गोपनीयता नीति

Privacy Policy

BINANY values your privacy and is committed to safeguarding your personal data. This privacy policy explains how we collect and handle personal information—specifically, data about a Client (as defined below) who is a natural person and can be identified from this information (hereinafter referred to as "data")—in line with applicable data protection laws and best practices.

This Privacy Policy is designed to provide clear information on how we collect, use, and protect your data in compliance with the General Data Protection Regulation (GDPR) and other applicable data protection laws. We strive to uphold the highest standards of data protection, ensuring transparency and respecting your rights as outlined in GDPR.

We aim to establish one of the most secure infrastructures among brokers worldwide. Through this privacy policy, we explain why you can trust us with your data and feel assured that it is safe.

It is important that you read this privacy policy together with any other privacy notices we may provide on specific occasions when we collect or process your data. This will ensure you are fully informed about how and why we use your information.

In this Privacy Policy, unless the context requires otherwise, terms defined herein shall carry the meanings assigned to them in the Terms & Conditions.

Please note that this Privacy Policy is intended for Clients and potential customers. If you are a BINANY employee, contractor, or service provider, your personal information will be managed in line with your employment contract, service agreement, or our separate policies, which are available upon request through the contact details listed in the section OUR CONTACT DETAILS below.

If you are participating in our affiliate and/or introducing broker programs, we will process the data provided under our agreement with you to fulfill our rights and obligations under that agreement. In this case, the term "Client" in this Privacy Policy also includes "Affiliate" and/or "Introducing Broker" as applicable.

1. 1. ABOUT US

BINANY is a global brand, which is operated by Crypex IT LTD. This includes its affiliated and related entities (collectively referred to as “We,” “Company,” or “BINANY”). We act as the data controller, responsible for the personal information provided by Clients when they register for a Trading Account, Demo Account, or use any of our other services offered through our website (the “Website”), which includes both desktop and mobile versions.

This Privacy Policy is issued on behalf of BINANY, which is accountable for collecting and processing your data when you use our Trading Platform via the Website for a Trading Account or Demo Account. We respect your privacy and are committed to protecting any data we collect, use, or access in the course of providing services.

We take proactive steps to implement strong data protection practices and regularly update these measures to ensure the security of Client data and accounts. Your data is safeguarded by legal, administrative, and technical protocols designed to uphold privacy, integrity, and accessibility. To prevent potential security incidents involving your data, we use a combination of organizational and technical measures, informed by annual risk assessments.

We will not disclose any private information about our Clients or former Clients unless we have written authorization from the Client, it is required by law, it is necessary to verify the Client's identity, or it is essential to fulfill our contractual obligations under any agreement with the Client. The information of Clients is processed exclusively by our employees or trusted third-party providers, who deliver specific services essential for our operations. All data is stored on electronic and physical media in compliance with applicable laws.

2. 2. HOW WE USE YOUR DATA

Our processing of your personal data relies on one or more legal bases as outlined in Article 6 of the GDPR, including: (a) your consent, (b) the need to perform a contract, (c) compliance with legal obligations, (d) protection of vital interests, (e) performing a task in the public interest, and (f) our legitimate interests, provided they do not override your fundamental rights and freedoms.

2. 1. We may collect, use, store, and share various types of data about you, categorized as follows:

- Identity Data: Includes details such as your first name, last name, patronymic (if applicable), date of birth, gender, passport or ID number, driver's license, and a copy of your photo.

- Contact Data: Includes billing address, email, and phone numbers.

- Financial Data: Contains bank account information, payment card details, and tax identification numbers (such as social security number, income tax identification number, or national insurance number).

- Transaction Data: Covers details about your transactions, payments, withdrawals, exchanges, trading history, profit, balance, deposit and withdrawal amounts, methods, and any other specifics related to services accessed on our Website.

- Technical Data: Encompasses IP address, login data, browser type and version, time zone, location, browser plug-ins, operating system, device details, and other technologies used to access the Website, including cookies.

- Profile Data: Involves Client Account details like username, password, transaction history, interests, preferences, feedback, and survey responses.

- Usage Data: Includes information on how you use our Website, products, and services, such as registration date, account type, trading cluster, complaint and request history, and IP log.

- Marketing and Communication Data: Reflects your preferences for receiving marketing and communication updates from us.

- Special Categories or Sensitive Data: Includes details on religious beliefs, annual income, biometric data, and any criminal convictions or offenses.

- Conformity Data: Contains information on your education, employment status, trading experience, and results from self-assessment tests.

- Banking Data: Comprises information about your payment methods, such as bank card issuer details, card number, cardholder name, expiration date, payment system, card validation code (CVV2/CVC2), and card photos.

- KYC (Know Your Customer) Data: Includes documents verifying identity, such as recent utility bills, ID card, passport, and driver's license copies.

- Economic Profile Data: Covers occupation, investment purposes, annual income, net wealth, expected annual investment, and sources of funds.

- Location Data: Details your location when interacting with our Website, based on parameters like country, time zone, and language settings.

- Audio Data: Includes recordings of calls made to or received from us.

2. 2. Aggregated Data consists of statistical or demographic data derived from your information, which doesn’t reveal your identity directly or indirectly. For example, aggregated Usage Data helps us analyze user engagement with website features.

If we combine Aggregated Data with personal data in a way that could identify you, we treat it as personal data according to the terms of this policy.

We handle your data in a lawful, fair, and transparent way, adhering to principles of purpose limitation, data minimization, accuracy, storage limitation, integrity, confidentiality, and accountability.

Generally, we collect and process your data for the following reasons:

1. To fulfill our contract with you;

2. To meet our legal obligations, including anti-money laundering and counter-terrorism laws;

3. To protect our legitimate interests.

Clients agree that we may retain data on their account and transactions in case of a dispute with BINANY.

It is the Client's responsibility to update any changes to the data provided. While we make efforts to keep your data up-to-date, it is essential that you assist in notifying us of any updates. Clients acknowledge that BINANY holds no obligation for independently verifying or reviewing data.

3. 3. WAYS WE COLLECT YOUR PERSONAL DATA

We are committed to transparency in our data processing practices in compliance with Articles 12, 13, and 14 of the GDPR. This means providing you with clear information on our data collection methods, purposes of processing, categories of personal data collected, legal grounds for processing, data recipients, and retention periods.

We use various methods to collect data from and about you, including:

Personal Data Provided Directly: You provide us with Identity, Contact, and Financial Data through our Website by filling out forms or communicating with us via email or other methods. Examples of instances when you may submit data include:

- Registering for a Trading or Demo Account;

- Subscribing to publications or updates;

- Requesting marketing materials and promotions;

- Entering competitions, promotions, or surveys;

- Providing feedback or contacting us.

This data collection allows us to deliver our services effectively and fulfill our legal obligations, including fraud prevention and compliance with anti-money laundering regulations. If you do not provide the required data, we may be unable to perform the contract with you, which could lead to service cancellation. We will inform you if this is the case. It is important to keep your information accurate and up-to-date throughout your relationship with us.

Automated Technologies or Interactions. When using our services, your device automatically sends us technical data, including your location settings (e.g., country, time zone, language). Information like IP address, cookies, browser type, operating system, access times, and page requests helps us optimize our platform's performance, including mobile and desktop versions. We also use web analytics to track website performance and monitor user behavior, which enables us to improve our services. You may request that we restrict certain data transmissions (within legal limits) by contacting our Data Protection Officer (DPO) using the registered email on your account. We will address your request within 30 business days.

Information About Cookies:

Cookies are small data files with unique identifiers sent from a website to your device's browser, which are stored on your device’s hard drive to track website usage. Websites commonly use cookies to track online traffic and user activity. When you visit our Website, we may collect information such as browser type, IP address, and referring websites via cookies.

Cookies allow us to understand the Client’s journey on our Website, anonymously identify returning users, and determine popular content. We ensure your privacy by not storing personal details, names, or emails in cookies. The use of cookies is standard practice among major websites and enables us to optimize the site experience for Clients by learning which content is most useful. You can disable cookies or delete them manually, though this may limit some functionality on our site.

4. 4. REASONS FOR USING YOUR DATA AND LEGAL GROUNDS

We process the above-mentioned data in compliance with current legislation, allowing us to (i) meet our contractual obligations to the Client, (ii) deliver our services effectively, (iii) comply with legal requirements, including fraud prevention and anti-money laundering laws, and (iv) protect both our legitimate interests and your vital interests.

The legal grounds for processing data are as follows:

a. To comply with our legal obligations;

b. To fulfill our contractual commitments to the Client;

c. To protect our legitimate interests where your fundamental rights do not override these interests;

d. Based on your consent, when applicable.

We process your personal data in compliance with applicable laws and regulations for the following purposes:

- Client Onboarding and Communication

We use your data to register you as a Client, communicate important updates such as changes to terms or policies, provide secure identification and support services, and verify that you meet the legal age requirements of your jurisdiction. These activities are necessary to fulfill our contractual obligations to you and to comply with legal requirements.

- Risk Assessment and Client Profiling

Your information is used to evaluate risk levels through scoring processes, helping us determine your financial or operational risk profile. This processing is required to fulfill our contractual commitments and to comply with regulatory obligations.

- Geolocation Validation

We process your location data to verify geographic details as required for regulatory and legal purposes. This ensures compliance with applicable laws and helps us meet the requirements of our contract with you.

- Authentication and Social Network Integration

Your data may be processed through social network protocols and account connections to facilitate secure authentication, identification, and support services. This is necessary to meet the requirements of our contract and to ensure compliance with security and legal standards.

- Transaction Processing

Your data is processed to manage and fulfill transactions such as deposits, trades, and withdrawals, oversee payments and charges, and recover debts where applicable. This is essential to fulfill the services outlined in our contract and to protect our legitimate interests, such as ensuring financial accountability.

- Platform Security and Business Administration

To maintain and secure our platform, we process your data for tasks such as troubleshooting, IT system management, fraud prevention, and compliance monitoring. This processing is necessary to fulfill our contract with you and to meet operational and legal obligations.

- Service Optimization and Advertising

Your data is used to deliver personalized content and advertisements, enhance user experiences, and assess the effectiveness of marketing efforts. These activities are critical to providing the services detailed in our contract and are aligned with our legitimate business interests, including improving usability and expanding offerings.

- Product Development and Marketing Strategy

We analyze your interactions with our services to refine and develop our products, grow our business, and inform our marketing strategies. This is part of our commitment to improving services while meeting the obligations outlined in our contract.

- Informational Updates

Your data is processed to notify you of new products, features, or services, ensuring you are kept informed about relevant developments. This processing is necessary to fulfill the terms of our contract and supports our legitimate business interests in keeping you updated.

- Direct Marketing and Communication

We may use your data to send direct marketing materials, newsletters, and updates about our services while ensuring your information is never shared for third-party promotions. This helps us deliver relevant, personalized communications as part of our contract and aligns with our legitimate business interests.

- Employee Training and Dispute Resolution

We process your data to train our employees, monitor performance, and address disputes effectively. This helps us meet the terms of our contract and supports legal obligations related to fraud prevention and dispute resolution.

- Regulatory and Financial Verifications

Sensitive data such as income or criminal history may be processed to confirm compliance with financial and legal requirements. These measures are necessary to meet regulatory obligations and safeguard your vital interests.

If you are a current Client, we may use your data to communicate support updates, newsletters, or event details relevant to our services. Additionally, if you consent, we may send you marketing materials about our services via email or other channels.

Our Website is intended for users over the age of 18; therefore, we collect your birthdate to verify age eligibility.

5. 5. HOW TO OPT OUT

Feel free to email us at support@binany.com, requesting us to stop sending marketing communications or sharing data with third parties. We will fulfill your request within seven business days.

6. 6. SHARING YOUR INFORMATION

We may share your data with third parties for the purposes outlined in this policy. We take all necessary steps to ensure that third-party service providers do not use your data for their own purposes, allowing them to process it only for specified tasks and in line with our instructions.

In general, your data is shared with our processors. Additionally, we may transfer your data to another legal entity in the event of a business reorganization, sale, merger, or similar restructuring.

For sharing data outside of our affiliated entities, we maintain strict confidentiality and only disclose client-related information if:

1. It is legally required;

2. You explicitly request or authorize us to process a transaction or perform a service;

3. It is necessary for service provision under our contractual relationship;

4. It is required to protect our legitimate interests under applicable laws.

Sharing Your Information with External Parties.

Your personal data may be shared with external entities in the following scenarios:

- Service Providers

We may collaborate with reliable third-party partners to perform critical operations on our behalf. These include managing and supporting IT systems, processing payments, conducting data analysis, providing marketing and communication services (such as newsletters), delivering customer support, and other necessary activities integral to our operations.

- Affiliated Companies

To ensure seamless service delivery, we may share your information with entities connected to BINANY, including affiliates and subsidiaries, where such collaboration is essential for offering relevant products and services.

- Governmental and Regulatory Bodies

If required by law, we may disclose your data to governmental authorities, regulatory bodies, or courts. Such disclosures are limited to the minimum necessary to comply with legal obligations or enforce court mandates.

- Specific Circumstances

In unique circumstances, we may share your data to protect our legal rights, ensure the safety of users, or address incidents that require action, such as fraud prevention or dispute resolution. Additionally, we may disclose information to establish, exercise, or defend against legal claims when necessary.

We take all reasonable steps to ensure that third-party service providers entrusted with collecting, storing, or processing data for us:

- Establish contracts that safeguard data privacy in accordance with this Privacy Policy and relevant information security standards

- Have confidentiality or non-disclosure agreements that include privacy clauses;

- Implement procedures to comply with data protection agreements.

Should any misuse or unauthorized disclosure of personal data by a third-party service provider occur, we will take appropriate corrective actions.

If you wish to receive more information about data transfers mentioned here, please contact us using the email registered in your Client Account, as listed in the section OUR CONTACT DETAILS below.

7. 7. DATA STORAGE DURATION

We retain your personal data only as long as is reasonably necessary to fulfill the purposes for which it was collected, including compliance with legal, tax, accounting, and reporting requirements. If there is a complaint or a potential legal dispute, we may hold your data for an extended period.

To determine the appropriate retention period, we consider factors such as the amount and sensitivity of the data, the risk of harm from unauthorized use or disclosure, the purposes for data processing, the possibility of achieving those purposes through alternative methods, and applicable legal requirements.

Your data, including call recordings, will be stored for the duration of our contractual relationship and for a minimum of seven years after the end of the service provided to you. Generally, any other data is retained for 30 business days following the termination of our services, unless there is a specific legal reason to keep it longer.

At the end of the retention period, the data is permanently deleted through irreversible destruction. Additionally, we inform all third parties who have received your data of the deletion and request that they perform a similar action in compliance with our policy.

8. 8. YOUR RIGHTS AND HOW TO ASSERT THEM

We ask that you provide us with accurate, truthful, and updated information about your identity and avoid misrepresenting yourself as another individual or legal entity. If there are any changes to your personal details, please notify us promptly, no later than seven days after such changes occur. If your data is incorrect or incomplete, contact us using the details in the section OUR CONTACT DETAILS below to update it.

Under applicable laws, you have several rights concerning your data, and we encourage you to contact us to discuss these rights. Below is a summary of the key rights you have:

1. Right to Access: You have the right to request confirmation as to whether we process your personal data (Article 15 GDPR). If so, you may access it and receive additional details on the purposes of processing, data categories, recipients, and retention period. You can view your data in your account by selecting "Access My Data"

2. Right to Rectification: Under Article 16 GDPR, you have the right to request the correction of any inaccurate or incomplete personal data we hold about you. If your information is incorrect or has changed, please contact us to update it.

3. Right to Erasure: According to Article 17 GDPR, you may request the deletion of your personal data if it is no longer needed for its original purpose, if you withdraw your consent, or if there are no overriding legal grounds for processing. To delete your account and data, go to ‘Terminate Account’ and select "Delete My Account".

4. Right to Restriction of Processing: You have the right to request a restriction on data processing if (a) your data is inaccurate, (b) processing is unlawful but you do not wish for it to be erased, (c) we no longer need the data but you want us to retain it for legal reasons, or (d) you object to the use of your data, and we are verifying whether we have overriding legitimate grounds to continue processing it (Article 18 GDPR).

5. Right to Data Portability: When processing is based on consent and conducted via automated means, you have the right to receive your data in a structured, commonly used, and machine-readable format (Article 20 GDPR). This right does not apply if it would negatively affect the rights and freedoms of others or if it is technically unfeasible.

6. Right to Object: Under Article 21 GDPR, you have the right to object to data processing when based on our legitimate interests or a task in the public interest. Upon objection, we will stop processing your data unless we can demonstrate overriding legitimate grounds.

7. Right to Withdraw Consent: According to Article 7(3) GDPR, you may withdraw your consent to data processing at any time, particularly for marketing or third-party data sharing. Withdrawal will not impact the legality of processing conducted prior to withdrawal.

8. Right to Lodge a Complaint with a Supervisory Authority: We strive to protect your data and keep you informed about our data processing practices. If you are unsatisfied with our processing or data protection efforts, we encourage you to let us know, so we can improve. You can also contact the relevant data protection supervisory authority to file a complaint (Article 77 GDPR).

To exercise any of these rights or seek more details, contact us through the methods in the OUR CONTACT DETAILS section below. Provide your full name and email address to help us identify you. We aim to respond to all legitimate requests within one month, although complex requests may take longer, in which case we will keep you informed.

We may request additional information to verify your identity and ensure your right to access data (or exercise other rights). This is a security measure to prevent unauthorized access to personal information. In some cases, we may charge an administrative fee for processing excessive or unreasonable requests or for additional copies of your data.

9. 9. PROTECTING YOUR INFORMATION

We have put in place appropriate security measures to prevent your data from being accidentally lost, used, or accessed in an unauthorized way, altered, or disclosed. Access to your data is limited to those employees, agents, contractors, and other third parties who have a business need to know. They will only process your data on our instructions, and they are subject to a duty of confidentiality.

We have established procedures to handle any suspected data breach and will notify you of a breach where we are legally required to do so.

Your help is essential in ensuring that your data remains secure. During registration on the Website (or its mobile version), you will be asked to select a username and password for future logins and conducting transactions. To protect your privacy and secure your operations on the Website, sharing registration details (including your username and password) with others is strictly prohibited. We are not responsible for any damage or loss resulting from improper or unauthorized use of your username and password, including by third parties, regardless of whether you authorized such use.

The Company’s live public chat feature is not an official channel of communication between the Company and you. We will never communicate with you through this chat feature or request any information via it. This chat feature is designed for public conversations, allowing users to interact with each other on topics of interest in real-time. Please note that any information shared in the live public chat can be accessed by anyone, and we are not responsible for any content shared or actions taken based on it.

BINANY follows the principles of “Data Protection by Design and by Default" as set out in Articles 24 and 25 GDPR. This approach ensures that our systems and processes are designed to incorporate data protection measures from the outset, minimizing data usage and safeguarding personal information at every stage.

Encryption of your data in transit. We use strong encryption technologies, such as Transport Layer Security (TLS), to protect your data during its transmission from your device to our servers, providing a high level of security and privacy. To further build trust, we use Extended Validation (EV) Certificates issued by trusted Certificate Authorities. Supported browsers will display a “Green Bar,” confirming that all transmitted data is secure.

Protection of your data in our infrastructure. We prioritize “security by default” in all services, meaning that every new service or feature is designed with strict security requirements from the beginning. To safeguard your data, we use pseudonymization for most services, replacing identifiable data with system IDs, making it difficult to trace back to you.

All equipment used for processing your data is located in secure data centers, with network access isolated from the internet. We apply network segmentation to separate services with different security levels and restrict access to your data for employees on a “need to know” basis only. This ensures that only personnel who need access to your data to provide optimal service will have it.

Threats protection. We are constantly vigilant about data security threats and are prepared to address them. All events in our infrastructure are continuously monitored, analyzed, and responded to, keeping your data secure from threats, vulnerabilities, and malware.

In case of any failure affecting the availability of your data, we have data backup and recovery procedures to restore your data quickly. To ensure fast recovery, we use high availability mode for critical databases, minimizing downtime.

Employee awareness of data security. Our employees may need access to your data to provide you with high-quality service. To ensure data security and confidentiality, we monitor employee actions in systems where your data is accessed, granting access strictly on a “need to know” basis. Regular training sessions are held to ensure each employee understands our data security and privacy principles.

If you choose not to give your personal information. In the course of our business relationship, we may need to collect certain data due to legal requirements or contractual obligations. Without this data, we may be unable to establish or fulfill a contract with you, which could delay or prevent us from providing services or managing your accounts.

To what extent we carry automated decision-making and profiling. Generally, we do not use automated decision-making when establishing or managing a business relationship. If automated decision-making is used in specific cases, we will inform you in advance. Profiling may occasionally be conducted to assess certain personal characteristics, and if it is performed, we will notify you accordingly.

10. 10. HOW TO CONTACT US

We have appointed a Data Protection Officer (DPO) who is responsible for overseeing any questions or concerns you may have regarding this Privacy Policy. If you have questions about this policy, including any requests related to your data, please contact the DPO using the contact information provided below:

Email: support@binany.com

To help us process your request efficiently, please contact us using the email address that you registered with your Client Account. We may also require you to provide proof of identity, such as a valid identification form, to ensure that we protect your personal data from unauthorized access and comply with our security obligations.

If you have further questions or need more details about how we use your data, please feel free to reach out to us through the contact methods listed above, and we will gladly provide additional information.

11. 11. EXTERNAL WEBSITE LINKS

Our Website may include links to third-party websites. These linked sites are not under our control, and we cannot accept responsibility or liability for the actions of these third parties, including their collection or use of your data. We encourage you to review the terms and privacy policies of any third-party website before providing your personal data there.

12. 12. UPDATES TO THIS PRIVACY POLICY

This Privacy Policy was last updated on November 8, 2024. We reserve the right to amend, modify, or remove portions of this Privacy Policy in the future to ensure it accurately reflects how we handle and process your data.

We may supplement this Privacy Policy with additional information that you receive from us or through other terms and conditions related to the Website or any agreements you enter into with us.

When changes to this policy are made, the revised Privacy Policy will be posted on our Website. Any updates will take effect immediately upon posting. We welcome your comments and feedback, and you may contact us at any time using the details in the section OUR CONTACT DETAILS above.