PRIVACY POLICY
Paliton s.r.o.
Last updated: 02.12.2025
1. Introduction
This Privacy Policy explains how Paliton s.r.o. (“Paliton”, “we”, “our”, “us”) collects, processes, stores, and protects the personal data of individuals who use our website, platform, applications, and any services related to virtual asset operations (collectively, the “Services”).
Paliton is committed to protecting your privacy, handling your data with transparency, and complying fully with the General Data Protection Regulation (GDPR), Slovak data-protection law, and all obligations that apply to Virtual Asset Service Providers (VASPs).
By accessing or using our Services, you acknowledge that you understand and agree to the practices described in this Privacy Policy.
2. What Personal Data We Collect
To comply with legal obligations, particularly Anti-Money Laundering (AML) and Counter-Terrorist
Financing (CTF) laws, and to provide reliable and secure Services, Paliton collects different
categories of personal data. We collect information directly from you, automatically from your use of
our Services, and from approved third-party partners.
2.1. Data Provided by You
During registration, identity verification, or use of Services, you may provide:
• Full name, date of birth, nationality Identification documents (ID card, passport)
• Selfie or live face verification
• Proof of address
• Financial information such as bank account ownership details
• Source of funds or source of wealth documentation, when required
• Any other information you voluntarily submit through forms, communication channels, or support interactions
2.2. Data Collected Automatically
We collect technical and usage data when you access the platform, including:
• IP address, device details, browser type
• Login timestamps, security logs, location data
• Website usage patterns and traffic information
• Cookies and tracking technologies
• Error logs and performance data
This information allows us to ensure platform stability, security, and fraud detection.
2.3. Data Obtained from Third Parties
To comply with regulatory obligations and prevent financial crime, Paliton uses secure third-party
identity verification and blockchain analytics providers. These providers may deliver:
• KYC/identity verification results
• Document authenticity assessments
• Sanctions and watchlist screenings
• Risk scores for blockchain addresses or transactions
• Fraud-prevention intelligence
All third-party partners must comply with strict GDPR standards.
3. Purpose and Legal Basis for Processing Personal Data
3.1. Compliance With Legal Obligations
As a Virtual Asset Service Provider, Paliton must comply with AML/CTF laws, sanctions regulations,
and financial-sector requirements. This includes obligations to:
• Identify and verify Clients
• Monitor transactions and detect suspicious activity
• Report suspicious transactions to competent authorities
• Maintain appropriate records for legally mandated retention periods
Processing for legal compliance is mandatory and cannot be opted out of.
3.2. Provision of Services
We process your data to:
• Create and maintain your account
• Facilitate transactions
• Provide customer support
• Ensure secure operation of the platform
• Manage service availability and performance
Without this information, we cannot provide key Services to you.
3.3. Fraud Prevention and Security
We use your data to safeguard the integrity of our Services by:
• Detecting unauthorized access
• Preventing fraud and abuse
• Conducting blockchain-address risk analysis
• Enforcing internal security controls
Complying with cybersecurity and regulatory standards
3.4. Legitimate Interests
Certain processing activities are based on our legitimate interest, such as:
Improving service quality
• Conducting internal analytics and performance monitoring
• Preventing and managing system errors
• Ensuring the reliability and reputation of Paliton
We always balance our interests with your rights and expectations.
3.5. Consent
Where consent is required (e.g., non-essential cookies or marketing communications), we will obtain it explicitly. You may withdraw consent at any time.
4. How We Use and Share Your Data
4.1. Third-Party Service Providers
We cooperate only with EU-based Electronic Money Institutions (EMIS) and licensed banking institutions to process fiat transactions.
We also work with GDPR-compliant providers offering:
• KYC/identity verification
• Blockchain analytics
Fraud detection and security monitoring
• Cloud hosting and IT infrastructure
• Customer support tools
These providers process data strictly under our instructions and contractual safeguards.
4.2. Regulatory and Law-Enforcement Authorities
Paliton may be legally required to share your data with supervisory authorities, law enforcement, or financial intelligence units. Such sharing may occur without prior notification to you, where legally prohibited.
4.3. Corporate and Operational Needs
If Paliton undergoes restructuring, merger, acquisition, or asset transfer, personal data may be transferred to the successor entity under strict confidentiality obligations.
We Do Not Sell Your Data. We never sell or rent personal data to third parties.
5. International Data Transfers
Whenever possible, we store and process personal data within the European Economic Area (EEA).
If data must be transferred outside the EEA, Paliton ensures that:
• Adequate safeguards are in place (Standard Contractual Clauses, equivalent mechanisms)
• Providers meet GDPR-level protection
• Transfers are necessary for service provision or regulatory compliance
We take all reasonable steps to ensure your data remains secure.
6. Data Retention
Paliton retains your personal data for as long as necessary to fulfill the purposes defined in this Policy, and in accordance with legal requirements.
Retention periods include:
AML/KYC data: minimum 5 years after the end of the business relationship
• Transaction records: up to 10 years, depending on legal obligations
• Technical logs: shorter periods based on operational needs
• Data required for investigations: retained longer if mandated by authorities
When the retention period expires, data is securely deleted or anonymized.
7. Your Rights Under GDPR
You have the following rights regarding your personal data:
Right to access your data
Right to rectification of inaccurate or incomplete data
Right to erasure, where legally possible
• Right to restriction of processing
• Right to object to processing based on legitimate interest
• Right to data portability
Right to withdraw consent (where applicable)
• Right not to be subject to automated decision-making with significant effects
8. Cookies and Tracking Technologies
Paliton uses cookies to ensure security, functionality and personalized service. Cookies may:
• Maintain login sessions
• Support fraud detection
• Measure platform performance
Analyze user navigation patterns
Non-essential cookies require your consent. Our Cookie Policy provides additional information.
9. Data Security
We take extensive measures to secure your data, including:
• Encryption of data in transit and at rest
• Secure servers and access controls
• Continuous monitoring for suspicious activity
• Strict internal data-access protocols
• Staff training and confidentiality obligations
• Regular security audits
Despite strong safeguards, no system is completely immune from risks; however, Paliton employs best-practice security standards to minimize them.
10. Changes to This Privacy Policy
Paliton may update this Privacy Policy from time to time to reflect legal changes, technical improvements, or modifications to our Services. Updates will be published on our website with a revised “Last Updated” date. Continued use of our Services confirms your acceptance of the updated Policy.