BCrypto · Policy

Privacy Policy

Processing of personal data under Regulation (EU) 2016/679 (GDPR) Articles 13–14 and Italian Legislative Decree 196/2003.

Last updated: 2026-05-28

1. Data controller

BCrypto (company in formation), founder Pavel Ivanov, operational office Torino, Italia. Privacy contact: privacy@bcrypto.com.

Note: the company is being formally incorporated. Once registration with the Italian Companies Register is complete, VAT, REA and registered office will be published on this page and in the Legal Notice.

A Data Protection Officer has not been designated, as current data processing activities do not meet the criteria of Art. 37 GDPR. The privacy contact above handles all data protection inquiries.

2. Data we collect

  • Contact data voluntarily provided via forms: name, email, organisation, message.
  • Anonymous browsing data (only with analytics consent): anonymized IP, browser, pages visited, time on page, referrer.
  • Strictly necessary cookies: session, language preference, cookie-consent choice.

3. Purposes and legal bases

PurposeLegal basisRetention
Respond to contact requestsArt. 6(1)(b) GDPR — pre-contractual measures24 months
Aggregate stats (Google Analytics 4)Art. 6(1)(a) GDPR — consent14 months (GA4 limit)
Security, abuse preventionArt. 6(1)(f) GDPR — legitimate interest90-day logs

4. Third-party processors

  • Vercel Inc. (hosting + edge) — USA. Standard Contractual Clauses 2021/914.
  • Google Ireland Limited (Analytics 4) — Ireland, EU. IP anonymization enabled.
  • SMTP provider (transactional email): EU servers.
  • MySQL database: European hosting provider, data encrypted at rest.

5. Transfers outside the EU

Transfers to third countries (USA for Vercel) rely on Standard Contractual Clauses approved by EU Commission Decision 2021/914 and, where applicable, the EU-US Data Privacy Framework.

6. Your rights (GDPR Arts. 15–22)

Access, rectification, erasure, restriction, portability, objection, withdrawal of consent. Email privacy@bcrypto.com. We respond within 30 days.

You may lodge a complaint with the Italian Data Protection Authority (Garante).

7. Cookies and analytics

See Cookie Policy. Withdraw consent via "Cookie preferences" in the footer.

8. Security

TLS 1.3 in transit, password hashing where applicable, least-privilege DB access, encrypted backups.

9. Changes

This notice may be updated. Material changes will be notified via banner.