Vitex Privacy Policy

1. Introduction

This Privacy Policy describes how Vitex ("we", "us", or "our") collects, uses, stores, and protects the personal data of users ("you" or "your") who access or use our peer-to-peer digital asset exchange platform and related services (collectively, the "Platform").

This policy applies to all interactions with the Platform, including our website, mobile applications, support channels, and communication services such as Telegram notifications. By using the Platform, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and processing of your personal data as described herein.

2. Data We Collect

We collect various types of personal data to provide, secure, and improve our services. The categories of data we collect include:

2.1 Identification Data

• Full legal name
• Date of birth
• Nationality
• Government-issued identification number (e.g., passport number, national ID number)
• Residential address

2.2 Contact Information

• Email address
• Phone number
• Telegram ID or username (if provided for notifications)

2.3 KYC and Verification Documents

• Scanned copies or photographs of government-issued ID (passport, driver's license, national ID card)
• Selfie photographs for identity verification
• Proof of address documents (utility bills, bank statements, lease agreements)
• Bank statements or videos for payment method verification

2.4 Financial and Payment Data

• Bank account details (masked account numbers, bank names, account holder names)
• Digital wallet addresses (for USDT and other supported assets)
• Transaction history, including order details, amounts, prices, and timestamps

2.5 Transaction and Activity Data

• Records of trades, deposits, withdrawals, and transfers
• Dispute history and resolution outcomes
• Chat and communication logs related to trades

2.6 Technical and Usage Data

• IP address and geolocation information
• Device information (device type, operating system, browser type)
• Login timestamps and session activity
• Cookies and similar tracking technologies (see Section 5)

3. How We Use Your Data

We process your personal data for the following purposes:

3.1 Account Creation and Management

To create, maintain, and manage your user account on the Platform.

3.2 Identity Verification (KYC/AML)

To verify your identity, address, and payment methods in compliance with anti-money laundering (AML), counter-terrorism financing (CTF), and know-your-customer (KYC) regulations.

3.3 Processing P2P Trades

To facilitate peer-to-peer trades, including matching orders, managing escrow, processing confirmations, and resolving disputes.

3.4 Transactional Notifications

To send you important notifications related to your trades, account security, and platform updates via email, SMS, or Telegram.

3.5 Fraud Prevention and Security

To detect, prevent, and investigate fraudulent activity, abuse, security incidents, and policy violations.

3.6 Legal Compliance

To comply with legal obligations, respond to lawful requests from authorities, and enforce our Terms and Conditions.

3.7 Platform Improvement and Analytics

To analyze usage patterns, improve the Platform's functionality, develop new features, and enhance user experience. Where possible, this is done using aggregated or anonymized data.

4. Legal Bases for Processing

We process your personal data based on one or more of the following legal grounds (particularly relevant for users in jurisdictions with data protection laws such as GDPR):

• Performance of Contract: Processing is necessary to provide the P2P exchange services you have requested and to fulfill our contractual obligations to you.
• Legal Obligation: Processing is required to comply with applicable laws and regulations, including AML, KYC, and tax reporting requirements.
• Legitimate Interests: Processing is necessary for our legitimate interests in operating a secure platform, preventing fraud, improving services, and conducting business analytics, provided such interests are not overridden by your rights and freedoms.
• Consent: Where required by law, we may rely on your explicit consent, such as for certain marketing communications or optional cookies.

5. Cookies & Tracking

The Platform uses cookies and similar tracking technologies to enhance your experience, secure your session, and analyze usage patterns. Types of cookies we use include:

• Essential Cookies: Required for login, session management, and core Platform functionality. These cannot be disabled without affecting your ability to use the Platform.
• Analytics Cookies: Used to collect aggregated data on how users interact with the Platform, helping us improve usability and performance.
• Marketing Cookies: If applicable, used to deliver personalized content or advertisements based on your interests (with your consent where required).

You can manage your cookie preferences through your browser settings. However, disabling essential cookies may prevent you from using certain features of the Platform.

6. How We Share Your Data

We do not sell your personal data to third parties for their own marketing purposes. However, we may share your data with the following categories of recipients:

6.1 Service Providers and Partners

• Group companies and affiliated entities
• Cloud infrastructure and hosting providers
• KYC and AML verification service providers
• Payment processors and banking partners
• Analytics and security vendors
• Customer support and communication platforms (e.g., Telegram API)

These third parties are contractually obligated to process your data only as instructed by us and to implement appropriate security measures.

6.2 Legal and Regulatory Authorities

We may disclose your data to regulators, law enforcement agencies, tax authorities, and courts when required by law, legal process, or to protect our rights, property, or safety, or that of our users or the public.

6.3 Business Transfers

If we are involved in a merger, acquisition, asset sale, or bankruptcy, your personal data may be transferred as part of that transaction. We will notify you via email or a prominent notice on the Platform before your data is transferred and becomes subject to a different privacy policy.

7. International Transfers

Your personal data may be transferred to, stored in, and processed in countries other than your country of residence. These countries may have data protection laws that differ from those in your jurisdiction.

Where we transfer data internationally, we implement appropriate safeguards, such as standard contractual clauses approved by relevant data protection authorities, to ensure your data is protected in accordance with this Privacy Policy.

8. Data Retention

We retain your personal data for as long as necessary to:

• Provide the Platform services and maintain your account;
• Comply with legal obligations, such as AML and tax record-keeping requirements;
• Resolve disputes and enforce our policies;
• Prevent fraud and abuse.

In many jurisdictions, financial service providers are required to retain customer data for a specified period (often 5-7 years) after account closure. After the retention period expires, we will securely delete or anonymize your personal data.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal data. To exercise these rights, please contact us at privacy@vitexchange.com.

Please note that exercising certain rights (e.g., deletion) may prevent us from providing services to you or require us to close your account. You also have the right to lodge a complaint with your local data protection authority if you believe we have not handled your data appropriately.

10. Security

We implement industry-standard technical and organizational security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures include:

• Encryption of data in transit (TLS/SSL) and at rest where appropriate;
• Access controls and authentication mechanisms, including two-factor authentication (2FA);
• Regular security audits, monitoring, and vulnerability assessments;
• Employee training on data protection and security best practices.

However, no method of electronic transmission or storage is 100% secure. While we strive to protect your data, we cannot guarantee absolute security. You are responsible for maintaining the confidentiality of your login credentials and notifying us immediately of any unauthorized access to your account.

11. Children's Privacy

The Platform is not intended for use by individuals under the age of 18 (or the legal age of majority in your jurisdiction). We do not knowingly collect personal data from children.

If we become aware that a user is underage, we will take steps to close their account and delete their data, subject to legal requirements. If you believe a child has provided us with personal data, please contact us immediately.

12. Changes to this Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make changes, we will update the "Last updated" date at the top of this page.

If we make material changes that significantly affect your rights or how we process your data, we will notify you via email or a prominent notice on the Platform. We encourage you to review this Privacy Policy periodically to stay informed.

13. Contact

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at:

Email: privacy@vitexchange.com

Data Protection Officer: dpo@vitexchange.com

Compliance Team: compliance@vitexchange.com

Support Center: Available through your account dashboard

Website: https://vitexchange.com