Privacy Policy

Last updated: November 1, 2025

Introduction

The operator of the Website https://001k.bot/ and the Telegram Bot https://t.me/OO1kBOT (hereinafter referred to as “We”, “Us”, or the “Company”) places the highest importance on safeguarding your personal data in connection with your use of our Services.

For the purposes of this Privacy Policy, the “Company” refers to a group of legal entities, including but not limited to:

• Satoshi Nakamoto Corporation, a company lawfully registered under the legislation of Panama

Depending on your country of residence, the scope and purpose of your use of the Services, and internal classification procedures (including Know Your Customer (KYC) outcomes), one or more of the above-mentioned legal entities may act as the data controller with respect to your personal data. Specific details regarding your data controller will be made available upon request or as determined during the KYC process.

This Privacy Policy describes how We collect, use, process, and share your personal data, as well as the security measures We apply to protect it and your rights under applicable law. It has been prepared in accordance with the General Data Protection Regulation (“GDPR”) and other relevant data protection laws applicable to the jurisdiction of the respective Company entity providing the Services.

By using our Services, you confirm that you have fully read, understood, and agreed to all the terms and conditions stated in this Privacy Policy. If you do not agree with any part of this Privacy Policy, please refrain from using our Services. All terms used in this Policy are consistent with those defined in our Terms of Use and other applicable policies.

Please note that by using one of our products, namely the Telegram Bot, you may also share personal data with Telegram. For more information about how Telegram processes personal data, please consult the Telegram Privacy Policy.

If you have any questions or concerns about this Privacy Policy, please contact Us via email: support@001k.bot.

2. Data controller

The Company entity providing the Services acts as the controller of your personal data. In accordance with Article 4(7) of the General Data Protection Regulation (GDPR), a data controller is a natural or legal person who, alone or jointly with others, determines the purposes and means of processing personal data.

Details of the specific legal entity acting as the data controller, including its name, registration number, and address, are made available in connection with the particular Service you are using or upon request.

For further clarification on how we process your personal data, you may contact us at support@001k.bot.

3. What sources of personal data do we use?

We may collect personal data from various sources, including:

• Voluntary Provision: We may obtain personal data directly from you when you voluntarily provide your personal information, as well as through other forms, and communication channels. This may include contact details, identification details, address details, etc.
• Telegram Bot and Website Usage: We may collect personal data through the use of cookies and similar technologies when you interact with our bot and website. This may include browsing history, IP addresses, device information, and other usage data. For more information, please refer to our Cookie Policy.
• Third-party Sources: We may receive personal data from third-party sources, such as service providers, business partners, or publicly available sources. This may include contact information and other relevant information obtained from reputable sources.

We emphasize that we gather personal data exclusively from lawful sources and strictly adhere to the principles of transparency, fairness, and accountability as outlined in the GDPR. 

4. What is the legal basis for collecting your personal data?

In compliance with the GDPR and other applicable data protection laws, We rely on a range of legal bases for processing your personal data. The legal bases are as follows:

• your consent — you give us consent for the processing of your personal data (Article 6 (1a) of the GDPR);
• the performance of a contract — We rely on this basis when processing your personal data to perform our contractual obligations to you in order to provide our Services (Article 6 (1b) of the GDPR);
• compliance with a legal obligation to which We are subject — your personal data may be used as necessary for the fulfillment of the legal obligation itself (Article 6 (1c) of the GDPR);
• legitimate Interests  — We rely on this basis in cases where it is necessary for us to process your personal data to meet our own needs for the operation, management and development of our business or to protect legitimate interests that We or a third party pursue (provided that a balance of interests is achieved) (Article 6 (1f) of the GDPR).

We will be pleased to assist in clarifying the specific legal basis on which processing is carried out in any case.

5. What personal data do we collect? 

This section outlines the types of personal data We collect for Anti-Money Laundering (“AML”) and Combating Terrorism Financing (“CTF”) purposes, underscoring our dedication to safeguarding the confidentiality and integrity of this information.

When using our Services, you may provide us with two types of data:

• Personal data that you voluntarily share; and 
• Data that is collected automatically by your use of our Services.

For an identity verification procedure, We use the third-party service provider Sum and Substance Ltd (“SumSub”). For more information please refer to the AML/CFT Policy.

In accordance with applicable legal and regulatory requirements, we are obligated to collect and process certain personal data for the purposes of identity verification, customer due diligence, and ongoing compliance monitoring.

Depending on the type of User (individual or legal entity) and the nature of the Services provided, the following categories of data may be collected:

For Individual Users:

• Personal identification details (e.g., full name, date of birth, nationality);
• Identity verification documents (e.g., passport, national ID, driver's license, or visa);
• Residential address and contact details;
• Liveness or biometric verification (e.g., selfie with liveness check);
• Verification of email and phone number;
• Information related to the source of funds and intended purpose of the account;
• Declarations regarding the accuracy of submitted data, acceptance of our policies, and confirmation of non-PEP status.

For Legal Entity Representatives:

• Identification and contact details of the representative;
• Verification documents for identity and authority to act on behalf of the entity;
• Declarations confirming understanding and acceptance of our terms, and non-PEP status of all relevant parties.

For Legal Entities:

• Company identification details (e.g., legal name, registration number, country of incorporation);
• Documentation proving legal existence and ownership structure;
• Information on shareholders, beneficial owners, and directors, including identification and proof of address;
• Supporting documents related to the entity’s source of funds and source of wealth.

The exact scope of data collected may vary depending on the User’s risk profile, the type of Services requested, and the jurisdictional requirements applicable to the Company entity providing the Service.

We retain this data in accordance with applicable legal retention periods and ensure it is processed lawfully, fairly, and transparently for the purposes of fulfilling our legal obligations and safeguarding our platform against financial crime.

For the provision of our Services, We also process your personal data related to the transactions and your activity using our Bot and Website:

• payment information;
• transaction and exchange history;
• account status;

Digital wallet information:

a. private and public keys;

b. wallet balance. 

In addition, We collect the below-mentioned data automatically:

Device Data:

a. device name; 

b. operating system; 

c. device ID;

d. browser settings (browser version, language, date and time of request and destination URL etc.);

e. mobile network system;

f. your overall geographic location.

Online Identifiers:

a. IP address;

b. cookie identifiers;

c. pixel tags;

d. MAC addresses;

e. advertising IDs.

Usage Data:

a. download time from your device;

b. the functions you use and actions you perform;

c. time zone;

d. access dates and times;

e. type of computer or mobile device;

f. the length of the visit on our website;

g. search engine terms that you use.

The aforementioned data is only processed to such an extent which is necessary to ensure proper provision of our Services.

6. What personal data do we not collect?

It is important to note that we do not collect or process special categories of personal data that concern racial or ethnic origin of natural persons, their political opinions or religious, philosophical or other beliefs, membership in trade unions, and their health, sexual life and criminal convictions.

7. How do we process the personal data of minors?

We do not intentionally collect or store data about persons under the age of 18. Therefore, during the verification procedure you confirm that you have the legal capacity to enter into a binding agreement by using our website and Services.

If you suspect that a person under 18 has shared personal data, contact us at support@001k.bot. 

8. Why do we collect your personal data?

Our Company collects only essential personal data necessary to provide the Services you request. Understanding the reasons behind our collection of your personal data empowers you to make informed decisions regarding your privacy and data sharing practices when using our website. 

We collect and process personal data for the following purposes:

• to optimize our Services and diagnose technical errors;
• to provide assistance during the provision of our Services; 
• to send you promotional content in accordance with your marketing preferences;
• to fulfill our legal obligations and protect your rights;
• to detect, prevent, and report potentially suspicious, fraudulent, or illegal activities;
• to monitor business efficiency and generate internal reports.

By collecting personal data for these purposes, We aim to provide a secure and reliable cryptocurrency exchange platform while ensuring compliance with applicable laws and regulations, safeguarding user interests, and improving overall user experience.

9. What rights do you have?

In compliance with the GDPR and other applicable data protection laws, We acknowledge and uphold the fundamental rights of individuals concerning their personal data. 

This section outlines your rights as a data subject and describes the process for exercising these rights regarding the personal data We collect and process.

1. Right of access

You have the right to request information about the categories of personal data We have collected from you, the purposes for which We process your data, the sources from which We obtained your data (if not directly from you), and the recipients to whom your data has been or will be disclosed.

Additionally, you have the right to receive a copy of the personal data We hold about you and to verify that We are processing it lawfully. The first copy will be provided free of charge, and subsequent copies may be subject to a reasonable fee to cover our administrative costs.

2.  Right to rectification

You have the right to promptly request the correction of inaccurate personal data. Considering the purposes of processing, you also have the right to complete incomplete personal data by providing additional information.

If you need to add or modify any information, you can log into your account and update it in your settings. If you are unable to make the changes yourself, please contact us at support@001k.bot, and We will assist you.

Please note, We may deny your request if additional information is unnecessary for the purposes of processing personal data.

3. Right to erasure (“right to be forgotten”)

You have the right to obtain from us the erasure of your personal data without undue delay and We have the obligation to erase personal data without undue delay where one of the following grounds applies:

• it is no longer necessary for the purposes for which personal data was collected or otherwise processed;
• you withdraw the consent upon which the processing is based and if no other lawful basis for the processing exists; 
• personal data has been unlawfully processed; 
• if you object to the processing and there are no overriding legitimate grounds for such processing;
• personal data have to be erased for compliance with a legal obligation in Union or Member State law to which we belong.

4. Right to restriction of processing

You have the right to obtain from us restriction of processing where one of the following applies:

• the accuracy of the personal data is contested by you, for a period that allows us to check the accuracy of the personal data;
• in the case of illegal processing, and you are against erasure of the personal data and request the limitation of their use;
• there is no longer a need for us to use personal data for the purposes of the processing, but it is necessary for you for the establishment, exercise or defense of legitimate claims;
• you have objected to the processing prior to the verification of whether our legitimate grounds override yours.

5. Right to data portability

You have the right to receive your personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another controller without hindrance from us, where:

• the processing is based on your consent;
• the processing is carried out by automated means.

6. Right to object

You can object to the processing of your personal data at any time if it is based on a legal basis other than your consent. To do so, you must notify us in writing of your objection. We will cease processing your personal data unless We have compelling legitimate grounds that override your interests, rights, and freedoms, or for the establishment, exercise, or defense of legal claims.

If your personal data is processed for direct marketing purposes, you have the right to object at any time. In this situation, your personal data will no longer be processed for marketing purposes.

7. Right to file a complaint

If you find that We have breached your rights, you are recommended to contact us at support@001k.bot in the first instance so that We can try to resolve your issue or dispute. 

In addition, you also have the right to lodge a complaint with the competent supervisory authority - State Data Protection Inspectorate.

We encourage you to familiarize yourself with your rights as outlined in this section and to reach out to us if you have any questions, concerns, or requests regarding the processing of your personal data.

10. In what manner can you exercise your rights?

In order to exercise the aforesaid rights, please send us your inquiries, complaints or demands in writing by email to support@001k.bot.

We strive to respond to your requests promptly, typically within one month. If necessary due to complexity, this may extend by up to two months, with notification provided within one month of receiving your request. For verification purposes, We may request an identity document in accordance with applicable laws.

If you are not satisfied with how we handle your personal data or if we are unable to address your request, you have the right to lodge a complaint with the competent data protection authority in the jurisdiction relevant to your place of residence or the Company entity providing the service.Contact details of the appropriate supervisory authority can be provided upon request.

11. Who we may disclose your personal data to?

We are not in the business of selling your personal data to others. In certain instances, We may disclose your personal data to third parties for the purpose of executing tasks and delivering Services to you on our behalf. Such sharing will only occur when deemed appropriate or essential to fulfill the purposes outlined in this Privacy Policy. We ensure that third parties receive only the minimal amount of personal data required to fulfill the specific service requested. 

Personal data may be disclosed to the following parties:

• our parent companies, subsidiaries, affiliates;
• business partners with whom We jointly offer products or Services as allowed by law;
• suppliers;
• sub-contractors;
• our advertising partners.

We also ensure we have appropriate contractual protections in place with these third parties.

In some circumstances, We can share your personal data to law enforcement agencies (courts, prosecuting authorities), regulators (fraud or crime prevention agencies), government/public authorities (tax authorities, banks) and officials, or other relevant third parties.

In exceptional cases, our Company may transfer your personal data to other countries for the provision of our Services.

12. How does the international transfer of personal data proceed?

When you use our Services, you give us consent to transfer your data to other countries, even to countries with privacy and data protection laws that differ from those in your country. Whenever such transfers occur, we will protect and process your personal data as described in this Privacy Policy.

If we transfer personal data from the European economic area (“EEA”) to a country not deemed by the European Commission to provide an adequate level of protection for such data, the transfer will be governed by an agreement that complies with EU standards for transferring personal data to non-EEA countries. This may include the use of Standard Contractual Clauses endorsed by the European Commission. 

13. What are the provisions for retaining your personal data?

We retain your personal data for the duration necessary to provide our Services and comply with the national AML and CTF provisions. The duration of retention is five years after you close your account or stop using our Services.

14. How do we secure your personal data? 

Our company takes reasonable efforts to maintain a level of security appropriate to the risk associated with the processing of your personal data. Our aim is to prevent unauthorized access or interference with the personal data collected through our site by third parties unaffiliated with us.

Therefore, We employ appropriate electronic, managerial, and technical measures to safeguard and protect your personal data. The security measures We implement include, but are not limited to:

• only employees who are duly authorized by us may access your personal data and these employees are obligated to maintain the confidentiality of your data;
• the encryption of your personal information is in place to safeguard your data;
• personally identifiable data is stored on our secure servers or stored on third party servers located in secure data centers.

Please note that no Internet or email transmission can be guaranteed to be entirely secure or error-free. Specifically, email communications to or from us may not be completely secure. Therefore, please use caution when deciding what information to transmit.

Furthermore, We cannot be held responsible for any bypassing of privacy settings or security measures on the third-party websites.

15. Who is responsible for the content of the links to third-party websites, products or Services?

We provide our Services with the protection of your privacy in mind. Although We endeavor to only link to sites, products or Services with high privacy standards, our Privacy Policy will no longer apply once you leave our website or bot.

In addition, by no means any link should be construed as an endorsement or approval of any third party by our Company. Therefore, We encourage you to examine the privacy policy of each website, product and service separately to be aware how they deal with your personal information. We are not responsible for the privacy practices employed by third parties. 

16. Marketing

With your consent, We may use your personal information for our marking purposes. You may receive the following communications: newsletters, promotional materials and announcements related to our new products. The content of these communications is designed to enhance your overall experience and keep you informed about the latest offerings.

In addition, We may share your personal data with our marketing partners for the purposes of targeting, analytics, as well as for advertising activities.

You can ask us or our partners to stop sending you marketing messages at any time by following the opt-out links on any marketing message sent to you or by contacting us at support@001k.bot.

 17. How is this Privacy Policy update managed? 

We reserve the right to update this Privacy Policy from time to time. Changes become effective when posted on this page. 

Any amendments will be displayed or otherwise communicated to you while using the Services. If you continue to use our Services within one week after receiving such notification, you will be deemed to have accepted all changes and agreed to comply with the updated Policy. 

If you do not agree with any changes made to this Privacy Policy, please discontinue using our Services.

In the event of any discrepancies or inconsistencies in translation between the English version and any translated versions of this Policy, the English original shall prevail and be binding.