Language
Language
Login
Sign up

PRIVACY POLICY

1. INTRODUCTION AND SCOPE OF THE POLICY

BALTBIT Sp. z o.o. is a limited liability company duly incorporated in the Republic of Poland with registered company number (NIP) 7011150014, registered office address: Hoża Street 86/210, 00-682 Warszawa, Poland (hereinafter referred to as the ‘BaltBit’). BaltBit is committed to the special protection of personal data and its particularly sensible treatment. This is a vital component of BaltBit practiced values. The Act of 10 May 2018 on the Protection of Personal Data of the Republic of Poland (the ‘Act’) and the Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (the ‘General Data Protection Regulation’, the ‘GDPR’) is the main piece of legislation that governs how BaltBit collects and processes personal data. This Privacy Policy (the ‘Policy’) sets out how BaltBit will process the personal data of its customers, staff, counterparties and other third parties. This Policy applies to all personal data that BaltBit processes regardless of the format or media on which the data are stored or whom it relates to. This Policy applies to all members of the staff and all other individuals working at all levels within BaltBit, including senior managers, officers, directors, employees, consultants, contractors, trainees, homeworkers, part-time and fixed-term workers, casual and agency staff, all who is involved in personal data handling (the ‘Staff’). The meanings used in this Policy shall have the same meaning as in the Act and the GDPR depending on the context they are used for. Compliance with this Policy and the related policies and procedures of BaltBit is mandatory for each Staff member. Any breach of this Policy and any related policies and procedures may result in disciplinary action or even criminal action. Each Staff member should read, understand, and comply with this Policy, when processing personal data while performing their professional duties and shall observe and comply with all controls, practices, protocols, and training to ensure such compliance. The senior management of BaltBit is responsible for overseeing the implementation and review of this Policy (and the related policies and procedures). The national data protection authority by which BaltBit is supervised regarding personal data protection issues is Urząd Ochrony Danych Osobowych, https://uodo.gov.pl/pl, (the ‘UODO’), which is the Poland independent body. This Policy is under regular review un updates. BaltBit may amendment this Policy at any time without notice.

2. DATA PROTECTION PRINCIPLES

Data protection is based on a set of core principles that BaltBit observes and complies with at all the times from the moment the personal data are collected until the moment the personal data are archived, deleted, or destroyed. BaltBit ensures that the personal data are:
  • processed lawfully, fairly and in a transparent manner (Lawfulness, Fairness and Transparency, see Sub-cl. 2.1 hereof),
  • collected only for specified, explicit and legitimate purposes (Purpose Limitation, see Sub-cl. 2.2 hereof),
  • adequate, relevant, and limited to the purposes for which the data are to be processed (Data Minimisation, see Sub-cl. 2.3 hereof),
  • accurate and where necessary kept up to date (Accuracy, see Sub-cl. 2.4 hereof),
  • not kept in a form which permits identification of data subject for longer than it is necessary and for the purposes for which the data is processed (Storage Limitation, see Sub-cl. 2.5 hereof),
  • processed in a manner that ensures its security using appropriate technical and organisational measures to protect against unauthorised or unlawful processing and against accidental loss, destruction, or damage (Security, Integrity and Confidentiality, see Sub-cl. 2.6 hereof).
Apart from the abovementioned principles there is also the principle of ‘Accountability’ (see Sub-cl. 2.7 hereof). The accountability principle requires BaltBit to take responsibility for what BaltBit does with the personal data and how complies with the other principles. BaltBit as a data controller is obliged to comply and shall be able to demonstrate that it complies with the above-mentioned principles. Additionally, BaltBit ensures that:
  • personal data are not transferred outside of the European Union (EU) and the European Economic Area (EEA), which includes the use of any website or applications that are hosted on servers located outside of these territories to another country without appropriate safeguards being in place (Sharing of Personal Data),
  • BaltBit allows data subjects to exercise their rights in relation to their personal data (Data Subject Rights).
2.1 Lawfulness and Fairness
To collect and process personal data for any specific purpose, BaltBit must always have a lawful basis for doing so. Without a lawful basis, such processing will be unlawful and unfair and may also have an adverse impact on the affected data subjects. Data subject should be always properly informed that his/her personal data have been collected, consulted, used, or otherwise processed by BaltBit. Processing of personal data is lawful if at least one of the following lawful bases exists:
  • the data subject has given his/her consent for one or more specific purposes,
  • the processing is necessary for the performance of a contract to which the data subject is a party (for the purposes of this Policy contract shall also include Terms and Conditions of BaltBit, including any fee schedules and any other existing and future addendums thereto, as well, as any other agreements for the services rendered by BaltBit to data subject),
  • to comply with BaltBit regulatory obligations,
  • to protect the vital interests of the data subject or another person,
  • o perform tasks carried out in the public interest or the exercise of official authority (any information or data request from UODO or another competent authority, to which supervision BaltBit is subject to),
  • to pursue BaltBit legitimate interests where those interests are not outweighed by the interests and rights of the data subject.
BaltBit always identifies and documents the lawful basis relied upon by it in relation to the processing of personal data for each specific purpose or group of related purposes. Apart from the main data protection obligations, BaltBit is subject to other mandatory duties, which impose responsibilities for retaining certain personal data. For instance, to comply with the Anti-Money Laundering (AML) and Know Your Customer (KYC) regulatory requirements, accounting, reporting requirements, etc. In addition, BaltBit relies on regulatory obligations when it is enforcing or adhering to laws and regulations in and outside of the Republic of Poland. Such can happen whenever BaltBit needs to protect its rights, privacy, safety, or property, and/or that of its affiliates, customers, or others. It is important to note that processing based on the regulatory obligations does not apply to the contractual ones. Therefore, it relates only to those obligations which are inferred from the law. Consent as a Lawful Basis for Processing Data subject consent shall be:
  • specific (not given in respect of multiple unrelated purposes),
  • informed (explained in plain and accessible language),
  • unambiguous and given by a clear affirmative action,
  • separate and unbundled from any other terms and conditions provided to the data subject,
  • reely and genuinely given (there must not be any imbalance in the relationship between BaltBit and the data subject and consent must not be a condition for the provision of any product or service).
BaltBit makes consent request prominent, concise, and easy to understand, by including in the request the following information:
  • company full name,
  • the name of any third-party controller which will rely on the given consent,
  • purpose for which BaltBit will gather and process personal data,
  • how personal data obtained will be processed by BaltBit, and
  • data subject rights to withdraw his/her consent at any time.
BaltBit will ask data subject to actively opt-in. BaltBit does not use any pre-ticked boxes, opt-out boxes, or other default settings. Whenever possible, BaltBit strives to give separate (‘granular’) options to consent to different purposes and diverse types of processing. BaltBit keeps appropriate records to evidence the consent provided. BaltBit will clearly inform data subject on his/her right at any time to withdraw the consent as easily as data subject gave it. BaltBit provides data subject in available and free accessible manner with information that once consent has been given, it will need to be updated, if BaltBit wishes to process the personal data for a new purpose, which is not compatible with the original purpose, for which the consent was initially collected. BaltBit shall inform data subject immediately in advance on necessity to update early given consent. BaltBit in a proper and accurate manner documents and stores all consents’ update requests and updated consents given as well. Unless BaltBit can rely on another lawful basis for processing the personal data, a higher standard of explicit consent will usually be required to process special categories of personal data processed by BaltBit, i.e., for automated decision-making and for transferring personal data outside of the EU or EEA. Where BaltBit needs to process special categories of personal data, it will rely on another lawful basis that does not require explicit consent. However, in such event, BaltBit provides the data subject with a fair processing notice explaining such processing. Transparency The concept of transparency runs throughout the Act and the GDPR and requires BaltBit to ensure that any information provided by BaltBit to data subject on how his/her personal data is processed by BaltBit is concise, easily accessible, easy to understand and written in plain language. BaltBit ensures transparency through providing data subject with appropriate privacy notices or fair processing notices before it collects and processes personal data and at appropriate times throughout the processing of his/her personal data. Where BaltBit obtains any personal data from a third party, it must check that personal data are collected by the third party in accordance with the Act and the GDPR requirements and on a lawful basis where the sharing of the personal data with BaltBit was clearly explained to the data subject. All privacy notices and fair processing notices are under regular review and update to ensure their compliance with the Act and the GDPR, or BaltBit business strategy and services provided.
2.2 Purpose Limitation
BaltBit only collects and processes personal data for specific, explicit, and legitimate purposes and has informed data subject on the said purposes before BaltBit collected the personal data. BaltBit ensures that it does not process any personal data obtained for one or more specific purposes for a new purpose that is not compatible with the original purpose. Where BaltBit intends to do so, it must inform the data subject before using his/her personal data for the new purpose and, where the lawful basis relied upon for the original purpose was consent, obtain such consent again.
2.3 Data Minimisation
The personal data that BaltBit collects and processes must be adequate, relevant, and limited to what the data are necessary in relation to the purposes for which BaltBit processes the data. The Staff may only process personal data when necessary for the performance of their job duties and tasks, and not for any other purposes. Since BaltBit mostly processes only the data which BaltBit needs to provide its services and comply with its regulatory obligations, BaltBit will retain such data in accordance with the prescribed periods stipulated in the applicable laws and regulations. BaltBit shall never ask data subject to provide more personal data, than it is strictly necessary for the intended purpose. BaltBit ensures that when BaltBit does not longer need personal data for the specific purpose for which BaltBit collected the data, BaltBit should deleted, destroyed, or anonymised such personal data. Senior management of BaltBit is overall responsible for checking personal data need and timely actions when data collected is no longer needed.
2.4 Accuracy
The personal data that BaltBit collects and processes must be accurate and, where necessary, kept up to date. If BaltBit discovers or is aware that personal data collected in inaccurate, BaltBit must correct or delete without delay such data. Senior management of BaltBit ensures update of all relevant records if BaltBit becomes aware that any personal data are inaccurate. Where appropriate, BaltBit should delete or destroy any inaccurate or out-of-date records.
2.5 Storage Limitation
The personal data that BaltBit collects and processes must not be kept in a form that identifies a data subject for longer than personal data are necessary in relation to the purposes for which data were collected (except to comply with any legal, accounting or reporting requirements, etc., for example AML and KYC purposes). BaltBit shall maintain policies and procedures to ensure that personal data are deleted, destroyed, or anonymised after a reasonable period following expiry of the purposes for which they were collected. BaltBit regularly reviews any personal data processed to assess whether the purposes for which BaltBit has collected the data have expired. Where appropriate, BaltBit shall take reasonable steps to delete or destroy any personal data that BaltBit does not need any longer. All BaltBit privacy notices and fair processing notices inform data subject of the period for which his/her personal data will be stored by BaltBit or how such period will be determined subject to the personal data retention provisions set forth in this Policy. BaltBit retains personal data in an identifiable format as long as required by the Act and the GDPR, as well as other applicable laws and regulations. BaltBit retains personal data for a minimum period of 5 (five) years since (i) BaltBit has received personal data, or (ii) BaltBit has terminated business relationships, or (iii) the date of the last transaction, whichever occurs the last. In certain instances, BaltBit may retain personal data for longer period than it is legally required if it is BaltBit legitimate business interest and is not prohibited by the Act or the GDPR. Overall, personal data retention period depends on the terms as enshrined in the documents, which outline BaltBit relationships, such as agreements with customers, BaltBit obligations towards the law enforcement agencies/relevant authorities and other legal obligations. block content
2.6 Security, Integrity, and Confidentiality
Security of Personal Data BaltBit should secure the personal data it collects and processes by appropriate technical and organisational measures against accidental loss, destruction, or damage, and against unauthorised or unlawful processing. BaltBit has developed, implemented, and maintains appropriate technical and organisational measures for the processing of personal data considering the:
  • nature, scope, context, and purposes for such processing,
  • volume of personal data processed,
  • likelihood and severity of the risks of such processing for the rights of data subject.
BaltBit regularly evaluates and assesses the effectiveness of such measures to ensure that they are adequate and effective. BaltBit senior management is responsible for ensuring the security of the personal data processed and ensures that the Staff follows all procedures that BaltBit has put in place to maintain the security of personal data from collection to destruction. BaltBit ensures that it always maintains the confidentiality, integrity, and availability of the personal data:
  • Confidentiality:means that only Staff members who need to know and are authorised to process any personal data can access them,
  • Integrity: means that personal data must be accurate and suitable for the intended purposes,
  • Availability: means that those who need to access the personal data for authorised purposes can do so.
To prevent unauthorised access or disclosure of personal data, BaltBit has put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information that it processes and collects. Besides, BaltBit has established clear job duties for each Staff member according to which the Staff member may access personal data to the certain amount adequate to the job duties certainly provided. BaltBit encrypts webpage, html application forms, any transactions and tec., using SSL technology. BaltBit shall inform data subject on his/her responsibility to keep the website and BaltBit platform login and password, and other access credentials confidential, and shall not to share them with anybody. BaltBit will inform data subject in plain language and easily accessible manner. BaltBit provides such notice in its privacy or fair processing notices, or website usage terms and conditions. BaltBit will use its best endeavours to protect personal data while using internet connection, but BaltBit cannot guarantee the security of personal data transmitted to/via BaltBit website, as website operates ‘AS IS’ and is not error free, any transmission is at data subject own risk only. Once BaltBit has received personal data, BaltBit will use encryption and other security technologies to protect information from unauthorized access. BaltBit ensures that it properly backs up personal data and that arrangements for recovery processes are in place. Additionally, BaltBit uses reliable internal data protection mechanisms combined with a robust security system. BaltBit has established the core guidelines for secure storage of the personal data:
  • if BaltBit stores the data on printed paper, BaltBit should keep it in a secure place, where unauthorised Staff cannot access it,
  • BaltBit should shredder printed data when BaltBit does not need data any longer,
  • BaltBit should be protect data stored on a computer by the strong passwords that should be changed regularly. BaltBit encourages the Staff to use a password manager to create and store their passwords,
  • BaltBit should encrypt or protect by the passwords data stored or memory devices, which should be locked away securely when are not used,
  • Senior management shall approve any cloud service used to store personal data,
  • BaltBit must keep servers containing personal data in a secure location, away from general office space,
  • BaltBit must regularly back up personal data in line with BaltBit backup procedures,
  • BaltBit must ensure that personal data are saved directly to mobile devices such as laptops, tablets, or smartphones,
  • all servers containing sensitive transaction data must be approved and protected by the security software,
  • all possible technical measures must be put in place to keep personal data secure.
BaltBit considers the state of the art and costs of implementation when deciding what measures to take, but in whichever case, they must be appropriate both to circumstances and the risk that the processing poses. The Staff shall never ask any sensitive information which is held by the customers and should never have access to their passwords and any confidential information, which is used for the sake of accessing the services provided. Reporting Personal Data Breaches In certain circumstances, BaltBit must notify the OUDO, and potentially data subject, of any personal data breach. BaltBit has put in place appropriate procedures to deal with any personal data breach and BaltBit shall notify the OUDO and/or data subject, where BaltBit must do so. If personal data breach has occurred or there are any suspicious on personal data breach or threat BaltBit Senior management should be informed immediately, all appropriate steps should be undertaken to preserve evidence relating to the breach. Where a breach is a reportable to the OUDO, BaltBit must immediately inform the senior management. BaltBit should inform the OUDO as soon as possible. Where a breach is likely to result in a substantial risk to the rights and freedoms of data subject, BaltBit will notify him/her concerned directly. BaltBit records breaches to consider the impact of the breach. The record should contain the facts relating to the personal data breach, its effects and the remedial actions taken. BaltBit should train the Staff regularly to recognise the breach.
2.7 Sharing Personal Data
In certain instances, BaltBit is sharing personal data provided by the data subject. In all such situations, BaltBit must ensure that there is a lawful basis for the distribution of the personal data and that BaltBit is not violating any rights of data subject. BaltBit shares information with:
  • Liquidity providers,
  • Acquirers,
  • Payment systems and other financial institutions,
  • Third-party providers, partners, suppliers, subcontractors, and other counter parties BaltBit cooperates to provide services to its customers,
  • National authorities (when BaltBit must do so).
BaltBit may also share aggregated information (information about data subjects that BaltBit combines, so that it no longer identifies or references an individual) and non-personally identifiable information for industry and market analysis, demographic profiling, marketing, and advertising, and other business purposes. BaltBit places due regard to the proper distribution of personal data with third parties. Whenever BaltBit is sharing personal data, it is putting suitable safeguards as required under the applicable laws and regulations. BaltBit reviews the best practices present in the market and make sure that the means on which BaltBit relies to make the transmission of personal data are safe, up-to-date, and adhering to all the data protection principles. Whenever BaltBit shares personal data with certain third parties, where BaltBit is acting as a data controller and where those third parties are acting as data processors on BaltBit behalf, BaltBit must have in place suitable safeguards, which can be of contractual nature. Similarly, if a processor uses another organisation (i.e., a sub-processor) to help processing of personal data, it needs to have a written contract in place with that sub-processor. Contracts between controllers and processors ensure they both understand their obligations, responsibilities, and liabilities. The terms of the contract must offer an equivalent level of protection for the personal data as those in the contract between the controller and the processor. Processors remain liable to the controller for the compliance of any sub-processors they engage. Senior management of BaltBit will review annually third-party relationships to determine the risk posed by processing. The senior management of BaltBit will determine the most appropriate means to validate that contractual obligations in relation to data processing are being adhered to. BaltBit may transfer personal data where the organisation receiving personal data has provided adequate safeguards. Data subjects’ rights must be enforceable and effective legal remedies for individuals must be available following the transfer. BaltBit shall provide adequate safeguards:
  • a legally binding agreement between the public authorities or bodies,
  • binding corporate rules (agreements governing transfers made between the organisations within a corporate group),
  • standard data protection clauses in the form of template transfer clauses adopted by the UODO or the European Commission,
  • compliance with a code of conduct approved by the UODO or the European Commission,
  • certification under the approved certification mechanisms,
  • contractual clauses agreed by the UODO or the European Commission,
  • provisions inserted into the administrative arrangements between the public authorities or bodies authorised by the UODO or the European Commission,
  • adequacy decision adopted by the competent supervisory authority stating that the legal framework in place in that country, territory, sector, or international organisation provides ‘adequate’ protection for individuals’ rights and freedoms for their personal data.
BaltBit regularly assess findings of adequacy about the countries and territories adopted by the UODO or the European Commission as well. If BaltBit plans to transfer personal data to the USA, BaltBit must rely on Standard Contractual Clauses (SCCs) adopted by the European Commission and check whether organisation complies with the SCCs requirements and has adequate data protection instruments and procedures subject to the type of personal data BaltBit wants to transfer. BaltBit is not allowed to transfer personal data outside of the EU and EEA in most circumstances to ensure that personal data are not transferred to a country that does not provide the same level of protection as BaltBit does. BaltBit may only transfer personal data outside of the EU and EEA if one of the following conditions applies:
  • the UODO or the European Commission, or other competent supervisory authority has issued an ‘adequacy decision’ confirming that the country to which BaltBit intends personal data transferring ensures an adequate level of protection for the rights and freedoms of data subjects,
  • appropriate safeguards are in place, such as binding corporate rules, standard contractual clauses that have been approved by the UODO, European Commission or other competent supervisory authority, an approved code of conduct or certification mechanism which, in each case, can be obtained from BaltBit,
  • the data subject has given his/her explicit consent to the proposed transfer, and data subject is informed of any potential risks,
  • the transfer is necessary to (i) execute contractual obligations established between BaltBit and data subject, (ii) for reasons of public interest, (iii) to establish, exercise or defend legal claims, or to protect the vital interests of the data subject in circumstances where the data subject is incapable of giving the consent,
  • the transfer is necessary, in limited circumstances, for BaltBit legitimate interests.
2.8 Data Subject Rights and Requests
Data subject’s rights include:
  • Right to withdraw the consent: where the lawful basis relied upon by BaltBit is the data subject’s consent, the right to withdraw such consent at any time without having to explain the reason,
  • Right to be informed: the right to be provided with certain information about how BaltBit collects and processes the personal data,
  • Right of subject access: the right to receive a copy of the personal data that BaltBit holds, including certain information about how BaltBit processing the personal data,
  • Right to rectification: the right to have inaccurate personal data corrected or incomplete data completed,
  • Right to erasure (right to be forgotten): the right to ask BaltBit to delete or destroy the personal data if: (i) the personal data are no longer necessary in relation to the purpose for which the data were collected, (ii) the data subject has withdrawn the consent (where relevant), (iii) the data subject has objected to the processing, (iv) the processing was unlawful, (v) the personal data have to be deleted to comply with a certain regulatory obligation, (vi) the personal data were collected from a data subject under the age of 18, and he/she has reached the age of 18,
  • Right to restrict the processing: the right to ask BaltBit to restrict personal data processing if: (i) data subject believes the personal data are inaccurate, (ii) the processing was unlawful and the data subject prefers restriction of processing over erasure, (iii) the personal data are no longer necessary in relation to the purpose for which they were collected, but they are required to establish, exercise or defend a legal claim, (iv) the data subject has objected to the processing pending confirmation of whether BaltBit legitimate interests grounds for processing override those of the data subject,
  • Right to data portability: in limited circumstances, the right to receive or ask BaltBit to transfer to a third party a copy of the data subject’s personal data in a structured, commonly used machine-readable format,
  • Right to object: the right to object processing of personal data, where the lawful basis for processing communicated to the data subject was BaltBit legitimate interests and the data subject contests those interests,
  • Right to object to direct marketing: the right to request that BaltBit does not process the data subject’s personal data for direct marketing purposes,
  • Right to object to decisions based solely on automated processing (including profiling): the right to object decisions creating legal effects or significantly affecting the data subject, which were made solely by automated means, including profiling, and the right to request human intervention,
  • Right to be notified of a personal data breach: the right to be notified of a personal data breach which is likely to result in a substantial risk to the data subject’s rights or freedoms,
  • Right to complain: the right to make a complaint to the UODO or another appropriate supervisory authority.
Data subject may send his/her request as well as any question regarding personal data processing and protection issues to the email address [email protected], or by post to the BaltBit registered office address at Hoża Street 86/210, 00-682 Warszawa, Poland. BaltBit always identifies when a request has been made and verifies the identity of the data subject making a request before complying with it. BaltBit pays special attention to identify whether third parties deceiving BaltBit into providing personal data relating to a data subject without their authorisation.
2.9 Accountability and Record-Keeping
BaltBit is responsible for and should demonstrate compliance with the data protection principles and other BaltBit obligations under the Act and the GDPR. BaltBit must ensure that it has adequate resources, systems, and processes in place to demonstrate compliance with BaltBit obligations, including:
  • implementing appropriate technical and organisational measures that are designed to ensure compliance with the data protection principles,
  • only personal data that are necessary for each specific purpose are processed both in relation to the nature, extent and volume of such personal data, the period of storage and the accessibility of the personal data,
  • BaltBit has assessed the risks and is taking steps to mitigate them, by undertaking a data protection impact assessment,
  • integrating data protection into BaltBit internal documents, privacy policies, privacy, and fair processing notices,
  • regularly Staff training on the Act and the GDPR, this Policy and BaltBit related policies and procedures, and maintaining a record of training completion by the Staff,
  • regularly assessing the measures implemented by BaltBit and conducting periodic reviews to assess the adequacy and effectiveness of this Policy, and related policies and procedures.
BaltBit keeps full and accurate records of all its processing activities in accordance with the Act and the GDPR requirements. BaltBit senior management shall review regularly all the systems and processes under its control to ensure that they are adequate and effective for the purposes of facilitating compliance with BaltBit obligations under this Policy.

3. TRAINING

Each Staff member of BaltBit shall be trained in accordance with the role and responsibility which is assigned to him/her. Training needs will vary depending on Staff functions and job responsibilities. The training shall be provided regularly to reflect current developments and changes to the applicable laws and regulations. The scope and frequency of such training shall be tailored by the senior management to the risk factors to which the Staff is exposed to due to their responsibilities and the level and nature of the risk presented. Each new Staff member shall be initially trained not later that within 5 (five) working days since this member has started performance of his job duties. The subsequent refresher training shall be provided at least once a year. Training records shall be subject to relevant training policy and procedures established by BaltBit.

4. RESPONSIBILITIES

The senior management have a responsibility to provide effective governance over BaltBit affairs for the benefit of the shareholders and to balance the interest of its diverse stakeholders, including its customers, Staff, business partners. The senior management of BaltBit acknowledges that the protection of personal data is of utmost importance in the financial sector as unwarranted disclosure can have drastic consequences. To prevent data breaches and safeguard rights of data subjects, the senior management shall dedicate sufficient resources for the implementation of required safeguards. Furthermore, senior management shall place due concern whenever developing new services regarding shortcomings that could arise. BaltBit senior management maintains the trust and confidence of all the data subjects (individuals), thus complying with BaltBit regulatory obligations and protecting BaltBit reputation. BaltBit senior management presumes and understands that in the era when data are deemed of the utmost importance, non-compliance can lead to the drastic consequences such as loss of reputation, damage to data subjects, legal actions, and fines.

Buy

Sell

Swap

Policies

Information

Cryptocurrency transactions and exchange - fast and secure
Get in touch
At BaltBit our top-tier security measures and transparent practices ensure that all your cryptocurrency transactions are safe and fraud-free.

+48 459 56 98 88

[email protected]
Address: Hoża 86 / 210, 00-682 Warsaw, Poland
Facebook X-twitter
Please be aware that cryptocurrencies entail high volatility. We strongly recommend that you understand the risks of trading crypto. DO NOT INVEST ALL YOUR MONEY IN CRYPTOCURRENCIES. Only invest money which you can afford to lose. Cryptocurrency trading may not be suitable for all users of this website. We strongly advise you to consult with a fully qualified independent professional financial adviser or lawyer before the decision to use our services and deal with cryptocurrencies.
Copyright 2024 BALTBIT Sp. z o.o. All rights reserved
BALTBIT Sp. z o.o. | KRS 0001041699 | NIP 7011150014 | REGON 525570981 | LICENCE RDWW-808
Login
Sign up
Login
Sign up
Login
Sign up

CONTACT US

Get in touch