Privacy Policy

This Privacy Policy aims to inform users of Bitomat.com ("Bitomat") about how we collect, use, store and protect your personal data in connection with providing services for buying and selling cryptocurrencies.

Bitcoin transactions are irreversible
Crypto prices can change quickly
Store your private keys securely
Trading cryptocurrency carries risks
Invest only what you can afford to lose
Research the market before investing
Double-check the recipient's address
Market changes happen suddenly
Use strong, unique passwords
Watch out for online phishing attempts
The value of cryptocurrencies is highly volatile
Using Bitcoin ATMs risks
A BTC transaction cannot be reversed
Cryptocurrency prices could suddenly drop
Crypto transactions involve significant risk

Privacy Policy of Bitomat.com ("Bitomat")

Last updated: [date]

This Privacy Policy aims to inform users of Bitomat.com ("Bitomat") about how we collect, use, store and protect your personal data in connection with providing services for buying and selling cryptocurrencies.

1. What data do we collect?

We collect and process personal data when you use the website and/or the listed Bitcoin ATMs, which may include:

- First name, last name
 We collect your first and last name to identify you and to properly process transactions when you use the services of Bitomat.com ("Bitomat").

This information is required for:

  • Conducting KYC/AML checks in accordance with the Law on Measures Against Money Laundering (ZMIP);

  • Issuing cash receipts or confirmations when required by law;

  • Communicating with customers regarding transactions, verifications, or inquiries.

Names may be matched with other documents (e.g., an ID card, a contract, or a bank statement) when required by a regulatory authority or where there is an increased risk of misuse.

Bitomat.com does not use your name for marketing purposes

- Identity document data (ID, passport)
Identity document data (identity card, passport)
In order to comply with applicable law, and in particular the Law on Measures Against Money Laundering (ZMIP), Bitomat.com ("Bitomat") collects and processes personal data from a valid identity document when necessary to identify the customer.

This information may include:

  • First and last name (if not already provided separately)

  • Bulgarian national identification number (EGN) or date of birth

  • Nationality

  • Document number, date of issue and expiration date

  • A photo of the customer's face and/or of the document itself

Purposes of processing:

  • Conducting a KYC check (Know Your Customer)

  • Identity verification for transactions above a certain threshold or where there is increased risk

  • Documenting the transaction when required by law;

  • Retention as evidence during inspections by regulatory authorities;

Collecting this data is mandatory for using certain services and is part of the platform's legal obligations; therefore, refusing to provide it may result in being unable to complete the transaction.

Access to this data is granted only to authorized employees who have completed training under the Personal Data Protection Act (ZZLD) and the Law on Measures Against Money Laundering (ZMIP). The data are stored with enhanced security measures and are not shared with third parties, except where required by law.

- Email address, phone number
Bitomat.com ("Bitomat") collects and processes your email address and phone number as part of the identification, communication, and security processes for the services we provide.

This information is used for:

  • Confirming transactions or sending access/withdrawal codes

  • Contact for additional verification or clarification regarding an order

  • Sending notifications about updates to your order or transaction status

  • Collecting feedback and improving our service

  • Sending unsolicited commercial messages — only with explicit consent

Security and privacy:

  • Your phone number and email address are not shared with third parties, unless required by law or with your explicit consent.

  • They are used only for the purposes set out above and are stored in an encrypted or otherwise secure environment with restricted access.

- Crypto address
 Bitomat.com ("Bitomat") requires and processes cryptocurrency addresses provided by the customer in order to execute transactions for buying and selling cryptocurrency. A crypto address is a unique identifier on the blockchain network required to transfer digital assets.

This information is used for:

  • Carrying out transfers to customers when they purchase cryptocurrency.

  • Platform-generated address when a customer sells

  • Tracking the status of the transaction on the relevant blockchain network

  • Analysis of transaction history when additional verification is required in accordance with the Law on Measures Against Money Laundering (ZMIP)

  • Identifying discrepancies or potentially risky transactions

Important:
Bitomat.com does not store private keys or seed phrases and does not provide access to users' wallets. The customer is solely responsible for correctly entering the crypto address and for the security of their digital assets.

Security and privacy:

  • Crypto addresses are treated as part of sensitive financial information and are used only in connection with the specific order.

  • They are not directly linked to the customer's identity, unless required by law or in the context of a KYC/AML check.



    Important warning regarding incorrect crypto address:
    If you provide an invalid, incorrect, or incompatible cryptocurrency address, Bitomat.com ("Bitomat") is not responsible for the loss of funds, as transactions on blockchain networks are irreversible by their technical nature.


  • The customer must verify that the address entered is correct before confirming the order. If cryptocurrency is sent to an incorrect or unsupported address, the funds cannot be recovered.

We recommend that customers:

  • Users copy and paste the address directly from their wallet (rather than typing it manually).

  • Ensure you are using the correct network (blockchain) corresponding to the selected cryptocurrency

  • Carefully check the first and last characters of the address before confirming.

This is of utmost importance to ensure the security of the transaction and to avoid irreversible losses.

- Transaction data (date, amount, currency)
 Bitomat.com collects and stores information about all transactions carried out as part of providing services to buy and sell cryptocurrency.

We collect the following data:

  • Date and time of each transaction

  • Amount in the relevant currency (crypto or fiat)

  • Currency type (e.g. BTC, ETH, BGN)

  • Order identifiers, transaction hash

These data are processed for the following purposes:

  • Execution and tracking of requested transactions

  • Ensuring financial accountability and transparency

  • Compliance with regulatory requirements, including the Law on Measures Against Money Laundering (ZMIP) and tax legislation

  • Providing evidence in the event of disputes

  • Conducting internal analysis and improving services

Storage and protection:

  • Transaction data are stored using enhanced security measures and archived in accordance with legal retention periods.

  • Information is not disclosed to third parties, except when required by law or in response to an official request from a competent authority.

- IP address, device information
 When accessing our website or using the services through a physical device (Bitcoin ATM), Bitomat.com ("Bitomat") automatically collects technical information that may include:

  • IP address of the device used to access the website or the listed Bitcoin ATMs

  • Device type and model (e.g., mobile phone, tablet, computer, terminal)

  • Operating system and version

  • Browser and language settings

  • Date and time of access

Purposes for collecting this information:

  • Ensuring the technical and operational security of the platform

  • Preventing fraud, fake orders or malicious activity

  • Analyzing user behavior and optimizing the platform

  • Compliance with regulatory requirements, including identifying the source of access when there are suspicions of illegal activity

Security and storage:
The collected technical data are stored in log files with restricted access, protected by encryption, and are not used to create a profile or to make automated decisions without the customer's consent.

Important:
We do not use the IP address to directly identify a customer, except where required by law or when investigating a specific incident.


- KYC/AML documents
In accordance with the requirements of the Law on Measures Against Money Laundering (ZMIP) and international regulations to combat the financing of terrorism and financial fraud, Bitomat.com ("Bitomat") is required to carry out identification procedures and comprehensive customer verification (KYC – Know Your Customer).

As part of this verification, the following documents and data may be collected and processed:

  • A scanned copy or photo of an identity document (ID card, passport)

  • Proof of address documents (e.g., a utility bill, a bank statement)

  • Selfie or video verification to confirm your identity


  • Other documents required for enhanced due diligence (Enhanced Due Diligence)

Purposes of processing personal data:

  • Compliance with regulatory requirements arising from the Law on Measures Against Money Laundering (ZMIP) and applicable EU directives

  • Establishing and verifying customer identity

  • Risk analysis and prevention of the use of the platform for money laundering, fraud, or other illegal activities

  • Documentation of transactions and compliance actions

Storage and security:

  • Documents are stored with a high level of security, including encryption, restricted access, and monitoring systems

  • Personal data are stored for at least 5 years after the termination of the relationship with the client, in accordance with Article 67 of the Law on Measures Against Money Laundering (ZMIP).

  • Access to them is limited to authorized employees who have completed specialized training in the Law on Measures Against Money Laundering (ZMIP) and in data protection.

Important:
Failure to provide required documents will result in temporary suspension or denial of access to the services of Bitomat.com ("Bitomat").

2. Purposes of data processing

We process your personal data for:

  • Execution of cryptocurrency exchange transactions

  • Identification and verification of customers (in accordance with the Law on Measures Against Money Laundering (ZMIP))

  • Order-related messages

  • Compliance with applicable laws and accountability to competent authorities

3. Storage of personal data

We retain personal data in accordance with the requirements of the Law on Measures Against Money Laundering (ZMIP) and national legislation for a period of no less than 5 years, and longer if necessary.

4. Protection of personal data

We implement appropriate technical and organizational measures to prevent unauthorized access, loss, or alteration of data.

5. Disclosure of personal data to third parties

We do not disclose your personal data to third parties, except for:

  • Competent authorities (National Revenue Agency (NRA), State Agency for National Security (DANS), law enforcement authorities)

  • Employees and service providers, in the performance of their duties, subject to confidentiality agreements.

6. Customer rights

You have the right to:

  • Request access to your personal data.

  • Request correction or deletion of your personal data.

  • Withdraw your consent to receive marketing communications.

  • File a complaint with the Commission for Personal Data Protection (CPDP).

To exercise your rights, write to: [email protected]

Bitcoin ATMHome
Home Bitcoin ATMs in Poland Bitcoin ATMs in Switzerland How to sell Bitcoin About Us Contact

Bitomat.com is owned by "Virtual Planet EOOD" with EIK/PIK 206282793

National Revenue Agency, EIK Certificate No. 206282793, April 15, 2025

Mailing address within the Republic of Bulgaria:
BULGARIA, Plovdiv, Central District, 28A Geo Milev St., 8th floor

Tel: +359 878 273 961
Email: [email protected]

Business Hours (GMT+3):
Monday – Friday: 10:00 AM – 8:00 PM
Saturday: 10:00 AM – 6:00 PM
Sunday: Closed

Site designed by
Bitcoin ATM
Contact