BITVAL EXCHANGE LLC, SRL. – a limited liability company, having registered at Panama city, Republic of Panama, under Registration Number: 155770009.
The www.bitval.com is a Web browser application that provides users with the opportunity to conduct spot trading of virtual currencies. Bitval (referred to as “Us” and “We” below) is committed to protecting your privacy. This privacy policy (this “Policy”) sets out how We collect and process personal information about you when you visit and/or use our platform (referred to as the “Platform” below) or if you sign up for our newsletter.
1. Information We collect.
Bitval collects personal data to operate the Platform effectively and provide you with a secure and tailored user experience. You provide some of this data directly—for example, when you create an account, subscribe to our newsletter, or communicate with us. We also collect data automatically based on how you interact with the Platform, including through cookies and similar technologies.
You have control over the information you provide. However, if you choose not to provide certain information necessary for Us to deliver services or comply with legal requirements, We may be unable to provide full access to the Platform or complete certain transactions.
We may collect the following categories of information:
Full name (first and last);
Email address;
Phone number;
Date of birth;
Nationality or country of residence;
Government-issued identification (e.g., passport, driver’s license, national ID);
Proof of address (e.g., utility bill, bank statement);
IP address and geolocation data;
Operating system and device information;
Referring URLs and activity logs on the Platform.
Crypto wallets used for deposit & withdrawal
Depending on the nature of your interactions with Bitval and the type or size of your transaction requests, We may be legally required to request additional information to verify your identity, assess risk, or comply with anti-money laundering (AML) and counter-terrorism financing (CTF) obligations.
2. What do We use your information for?
We use the data We collect to operate our business and to make the Platform available to you. This includes using the data to improve our Platform and personalise your experiences. We may also use the data to communicate with you. We may also use the data to manage your email subscriptions, improve the relevance and security of our Platform, respond to user enquiries, and send you periodic marketing communications about our services.
We use data to provide the Platform to you, improve it, and perform essential business operations. This includes the following:
Technical support. We use data to diagnose problems and provide customer care and support services.
Improving the App. We use data to continually improve the Platform, including system administration, system security, and adding new features or capabilities.
Business Operations. We use data to develop aggregated analyses and business intelligence that enable Us to operate, protect, make informed decisions, and report on the performance of our business.
Promotions. We may use your data to administer contests, promotions, surveys, or other features.
Improving Advertising Campaigns. We may use your data to improve our advertising campaigns, primarily to prevent targeting you with advertisements that are not relevant to you.
Sending Periodic Emails. We may use your data to send you periodic emails. We may send you occasional marketing emails, which you can unsubscribe from at any time using the link provided in the message.
Communications. We use the data We collect to communicate with you and to personalise our communications with you.
3. How We protect your information?
We implement a variety of security measures to maintain the safety of your personal information. We use a secure server, Secure Socket Layer (SSL) technology and encrypt the data into our gateway providers’ database only to be accessible by those authorised with special access rights to such systems and are required to keep the information confidential. We have enforced internal data privacy policies regarding all the personal data you submit to Us in order to process it in a compliant and transparent way.
4. How do We ensure that our processing systems remain confidential, resilient, and available?
We implement a variety of measures to ensure that our processing systems remain confidential, resilient and available. Specifically, We have implemented processes to help ensure high availability, business continuity and prompt disaster recovery. We commit to maintaining strong physical and logical access controls and conduct regular penetration testing to identify and address potential vulnerabilities.
The Platform utilises properly provisioned servers (e.g. multiple load balancers, Web servers, replica databases) in case of failure. We take servers out of operation as part of regular maintenance without impacting availability. We keep encrypted backups of data daily. In the case of production data loss (i.e. primary database loss), We will restore organisational data from these backups. Only designated, authorised operations team members have access to configure the infrastructure on an as-needed basis. Specific private keys are required for individual servers, and keys are stored in a secure and encrypted location.
5. Do We use cookies?
Yes. Cookies are small files that a site or its service provider transfers to your computer’s hard drive through your Web browser (if you allow it), which enables the site or service provider’s systems to recognise your browser and capture and remember certain information. In the event you request or attempt to disable any of the functionality cookies, your ability to use or access certain parts of the Platform may be affected.
6. Links to Other Sites.
Our Platform may contain links to other sites. You will be directed to that site if you click on a third-party link. Note that We do not operate these external sites. Therefore, We strongly advise you to review the Privacy Policy of these Websites. We have no control over and assume no responsibility for the content, privacy policies, or practices of any third-party sites or services.
7. Your rights as a data subject.
We are committed to respecting your privacy and handling your personal data in a lawful, fair, and transparent manner. You are entitled to certain rights to ensure the protection of your personal data. These rights include, where applicable:
Right of information and access
You have a right to be informed about processing your personal data (and if you did not give it to us, information as to the source), and this Policy intends to provide the information. Of course, if you have any further questions, feel free to contact us.
Right to rectification
You have the right to have any inaccurate personal information about you rectified and to have any incomplete personal information about you completed. You may also request that We restrict the processing of that information. The accuracy of your data is important to us. Contact Us if you do not want Us to use your personal information in the manner set out in this Policy, need to advise Us of any changes to your personal information, or would like more information about how We collect and use your personal information.
Right to erasure (Right to be ‘forgotten’)
You have the general right to request the erasure of your personal information in the following circumstances:
the personal data is no longer necessary for the purpose for which it was collected;
you withdraw your consent to consent-based processing, and no other legal justification for processing applies;
you object to processing for direct marketing purposes;
we unlawfully processed your personal information;
erasure is required to comply with a legal obligation that applies to us.
We will proceed to comply with an erasure request without delay unless continued retention is necessary for the following:
Exercising the right of freedom of expression and information;
Complying with a legal obligation under EU or other applicable law;
The performance of a task carried out in the public interest;
Archiving purposes in the public interest, scientific or historical research purposes, or statistical purposes, under certain circumstances;
The establishment, exercise, or defence of legal claims.
Right to restrict processing and right to object to processing
You have a right to restrict the processing of your personal information, such as where:
you contest the accuracy of the personal data;
where processing is unlawful, you may request, instead of requesting erasure, that We restrict the use of the unlawfully processed personal data;
we no longer need to process your personal data but need to retain your information for the establishment, exercise, or defence of legal claims.
You also have the right to object to processing your personal information under certain circumstances, such as where the processing is based on your consent, and you withdraw that consent. This may impact our services, and We will explain this to you if you decide to exercise this right.
Right to data portability
Where the legal basis for our processing is your consent or the processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract, you have a right to receive the personal information you provided to Us in a structured, commonly used and machine-readable format, or ask Us to send it to another administrator.
Right to freedom from automated decision-making
We do not use automated decision-making, but where any automated decision-making takes place, you have the right to express your point of view and to contest the decision, as Well as request that decisions based on automated processing concerning you or significantly affecting you and based on your personal data are made by natural persons, not only by computers.
Right to object to direct marketing (‘opting out’)
You have a choice about whether or not you wish to receive information from us. We will not contact you for marketing purposes unless you have a business relationship with Us or you have freely given your prior consent (such as when you sign-up for our newsletter). In the event you would like to receive marketing information from us, you are able to active the checkbox during your registration.
On each marketing communication and/or newsletter, We will always provide the option for you to exercise your right to object to processing your personal data for marketing purposes (opting out) by clicking on the ‘unsubscribe’ button in the emails you receive. You may also opt out at any time by contacting Us directly. Please note that any administrative or service-related communications (to offer our services or notify you of an update to this Privacy Policy or applicable terms of business, etc.) will solely be directed at our clients or business partners, and such communications generally do not offer an option to unsubscribe as they are necessary to provide the services requested. Therefore, please be aware that your ability to opt out from receiving marketing and promotional materials does not change our right to contact you regarding your use of our Platform or as part of a contractual relationship We may have with you.
Right to request access
You also have a right to access the information We process about you. We will provide you with details of your personal data that We hold or process. To protect your personal data, We follow set storage and disclosure procedures, which means We will require proof of identity from you before disclosing such information. You can exercise this right at any time by contacting us.
Right to withdraw consent
Where the legal basis for processing your personal information is your consent, you have the right to withdraw that consent at any time by contacting us.
Right to object to how We process your personal data
If you wish to object to how We process your personal data, you can submit a written complaint, and We will investigate the matter.
You also have the right to lodge a complaint with the supervisory authority in the country of your habitual residence, place of work, or the place where you allege an infringement of one or more of your rights has taken place.
Right to file a complaint
In case of an alleged violation of the laws applicable to personal data protection, you can file a complaint to the Lead Supervisory Authority for personal data protection for Bitval.
8. Data Retention.
We may retain your personal data as long as you continue to use the Platform or as long as necessary to fulfil the purposes outlined in this Policy. We may retain personal information for an additional period as is permitted or required under applicable laws, for legal, tax, or regulatory reasons or legitimate and lawful business purposes.
9. Changes to our Privacy Policy.
We will update and amend this Policy when necessary to reflect changes to our Platform and business model. When We post changes to this statement, We will revise the "Amended" date at the top of the Policy. We encourage you to review this Policy periodically to learn how Bitval protects your information.
10. How to Contact Us.
If you have any privacy concerns, complaints or questions, please contact Us at: support@bitval.com
We will respond to questions or concerns within 30 days. Unless otherwise stated, Bitval is a data controller for personal data We collect through the Platform subject to this Privacy policy.
