XBD Group Privacy Policy

XBD GROUP Privacy Policy – Last Updated: 16.01.2025

This Privacy Policy (the “Policy”) explains how XBD group (collectively “XBD”, “we”, or “us” and each member of the XBD group for whose services you registered, the “XBD Entity”) collects, uses, and discloses personal information through its websites, mobile applications, and other online products and services that link to this Policy, including any of the products and services detailed below (collectively, the “Services”) or when you otherwise interact with us.

The Services include: (i) Fiat and Crypto payment acceptance, (ii) OTC Services, (iii) Virtual IBANs for transactions, FX and cross border payments, and (iv).any other site, web platform, mobile application, or other service facilitated by any XBD Entity (any account in relation to (i)-(iv) being an “XBD Account” for the purpose of this Policy).

We encourage you to read the Policy carefully as it forms part of the relevant XBD Entity’s terms and conditions, terms of business, agreement with you, and/or terms of use, as the case may be.

If you accept or agree to this Policy on behalf of a company or other legal entity, you represent and warrant that you have the authority to bind that company or other legal entity to the Privacy Policy and, in such event, “you” and “your” will refer and apply to that company or other legal entity.

Application of this Policy

For the purposes of applicable state and/or international data protection laws, the respective XBD Entity with whom you have registered is the “controller” of personal information collected through https://xbdgroup.com/, other XBD group entities’ websites, widgets, applications, and other platforms (together the “Site”), and is the company to contact if you have questions about the use of your personal information (see the “Contact Us” section below). The Policy also applies to personal data about each authorised representative of a client and about other persons or entities where this personal data is collected in the course of providing the Services (such as directors of corporate clients).

Information You Provide to Us

We collect information you provide directly to us. For example, we collect information when you create an XBD Account, participate in any interactive features of the Services, fill out a form, participate in a contest or promotion, make a purchase, communicate with us via third-party social media sites, request customer support, or otherwise communicate with us.

When You Sign Up or Register for an XBD Account or Services

If you sign up for an XBD Account or other Services, we will collect basic information about you, including your name, email address, and telephone number.  We will use the information that we collect about you to:

• Contact you about your XBD Account and/or our Services (this may include marketing emails).
• Create and maintain your XBD Account;
• Allow you to log in to XBD as required;

When You Provide Information 

When creating an XBD Account, we will ask you to provide information to allow you to make use of certain functions. We will ask you to provide a copy of an identification document, such as a passport, residency permit, visa, or national identity card, a utility bill, and such other documents as may be required by us to comply with our regulatory obligations and to verify your identity. If the account is being created on behalf of a legal entity, we may also request similar information for its directors, ultimate beneficial owners (UBOs), and other relevant parties. Further details about the identification process can be found in the relevant XBD Entity’s terms and conditions, terms of business, and/or terms of use or client/customer agreement, as the case may be.

Please note that if you choose to provide additional information about yourself to complete your “Profile,” then the information we ask for may include your gender, date of birth, place of birth, addresses, nationality, national insurance number, social security number (or other government-issued identification number), citizenship and residency status, Tax ID, and information about your source of income, expected transactions, and other details or questions as may be required in the Profile creation, and the process may be amended by us from time to time.

It is optional for you to do so, but for legal and regulatory reasons, you will be unable to proceed to use certain features unless you provide further information.

We will use the information you provide in your Profile to:

• Verify your identity and carry out checks that we are required to conduct by applicable laws and regulations, including, without limitation, “know your customer” (KYC), anti-money laundering, fraud, sanctions, and politically exposed person (PEP) checks;
• Contact you on matters related to your XBD Account, including to request any additional information or documentation;
• Provide you with notices related to your XBD Account, general updates, market updates, and other marketing materials, including about the Services offered by members of the XBD Group;
• Tailor the products and services offered through the Site to you;
• Assess your risk score according to parameters determined by XBD;
• Maintain administrative records relating to our business;
• Set up security measures to secure your account, including, without limitation, to carry out two-factor authentication (“2FA”); and
• Provide the Services.

You can update your Profile at any time by contacting us (see the “Contact Us” section below). We recommend that you update your Profile regularly to ensure the XBD functions offered to you remain appropriate for your circumstances. You further agree to update such information upon XBD’s request if we determine the information provided is untrue, incorrect, incomplete, or inconsistent with other information provided by you. You acknowledge that we may rely upon such information, and you are responsible for any damages or losses that may result from inaccuracies.  You do not have to complete your Profile and therefore do not have to provide the information; however, if you choose not to, we will be unable to offer XBD’s full functionality to you.

When You Contact Us

If you contact us via telephone, email, post, or other methods offered by XBD, we will collect information about the communication and any additional information you choose to share. We use this information to review, investigate, and respond to your queries or concerns. Please note that we may record and retain all telephone calls and other communications with us for dispute resolution, quality assurance, or legal purposes.

Information About Your Use of XBD Services: Usage and Automatically Collected Information

• Financial Information: We collect financial information related to your use of the Services, including information you provide to us or that we collect from public sources.
• Log Information: We collect log information about your use of the Services, including the type of browser you use, app version, access times, pages viewed, your IP address, any other network identifiers, and the page you visited before navigating to our Services.
• Device Information: We collect information about the computer or mobile device you use to access our Services, including the hardware model, operating system and version, unique device identifiers, and mobile network information.
• Activities on the Site: We collect records of activities on the Site, including, your XBD Account details, the time, value and currency of any deposit, withdrawal, or transaction made and the payment method.
• Location Information: In accordance with your device permissions, we may collect information about the geo-location of your device.
• Information Collected by Cookies and Other Tracking Technologies: We use different technologies to collect information, including cookies and web beacons. You can find out more about XBD’s use of cookies and similar technologies in our Cookie Policy.

Information We Collect from Other Sources

We may collect personal information about you from third party entities when we seek to verify your identity as part of our regulatory requirements. This may include, for example, identity verification agencies, and similar bodies. 

Some of the information we collect from you will be shared by us with vendors and other service providers who are engaged by, or working with, us in connection with operating and analysing the Services we provide to you.

Unsolicited Information

If you provide us with personal information that we have not requested then we will endeavour to only retain the information that we are entitled or required to hold because of the products and services we provide. However, if this additional information is surplus to our requirements but is provided to us in a manner where it is combined with information that we are either required or entitled to retain then you acknowledge that this unsolicited information may be held by us in the same manner as the balance of your personal information.

Use of Information

We use the information we collect to provide, maintain, and improve the Services, such as to administer, verify and maintain your account, to provide the Services you request and customise your experience with us. We also use the information we collect to:

• Carry out our obligations owed to you;
• Comply with our regulatory and other legal obligations;
• Administer transactions including deposits, and payments;
• Monitor activity on XBD, including by detecting inconsistencies in payments and trades and looking out for potentially illegal activities;
• Determine whether a payment method is being abused;
• Compile statistical analysis of the pages of our platform and websites;
• Monitor and analyse our business;
• Investigate and to manage enquiries, disputes and legal proceedings and to comply with court orders, mandatory dispute resolution determinations and mandatory government authority or law enforcement orders or directions;
• Provide information about you and your activity with us to reporting agencies;
• Participate in crime prevention, legal and regulatory compliance and to assist regulatory, cybercrime, data and information protection agencies and police with their enquiries and enforcement, even if not compelled to do so;
• Develop and to market other products and services; and
• Novate, transfer or assign any of the rights or liabilities of the XBD Entity.

Sharing of Information

We will not share the personal information we hold about you except in the following circumstances:

• Between and among the XBD Entity, XBD and our current and future parents, affiliates, subsidiaries, and other companies under common control and ownership; and
• Cooperation partners, including cooperation partners for the provision of services, as well as partners that ensure certain delivery services, personal, facilities and information protection and security services, financial, accountant and courier services, and other similar services. Such cooperation partners may only use personal data for the purposes on which we and our partner have agreed. We will take reasonable precautions to ensure that these partners are obliged to keep your Personal Data secure and confidential, in compliance with relevant legal requirements and security standards.
• Other service providers. Data may be transferred to attorneys, lawyers or consultants, who provide services to our Company
• In connection with, or during negotiations of, any merger, sale of company assets, financing or acquisition of all or a portion of XBD by another company;
• Disclosure in accordance with, or required by, any applicable law or legal process, including lawful requests by public authorities to meet national security or law enforcement requirements; or
• If we believe your actions are inconsistent with our user agreements or policies, or to protect the rights, property, and safety of XBD or others.

Retention of Information

We store the information we collect on you for as long as is necessary for the purpose(s) for which we originally collected it, or for other legitimate business purposes, including to meet our legal, regulatory, or other compliance obligations. The period for which we will retain personal information will vary depending on the purposes that it was collected for, as well as the requirements of any applicable law or regulation.

If you have a XBD Account, we will store your personal information for as long as you maintain that account, and after you cease holding an account, for as long as we are required to by laws and regulations that are applicable to us.

How We Protect Personal Data

We endeavour to take all reasonable steps to protect your Personal Data, including the use of encryption technology. We restrict access to personal information at our offices so that only officers and/or employees with a legitimate business purpose can access it. However, we cannot guarantee the security of any Personal Data you disclose online.

In using XBD services, you accept the inherent security implications of engaging online services over the internet, and you agree that you will not hold us responsible for any breach of security unless we have been grossly negligent or in wilful default.

Minors

XBD is not available for users under the age of 18 (or the age of legal consent for the jurisdiction the user is located in) (a “Minor”). We do not knowingly collect personal information from or about Minors. If you are a Minor, you should not download or use any of our services nor provide any personal information to us.  

If we become aware that a Minor has shared any information with us, we will delete such information. If you have any reason to believe that a Minor has shared any information with us, please contact us.

Advertising and Analytics Services Provided by Others

We may allow others to provide analytics services and serve advertisements about our products and services on our behalf across the web and in mobile applications. This may involve cookies and other technologies to collect information about your use of the Services. This information may be used by XBD to, among other things, analyse and track data, determine the popularity of certain content, deliver advertising and content targeted to your interests on our Services, and better understand your online activity in connection with the Services. Please refer to our Cookie Policy for more information about the cookies involved and the process of consenting or refusing cookies.

Your Rights

You may have certain rights and protections under the law regarding the processing of your personal data. For example, you may also have the right to object to, or request that we restrict, certain processing and in some circumstances to obtain a copy of the personal information in machine readable format. There are limits to such rights where they apply and in certain circumstances we may not be required or able to meet your request, or we may only meet your request in part.

Legal Basis for Processing: For transparency purposes (where relevant under data protection legislation applicable to our processing of your personal information) we process your personal data on the following legal grounds:

• Entering into and Performing the Contract with You: If you have a XBD Account or have registered on the Site or for the Services, our legal basis for processing your personal information is that it is necessary for the performance of the relevant XBD Entity’s terms and conditions, terms of business and/or terms of use, and to provide the requested service to you. With respect to an XBD Account, this includes facilitating and processing payments.
• For other Justifiable Grounds, including Legal Obligation and Legitimate Interests: We process your personal information where necessary for XBD to comply with legal and regulatory obligations we are under, and also where it is necessary for legitimate interests we have in conducting our business (or the legitimate interests of our partners in complying with their legal obligations), balanced against the rights of our customers, like you. These include without limitation:
  • Learning about your interests and preferences to contact you with information that is relevant to you and helping us target marketing communications and advertisements for our products and services so that they are more relevant to you.
  • Using your pseudonymised details to show you advertising for our products and services on social media platforms or via other third-party advertising that may appear on other websites you use. The information shared with these platforms is pseudonymised to protect your personal data.
  • Analysing and continually improving the Site and the Services and helping us pilot test versions of the Site internally to develop new features and ensure the efficient running of XBDs services.
  • Detecting and reducing fraud risk.

Data Subject Requests:

• You have the right to access the personal data we hold about you and request that it be updated or corrected if it is inaccurate or incomplete.
• You may request that we delete your personal data where it is no longer necessary for the purposes for which it was collected, subject to our legal, regulatory, and contractual obligations.
• You can request that we restrict the processing of your personal data under certain circumstances, such as if you contest its accuracy or object to its processing.
• You have the right to object to our processing of your personal data for certain purposes, including direct marketing.
• You may request a portable copy of the personal data you have provided to us in a structured, commonly used, and machine-readable format.
• Where we process your personal data based on your consent, you can withdraw that consent at any time. Withdrawing consent will not affect the lawfulness of processing conducted prior to the withdrawal.
• If you have concerns about how we process your personal data, please contact us. If we cannot resolve your issue, you may have the right to lodge a complaint with the relevant data protection supervisory authority where you reside.

If you would like to exercise any of these rights, you may reach us by email at privacy@xbdgroup.com. If you wish to delete or deactivate your account, please note that we may retain certain information as required by law or for legitimate business purposes. We may also retain cached or archived copies of information about you for a certain period of time. Requests will generally be fulfilled free of charge unless they are manifestly unfounded, excessive, or repetitive, in which case a reasonable fee may apply.

Questions or Complaints: If you are interested in exercising any of these rights (or confirming if they apply to our processing of your personal data), you can contact us. Any such request should be submitted in writing. If you have a concern about our processing of personal data that we are not able to resolve, you may have the right to lodge a complaint with the relevant data protection supervisory authority where you reside. As noted above, even where such rights apply, they are subject to limits. This means that, in certain circumstances, we may not be required or able to meet your request, or we may only meet your request in part.

Promotional Communications

You may opt out of receiving promotional emails or text messages from XBD by following the instructions in those emails. If you opt out, we may still send you non-promotional emails, such as service messages about your XBD account or our ongoing business relationship.

Transfer of Information to Other Countries

When using the Services, your data is processed and stored in the EU and other countries, including the United Kingdom. We and our service providers may transfer your information to, or store or access it in, jurisdictions that may not provide levels of data protection equivalent to your home jurisdiction.

Where we transfer personal data from the EEA or from the UK to countries outside of the EEA or UK which are not recognised as providing adequate data protection, we provide appropriate safeguards in the form of intercompany agreements based on the Standard Contractual Clauses authorised under EU law or UK law (as applicable). For further information, please contact us at privacy@xbdgroup.com.

Revisions

From time to time we may update this Privacy Policy. We will post any Privacy Policy changes on this page and, if the changes are significant, we will provide a more prominent notice.

Communicating with us

If you wish to make a notification to us, or have any questions about this Privacy Policy, you can reach us by sending an email to privacy@xbdgroup.com.