Privacy Policy

1) Collected Information and Purposes

Collection of data required to create and manage your account

1.1 Data Provided During Registration

We collect the information you voluntarily provide when creating your account: last name, first name, email address, country code, phone number, encrypted password, and referral code when applicable.

This data is necessary to identify the user, secure account access, enable operational communication (notifications, security alerts, verifications), and ensure proper platform operation.

1.2 Data Generated During Use

When using our services, we record technical and functional metadata, including authentication history, activity logs, account actions, financial operations, security events, language settings, and profile settings.

This information supports traceability, fraud prevention, incident resolution, regulatory compliance, and continuous user experience improvement.

1.3 Legal Basis and Data Minimization

We process data under applicable legal bases: performance of the service contract, legal obligations, legitimate security/operational interests, and explicit consent where required.

We apply a data minimization principle: only data strictly necessary for the intended purpose is processed. No unnecessary collection is intentionally performed.

Where optional fields are offered, users may leave them blank unless those fields become required for a specific legal, technical, security, or fraud-prevention process. In such cases, refusal to provide required data may limit access to specific features.

1.4 Sensitive Operations and Verification Data

For high-risk operations (identity verification, password recovery, suspicious access, payment or withdrawal actions), we may process additional verification data including timestamps, IP addresses, device and browser fingerprints, challenge outcomes, and proof-of-control checks.

These controls are implemented to reduce unauthorized access, account takeover, synthetic identity abuse, and financial fraud. Verification data is retained only as long as necessary for legitimate security and compliance purposes.