Privacy Policy

Introduction Bitvora Inc. ("Company," "we," "us," or "our") is committed to protecting user privacy. This Privacy Policy explains how we collect, use, disclose, and protect personal data.

Information We Collect

  • ￿ Contact Information: name, email, phone, address

  • ￿ Identity Verification: ID, date of birth, compliance documents

  • ￿ Account: usernames, passwords

  • ￿ Payment: billing, method, transaction history

  • ￿ Device & Usage: IP, browser, OS, pages visited, geolocation

  • ￿ Third-Party Sources: public records, social media, integrations

Legal Basis for Processing We process data under:

  • ￿ Consent

  • ￿ Contractual necessity

  • ￿ Legal obligations (e.g., FINTRAC)

  • ￿ Legitimate interest (e.g., security)

How We Use Your Information

  • ￿ Account management and support

  • ￿ Payment processing documents

  • ￿ Regulatory compliance

  • ￿ Fraud and abuse prevention

  • ￿ Marketing (with consent)

  • ￿ Internal analytics

Data Processing Agreement (DPA) We act as a processor for business clients under contract. Clients must enter a DPA to ensure compliance with PIPEDA and GDPR (if applicable).

Sharing of Information

  • ￿ Service providers (e.g., ID checks, hosting)

  • ￿ Regulators (e.g., FINTRAC)

  • ￿ Legal authorities (e.g., subpoenas)

  • ￿ Business transfers

  • ￿ With user consent

Risk Disclosure

  • ￿ Bitcoin is volatile and high risk

  • ￿ Total loss of funds is possible

  • ￿ Transactions are final and irreversible

  • ￿ Bitvora may freeze funds for AML reasons only if Bitvora’s wallet is used—this does not apply to self-hosted wallets

Data Retention Personal data is kept as required by law or business purposes. Data is securely deleted once no longer needed.

Your Rights

  • ￿ Access and correct information

  • ￿ Request portability

  • ￿ Request erasure (where legal)

  • ￿ Restrict or object to processing

Data Security

  • ￿ Encryption in transit and at rest

  • ￿ Access controls

  • ￿ Regular audits

International Transfers Bitvora is based in Canada and may process data abroad. We ensure adequate protection through standard safeguards.

Children's Privacy Services are not intended for individuals under 18. We do not knowingly collect data from minors.

Third-Party Links External sites are not covered by our policy.

Changes to Policy We may revise this Policy and notify users accordingly.

Contact Email: [email protected]

Governing Law Ontario law governs this Policy. Disputes follow Terms of Service procedures.