AML and KYC Policy
1. Xbit.Money Service – Xbit.Money website, as well as other resources: exchange bots in messengers, message boards, etc. (hereinafter referred to as Xbit.Money or Service) adheres to practices and measures in the field of countering the legalization (laundering) of proceeds from crime and financing of terrorism (AML).
2. The purpose of taking these measures is that Xbit.Money with zero tolerance refers to any attempt to use the service for illegal purposes.
3. Xbit.Money service warns users against attempts to use the Xbit.Money service to legalize money obtained by criminal means, financing of terrorism, fraud of any kind, as well as from using the service to purchase prohibited goods and services.
4. To prevent illegal operations, the Service establishes certain requirements for all Orders created by the User:
4.1. The Sender and the beneficiary of the Payment under the Application must be the same person. With the use of the services of the Service, transfers in favor of third parties are strictly forbidden.
4.2. The contact information entered by the User in the Application, as well as other personal data transmitted by the User to the Service, must be reliable and up-to-date. Upon request of the User, personal data may be removed from the Service database within 3 years from the date of the last realized User Application.
4.3. It is strictly prohibited to create Applications by the User using anonymous proxy servers or any other anonymous Internet connections.
5. In case of reasonable suspicion, the administration of the Service is that the user is trying to use the services of the Service for money laundering or for the purpose of carrying out any other illegal operations, the administration has the right:
- suspend execution of the user’s exchange operation;
- request from the user documents identifying the person;
- request, other information concerning payments;
- conduct AML verification of cryptocurrency transactions.
6. If the minimum AML risk threshold for a transaction is exceeded (the source is the dark market, resources under sanctions, stolen funds, scam, etc.), the Service reserves the right to:
- suspend the transaction for 14 days or Hold the user’s funds until the incident is fully investigated.
- ask the user for a photo or video with a document confirming the user’s identity.
- ask the user for a Screenshot or Video from the personal account of the cryptocurrency withdrawal wallet.
- return digital assets only to the details from which the transfer was made or to other details, after a full check by the Service’s security service and user verification.
- ask the user for other materials and documents related to the exchange order.
- refuse the Client to withdraw funds to the account of third parties without explanation.
- process the refund within 14 (fourteen) calendar days, starting from the date when the User was notified of the decision of the Service regarding his request for a refund.
- require mandatory confirmation of the details for the return of funds, after passing the check (verification). The refund fee is deducted from the client’s funds.
7. All information provided by the client can be transferred to the appropriate authorities in the following cases:
- at the request of law enforcement agencies;
- by decision of courts of different instances;
- upon requests of administrations of Payment Systems.
Personal information includes
- Full Name;
- E-mail address;
- Country of residence / citizenship;
- Details of used purses;
- Mobile phone number;
- Identity document data;
- Address of location.
- Contract for utility services from the place of residence.
8. Processing of personal data means the recording, systematization, accumulation, storage, updating (updating, modification), extraction, use, transfer (distribution, provision, access), including cross-border, depersonalization, blocking, deletion, destruction of personal data not subject to Special categories, which require written consent from the User.
8.1. The processing of personal data is carried out in order to fulfill the obligations of the Agreement by the Parties, the registration of the User on the Site of the Service, provision of the Customer with technical support, registration of Applications, provision of Service, consideration of applications and claims, sending messages of information and other nature to the e-mail address of the User.
8.2. The basis that gives the Service the right to process the User’s data is the User’s consent. The consent is given in the form of clear and active actions by the User, namely one or a combination of the specified actions: registration of the User on the Service Site and independent provision by the User of the necessary data in the process of such registration, filling out the electronic form through the Internet site of the Service for the purpose of issuing the Application, payment of the Application and Other active activities using Service Services.
8.3. According to the Final Rule of the Financial Crimes Investigation Network (FinCEN) in accordance with Article 31 of the Code of Federal Regulations 1010.100 (ff), which obliges every foreign company providing cash and settlement services to appoint a representative of a service residing in the United States as an agent for performance trial process in accordance with the requirements of the association BSA and its subordinate acts, Xbit.Money does not provide e-currency exchange services to US citizens and users residing in the United States – http://www.fincen.gov/statutes_regs/guidance/html/FIN-2012-A001.html
9. The services provided by Xbit.Money may not be legally permitted in some jurisdictions. You must, consciously refuse to use the Service, if there are legislative limitations in your country. By accepting the terms and conditions of using the Xbit.Money service, you acknowledge that you are not a resident of such jurisdiction, including but not limited to the Federal Republic of Germany and the United States of America.
List of jurisdictions for which Xbit.Money service is not available to residents
Country Internet area International dialing code
- Afghanistan af +93
- Belize bz +501
- Yemen ye +967
- Canada ca +1
- DPRK kp +850
- Libya ly +218
- Mauritania mr +222
- Mali ml +223
- Niger ne +227
- Republic of the Congo cg +242
- Democratic Republic of the Congo cd +243
- Rwanda rw +250
- Somalia so +252
- Sudan sd +249
- Central African Republic cf +23
- South Sudan ss +211
- Iran +98
- USA us +1
10.1. Goals and objectives of processing personal data.
Xbit.Money may process personal data for the following purposes:
- for the preparation of various documents, including the preparation and conclusion of contracts and agreements;
- conclusion of contracts and agreements;
- for placing orders;
- to identify customers, employees, partners or other data subjects;
- to serve customers and improve service;
- to ensure the provision of services;
- to improve the quality of services;
- for customer registration;
- for the delivery of goods;
- for the development of new services;
- for consideration of objections, claims, complaints, proposals, notifications and other statements;
- to maintain communication;
- for administration of settlements;
- for collecting debts;
- to execute transactions in administrator systems;
- to collect and analyze statistical data;
- for market research;
- to advertise new services and products;
- for notification of new products;
- to create, implement and improve loyalty programs;
- for other marketing events;
- to maintain and improve the functions of home pages and pages on social networks;
- to assess the risks of money laundering and the financing of terrorism;
- to prevent fraud;
- to implement the Anti-fraud and AML policies;
- to test and improve the internal control system;
- for study and in-depth research of the client;
- to establish true beneficiaries;
- to protect the legitimate interests of the administrator, data subject or third party;
- for the performance of other legal duties;
- for other purposes, if the client is notified.
10.3. What personal data do we collect:
We collect the following information about each User who is registering on our website.
- Name and surname
- Date of Birth
- E-mail address
- Phone number
- IP address
- Copy of passport or ID card
- Proof of address
- Bank details
- Bank card numbers
- Information about transactions
We reserve the right to request information about the User from third parties for the purpose of verification of identity and in order to reduce the risk of fraud.
The data collected about our Users will be stored on our server for five years. In order to ensure the security and confidentiality of your personal data, we take measures designed to protect this information from loss, misuse, misuse, disclosure, alteration or destruction.
Disclosure of personal data.
Personal information about the User may be disclosed in the following cases:
We may disclose your personal data to public authorities, law enforcement officials in order to comply with applicable law, directive or legal process.
We may also disclose your personal data to banks and other financial institutions, within and for the purpose of providing the services provided.
Your personal information is also transmitted upon request:
- credit reference agencies;
- KYC providers;
- debt collection and tracking agencies and other similar companies;
- service providers (analytical, financial);
- government agencies and other recipients in order to comply with applicable law;
- courts and tribunals.
In accordance with the rules on combating money laundering and the financing of terrorism, we must take appropriate steps to identify and assess the risks of money laundering and terrorist financing that our company may be exposed to and make an informed decision about whether we want to establish relations with clients with you and, if successful, conduct initial and ongoing screening and monitoring.
During this risk assessment, we must take into account various factors related to the client and related transactions, including the location and behavior of the client, his or her relationship with politically significant persons or persons with special interests, certain types of transactions and. etc.
If a significant risk is identified, we can take measures such as freezing a customer account on the Xbit.Money website and other related projects, and terminating transactions.
Automatic decision making is not involved in the assessment.
If you leave a comment on our website, you can enable the storage of your name, email address and website in cookies. This is done for your convenience, so as not to fill in the data again when commenting again. These cookies are stored for one year.
If you have an account on the site and you log into it, we will set a temporary coоkie to determine whether your browser supports cookies, the coоkie does not contain any personal information and is stored for one year.
10.5. Your rights
You are right:
10.5.1. Find out if we process your personal data.;
10.5.2. If we process your personal data, then you have the right to access relevant information;
10.5.3. If the information about you is incorrect or incomplete, then you have the right to provide us with relevant information and ask them to correct;
10.5.4. Withdraw consent;
10.5.5. In some cases, you have the right to object to the processing of data, ask to restrict the processing of data, ask to dеlete the data. We inform you that these rights are exercised only in accordance with the requirements of the law, and we reserve the right to refuse to perform the above actions on the basis of the requirements of regulatory acts;
10.5.6. Receive and (or) transfer personal data to another administrator. This right only applies to data that you have provided to us on the basis of your consent and if processing is carried out automatically.
10.5.7. You have the right to exercise your rights only on the basis of a written statement (including signed by a reliable electronic signature). We will provide a response within the statutory period..
10.6. The security of your information.
In order to protect the confidentiality of the personal data that you transmit through our website, we support physical, technical and administrative guarantees. We updаte and test our security technology on an ongoing basis. In addition, we educate our employees on the importance of privacy and maintaining the confidentiality and security of your data. We are committed to taking all appropriate measures to ensure the privacy of our customers.
10.7. Third Parties or Publicly Available Sources
We can also receive information from other sources and combine it with information that we collect through our Services. For example, we may collect information about you from third parties, including but not limited to social media platforms and publicly available sources..
We can also receive personal data about you from various third parties and open sources: identification data, contacts, AML / KYC data from public sources such as public court documents, RoC, as well as company houses and registries of other jurisdictions, as well as from electronic data, KYC online search tools (which may be based on a subscription or license), anti-fraud databases and other third-party databases, sanctions lists, third-party KYC providers, and general search searches systems on the Internet (e.g. Google).