Privacy Policy

This Privacy Policy (“Privacy Policy”) provides for the security measures we have implemented to protect and manage your Personal data, in accordance with applicable data privacy regulations listed below, when you use our services (“Services”), use our mobile application Bitviser (“App”) served and operated by us, and describes what personal data (“Personal data”) is collected and how it is used, processed, stored and managed by us, under the applicable legislation, while you visit or use our App and Services.

The privacy of your Personal data is important for us. We respect your rights to privacy and rights under relevant legislation and are committed to complying with the requirements of relevant laws, including GDPR (for EU customers) and others in the collection and processing of your Personal data.

Privacy Policy explains how we use your Personal data in connection with usage of any of our App and Services.

By using our App, Services by our customer, he/she/it expressly agrees with Privacy Policy and expressly consents to and agrees with Personal data processing as stipulated herein and by the applicable law.

All capitalized terms not otherwise defined elsewhere in Privacy Policy shall have the same meanings assigned to them in the Terms of Use.

  1. Definitions and Interpretations

    The following terms has the meaning as defined below:

    “Controller” means a legal entity that determines the purposes, conditions and manner of any processing activities that it carries out regarding your Personal data.

    “Customer” means you as an individual if you use our App or Services, or a legal entity where you act as a director, board member, employee, representative, owner, or ultimate beneficial owner.

    “GDPR” means the General Data Protection Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of Personal data and on the free movement of such data, and repealing Directive 95/46/EC, as amended, replaced, or superseded and in force from time to time, and as transposed into member-state legislation.

    “Personal data” means any information which relates to an identified or identifiable natural person. An identifiable person is one who can be identified directly or indirectly, in particular by reference to an identifier, an online identifier, or to one or more factors specific to the identity of that natural person. It does not include data where the identity has been removed (anonymous data).

    “Third-parties services” means the companies, platforms, or systems with proper authorizations, licenses, registrations, or technical solutions which provide third-parties’ services and to which our platform is technically connected, allowing users to access such third-parties’ services. This includes, for example, services related to crypto-asset exchange (e.g., decentralized exchanges such as AllBridge, Thorchain), custody, and transfer.

    “you, your” means you, whether as a visitor of our App or Services, a user of the App, or a person contacting us through digital means. If our customer is a legal entity, “you” also refers to individuals acting as its director, board member, employee, representative, owner, or ultimate beneficial owner.

  2. Who we are

    We are DevServe HK Limited incorporated under the laws of Hong Kong, registration No. 3323577, address: 1411, 14/Floor, Cosco Tower, 183 Queen`s road Central (“we”, “us” or “our”) being Personal data controller and is responsible for the processing of your Personal data.

    We provide Services and provide access to App.

  3. What do we offer?

    Terms of Use contain detailed information about our Services, our App.

    We only use Personal data for the purposes specified in Privacy Policy. We only transfer your Personal data to third parties if it is needed as set forth below.

    App and our platform do not collect or store big volumes of user Personal data, but could collect and store some minimum Personal data that could be processed for App use and Services provision.

  4. Personal data regime. Purpose of Personal data processing

    We highly respect your privacy. Privacy Policy contains important information regarding processing, namely, collection, recording, organization, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure, dissemination, restriction, erasure etc. of your Personal data collected on App or otherwise. We have developed Privacy Policy to assist you make an informed decision about whether or not to use App, our Services.

    We reserve our right to update Privacy Policy from time to time and the most up to date version will be published in our App. We shall not serve you, customer with a relevant notification of such update and continued usage of our App and/or Services will be taken to indicate your acceptance of the terms of this Privacy Policy insofar as it relates to our App.

    We process Personal data in scope being enough for the following purposes:

    “Contractual Purpose” means processing your Personal data to enter into and perform a service agreement (which may require disclosure to relevant third parties as defined by us), to enable proper access to and improvement of features of our App; to register a customer; to process and deliver our Services and App features to the customer.

    “Analytical, Operating, Administration Purpose” means collecting general and specific statistics on App usage; sending communications, notices, updates, and surveys; providing customer service support and related purposes; collecting statistics about how customers and potential customers use our App, including via analytics services (this helps us run our App more efficiently and personalize the customer’s online experience); keeping our records updated; studying how customers use our Services; preventing abuse of our Services and promotions; ensuring compliance, quality assurance and training; managing our customer relationships including collecting reviews, conducting surveys, or informing customers of business and service developments; conducting research; comparing and verifying information; and analyzing statistics relevant to our operations.

    “Marketing and Advertising Purpose” means sending welcome emails upon registration; occasionally sending updates about our Services; managing customer relationships; evaluating business performance and building customer databases; contacting customers for surveys or other marketing purposes; conducting direct marketing and promotional activities; advertising our Services to customers and potential customers; and understanding the effectiveness of our advertising. We may use your Personal data to decide which Services or offers may be relevant to you.

    “Communication Purpose” means contacting customers for administrative purposes such as customer service, addressing technical or other issues related to the Services provided, or sharing updates and notifications about the Services; responding to customer requests; and seeking customer feedback.

    “Regulatory and Managerial Purpose” means facilitating our internal business operations, including fulfilling regulatory requirements, monitoring, analyzing, and improving the performance and functionality of our App, investigating breaches or enforcing terms related to our App; protecting our property, the App, and our legal rights; creating backups of business records; managing risks; and protecting our App from fraud through identity verification and prevention of fraudulent use.

    We process Personal data only for purposes stipulated in Privacy Policy or those prescribed by the applicable law.

    Legal basis for processing is:

    “Contractual Necessity” means processing that is necessary for entering into or performing a contract between our customer and us, including the performance of the service agreement to which the customer is a party.

    “Consent” means the voluntary, specific, informed and unambiguous indication of the customer’s wishes by which they signify agreement to the processing of their Personal data.

    “Legal Obligation” means processing that is necessary for compliance with a legal obligation to which we are subject, including statutory or regulatory requirements under applicable law.

    “Legitimate Interest” means processing that is necessary for the purposes of the legitimate interests pursued by us. These include maintaining and developing our App, technical systems, and IT infrastructure; implementing technical and organizational solutions that may involve your Personal data to provide adequate Services; and processing for the protection of your or another person’s vital interests.

    “Other Legal Basis” means any other legal ground for processing Personal data as prescribed by applicable law.

    We may be able to provide you with limited information in the absence of your identifying yourself but generally we will be unable to provide you with any information, Services unless you have identified yourself.

  5. Types of Personal data

    We classify our Personal data into the following three types:

    1. Directly collected Personal Data

      This refers to the information, which a customer directly provides us. We usually collect and store information in electronic form provided by our customer when communicating with us via App or otherwise, including, but not limited to, when:

      “Customer Contact” means situations where the customer contacts us via the App.

      “Service Provision” means cases where we provide you with our Services and access to the App.

      “Support Interaction” means instances where we provide the customer or potential customer with assistance or support related to our Services.

      “Participation in Activities” means when the customer participates in our functions, events, activities, or engages with us on our social media pages.

      “Information Request” means cases where the customer or potential customer requests that we provide information about our Services.

      “Data Submission” means situations where our customer uploads or submits information to us or through our App.

      “Form Completion” means when the customer completes any forms requesting information, including during registration with us, completes any surveys, or provides feedback related to our Services.

    2. Indirectly collected Personal data

      This kind of information relates to the customer, but he/she/it does not provide it directly (e.g., an IP address).

    3. Automatically collected / generated Personal data

      Our system collects this type of information automatically. Though such information isn’t provided by a customer, it relates to you and is considered to be Personal data. It has 2 subtypes:

      “Static” means information that does not usually change once it is created. For example, an internal user ID assigned to a customer.

      “Dynamic” means information that changes based on the activities performed by you while using the App or Services.

      We also collect information from mobile device automatically when you use our App. This information may include data as detailed below.

      The device you use to access our App may collect information about you including your location using longitude and latitude coordinates obtained through GPS, Wi-Fi or cell site tri- angulation. For information about your ability to restrict the collection and use of such information, please use the settings available on your device.

      We may use statistical analytics software tools and software known as cookies which transmit data to third party servers located overseas. To our knowledge, our analytic providers do not identify individual users or associate your IP address with any other data held by them.

  6. What Personal data do we collect ?

    Depending on whether and how you use our Services, App, we will collect, use, store and transfer different kinds of your Personal data, grouped in the following categories:

    Category Type Details
    Basic Identity Data 1 Name, maiden name and surname, date of birth, gender, username or similar identifier, residing address, postal address, proof of address documentation, e-mail address, phone number, citizenship, information that you are or not politically exposed person.

    ID card, passport details or other identification document, your occupation, employment industry, financial standing.     		The application does not store or request any of the fields listed above.

    If the user enters the above data as an email, password or pin code in the application – we cannot foresee this and also we’re not responsible for this data.
    Basic Identity Data 2 Biometric identifiers and/or biometric information The app uses biometric authentication using Face ID or Touch ID depending on the device. It does not store biometric data, only uses OS-level authentication.

    Authentication is initiated by the app but handled entirely by the OS. Biometric data is stored on the device in a secure enclave. User permission is required.
    Basic Identity Data 3 Verification data: visual image of your face, audio, video made during verification The system does not take pictures/videos and does not store any of the listed fields. There is a camera page in the system, but it only reads QR codes.
    Social Identity Data Legal entity data, work address, your group, behavioral data, your preferences, interests, favorites, information on referrals related to you, close connections, risk assessment, compliance assessment, your marketing, communication preferences, your survey responses, your connections with others whose personal information we may collect or hold. The application does not store or request any of these data.
    Transactions data Crypto-asset wallet accounts, amounts associated with accounts, activity log, billing details, details about transfers to and from you, other details of any transactions you enter into using our Services, App, rewards. The application stores the listed data that relates to our system. It does not interact with other apps.

    Wallets, balances, and transactions are stored on our service and on the user’s device. Access is granted via mnemonics, for which the user is responsible.
    Technical Data Computer and connection info: browser type, OS, IP, login data, device IDs, accessed pages, location, etc. The application uses the listed data. Device ID is used to list authorized devices and manage sessions. Also used for sending app notifications (e.g., wallet crediting, session termination).

    This information is not exhaustive, and is laid out to give you an idea about use of fundamental collected information. We will record all information collected and purposes for which we process that Personal data.

    Furthermore, we treat certain categories of Personal data to be sensitive, and such sensitive data requires additional safeguards. We will only collect, use, store, and transfer your sensitive data if we can meet both the legal basis requirement and at least one of the required extra conditions.

    The extra conditions include:

    “Circumstances Prescribed by Regulations” means that Personal data is processed under conditions specifically defined and allowed by applicable regulations or laws.

    “Information Made Public by You” means that sensitive data has become public due to actions taken by you, including voluntarily disclosing such information in public platforms or forums.

    “Consent” means that you have provided explicit permission for the processing of your sensitive data for one or more specified purposes.

    “Judicial Proceedings” means that the processing of data is required in the context of legal proceedings, obtaining legal advice, or for the purpose of establishing, exercising, or defending legal rights.

    “Public Functions” means that the processing is necessary for carrying out functions or duties imposed on any person by law, regulation, or official enactment.

  7. Lawfulness of Processing and Disclosure

    You consent to these terms and conditions of processing of your Personal data. We take all reasonable means to ensure that your Personal data is treated securely and in compliance with this Privacy Policy, when we process your Personal data for one of the legal purposes specified in this Privacy Policy. We protect your Personal data under internationally recognized standards, employing physical, technological, and administrative security measures to minimize the risks of loss, misuse, unauthorized access, disclosure, and alteration. Firewalls and data encryption are among the measures we employ, as well as physical access controls to our data centers, and information access authorization controls.

    We also limit access to Personal data only for those employees, contractors, advisors, auditors who require it to fulfil their job or service duties. Our employees, contractors are trained on procedures of Personal data processing, including limitations on the release of information. Access to Personal data is limited to those of our employees and contractors whose work needs it. We perform periodic evaluations to ensure that proper information processing policies and procedures are understood and followed. All of our physical, electronic, and procedural safeguards are designed to comply with applicable laws and regulations.

    When you provide your Personal data over our App, it is securely sent across the Internet using industry standard encryption. Your Personal data will be held encrypted on secure servers.

    We will endeavour to take all reasonable steps to keep secure and protect any Personal data which we hold about you, including:

    securing our physical premises and digital storage media;

    using computer safeguards such as Secure Socket Layer (SSL) technology to ensure that your information is encrypted and sent across the Internet securely;

    placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure; and

    taking regular back-ups of our electronic systems.

    Notwithstanding that we will take all reasonable steps to keep your Personal data secure, data transmission over the internet is never guaranteed to be completely secure. We do not and cannot warrant the security of any information you transmit to us or from any online services.

  8. How we use Personal data for communicating with you and direct marketing

    We may communicate with you via App or push notification, to inform you about existing and new Services that may be of interest to you.

    We will ensure that any email we send as direct marketing complies with the relevant legislation and contains an ‘unsubscribe’ option so that you can remove yourself from any further marketing communications. You may decline marketing messages sent by push notifications by refusing the relevant permission in your phone or tablet settings; however, this setting will prevent you from receiving other messages from us via push notification. You may also opt out of receiving marketing materials from us using the contact details set out below.

    You can also call or write to us to request that your details be removed from our direct marketing list. We will endeavour to remove your details from our direct marketing list within a reasonable time (ordinarily 5 working days).

    Our direct marketing list may be operated by software and servers located overseas, and your Personal data may be sent overseas as part of our marketing.

    We will also send communications that are required or necessary to send to users of our App, which contain information about important changes or developments to or the operation of the App, as well as other communications you request from us. You may not opt out of receiving these communications, but you may be able to adjust the media and format through which you receive these notices.

  9. Third Parties

    We have taken steps to ensure that third parties engaged by us in processing your Personal data, have suitable technical and organizational measures in place to protect this Personal data, and we will also ensure that they are GDPR compliant. We have taken steps to ensure that third parties engaged by us, protect the confidentiality and security of Personal data, and ensure that Personal data is processed only for Service providing and in compliance with applicable law.

    We may transfer your Personal data to third parties such as:

    to our related entities, employees, officers, agents, contractors, other companies that provide services to us, sponsors, government agencies or other third parties to satisfy the purposes for which the information was collected or for another purpose if that other purpose is closely related to the primary purpose of collection and an individual would reasonably expect us to disclose the information for that secondary purpose;

    to third parties who help us analyze the information we collect so that we can administer, support, improve or develop our business and Services we provide to a customer;

    to legal and regulatory authorities to whom we are obligated to disclose your Personal data under the law;

    to software service providers who assist us to provide Services we provide to customers;

    to our professional advisers such as consultants, bankers, professional indemnity insurers, brokers and auditors so that we can meet our regulatory obligations, and administer, support, improve or develop our business;

    to server hosts, which store our data, and communication service providers, which help us stay in touch with you;

    to third parties, including those in the blockchain and fintech industry, marketing and advertising sectors, to use your information in order to let you know about services which may be of interest to you in accordance with GDPR;

    to any other person, with your consent (express or implied);

    to facilitate the sale of all or a substantial part of our assets or business or to companies with which we propose to merge or who propose to acquire us and their advisers;

    to other third parties whose services or facilities we use in order to provide our Services and deal with certain processes necessary for the operation of the App, internal procedures, and legal requirements.

    Notwithstanding the above, when your Personal Data is transmitted through the App to third parties providing Third-parties services, it is regarded as though you have personally shared this your Personal Data with those third parties. In such a case, the App serves as a technical bridge facilitating the transfer of such information and data.

    In addition to the above recipients, we will disclose your Personal data if we are required to do so under law or if the disclosure is made in connection with either the normal operation of our business in a way that you might reasonably expect, for example, if such disclosure is incidental to IT services being provided to our business or for the resolution of any dispute that arises between you and us. This disclosure may involve your Personal data being transmitted overseas.

    In the event of a proposed restructure or sale of our business (or part of our business) or where a company proposes to acquire or merge with us, we may disclose Personal data to the buyer and their advisers without your consent subject to compliance with GDPR and other applicable and relevant legislation. If we sell the business and the sale is structured as a share sale, you acknowledge that this transaction will not constitute the ‘transfer’ of Personal data.

    Personal data shall not be processed (or cause to be processed) in a country that has not been designated by the European Commission as providing an adequate level of data protection unless it has put in place such measures as are necessary to ensure such transfer is in compliance with Personal data protection laws, except where otherwise required by applicable law.

    We are obliged to disclose your Personal data in the following cases:

    in response to lawful requests by public authorities, including to meet legitimate national security or law enforcement requirements;

    to protect, establish, or exercise our legal rights or defend against legal claims, including to collect a debt; to comply with a subpoena, court order, legal process, or other legal requirement;

    when we believe in good faith that such disclosure is required to comply with the law, prevent imminent physical harm or financial loss, or investigate, prevent, or take action regarding illegal activities, suspected fraud, threats to our property, or violations of Terms of Use;

    to third parties in case of: merger, restructuring, joint venture, assignment, sale of part or the whole of the business.

    If we are acquired or merged with a third-party entity, we reserve the right to transfer or assign the data we have collected from our customers as part of such merger, acquisition, sale, or other change of control. If we become involved in a merger, acquisition, or any form of sale of some or all our assets, we will notify customers, you before Personal data is transferred and become subject to a different privacy policy. We may not be able to control how your Personal data is treated, transferred, or used in the unlikely event of our bankruptcy, insolvency, reorganization, receivership, or assignment for the benefit of creditors, or the application of laws or equitable principles affecting creditors’ rights in general.

  10. Where do we store Personal data?

    Please note that we use our own and third party computer servers including our hosts, data backups and payment gateway(s), which may be located overseas and your Personal data will likely be stored and transmitted overseas as part of the normal operation of our business. To ensure the security and privacy of your Personal data, we take measures designed to protect that information from loss, misuse, unauthorized access, disclosure, alteration or destruction.

  11. How long do we store Personal data?

    We store Personal data within the term of its processing by us, third parties engaged by us for Services providing, and additionally 5 years, after termination of a business relationship with the customer, other cases set forth in the law, unless longer term is required by the applicable law.

  12. Breaches Notifications

    In case of Personal data breach, we shall notify the supervisory competent authority without undue delay and, where feasible, not later than 72 hours after becoming aware of it, unless Personal data breach is unlikely to result in a risk to the rights and freedoms of individuals.

    If we become aware of a security breach, we may seek to notify you electronically so that you can take appropriate preventive measures. If a security breach occurs, we may make a notice in App.

    When Personal data breach is anticipated to result in a high risk to customers’, your rights and freedoms, we will inform you.

  13. Your Rights

    1. Obtain confirmation

      You have the right to request confirmation that Personal data pertaining to you is being processed.

    2. Access Personal Data

      You have the right to access such data, or ask us to provide a copy of your Personal Data processed by us.

    3. Request of information

      You have the right to request the following additional information concerning your Personal data:

      the purposes of the processing;

      tthe recipient(s) or category(ies) of recipient to whom/which Personal data have been or will be disclosed;

      the criteria determining the period for which Personal data will be stored etc.

    4. Request rectification

      You have the right to rectify Personal data in case the data is incorrect or incomplete.

    5. Right to Withdraw Consent for Data Processing

      You are entitled to withdraw the consent granted for the processing of Personal data at any time. Withdrawal does not affect the lawfulness of the processing conducted before the withdrawal. If you withdraw your consent, we may not be able to provide certain Services to you, but we will advise you if this is the case at the time you withdraw your consent.

    6. Right to erasure

      Sometimes called Right-to-be-forgotten. You have the right to revoke previously provided consent and have the Personal data erased from our system. In this case, third parties will no longer have access to your Personal data.

      However, it does not mean that your data will be erased immediately; it will still be stored at our facility in order to comply with numerous statutory obligations, specifically a provision of the GDPR and other relevant regulations. Your Personal data will be erased from our records after this period has elapsed.

    7. Restrict processing

      You have the right to ask us to restrict the processing of Personal data in case the data is incorrect or incomplete or in case Personal data is processed unlawfully.

      Biometrics are not processed by us.

    8. Receive Personal data

      You have the right to receive Personal data concerning you provided to us, in a structured, commonly used and machine-readable format. We are obliged and have provided all the information which you have right to receive. This Privacy Policy concludes all the information and is available to you in our App at any point of time.

    9. Have Personal data transmitted

      You have the right to have Personal data transmitted directly from one controller to another, where technically feasible. You may request the transfer Personal data to you or to a third party, and we will provide to you, or a third party you have chosen (where technically feasible), your Personal data; note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

      When your Personal Data is transmitted through the App to third parties providing Third-parties services, it is regarded that you ask us to transfer such Personal Data to such third parties and thereby you execute your right captured in this clause.

    10. Right to Object

      You have the right to object, on grounds relating to your particular situation, where there is a reason to believe that we have no lawful grounds for processing Personal data, at any time to processing of Personal data. In some cases, we may demonstrate that we have compelling legitimate grounds to process your information which override your rights and freedoms.

    11. Requests and Complaints

      If you have any queries in relation to this policy, you wish to access or correct the Personal data we hold about you, or make a complaint, please contact us in writing at:

      Email: [email protected] or

      You have the right to file complaints regarding processing of your Personal data to our Data Protection Officer as set forth above.

      We aim to acknowledge receipt of all privacy complaints from you within 5 working days and resolve all complaints within 30 business days. Where we cannot resolve a complaint within that period, we will notify you of the reason for the delay as well as advising the time by which we expect to resolve the complaint.

      In order to disclose information to you in response to a request for access we may require you to provide us with certain information to verify your identity.

      In the event that you believe that there has been a breach of any legislative norm, we invite you to contact us as soon as possible.

      If you are not satisfied with our handling of a complaint or the outcome of a complaint you have the right to lodge a complaint with an appropriate authority.

      Should we lawfully receive your Personal data from a third party, you will have the same rights regarding information in question as related to information you provided to us directly or we have collected during cooperation with you.

  14. Implementation of changes

    Our Privacy Policy is reviewed and updated on a regular basis to ensure that any new obligations and technologies, as well as any changes to our business operations and practices, are taken into account, as well as that it remains abreast of the changing regulatory environment. Any Personal data we store will be subject to our most recent Privacy Policy.

    If we decide to update our Privacy Policy, we will post those changes here and other places we deem necessary.

    If we make changes, we will notify you by revising the date at the top of the Privacy Policy and, in some cases, may provide you with additional notice (such as adding a statement to App homepage or sending you a notification). We recommend you review the Privacy Policy whenever you access our App or otherwise interacts with us to stay informed about our information practices and the ways you can help us to protect your privacy.

  15. Conclusion

    Please acknowledge, by implementing some rights given by relevant legislation (erasure, stop processing), you will be deprived of some features of App, and in some cases, where applicable, we may be forced to close your access to our App. Despite the rights exercised by you, we anyway could proceed with your Personal data processing, if required by law.

    We are committed to protecting the privacy of Personal data and make every effort to disclose the processing details clear and simple to understand.

    Should you have any questions concerning the information above, please, don’t hesitate to contact us as set forth above.