Issue DATE: 01/08/2023
In this policy, we, us, our and BC Exchange refer to BC Technology Pvt. Ltd. For more information about us and how to contact us, see Section 11.
We respect your privacy and are committed to protecting it through our compliance with this Policy.
Please read this Policy carefully to understand our policies and practices regarding your personal data and how we will treat it.
There are three general categories of personal data we collect.
2.1 INFORMATION YOU GIVE TO US.
(a) We collect your account data, which may include personal identification information such as your name, date of birth, age, nationality, gender, signature, utility bills, photographs, phone number, home address, and/or email address, and formal identification information such as Tax ID number, passport number, drivers license details, national identity card details, photograph identification cards, and/or visa information (collectively, Account Data). The Account Data may be processed for the purposes of providing to you our Services, satisfying anti-money laundering and know-your-customer obligations, and ensuring the security of the Services, maintaining back-ups of our databases and communicating with you. This information is necessary for the adequate performance of the contract between you and us and to allow us to comply with our legal obligations. Without it, we may not be able to provide you with all the requested Services.
(b) We process financial information such as bank account, credit card/debit card or PayPal information when you order Services in order to facilitate the processing of payments (Payment Information). The legal basis for this processing is the performance of a contract between you and us and/or taking steps, at your request, to enter into such a contract and our legitimate interests, namely our interest in the proper administration of our website and business.
(c) We may process information contained in or relating to any communication that you send to us (Correspondence Data). The Correspondence Data may include the communication content and metadata associated with the communication. The correspondence data may be processed for the purposes of communicating with you and record-keeping. The legal basis for this processing is our legitimate interests, namely the proper administration of our website and business and communications with users.
(d) We may process information included in your personal profile, which may include your location, time zone and website (Profile Data). The Profile Data may be processed for the purposes of providing you a better user experience when using the Services. The legal basis for this processing is your consent.
2.2 INFORMATION WE AUTOMATICALLY COLLECT FROM YOUR USE OF THE SERVICES.
When you use the Services, we may automatically process information about your computer and internet connection (including your IP address, operating system and browser type), your mobile carrier, device information (including device and application IDs), search terms, cookie information, as well as information about the timing, frequency and pattern of your service use, and information about to the transactions you make on our Services, such as the name of the recipient, your name, the amount and type of crypto currency and timestamp (Service Data). The Service Data is processed for the purpose of providing our Services. The legal basis for this processing is the adequate performance of the contract between you and us, to enable us to comply with legal obligations and our legitimate interest in being able to provide and improve the functionalities of the Services.
2.3 INFORMATION WE COLLECT FROM THIRD PARTIES. From time to time, we may obtain information about you from third party sources as required or permitted by applicable law, such as public databases, credit bureaus, ID verification partners, resellers and channel partners, joint marketing partners, and social media platforms. ID verification partners use a combination of government records and publicly available information about you to verify your identity. Such information includes your name, address, job role, public employment profile, credit history, status on any sanctions lists maintained by public authorities, and other relevant data. We obtain such information to comply with our legal obligations, such as anti-money laundering laws. The legal basis for the processing such data is compliance with legal obligations.
3.1 We may disclose your personal data to any member of our group of companies (this means our subsidiaries, our ultimate holding company and all its subsidiaries) insofar as reasonably necessary for the purposes, and on the legal bases, set out in this policy. We may additionally share your personal data with third-party service providers who assist us in providing and improving our Services. These service providers may include hosting providers, payment processors, analytics providers.
3.2 We may disclose Service Data to a variety of third party service providers insofar as reasonably necessary to improve the functionalities of the Services.
3.3 We may share aggregated data (information about our users that we combine together so that it no longer identifies or references an individual user) and other anonymized information for regulatory compliance, industry and market analysis, demographic profiling, marketing and advertising, and other business purposes.
3.4 In the event of a dispute in P2P transaction, we may disclose some of your Personal Data with the counter party to such transaction to the extent we deem required, in our valid discretion, to resolve the dispute.
3.5 In addition to the specific disclosures of personal data set out in this Section 3, we may disclose your personal data if we believe that it is reasonably necessary to comply with a law, regulation, legal process, or governmental request; or in order to protect your vital interests or the vital interests of another natural person; to protect the safety or integrity of the Services, or to explain why we have removed content or accounts from the Services; or to address fraud, security, or technical issues; or to protect our rights or property or the rights or property of those who use the Services.
4.1 When you engage in cryptocurrency transactions on our platform, your personal data, such as transaction details and wallet addresses, may be processed and stored on a blockchain network. Blockchain networks are decentralized and distributed across multiple locations, which may include countries with varying data protection laws.
4.2 The nature of the internet and blockchain technology involves the transmission of data on a global scale. As a result, your personal data may pass through and be stored on servers located in multiple countries, including countries that may not have the same level of data protection laws as your country of residence.
4.3We take appropriate measures to ensure the security and protection of your personal data during international transfers. These measures may include the use of encryption, secure data transmission protocols, and contractual agreements with service providers to safeguard your data.
4.4 The data that may be transferred during international data transfers includes but not limited to, Transaction Data, User Account Information, Payment Information, Personal Identification Details, Communication Data, Analytics Data, Device Information.
In this Section 5, we have summarized the rights that you have under data protection law based on whether you are (an EEA Resident) or you are not a resident of the EEA (a Non- EEA Resident). Some of the rights are complex, and not all of the details have been included in our summaries. Accordingly, you should read the relevant laws and guidance from the regulatory authorities for a full explanation of these rights.
5.1 Non-EEA Residents. If you are a Non- EEA Resident, you may access and verify your Personal Information held by BC Exchange by submitting a written request to us at email@example.com Or firstname.lastname@example.org
5.2 EEA Residents. If you are a EEA Resident, your principal rights under data protection law are:
(a) The right to access;
(b) The right to rectification;
(c) The right to erasure;
(d) The right to restrict processing;
(e) The right to object to processing;
(f) The right to data portability;
(g) The right to complain to a supervisory authority; and
(h) The right to withdraw consent.
5.3 As an EEA Resident, you have the right to confirmation as to whether or not we process your personal data and, where we do, access to the personal data, together with certain additional information. That additional information includes details of the purposes of the processing, the categories of personal data concerned and the recipients of the personal data. Providing the rights and freedoms of others are not affected, we will supply to you a copy of your personal data. The first copy will be provided free of charge, but additional copies may be subject to a reasonable fee. You can access your personal data by writing to us at: email@example.com Or firstname.lastname@example.org
5.4 As an EEA Resident, you have the right to have any inaccurate personal data about you rectified and, taking into account the purposes of the processing, to have any incomplete personal data about you completed. You can request correction or modification of your personal data by writing to us at: email@example.com Or firstname.lastname@example.org
5.5 In some circumstances, as an EEA Resident, you have the right to the erasure of your personal data without undue delay. Those circumstances include: the personal data are no longer necessary in relation to the purposes for which they were collected or otherwise processed; you withdraw consent to consent-based processing; you object to the processing under certain rules of applicable data protection law; the processing is for direct marketing purposes; and the personal data have been unlawfully processed. However, there are exclusions of the right to erasure. The general exclusions include where processing is necessary: for exercising the right of freedom of expression and information; for compliance with a legal obligation; or for the establishment, exercise or defense of legal claims. You can request the deletion of your account by writing to us at: email@example.com Or firstname.lastname@example.org
6.1 This Section 6 sets out our data retention policies and procedure, which are designed to help ensure that we comply with our legal obligations in relation to the retention and deletion of personal data.
6.2 Personal data that we process for any purpose or purposes shall not be kept for longer than is necessary for that purpose or those purposes.
6.3 We generally retain your personal information for as long as is necessary for the performance of the contract between you and us and to comply with our legal obligations. If you no longer want us to use your information to provide the Services to you, you can request that we erase your personal information and close your account.
6.4 Notwithstanding the other provisions of this Section 6, we may retain your personal data where such retention is necessary for compliance with a legal obligation to which we are subject, or in order to protect your vital interests or the vital interests of another natural person.
Our Services are not intended for children. You must also be old enough to consent to the processing of your personal data in your country without parental consent. No one under age 18 may provide any personal data through the Services. If you are under 18 age, you can't use or our Services or through any of their features or register an account.
8.1 About cookies
(a) A cookie is a file containing an identifier (a string of letters and numbers) that is sent by a web server to a web browser and is stored by the browser. The identifier is then sent back to the server each time the browser requests a page from the server.
(b) Cookies may be either persistent cookies or session cookies: a persistent cookie will be stored by a web browser and will remain valid until its set expiry date, unless deleted by the user before the expiry date; a session cookie, on the other hand, will expire at the end of the user session, when the web browser is closed.
(c) Cookies do not typically contain any information that personally identifies a user, but personal information that we store about you may be linked to the information stored in and obtained from cookies.
8.2 We use these technologies for the following purposes:
(a) To identify you and log you into the Services;
(b) To store information about your preferences and to personalize the Services for you;
(c) As an element of the security measures used to protect user accounts, including preventing fraudulent use of login credentials, and to protect our website and services generally;
(d) To help us display content that will be relevant to you;
8.3 Cookies used by our service providers
(a) We use the following service providers to analyses the use of the Services. Each service provider gathers information about the Services by means of cookies and this information is used to create reports about with usage information. You can find information about the service provider’s privacy policies and practices at the URLs set forth below:
Service Provider - Analytics
Google Analytics / Fabric / Crashlytics
9.1 We have implemented measures designed to secure your personal data from accidental loss and from unauthorized access, use, alteration and disclosure. The safety and security of your information also depends on you. Where we have given you (or where you have chosen) a password for access to certain parts of the Services, you are responsible for keeping this password confidential. We ask you not to share your password with anyone.
9.2 Steps taken to ensure data security:
(a) All the user information can only be accessed by authorized users;
(b) Users need to authenticate themselves with a username-password combination; and
(c) All data is Control or Protect via PN SOFTWARE Servers & Technical team.
We operate a referral program that allows users to refer new participants to our cryptocurrency exchange app and earn additional coins based on their referrals' investments. Participation in the referral program is subject to the terms and conditions outlined below.
10.1 When you participate in our referral program, we collect and process data related to your referred users and the structure of referrals, including user IDs, referral relationships, and investment activities.
10.2 As part of the referral program, higher-level users may earn additional coins when their referred users make investments. This requires us to process and track referral activities to calculate and allocate rewards accurately.
10.3 The data collected through the referral program is used to manage and administer the program, including calculating and distributing referral rewards to eligible users.
10.4 The processing of data for the referral program is based on our legitimate interests in operating and maintaining the program, as well as fulfilling our contractual obligations to provide referral rewards to eligible users.
10.5 Participation in the referral program is voluntary. By participating, you consent to the collection, processing, and sharing of data as outlined in this section.
10.6 Data related to referral rewards earned may be retained and shared within our platform for accounting and reporting purposes as well as to manage and administer the program, fulfill our contractual obligations, and comply with legal requirements.
10.7 If you no longer wish to participate in the referral program or have your data processed for this purpose, you may opt-out by contacting our support team.
(a) It is our policy to post any changes we make to our Policy on this page. If we make material changes to how we treat our users' personal data, we will notify every user via push notification in your account. Also we declared that the date the Policy was last revised is identified at the top of the page.