Last Updated: 22 October 2020
As a business headquartered in Europe, we are subject to certain regulations (among which, the European General Data Protection Regulation) that require us to comply with a number of obligations regarding your data.
In this document, you can learn everything about how we use your data: that we collect it from you and your actions, that we process only what we need in order to perform what you have asked or consented to (or what the law requires us to…), that we protect with appropriate technology and that we will not share it with anyone, including law enforcement, unless we are forced to by laws and regulations.
The right to privacy is a basic human right. We will fight for yours.
In this policy you can find more about:
We can collect your data directly (e.g. when you give it to us), indirectly (e.g. when someone else gives it to us) or through automated technologies (e.g. cookies).
In order to use the platform, Bitrefill does not require from its Customers any data that will have them “identified” or “identifiable”, unless laws, regulations or the Product the Customer is acquiring require us to so.
However, the Customer may choose to register an account with Bitrefill. In doing so, the Customer will provide data that may have them “identified” or “identifiable”.
2.1. We will only process data that is adequate, relevant and necessary for the purposes outlined in paragraph (3). This may include:
2.2. We do not collect any special categories of personal data about you (e.g. race or ethnicity, religious or philosophical beliefs, sex life, sexual orientation, political opinions, trade union membership, information about your health, and genetic and biometric data). We also do not collect any information about criminal convictions and offences.
2.3. Some services require you to give us personal data (e.g., your phone number or e-mail to deliver a top-up or gift card). We may not be able to perform the services unless you consent to the processing of such data.
3.1. In the instances where you gave us access to identifiable data, we may use it for the following purposes:
|Purpose/Activity||Type of data||Lawful basis for processing including basis of legitimate interest|
|To provide the services and manage client relationship.||(a) Identity data|
(b) Contact data
(c) Professional data
|(a) Performance of a contract with you;|
(b) Necessary to comply with a legal obligation;
(c) Necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services).
|To administer website||(a) Identity|
|(a) Necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganization or group restructuring exercise);|
(b) Necessary to comply with a legal obligation.
|For advertisement, data analytics and to provide recommendations||(a) Identity data|
(b) Contact data
(c) Professional data
(d) Technical data
(e) Usage data
(f) Marketing and Communications Data
|Necessary for our legitimate interests (to study how users use our services and website, to develop them, to grow our business and to inform our marketing strategy). This data is not sold to third-parties for any purpose whatsoever.|
3.2. We will only retain your personal data for as long as reasonably necessary to fulfil the purposes we collected it for or as established by regulatory or legal requirements. We will only retain your personal data for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.
Bitrefill does not disclose your personal data to third parties, except as described in this policy.
We might share your data with third parties when needed to perform support services (e.g., we need to communicate your phone number in order for it to be refilled) or somehow facilitate the provision of Bitrefill’s services.
We may also disclose your personal data under your instructions, to perform the contract entered into by us with you, to protect ours and your rights and interests and those of our business partners or pursuant to your express consent.
Finally, we may share your personal data, on a confidential basis, with subcontractors, for any of the purposes indicated above.
Bitrefill is not in the business of selling data to third-parties for profit. We understand our customers’ struggle to keep their lives private and you can expect a strong commitment on our side to make you succeed in those efforts.
Your personal data will only be disclosed to law enforcement authorities, or other government bodies, to the extent required by laws and regulations.
Bitrefill will not ordinarily share Customer personal data unless required to do so by an appropriate legal instrument (e.g. a subpoena, a warrant or the legal equivalent in the issuing country). Exceptional circumstances (such as a very urgent request that may save a human life, or avoid great harm) may determine a different reaction from our side, but only to the extent permitted by law.
We are committed to protecting the privacy and confidentiality of your personal data. Access to your data is limited only to authorized Bitrefill officers, employees, contractors or others who may require access to it in order to perform the services requested by you.
More specifically, we have implemented the following security measures:
Under certain circumstances, you have the following rights under the data protection laws in relation to your personal data:
If you wish to exercise any of the rights set out above, please contact us in writing to email@example.com. You will not have to pay a fee to access your personal data (or to exercise any of the other rights). However, we may charge a reasonable fee if your request is unreasonable, repetitive or excessive. Alternatively, we could refuse to comply with your request in these circumstances.
We try to respond to all legitimate requests within one month. Occasionally it could take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated.
Our website and services are not intended for children under 16 years of age.
We do not knowingly collect personal information from children under 16. If you are under 16, do not use or provide any information to us without parental consent. If we learn we have collected or received personal information from a child under 16 without verification of parental consent, we will delete that information.