Recent Searches

No recent searches

    Popular Articles

      Articles
      View all
        Topics
        View all
          Tickets
          View all
            no results

            Sorry! nothing found for

            Website privacy policy

            Modified on Fri, 19 Jun at 9:30 PM

            WEBSITE PRIVACY POLICY

            Compliance | Version 1.0

            DOCUMENT CONTROL
            CodeWebsite Privacy Policy
            OwnerPrivacy Officer
            VERSION HISTORY
            VersionEffective dateDescription of changes
            1.0xx/xx/xxDocument creation based on Bit2Me group standards. Approved by the Management Committee.

            TABLE OF CONTENTS

            1. INTRODUCTION

            1.1. Objectives

            This Privacy Policy aims to document the compliance framework that B2M Argentina S.R.L. (“Bit2Me”) has adopted concerning the processing of personal data, in accordance with the provisions of Law No. 25,326 on the Protection of Personal Data, its Regulatory Decree No. 1558/2001, and the provisions, guidelines, and recommendations issued by the Public Information Access Agency, in its capacity as control authority. Since our technical infrastructure is provided by the Spanish parent company, Bitcoinforme S.L. (data processor), this framework is additionally subject to the standards of GDPR (EU) 2016/679. This dual application ensures Argentinian users an international protection standard and data security equivalent to European standards, derived from the establishment of our technological provider in the European Union.

            This policy applies to all processes and operations carried out by Bit2Me that involve the processing of personal data, including those performed through digital platforms, in-person services, networks, and customer service systems, as well as by third-party providers.

            1.2. About us

            Bit2Me, in its capacity as a Virtual Asset Service Provider, acts as the Data Controller of Personal Data, in accordance with Article 2, paragraph e) of Law No. 25,326 on the Protection of Personal Data. In this capacity, it is responsible for ensuring the proper management, safeguarding, and confidentiality of the personal data collected, complying with the principles, rights, and obligations provided by current regulations on the matter.

            The institutional contact for exercising rights or regulatory requirements regarding personal data is the email address rgpd@bit2me.com, through which all relevant inquiries or submissions are channeled.

            1.3. Scope of application

            This Privacy Policy applies to anyone who uses the services and products offered by Bit2Me, on the domain https://bit2me.com/es-AR or the mobile application, as well as any other means that involve the processing of personal data of residents in the Argentine Republic. Likewise, it applies to all personal data processing operations carried out by the different departments of Bit2Me, thus ensuring homogeneous protection of your personal data.

            The processing of your personal data is primarily and imperatively governed by the regulations of the Argentine Republic, specifically Law No. 25,326 on the Protection of Personal Data, its Regulatory Decree No. 1558/2001, and the provisions issued by the Public Information Access Agency (AAIP). However, given that B2M Argentina S.R.L. uses the technological infrastructure and operational support services of its parent company in Spain, Bitcoinforme S.L., which acts as the Data Processor, such processing is additionally subject to the safeguards and principles of Regulation (EU) 2016/679 (GDPR). This dual application responds to the criterion of the processor's establishment in the territory of the European Union (Art. 3.1 GDPR), ensuring that the Argentinian user benefits from an international level of security and personal data protection equivalent to European standards within the framework of transatlantic technological service provision.

            2. PRINCIPLES, DATA CATEGORIES AND PURPOSES OF PROCESSING

            2.1. Categories of data collected

            Bit2Me obtains and processes your personal data from the following sources:

            • Directly from the data subject

            Most of the data we process is provided directly by the data subject when interacting with Bit2Me and its services:

            • Through web forms and registrations: When you request information, contact Bit2Me, register to receive newsletters, sign up for an event, participate in a contest or sweepstake, or register for the provision of Bit2Me's main services.
            • Through the contractual or pre-contractual relationship: When you provide us with data for managing your job application (CV), for the provision or contracting of services (Clients/Suppliers), or for the execution of the Terms and Conditions of specific services (Crypto API, Commerce, etc.).
            • Through the whistleblower channel: When you submit a communication or complaint through the Whistleblower Channel, with or without identifying data.
            • Through voluntary upload: When you upload a photo or avatar to your Bit2Me user profile.
            • Through direct interaction on social media: The personal data you provide when becoming a follower of Bit2Me's corporate accounts on social media.

            • Generated by Activity and Use of Our Services

            We collect data generated by the use of the Bit2Me Platform, necessary for the provision of the service and the improvement of the experience:

            • Browsing and technical data: User metadata produced during your browsing (browser, operating system, IP, among others), connection time, and pseudonymized user ID for behavior analysis and bug resolution.
            • Security and access data: Images and data (First name, Last name, DNI) collected by video surveillance cameras or for access control to Bit2Me facilities.

            • From Third Parties

            We obtain personal data from sources external to the data subject themselves or their activity on the platform, necessary for compliance with legal obligations or for the provision of certain services:

            • Intermediary Entities: For certain services, intermediary entities (configured as Data Controllers) communicate the necessary data for verification and monitoring of the correct provision of the service.
            • Regulatory Compliance (AML/CFT): Data obtained from external or public sources (sanction lists, PEP databases) for Anti-Money Laundering and Counter-Terrorist Financing investigations.

            2.2. Purposes and Lawful Bases for Processing

            Purpose of ProcessingLegal Basis (Law 25,326)Data Processed
            Commercial contact: Respond to requests for information by any means about Bit2Me products and services, and maintain commercial relationships.Data subject's consent (Art. 5) obtained by submitting the inquiry, and processing for advertising purposes (Art. 27).Name, phone number, email, and inquiry.
            Resume or employment: Manage the data subject's application for current selection processes or future vacant positions according to their professional profile.Processing within the framework of a pre-contractual relationship (Art. 5, sec. 2, sub-sec. d) and consent for future vacancies.Professional area, first name, last name, phone number, email, CV, cover letter, and data associated with the professional profile.
            Promotional or newsletters: Registration for sending information, news, and promotions, and maintaining commercial relationships.Data subject's consent (Art. 5) obtained by subscription, and processing for advertising purposes (Art. 27).Email address, first name, last name, phone number, city or country, as well as browsing metadata (IP, browser, etc.).
            Service provision: Management of registration, execution, and monitoring of contracted services (training, API integration, transaction confirmation, and maintenance of the relationship by electronic means).Processing within the framework of a pre-contractual and contractual relationship (Art. 5, sec. 2, sub-sec. d).First name, last name, DNI, address, home address, email, phone number, transaction IDs (which may be pseudonymized), and data strictly necessary for the service.
            Identity verification: Formal customer identification (KYC), due diligence, and continuous monitoring for fraud and anti-money laundering prevention.Legal obligation (Art. 5, sec. 2, sub-sec. b) derived from anti-money laundering regulations (UIF) and the contractual relationship.First name, last name, DNI, contact address, home address, email, phone number, and images required for formal validation.
            Regulatory compliance: Collection, verification, and transmission of originator and beneficiary information to third-party Providers (VASPs) for each transfer.Compliance with a legal obligation (Art. 5, sec. 2, sub-sec. b) imposed by financial regulators (CNV/UIF) under Travel Rule standards.Identification and transactional data of the originator and beneficiary.
            Management of external platforms and community: Administration of corporate presence on social media to interact with users, respond to public inquiries, and analyze interaction.Implicit consent of the data subject by voluntarily interacting with the entity's official profiles on external platforms.Public profile information, user identifiers on external platforms, content of interactions (comments, direct messages), and metadata.
            Due diligence and vendor management: Evaluation, selection, and management of the contractual relationship with collaborators, business partners, and service providers.Contractual relationship and due diligence (Art. 5, sec. 2, sub-sec. d) to ensure operational and security standards.First name, last name, DNI, professional contact address, email, and contact phone number.
            Infrastructure security and asset protection: Ensure the security, integrity, and resilience of the entity's operating environments, facilities, and systems.Legal security obligation (Art. 9) and legitimate interest in protecting physical and digital infrastructure.Identification data, access logs (date/time), images captured by CCTV monitoring systems, and professional visitor data.
            Management of promotional activities and events: Organization and development of events, contests, sweepstakes, and commercial promotions, prize delivery, and corporate dissemination.Data subject's consent (Art. 5) for participation and, where applicable, for the use of their image or voice.First name, last name, DNI, postal address, email, phone number, and data necessary for registration. May include image or voice in recordings.
            Behavior and error resolution: Behavior analysis for technical improvement of user experience and problem (bug) resolution.Legitimate interest in technical improvement and processing for statistical purposes that does not require consent (Art. 2).IP, connection time, and user ID, pseudonymized.
            Whistleblower Channel / Informant Channel: Management of the corporate whistleblower channel and received communications.Legal obligation of internal control and management of corporate integrity systems; under technical security configuration of the processor in the EU.First name, last name, DNI, address, email, phone number, detailed description of reported facts, and identity of potential witnesses.

            3. RECIPIENTS AND TRANSFERS

            3.1. Disclosure of Data to Third Parties

            At Bit2Me, we are committed to protecting your privacy and only share your personal data when strictly necessary to provide our services, comply with the law, or protect our legitimate interests. Therefore, we may share your personal data with the following recipients:

            • Authorities and official bodies: We are obliged to provide identifying and transactional information to competent judicial or administrative authorities. This includes, but is not limited to, the Financial Information Unit (UIF) and the National Securities Commission (CNV), to comply with Law No. 25,246 on the Prevention of Money Laundering and other tax or legal obligations in force in the Argentine Republic. Likewise, within the framework of the whistleblower channel, data may be communicated to the Public Prosecutor's Office or the competent judicial authority when the facts could constitute an infraction or crime, in accordance with Law No. 27,401 on Corporate Criminal Liability.
            • Partners for legal compliance (Travel Rule): For each transfer of virtual assets, we transmit the required information of the originator and beneficiary to other Virtual Asset Service Providers (VASPs) to comply with international standards and local regulations on the "Travel Rule" issued by the CNV.
            • Other providers: We use external services for the operation of our App and Website, sharing necessary information so you can enjoy certain technical functionalities.
            • Group companies: Your data may be shared with corporate group entities for administrative management and centralized operational support purposes.

            For the development of our activity and the provision of services, Bit2Me relies on the operational and technological support of its parent company in Spain, which acts as the main data processor, and which may delegate technical functions to third-party providers (sub-processors) as follows:

            • Main Technology Provider (Processor): Our parent company in Spain, Bitcoinforme S.L., is the entity responsible for providing the integral infrastructure, technical support, and platform maintenance. Given its location in the European Union, Bitcoinforme S.L. ensures that all data flow and sub-processor management are carried out under the strict security and confidentiality rules of GDPR (EU) 2016/679, ensuring international level protection.
            • Identity Verification Services (Sub-processors of the parent company): Through the infrastructure provided by the parent company, specialized technologies for biometric and documentary validation (KYC) are integrated. These services allow for automated comparison of user data with official databases, including the National Registry of Persons (RENAPER), in order to prevent fraud and comply with anti-money laundering regulations.
            • Infrastructure and Cloud Services (Sub-processors of the parent company): The storage and processing of information are carried out on high-security servers provided by top-tier cloud computing entities, selected by the parent company to guarantee the availability, integrity, and resilience of our users' data.

            3.2. International Data Transfers

            Bit2Me may transfer your personal data to other entities of the corporate group or to third-party service providers acting on our behalf. In particular, we inform you that for the provision of technological services, operational support, and platform security, your data is transferred to our parent company in Spain, Bitcoinforme S.L., which acts as the data processor. This international transfer is fully legitimate and guaranteed by the following mechanisms:

            • Adequacy Decision: Spain is considered a country with an "adequate level of protection" by the Public Information Access Agency (AAIP) of the Argentine Republic (in accordance with the Ibero-American Data Protection Network and the criteria of Res. AAIP 4/2019). This ensures that your data receives treatment equivalent to that required by Law No. 25,326 at its destination.
            • GDPR Guarantees: Additionally, as the data recipient is located in the European Union, processing is subject to the strict safeguards of Regulation (EU) 2016/679 (GDPR), ensuring the highest global standards of security and confidentiality.
            • Intercompany Agreement (DPA): The relationship between the Argentinian subsidiary and the Spanish parent company is governed by a data processing agreement that imposes specific technical and organizational obligations, preventing the use of data for purposes other than those informed herein.

            In the case of transfers to other jurisdictions that do not have an adequacy decision, Bit2Me will adopt the Standard Contractual Clauses approved by the AAIP or other appropriate safeguards in accordance with the current legal framework. To request more information about potential international data transfers, you can send an email to rgpd@bit2me.com.

            4. DATA RETENTION PERIODS AND DATA SUBJECT RIGHTS

            4.1. Data Retention Periods

            Personal data is retained for the time strictly necessary to fulfill the purposes for which it was collected, as well as to respond to any legal or contractual requirements. This retention is carried out in accordance with applicable limitation periods, which may be 2, 5, or 10 years, depending on the case. Once these periods have expired and provided there is no legal obligation to retain them for longer, the data is deleted or subjected to an anonymization process, so that it can no longer be associated with an identified or identifiable person. Bit2Me adopts a comprehensive approach to information security, implementing a set of technical and organizational measures designed to protect personal data against risks such as unauthorized access, loss, alteration, misuse, or unauthorized disclosure.

            4.2. Your Personal Data Rights

            Data subjects have the right to exercise, at any time and free of charge, the rights recognized by applicable data protection regulations. These include the rights of access, rectification, cancellation, and opposition (known as ARCO rights), as well as, where applicable, the rights to restriction of processing, data portability, and withdrawal of previously granted consent.

            To exercise any of these rights, the data subject may contact the Data Protection Officer (DPO) via email: rgpd@bit2me.com, clearly indicating the request they wish to make, along with the necessary information to prove their identity and, in case of representation, the corresponding documentation.

            Once the request is received, Bit2Me will evaluate the requirement according to internal procedures and statutory deadlines, ensuring a timely, transparent, and complete response. If additional information is required to process the request, the data subject will be informed in due course.

            5. SECURITY MEASURES AND ADDITIONAL CONSIDERATIONS

            5.1. Security Measures

            Among the implemented technical measures, data encryption both in transit and at rest stands out, as do the establishment of access controls based on roles and privilege levels, and robust authentication mechanisms for system access. Furthermore, Bit2Me continuously monitors for vulnerabilities and applies update protocols and security patches to minimize risks. The technological infrastructure features periodic backups and network segmentation that limits the spread of potential incidents and improves internal control of data flows.

            Regarding organizational measures, the company promotes a security culture through internal policies, periodic staff training, incident management procedures, and regular audits to verify compliance with established standards. Contingency plans and incident response protocols have also been established to ensure timely and effective action in the event of events that compromise data integrity or confidentiality.

            5.2. Processing of Minors' Data

            As Virtual Asset Service Providers (VASPs), and due to strict regulatory and anti-money laundering (AML/CFT) requirements, we offer our services to adults. However, for certain functionalities or services, Bit2Me might process data of minors. In such cases, this processing will always guarantee compliance with the conditions established in the applicable privacy regulations.

            5.3. Cookies and Tracking Technologies

            Bit2Me uses cookies and other tracking technologies on its websites and applications to ensure the correct technical functioning of the platform, measure performance, and, when you consent, offer a better experience and personalized advertising. The processing of personal data obtained through these technologies is governed by our Cookie Policy, which you can access via the following link for more information: https://legal.bit2me.com.

            6. FINAL CONSIDERATIONS

            6.1. Jurisdiction and applicable law

            The interpretation, application, and compliance of this policy shall be governed by the laws of the Argentine Republic.

            For any dispute, controversy, or claim arising regarding the validity, interpretation, enforceability, and/or breach of these policies, as well as any legal contingency deriving from them, the parties expressly submit to the competent courts of the Autonomous City of Buenos Aires, unless applicable regulations specify another forum or jurisdiction for the particular case.

            6.2. Effectiveness and Versions

            At Bit2Me, we strive every day to ensure our services evolve and improve; therefore, we may update this Privacy Policy periodically to reflect these advancements or to adapt to legal changes. You can always check the date of the last update on our website.

            If we make significant changes that affect your rights or how we use your information, we will notify you with reasonable advance notice before they come into effect, either through our platform or through usual contact channels, always complying with regulatory deadlines.

            In addition to this general document, we will occasionally show you specific privacy notices or "just-in-time" reminders while you use certain features of our App or Website. These quick notices serve to give you a clearer and more direct overview of how we process your data in specific services, offering you easier control over your privacy options.

            This privacy policy may be modified or updated by Bit2Me at any time, in order to adapt it to regulatory changes, improvements in internal data processing procedures, new technologies, or modifications to the originally informed purposes. Any substantial modification will be duly notified to the competent control authority if required by current regulations, and will also be communicated to personal data subjects in cases where it is necessary to obtain their consent again or provide them with relevant information about the new processing. In such a case, data subjects will have 10 (ten) calendar days to express their opposition to the modification, and if they do not do so, it will be considered that they have accepted said modifications. If they express their opposition to the modifications within the referred period, it will be considered that the contractual relationship between the data subject in question and Bit2Me has ended; this, without further claim between the parties than to settle their previous obligations. Bit2Me undertakes to keep the current version of this policy available to users through the usual communication channels.

            © Bit2Me 2026

            All rights reserved.

            Preview
            0 of 0