Centrul de ajutor
    Subiecte
    Terms of Service
    Terms of Service
    Subiecte
    Account Management
    KYC and Security Matters
    Platform Walkthrough
    Crypto Deposits/Withdrawals
    Buy Crypto
    P2P Trading
    Fiat Deposits/Withdrawals
    Spot X
    Pre-Market
    Standard Account
    Unified Trading Account
    Copy Trading
    Trading Bot
    Bybit Earn
    Bybit Card
    Bybit Pay
    Finance
    Promotions
    API
    Terms of Service
    MT5
    Bybit Web3
    UAB Onlychain Fintech Limited Privacy Notice
    bybit2024-12-24 03:26:56

    EFFECTIVE DATE: 26 August, 2024

     

    This Privacy Notice (this “Notice”) applies to the services provided by OnlyChain Fintech Limited, UAB, a company registered at A. Domaševičiaus str. 9, LT-01400 Vilnius, Republic of Lithuania (the “Company,” “we,” “us” or “our”) via trading platform (including any applicable mobile applications and websites used to access the same) (collectively the “Platform”) provided by Bybit Technology Limited. It describes how the Company collects, uses, and discloses Personal Data processed during provision of its services.

     

    This Notice supplements the other notices and is not intended to override them. Terms used within it shall have the meaning(s) given in the Regulation (EU) 2016/679 (General Data Protection Regulation (GDPR)), as applicable. Notice describes how the Company collects, uses, and discloses Personal Data that we obtain from you using the Platform and any services provided through the Platform as well as other collected personal data, and how we use and disclose that information.

     

    For purposes of this Notice:

     

    Personal Data” refers to the information from which the identity of natural person may be directly or indirectly determined.

     

    "Controller" refers to the natural or legal person, public authority, agency, or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data.

     

    Data Subject” means an identifiable natural person. An identifiable natural person is one who can be identified, directly, or indirectly, by reference to an identifier, such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural, or social identity of that natural person;

     

    Our relationship with you

    We are acting as the Controller of your Personal Data for the activities which include provision of services, ensuring customer's safety and complying with applicable regulatory requirements. As we are responsible for your Personal Data processed during our activities, we have appointed a Data Protection Officer who constantly monitors our compliance with applicable privacy regulation and acts as the contact point for the supervisory authorities or Data Subjects on issues relating to privacy.

     

    You may contact us in connection with various products or services that you are considering or would like to obtain from us, such as Bybit Card, cryptocurrency conversion to or from FIAT money (collectively “the Services”).

     

    By registering for and using the Platform, you confirm that you are aware that your Personal Data will be handled as described in this Notice and the Terms and Conditions applicable to the Platform (the “Service Agreement”).

     

    You can reach out to our Data Protection Officer at data_protection@bybit.com.

     

    Lawful basis for Processing Your Personal Data

    We may collect and process your Personal Data using the following legal basis:

     

    Performance of a contract means processing your Personal Data where it is necessary for the performance of a contract to which you are a party or to take steps at your request before entering into such a contract, e.g. contract for any of the Services we provide;

     

    Consent means processing your Personal Data using your written consent; or,

     

    Legal requirement means processing your Personal Data where it is necessary for compliance with a legal or regulatory obligation that we are subject to; or,

     

    Legitimate interest means the interest of our business in conducting and managing our business to enable us to give you the high quality Services or products and the best and most secure experience. We make sure we consider and balance any potential impact on you (both positive and negative) and your rights before we process your Personal Data for our legitimate interests. We do not use your Personal Data for activities where our interests are overridden by the impact on you (unless we have your consent or are otherwise required or permitted to by law). You can obtain further information about how we assess our legitimate interests against any potential impact on you in respect of specific activities by contacting us.

     

    Note that we may process your Personal Data for more than one lawful ground depending on the specific purpose for which we are using your data. Please contact us if you need details about the specific legal ground we are relying on to process your Personal Data.

     

    Generally, we do not rely on consent as a legal basis for processing your Personal Data. You have the right to withdraw consent at any time by contacting us.

     

    The Personal Data We Collect About You and How We Collect It

    We collect and process Personal Data about you directly from you when you register to use the Platform or submit such information as a part of the Know-Your-Client (“KYC”) policy, automatically through use of our Services via the Platform, as well as from our subsidiaries, affiliates or vendors that are either subject to this Notice or follow practices at least as protective as those described in this Notice.

     

    In operating on Platform and providing our Services, as well as other business activities, we may collect and process the following Personal Data about you:

     

    1. Information that you provide by filling in forms and documents on Platform, such as when you register to access, apply to, subscribe for or receive our Services which includes (but is not limited to) your name, email, phone number, residential address, place of birth, date of birth, gender, official identification number, passport/ID card number, nationality, citizenship, country of residence, address and source of wealth and funds;

     

    1. Account information, collected when registering or using an account, account logins and the resources that you access, including but not limited to, logged in device type, use of secondary verification, geolocation data, web logs, IP (internet protocol) address, Unique Identifier (UID), Registration IP, Time and Last Login Time, Inviter ID, used account verification safeguards;

     

    1. Information provided to us when you communicate with us for any reason (e.g. by phone, e-mail, forms);

     

    1. Details contained in any request for support or assistance from us including resolving disputes or troubleshooting problems;

     

    1. Information about the employment, that includes employment history, education background and income levels;

     

    1. Information collected in accordance with the requirements of the laws: Results from Politically Exposed Persons (PEP) screening & sanction screening, any additional Personal Data required for proving Source of Funds (e. g. employment contract, certificate of inheritance, etc.), data on the management structure and business activity, etc.;

     

    1. Financial information, such as, your bank account information, credit card information (including the card number, expiry date and CVC), tax identification number, transaction history, trading data and other data extracted from the documents provided by you;

     

    1. Transaction Information, that includes transaction information as you use our Services, including deposit snapshots, account balances, trade history, order activity and distribution history, bank account number, identification data of electronic money account, account statement;

     

    Please be advised that information you provide is being screened against risk profiles to comply with applicable Anti-Money Laundering laws and internal KYC and Anti-Money Laundering policy.

     

    We may receive Personal Data about you from various third parties and public sources as set out below: 

     

    1. Our partner who shares your Personal Data with us so that (a) you can use our Services on their behalf; and (b) they can pay money to you (for example, your salary if you are their employee or payment for goods and/or Services if you are their supplier);

     

    1. Electronic Identity Verification providers from data brokers or aggregators based inside or outside the European Union; 

     

    1. We may also record and verify personal identity documents such as passports electronically including screen grabs; 

     

    1. Identity data and contact data from publicly available sources based inside the European Union. 

     

    In order to provide contracted Services, we may need to verify details with Credit Reference agencies, anti-Fraud agencies, Sanction screening and politically exposed persons (PEP) listings.

     

    We endeavor only to collect and process Personal Data that is necessary to provide our Services to you in compliance with our legal and regulatory obligations. Please note that if you are acting as an authorized individual on behalf of a Data Subject and are providing Personal Data for such Data Subject, you are responsible for ensuring that you have all required permissions and consents to provide such Personal Data to us for use in connection with the Platform and that our use of such Personal Data you provide to the Platform does not violate any applicable law, rule, regulation, or order.

     

    In addition to log data, Bybit Technology Limited may also collect information about the device you use for the Platform, including what type of device it is, what operating system you’re using, device settings, unique device identifiers, and crash data. Whether Bybit Technology Limited collects some or all of this information may depend on what type of device you’re using and its settings.

     

    We obtain your Personal Data from third parties as well. These include our vendors (e.g., background check providers) and affiliates (e.g., Platform provider Bybit Technology Limited). These third parties collect Personal Data on behalf of the Company, or act as separate controllers in accordance with their own privacy policies. Some of these parties may have obtained your data from publicly accessible sources.

     

    How We Share Your Information

    Affiliates. We may disclose the information we collect from you to our affiliates or subsidiaries solely for the purpose of providing the Platform or related Services including subsite Services to you; however, if we do so, their use and disclosure of your personally identifiable information will be maintained by such affiliates and subsidiaries in accordance with this Notice.

     

    Service Providers. We may disclose the information we collect from you to third-party vendors, service providers, contractors or agents who perform functions on our behalf, provided such third parties have agreed to only use such information to provide Services to us.

     

    Business Transfers. If we are in negotiations with, or are acquired by or merged with another company or entity, if substantially all of our assets are transferred to another company or entity, or as part of a bankruptcy proceeding, we may transfer the information we have collected from you to the other company or entity.

     

    In Response to Legal Process. We also may disclose the information we collect from you in order to comply with the law, a judicial proceeding, court order, or other legal process, such as in response to a subpoena.

     

    To Protect Us and Others. We also may disclose the information we collect from you if we believe it is necessary to investigate, prevent, or take action regarding illegal activities, suspected fraud, situations involving potential threats to the safety of any person, violations of our Service Agreement or this Notice, or as evidence in litigation in which we are involved.

     

    We may retain the services of a third party service provider or business partner (that may be located outside of the European Economic Area (“EEA”)) for the purposes of obtaining or engaging their external expertise in relation to the processing of your personal information, principally in relation to secure data storage, management, disaster recovery and verification purposes. In the event that a third party service provider or business partner is located in a country outside of the EEA, such country may not have the same level of data protection as required within the EEA. Such third party service providers will only be selected and retained provided appropriate safeguards are in place in relation to such third party service providers and/or the country in question including, as stipulated in the GDPR, for instance appropriate Standard Contractual Clauses and/or Adequacy decisions are set in place to ensure that your information is treated securely and in accordance with this Notice. Such third parties will only be permitted to process your Personal Data in accordance with our instructions and our requirements disclosed to you in this Notice.

     

    Security of Your Personal Data

    We have implemented reasonable precautions consistent with applicable laws and regulations to protect the Personal Data we collect from loss, misuse, and unauthorized access, disclosure, alteration, and destruction. We take all appropriate technical and organizational security measures in line with market driven best practice to protect your Personal Data.

     

    Please be aware that despite our efforts, no data security measures can guarantee 100% security. Therefore, all visitors (including their authorized individuals) of the Platform must comply with the security requirements in the Service Agreement and take the following additional steps to help ensure the security of their Personal Data and the access to their account:

     

    (a) You should choose a robust user identification, password, and PIN to access your account (“User Credentials”) that nobody else knows or could easily guess. User Credentials must meet the requirements we specify when you establish those User Credentials. You should keep your User Credentials secure and private, and not share your User Credentials with any third party.

     

    (b) You should install anti-virus, anti-spyware, and firewall software in your personal computers and mobile devices;

     

    (c) You should update operating systems, anti-virus, and firewall products with security patches or newer versions on a regular basis;

     

    (d) You should remove file and printer sharing in computers, especially when they are connected to the internet;

     

    (e) You should make regular backups of your critical data;

     

    (f) You should consider the use of encryption technology to protect highly sensitive or confidential information;

     

    (g) You should completely log off and clear your browser cache after finishing each online session with the Platform;

     

    (h) You should not install software or run programs of unknown origin;

     

    (i) You should delete junk or chain emails;

     

    (j) You should not open email attachments from strangers;

     

    (k) You should not disclose personal, financial, or credit card information to little-known or suspect websites;

     

    (l) You should not use a computer or a device that cannot be trusted; and

     

    (m) You should not use public or internet café computers to access online Services or perform financial transactions.

     

    You should immediately notify us at support@bybit.com if you become aware of any unauthorized use or access of your account or User Credentials. We are not responsible for any lost, stolen, or compromised User Credentials or for any activity on your account via unauthorized activity using your User Credentials.

     

    Your Privacy Rights

    Under certain circumstances, you have the following rights under data protection laws in relation to your Personal Data:

     

    • Request access to your Personal Data (commonly known as a “data subject access request”). This enables you to receive a copy of the Personal Data we hold about you and to check that we are lawfully processing it.

     

    • Request correction of the Personal Data that we hold about you. This enables you to have any incomplete or inaccurate data we hold about you corrected, though we may need to verify the accuracy of the new data you provide to us.

     

    • Request erasure of your Personal Data. This enables you to ask us to delete or remove Personal Data where there is no good reason for us continuing to process it. You also have the right to ask us to delete or remove your Personal Data where you have successfully exercised your right to object to processing (see below), where we may have processed your information unlawfully or where we are required to erase your Personal Data to comply with local law. Note, however, that we may not always be able to comply with your request of erasure for specific legal reasons which will be notified to you, if applicable, at the time of your request.

     

    • Object to processing of your Personal Data where we are relying on a legitimate interest (or those of a third party) and there is something about your particular situation which makes you want to object to processing on this ground as you feel it impacts on your fundamental rights and freedoms. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

     

    • Request restriction of processing of your Personal Data. This enables you to ask us to suspend the processing of your Personal Data in the following scenarios: (a) if you want us to establish the data’s accuracy; (b) where our use of the data is unlawful but you do not want us to erase it; (c) where you need us to hold the data even if we no longer require it as you need it to establish, exercise or defend legal claims; or (d) you have objected to our use of your data but we need to verify whether we have overriding legitimate grounds to use it.

     

    • Request the transfer of your Personal Data to you or to a third party. We will provide to you, or a third party you have chosen, your Personal Data in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

     

    • Withdraw consent at any time where we are relying on consent to process your Personal Data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or Services to you. We will advise you if this is the case at the time you withdraw your consent.

     

    • Not to be the subject only to automated processing, including profiling. You have a right to demand that processing of your Personal Data would be reviewed by a real person and to object to the decision made by automated means.

     

    • To submit an appeal on the actions or inactions of us, related to the implementation of the data subject's rights to the Data Protection authority that is located in member state of the European Union where you reside; and

     

    • You are entitled to compensation, for which you must apply to the competent court that is located in the member state of the European Union where you reside, if you have suffered damage as a result of a violation of the data subject's rights.

     

    We will respond to your requests without undue delay and in any event within one month of receipt of the request. However, such period may be extended up to two months as per circumstances designated by GDPR.

     

    Please note that notwithstanding the foregoing, there may be circumstances in which we are unable to accommodate your request. This includes but is not limited to:

     

    • where we need to retain the information to comply with federal, state, or local laws or for accounting or tax purposes. For e.g., your Personal Data relevant to KYC or transactions are subject to Anti-Money Laundering law's obligations concerning storing Personal Data, thus it cannot be deleted beforehand; 

     

    • where we need to comply with a civil, criminal, or regulatory inquiry, investigation, subpoena, or summons by federal, state, or local authorities. For e.g., if we receive judicial subpoena concerning Personal Data, we are obliged to follow such requests.

     

    • where we need to cooperate with law enforcement agencies concerning conduct or activity that the business, service provider, or third party reasonably and in good faith, beliefs, may violate federal, state, or local law. For e.g., if we receive a lawful and grounded request from local law enforcement agencies to provide Personal Data;

     

    • where we need to retain information to exercise or defend legal claims. For e.g., Personal Data might be used to defend our legal interests in courts and other institutions;

     

    • where the information contains legal privilege or proprietary information of another party; or where complying with the request would compromise others’ privacy or other legitimate rights. For e.g., if disclosure of requested Personal Data would infringe on other individual's privacy rights and interests.

     

    • any basis where such a request can be denied under applicable law.

     

    If we determine that we cannot respond to any request in any particular instance, we will provide you with an explanation of why that determination has been made and a contact point for any further inquiries. To protect your privacy, we will take commercially reasonable steps to verify your identity before responding to any request under this provision, including complying with any applicable legal requirement for verifying your identity.

     

    If you have any concerns about our use of your personal information, you can make a complaint to us at data_protection@bybit.com.

     

    You can also complain to the State Data Protection Inspectorate if you are unhappy with how we have used your data. We would, however, appreciate the chance to deal with your concerns before you approach the State Data Protection Inspectorate, so please contact us in the first instance.

     

    The State Data Protection Inspectorate’s address:

    L. Sapiegos str. 17, LT-10312 Vilnius, Lithuania.

    Email: ada@ada.lt.

    Website: https://vdai.lrv.lt/en/

     

    Use of Cookies

    When you use the Platform, the servers, which are controlled by Bybit Technology Limited, automatically record information using cookies and/or other tracking technologies, including information that your browser sends whenever you visit the Platform or your mobile application sends when you’re using it. This log data may include your Internet Protocol address, the address of the web page you visited before coming to the Platform. Personal Data collected by cookies or other and/or other tracking technologies is processed by Bybit Technology Limited.

     

    More details on the use of Cookies can be found in Bybit Technology Limited’s Privacy Policy

     

    Data protection of using digital assets and blockchains

    Your use of digital assets may be recorded on a public blockchain. Public blockchains are distributed ledgers, intended to immutably record transactions across wide networks of computer systems. Many blockchains are open to forensic analysis which can lead to re-identification of transacting individuals and the revelation of Personal Data, especially when blockchain data is combined with other data.

     

    As blockchains are decentralized or third-party networks which are not controlled or operated by the Company, we are not able to erase, modify, or alter Personal Data on such networks.

     

    Transfer of Information

    We may transfer your data outside of the EEA. Such transfers are carried out in compliance with the GDPR, for instance appropriate Standard Contractual Clauses and/or Adequacy decisions are set in place to ensure that your Personal Data is treated securely and in accordance with this Notice.

     

    Should you like to receive more information (copy) of relevant safeguards, please reach out to us at data_protection@bybit.com.

     

    Retention

    We retain your Personal Data as long as it is required in order to fulfill the relevant purposes described in this Privacy Notice, as well as are required by applicable law.

     

    We will cease to retain your Personal Data, or remove the means by which the Personal Data can be associated with particular individuals, as soon as:

     

    (a) the purpose for which that Personal Data was collected is no longer being served by its retention; and

     

    (b) retention is no longer required by applicable laws, accounting, or business purposes.

     

    Please note that certain laws may require us to retain records of your Personal Data (e.g., transactions or accounts) for a certain period of time even after you cease relationship with us.

     

    To determine the appropriate retention period for Personal Data, we consider the amount, nature, and sensitivity of the Personal Data, the potential risk of harm from unauthorized use or disclosure of your Personal Data, the purposes for which we process your Personal Data, and whether we can achieve those purposes through other means, and the applicable legal requirements and recommendations.

     

    Children Under 18

    Our Services are not intended for the use of children under 18. If we discover that a child under 18 has provided us with Personal Data, we will delete such information from our systems, unless it is required otherwise by applicable law.

     

    Contact Us

    If you have questions about the privacy or would like to make a complaint, please contact us at data_protection@bybit.com

     

    Changes to this Notice

    This Notice is current as of the Effective Date set forth above. We may change this Notice from time to time, so please be sure to check back periodically. We will post any changes to this Notice on the Platform. If we make any changes to this Notice that materially affect our practices with regard to the Personal Data we have previously collected from you, we will endeavor to provide you with notice in advance of such change by highlighting the change on our Platform or sending an email that you have provided in your account. For this reason, you should make sure to update your account information promptly if it changes.

    A fost de ajutor?
    yesDayesNu
    Articole corelate
    Conversion of Small Balances or Unsupported Assets into USDT, other Digital Assets or Fiat Currencies
    Bybit Kazakhstan User Agreement
    Bybit Kazakhstan Risk Disclosure Statement