Privacy Policy
This Privacy Policy outlines our practices regarding the collection, utilization, and disclosure of your information while you engage with our services. It is crucial to read this Privacy Policy alongside any other privacy notice we may provide when collecting or processing your personal data. This ensures that you have a complete understanding of how and why we utilize that data.
Data Privacy Contact
For any privacy-related inquiries, please reach out to our Data Privacy Manager at: contact@satoshiportal.com.
Please note that while we provide translations of our Privacy Policy for your convenience, in the event of any discrepancy or conflict, the English language version shall prevail.
Last update: 2024-01-17
1. Definitions
Personal Data: Any information relating to an identified or identifiable individual.
Processing: Any operation performed on personal data, such as collection, storage, use, or disclosure.
Data Controller: The entity that determines the purposes and means of processing personal data.
Data Processor: The entity that processes personal data on behalf of the data controller.
2. Consent
General Consent
We only use your information with your consent or as authorized by law. We obtain your consent to collect, use, disclose, and store your personal information when you:
Register for an account
Use our services
Request to verify your identity to upgrade to the Verified level
Communicate or interact with us.
By using our services, you - the "User" - give your affirmative consent to the practices stated in this Privacy Policy. This includes complying with all related terms and conditions as well as adhering to applicable laws and regulations. Your consent, which supersedes any previous versions, remains valid throughout your relationship with Satoshi Portal. If you disagree with any part of the Privacy Policy, we respectfully advise against utilizing our Services.
3. Legal Bases for Processing
We process your personal data based on the following legal bases:
Consent: Where you have given us explicit permission to process your data for specific purposes.
Performance of a Contract: Where processing is necessary for the performance of a contract with you.
Legal Obligations: Where we are required to process your data to comply with legal obligations.
Legitimate Interests: Where processing is necessary for our legitimate interests, provided your interests and fundamental rights do not override these interests.
4. Information We Collect
Here's a detailed breakdown of the types of information we collect during your interaction with our services, why we collect it, and when we may share it with third parties.
Personal Information
Email address: We collect email addresses to enable users to log in to the Bull Bitcoin application, confirm transactions, contact users, and send updates. Your email address may be shared with identity verification services and payment service providers.
First and last name: We collect your full name to comply with KYC/AML regulations, verify residency, prevent fraud, and facilitate transactions. Your name may be shared with identity verification services and payment service providers.
Phone number: We collect your phone number for KYC/AML compliance, fraud prevention, and as an additional contact method. Your phone number may be shared with identity verification services and payment service providers.
Residential address: We collect your address for KYC/AML compliance and residency verification. Your address may be shared with identity verification services and payment service providers.
Date of birth: We collect your date of birth for KYC/AML compliance. Your date of birth may be shared with identity verification services and payment service providers.
Occupation and source of funds: We collect your occupation for KYC/AML compliance. This information is not shared.
IP address and device information: Automatically collected for account security and fraud prevention. This information may be shared with identity verification services.
Identification documents and selfies for manual verification: Collected for KYC/AML compliance. This information is not shared.
Identification documents and selfies for automated verification: Collected for KYC/AML compliance and fraud prevention. This information may be shared with identity verification services and payment service providers.
Identity Verification Services
MaxMind Inc: IP address, browser information, and email address may be shared for fraud prevention.
Telesign Corporation: Phone number may be shared for fraud prevention.
ESC Corporate Services Ltd: Name, address, date of birth, and phone number may be shared for identity verification. Data is deleted 24 hours after submission.
Incode Technologies: ID and face verification data shared for identity verification. Data is deleted 30 days after review. Incode uses 256-bit TLS encryption and is SOC 2 Type II Compliant.
Payment Service Providers and Banks
When sending money to Bull Bitcoin, your bank or payment service provider collects your information.
For withdrawals or bill payments, we share payment information with our processing partners or banks.
Bull Bitcoin Orders and Transaction Data
Transaction Logs: Collected and stored for compliance, accounting, and user information.
Bitcoin Addresses: Collected for transaction purposes and fraud prevention.
Bitcoin Transaction IDs: Collected and stored for compliance, user information, and fraud prevention.
Communications
Communications via Bull Bitcoin platform are retained for audit purposes, customer service improvement, fraud prevention, and user information. Data is not shared unless required by law.
Information Shared with FINTRAC
This only applies to Canadian users.
Suspicious Transactions: Reports submitted for suspected money laundering or terrorist financing.
Large Virtual Currency Transactions: Reports for transactions of $10,000 or more, or multiple transactions totaling $10,000 within 24 hours.
Legal Requests
Data may be shared with regulatory authorities, self-regulatory organizations, law enforcement, or third parties if required by law.
5. Data Protection, Storage, and Retention
We are committed to keeping your information safe. We employ technological and administrative safeguards to protect your data. However, no service can be completely secure. If you have concerns about a data breach, please contact us immediately.
We retain your personal information as necessary, subject to applicable laws and regulations, generally for 5 to 7 years post-last transaction.
Data is securely deleted or de-identified after the retention period. Deletion permanently erases data, while de-identification prevents identification of individuals.
If your personal data is transferred outside of your jurisdiction, we ensure it is protected by appropriate safeguards such as adequacy decisions, standard contractual clauses, or other mechanisms.
Our services are not for individuals under 14. We do not collect data from children under 14 without parental consent. If a child provides data without consent, we remove it and terminate the account.
6. Your Rights to Your Data
You have the right to access and obtain a copy of your personal data. If information is inaccurate, you can request changes. Requests must provide enough detail for us to identify the information.
You may object or withdraw consent to our data processing under certain conditions. Removing consent may impact our ability to serve you and may be subject to legal limitations.
You can unsubscribe from promotional emails by clicking the “Unsubscribe” link in the email or contacting us.
To exercise your rights, contact us via the chat box of your Bull Bitcoin account.
7. Cookies and Tracking Technologies
We use cookies and similar tracking technologies to enhance your experience on our platform. Cookies are small data files stored on your device.
Essential Cookies: Necessary for the operation of our website.
Performance Cookies: Collect information about how you use our website.
Functional Cookies: Remember your preferences and personalize your experience.
Targeting Cookies: Deliver advertisements relevant to you and your interests.
You can manage your cookie preferences through your browser settings. Disabling cookies may affect the functionality of our services.
8. Jurisdiction-Specific Information
For users in the European Union, we comply with the General Data Protection Regulation (GDPR). This includes:
Lawful Basis for Processing: Processing personal data based on consent, contract, legal obligation, legitimate interests, or other lawful bases.
Data Subject Rights: EU users have the right to access, rectify, erase, restrict, and object to the processing of their personal data. They also have the right to data portability.
Data Protection Officer (DPO): We have appointed a DPO to oversee GDPR compliance. You can contact our DPO at dpo@satoshiportal.com.
Data Breach Notification: In the event of a data breach, we will notify affected individuals and relevant authorities as required by GDPR.
International Transfers: Personal data transferred outside the EU is protected by appropriate safeguards such as standard contractual clauses.
For users in Canada, we comply with the Personal Information Protection and Electronic Documents Act (PIPEDA). This includes obtaining consent for data collection and ensuring data is protected and used appropriately.
For users in Costa Rica, we comply with the Ley de Protección de la Persona frente al Tratamiento de sus Datos Personales (Law No. 8968). This includes ensuring data is collected, processed, and stored in accordance with the law.
For users in Mexico, we comply with the Federal Law on the Protection of Personal Data Held by Private Parties (LFPDPPP). This includes obtaining consent for data collection and ensuring data is protected and used appropriately.
9. Updates to Our Privacy Policy
We may update this Privacy Policy occasionally. Significant changes will be communicated via our website. Changes are effective as of the date indicated on the Privacy Policy.
Last updated
