BITVYL

Privacy Policy

Last updated: May 17, 2026

This policy describes how BITVYL handles your personal data. We comply with GDPR (EU Regulation 2016/679) and the LGPD (Brazilian Law 13.709/2018) where applicable.

1. Data we collect

  • Identification: e-mail, name (optional), profile picture (optional).
  • Location: country, city, postal code (provided by you).
  • Trading: trade history, deposits, withdrawals, orders.
  • Technical: IP address, browser, device, access times.
  • Payment: USDT wallet address (only to confirm deposits/withdrawals).
  • Future KYC: ID document for amounts above $1,000 (when activated).

2. How we use it

  • Authenticate you on the platform.
  • Process your trades and update your balance.
  • Pay withdrawals to your wallet.
  • Send new-login alerts (security).
  • Prevent fraud, laundering and bonus abuse.
  • Improve the platform (aggregated, anonymous analytics).
  • Comply with legal obligations.

3. Legal basis (GDPR/LGPD)

We process your data based on: performance of a contract (you created an account), consent (avatar, optional campaigns), legal obligation(KYC, AML) and legitimate interest (security, fraud prevention).

4. Sharing

We share data only with:

  • Supabase (managed database, AWS us-west-2)
  • NOWPayments (USDT processing)
  • Titan / GoDaddy (transactional e-mail)
  • Hetzner (application servers)
  • Authorities, when required by law

We never sell your data to third parties.

5. Cookies

We use essential cookies (session, language, preferences). No marketing or third-party tracking cookies. See the Cookie Policy.

6. Retention

We keep your data while your account is active. After deletion, we retain financial data for 5 years (tax/AML obligation); the rest is erased within 30 days.

7. Your rights (GDPR Art. 15-22 / LGPD Art. 18)

You may, at any time:

  • Access the data we hold about you
  • Correct inaccurate data (on the /profile page)
  • Request account deletion
  • Export your data (portability)
  • Withdraw consent
  • File a complaint with your local Data Protection Authority (EU) or ANPD (Brazil)

To exercise these rights: privacy@bitvyl.com

8. Security

Bcrypt-hashed passwords, httpOnly sessions, per-user RLS, HTTPS on all traffic, secrets server-side only. Details at /seguranca.

9. Children

BITVYL is intended for users 18 years and older. We do not knowingly collect data from minors. If we discover a minor's account, it is closed and the data erased immediately.

10. Changes

Updates to this policy are communicated by e-mail. Significant changes require your re-consent.

11. DPO contact

privacy@bitvyl.com