Legal Document

Privacy Policy

Effective date: 1 January 2025 · Last updated: 1 June 2025

This Privacy Policy explains how bitraflil.com ("we", "us", or "our") collects, uses, and protects your personal information when you use our website and services to purchase crypto gift cards, eSIMs and mobile top-ups.

1. Data We Collect
2. How We Use Your Data
3. Cookies & Tracking
4. Third-Party Sharing
5. Your Rights (GDPR & CCPA)
6. Data Retention
7. Security
8. Children's Privacy
9. Changes to This Policy
10. Contact Us

Data We Collect

We collect information you provide directly: name, email address, payment details (processed via third-party processors), and order history.
We automatically collect device/browser data, IP address, pages visited, and referral source via cookies and analytics tools.
For eSIM and mobile top-up orders, we collect the phone number or device IMEI/EID you supply at checkout.

How We Use Your Data

To process and deliver your orders (gift card codes, eSIM QR codes, mobile top-ups) and send order confirmations.
To prevent fraud, verify transactions, and comply with anti-money-laundering obligations.
To improve our platform, personalise your experience, and send promotional communications where you have consented.

Cookies & Tracking

We use essential cookies for session management and cart functionality, and optional analytics/marketing cookies (Google Analytics, Meta Pixel).
You can manage or withdraw cookie consent at any time via our Cookie Preferences banner or your browser settings.
See our Cookie Policy at bitraflil.com/#/cookies for full details.

Third-Party Sharing

We share data with payment processors (e.g. Coinbase Commerce, Stripe), digital product API providers, and fraud-prevention services strictly to fulfil your order.
We do not sell your personal data to third parties for their own marketing purposes.
Service providers are bound by data-processing agreements and may not use your data for any purpose beyond the contracted service.

Your Rights (GDPR & CCPA)

EU/UK residents: right to access, rectify, erase, restrict, or port your data, and to object to processing or withdraw consent.
California residents: right to know what personal information we collect, request deletion, and opt out of any sale (we do not sell data).
To exercise any right, email privacy@bitraflil.com. We will respond within 30 days.

Data Retention

We retain order and transaction records for 7 years to meet financial and legal obligations.
Account and profile data is kept while your account is active and deleted within 90 days of a verified deletion request.
Analytics data is retained in aggregated, anonymised form for up to 26 months.

Security

All data is transmitted over TLS 1.2+ encryption and stored on servers with AES-256 encryption at rest.
Access to personal data is restricted to authorised personnel on a need-to-know basis and protected by multi-factor authentication.
Despite these measures, no internet transmission is 100% secure. Please contact us immediately at security@bitraflil.com if you suspect unauthorised access.

Children's Privacy

bitraflil.com is not directed to individuals under 18 years of age.
We do not knowingly collect personal data from minors. If we become aware such data has been collected, we will delete it promptly.

Changes to This Policy

We may update this Privacy Policy periodically. The revised version will be posted on this page with an updated effective date.
For material changes, we will notify registered users via email at least 14 days before the change takes effect.

Contact Us

Data Controller: bitraflil.com — registered email: privacy@bitraflil.com
For general privacy enquiries, write to: privacy@bitraflil.com
For urgent data-breach reports, write to: security@bitraflil.com

Questions about this policy? We're here to help.

privacy@bitraflil.com