CNPJ 37484255000187



Privacy Policy


We, at Trading BitBaxter Markets (referred to in this policy as “we”, “us” or “BitBaxter Markets”, “the Company”, or “the Firm”) really value your privacy. We are committed to the protection of your personal data, and don’t access or use it for any purpose other than providing, maintaining and improving our services, and as otherwise required by law. To open and maintain client accounts, we obtain and hold personal information.

This policy outlines how we manage such information to ensure we meet our obligations to respect our clients’ privacy and that all such information remains confidential. The policy explains our binding obligations which come from the terms of:

the Protection of Natural Persons With Regard to the Processing of Personal Data and for the Free Movement of Such Data Law of 2018 (the “Law”) which was adopted for the effective implementation of certain provisions; and any applicable data protection law as amended from time to time.

All words and phrases highlighted and not defined in this Privacy Policy, shall have the same meaning as defined in our Invest Terms and CFD Terms (as applicable).

Who are we?

Trading BitBaxter Markets is the data controller. This means we are responsible for determining the purpose and manner in which your personal data is use.

We are committed to doing the right thing when it comes to how we collect, use and protect your personal data and that is why we’ve developed this privacy policy (“Policy”), which:

  • Sets out the different ways you interact with us and the types of personal data that we collect;

  • Explains the reasons why we use the data we collect;

  • Explains when and why we will share personal data with in Trading BitBaxter Markets

Markets Group (as defined below) and with other organizations; and

  • Explains the rights and choices you have when it comes to your personal data.

Our details

Trading BitBaxter Markets is a Brasil Investment Firm incorporated under the laws of Brasil.It is regulated as a Brasil Investment Firm by Brasil Securities and Exchange Commission.

Trading BitBaxter Markets Email:


We may share your personal data within the wider Trading BitBaxter Markets Group ( comprising of Trading BitBaxter Markets. and its Group Companies, which may process your personal data for regulatory, commercial, or other reasons.

What do we mean by personal data?

Personal data is any information relating to you or data that may be used to identify you.

As a client of ours,you provide us with some of your personal data,which will include your name, telephone number,e-mail address,ID and other documentation that we may need.It

may also include IP addresses, device, browser information and other account usage information, which in some circumstances may be used to identify you.

What sort of information do we need and why?

When you access our Website or our Trading Platform, we may collect personal data when you connect to the Platform, sign up to receive information from us, participate in trading, create an account, contact us, or other use of our services.

We process the personal data we receive from you as part of our contractual relationship with you when you sign up to our Services. We do this under the legal grounds of ‘legitimate interests pursued’. We may also process data that we have legitimately received from publicly available sources and identification databases. The types of personal data we need and the reasons we need it, are detailed below:

What do we collect?


Without limitation, your full name, country of residence, your address, date of birth, nationality, national insurance number/tax ID and or related tax identification information, email address or other contact information.

To establish and to identify you.

Information about your financial status (i.e. income and savings) or other financial information about your professional and employment details, trading history and other personal information

To prevent fraud and determine whether our Services are appropriate for you

IBAN details and other payment processing information as requested by the respective payment services providers

To facilitate your funding and withdrawal requests

Your ID card, driving license or passport and other public or private issued documents that can be used as a proof of address (e.g. utility bill or, bank statement) or any further documents, photo or video evidence that may be required

To verify your identity and perform KYC checks.

Information about you through your use of our Website and our Trading Platform. like Such information may include, among others, site areas visited, pages viewed, frequency and duration of your visit, the Internet Protocol (IP) address used to connect your computer to the Internet, your login information, your geographic location, your browser and browser plug-in type and version, your operating system and platform, and other indirect personal data.

To help improve our Services to you. (Whenever we process such information, we will always endeavor to use it on an aggregated and anonymized basis)

Any other personal information

In order to comply with applicable rules, laws and regulations.

Any other personal information which may be needed to comply to settle any disputes or mount a legal deference.

In order to enable us to comply to settle any disputes or mount a legal deference.

Any type of electronic communication such as letters, emails, chat messages, and telephone conversations.

To offer our Services to you.

Any personal information resulting from the ‘Know Your Customer’ and ‘Anti Money Laundering checks.

To enable us to continue to fight against money laundering and terrorist financing.

How is your personal data collected?

We collect most of this personal data directly from you, by email, chat and/or via our Website/Trading Platform. However, in some instances:

  1. We will request this information from you through our application form and also use our own records and information from other sources for compliance with legal and regulatory obligations.

  2. The processing and storage of your personal data are necessary to provide you with the Services described in Trading BitBaxter Markets CFD Terms and Invest Terms and to comply with our regulatory obligations.

  3. If you choose not to provide some of the requested information to us, we may not be able to onboard you as a new client or cease services provided under an existing agreement.

  4. This may result in the termination of that agreement as we will not be able to fulfill our contractual and regulatory obligations.

We keep the information as up-to-date as possible, and will change any details, such as your address, promptly when you let us know that they have changed.

Your use of the Website and related mobile applications and online services involves the automated collection of certain types of information ,some of which may be considered personal information.

This information includes : IP address , browser type and operating system.

In addition, the Website uses a range of cookies to improve and personalize your experience.

Why do we need this information and on what legal basis is the data processed?

Lawfulness of processing

We will process your personal data (to collect, use, store and transfer, if we may need to): to perform Trading BitBaxter Markets CFD Terms and/or the Invest Terms (together referred to as the‘‘Agreement’’)agreed between You and Us and provide our Services (the ‘‘Services’’); If you ask us to open a demo/practice account for you; to comply with any and all legal and regulatory obligations such as the:

    • Investment Services and Activities and Regulated Markets Law of 2017

    • Anti-money laundering and countering terrorist financing regulations;

    • any applicable tax legislation etc.;

    • providing information to financial crime authorities of suspicious money-laundering transactions;

    • in the context of financial criminal proceedings, to provide information to tax authorities.

    • For our legitimate interests. What this means is, for example, in case we are obliged to provide a reference about you to a public authority or agency to comply with a legal obligation,

    • or to ensure that we provide you with the best trading services and information we can and to continue improving our products in your best interest.

Please note we may do so without notice.

If you have given us consent– for example, for marketing and promotional purposes. If you have granted us consent to process your personal data for marketing purposes, it will only take place to the extent and for the purposes set out in the declaration of consent and to the extent agreed therein. Any consent given may be revoked at any time by you with future effect.

Just so you know, in order to meet some of the above requirements, we may sometimes have to use automated decision-making and profiling. You may request human intervention; however, you will not be able to object to such processing.


We will process and analyze your direct personal data (such as your name, date of birth, ID, etc.) and indirect personal data (such as analytics and tracking data) in combination with your use of your account for the purposes of:

  1. providing the Services to you as part of our Agreement;

  2. verifying your identity and opening and managing your account;

  3. meeting our regulatory obligations;

  4. processing requests for you relating to the Services (such as deposit and withdrawals, transactions, tax and other information demands);

  5. managing our relationships with you by electronic, telephone or chat communication;

  6. entering into and executing transactions with financial instruments;

  7. opening a demo/practice account with us;

  8. having chat or email communication;

  9. If we need to conduct a risk assessment as prescribed by applicable legal provisions by collecting and archiving required documentary evidence regarding your identity. (Just so you know these assessments may include automated decisions when we, or a reputable third party, is carrying out financial crimes checks);

  10. If we need to conduct risk management control, data analysis and global supervision of your ongoing needs;

  11. To enhance, improve and personalize our Services to better your experience;

  12. To provide you with market information which we believe may be relevant or interested to you;

  13. To send you important account and Services related data. (Just so you know these may be by different communication channels, such as surveys, in-app notifications, platform messages and emails);

  14. preventing misuse and fraud, demonstrating business transactions and communications;

  15. managing transactions surveillance and monitoring and complying with reporting obligations;

  16. managing risks, disputes, complaints, litigation or in the context of prosecution;

  1. marketing communications with you about updates to our products and services and informing you about any promotions offered by us, as long as it is in our legitimate interest or you have consented to receive such communications, have not choose to opt-out of them (you can always change your mind); and

  2. providing the Services requested by you and carried out in relation to any other agreement between us.

Who receives your personal data?

Your personal data is received and processed by employees of Trading BitBaxter Markets, for the execution of contractual, legal and regulatory obligations. Further, we may disclose, when we identify disclosure or transmission is necessary to satisfy the purposes set out above, to the following recipients:

  1. Other companies within Trading BitBaxter Markets Group. This data may be transferred in order to allow us to provide a full service to you, where other companies within Trading BitBaxter Markets Group perform components of the full service offering including but not limited to financial, IT maintenance or support services;

  2. Any lawyers, external auditors or advisors, professional consultants, credit reference agencies, notaries, bailiffs, as well as any courts, regulatory, governmental, administrative and/or other official bodies as agreed or may be required by law, where such disclosure is necessary (i) to comply with any applicable law or regulation; (ii) to enforce applicable terms and conditions or policies; (iii) to protect the security or integrity of our services; and (iv) to protect our rights and interests;

  3. third-party service providers that provide IT services, advisory and consultancy services, research, marketing services, identity verification checks, banking and payment processing services, insurance or other services to Trading BitBaxter Markets, which are only authorized to process your personal data strictly for the purposes of providing these services and in accordance with our instructions. If applicable, we will enter with such third-party service providers into the relevant contractual agreements or the standard data protection clauses that would be required under the relevant data protection laws to ensure compliance with our instructions; and

  d. third parties as part of mergers and acquisitions provided that the prospective buyer or seller agrees to respect your personal data in a manner consistent with our Privacy Policy.

We will require any entity to whom we disclose your information or who may obtain it on our behalf to ensure its confidentiality and to handle it in line with the legitimate purpose for which they are allowed to access it and in accordance with the applicable data protection laws.

We will not sell your information with third parties for their own independent marketing or business purposes without your consent.

Transferring information internationally

Personal data may be held at our offices and with in Trading BitBaxter Markets companies, Group

third-party agencies, service providers, representatives, auditors, lawyers and agents as described above. Some of these third parties may be based outside the EU and outside Brasil.

Under data protection law, we may only transfer your personal data to a country or international organization outside the EU/EEA/Brasil where:

  1. the European Commission and Brasil has decided the particular country or international organization ensures an adequate level of protection of personal data. (known as an‘adequacy decision’);

  2. there are appropriate safeguards in place, together with enforceable rights and effective legal remedies for data subjects; or

  3. a specific exception applies under data protection law.

Adequacy decision

We may transfer your personal data to certain countries, on the basis of an adequacy decision between EU/EEA/Brasil and other jurisdictions. The list of countries that benefit from a dequacy decisions will change from time to time. We will always seek to rely on an adequacy decision, where one exists.

Other countries we are likely to transfer personal data to do not have the benefit of an adequacy decision. This does not necessarily mean they provide poor protection for personal data, but we must look at alternative grounds for transferring the personal data, such as ensuring appropriate safeguards are in place or relying on an exception, as explained below.

It may be shared with other Group companies, processed by staff working for us or for one of our suppliers, located outside the EU and/or the EEA and Brasil. Such personnel may, for example, be involved in the execution of our support services. We will take all necessary steps to ensure that your personal data is treated securely and in accordance with this Privacy Policy and have adopted appropriate safeguards to protect it.

Transfers with appropriate safeguards

Where there is no adequacy decision, we may need to transfer your personal data to another country. We will only do this if we are satisfied the transfer complies with data protection law, appropriate safeguards are in place, and enforceable rights and effective legal remedies are available for you, as data subjects.

The safeguards we will usually look for include using legally-approved standard data protection contract clauses. In this way, we will make binding arrangements with such third parties so that your information is protected to the same standards as it is in the EU and the EEA and Brasil.

How long will your data be stored?

We will process your personal data for the entire duration of the Agreement you have concluded with us and for a period of 5 (five) years after the termination of the Agreement. We have to do this to comply with the applicable anti-money laundering legislation and legal safe-keeping obligations. Further, any personal data will not be retained for longer than the time necessary in order to satisfy the purposes of its processing, subject to the general statutory limitation periods and the 5 (five) year retention period where the applicable laws require that the personal data is retained for a certain period after the termination of our business relationship with you.

What are your rights?

You have a number of rights when it comes to how we handle your data. Some of these are the:

  1. Right of access:

You can access and obtain information about your personal data – you have the right to request what information (if any) we process for you and if so, provide you with information containing your personal data and a copy of that personal data undergoing processing. This is called a Subject Access Request (SAR). You can submit a SAR to us using the link below: or alternatively, by using the details in the ‘How to contact us’ section below or by directly contacting the DPO officer at   Just so you know, to request information, we will need to verify your identity. If you require additional copies, we may need to charge a reasonable administration fee for requests, and reserve the right to reject requests that we deem are manifestly unfounded. Upon receiving a request from you and/or upon the receipt of the applicable fee, we will acknowledge your request and respond to you within one month from filing your request.

  1. Right to rectify:

You can rectify any factual inaccuracies or incompleteness with respect to your personal data. If the personal data we hold about you is inaccurate or incomplete, you can may ask us to correct it. When we receive such a request from you, we will acknowledge it and respond to you within one month of filing your request. If we have shared your personal information with others, we will let them know about the rectification where possible.

  1. Right to erasure:

You can request deletion of your personal data – you can ask us to delete or remove your personal data in cases where we no longer need it. However, please note that such request will be satisfied provided that we have no legal obligation to retain such data and will be subject to any retention periods we are required to comply with in accordance with applicable laws and regulations as specified in section “How long will your data be stored’’ above.

  1. Right to restrict processing:

You can request restriction of processing – you can ask us to restrict the processing of your personal data in certain circumstances such as when you don’t think the

information is accurate. We will verify the accuracy of your personal data or in case you deem the processing is unlawful. Such an objection may not impede us from storing your personal information. It may be the case that where we cannot restrict certain processing, we will offer to end our relationship with you.

  1. Right to object:

You can object to the processing of personal data by us – you can ask us to terminate the processing of your personal data, and we will comply with such request in cases where your personal data is processed for the purposes of direct marketing or research (if applicable) or if we are relying on our own legitimate interests to process your data.

  1. Right to data portability:

You can request portability of your personal data – you have the right, when applicable, to receive the personal data you have provided to us in a structured, commonly used and machine-readable format and to transmit those data to another entity (data controller) of your choice when this is technically possible.

  1. Right to complain:

You can lodge a complaint with a supervisory authority – you have the right to lodge a complaint regarding our processing of your personal data with your supervisory authority.

Please contact us using the contact details provided below to make a request in respect of your rights. We will will do our best to respond to your request within 30 days of receiving such a request. If we cannot hon our your request within the 30-day period, we will let you know the reasons why and when we expect to be able to fulfill your request.

How do we safeguard your personal data?

We put a lot of effort and apply the highest technical and organizational standards, ensuring that your personal data is secured and kept confidential. Any personal data that you provide to us is stored on secure servers, and we use rigorous procedures to protect against loss, misuse, unauthorized access, alteration, disclosure, or destruction of your personal data. We protect your personal information by maintaining physical, electronic, and procedural safeguards in compliance with the applicable laws and regulations. Part of

the measures that we apply to provide a high level of security in terms of personal data management include, among others:

  1. Pseudonymous – we process your personal data in such a manner that it can no longer be attributed to a specific person without the use of additional information which additional information is kept separately and is subject to specific technical and organizational measures to ensure that the personal data is not attributed to an identified or identifiable natural person;

  2. Hashing/Encryption – we may apply cryptographic methods which convert certain information or data into a code to make it unreadable for unauthorized users;

  3. Minimization – the personal data we demand from you is adequate, relevant and only limited to what is necessary in relation to the purposes for which such data is processed;

  4. Strict internal control on access to your personal data – access to your personal data is allowed only to those of our employees who need such verification to properly exercise their professional duties;

  5. Penetration testing – we perform regular scanning and penetration testing and services to identify potential security vulnerabilities and apply the relevant remedies to rectify them;

  6. Education – we ensure our management and employees have the right training and stay up-to-date with the most recent challenges and developments to manage your data to ensure it remains confidential and integral.

We maintain security and incident response plans in the event of a physical or technical incident to handle this in a timely manner and limit any negative effect of such incident. Although we work hard to protect your personal data, we cannot guarantee that our safeguards will prevent every unauthorized attempt to access, use or disclose personal data.

Your role:

Please recognize that you play a vital role in protecting your own personal data. When opening an account with us, it is important to choose a password of sufficient length and complexity, not reveal this password to any third parties, and immediately notify us if you become aware of any unauthorized access to/use of your account. If you believe that any of your account login details have been or might have been exposed, you can change your

password at any time through our Website, as well as immediately contact our customer service. Given the nature of communications and information processing technology, we cannot guarantee that information transmitted through the Internet will be completely safe from intrusion by others.

Heads up, it is your responsibility to ensure your password is kept safe.

How will we store your personal data?

Your information will be held on our secure computer systems. We have in place systems and procedures to prevent unauthorized access, improper modification or disclosure, misuse or loss of information.

We need to hold your information for 5 (five)years after you have provided it to us, even if we no longer have a contractual relationship with you or otherwise . Once we consider that such information is no longer needed,we will destroy it.

How to contact us and how to complain?

If you have any questions with regard to your rights or the present policy or if you consider that we have failed to respect your confidentiality, you may contact us by:



We inform you that we use video surveillance in our offices and if you visit any of our office premises , you may be subject to video recording . We are also obliged bylaw to record all our telephone conversations with clients.

You may also contact our Data Protection Officer about any request you have related to your personal data at:


If you are not satisfied with our responses to your complaint in respect of your personal data, you have the right to lodge a complaint with the Commissioner for Personal Data Protection at:

please contact us


Linking to Other Websites

If you access links on the Website to third party websites which are not owned by Trading BitBaxter Markets, or if you access the Website through links from other websites, please be aware that these websites have their own privacy policies. We do not accept any responsibility or liability for these privacy policies. You should check and review these privacy policies before you submit any personal data to these websites.

Changes to This Privacy Policy

We may change this Privacy Policy from time to time without notice to you by posting the updated version on our Website. Laws, regulations and industry standards evolve, which may make those changes necessary, or we may make changes to our business. We advise you to review this policy regularly to stay informed and to make sure that you are happy with any changes. If you disagree with the changes to this Privacy Policy, you should discontinue your use of the Website or related Services.

Personal Data Breaches

The GDPR introduces a duty on all organizations to report certain types of personal data breach to the relevant supervisory authority. The Company is obliged to do this within 72 hours of becoming aware of the breach, where feasible following its framework for reporting and managing data security breaches affecting personal or sensitive data held by the Company.

If the breach is likely to result in a high risk of adversely affecting individuals’ rights and freedoms, The Company is required to also inform those individuals/data subjects without undue delay.

The below procedures are there to provide a framework for reporting and managing data security breaches affecting personal or sensitive data held by the Company.

A personal data breach is defined as having the potential to affect the confidentiality, integrity or availability of personal data held by the Company in any format. Such breaches may happen for any number of reasons, including:

  1. The disclosure of confidential data to unauthorized persons;

  2. Loss or theft of data and/or equipment on which data is stored;

  3. Inappropriate controls allowing for unauthorized use of information;

  4. Breaches in the Company’s IT systems and security;

  5. Unauthorized access to computer systems, e.g. hacking;

  6. Viruses or other security attacks;

  7. Breaches of physical security where data is kept;

  8. Leaving IT equipment unattended, allowing unauthorized access;

  9. Emails containing personal data sent in error to the wrong recipient.

Legal Disclaimer

The Company may disclose your personally identifiable information as required by rules and regulations, and when the Company believes that disclosure is necessary to protect our rights and/or to comply with any proceedings, court order, legal process served or pursuant to governmental, intergovernmental or other regulatory bodies.

The Company shall not be liable for misuse or loss of personal information or otherwise on the Company’s website(s) that the Company does not have access to or control over. The Company will not be liable for unlawful or unauthorized use of your personal information due to misuse or misplacement of your passwords, negligent or malicious intervention and/or otherwise by you or due to your acts or omissions or a person authorized by you (whether that authorization is permitted by the terms of our legal relationship with you or not).

Leading version

This Policy can be translated into different languages. If there are any inconsistencies between different language versions, the English language version shall prevail.

Last updated: 08.09.2023

When investing, your capital is at risk. Investments can rise and fall and you may get back less than you invested.

Wait for answer on email or telegram