BTCBNK logo BTCBNK

Privacy Policy

INTRODUCTION                                                                   

SVV Poland Sp. z o.o. (“BTC Bank”, “we”, “our”, or “us”) respects your privacy and is committed to
 protecting your personal data. This Privacy Policy explains how we collect, use, and protect your personal
data when you use our website [btcbnk.io, «Website»] and related services.
This information has been prepared taking into account the GDPR, i.e. the general regulation on
data protection.
SVV Poland Sp. z o.o. with registration number 0000972216, registered in Poland at the address: Zurawia
 str. 47/49, office 118, Warsaw, Poland, 00-680.

DATA CONTROLLER                                                                                           

SVV Poland Sp. z o.o. will be the “data controller” or “controller” in relation to any personal data provided
 to us directly via email, phone, chatbot, and post or via the Services, including the Website, or any other
 available communication channel offered by SVV Poland Sp. z o.o. to you. This means that we are
 responsible for deciding how we will hold and use personal data about you.
By using or navigating the Website and the Services, you acknowledge that you have read, understand,
 and agree to be bound by this Privacy Policy. You should not provide us with any of your data or use the
 Website or Services if you do not agree with the terms of this Privacy Policy. This Privacy Notice is
 incorporated into our Terms of Use.
 We encourage you to review and check the Services, including the Website regularly for any updates to
 this Privacy Policy. We will publish the updated version on the Website and by continuing to deal with us,
 you accept this Privacy Policy as it applies from time to time.
Persons under the age of 16 cannot provide any personal information through our Website, Services,
 social media account. If you are a person below the age of 16, before submitting personal information,
 you must obtain the consent of your parents or other legal guardians.

DATA PROTECTION PRINCIPLES                                                                         

Personal data is defined by the General Data Protection Regulation (EU Regulation 2016/679) (the
 “GDPR”) as ‘any information relating to an identifiable person who can be directly or indirectly identified
 in particular by reference to an identifier’.
Personal data is any information about you that enables us to identify you or the beneficiary of your
 transaction with us, either directly or indirectly. Personal data covers information such as your name and
 contact details, but also information such as identification numbers, electronic location data, and other
 online identifiers.
We are committed to complying with applicable data protection laws and will ensure that personal data
 is:
• Used lawfully, fairly and in a transparent way;
• Collected only for valid purposes that we have clearly explained to you and not used in any way
 that is incompatible with those purposes;
• Relevant to the purposes we have told you about and limited only to those purposes;
• Accurate and kept up to date;
• Kept only as long as necessary for the purposes we have told you about;
• Kept securely.

WHAT PERSONAL DATA WE COLLECT ABOUT YOU

We only collect the most relevant, proportionate for each purpose and strictly necessary personal data
from you in the course of our business when you access, visit or use our Services. We collect data that is:
• necessary to provide our services to you, such as when you sign-up and open an account with us,
 when we carry out the necessary KYC checks, and when you use our Services;
• information about your use of the Services;
The personal information that we collect, and process may include:
• Data that have to do with your identity and your personal and contact information, such as your
 first name, last name, phone number
• Data connected to your account with us, such as your username and password
• Payment information – such as details of any transactions carried out using any of the Services,
 bank account number, e-wallet information, details about payments and transfers made using
 the Services.
• Transaction Data: Details of crypto exchanges, purchase history, and amounts.
 • Technical Data: IP address, browser type, and access times.

HOW WE COLLECT YOUR PERSONAL DATA

We collect your data in various ways. These include the following:
We may collect data that you provide directly.
Typically, this will happen when you register or sign-up with us, where you create an account with us,
 when you fill in any application form, when you subscribe to our newsletter, when you participate in
 surveys, when you send us an email, when you sign a contract with us
We may collect data about you automatically.
When you use our Services, including when you interact with our website without logging in your account,
 we will automatically collect technical-related data about you, your equipment, browsing actions and
 patterns.
Every time you use or access the Services, and our website, data is collected. This data is stored in log files
 on the server and can include, the temporary storage of data and log files. The IP address is temporarily
 stored in the system as it is necessary to provide website access to your computer or other device. The IP
 address is retained while that website is being accessed. These log files are stored to ensure website
 functionality, optimize the content of our website, and ensure the security of our IT system.
Typically, automatic collection of data will happen when you browse and use our Services and Website,
 social media pages, (usually with the use of cookies and other similar tracking technologies).
We may acquire information about you from third parties.
We do this where we are permitted by law. This may be the information provided by our partners,
 marketing agencies, your public profile information such as in social media platforms, like LinkedIn,
 Facebook, Twitter, Instagram). We may associate the information we receive about you from yourself,
 public and commercial sources with other information we receive from you or about you.
These are the typical ways in which we collect data about you. We may collect data about you in other
 cases that are not covered by this Privacy Policy or using other methods not covered by this Policy. If this
 happens, we will inform you additionally.

HOW WE USE YOUR PERSONAL DATA AND BASIS FOR SUCH USE

We will use your personal data when the law allows us to. Most commonly, we will use your personal data
 in the following circumstances:
• When we have your consent,
• Where we need to perform the contract we are about to enter into or have entered into with you.
• Where it is necessary for our legitimate interests (or those of a third party) and your interests and
 fundamental rights do not override those interests.
• When processing cryptocurrency transactions.
• When providing you with access to your account and services.
• Where we need to comply with legal obligations (AML and KYC procedures).
• When sending you updates and promotions (with your consent).
We do not generally rely on consent to process your personal data. We rely on other grounds for
 processing. We only rely on consent where this is required by law or where we consider that processing
 data is necessary, and we cannot rely on other grounds.

PURPOSES AND BASES FOR PROCESSING

In general, we may use your personal data to carry out, provide, fix, and improve our Services, develop
 new Services, and market our Services.
We reserve the right to offer you supplemental documents to this privacy policy that will describe the
 ways in which we process your personal data.
Your personal data is processed under the following legal bases:
Performance of a contract (e.g., cryptocurrency exchange services).
Compliance with legal obligations (AML and KYC laws).

CHANGE OF PURPOSE

We will use your personal data for the purposes for which we collect it or where we reasonably consider
 that we need to use it for another reason only if this reason is compatible with the original purpose.
If we need to use your personal data for an unrelated purpose, we will notify you and we will explain the
 legal basis which allows us to do so.
Please note that we may process your personal data without your knowledge or consent, in compliance
 with the above rules, where this is required or permitted by law.

HOW LONG WE KEEP YOUR PERSONAL DATA

Personal data is used for different purposes, and is subject to different standards and regulations. In
 general, personal data is retained for as long as necessary to provide you with services you request, to
 comply with applicable legal obligations, particularly related to Anti-Money Laundering (AML) and
 Countering the Financing of Terrorism (CFT), accounting or reporting requirements, and to ensure that
 you have a reasonable opportunity to access the personal data.
To determine the appropriate retention period for personal data, we consider the applicable legal
 requirements, the amount, nature, and sensitivity of the personal data, the potential risk of harm from
 unauthorised use or disclosure of your personal data, the purposes for which we process your personal
 data and whether we can achieve those purposes through other means. For example,
• we will retain your personal data if we are required to comply with legal and regulatory
 obligations, compliance procedures and legal limitation periods. We will retain your personal data
 for a period after closure of your account with us or the last transaction we carried out for
 you. (Legal requirements)
• Personal data provided to us for marketing purposes may be retained until you opt out or until
 we become aware the data is inaccurate.

WHO WE SHARE YOUR PERSONAL INFORMATION WITH 

We may disclose your information to our employees and agents.
We may also disclose your information to third parties, such as:
• Service Providers who provide services to us as we request them, such as IT and system
 administration services, cloud storage service providers, fraud detection, customer support,
 remote ID verification providers, strong customer authentication, e-signature providers,
• Companies that assist in payment transactions such as financial institutions, like banks, payment
 service providers like electronic money and payment institutions, international payment service
 organizations like SWIFT and TARGET 2.
• Relevant business partners, like banking partners and intermediaries, international payments
 services provider, as well as card manufacturing/personalisation and delivery companies, fraud
 and risk mitigation service provider.
• Professional advisers including lawyers, auditors, and insurers who provide relevant services,
• Governmental agencies or entities, regulatory authorities, or other persons in line with applicable
 rules, orders, subpoenas, official requests, or similar processes as either required or permitted by
 applicable law.
• Advertising networks that help organise competitions and promotions, to support and display ads
 on our Website, apps and other social media tools.
• Third party service providers to assist us with client insight analytics, such as Google Analytics.
Please note the following:
• This list is non-exhaustive and there may be other examples where we need to share with other
 parties in order to provide our services as effectively as we can.
• We require all third parties to respect the security of your personal data and to treat it in
 accordance with the law. We do not allow our third-party service providers to use your personal
 data for their own purposes and only permit them to process your personal data for specified
 purposes and in accordance with our instructions.

HOW WE PROTECT YOUR PERSONAL DATA

We use a variety of technical and organisational measures to help protect your personal data from
 unauthorised access, use, disclosure, alteration or destruction consistent with the applicable data
 protection laws and the EU General Data Protection Regulation. We have also implemented appropriate
 information security policies, rules and technical measures to secure your personal information collected
 by us. Your personal information is saved in an encrypted form.
All of our partners, employees, consultants, workers and data processors (i.e. those who process your
 personal information on our behalf,), who have access to, and are associated with the processing of
 personal information, are obliged to respect the confidentiality of such personal information, keep it
 secure and protect it.

YOUR RIGHTS REGARDING YOUR PERSONAL DATA

You have the following rights in relation to the personal data we hold about you. Please note that some
 of these rights will only apply in certain circumstances and some of them may be limited where we have
 an overriding interest or legal obligation to continue to process the data or where data may be exempt
 from disclosure due to reasons of confidentiality obligations.
Access: you are entitled to ask us if we are processing your data and, if we are, you can request
 access to your personal data. This enables you to receive a copy of the personal data we hold
 about you and certain other information about it;
Correction: you are entitled to request that any incomplete or inaccurate personal data we hold
 about you is corrected;
Erasure: you are entitled to ask us to delete or remove personal data in certain circumstances.
 There are also certain exceptions where we may refuse a request for erasure, for example, where
 the personal data is required for compliance with law or in connection with claims;
Restriction: you are entitled to ask us to suspend the processing of certain of your personal data
 about you, for example if you want us to establish its accuracy or the reason for processing it;
Transfer: you may us to help you request the transfer certain of your personal data to another
 party;
Objection: where we are processing your personal data based on legitimate interests (or those of
 a third party) and you may challenge this. However, we may be entitled to continue processing
 your information. You also have the right to object where we are processing your personal
 information for direct marketing purposes;
Automated decisions: you may contest any automated decision made about you where this has
 a legal or similar significant effect and ask for it to be reconsidered.
Consent: where we are processing personal data with consent, you can withdraw your consent.
If you want to exercise any of these rights, please contact us at [email protected]
Please note that you also have a right to lodge a complaint with the Office of the Commissioner for
 Personal Data Protection in Poland, which is the competent authority.

CHANGES TO THIS POLICY

We may make changes to this Privacy Policy from time to time. To ensure that you are always aware of
 how we use your personal data we will update this Privacy Policy from time to time to reflect any changes
 to our use of your personal data. We may also make changes as required to comply with changes in
 applicable law or regulatory requirements. We will notify you by email of any significant changes.
 However, we encourage you to review this Privacy Policy periodically to be informed of how we use your
 personal data.

JURISDICTION

We adhere to Polish and European Union regulations concerning data protection. Any legal disputes will
 be governed by the laws of Poland.

CONTACT

You may contact our Data Protection Officer by email at: [email protected]

BTCBNK logo BTCBNK

SVV Poland sp z o.o. is not a bank and does not provide any banking services or related financial services. (in accordance with the Act of 29 August 1997 - Journal of Laws 2023.2488 consolidated text, Act of 19 August 2011 - Journal of Laws 2011 No. 199 item 1175

SVV Poland sp z o.o. operates under the name BTCbnk (trade name).

Your funds are secure.

© 2025 BTCBnk - All Rights Reserved

Privacy Policy