Privacy Policy

1. Introduction

Fiatbit Technologies d.o.o. (referred to as "we," "our," or "the Company") is committed to protecting your privacy and ensuring the security of your personal information. This Privacy Policy outlines how we collect, use, and safeguard the personal data of our customers and visitors.

Scope of Responsibility

Fiatbit Technologies d.o.o.:

• Manages personal data for all customers, regardless of their location.
• Fiatbit Technologies d.o.o. operates in accordance with the Croatian Act on the Protection of Personal Data and relevant international standards, including the GDPR.

Purpose of the Policy

This Privacy Policy describes:

• The types of personal data collected.
• How personal data is processed.
• Your rights regarding your data and how to exercise them.

Applicable Terms

This Privacy Policy is incorporated into, and forms part of, the Terms & Conditions of Fiatbit Technologies d.o.o.. By using our Services or Sites, you agree to the practices described in this Privacy Policy.

2. From Whom We Collect Personal Information

This Privacy Policy applies to the collection, use, and disclosure of personal information from the following categories of individuals:

1. Site Visitors

• Individuals who visit our website fiatbit.hr.
• May voluntarily provide contact information (e.g., name, email address) to pre-register for Services, receive communications, or interact with support.
• Personal information from Site Visitors is processed as necessary to respond to inquiries or provide requested services.

2. Users

• Individuals whose data we process to:
  • Provide Services through a cryptocurrency exchange or platform integrated with our systems.
  • Comply with regulatory obligations, including Anti-Money Laundering (AML) and Know Your Customer (KYC) requirements.

3. Customers

• Individuals who register as Customers to use our payment processing or cryptocurrency services.
• Personal information is collected to:
  • Authenticate identity and verify accounts.
  • Process transactions and ensure compliance with legal requirements.

3. Which Information We Collect

We collect various types of personal information that can identify or be used to identify individuals, depending on the nature of the interaction with our Services.

1. Information We Collect About Users

If you are a User of our Services, we may collect the following information:

Identity Information:

• Full name, date of birth, gender, country of residence.
• Physical address and billing address.
• Government-issued ID (e.g., passport, driver’s license) and details such as ID number, issuing country, and expiration date.
• Photo or video selfie for identity verification and fraud prevention.

Contact Information:

• Email address, phone number.

Financial Information:

• Wallet address, payment card details (processed by trusted third parties).

Device Information:

• IP address, browser type, operating system, and other unique device identifiers.

Behavioral Data:

• Keystrokes, mouse movements, and session activity on our Services.

Transaction Data:

• Transaction history, payment IDs, amounts deposited or withdrawn, and login history.

Risk and Compliance Data:

• Sanctions data, adverse media checks, geolocation, and other data used for fraud prevention and regulatory compliance.

2. Information We Collect About Site Visitors

If you visit our Sites, we may collect the following information:

Contact Information:

• Contact details (e.g., name, email address) provided when submitting forms or signing up for communications.

Log Files:

• IP address, system configuration, URLs of referring pages, local language preferences.

Cookies and Tracking Technologies:

• Data on how you interact with our Sites, which helps us improve functionality and marketing efforts.

3. Additional Information from Third-Party Sources

We may collect data from:

• Public sources (e.g., sanctions lists, credit card blacklists).
• Third-party vendors (e.g., identity verification providers, fraud detection services).

4. How Do We Collect Personal Information

We collect personal information through various methods, depending on how you interact with our Services or Sites.

1. Direct Collection

Through Registration and Service Use:

• When you register for our Services or complete transactions, you provide personal information directly, such as your name, address, government-issued ID, and payment details.

Through Customer Support:

• Personal data is collected when you contact us for assistance or submit inquiries.

Through Interactive Features:

• Information is provided when you use forms, surveys, or other features on our Sites.

2. Automatic Collection

When Using the Sites or Services:

• We automatically collect data, such as:
  • IP addresses and device information during login or transaction activities.
  • Behavioral data, including keystrokes, mouse movements, and browsing activities.

Cookies and Tracking Technologies:

• We use cookies, web beacons, and similar technologies to collect data about user interactions, preferences, and session activities.

3. Third-Party Sources

Publicly Available Sources:

• Sanctions lists, adverse media checks, and publicly accessible databases.

Third-Party Services:

• Identity verification providers, payment processors, and fraud detection services provide additional user data to meet compliance requirements.

5. What are the Purposes of the Collection of Information

We collect and process personal information for the following purposes:

1. Service Delivery

To provide and operate our Services, including:

• Processing transactions and payments.
• Facilitating identity verification and fraud prevention.
• Managing user accounts and authentication.

2. Regulatory Compliance

To fulfill legal and regulatory obligations, including:

• Conducting Know Your Customer (KYC) checks.
• Complying with Anti-Money Laundering (AML) regulations.
• Performing due diligence and risk assessments (e.g., sanctions, source of funds checks).

3. Fraud Detection and Security

To detect, prevent, and address:

• Fraudulent activities.
• Unauthorized access or use of the Services.
• Security vulnerabilities or technical issues.

4. Service Improvement

To analyze and improve our Services, including:

• Identifying user trends and preferences.
• Simplifying onboarding processes.
• Debugging errors and enhancing functionality.

5. Marketing and Communication

To send promotional offers or updates about our Services, provided you have given consent.

• You may withdraw your consent at any time by contacting us or following the un-subscription instructions included in our communications.

6. User Support

To respond to inquiries, support requests, or complaints effectively.

7. Legal and Contractual Obligations

To comply with subpoenas, legal processes, or governmental requests. To enforce our Terms & Conditions and investigate potential violations.

6. What are the Conditions for Processing of Personal Information

We process personal information based on the following legal grounds:

1. Fulfillment of a Contract

Processing is necessary to perform our contractual obligations, such as:

• Providing our Services.
• Managing transactions and user accounts.
• Complying with our Terms & Conditions.

2. Compliance with Legal Obligations

We process personal information to meet regulatory and statutory requirements, including:

• Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations.
• Tax reporting and fraud prevention laws.
• Law enforcement or governmental requests.

3. Legitimate Interests

We process data where it supports our legitimate interests or those of third parties, provided this does not override your rights and freedoms. Examples include:

• Improving and optimizing our Services.
• Enhancing security and fraud prevention measures.
• Conducting internal audits and compliance checks.

4. Consent

In certain cases, we rely on your consent to process personal information, such as:

• Sending marketing communications.
• Collecting additional data for specific purposes not covered by other legal grounds. You may withdraw your consent at any time by contacting us at the designated email address.

5. Special Categories of Personal Data

Processing may involve sensitive data, such as biometric information, where it is:

• Necessary for fraud prevention or identity verification.
• Required for regulatory compliance or law enforcement purposes.
• Permissible under applicable laws.

7. Sharing Information with Third Parties

We may share personal information with third parties for the purposes outlined in this Privacy Policy, as follows:

1. Service Providers and Partners

Third-Party Vendors:

• Identity verification and authentication services.
• Risk screening and fraud prevention providers.
• Payment processors and banking platforms.

Commercial Partners:

• Cryptocurrency exchanges and merchants that integrate with our Services.

Operational Support:

• Cloud service providers, analytics platforms, and marketing tools.

2. Regulatory and Legal Obligations

We may disclose information to comply with applicable laws and regulations, including:

• Anti-Money Laundering (AML) and Know Your Customer (KYC) checks.
• Requests from law enforcement or governmental authorities. Information may also be shared to prevent or address fraud, security threats, or illegal activities.

3. Internal Data Sharing

Data may be shared within Fiatbit Technologies d.o.o. for operational purposes, such as:

• Investigating fraud or suspicious activities.
• Enhancing platform security and user experience.
• Facilitating compliance with regulatory obligations across different jurisdictions.

4. During Business Changes

Personal information may be transferred as part of a business restructuring, such as:

• Mergers, acquisitions, or asset sales.
• Internal reorganizations within Fiatbit Technologies d.o.o..

5. Public Sources and Third-Party Checks

We may use public data and third-party sources to verify user information and comply with regulatory obligations.

6. Data Transfers

Personal information may be transferred to jurisdictions outside of Croatia for:

• Service delivery.
• Regulatory compliance. Such transfers will be protected by appropriate safeguards as required by applicable laws, including data protection agreements or standard contractual clauses.

7. User Notification

Where legally required, we will notify users before sharing their information with third parties, except in cases of fraud prevention or compliance with law enforcement requests.

By using our Services, you acknowledge and agree to the sharing of personal information with third parties as described above.

8. Retention of Personal Information

We retain personal information for as long as necessary to fulfill the purposes outlined in this Privacy Policy, including compliance with legal, regulatory, and contractual obligations.

1. Active Accounts

For users with an active account, we retain personal information for the duration of the account's activity.

2. Legal and Regulatory Obligations

We may retain personal information beyond the closure of your account to:

• Comply with Anti-Money Laundering (AML) and Know Your Customer (KYC) regulations.
• Meet tax reporting, audit, and other legal requirements.
• Respond to law enforcement or regulatory inquiries.

3. Legitimate Business Interests

Retention may also be necessary to safeguard legitimate interests, such as:

• Fraud prevention and monitoring.
• Resolving disputes or enforcing our Terms & Conditions.
• Maintaining accurate business and financial records.

4. Retention Periods

Specific retention periods may vary based on:

• Swiss legal requirements applicable to Fiatbit Technologies d.o.o..
• The type of data and its intended purpose.

5. Secure Disposal

Once retention periods have elapsed and data is no longer necessary, we securely delete or anonymize the information to ensure it cannot be reconstructed or used.

9. Minors

1. Age Requirement

The Services provided by Fiatbit Technologies d.o.o. are intended for individuals aged 18 years or older. We do not knowingly collect personal information from individuals under the age of 18.

2. Verification of Age

We reserve the right to request proof of age at any stage to ensure that minors are not using our Services.

3. Action in Case of Violation

If we discover that a person under the age of 18 has provided personal information or is using the Services:

• We will take steps to delete the information.
• The user will be prohibited from further accessing or using the Services.

4. Parental Responsibility

Parents or guardians who believe that a minor has provided personal information to Fiatbit Technologies d.o.o. should contact us at [email protected] for immediate action.

By using our Services, you confirm that you meet the age requirement and understand our policies regarding minors.

10. Tracking Technologies

Fiatbit Technologies d.o.o. might use tracking technologies to improve the functionality, security, and user experience of the Services and Sites.

1. Types of Tracking Technologies

• Cookies: Small data files stored on your device to remember your preferences and activity.
• Web Beacons: Transparent images used to monitor user activity and gather analytics.
• Pixel Tags and Scripts: Used to improve navigation and track interactions with the Sites.
• Local Storage: Enables automatic activation of certain features and enhances ease of use.

2. Purposes of Tracking Technologies

• Functionality: To enable core features, such as secure login and transaction processing.
• Performance: To gather data on how users interact with the Sites and Services for improvement purposes.
• Personalization: To provide a tailored user experience based on individual preferences.
• Fraud Prevention: To detect suspicious activities and protect user accounts.
• Marketing: To deliver targeted advertisements and promotional content.

3. Your Choices Regarding Tracking Technologies

You can manage your preferences by adjusting your browser or device settings to:

• Block or delete cookies.
• Disable specific tracking technologies.

Please note that disabling certain tracking technologies may impact your ability to use some features of the Sites and Services.

4. Third-Party Tracking

Some tracking technologies may be provided by third-party service providers, such as analytics and marketing platforms. We do not control third-party tracking technologies and recommend reviewing their respective privacy policies for further details.

11. Your Rights

As a user of the Services provided by Fiatbit Technologies d.o.o., you have specific rights regarding your personal data, in accordance with Swiss data protection laws and other applicable regulations.

1. Access and Rectification

You have the right to request access to the personal data we hold about you. If any information is inaccurate or incomplete, you can request that it be corrected or updated.

2. Data Portability

You may request a copy of the personal data you provided to us in a structured, commonly used, and machine-readable format. You can also request that we transfer this data directly to another service provider, where technically feasible.

3. Restriction and Objection

You can request that we restrict the processing of your personal data in specific circumstances, such as if you contest the accuracy of the data or object to processing based on our legitimate interests.

4. Data Deletion

You can request that we delete your personal data, provided:

• The data is no longer necessary for the purposes for which it was collected.
• There are no overriding legal or regulatory obligations requiring its retention.

5. Consent Withdrawal

If our processing of your data is based on your consent, you have the right to withdraw it at any time. Withdrawal of consent does not affect the lawfulness of processing based on consent before its withdrawal.

6. Automated Decision-Making and Profiling

You have the right not to be subject to decisions based solely on automated processing, including profiling, that significantly affect you. Exceptions apply if the decision is:

• Necessary for entering into or performing a contract.
• Authorized by applicable laws.
• Based on your explicit consent.

7. Filing Complaints

If you believe that your rights have been violated, you have the right to file a complaint with the relevant data protection authority:

• For Swiss and international users: Contact the Swiss Federal Data Protection and Information Commissioner (FDPIC).

8. How to Exercise Your Rights

You can exercise your rights by contacting us at the following email address:

• Fiatbit Technologies d.o.o.: [email protected]

Please note that your rights may be subject to legal or regulatory limitations, and we may need to retain certain information to comply with our obligations.

12. Security

Fiatbit Technologies d.o.o. is committed to safeguarding the personal information of our users and implementing robust security measures to protect against unauthorized access, alteration, disclosure, or destruction of your data.

1. Security Measures

We employ industry-standard procedures and technologies to secure your personal information, including:

• Encryption: All sensitive data is encrypted during storage and transmission using advanced encryption protocols.
• Access Control: User accounts are protected by multi-factor authentication (MFA), including email or SMS codes and biometric verification.
• Intrusion Detection Systems: Systems continuously monitor for unauthorized access and malicious activity.
• Data Minimization: We only collect and store the data necessary for the purposes outlined in this Privacy Policy.

2. User Responsibilities

To help ensure the security of your personal information, users are responsible for:

• Keeping their account credentials confidential.
• Using strong, unique passwords and updating them regularly.
• Reporting any unauthorized access or suspicious activity to us immediately.

3. Response to Security Incidents

In the event of a data breach or security incident, we will:

• Notify affected users promptly if their data is at risk.
• Take immediate steps to contain and mitigate the incident.
• Collaborate with relevant authorities and comply with legal notification requirements.

4. No Guarantee of Absolute Security

While we take extensive measures to protect your data, no security system is entirely foolproof. Therefore, we cannot guarantee the absolute security of your information.

5. Regional Compliance

Fiatbit Technologies d.o.o. ensures compliance with Swiss Federal Data Protection laws and applicable international standards.

If you have questions or concerns about the security of your data, please contact us at:

• Email: [email protected]

13. Third Party Websites

While using the Services provided by Fiatbit Technologies d.o.o., you may encounter links to third-party websites or services. Please note the following:

1. Independence of Third-Party Websites

• Third-party websites and services operate independently from Fiatbit Technologies d.o.o..
• We do not own, control, or take responsibility for the content, policies, or practices of these third-party websites.

2. Use of Cookies and Tracking by Third Parties

• Third-party websites may use cookies, tracking technologies, or other tools to collect non-personal or personal information about you.
• Fiatbit Technologies d.o.o. is not responsible for the data collection practices of these third parties.

3. User Responsibility

• We encourage you to review the privacy policies and terms of use of any third-party website or service you interact with.
• By following links to external sites, you assume responsibility for your interactions with those websites.

4. No Liability for Third-Party Websites

• Fiatbit Technologies d.o.o. is not liable for any damages, losses, or issues arising from your use of third-party websites or services.

5. Examples of Third-Party Services

Examples of third-party services that may be integrated into our platform or recommended during your use of the Services include:

• Payment gateways.
• Identity verification providers.
• Cryptocurrency exchanges or wallets.

Contact Information

If you have questions about any third-party websites or services you encounter while using our Services, please contact us at:

• Email: [email protected]

By using our Services, you acknowledge and accept that we are not responsible for the practices or actions of third-party websites.

14. Changes to the Privacy Policy

Fiatbit Technologies d.o.o. reserves the right to update or modify this Privacy Policy at any time to reflect changes in our practices, legal obligations, or other relevant considerations.

1. Notification of Changes

Substantial changes to this Privacy Policy will be communicated through one or more of the following methods:

• Posting an updated version on our website (fiatbit.hr).
• Sending a notification to the email address associated with your account.

2. Effective Date

• Changes will take effect seven (7) days after the notification has been provided, unless otherwise specified.
• For urgent changes required to comply with legal or regulatory requirements, modifications may become effective immediately upon publication.

3. User Responsibility

• It is your responsibility to review this Privacy Policy periodically to stay informed about how your personal information is being protected and processed.

4. Continued Use of Services

• Your continued use of the Services after changes to this Privacy Policy constitutes your acceptance of the updated terms.

Contact Information

If you have any questions or concerns about updates to this Privacy Policy, you can contact us at:

• Email: [email protected]

15. Have Any Questions?

If you have any questions, concerns, or comments regarding this Privacy Policy or the manner in which your personal information is processed, you can contact us at any time.

Contact Information

• Email: [email protected]
• Postal Address: Fiatbit Technologies d.o.o. Preradoviceva ulica 40 10000 Zagreb Croatia

Language Support

We strive to provide assistance in your preferred language whenever possible. If you require this Privacy Policy or any related communication in another language, we will accommodate the request for a standard market fee to be agreed upon in advance.

Response Time

We aim to respond to inquiries within a reasonable timeframe. If your question requires extensive research or collaboration with third parties, we will inform you of the expected timeline.

Additional Information

You may also contact your local data protection authority if you believe your rights under applicable data protection laws have been violated.