Privacy Policy

Effective Date: May 21, 2025

Bitara ("we", "our", or "us") operates a digital asset and cryptocurrency trading platform accessible via mobile application and web interface. This Privacy Policy explains how we collect, use, disclose, retain, and protect your personal information when you access or use Bitara's services, including binary options trading, futures, spot, peer-to-peer (P2P), and copy trading features.

By creating an account or using any Bitara service, you acknowledge that you have read, understood, and agree to be bound by this Privacy Policy. If you do not agree, please discontinue use of our services immediately.

1. Who We Are and How to Contact Us

Bitara is a financial technology company providing digital asset trading infrastructure. For all privacy-related inquiries, data subject requests, or complaints, please contact our Data Protection Officer:

  • Email: privacy@bitara.app
  • Response Time: We respond to all privacy requests within 30 calendar days.

2. Information We Collect

2.1 Identity & KYC Information

To comply with Anti-Money Laundering (AML), Know Your Customer (KYC), and Counter-Terrorism Financing (CTF) regulations, we collect:

  • Full legal name, date of birth, nationality, and country of residence
  • Government-issued photo identification (passport, national ID, driver's license)
  • Proof of address (utility bills, bank statements not older than 3 months)
  • Facial biometric data (selfie, liveness check) for identity verification
  • Politically Exposed Person (PEP) and sanctions screening data
  • Source of funds and source of wealth declarations (for higher trading tiers)

2.2 Account & Contact Information

  • Email address and phone number
  • Username, password (stored as a cryptographic hash — never in plaintext)
  • Two-factor authentication (2FA) enrollment data
  • Referral codes and affiliate linkages

2.3 Financial & Trading Data

  • Cryptocurrency wallet addresses (custodial and non-custodial)
  • Deposit and withdrawal history, transaction IDs (TXIDs) on public blockchains
  • Trade history: instrument, order type, entry/exit price, volume, profit/loss, leverage
  • Copy trading relationships: master trader followed, performance data replicated
  • P2P trade counterparty information (pseudonymous username, trade amount, payment method type)
  • Bank account or payment method metadata (we do not store full card numbers)

2.4 Device & Technical Information

  • IP address, device fingerprint, device ID (IDFA/GAID where permitted)
  • Operating system, app version, browser type, screen resolution
  • Mobile carrier, time zone, language preferences
  • App session logs, crash reports, and performance diagnostics
  • Push notification tokens

2.5 Behavioral & Usage Data

  • Pages and features visited, button interactions, time spent in-app
  • Trading patterns, preferred instruments, and risk profile indicators
  • Customer support chat transcripts and ticket records
  • Marketing interactions (email opens, ad clicks)

2.6 Information from Third Parties

  • Identity verification providers (e.g., Onfido, Jumio, Sumsub)
  • Blockchain analytics and AML screening services (e.g., Chainalysis, Elliptic)
  • Credit reference and fraud prevention agencies
  • Social login providers (Google, Apple) — we receive only name, email, and unique ID
  • Public blockchain data (on-chain transaction records are publicly visible by nature)

3. Legal Bases for Processing

We process your personal data under the following legal bases (applicable under GDPR and equivalent frameworks):

  • Contractual Necessity: To create and maintain your account and execute trades
  • Legal Obligation: KYC/AML compliance, tax reporting, regulatory filings
  • Legitimate Interests: Fraud detection, security monitoring, platform improvement
  • Consent: Marketing communications, optional analytics, cookie-based tracking
  • Vital Interests: In rare cases involving safety threats

4. How We Use Your Information

  • Account Services: Registration, authentication, account management, and recovery
  • Trade Execution: Processing buy/sell orders across spot, futures, binary, P2P, and copy trading
  • Regulatory Compliance: KYC/AML verification, FATF Travel Rule compliance for crypto transfers, tax information reporting
  • Security: Detecting unauthorized access, suspicious activity, account takeovers, and financial fraud
  • Risk Management: Assessing trading risk, enforcing leverage limits, and managing margin calls
  • Customer Support: Resolving disputes, responding to inquiries, and processing complaints
  • Product Improvement: Analyzing usage patterns to improve UI/UX and feature development
  • Marketing (with consent): Sending promotions, product updates, and personalized offers
  • Legal Defense: Establishing, exercising, or defending legal claims

5. Data Sharing and Disclosure

5.1 We Do Not Sell Your Data

Bitara does not sell, rent, or trade your personal information to third parties for their own marketing purposes.

5.2 Service Providers (Data Processors)

We share data with vetted third-party processors who act on our behalf under strict data processing agreements:

  • Cloud infrastructure providers (data hosting and storage)
  • Identity verification and KYC vendors
  • Payment processors and banking partners
  • Blockchain analytics and AML compliance tools
  • Customer support platforms
  • Analytics and crash reporting services
  • Email and push notification delivery services

5.3 Regulatory and Law Enforcement Disclosures

We may disclose your data when legally required by:

  • Court orders, subpoenas, or lawful government requests
  • Financial intelligence units (FIUs) in jurisdictions where we operate
  • Tax authorities under applicable reporting obligations
  • Sanctions compliance requirements (OFAC, UN, EU sanctions lists)

5.4 P2P Trading Counterparties

In P2P trades, limited information (username, trade amount, payment confirmation status) is visible to your counterparty. We never expose your full name, ID documents, or financial account details to other users.

5.5 Copy Trading

If you are a Master Trader, your trading performance statistics and aggregated trade data may be visible to followers on the platform. No personally identifiable information is disclosed without your explicit consent.

5.6 Corporate Transactions

In the event of a merger, acquisition, or asset sale, your data may be transferred to the successor entity, subject to equivalent privacy protections.

6. International Data Transfers

Bitara operates globally and may transfer your data to countries outside your jurisdiction. Where we transfer data internationally, we ensure adequate protection through:

  • Standard Contractual Clauses (SCCs) approved by the European Commission
  • Adequacy decisions for relevant jurisdictions
  • Binding Corporate Rules where applicable

7. Data Retention

We retain your personal data for as long as necessary to fulfil the purposes described in this policy, subject to the following minimum retention schedules mandated by financial regulation:

  • KYC / Identity Documents: Minimum 5 years after account closure (or longer if required by local law)
  • Transaction Records: Minimum 5–7 years (jurisdiction-dependent)
  • AML Suspicious Activity Reports: 5 years minimum
  • Support Correspondence: 3 years after ticket closure
  • Marketing Consent Records: Until consent is withdrawn plus 1 year
  • Device / Log Data: 90 days (rolling)

After the applicable retention period, data is securely deleted or irreversibly anonymized.

8. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data:

  • Access: Request a copy of the personal data we hold about you
  • Rectification: Correct inaccurate or incomplete data
  • Erasure: Request deletion of your data (see Account & Data Deletion Policy)
  • Restriction: Request we limit how we process your data
  • Portability: Receive your data in a structured, machine-readable format
  • Objection: Object to processing based on legitimate interests or for direct marketing
  • Withdraw Consent: Withdraw consent at any time without affecting prior processing
  • Lodge a Complaint: File a complaint with your local data protection authority

To exercise any right, contact privacy@ognimohub.com. We will verify your identity before processing requests. We will respond within 30 days; complex requests may take up to 90 days with prior notice.

Note: Certain rights may be limited where retention is required by financial regulations (e.g., AML/KYC laws override erasure rights for regulated data).

9. Security

We implement industry-standard and beyond-standard security measures including:

  • AES-256 encryption for data at rest; TLS 1.3 for data in transit
  • Multi-factor authentication (MFA) enforcement for all internal systems
  • Role-based access controls (RBAC) with least-privilege principles
  • Regular third-party penetration testing and vulnerability assessments
  • Intrusion detection systems (IDS) and 24/7 security monitoring
  • Cold storage for the majority of user crypto assets (where custodied)
  • Incident response plan with regulatory breach notification procedures

No system is 100% secure. In the event of a data breach that affects your rights and freedoms, we will notify you and relevant authorities in accordance with applicable law (typically within 72 hours of becoming aware).

10. Cookies and Tracking Technologies

Our web platform uses cookies and similar technologies. You can manage cookie preferences via our cookie consent banner. We use:

  • Essential Cookies: Required for authentication, security, and core functionality (cannot be disabled)
  • Analytics Cookies: Help us understand usage patterns (opt-out available)
  • Marketing Cookies: For personalized advertising (requires explicit consent)

Our mobile apps use equivalent SDKs. On iOS, we comply with App Tracking Transparency (ATT) requirements and request permission before tracking across apps and websites. On Android, we respect the Advertising ID opt-out setting.

11. Children's Privacy

Bitara services are strictly for persons 18 years of age or older (or the age of legal majority in your jurisdiction, if higher). We do not knowingly collect personal data from minors. If we discover that a minor has registered, we will immediately terminate the account and delete associated data. If you believe a minor has provided us data, contact privacy@ognimohub.com immediately.

12. Changes to This Policy

We may update this Privacy Policy from time to time. Material changes will be communicated via:

  • In-app notification at least 30 days before the change takes effect
  • Email notification to your registered address
  • A prominent notice on our website and app

Continued use of Bitara services after the effective date constitutes acceptance of the updated policy.

Bitara — Empowering Digital Asset Traders Worldwide — ognimohub.com

We may use cookies or any other tracking technologies when you visit our website, including any other media form, mobile website, or mobile application related or connected to help customize the Site and improve your experience. learn more

Allow