Bitnormous
Legal

Privacy Policy

Current as of January 2026

Responsible Authority

Bitnormous Ltd. ("Bitnormous", "we", "us", "our"). If you have any questions about how we protect or use your data, please contact us at support@bitnormous.com.

1. Introduction

Bitnormous is committed to protecting the privacy of individuals who use our services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or use our cryptocurrency payment processing services.

By accessing our website or using our services, you acknowledge that you have read and understood this Privacy Policy. If you do not agree with our policies and practices, do not use our services.

We reserve the right to update this Privacy Policy at any time. When we do, we will revise the "Last updated" date at the top of this page and notify you of material changes via email or through our platform.

2. Information We Collect

Information You Provide to Us

When you create an account, apply for services, or communicate with us, you may provide:

  • Identity Information: Full name, date of birth, government-issued identification (passport, driver's license), residential address, and social security number or tax identification number.
  • Contact Information: Email address, phone number, and mailing address.
  • Business Information: Business name, registered address, business registration number, ownership structure, and beneficial owner information.
  • Financial Information: Bank account details, cryptocurrency wallet addresses, transaction history, and payment method information.
  • Communication Data: Information you provide when contacting our support team, including call recordings for quality and training purposes.

Information Collected Automatically

When you access our website or use our services, we automatically collect:

  • Device and Usage Data: IP address, browser type and version, operating system, device type, referring URLs, pages viewed, and time spent on our platform.
  • Transaction Data: Details of cryptocurrency transactions processed through our platform, including amounts, timestamps, and wallet addresses.
  • Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies as described in our Cookie Policy.

Information from Third Parties

We may receive information about you from:

  • Identity Verification Providers: Credit reference agencies, identity verification services, and public databases to comply with Know Your Customer (KYC) and Anti-Money Laundering (AML) regulations.
  • Blockchain Data: Public blockchain records may be used to verify transactions and detect fraudulent activity.
  • Analytics Providers: Third-party analytics services that help us understand how our platform is used.
  • Payment Partners: Banking partners and payment processors to facilitate fiat currency transactions.

3. How We Use Your Information

We use your personal information for the following purposes:

  • To Provide Our Services: Process cryptocurrency transactions, manage your account, facilitate merchant settlements, and provide customer support.
  • To Comply with Legal Obligations: Satisfy KYC, AML, and counter-terrorism financing (CTF) requirements as mandated by applicable laws and regulations.
  • To Detect and Prevent Fraud: Monitor transactions for suspicious activity, conduct risk assessments, and protect the integrity of our platform.
  • To Communicate With You: Send service updates, transaction confirmations, security alerts, and respond to your inquiries.
  • To Improve Our Platform: Analyze usage patterns, troubleshoot technical issues, and develop new features.
  • To Comply with Sanctions Screening: Screen against global sanctions lists and politically exposed persons (PEP) databases.
  • To Enforce Our Terms: Investigate potential violations of our Terms of Service and applicable laws.

4. Legal Basis for Processing (GDPR)

If you are located in the European Economic Area (EEA) or the United Kingdom, our processing of your personal data is based on the following legal grounds:

  • Contractual Necessity: Processing required to perform our contract with you and provide our services.
  • Legal Obligation: Processing necessary to comply with KYC, AML, and other regulatory requirements.
  • Legitimate Interests: Processing for fraud prevention, network security, and platform improvement, where our interests do not override your fundamental rights.
  • Consent: Processing for marketing communications and optional data collection, where you have provided explicit consent.

5. How We Share Your Information

We may share your information with the following categories of recipients:

  • Service Providers: Third-party vendors who perform services on our behalf, including identity verification, cloud hosting, payment processing, analytics, and customer support.
  • Regulatory Authorities: Government agencies, law enforcement, and financial regulators as required by applicable law or in response to lawful requests.
  • Banking and Payment Partners: Financial institutions to facilitate fiat currency settlements and payment processing.
  • Professional Advisors: Lawyers, auditors, and insurers where necessary for legal compliance and risk management.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your information may be transferred to the acquiring entity.

We do not sell your personal information to third parties for their own marketing purposes.

6. Cryptocurrency-Specific Considerations

Due to the nature of blockchain technology, please be aware of the following:

  • Public Ledger: Cryptocurrency transactions are recorded on public blockchains, which are immutable and publicly accessible. Transaction details such as wallet addresses and amounts may be visible to anyone.
  • Pseudonymity: Cryptocurrency transactions are pseudonymous by nature. While we collect personal information to comply with KYC requirements, blockchain transactions themselves may not be directly linked to your identity without additional information.
  • On-Chain Analysis: We may use blockchain analytics tools to monitor transactions for compliance and fraud prevention purposes.
  • Irreversibility: Cryptocurrency transactions are generally irreversible. Once confirmed on the blockchain, they cannot be reversed or modified.

7. Data Retention

We retain your personal information for as long as necessary to fulfill the purposes described in this Privacy Policy, unless a longer retention period is required or permitted by law. Specifically:

  • KYC and identity verification documents are retained for at least five years after the end of our business relationship, as required by AML regulations.
  • Transaction records are retained for at least five years from the date of the transaction.
  • Communications records are retained for up to three years.
  • Marketing preferences are retained until you withdraw your consent.

When we no longer need your personal data, we will securely delete or anonymize it.

8. Data Security

We implement appropriate technical and organizational measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. These measures include:

  • Encryption of data in transit (TLS 1.2+) and at rest (AES-256).
  • Multi-factor authentication for account access.
  • Regular security audits and penetration testing.
  • Access controls limiting data access to employees with a legitimate business need.
  • Employee training on data protection and security best practices.
  • Incident response procedures to handle potential data breaches.

While we strive to protect your personal information, no method of electronic storage or transmission is 100% secure. You are responsible for safeguarding your account credentials and notifying us immediately of any unauthorized access.

9. Your Rights

Depending on your jurisdiction, you may have the following rights regarding your personal information:

Right to Access

You have the right to request a copy of the personal information we hold about you and information about how we process it.

Right to Rectification

You have the right to request that we correct any inaccurate or incomplete personal information we hold about you.

Right to Erasure

You have the right to request that we delete your personal information, subject to certain exceptions such as legal obligations to retain data.

Right to Restrict Processing

You have the right to request that we restrict the processing of your personal information in certain circumstances.

Right to Data Portability

You have the right to receive your personal information in a structured, commonly used, and machine-readable format and to transmit it to another controller.

Right to Object

You have the right to object to the processing of your personal information for direct marketing purposes or based on our legitimate interests.

Right to Withdraw Consent

Where processing is based on your consent, you have the right to withdraw that consent at any time without affecting the lawfulness of processing based on consent before its withdrawal.

Right to Lodge a Complaint

You have the right to lodge a complaint with your local data protection authority if you believe your data protection rights have been violated.

To exercise any of these rights, please contact us at support@bitnormous.com. We will respond to your request within 30 days, or as required by applicable law.

10. International Data Transfers

Your information may be transferred to and processed in countries other than your country of residence. When we transfer your data internationally, we ensure appropriate safeguards are in place, including:

  • Standard contractual clauses approved by the European Commission.
  • Adequacy decisions by relevant data protection authorities.
  • Binding corporate rules where applicable.

By using our services, you consent to the transfer of your information to countries that may have different data protection laws than your country of residence.

11. Cookies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyze site traffic, and understand where our audience comes from. For detailed information about the cookies we use and how to manage your preferences, please see our Cookie Policy.

You can control cookie preferences through your browser settings. Please note that disabling certain cookies may affect the functionality of our website.

12. Children's Privacy

Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from minors. If we become aware that a minor has provided us with personal information, we will take steps to delete such information promptly. If you believe a minor has provided us with personal information, please contact us immediately.

13. Third-Party Links

Our website and platform may contain links to third-party websites, services, or applications. We are not responsible for the privacy practices of these third parties. We encourage you to review their privacy policies before providing any personal information.

14. CCPA Notice (California Residents)

If you are a California resident, the California Consumer Privacy Act (CCPA) provides you with additional rights regarding your personal information:

  • Right to Know: You have the right to request information about the categories and specific pieces of personal information we have collected about you, the sources of that information, the business purposes for collecting it, and the categories of third parties with whom we share it.
  • Right to Delete: You have the right to request that we delete personal information we have collected from you, subject to certain exceptions.
  • Right to Opt-Out: You have the right to opt out of the sale of your personal information. We do not sell personal information.
  • Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

To exercise your CCPA rights, please contact us at support@bitnormous.com. We will verify your identity before processing your request.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, legal requirements, or operational needs. We will notify you of material changes by email or through a prominent notice on our website. Your continued use of our services after the effective date of any changes constitutes your acceptance of the updated Privacy Policy.

16. Contact Us

If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us:

Email: support@bitnormous.com

Data Protection Officer: dpo@bitnormous.com

Address:Bitnormous Ltd, Godbless Plaza, Papafio Nanakrom

Bitnormous

We believe financial freedom should be for everyone. From traders in Accra to investors across the continent, Bitnormous is building Africa's largest crypto ecosystem, accessible, inclusive, and built on trust.

Quick Links

Legal

Download App

Twitter
Facebook
Instagram