Last updated: 9th Jan 2025

At BitZappl, safeguarding your data is a cornerstone of our commitment to transparency and trust. This Data Handling and Storage Policy outlines how we securely process, store, and manage data collected through our platform and services. Our approach ensures compliance with applicable laws and best practices in data security.

1. Scope of the Policy

This policy applies to all personal, sensitive, and non-personal data collected, processed, and stored by BitZappl. It governs data related to:

  • Customers
  • Employees
  • Third-party vendors
  • Blockchain-related activities

2. Data Collection and Classification

We categorize data into the following types:

2.1 Personal Identifiable Information (PII)

Includes names, contact details, payment information, and any data that directly identifies an individual.

2.2 Sensitive Data

Comprises KYC documents, transaction histories, and other compliance-related records.

2.3 Non-Personal Data

Covers analytics, IP addresses, device information, and other anonymized metrics.

2.4 Blockchain Data

Includes wallet addresses, transaction IDs, and public ledger interactions, inherently stored on decentralized networks.

3. Data Handling Principles

Our data handling practices are guided by the following principles:

  1. Purpose Limitation: Data is collected and processed solely for specified, legitimate purposes.
  2. Minimization: We collect only the data necessary for the services we provide.
  3. Accuracy: We strive to maintain accurate and up-to-date records.
  4. Accountability: We ensure accountability for all data-related activities.

4. Data Storage Practices

BitZappl employs robust storage practices to ensure the integrity and confidentiality of your data:

4.1 Physical Security

Data centers used by BitZappl are secured with:

  • 24/7 surveillance
  • Restricted access
  • Fire suppression systems

4.2 Digital Security

Our digital storage methods include:

  • Data encryption at rest and in transit (AES-256 and TLS protocols)
  • Regular vulnerability assessments and penetration testing
  • Multi-factor authentication for access control
  • Segregated storage for sensitive and non-sensitive data

4.3 Immutable Blockchain Data

Blockchain interactions are inherently stored on decentralized networks and cannot be altered or deleted. BitZappl ensures secure integration with these networks to prevent unauthorized activity.

5. Data Retention Policy

We retain data only for as long as necessary to fulfill the purposes for which it was collected, or as required by law. Retention periods are as follows:

  • PII: Retained for the duration of the business relationship plus 12 calendar months for legal and reporting purposes.
  • KYC Data: Retained for 12 calendar months as mandated by compliance regulations.
  • Non-Personal Data: Retained for analytics and platform improvement purposes indefinitely, as permissible by law.

6. Data Access and Sharing

Access to data is restricted to authorized personnel and shared only under the following circumstances:

  • With Service Providers: For operational purposes under strict confidentiality agreements.
  • For Legal Compliance: When required by law or regulatory authorities.
  • During Business Transactions: In case of mergers, acquisitions, or asset transfers, with prior notice to affected parties.

7. Data Security Measures

BitZappl employs industry-leading security practices, including:

  • Encryption: End-to-end encryption of sensitive data.
  • Access Controls: Role-based permissions and multi-factor authentication.
  • Monitoring: Continuous monitoring for suspicious activity.
  • Incident Response: A comprehensive plan to address breaches or unauthorized access.

8. Incident Management

In the event of a data breach or incident, BitZappl will:

  1. Notify affected parties within 72 hours of detection.
  2. Provide details of the incident and recommended actions.
  3. Implement corrective measures to prevent future occurrences.

9. Compliance and Audits

BitZappl complies with relevant international data protection laws and standards, including:

  • General Data Protection Regulation (GDPR)
  • California Consumer Privacy Act (CCPA)
  • Applicable U.S. federal and state laws

Regular internal and external audits ensure adherence to these standards.

10. Your Rights

You have the right to:

  • Access the data we store about you.
  • Request corrections to inaccurate data.
  • Request deletion of data where legally permissible.
  • Restrict processing or withdraw consent.

To exercise these rights, contact us at hello@bitzappl.com

11. Updates to This Policy

We may revise this policy from time to time. Updates will be posted on our website with the “Effective Date” and “Last Updated” date clearly indicated. We encourage you to review this policy periodically.

12. Contact Us

For questions or concerns about this policy, please reach out to us:

If you have any questions about this Cookie Policy or how we use cookies, please feel free to contact us at:

BitZappl
Email: hello@bitzappl.com