By using this website, you agree to the collection, processing, and use (referred as „processing“) of data as described in the following description. critto collects and analyzes all actions on its websites, in its APIs, and applications for the purposes of security, system monitoring, administration, marketing, and compliance with the legal and regulatory requirements to which critto is subject. critto will store this information under the appropriate security requirements for a limited period in accordance with privacy regulations.

According to Art. 7 (3) Swiss Anti-Money Laundering Act (AMLA), we store personal data for ten years after determination of a business relationship or after completion of an transaction.

critto will not disclose your personal data to third parties, except in the following circumstances:
a. For combating money laundering and terrorist financing in accordance with the Swiss Federal Law on Combating Money Laundering and Terrorist Financing („GwG“), the Swiss Regulation on Combating Money Laundering and Terrorist Financing („GwV“), the FINMA Anti-Money Laundering Ordinance („GwV-FINMA“), and the Quality Assurance Association for Financial Services („VQF“).
b. The verification of the customer's identity and the authentication of the customer's identification documents to fulfill regulatory necessity by a specialized external service provider. This leads to the capture and temporary storage of customer data by this service provider in accordance with legal requirements.
c. For providing the option to purchase Digital Assets by funding the purchase through a Virtual IBAN. If this option is selected by the client, personal data - such as first and last name, email address, phone number, residential address - are processed and stored by the corresponding external service provider.
d. For providing customer support for the bit-now website using an external service provider. In executing support activities, personal data - such as first and last name, email address, telephone number, IP address, and payment information - are processed and stored by this external service provider.
e. For maintaining and managing the bit-now website to the necessary external service providers. In cases where the use of an external service provider is required, critto ensures that the external service provider fulfills the same duties of care as critto with regard to data protection and data security.

This website uses cookies. These are small text files that allow specific user-related information to be stored on the user's device while using a website. Cookies make it possible, in particular, to determine the frequency of use and the number of users of the pages, to analyze user behavior on the page, in order to make the offer more user-friendly. Cookies are stored beyond the end of a browser session and can be accessed again when visiting the site again. If you do not wish for this, you should set your internet browser to refuse the acceptance of cookies.

A general objection to the use of cookies used for online marketing purposes can be declared for many services, especially in the case of tracking, via the US-American site http://www.aboutads.info/choices/ or the EU site http://www.youronlinechoices.com/. Furthermore, the storage of cookies can be achieved by disabling them in the browser settings. Please note that not all functions of our offer may be usable if you do so.

To protect the transmission of confidential content, such as inquiries you send to us as the website operator, our website uses SSL/TLS encryption. An encrypted connection can be recognized by the change of the browser's address line from „http://“ to „https://“ and by the lock symbol in your browser line.

When SSL/TLS encryption is activated, the data you transmit to us cannot be read by third parties.

Please note that data transmitted over an open network such as the Internet or an email service without SSL encryption can be viewed by anyone. An unencrypted connection can be recognized by the browser's address line displaying „http://“ and no lock symbol appearing in your browser line. Information transmitted over the Internet and content received online may potentially be transmitted through third-party networks. We do not guarantee the confidentiality of communications or documents transmitted over such open networks or third-party networks.

When you disclose personal data over an open network or third-party networks, you should be aware that your data may be lost or potentially accessed by third parties, who could collect and use the data without your consent. While individual data packets are often transmitted encrypted, the sender's and recipient's names are not. Even if the sender and recipient reside in the same country, data transmission through such networks frequently occurs without controls, including through third countries, i.e., countries that do not offer the same level of data protection as your country of domicile. We do not assume responsibility for the security of your data during transmission over the Internet and disclaim any liability for indirect and direct losses. We recommend using alternative means of communication if you deem it necessary or reasonable for security reasons.

Despite extensive technical and organizational security measures, data may still be lost or intercepted and/or manipulated by unauthorized parties. We take appropriate technical and organizational security measures within our system to prevent this to the extent possible. However, your computer is outside the security area that we control. It is your responsibility as a user to inform yourself about necessary security precautions and to take appropriate measures. As a website operator, we are not liable for damages that may result from data loss or manipulation.

Data provided in online forms may be passed on to commissioned third parties for order processing and may be viewed and, if necessary, processed by them.

With each use of our website, we process connection data that is automatically transmitted to enable you to visit the website. This connection data includes meta and communication data, website accesses, and other data generated through a website, such as:

● IP address

● Date and time of access

● Name and URL of the accessed file

● Website from which the access originates (referrer URL)

● Used browser and, if applicable, operating system of your computer, as well as the name of your access provider.

The processing of this connection data is absolutely necessary to enable the visit to the website and the platform, and for the general administration of our systems. The connection data is temporarily and minimally stored in internal log files for the purposes described above and is automatically deleted immediately after access.

The website uses the following third-party providers:

● Sum and Substance Ltd (UK) for customer verification in compliance with regulatory requirements (https://sumsub.com/privacy-notice-service/)

● Tidio LLC (US) for the live chat function (https://www.tidio.com/privacy-policy/).

Occasionally, we may need to transfer personal data to countries outside the European Economic Area (EEA) or not covered by European Commission adequacy decisions, e.g. for online verification carried out by Third-Party Services. In these cases, we ensure compliance with data protection regulations by relying on legal bases and implementing safeguards, such as agreements with recipients or Standard Contractual Clauses approved by the European Commission.

To verify your identity, we process several personal attributes that are legally required, e.g. your full name, date of birth, identity document data, identity document number, citizenship, residential address, facial image on photo or video and documents serving as proof of address.

To provide our services and for communication purposes, we process your email address and if required phone number.

According to the regulatory requirements, we process your occupation, PEP status, sanction status and other relevant information that are publicly available.

To provide our services, we also process your bank account number, your digital asset wallet address, documents serving as Source of Funds or Source of Wealth and if applicable your vIBAN number.

We monitor your transactions. Therefore, we process your transaction history including initiated, cancelled, refunded and completed transactions.