Privacy Policy

Account Information

• Email address (for account creation and communication)
• Username (for platform identification)
• Password (encrypted with BCrypt, minimum 10 rounds)
• Account preferences and settings

Trading Data

• Trading history and transaction records
• API keys for exchange connectivity (encrypted with AES-256)
• Portfolio balances and positions
• Auto-trading configurations and strategy settings
• Performance metrics and analytics

Technical Information

• IP addresses and device identifiers
• Browser type and version
• Operating system and platform
• Login timestamps and session data
• API usage logs and error reports

Cookies and Analytics

• Session cookies (required for authentication)
• Preference cookies (UI settings, language)
• Analytics cookies (usage patterns, feature adoption)
• Security cookies (fraud prevention, bot detection)

Service Provision

• Provide and maintain trading platform functionality
• Execute trades via Bybit and Binance APIs
• Manage auto-trading systems and strategies
• Monitor positions and send notifications
• Generate performance reports and analytics

Security and Fraud Prevention

• Authenticate users and secure accounts
• Detect and prevent unauthorized access
• Monitor for suspicious trading activity
• Comply with anti-money laundering (AML) regulations

Platform Improvement

• Analyze usage patterns to improve features
• Optimize system performance and reliability
• Develop new trading strategies and tools
• Conduct A/B testing and feature experiments

Communication

• Send critical account and security notifications
• Provide customer support and technical assistance
• Share platform updates and new features
• Respond to inquiries and feedback

Bybit API

We use Bybit's API to execute trades, fetch market data, and manage positions on the Bybit exchange. Your API keys are encrypted and never shared with third parties. Bybit's privacy policy applies to data processed through their API.

Binance API

We use Binance's API to execute trades, fetch market data, and manage positions on the Binance exchange. Your API keys are encrypted and never shared with third parties. Binance's privacy policy applies to data processed through their API.

Data Sharing Limitations

We do NOT sell, rent, or share your personal information with third parties for marketing purposes. Data is only shared with exchanges (Bybit, Binance) as necessary to execute your trades.

Encryption

• Passwords: BCrypt hashing with minimum 10 rounds
• API Keys: AES-256 encryption with master key
• Data in Transit: TLS 1.3 encryption (HTTPS)
• Data at Rest: PostgreSQL with encrypted volumes

Data Retention

• Account Data: Retained for the lifetime of your account + 90 days after deletion
• Trading History: Retained for 7 years (regulatory requirement)
• Logs: Retained for 30 days (security and debugging)
• Analytics: Aggregated and anonymized after 1 year

Access Controls

• Role-based access control (RBAC) with JWT authentication
• Multi-factor authentication (MFA) support
• Rate limiting and DDoS protection
• Regular security audits and penetration testing

Right to Access

You can request a copy of all personal data we hold about you. Contact support@biti.platform to request your data export.

Right to Rectification

You can update or correct your personal information through your account settings or by contacting support.

Right to Erasure ("Right to be Forgotten")

You can request deletion of your account and associated data. Trading history may be retained for 7 years due to regulatory requirements.

Right to Data Portability

You can request your data in a machine-readable format (JSON/CSV) for transfer to another service.

Right to Restrict Processing

You can request that we limit how we use your data while disputes are resolved.

Right to Object

You can object to data processing for marketing purposes (though we don't use your data for marketing).

Right to Lodge a Complaint

You can file a complaint with your local data protection authority if you believe we've mishandled your data.

Essential Cookies (Required)

• Authentication tokens (JWT) for session management
• CSRF protection tokens
• Load balancing and routing

These cookies cannot be disabled as they are necessary for platform functionality.

Preference Cookies (Optional)

• UI theme (dark/light mode)
• Language preferences
• Chart settings and layouts

Analytics Cookies (Optional)

• Page views and feature usage
• Performance metrics
• Error tracking

You can disable analytics cookies in your account settings.