Legal

itBit Pte. Ltd. and Paxos Trust Company, LLC Terms and Conditions/User Agreement

LAST MODIFIED: August 20, 2018

 

 

Welcome to the User Agreement (hereinafter “Agreement” or “Terms and Conditions”) governing the itBit exchange (the “Exchange”) operated by itBit PTE. Ltd. and Paxos Trust Company, LLC (the latter, d/b/a itBit Trust Company, LLC and hereinafter referred to as “itBit Trust Company, LLC”). The provisions of this Agreement will govern your use of the Exchange, the Site and the Services (as defined below), and you should therefore take some time to read this Agreement carefully.

Should you have any questions or comments regarding the Site, the Exchange or the Services, please feel free to contact us at: help@itbit.com.

 

1. PRELIMINARY PROVISIONS

1.1 TERMS AND CONDITIONS

  • 1.1.1 You must agree to all of the terms of this Agreement. If you do not agree to or accept all of the terms of this Agreement, please immediately discontinue access to, and use of, the Site, the Exchange and the Services. This Agreement applies to Users and Members, as defined below.
  • 1.1.2 If you are under the age of eighteen (18) or the legal age for entering legally binding contracts under applicable laws, you are not permitted to use this Site, the Exchange or the Services. By continuing to access or use the Site, you indicate that you are (18) years of age or older or have the legal capacity to enter legally binding contracts under applicable laws. Misrepresentation of your age to gain access to the Site, the Exchange or the Services is a breach of this Agreement.  

1.2 DEFINITIONS

Account” means your account with itBit.

"itBit" and the “Company” mean, in the case of U.S. customers (other than those customers residing in the state of Georgia), itBit Trust Company, LLC, and in the case of customers outside of the U.S., itBit Pte. Ltd.  

Market Data” means the market value data compiled and published by itBit on the Site or otherwise, including bid prices, ask prices, trade prices and trading volume.

Materials” means all images and content, including, but not limited to, text, software, images, graphics, data, messages, Market Data or any other information, and any other content owned, operated, licensed, or controlled by the Company.

Member” means a User who registers with the Company to use the Site, the Exchange or any Services. Not all Users will become Members.  

Party” means each of the Company and you.

Services” means the services provided by the Company in connection with the Exchange, including the services provided on the Site.  

Site” means any websites with domains ending “itbit.com”, including, but not limited to, exchange.itbit.com, api.itbit.com, support.itbit.com and www.itbit.com.

User” is someone who accesses the Site or the Exchange in any way.

First-person pronouns are used in this Agreement (us, we, our, ours, etc.) to refer to the Company. Second-person pronouns (you, yours) refer to the User.  

1.3 INTENT TO BE BOUND; CONSULT WITH LAWYER

THIS AGREEMENT IS A LEGAL CONTRACT BETWEEN YOU AND THE COMPANY. YOU SHOULD TREAT IT AS ANY OTHER LEGAL CONTRACT BY READING ITS PROVISIONS CAREFULLY, AS THEY WILL AFFECT YOUR LEGAL RIGHTS. BY ACCESSING THE SITE OR USING THE SERVICES IN ANY MANNER, YOU ARE DEEMED TO HAVE READ, UNDERSTOOD AND AGREED TO BE BOUND BY ALL OF THE TERMS CONTAINED IN THIS AGREEMENT. YOU MAY NOT PICK AND CHOOSE WHICH TERMS APPLY TO YOU. IF YOU DO NOT AGREE WITH ALL OF THE TERMS IN THIS AGREEMENT, YOU MUST CEASE ALL ACCESS AND USE OF THE SITE AND ANY OTHER SERVICES PROVIDED BY THE COMPANY. NOTHING IN THIS AGREEMENT IS INTENDED TO CREATE ANY ENFORCEMENT RIGHTS BY THIRD PARTIES.

IF YOU DO NOT UNDERSTAND ALL OF THE TERMS AND CONDITIONS IN THIS AGREEMENT, YOU SHOULD CONSULT WITH A LAWYER BEFORE USING THE SITE, THE EXCHANGE OR THE SERVICES.  

1.4 CONSIDERATION

Consideration for your acquiescence to all of the provisions in this Agreement has been provided to you in the form of allowing you to use our Site and our Services. You agree that such consideration is adequate and is received upon your viewing or using any portion of any of our Site and/or Services.

1.5 ELECTRONIC SIGNATURES / ASSENT REQUIRED

  • 1.5.1 You manifest your agreement to this Agreement by taking any act demonstrating your assent thereto. Members are required to click a checkbox adjacent to and associated with the words “I agree” or some similar language to accept these Terms and Conditions. If you click any link, button or other device provided to you in any part of our Site’s interface, then you have legally agreed to all of these Terms and Conditions. Additionally, by using any part of our Site or Services in any manner, including the Exchange, you understand and agree that such use constitutes your affirmation of your complete and unconditional acceptance to all of the terms in this Agreement.
  • 1.5.2 Even if you fail to indicate your agreement to this Agreement, you understand and agree that you are still bound by the terms of this Agreement by virtue of your viewing the Site or using any portion of the Site or our Services, or the Exchange.

1.6 ILLEGAL ACTIVITIES

By your use of the Exchange or the Services, you represent that use of the Exchange or the Services is legal in your local jurisdiction, and you agree that you will not use the Exchange or the Services if such use is prohibited or otherwise violates the laws of the country, state, province, or other jurisdiction in which you reside or of which you are a citizen.

1.7 REVISIONS TO THIS USER AGREEMENT

  • 1.7.1 From time to time, we may revise this Agreement. We reserve the right to do so, in our sole and absolute discretion, and you agree that we have this unilateral right. Your continued use of the Site, the Services or the Exchange shall be deemed acceptance of the then prevailing terms and conditions of this Agreement. You agree that all modifications or changes to this Agreement are in force and enforceable immediately upon posting. Any updated or edited version supersedes any prior versions immediately upon posting, and the prior version is of no continuing legal effect unless the revised version specifically refers to the prior version and explicitly states that the prior version (or portions thereof) will remain in effect.
  • 1.7.2 We agree that if we make any material changes to this Agreement, we will send you an email or written notification regarding the changes and include an updated version of this Agreement on our web page. The updated version of the Agreement will include a new “last modified” date at the top of the Agreement in order to identify the then-currently applicable Agreement. Following receipt of such a notice and the posting of the updated version of the Agreement on our web page, please re-review the Agreement in order to ensure that you understand how your rights and responsibilities may have been affected by the revisions.
  • 1.7.3 It is your responsibility to review this Site and Agreement on a regular basis. If you object to any such changes, your sole recourse will be to cease access to the Site, the Services and, in the case of the Exchange, to also close your Account (following the procedures below).

1.8 INCORPORATION BY REFERENCE

Although this Agreement represents the primary terms and conditions with respect to our Site, the Services and the Exchange, certain additional guidelines and rules are hereby incorporated by reference. These documents, including the (i) Privacy Policy and (ii) Anti-Money Laundering/Know Your Customer disclosure, can be found on our Site and are specifically incorporated by reference and form an integral part of this Agreement.

2. EXPLANATION OF MEMBERSHIP AND THE EXCHANGE

2.1 ACCESS

All Users may access certain public areas of the Site; however, only Members may use the Exchange or ancillary Services.

You are responsible for access to the Internet, and any Internet access or other fees that you incur to access our Site and use the Exchange and the Services are your sole responsibility. We do not provide any hardware or software to you so that you will need to purchase or license the necessary hardware and software to access the Site, the Exchange and the Services.  

2.2 EXCHANGE

The Exchange allows users to trade crypto assets. The Exchange does not provide or issue any crypto assets whatsoever to our Members.  All crypto assets, including, but not limited to, Bitcoin, exchanged or traded by and between our Members, originates from the Members themselves. All crypto assets transferred to us by Members for use in trading on the Exchange are deposited by the Exchange into, and are held in, an omnibus client account, controlled by the Exchange. When the Exchange matches orders of its users, a trade occurs. This trade transfers ownership between users and is reflected in adjustments to users’ fiat currency and crypto asset balances on our ledger. All trading activity on the Exchange is “off-chain” and is not broadcast to the applicable blockchain.  

2.3 DISCLAIMER; RISK FACTORS

  • 2.3.1 We are not responsible for any loss or damage incurred by you as a result of your use of the Site, the Exchange or the Services or for your failure to understand the nature of crypto assets or the market for such assets. All we are providing you is a method by which you can exchange, trade, and/or store certain crypto assets, and we make no representations or warranties concerning the value, stability, or legality of any such crypto assets.
  • 2.3.2 You acknowledge the following risks related to your use of the Site, the Exchange and the Services:
    • The risk of loss in trading crypto assets, such as Bitcoin, may be substantial and losses may occur over a short period of time.
    • The price and liquidity of crypto assets has been subject to large fluctuations in the past and may be subject to large fluctuations in the future.
    • Crypto assets are not legal tender, not backed by any government, and accounts and value balances are not subject to deposit insurance protection including but not limited to, Federal Deposit Insurance Corporation or Securities Investor Protection Corporation protections.
    • Legislative and regulatory changes or actions at the state, provincial, federal or international level may adversely affect the use, transfer, exchange and value of crypto assets.
    • Crypto asset blockchains may “fork” (as described below under the heading “Forks”), and we may not support the forked asset promptly or at all.
    • Transactions in crypto assets may be irreversible, and accordingly, losses due to fraudulent or accidental transactions may not be recoverable.
    • Some transactions in crypto assets shall be deemed to be made when recorded on a public ledger, which is not necessarily the date or time that you or any other customer initiates the transactions on the Exchange.
    • The value of crypto assets may be derived from or influenced by the continued willingness of market participants to exchange fiat currencies for crypto assets, which may result in the potential for permanent and total loss of value of a particular crypto asset should the market for that crypto asset disappear.
    • There is no assurance that a person who accepts crypto assets as a payment today will continue to do so in the future.
    • The nature of crypto assets may lead to an increased risk of fraud or cyberattack and may mean that technological difficulties experienced by the Company may prevent access to, or use of, your crypto assets.  
    • Any bond or trust account we may hold for your benefit may not be sufficient to cover all losses incurred by you.
    • itBit may not be regulated as a financial institution or equivalent in your jurisdiction.
  • 2.3.3 This Agreement does not disclose all of the risks associated with trading in crypto assets. You acknowledge and agree that you are solely responsible for determining the nature, potential value, suitability, and appropriateness of those risks for you in light of your circumstances and financial resources. The Company does not give advice or recommendations regarding crypto assets, including the suitability and appropriateness of, and investment strategies for, crypto assets. You should be aware that you may sustain a total loss of the assets in your Account, and that under certain market conditions, you may find it difficult or impossible to liquidate a position. The Company is not giving tax advice, legal advice or other professional advice by allowing you to use the Exchange or the Services. No Material on our Site, including FAQs or blogs, shall be considered tax advice, legal advice or investment advice.  
  • YOU ACKNOWLEDGE AND AGREE THAT YOU SHALL ACCESS AND USE THE SITE, THE SERVICES AND THE EXCHANGE AT YOUR OWN RISK.   
  • 2.3.4 We do not own or control the underlying software protocols of crypto asset networks that govern the operation of crypto assets. In general, the underlying protocols are open source, and anyone can use, copy, modify, and distribute them. We are not responsible for the operation of the underlying network protocols, and we make no guarantees regarding their security, functionality, or availability.

2.4 ITBIT MARKET DATA

  • 2.4.1 itBit compiles and publishes Market Data. You understand, acknowledge and agree that, due to technical and other restrictions, the crypto asset values displayed on our Site and in the Market Data may be delayed and therefore not reflect the current, live market value of such crypto asset. Nonetheless, you agree that the values displayed on our Site control your Account and your use of the Site, the Exchange and the Services. You agree that we are not responsible for any adverse consequences that you may experience, or costs that you may incur, arising from any lapse, failure, outage or error in receiving Market Data from itBit.  
  • 2.4.2 itBit may share (including by sale or license) the Market Data with third parties. Such Market Data will not identify any particular Member nor attribute trade(s) to a particular Member by name, subject to Section 16 of this Agreement.

3. YOUR ACCOUNT AND TRADING

3.1 OPENING YOUR ACCOUNT: REGISTRATION DATA; COMPLIANCE POLICIES

  • 3.1.1 In order to use the Exchange, you must create an Account. Your Account will be used to store various crypto asset amounts and fiat currency amounts as deposited and/or received by you. You will be asked to provide certain registration details and information, including information about your identity (the “Registration Data”) to create the Account. In connection with opening the Account, you may also be required to disclose certain third-party account information to us, including, without limitation, your bank account number, your crypto asset addresses and related information.
  • 3.1.2 In addition, at any time before or after your Account has been opened, you may be requested to provide certain other information pursuant to our compliance program, policies and applicable law. If you fail to reply promptly to any request from us, or if your responses are unsatisfactory, we may close or suspend your Account.
  • 3.1.3 You agree to provide true, accurate, current and complete responses to our information requests, and you further agree to maintain and promptly update the information you have provided us, including the Registration Data, your contact information and any responses to requests from our Compliance Department, to keep it true, accurate, current and complete at all times while you are a Member. If you provide any information that is untrue, inaccurate, not current or incomplete, or if we or any of our authorized agents have reasonable grounds to suspect that such information is untrue, inaccurate, not current or incomplete, we have the right to suspend or terminate your Account and refuse any and all current or future use of the Exchange and related Services by you, as well as subject you to civil liability or refer you to the appropriate law enforcement authorities for criminal prosecution. We shall not be liable to make any compensation, monetary or otherwise, following such suspension, termination or inability to use the Exchange or the related Services. You are responsible for any fees that the Company incurs with respect to your Account as a result of any of the foregoing.
  • 3.1.4 You hereby authorize us, or a third-party service provider, to take any measures that we consider necessary to verify and authenticate your identity, confirm the information you submit about your bank (or other financial institution) account, and to take any action we deem necessary based on the results.
  • 3.1.5 While we use reasonable efforts to protect your Registration Data from inadvertent release or misappropriation, we are not responsible for the intentional or criminal acts of third parties such as hackers or “phishers.”

3.2 CUSTODY ACCOUNT

Custody arrangements are subject to additional terms and conditions. Please refer to https://www.itbit.com/custody for more information.

3.3 SECURITY PROCEDURES AND LIABILITY FOR UNAUTHORIZED ACTIVITY

  • 3.3.1 You are responsible for any and all activities conducted through your Account and validated by us using the Security Procedures, as described below, notwithstanding that such activities were not authorized by you. By using the Exchange and the Services, you agree that the Security Procedures described in this Agreement are commercially reasonable for the size, amount and frequency of your transactions. You further agree that the Security Procedures described in this Agreement are used to verify the authenticity of your orders or other instructions, but not to detect errors in any order or other instruction you transmit.  
  • 3.3.2 In order to log into your Account, you will be required to provide your member name and password, as well as an auto-generated verification code that is sent to your smartphone, which we refer to as “2FA”; provided that Members accessing the Account via an application programming interface or “API” connection will be validated solely by API key (collectively, “Security Procedures”). In some cases, in our sole discretion, we may require additional verbal or electronic confirmation of a transaction prior to processing such transaction.  
  • 3.3.3 You are responsible for maintaining the security and confidentiality of your member name, password, 2FA device and API key, as applicable. You agree to notify us immediately of any unauthorized use of your member name, password, 2FA device or API key as well as of any other breach of security. If you choose to install and use a 2FA application on a device on which the operating system has been tampered with in any way, you do so at your own risk. 2FA applications are provided by third parties, and we do not take any responsibility for such third party applications.
  • 3.3.4 While we may implement certain monitoring procedures designed to alert us to fraudulent activity, we are not responsible for any unauthorized use of your Account, and we will not be liable for any loss that you may incur as a result of someone accessing your Account, either with or without your knowledge. We disclaim any and all liability arising from fraudulent entry and use of the Exchange and the Services (including, but not limited to, liabilities arising from unauthorized trades executed through your Account). If someone fraudulently obtains access to your Account or the Exchange, we will take such action as we determine to be warranted, including without limitation, terminating your access and membership immediately, closing the Account, and taking all necessary and appropriate actions under applicable international, federal, state, provincial and local laws.
  • 3.3.5 PLEASE NOTE THAT WE WILL NEVER ASK YOU, FOR ANY REASON, WHETHER BY EMAIL, REGULAR MAIL OR TELEPHONE, TO DISCLOSE YOUR ACCOUNT PASSWORD. PASSWORD INQUIRIES WILL ONLY BE CONDUCTED ONLINE AND ONLY AFTER YOU HAVE SIGNED ONTO THE COMPANY’S SITE. WE WILL NEVER SEND YOU EMBEDDED LINKS IN AN EMAIL REQUESTING THAT YOU SIGN ONTO THE SITE BY CLICKING SUCH A LINK. IF YOU RECEIVE AN EMBEDDED LINK BY EMAIL CLAIMING TO BE FROM US, YOU SHOULD NOT OPEN IT OR CLICK ON THE LINK. THE EMAIL IS NOT FROM US AND IS LIKELY FRAUDULENT. NEVER GIVE YOUR ACCOUNT PASSWORD TO ANYONE WHOM YOU DO NOT INTEND TO AUTHORIZE TO USE YOUR ACCOUNT.

3.4 NO ACCOUNT TRANSFERS; NO GRANT OF THIRD PARTY ACCESS

You may not transfer, lease, assign or sell your Account (or any use thereof) to a third party without the consent of the Company. In addition, you may not grant any person access to your Account except as expressly permitted herein.

3.5 NOT A BANK ACCOUNT

YOUR ACCOUNT WITH US (AND ANY AVAILABLE CURRENCY OR CRYPTO ASSETS HELD IN SUCH ACCOUNT) IS NOT A BANK ACCOUNT OR A DEPOSIT ACCOUNT. OUR SERVICES ARE NOT FINANCIAL INSTRUMENTS. NO INTEREST WILL BE PAID ON ANY FUNDS OR CRYPTO ASSETS YOU USE TO PURCHASE OR TRADE FOR ANY OTHER CRYPTO ASSETS (OR ANY OTHER THING) WITH OTHER MEMBERS, AND ALL ASSETS DIRECTLY HELD BY THE COMPANY ARE NOT INSURED BY THE COMPANY OR ANY GOVERNMENT AGENCY. ITBIT MAY COLLECT INTEREST ON CUSTOMER CURRENCY DEPOSITS HELD IN OMNIBUS ACCOUNTS. ALL CURRENCY TRADED OR PURCHASED BY YOU WILL BE ASSOCIATED WITH YOUR ACCOUNT UNTIL USED TO TRADE WITH OTHER MEMBERS OR UNTIL WITHDRAWN BY YOU.

3.6 FDIC COVERAGE

U.S. Dollar deposits are held in one or more omnibus accounts at banks located in the United States with the intention that they are eligible for Federal Deposit Insurance Corporation (“FDIC”) “pass-through” deposit insurance, subject to applicable FDIC regulations. Our policies are designed to comply with the FDIC’s requirements for recognition of relationships entitled to pass-through insurance.   Non-U.S. Dollar deposits held at a U.S. bank as well as U.S. dollar deposits held at banks outside of the U.S. may not be eligible for FDIC deposit insurance.

3.7 FUNDING YOUR ACCOUNT

After creating your Account with the Company, you will be able to fund your Account with crypto assets and with fiat currency.

  • 3.7.1 To fund the Account with crypto assets, you may transfer, for example, Bitcoin, from your account(s) with third-party crypto asset provider(s) (often known as “wallets”) into your Account operated by the Exchange. For example, to fund your Account with 100 Bitcoin, you would use the third-party Bitcoin software to transfer your own pre-existing 100 Bitcoin from your wallet to the Exchange’s Bitcoin address for the omnibus client account. The Exchange would then credit your Account with 100 Bitcoin on the Exchange’s ledger, and you would be able to trade those Bitcoin on the Exchange.
  • 3.7.2 You may also fund your Account with fiat currency transferred from your account(s) with financial institutions. These funds would be transferred to the omnibus client account and then the Exchange would credit your Account for that amount of fiat currency on the Exchange’s ledger. If a fiat currency deposit does not originate from a bank account owned by you, it will be rejected and returned immediately. Fiat currency deposits received by 4 p.m. will typically be credited to your Account on the same day or next business day. Fiat currency deposits may not be credited outside of normal banking hours. Transfer times are subject to bank holidays, the internal processes and jurisdiction of your bank, and the internal processes of our banks. In certain situations, fiat currency deposits may be delayed in connection with Downtime.
  • 3.7.3 When determining the amount you wish to transfer into your Account, you should be aware that you must deposit funds prior to placing an order through the Exchange in an amount sufficient to satisfy your order (and associated fees, if any). All orders on the Exchange must be pre-funded or they will not be accepted by the Company or the Exchange.  
  • 3.7.4 You represent and warrant that all funds, including fiat currency and crypto assets, that you transfer to us do not represent the proceeds of any criminal or fraudulent activity. You are not allowed to receive funds in your Account from a sender other than yourself. If we reasonably determine that you are not the owner of funds in your Account, we reserve the right to dispose of those funds in accordance with applicable law and in our sole discretion, which may include returning the funds to the originator or to a charity of our choosing.
  • 3.7.5 We will make reasonable efforts to process electronic debits from and credits to your bank account, but we make no representations or warranties regarding the amount of time needed to complete processing.

3.8 TRADING

  • 3.8.1 After your Account has been funded, you may begin to trade your crypto assets with other Members on the Exchange. Trading is accomplished via bids and offers placed by Members to buy and sell crypto assets. Specific examples and illustrations of how trading works may be found at https://support.itbit.com/customer/en/portal/topics/736980-trading-with-itbit/articles. Matching bids and offers to buy and sell crypto assets are automatically paired by the Exchange, and the Exchange will notify the respective Members on either side of the trade that the order has been executed. Once a match is made, the order is executed and cleared instantaneously. YOU SHOULD PLACE A BID OR OFFER TO BUY OR SELL ONLY IF YOU FULLY INTEND TO COMPLETE THE TRANSACTION.  
  • WE ARE NOT RESPONSIBLE FOR ANY DISPUTES AMONG OR BETWEEN MEMBERS REGARDING ANY TRANSACTION. WE DO NOT GUARANTEE THAT ANY ORDER YOU PLACE WILL BE FILLED.
  • 3.8.2 A Member may only sell as much of a crypto asset as is recorded by the Company in the Exchange ledger as being in such Member’s Account, plus the applicable Trading Fee (as defined below). Any attempt by you to sell more crypto assets than our records show exist in your Account, after deduction of the applicable Trading Fee, will result in an unsuccessful trade and may be grounds for termination of your Account.
  • 3.8.3 Prior to the placement of a trading order on our Exchange, you will be required to review the following information: the type of order (buy/sell), the amount of the order, the price and the commission to be charged by the Exchange for executing the order. For customers of itBit Trust Company, we will maintain records of your transaction history for a period of no less than seven years.

3.9 REVERSAL OF TRADES

Once an order has been executed and the appropriate currencies and assets have been credited and debited from the Members’ Accounts on the Exchange ledger, the transaction may not be reversible.

3.10 CANCELLING TRADES

  • 3.10.1 You have the right to cancel an open (i.e., unmatched) bid or offer to sell or buy crypto assets by initiating procedures through your Account online to effectuate closure of such open bid or offer. Such cancellation request may not be processed immediately by the Exchange, and accordingly, the open order may be executed after the cancellation request for that order has been submitted.
  • 3.10.2 Absent mutual consent of parties involved, we reserve the right to cancel or nullify trades in the event that:
    1. The trade resulted from an erroneous print disseminated by the underlying market that is later cancelled or corrected, where such erroneous print resulted in a trade higher or lower than the average trade in the underlying currency pair during the time period encompassing five (5) minutes before and after the erroneous print, by an amount at least five times greater than the average quote width for such underlying currency pair during such time period;
    2. The trade resulted from an identifiable interruption or malfunction of an Exchange execution or communication system that caused a quote or order to trade in excess of its disseminated size or quote;
    3. The trade resulted from an erroneous quote in the primary market for the underlying currency pair that has a width of at least ten United States dollars (US$10.00) or that width is at least three times greater than the average quote width for such underlying security during the time period encompassing five minutes before and after the dissemination of such quote. For clarity, the underlying market includes various digital currency venues and FX rates; or
    4. The trade occurred at a price caused by any of the above, 10% above or below fair market value or deemed clearly erroneous.

3.11 WITHDRAWING CURRENCY

  • 3.11.1 Members may withdraw some or all of their crypto assets or fiat currency from their Accounts at any time, upon request to us. Crypto assets will be transferred from the Member’s Account with the Exchange to the specific wallet address provided by the Member. Withdrawals may take up to three (3) days to complete, provided that larger withdrawals may take up to thirty (30) days to complete. Fiat currency will be transferred from the Member’s Account with the Exchange to the bank account designated by, and owned by, the Member.  
  • 3.11.2 Please note that that any withdrawal of crypto assets or fiat currency may be delayed as necessary to comply with applicable law and/or the Exchange’s Compliance Program, including verification of customer identification and anti-money laundering procedures.

3.12 STATEMENT OF ACCOUNT

  • 3.12.1 A statement of your Account, including the amount of fiat currency and the amount of crypto assets available, may be accessed in electronic format for viewing online at https://exchange.itbit.com/trade. ItBit uses commercially reasonable efforts to ensure that the information contained in your Account statements is accurate and reliable; however, because the information is provided real-time, errors may occur. The Exchange’s ledger is the definitive record of transactions.  
  • 3.12.2 If you believe that your statement of Account contains any errors, please notify us immediately of such error, along with any additional information concerning the error. If we do not hear from you within three (3) days after the electronic posting to your Account of the applicable transaction and/or Trading Fee, such transaction and fee will be deemed accepted by you and will no longer be subject to challenge.

3.13 CLOSING YOUR ACCOUNT

  • 3.13.1 You may close your Account by providing written notice to us, and upon receipt of such notice, a hold will be placed on your Account to allow any then pending transactions to clear. After notifying us of your desire to close your Account, we may terminate your ability to trade on the Exchange and only permit you to withdraw the remaining available fiat and/or crypto assets associated with your Account. Closing your Account will not affect any rights and obligations incurred prior to the date of Account closure.
  • 3.13.2 All currencies appearing in the Exchange’s ledger and attributed to you must be withdrawn or otherwise sold or transferred before the closing of your Account will be finalized, and at such time your Membership will be cancelled.  

3.14 FORKS

  • 3.14.1 You understand, acknowledge and agree that the underlying operating rules of certain crypto assets may change from time to time in such a way as to result in more than one related version of an existing crypto asset (each instance of any such change, a “Fork”). If a Fork occurs, it will result in the creation of a new crypto asset (the “New Forked Asset”) related to an existing crypto asset (the “Prior Asset”). As a result, we will hold an amount of the New Forked Asset proportional to our holdings of the Prior Asset. You further understand, acknowledge and agree that each Fork may materially affect the value, function, and/or name of the original crypto asset you hold in your Account and that the New Forked Asset may have minimal or no value.
  • WE HAVE NO CONTROL OVER, NOR DO WE HAVE THE ABILITY TO INFLUENCE, THE CREATION OR IMPLEMENTATION OF A FORK OR OF THE NEW FORKED CURRENCY. WE CAN PROVIDE NO ASSURANCES ABOUT THE SECURITY, FUNCTIONALITY OR SUPPLY OF ANY CRYPTO ASSET, INCLUDING BOTH THE NEW FORKED ASSET AND THE PRIOR ASSET. YOU UNDERSTAND, ACKNOWLEDGE AND AGREE THAT WE ASSUME NO LIABILITY RELATING TO ANY CHANGE IN THE VALUE OF ANY CRYPTO ASSET (WHETHER OR NOT RESULTING FROM A FORK).
  • 3.14.2 If a Fork occurs, you understand, acknowledge and agree that we may temporarily suspend the operations of the Exchange (with or without advance notice to you) while we determine, in our sole discretion, whether to support either or both of the New Forked Asset and the Prior Asset. In addition, while we will endeavor to make this determination expeditiously, we have the right to continue the suspension of the Exchange for such length of time as we deem prudent in order to make such determination. You understand, acknowledge and agree that the Exchange is unlikely to support trading in all New Forked Assets.
  • 3.14.3 You understand, acknowledge and agree that you have no right, claim or privilege in, or with respect to, any New Forked Asset. If we do not support a New Forked Asset, you may not be able to withdraw the New Forked Asset from the Exchange promptly or at all; you may not be able to trade the New Forked Asset on our platform for fiat currency or other crypto assets; and you may lose any value associated with such New Forked Asset. If we determine not to support a New Forked Asset, we may, in our sole discretion, (i) obtain and retain the New Forked Asset as property belonging to us; or (ii) make the New Forked Asset available to you on a one-time basis, based on your holding of the Prior Asset at the time of the Fork, subject to the withholding and retention by us of an amount reasonably calculated to fairly compensate us for the cost of making such New Forked Asset available and subject to our withdrawal procedures. We will notify you if only if we elect to permit a one-time withdrawal pursuant to (ii) above.  
  • 3.14.4 You understand, acknowledge and agree that if you or a third party deposits an amount of a New Forked Asset (or any other crypto asset) that the Exchange does not support into our omnibus client account for crypto assets, we have the right to and will account for any such unsupported crypto asset (including unsupported New Forked Assets) as belonging to us. We have, and assume, no obligation or duty to return the crypto asset transmitted to one of our accounts on an unsolicited basis.

3.15 AIRDROPS

You understand, acknowledge and agree that in the event that a third party attempts to or does distribute (sometimes called “airdropping” or “bootstrapping”) a crypto asset (whether or not supported by the Exchange) to crypto asset addresses, we will treat such airdropped crypto asset as we would treat all unsupported crypto assets. You further agree and understand that airdropped crypto assets do not create a relationship between us and the transferor, or sender, and/or the related network that created the airdropped crypto asset; and, further that we are not subject to any obligation as it may relate to the transferor and/or the related network.

4. FEES

4.1 TRADING FEES

An overview of our trading fees is set forth at https://www.itbit.com/fees (“Trading Fee”).  The Trading Fee is added to the purchase price for buyers and subtracted from the sale price for sellers.

4.2 BANKING FEES

We charge transaction fees for deposits into itBit’s bank accounts and withdrawals from itBit’s bank accounts to customer bank accounts (collectively, “Banking Fees”). These fees are deducted from the amount transferred. Our deposit and withdrawal fees are set forth at https://support.itbit.com/customer/en/portal/topics/736975-depositing-withdrawing-funds/articles.

In addition to the fees described above, your financial institution and/or the provider of your crypto asset wallet may charge transaction and other fees related to the transfer of funds to your Account.

4.3 ADDITIONAL FEES FOR CERTAIN ACCOUNTS

Due to the cost of maintaining and supporting your Account and subject to applicable law, you will incur a monthly charge of two U.S. Dollars (US $2.00) (or equivalent in other fiat or crypto asset) if your Account balance is less than twenty United States dollars (US$20.00) (or equivalent in other fiat or crypto asset) and there has been no trading activity on the Account for twelve months or longer. Such fee will be auto-debited from your account on a monthly basis in USD or the then current crypto asset equivalent.

For more information on fees for Custody Accounts, please reach out to custody@itbit.com.

4.4 RIGHT TO CHANGE FEES AND FEE STRUCTURE

We reserve the right to change or modify our fee structure or increase any of our fees at any time and from time to time. Any such changes, modifications or increases will be effective upon posting such changes, modifications or increases on our Site. Your first use of your Account following the posting on the Site of any changes to the fees will constitute your acceptance of such changes. If you do not agree to the posted changes, you may close your Account as provided in this Agreement.

5. MARKETPLACE RULES

Members agree to abide by the following marketplace rules for the Exchange (the “Marketplace Rules”).

    1. General Fraudulent Acts.  Members shall not engage in any fraudulent act or engage or attempt to engage in any scheme to defraud, deceive or trick users of the Exchange, employees of the Exchange or the underlying software of the Exchange.
    2. Fictitious Transactions.  Members shall not place any order with no intention to execute.
    3. Market Manipulation. Members shall not engage in any disruptive trading or manipulation of the Exchange. This includes orders placed for the purpose of generating volatility or creating a condition in which prices do not or will not reflect bona fide supply and demand.
    4. Violation of Applicable Laws and Regulations.  Members shall not use the Exchange in a way that violates the laws and regulations applicable to the Company and the Exchange.
    5. Misstatements. Users shall not make any misstatement of material fact to itBit.
    6. Activities That Bring Disrepute upon itBit. Users shall not access the Site or use the Exchange or any Services in any way that could be expected to bring disrepute upon itBit.
    7. Disclosing Orders. Members shall not disclose to any person, including, but not limited to, another market participant, any order placed by Member or any related party or any order placed by another person, including, but not limited to, another Member.
    8. Pre-Arranged Trades. Members shall not place any order on the Exchange that has been pre-arranged (or discussed with another Member prior to being placed on the Exchange) for the purpose of creating an artificial price, fictitious trade, or other disruptive, fraudulent, noncompetitive, or unfair impact on the Exchange.
    9. Wash Trades. Members, through one or more accounts owned by Member or any related party, shall not place or accept buy and sell orders at the same price, where Member or any related party knows that the purpose of the orders is to artificially create the appearance of activity (transactions commonly known as wash trades).
    10. Money Passes. Members shall not prearrange the execution of transactions on the Exchange for the purpose of passing money between accounts.
    11. Accommodation Trading. Members shall not enter into transactions on the Exchange for the purpose of assisting another person to engage in transactions that are in violation of our Marketplace Rules or any applicable laws and regulations.
    12. Front-Running. Members shall not take a position based upon non-public information regarding an impending transaction by another Member.
    13. Disruptive Practices. Members shall not engage in any trading, practice or conduct on the Exchange that: (i) demonstrates intentional or reckless disregard for the orderly execution of transactions or (ii) involves spoofing (bidding or offering with the intent to cancel the bid or offer before execution).
    14. Intimidation. Members shall not engage in any conduct that threatens, harasses, coerces, intimidates or otherwise attempts to improperly influence another Member or any other person.

6. SUSPENSION AND TERMINATION OF YOUR MEMBERSHIP AND ACCOUNT

6.1 SUSPENSION AND TERMINATION

Without limiting other remedies that may be available to us, we reserve the right, in our sole and absolute discretion, to block access to or to suspend, close or terminate your Account and to freeze all funds or assets in your Account, at any time, with or without advance notice, if:

    1. we believe, in our sole and absolute discretion, that you have breached any terms and conditions of this Agreement, including, but not limited to, the Marketplace Rules;
    2. you engage in abusive behavior, as determined in our sole and absolute discretion;
    3. we are unable to verify or authenticate any information you provide to us;
    4. we believe, in our sole and absolute discretion, that your actions may cause legal liability for you, our Users, Members or us;
    5. you add any type of currency to your Account using any source that you do not have the legal right from which to transfer funds;
    6. we have reasonable suspicion that you are directly or indirectly using our Site, the Exchange, the Services or the Materials in violation of applicable law or regulation, or this Agreement;
    7. we are directed to do so by law enforcement, regulatory authority or court order;
    8. we are required to do so by applicable law or regulation;
    9. your Account is subject to pending litigation, investigation or governmental proceeding;
    10. we believe that someone is attempting to gain unauthorized access to your Account;
    11. we believe there is unusual activity in your Account;
    12. your Account has no funds and has not been accessed in the prior year; or
    13. for any other reason in our sole and absolute discretion.

In addition, we may discontinue the Exchange, the Site or any Services at any time.  

6.2 MARKETPLACE RULES VIOLATIONS

If we suspect that you have violated our Marketplace Rules, we will give you written notice of such suspected violation, including the general nature of the activity observed. You will have the right to submit within ten (10) calendar days from the date of notification, a written explanation to the Company as to why no disciplinary action should be taken. You agree and understand that you are obligated to respond in writing to any queries from us within the time period for response set forth therein and to furnish documents and other information in connection with any investigation initiated under this Agreement. Following the conclusion of the investigation, we will make a determination, in our sole discretion, as to whether your conduct violated our Marketplace Rules. If we determine that you have violated our Marketplace Rules, in addition to terminating your Account, we may notify our regulators, self-regulatory organizations, including any organizations with which we share Market Data, and law enforcement of the activity, including your identity, and you agree to the same.

6.3 LOSS OF VALUE ON SUSPENSION OR CLOSURE

We are not responsible for any loss of value in your Account, or of any crypto asset or fiat currency, resulting from the suspension or closing or your Account for any of the reasons listed above, including your violation of this Agreement or from any government seizure or forfeiture. You agree that neither the Company nor any third party acting on our behalf shall be liable to you for any termination of your access to any part of the Site or Services or the Exchange in accordance with this Agreement.  

6.4 YOUR OBLIGATIONS ON SUSPENSION OR CLOSURE

  • 6.4.1 You agree that if your access is terminated by us, you will not attempt to regain access to the Site, the Exchange, or the Services – using the same or different username or other attempted identification – without our prior written consent.
  • 6.4.2 If we terminate your Account, we will return the assets in your Account to you, less the value of any damages to which we are entitled pursuant to this Agreement, subject to applicable law. You authorize us to return your funds (less damages to which we are entitled) to any bank account linked to your Account, unless otherwise required by law. If you have not previously provided banking details, you agree to provide banking details to us within seven (7) calendar days of receiving notice of the closure so that we may remit your balance to you. If there is a balance of crypto assets remaining in your Account, you agree to provide us with an address within seven (7) calendar days of receiving notice of the closure so that we may remit the remaining crypto assets to you. In our sole discretion, and in any event if you fail to provide a crypto asset address as required by this section, you agree that we are permitted to sell any crypto assets on the open market at the prevailing market price and return the proceeds (less damages to which we are entitled) to any bank account linked to your Account. You agree that we will not be liable to you for any losses that you may incur as a result of such conversion of crypto assets to fiat currency in connection with the closure of your Account.  

7. UNCLAIMED FUNDS

If we are holding funds in your Account and there has been no activity in your Account for a period of time prescribed by applicable law, we may be required to report such remaining funds in your Account as unclaimed property in accordance with abandoned property and escheat laws. If this occurs, we will use reasonable efforts to provide written notice to you. If you fail to respond to any such notice within seven (7) business days of receipt, or as otherwise required by law, we may be required to deliver any such funds to the applicable jurisdiction as unclaimed property. We reserve the right to deduct a dormancy fee or other administrative charges from such unclaimed funds (in addition to any fees charged as set forth in Section 4.3 of this Agreement), as permitted by applicable law.

8. SERVICE INTERRUPTION

From time to time due to technological factors, scheduled software updates and the performance of other maintenance, as well as factors beyond or within our control, the Site, the Exchange, or other Services may be temporarily interrupted (“Downtime”). Information on scheduled maintenance windows can be found on our Site at https://support.itbit.com/customer/en/portal/articles/1802826-weekly-client-website-and-api-maintenance-downtime. Open orders will be held during Downtime and processed normally following Downtime. Following any Downtime, market conditions and prices may differ significantly from conditions and prices prior to such Downtime.  

9. AGREEMENT TO RECEIVE NOTIFICATIONS AND OTHER COMMUNICATIONS

We reserve the right to send electronic mail or other messages to you and to other Members for purposes of providing you information about your Account or the Services you receive. Please see our Privacy Policy regarding certain direct marketing.

10. MARKET MAKERS

We may engage one or more market makers (each, an “MM”), who may also be affiliated with us, to act as liquidity providers on the Exchange. You understand and agree that we may provide information concerning bids and offers placed by participants on the Exchange (including you) to such MMs prior to posting such bids and offers to the Exchange. The MMs will have the opportunity, but not the obligation, to accept and fill such bids and offers prior to the other participants on the Exchange (including you), should such bids be matched at lower prices and such offers be matched at higher prices (i.e., a more favorable bid or ask price) than they otherwise would have received had the originally proposed bids and offers been routed directly through the Exchange.

11. RESTRICTIONS ON USE OF OUR SITE AND SERVICES

11.1 USER TYPE

If you register with us as an individual User, you agree that you will use the Site, the Exchange and the Services for your personal use only. If you register with us as an institutional user on behalf of an institution, you (a) represent that you are an authorized representative of such institution and that this Agreement is binding on such institution, and (b) agree that you will use the Site, the Exchange and Services for commercial purposes only. In addition, you agree that any use of the Site, the Exchange and the Services shall be for the purposes expressly permitted and contemplated by this Agreement. You may not use the Site, the Exchange and the Services for any other purposes without our express prior written consent.

11.2 RESTRICTIONS ON USE

Without our express prior written authorization, you may not:

    1. Duplicate or reproduce any part of our Site, the Exchange, the Services or the Materials (except as expressly provided elsewhere in this Agreement);
    2. Create any derivative works based on or using our Site, the Exchange, the Services or the Materials, and you agree and stipulate that any and all derivative works are NOT “fair use;”
    3. Use our Site, the Exchange, the Services or the Materials for any public display, public performance, sale or rental, and you hereby agree and stipulate that any and all such uses are NOT “fair use”;
    4. Use our Market Data to develop, create, register, list, trade, clear, or settle any investment product or financial product of any kind;  
    5. Re-distribute our Site, the Exchange, the Services or the Materials, and you hereby agree and stipulate that any and all such uses is NOT “fair use;”
    6. Remove any copyright or other proprietary notices from our Site, the Exchange, the Services or the Materials; or, falsify or delete any author attributions, legal or other proper notices or labels of the origin or source material that is uploaded or otherwise provided by you;
    7. Frame or utilize any framing techniques in connection with our Site, the Exchange, the Services or the Materials;
    8. Translate, reverse-engineer, decompile or disassemble our Site, the Exchange, the Services or the Materials;
    9. Use any meta-tags, pay-per-click advertising, or any other “hidden text” using our Site’s name or marks or those of the Exchange, and you hereby stipulate that any use of the Site’s name or marks, or any other marks owned by us is an infringement upon our trademark rights, and you stipulate to make payment of liquidated damages of five thousand United States dollars (US$5000) per such infringement as a genuine pre-estimate of the loss and damage that will be suffered by us as a result of such infringement, plus you agree to pay any and all fees incurred in the recovery of this amount, including attorney's fees and all associated costs;
    10. “Deep-link” to any page of the Site or the Exchange, or avoid accepting acknowledgement of this Agreement (for the avoidance of doubt, you may only link to the main entry page);
    11. Circumvent any encryption or other security tools used anywhere on the Site or in conjunction with the Exchange or the Services (including the theft of usernames, passwords or API keys or using another person’s username, password or API key in order to gain access to a restricted area of the Site);
    12. Use any data mining, bots, scrapers or similar data gathering and extraction tools on the Site or in conjunction with the Exchange, the Services or the Materials;
    13. Sell, rent, lease, license, sublicense, transfer, distribute, re-transmit, time-share, use as a service bureau or otherwise assign to any third party the Materials (including our Market Data) or the Exchange or Services or any of your rights to access and use the Exchange, the Materials or Services as granted specifically by this Agreement;
    14. Use our Exchange or Services to impersonate any other User or person;
    15. Use any Materials (including the Market Data) or information on our Site or included in our Exchange or Services in any manner that infringes any copyright, trademark, patent, trade secret, publicity or other proprietary right of any party;
    16. Upload or attempt to upload files that contain viruses, Trojan horses, worms, time bombs, cancelbots, corrupted files, or any other similar software or programs that may damage the operation of ours or another’s property;
    17. Upload, post, email or otherwise transmit to us any submission that you do not have a right to transmit under contractual, fiduciary or other relationships (such as inside information, trade secrets, proprietary and confidential information learned or disclosed as part of employment relationships or under nondisclosure agreements);
    18. Upload, post, email or otherwise transmit any unsolicited or unauthorized advertising, promotional materials, "junk mail," "spam," "chain letters," "pyramid schemes," or any other form of solicitation, except in those areas that we may designate for such purpose;
    19. Restrict or inhibit any other User from using and enjoying the Exchange or the Services;
    20. Harvest or otherwise collect information about other users of the Site, the Exchange or the Services, including e-mail addresses or other personally-identifiable information;
    21. Violate any applicable laws, regulations or policies, or this Agreement;
    22. Use the Exchange or the Services to pay for, support, receive proceeds from or otherwise engage in any illegal gambling activities;
    23. Upload, post, email or otherwise transmit any material which is illegal, immoral, obscene or defamatory of any person;
    24. Use any automatic device or manual process to monitor or reproduce the Site, the Services (including the Exchange) or the Materials, and will not use any device, software, computer code, or virus to interfere or attempt to disrupt or damage the Site, Exchange, or Services; and
    25. Do anything that may adversely affect proper operation of the Site, the Market Data, the Exchange, the Services and the reputation and goodwill of the Company.

12. LIQUIDATED DAMAGES

12.1 STIPULATED LIQUIDATED DAMAGES

In various provisions in this Agreement, we have outlined liquidated damages amounts to be applied against you if you violate these specific provisions. You specifically agree to pay these amounts. In agreeing to pay liquidated damages, you understand, acknowledge and agree that this amount is not a penalty, that the actual damages are uncertain and difficult to ascertain, but that this amount represents the parties’ good faith attempt to calculate an appropriate compensation based on anticipated actual damages and is a genuine pre-estimate of the loss and damage which may be suffered by us.

12.2 OTHER LIQUIDATED DAMAGES

For any breach of a portion of this Agreement that does not specifically state a liquidated damages amount, you hereby agree that any breach of this Agreement shall result in liquidated damages of one hundred United States dollars (US$100) per occurrence. You specifically agree to pay one hundred United States dollars (US$100) in liquidated damages per occurrence; provided, however, that you will not be required to pay such liquidated damages in an amount in excess of the higher of (x) one thousand United States dollars (US$1,000) or (y) the outstanding balance of currency or other assets in your Account(s) with the Company.

13. DISCLAIMER OF WARRANTY

13.1 EXPRESS DISCLAIMERS

By using the Site, the Exchange, the Materials or the Services, you expressly acknowledge and agree that:

    1. Such use of the Site, the Exchange, the Materials and the Services is at your own and sole risk;
    2. Any material and/or data downloaded or otherwise obtained through the use of the Site, the Exchange, the Services or any of the Materials is done at your own discretion and risk, and you are solely responsible for any damage to your computer system or loss of data that results from the download of such material and/or data;
    3. The Site, the Exchange, the Services and the Materials and all materials contained therein, are provided “as is” without warranty of any kind, either express or implied, including, but not limited to, any implied warranties of merchantability, fitness for a particular purpose, title, or non-infringement;
    4. itBit makes no representations or warranties that the Site, the Exchange, the Materials and Services, or any materials contained therein, will be uninterrupted, timely, secure, or error-free; nor does itBit make any representations or warranties as to the quality, suitability, truth, usefulness, accuracy, or completeness of the Site, the Exchange, the Materials and the Services or any of the materials contained therein;
    5. itBit cannot and does not guarantee or warrant that files available for downloading from the Internet will be free of viruses, worms, Trojan horses, or other code that may manifest contaminating or destructive properties; and, itBit does not assume any responsibility or risk for your use of the Internet in connection with the Site, the Exchange, the Materials, the Services and any materials contained therein;
    6. itBit makes no warranty, express or implied, regarding any transaction entered into through the Site, the Exchange, or the Services;
    7. itBit is NOT responsible for any crypto asset market, and itBit makes no representations or warranties concerning the value of any crypto asset;
    8. itBit makes no warranty, express or implied, regarding the availability of the Site, the Exchange or the Services, and shall have no liability for any loss or damage arising from Downtime; and
    9. The value of crypto assets can be volatile and itBit is not in any way responsible or liable for any losses you may incur by holding or trading crypto assets, even if the Site, the Exchange or the Services are delayed, suspended, or interrupted for any reason.

13.2 NO IMPLIED WARRANTIES

The warranties and representations expressly set forth in this Agreement are the only warranties and representations made by itBit with respect to this Agreement, the Site, the Exchange, the Materials and the Services, and are in lieu of any and all other warranties, written or oral, express or implied, that may arise either by agreement between the Parties or by operation of law or otherwise, including warranties of merchantability and fitness for a particular purpose, which are excluded to the fullest extent permitted by applicable laws. None of these warranties and representations will extend to any third person.

14. INDEMNIFICATION AND RELEASE

14.1 INDEMNIFICATION

To the maximum extent permitted by applicable law, you agree to defend, indemnify, and hold harmless the Company, its parent company, affiliates and subsidiaries and each of their respective officers, directors, shareholders, members, partners, attorneys, employees, independent contractors, telecommunication providers, and agents (collectively, the “Indemnified Parties”), from and against any and all claims (including third-party claims), actions, loss, liabilities, expenses, costs, or demands, including, without limitation, legal and accounting fees (collectively, “Losses”), directly or indirectly, resulting from or by reason of (i) your (or you under another person’s authority) use, misuse, or inability to use the Site, the Exchange, the Services, or the Materials; (ii) any regulatory inquiry, legal action, litigation, dispute or investigation related to your Account and to your use of your Account, the Exchange or the Services; or (ii) your breach of this Agreement.

The Company shall notify you by electronic mail, mail, or other appropriate means, of any such claim or suit, and reasonably cooperate (at your expense) in the defense of such claim or suit. We reserve the right to participate in the defense of such claim or choose our own legal counsel but are not obligated to do so.

14.2 RELEASE

To the maximum extent permitted by applicable law, you hereby discharge, acquit, and otherwise release the Indemnified Parties, from any and all allegations, counts, charges, debts, causes of action, claims and Losses, relating in any way to the use of the Site, the Exchange, the Service or the Materials, including, but not limited to, claims relating to the following: negligence, gross negligence, intentional interference with contract or advantageous business relationship, defamation, privacy, publicity, misrepresentation, any financial loss not due to the fault of the Site, the Materials or the Exchange, false identities, fraudulent acts by others, invasion of privacy, release or misuse of personal information, failed transactions, purchases or functionality of the Site, unavailability of the Site, its functions and/or the Services and any other technical failure that may result in inaccessibility to the Site, the Exchange, the Materials or the Services, or any claim based on vicarious liability for torts committed by Users encountered or transacted with or through the Site, the Exchange or the Services, including, but not limited to, fraud, computer hacking, theft or misuse of personal information, assault, battery, stalking, rape, cheating, perjury, manslaughter, or murder.

The above list is intended to be illustrative only, and not exhaustive of the types or categories of claims released by you. This release is intended by the Parties to be interpreted broadly in favor of itBit, and thus any ambiguity shall be interpreted in a manner providing release of the broadest claims. This release is intended to be a full release of claims, and the parties acknowledge the legally binding nature of this provision, and the nature of the rights given up in connection therewith.

If you are a California resident, you hereby waive California Civil Code Section 1542, which states:

A GENERAL RELEASE DOES NOT EXTEND TO CLAIMS WHICH THE CREDITOR DOES NOT KNOW OR SUSPECT TO EXIST IN HIS OR HER FAVOR AT THE TIME OF EXECUTING THE RELEASE, WHICH IF KNOWN BY HIM OR HER MUST HAVE MATERIALLY HIS OR HER SETTLEMENT WITH THE DEBTOR.”

If you are a resident of another jurisdiction with a comparable statute or doctrine, you hereby waive such statute or doctrine to the extent permissible under applicable law.  

15. LIMITATION OF LIABILITY

15.1 LIMITATION OF LIABILITY

Except to the extent prohibited by applicable laws, in no event shall itBit (or its licensors, agents, suppliers, resellers, service providers, or any other subscribers or suppliers) be liable to you, or any other third party, for any direct, special, indirect, incidental, consequential, exemplary, or punitive damages, including without limitation, damages for loss of profits, loss of information, business interruption, loss of revenue, or loss of goodwill, which may arise from any person’s use, misuse, or inability to use the Site, the Exchange, the Services, the Materials or any of the materials contained therein, including any loss caused in whole or in part by any inaccuracies, incompleteness or delays in Market Data, interruptions in the Services, including the Exchange, even if we have been advised of the probability of such damages and regardless of whether such liability is asserted on the basis of contract, tort or otherwise.  

We will not be liable for any damage or interruptions caused by any computer viruses, spyware, Trojan horses, worms or other malware that may affect your computer or other equipment, or any phishing, spoofing or other attack. You are responsible for maintaining the security of your environment, including regular use of malware screening and prevention software. You should also be aware that email and other communication services are vulnerable to spoofing and phishing attacks and should use care in reviewing messages purporting to originate from itBit. Always log into your Account through our Site or contact us if you have any uncertainty regarding the authenticity of any communication or notice.

15.2 FORCE MAJEURE

Neither we (nor any bank where our deposit accounts are held) will be liable for our failure to perform any obligations under this Agreement due to events beyond our control, and the time provided for performing such obligations shall be extended by a period of time equal to the duration of such events. Events beyond our control include, but are not limited to, acts of God, war, riot, arson, embargoes, civil commotion, strikes, labor disputes, equipment failures, bank failures, crypto asset market collapse or fluctuations, fiat currency conversion rate fluctuations, strikes, fire, flood, earthquake, hurricanes, tropical storms or other natural disaster or casualty, shortages of labor or material, shortage of transportation, facilities, fuel, energy, government regulation or restriction, acts of civil or military authority or terrorism, fiber cuts, weather conditions, breaches or failures to perform by third parties, technical problems, including hardware and software crashes and other malfunctions, failure of the telecommunications or information services infrastructure, hacking, SPAM or failure of any computer, server or software disruptions on account of or caused by vandalism, theft, phone service outages, power outage, Internet disruptions, viruses, and mechanical, power or communications failures.

If any law, regulation, rule, regulation or decision of any self-regulatory organization, or ordinance, whether international, federal, state, or local, becomes effective which substantially alters our ability to offer the Site, the Exchange or the Services hereunder, we shall have the right to cancel this Agreement, with notice, if reasonably possible, effective upon the earlier of (i) the date upon which we are unable to provide our Services hereunder; or (ii) thirty (30) days following notice.

15.3 MAXIMUM LIABILITY

In no event shall our maximum total aggregate liability hereunder for direct damages exceed the total fees actually paid by you for use of the Site, the Exchange or the Services for a period of more than three (3) months from the accrual of the applicable cause or causes of action. Because some jurisdictions prohibit the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you (in whole or in part).

15.4 RIGHT OF SET OFF

To the extent allowable by law, we reserve the right to set-off any damages or amounts owed to us by you for your breach of this Agreement, your indemnification obligations, or for your other obligations under this Agreement against funds in your Account (including, without limitation, transaction fees, funds transfer fees and dormancy fees).

16. CONFIDENTIALITY AND COMPLIANCE WITH LEGAL PROCESS

16.1 PERMITTED DISCLOSURE

We may share information concerning you and your Account:

    1. with our banks and other financial institutions that we use or may use to process funds in connection with the Exchange and the Services;
    2. with law enforcement, regulatory authorities, tax authorities (including the US Internal Revenue Service pursuant to the Foreign Account Tax Compliance Act, to the extent this applies), self-regulatory organizations (such as those that operate crypto asset derivative exchanges) and officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of your information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of this Agreement or any other applicable policies;
    3. with third parties, such as vendors, agents, contractors and our advisors (e.g., legal, financial, business or other advisors), in order to administer our services, including to verify your identity and conduct screening and due diligence checks;
    4. in connection with a merger, acquisition or otherwise as set forth in Section 24.1; or
    5. as permitted or required by applicable law.

Please refer to our Privacy Policy https://www.itbit.com/legal for more information on the use of your personal information.

16.2 LEGAL PROCESS

You agree and understand that we may comply with any writ of attachment, execution, garnishment, tax levy, restraining order, subpoena, warrant or other legal process, that we in good faith believe to be valid. We may, but are not required to, notify you of such process. We may charge you for associated costs, including attorneys’ fees. You agree that we may honor any legal process, regardless of the method or location of service.

17. LINKS AND LINKING

17.1 THIRD PARTY LINKS

Some websites that are linked to or from the Site are owned and operated by third parties. Because we have no control over such websites and resources, you understand, acknowledge and agree that we are not responsible or liable for the availability of such external websites or resources, and do not screen or endorse such websites or the content, products, advertising or other materials presented therein, and are not responsible or liable for any such content, advertising, services, products, or other materials on or available from such websites or resources.

Use of any website controlled, owned or operated by third parties is governed by the terms and conditions of use (including privacy policies) for those websites, and not by this Agreement or our Privacy Policy, which is incorporated into this Agreement by reference.

We reserve the right to terminate any link or linking program at any time.

17.2 NO LIABILITY; INDEMNIFICATION

You further understand, acknowledge and agree that we shall not be responsible or liable, directly or indirectly, for any damage or loss caused or alleged to be caused by, or in connection with use of or reliance on, any such third-party content, goods or services available on or through any such website or resource. If you decide to access any such third-party website, you do so entirely at your own risk and subject to any terms and conditions and privacy policies posted therein.

You hereby agree to defend and hold harmless each of the Indemnified Parties from and against any and all Losses that may result from your use of links that may appear on the Site or via the Services.  

18. INTELLECTUAL PROPERTY

18.1 TRADEMARKS

“itBit” is a registered trademark of ours. None of the marks, logos, domains, and trademarks that you find on the Site, the Exchange, the Services or in the Materials may be used publicly except with express written permission from itBit and may not be used in any manner that is likely to cause confusion among consumers, or in any manner that disparages or discredits itBit.

18.2 OTHER MARKS

Other manufacturers’ product and service names referenced on the Site, the Exchange, the Services and the Materials may be trademarks and service marks of their respective companies and are the exclusive property of such respective owners and may not be used publicly without the express written consent of the owners and/or holders of such trademarks and service marks. You acknowledge and agree that we either own or have been authorized by relevant third-party intellectual property owners to use the trademarks, copyright, patents, design and intellectual property of any nature and form found on the Site and the Services.

18.3 COPYRIGHT

The Materials (including the Market Data) accessible from the Site, the Exchange and the Services, and any other website owned, operated, licensed, or controlled by us are our proprietary information and valuable intellectual property and we retain all right, title, and interest in such Materials. No rights, title or interest in any such Materials are transferred to you by reason of the access to the Site, the Exchange or the Services.

All Materials, such as text, graphics, photographs, video and audio clips, music, soundtracks, button icons, streaming data, animation, images, downloadable materials, data compilations and software are the property of the Company or its content suppliers and are protected by United States and international copyright laws. The compilation of all Materials on the Site and in the Exchange and the Services is the exclusive property of the Company or its content suppliers and protected by United States and international copyright laws, as well as other laws and regulations.

itBit's Market Data is valuable to us, and to the extent that you receive access to such data, you hereby understand, acknowledge and agree that the Market Data contains proprietary and confidential information that is protected by applicable intellectual property and other laws, and is the sole property of the Company.  The restrictions on use contained in Section 11.2 of this Agreement shall apply with equal force and scope to the Market Data as to the Site, any of the other Services, the Exchange and the Materials. Any distribution, publication, or transmission of our Market Data without itBit's consent is a material breach of this Agreement and a violation of our property rights for which we may seek appropriate legal recourse.  

19. EXPORT CONTROL

You understand acknowledge and agree that the software elements of the Materials on the Site may be subject to regulation by agencies of the United States Government, including the United States Department of Commerce, which prohibits export or diversion of software to certain countries and third parties. Diversion of such materials contrary to laws of the United States, or any international, provincial, state or other applicable law is prohibited. You will not assist or participate in any such diversion or other violation of applicable laws and regulations. You agree that none of the Exchange, the Services, the Materials or virtual currencies are being or will be used, acquired for, shipped, transferred, or re-exported, directly or indirectly, to proscribed or embargoed countries or their nationals or be used for proscribed activities.

20. NOTICE

20.1 NOTICE

Any notice we are required to give you under this Agreement may be provided by email, postal mail, or facsimile utilizing the contact information provided by you when you registered with the Site and/or the Exchange. Notices from you to us shall be given by email to: info@itbit.com, unless otherwise specified in the Agreement.

20.2 CHANGE OF ADDRESS

Either party may change the address to which notice is to be sent by written notice to the other party pursuant to this provision of the Agreement.

20.3 CHANGE TO TERMS AND CONDITIONS OR FEE SCHEDULE

Any notice of a change to our Terms and Conditions or Fee Schedule required to be given pursuant to Section 1.7 hereof shall be sent to the email address you provide to us. The email notice will instruct you to visit our website to review the new changes to this Agreement or the Fee Schedule.

20.4 WHEN NOTICE IS EFFECTIVE

Notices shall be deemed effective upon delivery. Notices delivered by nationally recognized overnight carrier (e.g., United States Express Mail or Federal Express) shall be deemed delivered on the business day following mailing. Notices mailed by United States Mail, postage prepaid, registered or certified with return receipt requested, shall be deemed delivered five (5) days after mailing. Notices by email and facsimile transmission, with confirmation from the transmitting machine that the transmission was completed, are acceptable under this Agreement provided that they are deemed delivered one (1) hour after transmission if sent during the recipient's business hours, or otherwise at 9:00 a.m. (recipient's time) the next business day. Notices delivered by posting on the Site shall be deemed delivered upon posting. Notices delivered by any other method shall be deemed given upon receipt. Either party may, by giving the other party appropriate written notice, change the designated address, fax number and/or recipient for any notice or courtesy copy, hereunder.

20.5 REFUSED, UNCLAIMED, OR UNDELIVERABLE NOTICE

Any correctly addressed notice that is refused, unclaimed or undeliverable shall be deemed effective as of the first date that said notice was refused or deemed undeliverable by the postal authorities, messenger, facsimile machine, email server or service provider, or overnight delivery service.

20.6 CONFIDENTIALITY OF COMMUNICATIONS

We do not provide any facility for sending or receiving private or confidential electronic communications. Visitors should not use this Site or Services (including the Exchange) to transmit any communication for which the sender intends only the sender and the intended recipient(s) to read. Notice is hereby given that all messages and other content entered into this Site or Services can and may be read by the agents and operators of the Site or Services, regardless of whether they are the intended recipients of such messages. User should not have an expectation of privacy regarding any communications sent through this Site or the Services.

21. ARBITRATION; STATUTE OF LIMITATIONS

21.1 ARBITRATION

If a dispute arises between the parties arising out of or otherwise relating to this Agreement, the parties shall meet and negotiate in good faith to attempt to resolve the dispute. If the parties are unable to resolve the dispute through direct negotiations, then, except as otherwise provided herein, either party must submit the issue to binding arbitration in accordance with the applicable Arbitration Ordinance. Claims subject to arbitration (“Arbitral Claims”) shall include, but are not limited to, contract and tort claims of all kinds, and all claims based on any federal, state or local law, statute, or regulation, excepting only claims by us under applicable worker’s compensation law, unemployment insurance claims,  along with actions (regardless of the underlying cause of action) by us seeking injunctions, attachment, garnishment, and other equitable relief. You agree to arbitrate solely on an individual basis, and understand, acknowledge and agree that this Agreement does not permit class arbitration or any claims of any type brought as a plaintiff or class member in any class or representative arbitration proceeding.

Any dispute arising out of or relating to this Agreement, or the breach thereof, shall be finally settled on an individual basis –

    1. In the case of disputes involving customers of itBit Pte. Ltd., by arbitration in Singapore in accordance with the Arbitration Rules of the Singapore International Arbitration Centre for the time being in force, which rules are deemed to be incorporated by reference in this clause. The language of the arbitration shall be English and the Agreement shall be interpreted in accordance with the laws of Singapore.
    2. In the case of disputes involving customers of itBit, by arbitration in New York, New York administered by the American Arbitration Association in accordance with its Consumer Arbitration Rules. The language of the arbitration shall be English and the Agreement shall be governed by the laws of the State of New York.

An arbitral decision resulting from (i) or (ii) above may be enforced in any court, and a prevailing party in any action or proceeding to enforce this Agreement shall be entitled to costs and attorney's fees.  

The Arbitrator shall have no authority to award any punitive or exemplary damages, certify a class action (or join the claims of one party with any other party), add any parties, or vary or ignore the provisions of this Agreement. The arbitrator shall render a written opinion setting forth all material facts and the basis of his or her decision within thirty (30) days of the conclusion of the arbitration proceeding.

If for any reason this arbitration clause is not applicable or litigation proceeds in court, then you agree that:  

You agree that you may bring claims against the Company only in your individual capacity and not as a plaintiff or class member in any purported class or representative action.

TO THE FULLEST EXTENT PERMITTED BY APPLICABLE LAWS AND REGULATIONS, YOU HEREBY IRREVOCABLY WAIVE ALL RIGHT TO TRIAL BY JURY AS TO ANY ISSUE IN ANY ACTION, PROCEEDING, OR COUNTERCLAIM ARISING OUT OF OR RELATING TO THIS AGREEMENT OR ANY OTHER MATTER INVOLVING US ARISING OUT OF THE SITE, OR SERVICES (INCLUDING THE EXCHANGE).

21.2 NO WAIVER OF RIGHT TO ARBITRATION

There shall be no waiver of the right to arbitration unless such waiver is provided affirmatively and in writing by the waiving party to the other party. There shall be no implied waiver of this right to arbitration. No acts, including the filing of litigation, shall be construed as a waiver or a repudiation of the right to arbitrate.

21.3 WAIVER OF STATUTE OF LIMITATIONS

Notwithstanding the period of limitation prescribed by applicable laws for the bringing of any relevant action or claim and except as otherwise provided in Section 3.12, the Parties hereby mutually agree that no action, regardless of form, arising out of or in conjunction with the subject matter of this Agreement, except for claims involving intellectual property, claims to recover outstanding amounts due to us and claims for indemnification, may be brought by any party more than one (1) year after the cause of action arose, following which either party shall have no further claim whatsoever against the other party.

22. RIGHT TO INJUNCTIVE RELIEF

You agree that due to the nature of our business, monetary damages for a breach of your obligations under this Agreement would be inadequate to compensate us. Accordingly, you agree and understand that any violation or threatened violation by you of your obligations under this Agreement will cause irreparable injury to us and that, in addition to any other remedies that may be available, in law, in equity or otherwise, we will be entitled to obtain injunctive relief against any threatened breach of this Agreement or the continuation of such breach without the necessity of proving actual damages.

23. COMPLAINTS

If you would like to contact us with a complaint, please contact Customer Support using one of the following methods:

E-mail help@itBit.com using the email address associated with your account.

Write to Customer Support at:

itBit

450 Lexington Ave, #3952

New York, NY 10017

Call Customer Support at +1 (855) 997-2994 in the U.S. or (+65) 3158-33343 in Asia.  

If you are a customer of the itBit Trust Company in the U.S., you may also direct your complaint to the attention of: New York State Department of Financial Services, One State Street, New York, NY 10004-1511; +1 (212) 480-6400.  Please visit www.dfs.ny.gov for additional information.

24. MISCELLANEOUS PROVISIONS

24.1 ASSIGNMENT

Neither this Agreement, nor any of your rights and obligations hereunder, may be transferred by you, but may be assigned by us without restriction. Any attempted transfer or assignment by you in violation hereof shall be null and void. This Agreement shall be binding and inure to the benefit of the parties hereto, our successors, and permitted assigns.

In the event that we are acquired by or merged with a third-party entity, we reserve the right, in any of these circumstances, to transfer or assign the information we have collected from you as part of such merger, acquisition, sale, or other change of control. See also our Privacy Policy for additional information. https://www.itbit.com/legal

24.2 SEVERABILITY

If for any reason a court of competent jurisdiction or an arbitrator finds any provision of this Agreement, or any portion thereof, to be invalid, unenforceable or illegal, such invalidity, unenforceability or illegality shall not affect the remainder of this Agreement, which will continue to be in full force and effect, and any prior, effective provision of the Agreement that was superseded by such invalid, unenforceable or illegal provision shall be deemed valid and enforceable to the fullest extent.

24.3 NO WAIVER

No waiver or action made by us shall be deemed a waiver of any subsequent default of the same provision of this Agreement. No failure or delay in exercising or enforcing any privilege, right, remedy, or power hereunder shall be deemed a waiver of such provision by us. All waivers must be in writing.

24.4 HEADINGS

All headings are solely for the convenience of reference and shall not affect the meaning, construction or effect of this Agreement.

24.5 COMPLETE AGREEMENT

This Agreement, together with our Privacy Policy, constitutes the entire agreement between the parties with respect to your access and use of the Site, the Exchange, the Services, the Materials (including the Market Data) and the materials contained therein. This Agreement, together with our Privacy Policy, supersedes and replaces all prior understandings or agreements, written or oral, regarding such subject matter.

24.6 OTHER JURISDICTIONS

We make no representation that the Site, the Exchange, the Services, the Materials (including the Market Data) or any of the materials contained therein are appropriate or available for use in other locations, and access to them from territories where their content or function may be illegal or is otherwise prohibited. Those who choose to access the Site, the Exchange the Services and the Materials from such locations do so on their own initiative and are solely responsible for determining compliance with all applicable local laws.

24.7 SURVIVAL

All provisions of this Agreement which by their nature extend beyond the expiration or termination of this Agreement, including without limitation, sections pertaining to suspension or termination, debts owed, general use of the Exchange or the Services, disputes with us, and general provisions, shall survive the termination or expiration of this Agreement.

24.8 NO AGENCY RELATIONSHIP

Nothing in this Agreement shall be deemed to constitute, create, imply, give effect to, or otherwise recognize a partnership, employment, joint venture, or formal business entity of any kind; and the rights and obligations of the Parties shall be limited to those expressly set forth herein. We are not your agent or other representative. Except for the indemnity and exculpation provisions herein, nothing expressed in or implied from this Agreement is intended or shall be construed to give any person other than the Parties hereto any legal or equitable right, remedy, or claim under or in respect of this Agreement to enforce any of its terms which might otherwise be interpreted to confer such rights to such persons. This Agreement and all representations, warranties, covenants, conditions and provisions hereof are intended to be and are for the exclusive benefit of you and us

itBit Privacy Policy

1. Privacy Policy

Last updated: May 25, 2018

itBit Trust Company, LLC and itBit PTE. Ltd., together with other members of their group (we/us/our) are committed to safeguarding personal information. This itBit Privacy Policy relates to our use and collection of personal information relating to clients of the itBit Exchange, including directors, beneficial owners, principals, employees or consultants of our institutional clients and vendors (you/your).

With respect to US clients, itBit Trust Company, LLC is the data controller of your personal information processed under this Privacy Policy.

With respect to non-US clients (including clients based within the European Economic Area (EEA)), itBit PTE. Ltd. (registered office at: 30 Duxton Road, #02-00, Singapore 089494) is the data controller of your personal information processed under this Privacy Policy.  

This itBit Privacy Policy provides you with detail about how we use such personal information. We use commercially reasonable physical, electronic and procedural measures to protect people’s personal information in accordance with data protection legislative requirements.  This Privacy Policy does not apply to anonymized data as it cannot be used to identify you.

itBit will not use your personal information for purposes other than those purposes we have disclosed to you in this Privacy Policy without your permission.

By visiting, accessing or using itBit, you acknowledge that we use your personal information as set out in this Privacy Policy.

1.1. This Privacy Policy is intended to explain our privacy practices and covers the following areas:
What personal information about you we may collect
  • How we may use your personal information
  • Whom we may disclose your personal information to
  • Our use of automated decision-making
  • How we protect your personal information
  • How to contact us
  • Your rights to prevent marketing and to access and update your personal information
  • Our Cookies Policy
  • How changes to this Privacy Policy and the Cookies Policy will be made

2. Information we may collect about you

2.1. We may collect the following personal information from you when you open an itBit account:

  • Contact Information: name, address, email address
  • Account information: username and password
  • Financial Information: bank and bank account numbers
  • Identity Verification Information: date of birth, tax ID number, images of government issued ID, passport, national ID or driving license
  • Residence Verification Information: Utility bill details or similar information
  • In addition, for institutional customers:
    • Organizational Information: proof of legal existence, business licenses
    • Identification Information for beneficial owners, principals and executive management (as applicable)
2.2. We also automatically collect certain computer, device and browsing information when you access the itBit website:
  • Computer or mobile device information, including IP address, operating system, browser type
  • Website usage information
  • Location information
2.3. We also may collect personal information about you (including your beneficial owners, principals and executive management, as applicable) from public databases and ID verification partners, including:
  • public employment profile
  • criminal history
  • credit history
  • status on any politically exposed person and sanctions lists
  • address
  • other information to help validate your identity
2.4. We also collect personal information disclosed by you when you contact us or respond to our communications (e.g., email, telephone, other writing).

2.5. We also collect the following personal information from your usage of our products and services:
  • Account Information: information that is generated by your account activity, including, but not limited to, trading activity, order activity, deposits, withdrawals and account balances.

When we require certain personal information from you, it is because we are required by applicable law to collect this information or it is relevant for specified purposes. We may not be able to serve you as effectively or offer you all of our services if you elect not to provide certain types of information.

 
3. Uses made of your personal information
 

We may use your personal information in the ways listed below.

If you are based in the EEA, use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of the grounds available can be found in the table below. We note the grounds we use to justify each use of your information next to the use below.

These are the principal legal grounds that justify our use of your personal information:

 
Consent: where you have consented to our use of your information (you will have been presented with a consent form in relation to any such use).
Contract performance: where your information is necessary to enter into or perform our contract with you.
Legal obligation: where we need to use your information to comply with our legal obligations.
Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
Legal claims: where your information is necessary for us to defend,  prosecute or make a claim against you, us or a third party.

 

These are the principal legal grounds that justify our use of your special categories of personal information1:

 
Legal claims: where your information is necessary for us to establish, defend, prosecute or make a claim against you, us or a third party.
In the substantial public interest: Processing is necessary for reasons of substantial public interest, on the basis of EU or local law.
Explicit consent: You have given your explicit consent to the processing of those personal information for one or more specified purposes. You are free to withdraw your consent by contacting us in as per section 6 below. If you do so, we may be unable to provide a service that requires the use of such data.

We may use your personal information for our core business purposes, including:

 

      • To provide our services effectively to our clients and conduct our business ►  to administer our services, including to carry out our obligations arising from any agreements entered into between our clients and us, which may include passing your data to third parties such as agents or contractors or to our advisors (e.g., legal, financial, business or other advisors). We may also use your personal information to develop our products and services, to evaluate new products and services and to improve our service quality, including by performing statistical analysis and reporting on transactions and site usage. In addition, we may use your personal information for financial reporting, management reporting, audit and record keeping purposes. 

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you) 

      • To manage our risk ► We may use your personal information in managing the risk of our client base, including for assessing and processing applications, instructions or requests from you, maintaining credit and risk related models, managing our infrastructure and business operations and complying with internal policies and procedures and monitoring the use of our products and services.  

Use justification: contract performance, legitimate interests (to manage the risk of our client base and to ensure you fall within our acceptable risk profile). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To receive services from our vendors and conduct our business ► to receive services, including to carry out our obligations arising from any agreements entered into between our vendors and us, which may include passing your data to third parties such as agents or contractors or to our advisors (e.g., legal, financial, business or other advisors). This includes vendors that provide ID verification and sanctions tools, which we use to help verify your identity and comply with our legal obligations, such as anti-money laundering laws. ID verification partners use a combination of government records and publicly available information to verify identity. This also includes the financial institutions with which we partner to process payments you have authorized. Our contracts require these vendors to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.

Use justification: legal obligations, legitimate interests (to enable us to perform our obligations and receive services from vendors). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To verify your identity ► for the purposes of providing facilities, products or services, including conducting screenings or due diligence checks as may be required under applicable law, regulation, directive or our Terms and Conditions. For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.   

Use justification: legal obligation, contract performance, legitimate interests (to enable us to manager client risk). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • In relation to fraud prevention ► We and other organizations may also access and use certain information to prevent fraud as may be required by applicable law and regulation and best practice at any given time. If false or inaccurate information is provided or fraud is identified or suspected, details may be passed to law enforcement and fraud prevention agencies and may be recorded by us or by them. In addition, we may share information with the financial institutions with which we partner to process payments you have authorized. Paxos Trust Company may also share information with other financial institutions pursuant to Section 314(b) of the U.S. Patriot Act. For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.  

Use justification: legal obligations, legitimate interests (to ensure that your organization falls within our acceptable risk profile and to assist with the prevention of crime and fraud). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To reorganise or make changes to our business ► In the event that we are (i) subject to negotiations for the sale of our business or part thereof to a third party, (ii) sold to a third party or (iii) undergo a reorganization, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process or transferred to that reorganized entity or third party and used for the same purposes as set out in this policy or for the purpose of analysing any proposed sale or reorganization.  

Use justification: legitimate interests (in order to allow us to change our business) 

      • In connection with legal or regulatory obligations ►  Law enforcement, regulators and the court service ► We may share your information with law enforcement, regulatory authorities, tax authorities (including the US Internal Revenue Service pursuant to the Foreign Account Tax Compliance Act, to the extent this applies), self regulatory organizations (such as those that operate virtual currency derivative exchanges) and officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Terms and Conditions or any other applicable policies. We may also use your personal information to otherwise comply with all applicable laws, regulations, rules, directives and orders.

Use justification: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities). Where this includes special categories of personal information, we will usually rely on legal claims, substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • In order to communicate with you  ► We may use your personal information to communicate with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions;

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)

      • In connection with disputes  ► We may use your personal information to address or investigate any complaints, claims or disputes and to enforce obligations owed to us.

Use justification: legal claims, contract performance, legitimate interests (to enforce our rights under our agreements with you). Where this includes special categories of personal information, we will usually rely on legal claims, or very rarely where necessary, explicit consent.

      • For advertising  ► Subject to applicable laws and regulations, we may use your personal information to inform our advertising and marketing strategy and to tailor our messaging to your needs. Where required by law, we will ask for your consent at the time we collect your data to conduct such marketing. An opt-out mechanism will be provided to you in each communication to enable you to exercise your right to opt out of any direct marketing. We never sell your information. You may withdraw this consent/opt-out at any time without affecting the lawfulness of processing based on your prior consent.

Use justification: consent, legitimate interest (to keep you updated with news in relation to our products and services) 

4. Automated Decision-Making

Our operation of the itBit Exchange relies on automated analysis of personal information provided by you, alongside that received from credit referencing agencies and fraud prevention agencies, For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.

We may use criteria such as your identifying information (e.g., your name, tax id number or date of birth) to validate your identity against public records on an automated basis or without human/manual intervention.

We do this on the basis that it is necessary for us to enter into a contract with you. If you fail to meet these criteria, your application to use the itBit Exchange will be rejected.

You may also request that we provide information about our methodology and ask us to verify that the automated decision has been made correctly. We may reject the request, as permitted by applicable law, including when providing the information would result in a disclosure of a trade secret or would interfere with the prevention or detection of fraud or other crime. However, generally in these circumstances we will verify (or request the relevant third party to verify) that the algorithm and source data are functioning as anticipated without error or bias.

 

5. Transmission, storage and security of your personal information 

Security over the internet

5.1. No data transmission over the Internet or website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.

5.2. All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.

Export outside the EEA (this section only applies if you are based in the EEA)

5.3. Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EEA. Regardless of location or whether the person is an employee or contractor, we will impose the same data protection safeguards that we deploy inside the EEA.

5.4. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries that have not had these approvals, (see the full list here http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm), we will either ask for your consent to the transfer or transfer it subject to European Commission approved contractual terms that impose equivalent data protection obligations directly on the recipient unless we are permitted under applicable data protection law to make such transfers without such formalities.

5.5. Please contact us as set out in section 6.4 below if you would like to see a copy of the specific safeguards applied to the export of your personal information.

Storage limits

5.6. We will retain your personal information for as long as is necessary for the processing purpose(s) for which they were collected and any other permitted linked purpose (for example certain transaction details and correspondence may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data). So if information is used for two purposes, we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose with a shorter period once that period expires.

5.7. We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs, and your information that is no longer needed is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed. By way of example:

      1. use to perform a contract: in relation to your personal information used to perform any contractual obligation to you, we may retain that personal information whilst the contract remains in force plus a further period (depending on jurisdiction and other factors) to deal with any queries or claims thereafter;
      2. copies of evidence obtained in relation to AML checks: in relation to your personal information obtained in relation to AML checks, we may retain that personal information whilst our client relationship remains in force plus a further 5 years to deal with any queries or claims thereafter; and
      3. where claims are contemplated: in relation to any information where we reasonably believe it will be necessary to defend or prosecute or make a claim against you, us or a third party, we may retain that information for as long as that claim could be pursued.

Anonymity

5.8. Bitcoin and other virtual currencies may not be fully anonymous as a result of the public digital ledgers reflecting these currencies. Generally, anyone can view the balance and transaction history of any public wallet address. We, and others who are able to can match your public wallet address to other information about you, and also may be able to identify you from a blockchain transaction. Furthermore, third parties may use data analytics to identify other information about you. Please note that such third parties have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information.

6. Your rights & contacting us

Marketing

6.1. You have the right to ask us not to process your personal information for marketing purposes. We will inform you if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by not checking certain boxes on our marketing consent form. You can also exercise the right at any time by contacting us as set out below.

 

Updating Information

 
6.2. We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by contacting us as set out below.

Your rights (this section only applies if you are based in the EEA)

6.3. Where you are based in the EEA, under certain conditions under EU data protection law, you may have the right to require us to:

      • provide you with further details on the use we make of your information;
      • provide you with a copy of information that you have provided to us;
      • update any inaccuracies in the personal information we hold (please see paragraph 6.2);
      • delete any personal information the we no longer have a lawful ground to use;
      • where processing is based on consent, to withdraw your consent so that we stop that particular processing (see section 6.1 for marketing);
      • transmit the personal information you have provided to us and we still hold about you to a third party electronically;
      • object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
      • restrict how we use your information whilst a complaint is being investigated.

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., the maintenance of legal privilege). If you exercise any of these rights, we will check your entitlement and respond in most cases within a month.

If we are unable to resolve an inquiry or a complaint, you have the right to contact the data protection regulator in the EEA country in which you are based. A list of the data protection regulators and their contact details can be found at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Contacting us

6.4. If you have any questions in relation to this policy or your personal information, please contact: privacy@itbit.com, via our support page or by writing to us at itBit Trust Company: Legal Department, 450 Lexington Ave, Suite 3952, New York, NY 10017.

6.5. In addition to the details at section 6.4, where you are based in the EEA, you can also contact our EU Representative, Paxos Technology Limited at 1 Wework Mark Square, London, Greater London, EC2A 4EG, United Kingdom; email: privacy@itbit.com.

7. Processing for fraud prevention and detection purposes
 
7.1 Before we provide our services to you, we undertake checks for the purposes of preventing fraud and money laundering and to verify your identity. These checks require us to process personal information about you.

7.2. The personal information you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering and to verify your identity.

7.3 In order to do so, we may provide information to, obtain information from, and verify information with fraud prevention and debt collection agencies and credit reference agencies (in their role as fraud prevention agents). We will continue to exchange information with such parties while you have a relationship with us.

7.4. We, fraud prevention and debt collection agencies and credit reference agencies may also enable law enforcement agencies to access and use your personal information to detect, investigate and prevent crime.

7.5. Fraud prevention agencies and credit reference agencies can hold your personal information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

7.6. As part of the processing of your personal information, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making as set out in section 4 of this policy.
 
7.7. As a consequence of processing, if we, or a fraud prevention agency or credit reference agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services you have requested or we may stop providing existing services to you.

7.8. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies and credit reference agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us as per section 6 of this policy.
 
7.9. If you are based in the EEA, whenever fraud prevention agencies transfer your personal data outside of the EEA, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the EEA. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
 
8. Cookies policy
 
We use cookies on the websites. To find out more about how we use cookies, please see our Cookies Policy, which has been provided or made available to you.
 

9. Changes to our Privacy Policy and/or Cookies Policy

We may change the content of our Privacy Policy from time to time in the future. We therefore encourage you to review this policy from time to time to stay informed of how we are using personal information. This itBit Privacy Policy was last updated on May 25, 2018.

 

1Special categories of personal information” means personal information which include personal data that may reveal racial/ethnic origin, religion/belief, health, sexual orientation, political affiliation, trade union membership and criminal convictions.

1.1. This Privacy Policy is intended to explain our privacy practices and covers the following areas:
What personal information about you we may collect
  • How we may use your personal information
  • Whom we may disclose your personal information to
  • Our use of automated decision-making
  • How we protect your personal information
  • How to contact us
  • Your rights to prevent marketing and to access and update your personal information
  • Our Cookies Policy
  • How changes to this Privacy Policy and the Cookies Policy will be made

2. Information we may collect about you

2.1. We may collect the following personal information from you when you open an itBit account:

  • Contact Information: name, address, email address
  • Account information: username and password
  • Financial Information: bank and bank account numbers
  • Identity Verification Information: date of birth, tax ID number, images of government issued ID, passport, national ID or driving license
  • Residence Verification Information: Utility bill details or similar information
  • In addition, for institutional customers:
    • Organizational Information: proof of legal existence, business licenses
    • Identification Information for beneficial owners, principals and executive management (as applicable)
2.2. We also automatically collect certain computer, device and browsing information when you access the itBit website:
  • Computer or mobile device information, including IP address, operating system, browser type
  • Website usage information
  • Location information
2.3. We also may collect personal information about you (including your beneficial owners, principals and executive management, as applicable) from public databases and ID verification partners, including:
  • public employment profile
  • criminal history
  • credit history
  • status on any politically exposed person and sanctions lists
  • address
  • other information to help validate your identity
2.4. We also collect personal information disclosed by you when you contact us or respond to our communications (e.g., email, telephone, other writing).

2.5. We also collect the following personal information from your usage of our products and services:
  • Account Information: information that is generated by your account activity, including, but not limited to, trading activity, order activity, deposits, withdrawals and account balances.

When we require certain personal information from you, it is because we are required by applicable law to collect this information or it is relevant for specified purposes. We may not be able to serve you as effectively or offer you all of our services if you elect not to provide certain types of information.

 
3. Uses made of your personal information
 

We may use your personal information in the ways listed below.

If you are based in the EEA, use of personal information under EU data protection laws must be justified under one of a number of legal “grounds” and we are required to set out the grounds in respect of each use in this policy. An explanation of the scope of the grounds available can be found in the table below. We note the grounds we use to justify each use of your information next to the use below.

These are the principal legal grounds that justify our use of your personal information:

 
Consent: where you have consented to our use of your information (you will have been presented with a consent form in relation to any such use).
Contract performance: where your information is necessary to enter into or perform our contract with you.
Legal obligation: where we need to use your information to comply with our legal obligations.
Legitimate interests: where we use your information to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights.
Legal claims: where your information is necessary for us to defend,  prosecute or make a claim against you, us or a third party.

 

These are the principal legal grounds that justify our use of your special categories of personal information1:

 
Legal claims: where your information is necessary for us to establish, defend, prosecute or make a claim against you, us or a third party.
In the substantial public interest: Processing is necessary for reasons of substantial public interest, on the basis of EU or local law.
Explicit consent: You have given your explicit consent to the processing of those personal information for one or more specified purposes. You are free to withdraw your consent by contacting us in as per section 6 below. If you do so, we may be unable to provide a service that requires the use of such data.

We may use your personal information for our core business purposes, including:

 

      • To provide our services effectively to our clients and conduct our business ►  to administer our services, including to carry out our obligations arising from any agreements entered into between our clients and us, which may include passing your data to third parties such as agents or contractors or to our advisors (e.g., legal, financial, business or other advisors). We may also use your personal information to develop our products and services, to evaluate new products and services and to improve our service quality, including by performing statistical analysis and reporting on transactions and site usage. In addition, we may use your personal information for financial reporting, management reporting, audit and record keeping purposes. 

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you) 

      • To manage our risk ► We may use your personal information in managing the risk of our client base, including for assessing and processing applications, instructions or requests from you, maintaining credit and risk related models, managing our infrastructure and business operations and complying with internal policies and procedures and monitoring the use of our products and services.  

Use justification: contract performance, legitimate interests (to manage the risk of our client base and to ensure you fall within our acceptable risk profile). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To receive services from our vendors and conduct our business ► to receive services, including to carry out our obligations arising from any agreements entered into between our vendors and us, which may include passing your data to third parties such as agents or contractors or to our advisors (e.g., legal, financial, business or other advisors). This includes vendors that provide ID verification and sanctions tools, which we use to help verify your identity and comply with our legal obligations, such as anti-money laundering laws. ID verification partners use a combination of government records and publicly available information to verify identity. This also includes the financial institutions with which we partner to process payments you have authorized. Our contracts require these vendors to only use your information in connection with the services they perform for us, and prohibit them from selling your information to anyone else.

Use justification: legal obligations, legitimate interests (to enable us to perform our obligations and receive services from vendors). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To verify your identity ► for the purposes of providing facilities, products or services, including conducting screenings or due diligence checks as may be required under applicable law, regulation, directive or our Terms and Conditions. For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.   

Use justification: legal obligation, contract performance, legitimate interests (to enable us to manager client risk). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • In relation to fraud prevention ► We and other organizations may also access and use certain information to prevent fraud as may be required by applicable law and regulation and best practice at any given time. If false or inaccurate information is provided or fraud is identified or suspected, details may be passed to law enforcement and fraud prevention agencies and may be recorded by us or by them. In addition, we may share information with the financial institutions with which we partner to process payments you have authorized. Paxos Trust Company may also share information with other financial institutions pursuant to Section 314(b) of the U.S. Patriot Act. For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.  

Use justification: legal obligations, legitimate interests (to ensure that your organization falls within our acceptable risk profile and to assist with the prevention of crime and fraud). Where this includes special categories of personal information, we will usually rely on substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • To reorganise or make changes to our business In the event that we are (i) subject to negotiations for the sale of our business or part thereof to a third party, (ii) sold to a third party or (iii) undergo a reorganization, we may need to transfer some or all of your personal information to the relevant third party (or its advisors) as part of any due diligence process or transferred to that reorganized entity or third party and used for the same purposes as set out in this policy or for the purpose of analysing any proposed sale or reorganization.  

Use justification: legitimate interests (in order to allow us to change our business) 

      • In connection with legal or regulatory obligations ►  Law enforcement, regulators and the court service ► We may share your information with law enforcement, regulatory authorities, tax authorities (including the US Internal Revenue Service pursuant to the Foreign Account Tax Compliance Act, to the extent this applies), self regulatory organizations (such as those that operate virtual currency derivative exchanges) and officials, or other third parties when we are compelled to do so by a subpoena, court order, or similar legal procedure, or when we believe in good faith that the disclosure of personal information is necessary to prevent physical harm or financial loss, to report suspected illegal activity or to investigate violations of our Terms and Conditions or any other applicable policies. We may also use your personal information to otherwise comply with all applicable laws, regulations, rules, directives and orders.

Use justification: legal obligations, legal claims, legitimate interests (to cooperate with law enforcement and regulatory authorities). Where this includes special categories of personal information, we will usually rely on legal claims, substantial public interests (processing for the prevention and detection of fraud/crime), or very rarely where necessary, explicit consent.

      • In order to communicate with you  ► We may use your personal information to communicate with you, including providing you with updates on changes to products, services and banking facilities (whether made available by us or through us) including any additions, expansions, suspensions and replacements of or to such products, services and banking facilities and their terms and conditions;

Use justification: contract performance, legitimate interests (to enable us to perform our obligations and provide our services to you)

      • In connection with disputes  ► We may use your personal information to address or investigate any complaints, claims or disputes and to enforce obligations owed to us.

Use justification: legal claims, contract performance, legitimate interests (to enforce our rights under our agreements with you). Where this includes special categories of personal information, we will usually rely on legal claims, or very rarely where necessary, explicit consent.

      • For advertising  ► Subject to applicable laws and regulations, we may use your personal information to inform our advertising and marketing strategy and to tailor our messaging to your needs. Where required by law, we will ask for your consent at the time we collect your data to conduct such marketing. An opt-out mechanism will be provided to you in each communication to enable you to exercise your right to opt out of any direct marketing. We never sell your information. You may withdraw this consent/opt-out at any time without affecting the lawfulness of processing based on your prior consent.

Use justification: consent, legitimate interest (to keep you updated with news in relation to our products and services) 

4. Automated Decision-Making

Our operation of the itBit Exchange relies on automated analysis of personal information provided by you, alongside that received from credit referencing agencies and fraud prevention agencies, For more information on the anti-fraud measures adopted by us, please see section 7 of this Privacy Policy.

We may use criteria such as your identifying information (e.g., your name, tax id number or date of birth) to validate your identity against public records on an automated basis or without human/manual intervention.

We do this on the basis that it is necessary for us to enter into a contract with you. If you fail to meet these criteria, your application to use the itBit Exchange will be rejected.

You may also request that we provide information about our methodology and ask us to verify that the automated decision has been made correctly. We may reject the request, as permitted by applicable law, including when providing the information would result in a disclosure of a trade secret or would interfere with the prevention or detection of fraud or other crime. However, generally in these circumstances we will verify (or request the relevant third party to verify) that the algorithm and source data are functioning as anticipated without error or bias.

 

5. Transmission, storage and security of your personal information

Security over the internet

5.1. No data transmission over the Internet or website can be guaranteed to be secure from intrusion. However, we maintain commercially reasonable physical, electronic and procedural safeguards to protect your personal information in accordance with data protection legislative requirements.

5.2. All information you provide to us is stored on our or our subcontractors’ secure servers and accessed and used subject to our security policies and standards. Where we have given you (or where you have chosen) a password that enables you to access certain parts of our websites, you are responsible for keeping this password confidential and for complying with any other security procedures that we notify you of. We ask you not to share a password with anyone.

Export outside the EEA (this section only applies if you are based in the EEA)

5.3. Your personal information may be accessed by staff or suppliers in, transferred to, and/or stored at, a destination outside the European Economic Area (EEA) in which data protection laws may be of a lower standard than in the EEA. Regardless of location or whether the person is an employee or contractor, we will impose the same data protection safeguards that we deploy inside the EEA.

5.4. Certain countries outside the EEA have been approved by the European Commission as providing essentially equivalent protections to EEA data protection laws and therefore no additional safeguards are required to export personal information to these jurisdictions. In countries that have not had these approvals, (see the full list here http://ec.europa.eu/justice/data-protection/international-transfers/adequacy/index_en.htm), we will either ask for your consent to the transfer or transfer it subject to European Commission approved contractual terms that impose equivalent data protection obligations directly on the recipient unless we are permitted under applicable data protection law to make such transfers without such formalities.

5.5. Please contact us as set out in section 6.4 below if you would like to see a copy of the specific safeguards applied to the export of your personal information.

Storage limits

5.6. We will retain your personal information for as long as is necessary for the processing purpose(s) for which they were collected and any other permitted linked purpose (for example certain transaction details and correspondence may be retained until the time limit for claims in respect of the transaction has expired or in order to comply with regulatory requirements regarding the retention of such data). So if information is used for two purposes, we will retain it until the purpose with the latest period expires; but we will stop using it for the purpose with a shorter period once that period expires.

5.7. We restrict access to your personal information to those persons who need to use it for the relevant purpose(s). Our retention periods are based on business needs, and your information that is no longer needed is either irreversibly anonymised (and the anonymised information may be retained) or securely destroyed. By way of example:

      1. use to perform a contract: in relation to your personal information used to perform any contractual obligation to you, we may retain that personal information whilst the contract remains in force plus a further period (depending on jurisdiction and other factors) to deal with any queries or claims thereafter;
      2. copies of evidence obtained in relation to AML checks: in relation to your personal information obtained in relation to AML checks, we may retain that personal information whilst our client relationship remains in force plus a further 5 years to deal with any queries or claims thereafter; and
      3. where claims are contemplated: in relation to any information where we reasonably believe it will be necessary to defend or prosecute or make a claim against you, us or a third party, we may retain that information for as long as that claim could be pursued.

Anonymity

5.8. Bitcoin and other virtual currencies may not be fully anonymous as a result of the public digital ledgers reflecting these currencies. Generally, anyone can view the balance and transaction history of any public wallet address. We, and others who are able to can match your public wallet address to other information about you, and also may be able to identify you from a blockchain transaction. Furthermore, third parties may use data analytics to identify other information about you. Please note that such third parties have their own privacy policies and that we do not accept any responsibility or liability for their policies or processing of your personal information.

6. Your rights & contacting us

Marketing

6.1. You have the right to ask us not to process your personal information for marketing purposes. We will inform you if we intend to use your information for such purposes or if we intend to disclose your information to any third party for such purposes. You can exercise your right to prevent such processing by not checking certain boxes on our marketing consent form. You can also exercise the right at any time by contacting us as set out below.

 

Updating Information

 
6.2. We will use reasonable endeavours to ensure that your personal information is accurate. In order to assist us with this, you should notify us of any changes to the personal information that you have provided to us by contacting us as set out below.

Your rights (this section only applies if you are based in the EEA)

6.3. Where you are based in the EEA, under certain conditions under EU data protection law, you may have the right to require us to:

      • provide you with further details on the use we make of your information;
      • provide you with a copy of information that you have provided to us;
      • update any inaccuracies in the personal information we hold (please see paragraph 6.2);
      • delete any personal information the we no longer have a lawful ground to use;
      • where processing is based on consent, to withdraw your consent so that we stop that particular processing (see section 6.1 for marketing);
      • transmit the personal information you have provided to us and we still hold about you to a third party electronically;
      • object to any processing based on the legitimate interests ground unless our reasons for undertaking that processing outweigh any prejudice to your data protection rights; and
      • restrict how we use your information whilst a complaint is being investigated.

Your exercise of these rights is subject to certain exemptions to safeguard the public interest (e.g., the prevention or detection of crime) and our interests (e.g., the maintenance of legal privilege). If you exercise any of these rights, we will check your entitlement and respond in most cases within a month.

If we are unable to resolve an inquiry or a complaint, you have the right to contact the data protection regulator in the EEA country in which you are based. A list of the data protection regulators and their contact details can be found at http://ec.europa.eu/newsroom/article29/item-detail.cfm?item_id=612080.

Contacting us

6.4. If you have any questions in relation to this policy or your personal information, please contact: privacy@itbit.com, via our support page or by writing to us at itBit Trust Company: Legal Department, 450 Lexington Ave, Suite 3952, New York, NY 10017.

6.5. In addition to the details at section 6.4, where you are based in the EEA, you can also contact our EU Representative, Paxos Technology Limited at 1 Wework Mark Square, London, Greater London, EC2A 4EG, United Kingdom; email: privacy@itbit.com.

7. Processing for fraud prevention and detection purposes
 
7.1 Before we provide our services to you, we undertake checks for the purposes of preventing fraud and money laundering and to verify your identity. These checks require us to process personal information about you.

7.2. The personal information you have provided, we have collected from you, or we have received from third parties will be used to prevent fraud and money laundering and to verify your identity.

7.3 In order to do so, we may provide information to, obtain information from, and verify information with fraud prevention and debt collection agencies and credit reference agencies (in their role as fraud prevention agents). We will continue to exchange information with such parties while you have a relationship with us.

7.4. We, fraud prevention and debt collection agencies and credit reference agencies may also enable law enforcement agencies to access and use your personal information to detect, investigate and prevent crime.

7.5. Fraud prevention agencies and credit reference agencies can hold your personal information for different periods of time, and if you are considered to pose a fraud or money laundering risk, your data can be held for up to six years.

7.6. As part of the processing of your personal information, decisions may be made by automated means. This means we may automatically decide that you pose a fraud or money laundering risk if our processing reveals your behaviour to be consistent with money laundering or known fraudulent conduct, or is inconsistent with your previous submissions, or you appear to have deliberately hidden your true identity. You have rights in relation to automated decision making as set out in section 4 of this policy.
 
7.7. As a consequence of processing, if we, or a fraud prevention agency or credit reference agency, determine that you pose a fraud or money laundering risk, we may refuse to provide the services you have requested or we may stop providing existing services to you.

7.8. A record of any fraud or money laundering risk will be retained by the fraud prevention agencies and credit reference agencies, and may result in others refusing to provide services, financing or employment to you. If you have any questions about this, please contact us as per section 6 of this policy.
 
7.9. If you are based in the EEA, whenever fraud prevention agencies transfer your personal data outside of the EEA, they impose contractual obligations on the recipients of that data to protect your personal data to the standard required in the EEA. They may also require the recipient to subscribe to ‘international frameworks’ intended to enable secure data sharing.
 
8. Cookies policy
 
We use cookies on the websites. To find out more about how we use cookies, please see our Cookies Policy, which has been provided or made available to you.
 

9. Changes to our Privacy Policy and/or Cookies Policy

We may change the content of our Privacy Policy from time to time in the future. We therefore encourage you to review this policy from time to time to stay informed of how we are using personal information. This itBit Privacy Policy was last updated on May 25, 2018.

 

1 “Special categories of personal information” means personal information which include personal data that may reveal racial/ethnic origin, religion/belief, health, sexual orientation, political affiliation, trade union membership and criminal convictions. 

 

 

 

 

 

Anti-Money Laundering/ Know Your Customer (AML/KYC)

The Company protects itself from involvement in money laundering or suspicious activity by the following:        

  • Performing an enterprise-wide risk assessment to determine the risk profile of the Company
  •            
  • Establishing AML policies and procedures
  •            
  • Implementing internal controls throughout its operations that are designed to mitigate risks of money laundering
  •            
  • Performing know your customer (“KYC”)  procedures on all users
  •            
  • Designating a Compliance Officer with full responsibility for the AML Program
  •            
  • Conducting an annual AML audit
  •            
  • Providing AML training to all employees
  •        

Policies and Procedures

The Policy will be approved by the Company’s Board.  The Policy once approved will be provided to all employees.  Each employee will acknowledge the Policy in writing.  All policies and procedures will be reviewed and updated or revised as needed, but no  less often than annually.

Internal Controls

The Company has developed and implemented internal controls for the purpose of ensuring that all of its operations comply with all AML  legal requirements and that all required reports are made on a timely basis. Some of those internal controls are listed within this document and include, but are not limited to, the Customer Identification Program, the Suspicious Activity Reporting system, and the required reports on the Program’s effectiveness to the Board.

Training

All of the officers and employees of the Company are required to receive AML training at least annually.  The Company will track the training progress of all employees and maintain documentation of each employee, the date of the AML training as well as a description of such training. New employees will receive appropriate AML training  within 30 days of their hire date. Training for all employees will  include not only the legal elements of AML laws and regulations but will also cover job specific applications of these laws. Ongoing training will be provided and updated regularly to reflect current developments and changes to laws and regulations.

Compliance Officer

The Company has appointed a Compliance Officer to be responsible for  the management, coordination and monitoring of compliance with this  policy and all applicable AML laws and regulations. The Compliance Officer will have a working knowledge of all AML laws and be qualified by knowledge, experience and training. The Compliance Officer will be responsible for filing (if applicable) or keeping a record of suspicious transaction reports (“STR”) and suspicious activity reports  (“SAR”) with the appropriate agencies and for overseeing the annual  audit.  The Compliance Officer will oversee all corrective action of any audit findings or other AML-related issues. The Compliance  Officer will be responsible for all record keeping requirements and provide reports on the effectiveness of the AML program to the Company’s Board.

       

CUSTOMER IDENTIFICATION

It is the Company’s policy to ensure that it has reasonably identified each customer who uses the Company’s virtual currency  exchange platform. Users may be identified using a variety of  methods.

Account Opening Procedures.

Additionally, the Company will, as part of its account-opening  process:  (i) cross-check the names of users against compliance databases such as the OFAC Specially Designated Nationals list and  other governmental watch lists; (ii) require users to provide proof of  identification; and (iii) not permit any trades to be made with incomplete account-opening information.

Proof of Identification:

Individual         

  • Name
  •            
  • Date and place of birth
  •            
  • Residence address and mailing address if different (PO Box alone will not be acceptable)
  •            
  • Official issued identification number (e.g., passport number, social security number, employee identification number or individual taxpayer identification number)
  •            
  • Copy of valid photo identification of the principal(s) involved with the account (e.g., drivers license, armed forces  identification, passport, alien identification card)
  •        

Businesses

         
  • Business name
  •            
  • Name of businesses representative for the account
  •            
  • The address of the customer’s principal place of business and, if different, the customer’s mailing address. If the customer has a local address different from its principal place of business, the  local address.
  •            
  • Official issued identification number of the principal(s) involved with the account (e.g., passport number, social security number, employee identification number or individual taxpayer  identification number)
  •            
  • Copy of valid photo identification of the principal(s) involved with the account (e.g., drivers license, armed forces identification, passport, alien identification card)
  •            
  • Customer due diligence procedures will be followed to determine the beneficial owners of corporate or trust accounts. This would  include determining if the customer is an agent of or on behalf of another; obtaining information about the structure or ownership of  a customer who is a legal entity that is not publicly traded in the US; and where the customer is a trustee, obtaining information about the trust structure, determining the provider of the funds and any persons who have control over the funds or the power to  remove the trustee.
  •        

Verification

Documents used in opening an account relationship must be verified prior to establishing the account.  Verification of identity will require multi-factor authentication, layered security and other controls to ensure a meaningful user identity confirmation process based on account size or other factors.

The following are examples of verification methods the Company may use:

              
  • Obtaining proof of address, such as a copy of a utility bill or bank statement from the account holder.
  •            
  • Having a telephone call after the account relationship is open.
  •            
  • Obtaining a financial statement for a business account.
  •            
  • Comparing the identifying information with information available from a trusted third party source, such as a credit report from a consumer-reporting agency, Veratad, Lexus Nexus Instant ID
  •            
  • Analyzing whether there is logical consistency between the identifying information provided, such as the customer’s name, street address, ZIP code, telephone number, date of birth, and social security number (logical verification).
  •            
  • Utilizing knowledge-based challenge questions.
  •            
  • Utilizing complex device identification (such as “digital fingerprints” or geo-location checks).
  •            
  • Obtaining a notarized copy of an individual’s birth certificate or a business’ certificate of incorporation sealed with an apostille for valid identification .
  •            
  • When the type of account increases the risk that the Company will not be able to verify the true identity of the customer  through documents is confirmed the account will be closed.
  •        

SUSPICIOUS TRANSACTION AND ACTIVITY REPORTS

The Company will diligently monitor transactions for suspicious activity.  Transactions that are unusual will be carefully reviewed to determine if it appears that they make no apparent sense or appear to be for an unlawful purpose.  Internal controls will be implemented so that an ongoing monitoring system is in place to detect such activity as it occurs. When such suspicious activity is detected, the Compliance Officer will determine whether a filing with any law enforcement authority is necessary.

Suspicious activity can include more than just suspected money laundering attempts.  Activity may be suspicious, and the Company may wish to make a filing with a law enforcement authority, even if no money is lost as a result of the transaction.

The Compliance Officer will initially make the decision of whether a transaction is potentially suspicious. Once the Compliance Officer has finished his review of the transaction details, he or she will consult with the Company’s senior management to make the decision as to whether the transaction meets the definition of suspicious transaction or activity and whether any filings with law enforcement authorities should be filed.

The Compliance Officer will maintain a copy of the filing as well as all back up documentation. The fact that a filing has been made is confidential. No one, other than those involved in the investigation and reporting should be told of its existence. In no event should the parties involved in the suspicious activity be told of the filing. The Compliance Officer may inform the Company’s Board of the filing and the underlying transaction. 


       

REPORTING REQUIREMENTS

Reasonable procedures for maintaining records of the information used to verify a person’s name; address and other identifying information are required under this Policy. The following are required steps in the record keeping process:  

  • The Company is required to maintain a record of identifying information provided by the customer.
  •            
  • Where the Company relies upon a document to verify identity, the Company must maintain a copy of the document that the Company relied on that clearly evidences the type of document and any identifying information it may contain.
  •            
  • The Company must also record the methods and result of any additional measures undertaken to verify the identity of the customer.
  •            
  • The Company must record the resolution of any discrepancy in the identifying information obtained.
  •            
  • All transaction and identification records will be maintained  for a minimum period of five years.
  •               

AML AUDIT

The Compliance Officer is responsible for directing the annual AML audit of the Company’s operations. The independent audit will be conducted by an independent third party with working knowledge of BSA requirements, or by Company personnel with working knowledge of BSA requirements, none of whom work for the Compliance Officer. The Compliance Officer will develop corrective action plans for all issues  that are raised in the audit and will provide the audit report and all corrective action plans to the Company’s senior management for review. Reports of the corrective action will continue until all are resolved.