Privacy Policy

Who Are We? website is owned by Money Flow OÜ , a company registered under the number 14845103. Until July 18, 2023, Money Flow OÜ provided virtual currency services under licence number: FVT000047. After this date, Money Flow OÜ discontinued the provision of crypto exchange services at its own discretion and own decision, and the legal entity underwent a change in its area of economic activity. Money Flow OÜ has its registered and operational address at Valukoja tn 8/1, 11415, Estonia, located in Harju maakond, Tallinn, Lasnamäe linnaosa.

Your Acknowledgment of this Policy

You are not legally required to provide us with any personal data. This means that if you provide us with data, you are doing so out of your own volition and consent; we cannot force you to provide any personal data, but without your personal data, we cannot provide you with the services.

You have the right to withdraw from this consent at any time and, in such a case, request that we either cease processing your personal data or that we delete whatever personal data is no longer required to retain under law. Such removal of data may also prevent you from receiving updates and support.

Which Personal Data Do We Collect About You?

We collect these types of personal data:

Non-Personally Identifiable Data. The first type is non-personally identifiable data and statistical information. Non-personally identifiable data gathered consists of technical and behavioural information that does not pertain to a specific individual (“Non-Personal Data”). This includes your device type, browser type and version, IP data, screen size and resolution, language and other technical data. While it is not specifically personally identifiable, it may be reverse-engineered to be identifiable and therefore is considered personal data.

Personally Identifiable Data. The other type of data we collect is individually identifiable data. To put it simply, this data identifies an individual or is of a private and/or sensitive nature, such as your contact information and financial data, including:

  • Your contact details include your email address, phone number, full name, date of birth, gender and residence.
  • Your financial data, including the identity of cryptocurrency accounts you transferred sums to or from, your bank details, and your transaction list.
  • Your documents and data are uploaded in our Know-Your-Customer process, including a photocopy of your ID, a video containing your image, your proof of address and utility bills and other data filled in our forms such as your source of wealth and source of funds.

How Do We Collect Personal Data?

Personal data is collected from your use of the services and service providers who provide us with financial services, know-your-customer services, and intelligence services.

What Are The Purposes of the Collection and Processing of Data?

The purposes of collecting and processing the data are to provide you with the services, which means we use your data to provide you with the services and support you.

Moreover, we may use personal data to improve the services. This means that we use aggregated insights of how our users interact with our services to obtain insights that lead to the improvement of future versions, bug reports, and feature requests. 

The basis for our use is both your consent under this privacy policy and that processing is necessary for compliance with legal obligations to which we are subject, such as financial regulations and anti-money-laundering regulations; processing is necessary for the performance of a contract to which you are a party or to take steps at your request prior to entering into a contract, such as to provide you with the services. Processing is necessary for the purposes of our legitimate interests, such as providing you with our services and complying with industry standards.

We may create look-alike audiences and share our customer lists with advertising services that may provide us with such services, all under confidentiality obligations.

We may also use your email address to send you our services and promotional material information.

When we say “our services”, we mean our cryptocurrency exchange service and website.

How Can We Contact You?

If you registered for our service, we might contact you with periodic updates and promotional emails relating to the service and the products or services we offer. 

You may opt out of these at any time, but not from transactional emails, such as updates on payments, withdrawals, or cryptocurrency purchase orders.

Moreover, if you showed interest in one of our products or services, we may contact you in relation to such product or service either by email, phone, text or post.

Your Personal Data Rights

Right of Access and Rectification

You have the right to know what personal data we collect about you and ensure that such data is accurate and relevant for the purposes we collected it. You can receive a copy of your personal data and rectify such personal data if it is not accurate, complete, or updated. However, we may first ask you to provide us with certain credentials to permit us to identify you before rectifying, deleting, or reviewing.

Right to Delete Personal Data or Restrict Processing

Right to Withdraw Consent

You have the right to withdraw your consent to processing your personal data. This right will not affect the lawfulness of processing your personal data based on your consent before its withdrawal. Please note that withdrawal of your consent would most likely cause us to delete your personal data rather than cease processing in most cases. 

You have the right to delete your personal data or restrict its processing by ourselves and third parties. We may postpone or deny your request if your personal data is currently used for the purposes for which it was collected or for other legitimate purposes such as compliance with legal obligations.

Right of Data Portability

Where technically feasible, you have the right to ask to transfer your personal data in accordance with your right to data portability. In order to apply for this, please contact us at [email protected]

The Right to Lodge a Complaint

You also have the right to complain to a data protection supervisory authority regarding the processing of your personal data.

Your Brazilian LGPD Rights

Notwithstanding anything in this privacy policy, you may exercise your LGPD rights, including your rights for (i) confirmation of the existence of the processing; (ii) access to the data; (iii) correction of incomplete, inaccurate or out-of-date data; (iv) anonymisation, blocking or deletion of unnecessary or excessive data or data processed in non-compliance with the provisions of the LGPD; (v) portability of the data to another service or product provider, using an express request and subject to commercial and industrial secrecy, according to the regulation of the controlling agency; (vi) deletion of personal data processed with your consent, except in the situations provided in Art. 16 of this the LGPD; (vii) information about public and private entities with which the controller has shared data; (viii) information about the possibility of denying consent and the consequences of such denial; (ix) revocation of consent as provided in §5 of Art. 8 of the LGPD.

We respond to “Do Not Track” signals

If you do not wish your browser to allow us to use trackers, please use your browser’s “Do Not Track” option.

Exercising Your Rights

We acknowledge you have the right to access and change the Personal Data we collect and process. If you wish to access, correct, amend, or delete Personal Data, please email [email protected]. We will respond within a reasonable timeframe, but no later than permitted by applicable law in any event. 

Additionally, please note that to ensure you have as much control over your Personal Data and other information as possible, you may modify certain parts of your information by contacting us.

Sharing Personal Data with Third Parties

We respect your privacy and will not disclose, share, rent, or sell your Personal Data to any third party unless the sharing of your Personal Data is made upon your specific, explicit request or for our legitimate interests, which are in compliance with regulatory requirements and performance of our obligations, as set out below. 

  1. We share data with third parties that assist us in providing the Service. They are given access to customers’ accounts and Service Data only as reasonably necessary to provide the Service and will be subject to confidentiality obligations in their service agreements;
  2. We share data with third-party service providers providing us with services such as research and analytics, anti-spamming and anti-phishing services, marketing and data enrichment.
  3. We share data with third-party payment processors who process your credit card and other payment information.
  4. We share data with third-party partners to assist us in KYC and provide any further support needed to use our Service.
  5. We may share data with auditors, lawyers, accountants and other professional advisers who advise and assist us in relation to the lawful and effective management of the Service and relation to any disputes we may become involved in.
  6. We may share data with Law enforcement or other government and regulatory agencies and bodies or other third parties as required by and according to applicable law and regulations.

This list is non-exhaustive, and there may be circumstances where we need to share Personal Data with other third parties.

Where necessary (such as when we transfer data to service providers), we put in place appropriate contractual arrangements and security mechanisms to protect the Personal Data shared and comply with our data protection, confidentiality and security standards and obligations.

We may also disclose data to comply with government agencies’ authorisation requests or judicial warrants. Unless prohibited under the law from doing so, we shall notify you about such a request.

Location of Your Data

As detailed in this Privacy Policy, the personal data collected from you may be transferred to and stored at servers that may be located in countries outside of your jurisdiction and countries according to our third-party provider’s standard contractual obligations. 

It may also be processed by our suppliers and service providers or partners’ staff operating outside your country.

We are committed to protecting your Personal Data. We will take appropriate steps to ensure that your Personal Data is processed and stored securely and in accordance with applicable privacy laws, as detailed in this Privacy Policy. Such steps include implementing data transfer agreements or ensuring our third-party service providers comply with our data transfer protection measures.

We will ensure the confidentiality, integrity and availability of your Personal Data by Transferring your personal data only to (i) countries approved by the European Commission as having adequate data protection laws; (ii) entities that executed standard contracts that have been approved by the European Commission and which provide an adequate level of high-quality protection, with the recipients of your Personal Data; and (iii) Transferring your Personal Data to organisations that are Privacy Shield Scheme certified, as approved by the European Commission.

By submitting your personal data through the service, you acknowledge and agree to such transfer, storing and/or processing of personal data in a jurisdiction where such consent is required.


We use both first-party and third-party cookies. A cookie is a small file placed on your computer meant to authenticate or verify your session with us. However, a cookie may have some identifying features. 

Minors / Children

The service is intended for users over the age of eighteen (18).

Therefore, we do not intend and do not knowingly collect Personal Data from children under the age of sixteen (16) and do not wish to do so. 

We reserve the right to request proof of age at any stage to verify that minors under the age of sixteen (16) are not using the service. 

If we learn that we collected Personal Data from minors under the age of sixteen (16), we will delete that data as quickly as possible. 

If you have reasons to suspect that we collected Personal Data from minors under the age of sixteen (16), please notify us at [email protected], and we will delete that personal data as quickly as possible.


We take appropriate measures to maintain the security and integrity of our service and prevent unauthorised access to it or use thereof through generally accepted industry standard technologies and internal procedures.

Please note, however, that there are inherent risks in the transmission of information over the Internet or other methods of electronic storage, and we cannot guarantee that unauthorised access or use will never occur.

We will comply with applicable law in the event of any breach of the security, confidentiality, or integrity of your Personal Data. We will inform you of such a breach if required by applicable law.

To the extent that we implement the required security measures under applicable law, we shall not be responsible or liable for unauthorised access, hacking, or other security intrusions or failure to store or the theft, deletion, corruption, destruction, damage, or loss of any data or information included in the personal data.

Data Retention

We will retain the Personal Data for as long as we believe that it is accurate and can be relied upon. Personal Data that is no longer required for the purpose for which it was initially collected will be deleted unless we have a valid justification to retain it that is permitted under applicable law, such as to resolve disputes or comply with our legal obligations.

Data Breach Notification

We comply with local authorities in data breach notifications. In any case, where a severe data breach occurs, we will also notify data subjects after such breach and cooperate with the legal authorities to reduce the exposure of personal data.

Complaints and Arbitration

If you feel or believe that your personal data rights were harmed in any way, you may contact our data protection officer at  [email protected]  and complain. Such complaints shall include how and why you believe your personal data rights were harmed and the required evidence. Our data protection officer will respond to most complaints within 14 days and shall offer the required remedies.

We will resolve all complaints according to applicable regulations. We also agree to resolve all complaints and deal with disputes with the local data protection authorities.

This section does not limit your right to complain to your respective data protection authority.

Merger, Transfer of Ownership

We may, in the future, merge, sell our operation or transfer the operation of the service to a third party. In such an event, the data would be used in accordance with the then relevant privacy policy, where no change shall have a retroactive effect. 

Updates to the Privacy Policy

We reserve the right to amend this Privacy Policy at any time; we will provide you with updates on any change, and such updates shall not have a retroactive effect.

Risk disclosure

You agree that you are free to choose whether or not to use the service provided to you by Bitnomics and that you do so at your sole option, discretion and risk. The exchange of digital currency is considered a risky transaction with highly speculative outcomes. Bitnomics does not guarantee any profit from any activity associated with its services.

  • You agree that you are free to choose whether or not to use the service provided to you by Bitnomics and that you do so at your sole option, discretion and risk. You confirm that you understand and agree that the risks associated with the Services are acceptable by you, taking into account your objectives and financial capabilities.
  • You acknowledge that purchasing or selling Cryptocurrency carry significant risk. Prices can fluctuate on any given day. Because of such fluctuations, Cryptocurrency may gain or lose value at any time. Cryptocurrency may be subject to large swings in value and may even become absolutely worthless. Cryptocurrency trading has special risks not generally shared with official currencies, goods or commodities in a market. Unlike most currencies, which are backed by governments or other legal entities, or commodities such as gold or silver, Cryptocurrency is a unique kind of currency, backed by technology and trust. There is no central bank that can take corrective measures to protect the value of Cryptocurrency in a crisis or issue more currency.
  • You should carefully consider if holding digital currency is suitable for you depending on your financial circumstances. Dealing and exchanging in cryptocurrencies involves significant risk. The value of virtual assets / currencies has high volatility (value can increase and decrease significantly in a very short period of time and at any given moment). Such price fluctuations bring uncertainty. The value of a virtual currency and collapse in demand may be influenced by many factors, including irrational (or rational) bubbles, loss of confidence in the currency, changes in software development, government decisions, creation of a competitive currency, technical problems, political or non-political statements, statements of influencers and news and hacker-attacks.
  • Your virtual assets may be lost by losing your password, private key or other security code. Virtual currencies have special risks that are not generally shared with the official currencies, because they are not issued by governments, or with commodities or goods that are tangible or registered in the official registry. Virtual currencies are intangible, decentralized, digital assets, backed by technology and trust. No central bank or other institution can take any measures to protect the value of virtual currency. Virtual currencies are autonomous and largely unregulated system of firms and individuals issuing currencies. The risk of loss in buying, selling or holding virtual assets / currencies can be substantial. You should therefore carefully consider whether exchanging virtual assets is suitable for you in light of your financial condition. Be careful to keep your private keys, passwords, security codes and words for yourself and change them on a regular basis. Bitnomics uses payment providers for transfers of fiat money for rendering exchange services and operating with the fiat money, whereas assisting banks do not, by any means, represent a medium of exchange, transfer, withdrawal, deposit or other transaction in connection to virtual currencies.
  • You acknowledge and agree that Bitnomics does not act as a financial advisor, does not provide investment advice services or guidance, and any communication between you and Bitnomics cannot be considered as an investment advice. Without prejudice to our foregoing obligations, in asking us to enter into any transaction, you represent that you have been solely responsible for making your own independent appraisal and investigations into the risks of the transaction. You represent that you have sufficient knowledge, market sophistication and experience to make your own evaluation of the merits and risks of any transaction and that you received professional advice thereon. We give you no warranty as to the suitability of the Services and assume no fiduciary duty in our relations with you. We may provide information on the price, range, volatility of digital currency and events that have affected the price of digital currency, but this is not considered investment advice and should not be construed as such. Any decision to purchase or sell digital currency is your exclusive decision at your own risk and Bitnomics will not be liable for any loss suffered.
  • To the full extent permitted by the applicable law, you hereby agree to indemnify Bitnomics and its partners against any action, liability, cost, claim, loss, damage, proceeding or expense suffered or incurred if direct or not directly arising from your use of our website, your use of the service or from your violation of our terms and conditions.
  • Bitnomics is not liable for any price fluctuations in Cryptocurrency. In the event of a market disruption, Bitnomics may, at its discretion and in addition to any other right and remedy, suspend the Services. Bitnomics will not be liable for any loss suffered by you resulting from such action. Following any such event, when Services resume, you acknowledge that prevailing market rates may differ significantly from the rates available prior to such event.
  • Internet transmission risks. Client acknowledges that there are risks associated with using the Software and Services including, but not limited to, the failure of hardware, software, and internet connections. Client acknowledges that the Company shall not be responsible for any communication failures, disruptions, errors, distortions or delays client may experience when using the Software and Services, howsoever caused.