Privacy Policy

This notice is the Privacy Policy of Bitlocus.

Bitlocus are committed to protecting and respecting your privacy. Bitlocus uses information collected about you to meet legal obligations and provide a better service.

This notice together with Terms of Use and other documents referred to it sets the basis on which Personal Data we collect, process and use.

Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it.


Personal data - means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

What information is being collected?

For the Customer – natural person:

  1. Name and Surname
  2. Personal code (if assigned)
  3. Citizenship
  4. Date of birth
  5. Copy of your ID document (passport, national ID card)
  6. E-mail address
  7. Address of residency
  8. Data on the nature of income of the Customer and intended operation amounts with the Company. (The Company shall be entitled to obtain any additional information if the Company finds it necessary to properly & duly establish the identity of the Customer)
  9. Purpose of account.
  10. IP address

For the Customer – body corporate:

  1. Full legal name
  2. Legal form
  3. Company number
  4. Registered office address
  5. Place of business
  6. E-mail address
  7. Phone number
  8. Website
  9. IP address
  10. UBO`s (ultimate beneficial owners) all the information about natural person as given above
  11. Officers
  12. Business activity
  13. Articles of Association or another governing document
  14. Source of funds
  15. Purpose of account
  16. Data on the nature of income
  17. Information about representative of the Company (all information about natural person given above).
Who is collecting it?

Chief compliance officer is the person in charge of ensuring our company adheres to this Privacy Policy. This person is also the main contact for our Data Protection Supervisory Authority, the Information Commissioner’s Office.

How is it collected?

The main way how we get that kind of personal data is when you provide it to us such as when you sign up for a Bitlocus account also when you communicate with us by email we collect the communication and any data provided in it. Moreover, when we obtain information from third parties such as identity verification services, credit reference agencies, and regulatory and enforcement agencies. When you use the Bitlocus platform we collect information on your transactions and other use of your Bitlocus account.

How will it be used?

We will process your Personal Information only for the purpose(s) of providing to you the service(s) that you ask us to provide and to satisfy the legal obligations stemming from regulatory obligations that arise from providing you the service(s).

  1. To allow you to open and operate an Account on the Platform;
  2. To process transactions on the Platform;
  3. To reply to your e-mails or contact you about Bitlocus services;
  4. To analyse use of our Site;
  5. Verify your identity in accordance with applicable know-your-customer, money laundering and other financial sector legislation or regulations, including as required for compliance with the Bitlocus Anti Money Laundering notice, as well as address other law enforcement needs as more fully described in our Terms of Use, and generally as required for compliance with legislation and regulations applicable to Bitlocus;
  6. We need to understand the nature of business and management structure of the Company, obtain the preliminary monthly transaction volumes for the Customer – body corporate;
  7. To verify your identity to protect against fraud, comply with financial crime laws, and to confirm your eligibility to use our products and services.
  8. We may be use your personal data and cookies (read below to know more about cookies) to send you information related to our marketing communications, dedicated personally to you considering your data.


We may collect information about your computer, including where available your IP address, operating system and browser type, for system administration and to report aggregate information to our advertisers. This is statistical data about our users' browsing actions and patterns and will not be used to identify any individual unless that same individual. Your data is only accessed internally on a need to know basis, and it will only be accessed or processed if absolutely necessary. We will delete data that is no longer required by any relevant law or jurisdiction in which we operate.


When you access Bitlocus, we may make use of the standard practice of placing tiny data files called cookies, they are typically stored on your computer's hard drive. Information collected from cookies is used by us to evaluate the effectiveness of our Site, analyse trends, and administer the Platform. The information collected from cookies allows us to determine such things as which parts of our website are most visited and difficulties our visitors may experience in accessing our website. With this knowledge, we can improve the quality of your experience on the Platform by recognizing and delivering more of the most desired features and information, as well as by resolving access difficulties.

Similar technology - web bugs or clear gifs. They are typically stored in emails, we use it to help us confirm your receipt of, and response to, our emails and to provide you with a more personalized experience when using our Site.

To find out more about cookies and similar technology click here.


Correspondence – Information that you provide to us in written or oral correspondence, including opening a Bitlocus account, and with respect to ongoing customer support.

Location Information – Information that is automatically collected via analytics systems providers to determine your location, including your IP address and/or domain name and any external page that referred you to us, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system, and platform;

Log Information – Information that is generated by your use of Bitlocus Exchange Services that is automatically collected and stored in our server logs.

Account Information – Information that is generated by your Bitlocus account activity including, but not limited to, instructions regarding funding and disbursement, orders, trades, and account balances;

Correspondence – Information that you provide to us in written or oral correspondence, including opening a Bitlocus account, and with respect to ongoing customer support; and logging of phone numbers used to contact us.


We collect information from other affiliated and non-affiliated third parties and we may associate that with the information we collect about you. For example, in connection with your creation of a Bitlocus Account or to enable your transactions, Bitlocus may work with third party service providers to conduct identity verification and other screening procedures, including screening to verify that you are eligible to use the Services.


  • We may share your personal information with selected third parties including:
    • Affiliates, operational and business partners, suppliers and sub- contractors for the performance and execution of any contract we enter into with them or you;
    • Analytics and search engine providers that assist us in the improvement and optimization of our site.
  • We may disclose your personal information to third parties when:
    • We sell or buy any business or assets, in which case we may disclose your personal data to the prospective seller or buyer of such business or assets in order to continue the services for which you have contracted;
    • We are under a duty to disclose or share your personal data in order to comply with any legal obligation, or in order to enforce or apply our Terms & Conditions and other applicable agreements. This includes exchanging information with other companies and organizations for the purposes of fraud protection and credit risk reduction;
    • We conduct or cooperate in investigations of fraud or other illegal activity whenever we believe it is reasonable and appropriate to do so;
    • We seek to prevent and detect fraud and crime;
    • We receive a lawful subpoena, warrant, court order, or as otherwise required by law;
    • We seek to recover debt or in relation to your insolvency; and
    • We seek information necessary to maintain or develop customer relationships, services and systems.
  • We do not maintain a published list of all of the third parties with whom we share your personal information with, as this would be heavily dependent on your specific use of our Services. However, if you would like further information about who we have shared your personal information with, or to be provided with a list specific to you, you can request this by writing to us here.


We have implemented technical and organisational security measures to ensure the confidentiality of your Personal Information and to protect your Personal Information from loss, misuse, alteration or destruction. Information will be kept in Google Cloud platform, which has been saved by SSL. Only authorised personnel of Bitlocus have access to your Personal Information, and these personnel are required to treat the information as confidential.

Where you have consented to, or we are obliged to pass on Personal Information to third parties to provide you with a requested service or in the carrying out of a regulatory or legal obligation, we will request that the same levels of technical and organisational security measure be applied through contractual arrangements, where possible.

Technical and organisational security measures in place will, from time to time, be reviewed in line with legal and technical developments.

In the event of a personal data breach or the failure of the measures of protection of such information we will immediately notify you without undue delay.


We may make automated decisions on certain matters. For example, we may do this to decide whether we can provide our services to you based on a credit check/risk profiling. Depending on the outcome of the credit check/risk profiling, a decision will be reached automatically as to whether we are able to provide products or services to you based on your credit worthiness.

If you disagree with the decision you are entitled to contest this by contacting us here.


There may be links from our Site to other sites and resources provided by third parties. This Privacy Policy applies only to our Site. Accessing those third-party sites or sources requires you to leave our Site.

We do not control those third party sites or any of the content contained therein and you agree that we are in no way responsible or liable for any of those third party sites, including, without limitation, their content, policies, failures, promotions, products, services or actions and/or any damages, losses, failures or problems caused by, related to or arising from those sites. We encourage you to review all policies, rules, terms and regulations, including the privacy policies, of each site that you visit.


Email Communications – Subject to applicable laws and regulations, we may from time to time send communications promoting services or activities to you using information collected from you. We will provide you with an opportunity to opt-out of newsletter communications. Unfortunately, we are unable to allow you to opt-out of the emails we send you for certain legal or administrative purposes.

Right of Rectification– You have the right to correct any personal information We hold on you that is inaccurate, incorrect, or out of date. If you want to correct - request this by writing to us here.

Right to Erasure - Bitlocus will retain Accounts and Personal Information for, at least, a period of five years after a user closes his account with us, because of the Anti-Money Laundering and Company legal obligations. After this period of time your personal information will be erased without undue delay.

Right to justice - if you are not satisfied with how the personal data is processed, you have the right to lodge a complaint with a supervisory authority.

Portability – You may have the right to transfer certain of your personal data between data controllers, for example, to move your account details from one online platform to another.

Access – you are entitled to ask us if we are processing your information and, if we are, you can request access to your personal data. This enables you to receive a copy of the personal data we hold about you and certain other information about it to check that we are lawfully processing it.

Restriction – you are entitled to ask us to suspend the processing of certain of your personal data about you, for example if you want us to establish its accuracy or the reason for processing it.


Please contact us with questions, comments, or concerns regarding our Privacy Policy and/or practices.