situations
• Right to Data Portability: Receive your personal information in a structured, commonly used format and transmit it to another controller
• Right to Object: Object to our processing of your personal information, particularly for direct marketing purposes
• Right to Withdraw Consent: Withdraw your consent at any time where we rely on consent to process your information
• Right to Lodge a Complaint: File a complaint with your local data protection authority

7.2 Rights Under CCPA (California Users)

• Right to Know: Request information about the personal information we collect, use, disclose, and sell about you
• Right to Delete: Request deletion of your personal information, subject to certain exceptions
• Right to Opt-Out: Opt-out of the sale of your personal information (note: we do not sell personal information)
• Right to Non-Discrimination: Exercise your privacy rights without receiving discriminatory treatment

7.3 How to Exercise Your Rights

To exercise any of these rights, please contact us at [email protected]. We will respond to your request within the timeframes required by applicable law (typically 30 days). We may need to verify your identity before processing your request to protect your privacy and security.

Please note that certain rights may be limited by legal requirements or the need to maintain the security and integrity of our Platform. For example, we may retain certain information for compliance with regulatory obligations, even after you request deletion.

8. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, comply with legal obligations, resolve disputes, and enforce our agreements. Our retention periods vary depending on the type of information and the purposes for which it is used:

• Account Information: Retained for the duration of your active account and for a period after account closure as required by applicable regulations (typically 5-7 years for financial records)
• Transaction Records: Retained for at least 5 years in compliance with AML and tax regulations, and may be retained longer if required by law
• KYC/Verification Documents: Retained for the period required by applicable regulations, typically 5-7 years after account closure
• Communications: Retained for as long as necessary to provide support, resolve disputes, or comply with legal obligations
• Marketing Preferences: Retained until you withdraw consent or request deletion
• Technical Logs: Typically retained for 90 days to 1 year for security and troubleshooting purposes

When we no longer have a legitimate business or legal need to retain your personal information, we will either delete or anonymize it. In some cases, we may retain aggregated, anonymized data indefinitely for analytical purposes.

9. International Data Transfers

BitPayPro operates globally and may transfer your personal information to countries outside of your country of residence, including countries that may not provide the same level of data protection as your home jurisdiction. When we transfer personal information internationally, we implement appropriate safeguards to protect your data:

• Standard Contractual Clauses: We use Standard Contractual Clauses approved by the European Commission for transfers from the European Economic Area (EEA)
• Adequacy Decisions: We transfer data to countries recognized by the European Commission as providing adequate protection
• Privacy Shield (where applicable): Compliance with applicable data transfer frameworks
• Data Processing Agreements: Contractual agreements with third-party processors requiring them to maintain appropriate security measures

By using our Platform, you acknowledge and consent to the transfer of your information to countries outside of your country of residence. If you have questions about international data transfers or would like more information about the safeguards we have in place, please contact us at [email protected].

10. Children's Privacy

Our Platform is not intended for, nor directed to, individuals under the age of 18 (or the legal age of majority in your jurisdiction). We do not knowingly collect, use, or disclose personal information from children under 18. Trading cryptocurrency and using financial services require legal capacity to enter into binding contracts.

If you are a parent or guardian and believe that your child has provided us with personal information without your consent, please contact us immediately at [email protected]. We will take reasonable steps to delete such information from our systems as soon as practicable.

By registering for an account, you represent and warrant that you are at least 18 years old (or the legal age of majority in your jurisdiction) and have the legal capacity to enter into this Privacy Policy.

11. Changes to This Privacy Policy

We reserve the right to modify, update, or replace this Privacy Policy at any time and for any reason. When we make changes, we will update the "Last updated" date at the top of this Privacy Policy. Material changes will be communicated to you through one or more of the following methods:

• Email notification to the address associated with your account
• Prominent notice on our Platform homepage or within your account dashboard
• In-app notification when you log in to your account
• Push notification to your mobile device (if you have enabled notifications)

Your continued use of the Platform after any changes to this Privacy Policy constitutes your acceptance of the revised Privacy Policy. We encourage you to review this Privacy Policy periodically to stay informed about how we collect, use, and protect your information. If you do not agree with any changes, you should discontinue use of our Platform and contact us to close your account.

For significant changes that materially affect your rights, we may require your explicit consent before the changes take effect, as required by applicable law.

12. Contact Information

If you have any questions, concerns, or requests regarding this Privacy Policy or our privacy practices, please do not hesitate to contact us. We are committed to addressing your inquiries promptly and transparently.

This Privacy Policy was last updated on December 23, 2025. Thank you for trusting BitPayPro with your personal information.