This Privacy Notice explains how we collect, use, store, and protect your personal data when using our cryptocurrency exchange services. This policy is essential for providing the service and may be updated regularly in accordance with applicable laws and regulations.

1. Personal Data We Collect

We may collect the following types of information:

① During Registration and Identity Verification

• Full name, date of birth, gender
• Email address, mobile number
• Password (encrypted)
• Identity documents (passport, ID card, driver’s license)
• Selfie images for verification
• Country of residence and address
• KYC-related data

② When Using the Service

• Wallet addresses (deposit/withdrawal)
• Transaction history and asset balances
• Login information (IP address, browser, device info)
• Security logs (2FA, failed login attempts, etc.)

③ Customer Support

• Inquiry details and any attachments
• Information voluntarily provided during communication

2. Purpose of Collecting Personal Data

Your data is used for the following purposes:

• Account creation and user identification
• Compliance with AML/KYC regulations
• Cryptocurrency deposits and withdrawals
• Trade matching and execution
• Account security and fraud detection
• Customer support and service improvement
• Legal compliance and regulatory obligations

3. Data Retention Period

• Data is retained as long as your account remains active
• Certain records may be retained longer in compliance with AML, transaction reporting, or legal requirements
• Once the retention period expires, data is securely deleted

4. Sharing Personal Data with Third Parties

We only share personal data in the following cases:

• Identity verification and AML compliance
• Requests from law enforcement or regulatory authorities
• Services necessary for platform operation (SMS, email, payment, etc.)

We do not sell personal information to third parties.

5. Outsourcing of Personal Data Processing

We may outsource certain operations to external providers, including:

• SMS/email delivery services
• Cloud server hosting (e.g., AWS)
• KYC identity verification providers
• Security monitoring services

All vendors are bound by confidentiality and security agreements.

6. Use of Cookies and Tracking Technologies

We use cookies to:

• Maintain login sessions
• Enhance security
• Improve service usability

You may disable cookies through your browser settings; however, some features may not function properly.

7. Protection Measures for Personal Data

We implement the following security measures:

• Encryption of passwords and sensitive data
• IAM-based access control with the principle of least privilege
• Restricted access to servers and databases
• HTTPS/TLS encrypted communication
• Regular security audits
• Fraud detection and monitoring system (FDS)

8. User Rights

You may request the following at any time:

• Access, modification, or deletion of your personal data
• Suspension of data processing
• Account deletion

Some requests may be limited depending on legal obligations.

9. Data Protection Officer

• Name: [Company/Representative]
• Email: [Email]
• Contact Number: [Phone]

10. Changes to This Privacy Notice

Any updates or changes will be announced in advance.