Privacy Policy

Last updated: April 23, 2026

This Privacy Policy explains how SATOSHI NAKAMOTO CORP., a company incorporated in the Republic of Panama with company number 155773571 and registered address at Global Bank Tower, 18th Floor, Suite No. 1801, 50th Street, Panama City, Republic of Panama (the “Company”, “001k.bot”, “we”, “us”, or “our”), collects, uses, stores, shares, transfers, and otherwise processes personal data in connection with the services made available through the website (the “Website”), web application (the “WebApp”), Telegram bot (the “Bot”), APIs, and any related services (collectively, the “Platform”).

This Privacy Policy forms an integral part of the Terms & Conditions and should be read together with the AML/KYC Policy, Cookies Policy, Fees Policy, and any other policies or guidelines published on the Platform from time to time.

By accessing or using the Platform, you acknowledge that you have read and understood this Privacy Policy.

If you do not agree with this Privacy Policy, you must not access or use the Platform.

If you have any questions regarding this Privacy Policy or the processing of your personal data, you may contact us at support@001k.bot.

Data Controller

For the purposes of applicable data protection laws, the Company acts as the data controller in relation to the personal data processed in connection with the Platform.

The Platform is operated by SATOSHI NAKAMOTO CORP., Company No. 155773571, with its registered address at Global Bank Tower, 18th Floor, Suite No. 1801, 50th Street, Panama City, Republic of Panama, which is part of a group of affiliated entities involved in the provision, support, and development of the Platform.

Where necessary, personal data may be processed by affiliated entities within the Company’s group on a need-to-know basis and in accordance with applicable data protection laws and this Privacy Policy.

Where required by applicable law, the Company implements appropriate safeguards in relation to cross-border data processing within its group.

1. Scope

This Privacy Policy applies to personal data processed by the Company in connection with:

● registration and use of an Account;

● identity verification and compliance procedures;

● custodial wallet and transaction services;

● AML screening services;

● API access and related integrations;

● communications with support;

● compliance monitoring, fraud prevention, and security activities;

● use of the Website, WebApp, Bot, and other Platform interfaces.

This Privacy Policy applies to personal data relating to individual Users and, where relevant, personal data relating to representatives, directors, beneficial owners, or authorized persons acting on behalf of legal entities.

2. Types of Personal Data We Collect

The Company may collect and process the following categories of personal data, depending on the nature of the services used and the User’s interaction with the Platform:

2.1. Account and Contact Information

This may include:

● full name;

● email address;

● telephone number;

● residential address;

● country of residence;

● username, account identifier, or similar account-related information.

2.2. Identity Verification Information

Where required for KYC, AML/CFT, fraud prevention, or security purposes, this may include:

● date of birth;

● nationality;

● government-issued identification details;

● copies or images of identity documents;

● proof of address documents;

● selfie images, biometric data, or liveness verification data;

● declarations, questionnaires, and other verification-related information;

● information relating to beneficial owners, directors, or authorized representatives in the case of legal entities.

2.3. Transaction and Wallet Information

This may include:

● wallet addresses;

● blockchain transaction data;

● deposit and withdrawal information;

● asset type, amount, network, and transaction identifiers;

● counterparty information where available;

● transaction purpose information;

● information provided in connection with source of funds, source of wealth, or enhanced due diligence reviews.

2.4. Technical and Usage Information

When you access or use the Platform, we may collect technical and usage data, including:

● IP address;

● device information;

● browser type and operating system;

● session and log data;

● access timestamps;

● application or API usage data;

● network and security-related information;

● geolocation information derived from IP address or device settings where available.

2.5. Support and Communication Data

Where you communicate with us, we may process:

● support requests and related correspondence;

● Telegram usernames or account identifiers used to contact us;

● records of communications with support;

● information and documents submitted in connection with account, transaction, or compliance inquiries.

2.6. Compliance and Risk Data

For compliance, fraud prevention, and security purposes, we may process:

● sanctions screening results;

● watchlist screening results;

● blockchain analytics results;

● internal risk indicators and compliance flags;

● records of reviews, investigations, and reporting decisions;

● information received from third-party compliance providers.

Certain categories of personal data described above may also be collected, verified, analyzed, stored, or otherwise processed by third-party service providers engaged by the Company for identity verification, compliance screening, blockchain analytics, fraud prevention, infrastructure, or operational support purposes.

3. How we Collect Personal Data

We may collect personal data:

● directly from Users during registration, verification, transactions, or support interactions;

● automatically through the use of the Platform, including through technical logs, cookies, and similar technologies;

● from third-party verification, analytics, fraud prevention, or compliance service providers;

● from public sources, blockchain networks, public registers, sanctions lists, or other lawful sources;

● from legal entities, representatives, counterparties, or service partners where relevant to the provision of services or compliance obligations.

4. Purpose of Processing

The Company may collect and process personal data for the following purposes:

● to provide, operate, maintain, and improve the Platform and its services;

● to create and manage User accounts;

● to process transactions, deposits, withdrawals, transfers, and other service-related operations;

● to conduct KYC, customer due diligence, sanctions screening, fraud prevention, and AML/CFT compliance procedures;

● to perform transaction monitoring, blockchain analytics, and risk assessments;

● to comply with legal, regulatory, reporting, and recordkeeping obligations;

● to communicate with Users regarding accounts, services, support requests, compliance reviews, or security issues;

● to investigate suspicious, fraudulent, abusive, or unlawful conduct;

● to protect the security, integrity, and lawful operation of the Platform;

● to enforce the Terms & Conditions, AML/KYC Policy, and other applicable policies;

● to comply with court orders, lawful requests, or obligations imposed by competent authorities;

● to establish, exercise, or defend legal claims;

● to conduct internal audits, analytics, testing, troubleshooting, and service administration.

5. Legal Bases for Processing

Where applicable data protection laws require a legal basis for processing, the Company may process personal data on one or more of the following grounds:

● the processing is necessary for the performance of a contract or to take steps at the request of the User prior to entering into a contract;

● the processing is necessary to comply with legal or regulatory obligations;

● the processing is necessary for the purposes of the Company’s legitimate interests, including the operation, security, and protection of the Platform, fraud prevention, and compliance risk management, provided that such interests are not overridden by applicable legal protections;

● the User has provided consent, where consent is required under applicable law.

Where biometric data, cookies, or other sensitive categories of data are processed, such processing will be conducted in accordance with applicable law and, where required, on the basis of an appropriate legal ground.

6. Compliance, AML/KYC, and Financial Crime Prevention

The Company may process personal data for anti-money laundering (AML), counter-terrorist financing (CFT), sanctions compliance, fraud prevention, security monitoring, and related risk management purposes.

Such processing may include:

● identity verification procedures;

● sanctions and watchlist screening;

● blockchain analytics and wallet risk assessment;

● source of funds and source of wealth reviews;

● transaction monitoring and behavioral analysis;

● compliance reviews, investigations, and reporting;

● cooperation with competent authorities where required by applicable law.

The Company may use automated tools and profiling techniques to assess risk, detect suspicious activity, and support compliance decision-making. Such processing may be carried out on a continuous and automated basis as part of the Company’s risk-based compliance framework.

This processing does not typically result in solely automated decisions producing legal effects without meaningful human involvement.

Further details regarding the Company’s compliance framework are set out in the AML/KYC Policy.

Users acknowledge that personal data may be processed for such purposes both at the time of onboarding and on an ongoing basis throughout the User’s relationship with the Platform.

The Company may share personal data where reasonably necessary for the purposes described in this Privacy Policy, including with the following categories of recipients:

7.1. Service Providers

We may share personal data with third-party service providers that support the operation of the Platform, including providers of:

● identity verification services;

● blockchain analytics and compliance services;

● fraud detection and security tools;

● cloud hosting and infrastructure services;

● payment, communications, customer support, and ticketing services;

● analytics, technical maintenance, and operational support.

Such recipients may process personal data on behalf of the Company under contractual arrangements, including data processing agreements where applicable, and may be located in different jurisdictions.

7.2. Affiliates and Operational Partners

We may share personal data with affiliates, contractors, advisors, and operational partners where necessary for the provision of services, compliance oversight, security, audit, or business operations. Such sharing is carried out on a need-to-know basis and in accordance with applicable data protection laws.

7.3. Competent Authorities and Legal Requests

We may disclose personal data to law enforcement agencies, financial intelligence units, regulators, courts, and other competent authorities where required by applicable law, lawful request, court order, regulatory obligation, or legal process.

Further information regarding the procedures for handling such requests is available in the Company’s Legal Request Policy.

8. International Transfers

Due to the nature of the Platform and the use of third-party service providers, personal data may be transferred to, stored in, or accessed from jurisdictions outside the User’s country of residence.

Where such transfers occur, the Company will take reasonable steps to ensure that personal data is protected in accordance with applicable legal requirements and appropriate safeguards.

9. Data Retention

The Company may retain personal data for as long as necessary to fulfill the purposes described in this Privacy Policy, including for the provision of services, compliance with legal and regulatory obligations, dispute resolution, fraud prevention, enforcement of agreements, audit, and legitimate business purposes.

Retention periods may vary depending on the nature of the data and the legal or compliance requirements applicable to the Company.

The Company may retain certain personal data after account closure where required for compliance, recordkeeping, legal, operational, or security purposes.

Further information regarding compliance-related record retention is available in the AML/KYC Policy.

10. Data Security

The Company implements reasonable organizational, contractual, and technical measures designed to protect personal data against unauthorized access, loss, misuse, disclosure, alteration, or destruction.

Such measures may include access controls, authentication procedures, encryption, secure storage arrangements, monitoring tools, and other security safeguards appropriate to the nature of the data processed.

However, no method of transmission, storage, or electronic processing can be guaranteed to be completely secure. Users acknowledge that the use of online services involves inherent security risks.

Users are responsible for maintaining the security of their account credentials, devices, email accounts, Telegram accounts, API keys, and other access methods used in connection with the Platform.

11. Cookies and Similar Technologies

The Company may use cookies and similar technologies to operate, secure, and improve the Platform, to remember user preferences, to understand usage patterns, and to support analytics and functionality. This may include the use of third-party analytics and tracking technologies.

Further information regarding the use of cookies and similar technologies is available in the Company’s Cookies Policy.

12. User Rights

Subject to applicable data protection laws, Users may have certain rights in relation to their personal data. Where applicable, including under the General Data Protection Regulation (GDPR) or other relevant data protection frameworks, such rights may include the right to:

● request access to personal data held by the Company;

● request correction of inaccurate or incomplete personal data;

● request deletion of personal data in certain circumstances;

● request restriction of processing in certain circumstances;

● object to certain types of processing where permitted by applicable law;

● request portability of personal data where applicable;

● withdraw consent where processing is based on consent, without affecting the lawfulness of processing carried out prior to such withdrawal.

These rights are not absolute and may be limited where the processing of personal data is necessary to comply with legal obligations, including anti-money laundering (AML), counter-terrorist financing (CFT), sanctions compliance, fraud prevention, security monitoring, or recordkeeping requirements, or where otherwise permitted by applicable law.

Users may also have the right to lodge a complaint with a competent data protection authority.

13. Third-Party Services and Blockchain Transparency

The Platform may integrate with or rely on third-party services, including identity verification providers, analytics providers, blockchain infrastructure providers, communication tools, and other service providers.

The Company is not responsible for the privacy practices of third-party services that are not controlled by the Company. Users should review the relevant privacy notices and terms of any third-party services they use.

Users also acknowledge that blockchain networks are public or partially public by design, and certain transaction-related information may be visible to third parties on the blockchain independently of the Company.

14. Children and Minors

The Platform is not intended for use by individuals who are not legally permitted to use the services under applicable law. The Company does not knowingly collect personal data from children where such collection is prohibited by law.

If the Company becomes aware that personal data has been collected in violation of applicable law, it may take steps to delete such data and restrict or terminate access to the Platform where appropriate.

15. Changes to this Privacy Policy

The Company reserves the right to modify, update, or amend this Privacy Policy at any time to reflect changes in applicable laws, regulatory requirements, operational practices, technologies, or internal policies.

Updated versions of this Privacy Policy will be published on the Platform and will become effective upon publication unless otherwise stated.

Users are encouraged to review this Privacy Policy periodically to stay informed about how personal data is processed.

Continued access to or use of the Platform after the publication of any updates to this Privacy Policy constitutes acceptance of the revised Privacy Policy.