Privacy Policy

Last updated: 2026-02-17

We are committed to protecting your personal data and respecting your privacy. This Privacy Policy explains how we collect, use, store, share, and protect your information when you use our cryptocurrency exchange platform, website, and related services ("Services"). It also describes your rights regarding your personal data. Please read this policy carefully.

1. Introduction and Data Controller

This Privacy Policy applies to all users of our Platform. The data controller responsible for your personal data is the entity operating this Platform. Our contact details are available through the Platform. We process your data in accordance with applicable data protection laws including the General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA), and other jurisdictional requirements.

2. Information We Collect

We collect several categories of information:

2.1 Information You Provide: Name, email address, phone number, date of birth, residential address, government-issued identification, proof of address, selfie for verification, source of funds documentation, and any other information you submit during registration or verification (KYC/AML).

2.2 Transaction Information: Trading history, deposit and withdrawal records, wallet addresses, transaction amounts, P2P trade details, staking positions, copy trading allocations, fee payments, and payment method details.

2.3 Technical and Usage Data: IP address, device type, browser type, operating system, unique device identifiers, referring URLs, pages visited, time spent on pages, clickstream data, and other usage analytics.

2.4 Communications: Records of your communications with our support team, including chat logs, emails, and support tickets.

2.5 Cookies and Similar Technologies: Information collected through cookies, pixel tags, and similar technologies. See our Cookie Policy for details.

3. How We Use Your Information

We use your personal data for the following purposes:

• Service Provision: To create and manage your account, process transactions, execute trades, facilitate deposits and withdrawals, and provide staking and copy trading services.
• Identity Verification: To comply with KYC/AML requirements, verify your identity, and prevent fraud and financial crime.
• Security: To protect the Platform, detect and prevent fraud, money laundering, and other illegal activities, and ensure the security of your account.
• Communications: To respond to your inquiries, send transactional notifications, service updates, and security alerts.
• Legal Compliance: To comply with legal obligations, respond to lawful requests from authorities, and enforce our terms.
• Improvement: To analyze usage patterns, improve our Services, develop new features, and conduct research.
• Marketing: With your consent, to send promotional communications about our Services. You may opt out at any time.

4. Legal Basis for Processing (GDPR)

Where GDPR applies, we process your data based on:

• Contract Performance: Processing necessary to provide our Services under our agreement with you.
• Legal Obligation: Processing required to comply with AML, KYC, tax, and other legal requirements.
• Legitimate Interests: Processing for our legitimate interests such as fraud prevention, security, and platform improvement, where not overridden by your rights.
• Consent: Where we have obtained your explicit consent for specific processing (e.g., marketing, certain cookies).

5. Information Sharing and Disclosure

We may share your information with:

• Service Providers: Hosting providers, payment processors, identity verification services, analytics providers, customer support tools, and other vendors who assist our operations under strict data processing agreements.
• Affiliates: Entities within our corporate group for operational purposes.
• Regulatory and Law Enforcement: When required by law, court order, or government request, or to protect our rights and the rights of others.
• Professional Advisors: Lawyers, auditors, and consultants under confidentiality obligations.
• Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate safeguards.

We do not sell your personal data to third parties. We do not share your data for third-party marketing purposes without your consent.

6. International Data Transfers

Your data may be transferred to and processed in countries outside your country of residence, including countries that may not provide the same level of data protection. When we transfer data internationally, we implement appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or other mechanisms recognized by applicable law. You may request details of these safeguards by contacting us.

7. Data Retention

We retain your personal data for as long as your account is active and as necessary to provide our Services. After account closure, we retain data as required by law—typically 5 to 7 years for financial and transaction records under AML regulations. We may retain certain data longer for legal claims, compliance, or legitimate business purposes. Anonymized or aggregated data may be retained indefinitely for analytics.

8. Your Rights

Depending on your jurisdiction, you may have the following rights:

• Access: Request a copy of your personal data we hold.
• Rectification: Request correction of inaccurate or incomplete data.
• Erasure: Request deletion of your data, subject to legal retention requirements.
• Restriction: Request limitation of processing in certain circumstances.
• Portability: Request transfer of your data to another service provider in a structured format.
• Objection: Object to processing based on legitimate interests or for direct marketing.
• Withdraw Consent: Where processing is based on consent, withdraw it at any time.
• Complaint: Lodge a complaint with a supervisory authority in your jurisdiction.

For CCPA (California residents): You have the right to know, delete, correct, and opt out of the "sale" or "sharing" of personal information. We do not sell personal information as defined under CCPA.

To exercise your rights, contact us through the Platform or our designated privacy contact. We will respond within the timeframe required by applicable law (typically 30 days). We may need to verify your identity before processing requests.

9. Data Security

We implement industry-standard technical and organizational measures to protect your personal data, including: encryption in transit (TLS) and at rest (AES); access controls and authentication (including 2FA); secure development practices; regular security assessments; employee training; and incident response procedures. While we strive to protect your data, no method of transmission or storage is 100% secure. You are responsible for maintaining the confidentiality of your account credentials.

10. Children's Privacy

Our Services are not intended for individuals under 18 years of age. We do not knowingly collect personal data from children. If we learn that we have collected data from a child, we will delete it promptly. If you believe we have collected data from a child, please contact us.

11. Cookies and Tracking

We use cookies and similar technologies for authentication, security, preferences, analytics, and marketing (with consent). For detailed information, please see our Cookie Policy. You can manage your cookie preferences through your browser settings or our cookie banner.

12. Third-Party Links

Our Platform may contain links to third-party websites or services. We are not responsible for their privacy practices. We encourage you to read their privacy policies before providing any information.

13. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on the Platform and updating the "Last updated" date. For significant changes, we may provide additional notice (e.g., email or in-app notification). Your continued use after changes constitutes acceptance. We recommend reviewing this policy periodically.

14. Contact Us

For privacy inquiries, to exercise your rights, or to contact our Data Protection Officer, please use the contact options available through the Platform. We typically respond within 30 days. For EU/EEA residents, you also have the right to lodge a complaint with your local data protection supervisory authority.