Privacy is of utmost importance at Binusu.com. We recognize the significance of protecting
information which is stored on our servers or network or is intended to be stored on our servers or
network and which relates to an individual. The data we protect are the “Personal Data” which is any
information that can be used to identify you directly or indirectly.
This Privacy Notice applies to all processing of Personal Data on the website www.binusu.com and all
other Binusu.com sites on which it appears (the “Sites”). If you do not agree with this Privacy
Policy, in general, or any part of it, you should not use the Sites or Services. This Privacy Policy
is periodically reviewed to ensure that any new obligations and changes to our business model are
taken into consideration. We may amend this Privacy Policy at any time by posting an amended version
on our website.
In order to ensure the compliance of this Notification with the regulations governing personal data
protection, Binusu reserves the right to modify or amend the Policy accordingly. You will be suitably
notified of any changes in due course, e.g. by e-mail or through a website notification.
In this privacy policy, we will tell you:
Who we are;
What Personal Data we collect from you and how we collect it;
On what legal basis we collect your Personal Data;
For what purpose we collect your Personal Data;
How long we store it for;
Who do we share your Personal Data with;
Whether we intend to transfer it to another country;
What are your rights with respect to your Personal Data; and
Children’s Privacy; and
Changes to this Privacy Policy.
1. Who are we and how can you contact us if you have any concern?
The organization who is responsible for ensuring that your Personal Data is processed in
compliance with applicable regulations is: Binusu Exchange Limited, RV14A, Riviera Suites, Martyrs
Way, Ntinda Kampala, Uganda. Incorporated in the Republic of Uganda, company registration number
80020003706184.
If you have any concern, question or if you would like to exercise any of your rights with respect to
your Personal Data, you may contact our Data Protection Officer (“DPO”) at info@binusu.com.
2. What data do we collect about you and how do we collect it?
We collect your Personal Data through a variety of methods: either you provide it to us directly, we
collect it from external sources, or we collect it by using automated means.
Information you may provide to us: You may give us information about you by filling
in forms on our Sites or through our app or by corresponding with us by phone, email or otherwise.
This includes information you provide when you register to use the Services and when you report a
problem with the Sites or with our app. Information we collect about you: With regard to each of your visits to our Sites or
our app we automatically collect the following information: Login Information: We log technical information about your use of the Services,
including the type of browser and version you use, the wallet identifier, the last access time of your
wallet, the Internet Protocol (IP) address used to create the wallet and the most recent IP address
used to access the wallet. Device Information: We collect information about the device you use to access your
account, including the hardware model, operating system and version, and unique device identifiers,
but this information is anonymised and not tied to any particular person. Transaction Information: In connection with our Services (as such term is defined in
our User Agreement), we may collect and maintain information relating to transactions you effect using
the Binusu.com Wallet (e.g. converting one virtual currency to another or purchasing virtual
currencies). Information We Collect Required By Law, Rule, or Regulation: Depending on the
Service, we may collect information from you in order to meet regulatory obligations around
know-your-customer (“KYC”) and anti-money laundering (“AML”) requirements. Information that we collect
from you includes the following:
Full name
Residential address
Contact details (telephone number, email address)
Date and place of birth, gender, place of citizenship
Bank account information and/or credit card details
Your status as a politically exposed person
Source of funds & proof of address
Passport and/or national driver’s license or government-issued identification card to verify your
identity
Transaction history and account balances in connection with your use of certain Services.
Information We Collect from External Sources: We also receive information from other
sources and combine that with the information we collect through our Services. For instance:
We use "cookies" from time to time to help personalise your online experience with us. A cookie is a
small text file that is stored on your computer to help us make your visit to our Sites more
“user-friendly.” Please see our Cookie Policy for more details about the cookies we use. Cookies
provide us with information about your use of the Sites that can help us improve the Sites and your
experience with it. We will process Personal Data collected through cookies in accordance with this
Privacy Policy. If you have set your browser to alert you before accepting cookies, you should receive
an alert message with each cookie. You may refuse cookies by turning them off in your browser,
however, you should be aware that our Sites, like most other popular sites, may not work well with
cookies disabled.
We may analyze public blockchain data to ensure parties utilizing our Services are not engaged in
illegal or prohibited activity under our User Agreement, and to analyze transaction trends for
research and development purposes.
We use third-party services that may be co-branded as Binusu.com but will do so with clear notice. Any
third-party services may collect information as determined by their own privacy policies.
Banks or payment processors that you use to transfer fiat currency may provide us with basic Personal
Data, such as your name and address, as well as, your bank account information.
Advertising or analytics providers may provide us with anonymised information about you, including but
not limited to, how you found our website.
3. On what basis do we collect your data?
We only use your Personal Data where we have a legal basis to do so:
Consent. For some processing activities, we require your prior consent. This applies
for example to some of our direct marketing activities which fall under the scope of the GDPR. You
will always be prompted to take clear, affirmative action so that we can ensure that you agree with
the processing of your Personal Data. This action may, for example, take the form of a checkbox. If
you have given us your consent for processing operations, you may always change your mind, and
withdraw your consent at any time and easily; all you need to do is to send us an email at the
following address
info@binusu.com.
Performance of a contract. Some Personal Data we process about you is for the
performance of a contract to which you are a party or in order to take steps at your request prior to
entering into a contract with us.
Legal obligation. In some cases, we have to process your Personal Data to comply with
legal obligations, including those applicable to financial services institutions, such as under the
Bank Secrecy Act and other anti-money laundering laws. You may not be eligible for certain Services if
we cannot collect the Personal Data necessary to meet our legal obligations.
Legitimate interest. In most cases where we process Personal Data in the context of
our Services we rely on our legitimate interests in conducting our normal business as a legal basis
for such processing. Our legitimate interests are to identify or prevent fraud, to enhance the
security of our network and information systems, or to carry out processing operations for statistical
purposes. We will use legitimate interest only when we have carried out an assessment on the impact
that this processing may have on you, and concluded that the processing does not unduly infringe your
rights and freedoms. For example, we do not use this justification if we process sensitive data, or
when the processing would be unexpected for you, or if we consider it to be too intrusive.
4. For what purposes do we collect your data?
We collect your Personal Data to:
Provide our Services (including customer support);
Process transactions and send notices about your transactions;
Resolve disputes, collect fees, and troubleshoot problems;
Communicate with you about our Services and business and to inform you of matters that are important
for your account and/or use of the Sites. We also use your Personal Data to respond to any questions,
comments or requests you filed with us and the handling of any complaints;
Comply with applicable laws and regulations;
Establish, exercise and defend legal claims;
Monitor and report compliance issues;
Customize, measure, and improve our business, the Services, and the content and layout of our - Sites
and apps (including developing new products and services; managing our communications; determining the
effectiveness of our sales, marketing and advertising; analyzing and enhancing our products, services,
websites and apps; ensuring the security of our networks and information systems; performing
accounting, auditing, invoicing, reconciliation and collection activities; and improving and
maintaining the quality of our customer services);
Perform data analysis;
Deliver targeted marketing, service update notices, and promotional offers based on your communication
preferences, and measure the effectiveness of it. To approach you via email for marketing purposes, we
request your consent, unless it is not required by law. You always have the option to unsubscribe from
our mailings, e.g., via the unsubscribe link in our newsletter;
Perform risk management, including comparing information for accuracy and verify it with third parties
and protect against, identify and prevent fraud and other prohibited or illegal activity, claims and
other liabilities; and
Enforce our contractual terms.
5. How long do we keep your data?
We will only retain your personal information for as long as necessary to fulfil the purposes for
which we collected it, including for the purposes of satisfying any legal, accounting, or reporting
obligations or to resolve disputes. While retention requirements vary by jurisdiction, information
about our typical retention periods for different aspects of your personal information are described
below.
Personal information collected to comply with our legal obligations under financial or anti-money
laundering laws may be retained after account closure for as long as required under such laws.
Contact Information such as your name, email address and telephone number for marketing purposes is
retained on an ongoing basis until you unsubscribe. Thereafter we will add your details to our
suppression list to ensure we do not inadvertently market to you.
Content that you post on our Sites such as support desk comments, photographs, videos, blog posts, and
other content may be kept after you close your account for audit and crime prevention purposes (e.g.
to prevent a known fraudulent actor from opening a new account).
Information collected via technical means such as cookies, web page counters and other analytics tools
is kept for a period of up to one year from expiry of the cookie.
When Personal Data is no longer necessary for the purpose for which it was collected, we will remove
any details that identifies you or we will securely destroy the records, where permissible. However,
we may need to maintain records for a significant period of time (after you cease using a particular
Service) as mandated by regulation. For example, we are subject to certain anti-money laundering laws
that require us to retain the following, for a period of five (5) years after our business
relationship with you has ended.
6. Who do we share your Personal Data with?
We may share your information with selected recipients to perform functions required to provide
certain Services to you and/or in connection with our efforts to prevent and investigate fraudulent or
other criminal activity. All such third parties will be contractually bound to protect data in
compliance with our Privacy Policy. The categories of recipients include:
Other Binusu.com entities, including to help detect and prevent potentially illegal acts and
violations of our policies, and to guide decisions about our products, services and communications;
Service providers who help with our business operations and to deliver our Services, such as:
Cloud service providers providing cloud infrastructure;
Providers of ID verification solutions and other due diligence solutions (such as KYC and anti-money
laundering);
Providers of website analytics;
Providers of customer service solutions; and
Providers of marketing automation platforms.
Law enforcement, government officials, regulatory agencies, our banks, and other third parties
pursuant to a subpoena, court order or other legal process or requirement if applicable to Binusu.com;
or when we believe, in our sole discretion, that the disclosure of data is necessary to report
suspected illegal or fraudulent activity or to investigate violations of our User Agreement.
We also may share Personal Data with a buyer or other successor in the event of a merger, divestiture,
restructuring, reorganisation, dissolution or other sale or transfer of some or all of Binusu.com’s
assets, whether as a going concern or as part of bankruptcy, liquidation or similar proceeding, in
which Personal Data held by Binusu.com is among the assets transferred.
Funding and transaction information related to your use of certain Services may be recorded on a
public blockchain. Public blockchains are distributed ledgers, intended to immutably record
transactions across wide networks of computer systems. Many blockchains are open to forensic analysis
which can lead to deanonymization and the unintentional revelation of private financial information,
especially when block chain data is combined with other data.
Because blockchains are decentralised or third-party networks that are not controlled or operated by
Binusu.com or its affiliates, we are not able to erase, modify, or alter Personal Data from such
networks.
7. Is your data transferred outside of the European Union?
As we are located outside of the European Union, we will ensure that any entity, whether our processor
or affiliate that transfers Personal Data to us from the EU employs appropriate safeguards. If your
Personal Data is transferred to us from the European Economic Area by our service providers (i.e.,
Data Processors who are engaged on our behalf) and business partners, we will ensure that the transfer
is lawful.
8. What are your rights?
Under the GDPR and relevant implementation acts, individuals have statutory rights related to their
Personal Data. Please note that rights are not absolute and may be subject to conditions.
One key right is the Right to object. You have the right to object to processing of your Personal Data
where we are relying on legitimate interests as our legal basis (see above). Under certain
circumstances, we may have compelling legitimate grounds that allow us to continue processing your
Personal Data. Insofar as the processing of your Personal Data takes place for direct marketing
purposes, including profiling for direct marketing, we will always honor your request.
Other rights are as follows:
Right to withdraw consent. Insofar as our processing of your Personal Data is based on your consent
(see above), you have the right to withdraw consent at any time.
Right of access. You have the right to request access to your Personal Data.
Right to rectification. You have the right to request rectification of the Personal Data that we hold
about you.
Right to erasure. You have the right to request erasure of your Personal Data. This enables you to ask
us to delete or remove Personal Data in certain circumstances.
Right to restriction. You have the right to request restriction of processing of your Personal Data.
Right to data portability. In some cases, you have the right to request to transfer your Personal Data
to you or to a third party of your choice.
The exercise of the aforementioned rights is free of charge and can be carried out by contacting us
at info@binusu.com.
Before responding to your request, we will verify your identity and / or ask you to provide us with
more information to respond to your request, if we have any doubts about your identity. We will do our
best to respond to your request within one month, unless your request is particularly complex (for
example if your request concerns a large amount of sensitive data). In such a case, we will inform you
of the need to extend this response time by two additional months.
9. How about children’s privacy?
Binusu.com does not address anyone under the age of 18. We do not knowingly collect personally
identifiable information from anyone under the age of 18. If you are a parent or guardian and you are
aware that your child has provided us with Personal Data, please contact us at info@binusu.com. If we become aware that
we have collected Personal Data from children without verification of parental consent, we take steps
to remove that information from our servers.
10. What happens if we make changes to this Privacy Policy?
We may update this policy to reflect changes to our information practices but we will not reduce your
rights under this Privacy Policy without your express consent. We will post any changes to this page
and, if the changes are significant, we will provide a more prominent notice. We will also keep prior
versions of this Privacy Policy in an archive for your review. We encourage you to periodically review
our Privacy Policy for the latest information on our privacy practices and to contact us if you have
any questions or concerns.
11. Contact Information
You may contact us with questions or concerns about our privacy policies or practices at