Privacy policy.

We are committed to protecting the privacy of our customers.

bfex is committed to protecting your privacy. We take our data protection responsibilities with the utmost seriousness.

This Privacy Policy sets out what Personal Data we collect, how we process it and how long we generally retain it, along with details of your rights as a data subject.

1. INTRODUCTION

bfex.im and bfex are trading names of Blackfridge EX Limited, a company incorporated in the Isle of Man. We are a pioneering fintech company that provides convertible virtual currency exchange services, https://www.bfex.im/.In this Policy, “the business”, “we”, “us” and “our” refers to Blackfridge EX Limited. The terms “you” and “your” includes our customers/clients, business partners and users of our website(s).

This website collects personal data from users and visitors, and we would recommend you read this privacy policy carefully as it contains important information on who we are, and how and why we collect, store, use and share your personal data. It also explains your rights in relation to your personal data and how to contact us or supervisory authorities in the event you have a complaint.

2. PERSONAL DATA

Personal data is defined as any information that can identify an individual, either directly or when combined with other data as well as data concerning health, sex life or sexual orientation. The Data subject is the individual that the personal data relates to.

We collect, use, and retain certain personal data about you subject to the Isle of Man Data Protection Act 2018 and/or the United Kingdom General Data Protection Regulation (UK GDPR).  This personal data enables us to provide services to you. If you do not provide personal data we ask for, it may delay or prevent us from providing these services to you.

3. HOW, WHY AND TYPES OF PERSONAL DATA WE COLLECT

The table below outlines the types of personal data we collect, how and why we collect your personal data and what we, and third parties will use your data for:

Directly from you (telephone, text, email) and via our website (e.g. registration and during the course of the business relationship with you). In addition, we may collect information from credit reference agencies, due diligence providers, sanctions screening providers, third parties (e.g. banks and building societies), website cookies, IT systems (e.g. performance monitoring and tracking solutions).

Your personal data can only be used if there is a valid reason and in the following circumstances:

  • to comply with legal and regulatory obligations
  • where you have given your consent
  • the execution and pre-requisites of a contract with you
  • our legitimate interests
  • a third parties legitimate interests
  • To create and manage your account with us
  • To improve our services
  • Preventing and detecting fraud against you or us
  • Provide services to you
  • Auditing
  • Investigations
  • Regulation
  • Legal requirements
  • Compliance
  • Privacy
  • Analysis
  • Security
  • Statutory requirements
  • Marketing
  • Credit checks
Regulators
Credit reference agencies
Insurers
Banks
Social media platforms
Marketing agencies
Law enforcement agencies
Regulatory bodies
Auditors
Service providers

4. SHARING DATA

We take all reasonable measures to ensure third parties take appropriate actions to protect your personal data. It may be necessary for us to share your personal data with third parties outside the Isle of Man and UK if you are based outside the Isle of Man and UK or where there is an international requirement to the services, we are providing to you.

Under data protection law, we can only transfer your personal data to a country or international organisation outside the Isle of Man and the UK where:

  • the UK government has decided the country or international organisation has an adequate level of protection of personal data (known as an ‘adequacy decision’). For a list of the current UK Data partnerships please see UK adequacy approved countries
  • there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects. Other countries or international organisations we are likely to transfer personal data to do not have the benefit of an
  • adequacy decision. This does not necessarily mean they provide poor protection for personal data, but we must look at alternative grounds for transferring the personal data, such as ensuring appropriate safeguards are in place or relying on an exception
  • a specific exception applies under data protection law e.g. you have explicitly consented to the proposed transfer after having been informed of the possible risks and/or the transfer is necessary to establish, exercise or defend legal claims

If you would like further information about data transferred outside the Isle of Man and the UK, please contact us (see ‘How to contact us’ below).

5. RETENTION OF DATA

Your Personal data may be held at our offices, third party agencies, service providers, representatives and agents and will be kept for as long as you have an account with us, or we are providing services to you. Once you terminate your account with us or there is a period of 12 months of no activity on the account then we will keep your personal data for as long as is necessary:

  • to respond to any questions, complaints or claims made by you or on your behalf
  • to show that we treated you fairly
  • to keep records required by regulation and law.

We will not keep your personal data for longer than necessary and when it is no longer necessary to keep your personal data, we will delete or anonymise it.

6. MARKETING

We, and third parties may use your data for marketing purposes. You have the right to opt out of receiving marketing communications at any time by:

  • contacting us (see ‘How to contact us’ below)

You have the following rights, which you can exercise free of charge:

Access The right to be provided with a copy of your personal data
Rectification The right to require us to correct any mistakes in your personal data
Erasure The right to require us to delete your personal data—in certain situations
Restriction of processing The right to require us to restrict processing of your personal data in certain circumstances, e.g. if you contest the accuracy of the data
Data portability The right to receive the personal data you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
To object The right to object at any time to your personal data being processed for direct marketing (including profiling) and, in certain other situations to our continued processing of your personal data, e.g. processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision making The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you

7. RIGHTS

For further information on each of those rights, including the circumstances in which they apply, please see the Isle of Man Information Commissioner’s website at https://www.inforights.im/individuals/data-protection/your-data-protection-rights/ or Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights.

If you would like to exercise any of these rights, please contact us (see ‘How to contact us’ below).

You also have the right to lodge a complaint with the Isle of Man Information Commissioner, the UK Information Commissioner or any relevant European data protection supervisory authority. The Isle of Man Information Commissioner may be contacted at https://www.inforights.im/contact-us / or telephone +44 1624 693260 and UK Information Commissioner may be contacted at https://ico.org.uk/make-a-complaint or telephone: 0303 123 1113.

8. SECURITY

We have implemented appropriate security measures to prevent personal data from being accidentally lost, used or accessed unlawfully. We limit access to your personal data to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.

We also have procedures in place to deal with any suspected data security breach. We will notify you and any applicable regulator of a suspected data security breach where we are legally required to do so.

To ensure you are protecting your information please visit Get safe online. Get Safe Online is supported by HM Government and leading businesses.

Please contact us if you have any query or concern about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.

9. HOW TO CONTACT US

Please contact us if you have any questions about this policy or the information we hold about you.

If you wish to contact us, please send an email to hello@bfex.im or write to us at our registered address Blackfridge EX Limited, 55 Athol Street, Douglas, Isle of Man.

To ensure you are protecting your information please visit Get safe online. Get Safe Online is supported by HM Government and leading businesses.

Please contact us if you have any query or concern about our use of your information (see below ‘How to contact us’). We hope we will be able to resolve any issues you may have.

10. NEED EXTRA HELP

If you would like this notice in another format (for example audio, large print, braille) please contact us (see ‘How to contact us’ above).]

11. LATEST UPDATE

4th April 2022

Connect with us

bfex is a personalised service – start a direct conversation

Create an account quickly & easily

Enjoy easy access to financial services worldwide & reduce costs and save time.