Privacy Policy

ORBRUS PRIVACY POLICY

Last Updated: October 29, 2025

Your Gateway to Crypto Mastery

At ORBRUS (“we,” “us,” or “our”), your privacy and the security of your personal data are foundational to our mission of building a trusted, transparent, and user-centric digital finance ecosystem. This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you access or use ORBRUS.COM, our mobile applications (iOS and Android), APIs, Cold Wallet, ORBRUS Earn, Launchpad, and all related services (collectively, the “Services”).

By using our Services, you consent to the practices described in this policy. If you do not agree, please do not access or use ORBRUS.

1. Information We Collect

We collect information necessary to provide secure, compliant, and personalized crypto services:

a) Personal Identification Information

To comply with global anti-money laundering (AML) and know-your-customer (KYC) regulations, we collect:

  • Full legal name
  • Date of birth
  • Government-issued ID (passport, driver’s license, national ID)
  • Selfie or biometric verification image
  • Residential address
  • Phone number and email address

b) Financial & Transaction Data

  • Cryptocurrency wallet addresses
  • Deposit and withdrawal records
  • Trading history (spot, margin, futures, P2P)
  • Fiat payment details (card last 4 digits, bank account info—never full card numbers)
  • ORBRUS Earn activity (staking, lending, dual investment)

c) Technical & Usage Data

  • IP address, device type, operating system, browser type
  • App usage patterns, session duration, feature interactions
  • Cookies and similar tracking technologies (see Section 6)
  • Geolocation (with consent, for regional compliance and fraud prevention)

d) Communications

  • Support tickets, emails, chat logs
  • Feedback, survey responses, and community forum posts
90
UI/UX Design
85
Development
77
SEO & Marketing
Your Gateway to Crypto Mastery

2. How We Use Your Information

We use your data only for legitimate business purposes, including:

  • Providing and improving our Services (e.g., executing trades, processing deposits, enabling staking)
  • Verifying identity and preventing fraud through automated and manual KYC/AML checks
  • Complying with legal and regulatory obligations (e.g., reporting to financial authorities where required by law)
  • Securing your account via anomaly detection, multi-factor authentication (MFA), and threat monitoring
  • Communicating with you about service updates, security alerts, and policy changes
  • Personalizing your experience (e.g., market alerts, relevant product recommendations)
  • Conducting internal analytics to enhance platform performance and user experience

We do not sell, rent, or monetize your personal data to advertisers or third-party data brokers.

3. Legal Basis for Processing (GDPR/Global Compliance)

Depending on your jurisdiction, our legal bases include:

  • Contractual necessity: To deliver services you request (e.g., buying crypto)
  • Legal obligation: To fulfill KYC/AML, tax, and financial regulatory requirements
  • Legitimate interest: For fraud prevention, cybersecurity, and service optimization
  • Consent: For optional features like marketing emails or location access (you may withdraw consent anytime)

4. Data Sharing & Disclosure

We do not share your personal data except in the following limited circumstances:

a) Service Providers

Trusted third parties assist us with:

  • Identity verification (e.g., Onfido, Jumio)
  • Cloud infrastructure (AWS, Google Cloud – SOC 2 certified)
  • Payment processing (Stripe, bank partners)
  • Customer support (Zendesk)
  • Security monitoring (CrowdStrike, SentinelOne)

All vendors are bound by strict data processing agreements and confidentiality obligations.

b) Regulatory & Legal Compliance

We may disclose information if required by law, subpoena, or government request (e.g., financial intelligence units, tax authorities), or to protect our rights, users, or public safety.

c) Business Transfers

In the event of a merger, acquisition, or asset sale, user data may be transferred under confidentiality and privacy safeguards.

d) With Your Consent

Only when you explicitly authorize (e.g., sharing portfolio data with a third-party analytics tool via API).

1. Information We Collect

We collect information necessary to provide secure, compliant, and personalized crypto services:

a) Personal Identification Information

To comply with global anti-money laundering (AML) and know-your-customer (KYC) regulations, we collect:

  • Full legal name
  • Date of birth
  • Government-issued ID (passport, driver’s license, national ID)
  • Selfie or biometric verification image
  • Residential address
  • Phone number and email address

b) Financial & Transaction Data

  • Cryptocurrency wallet addresses
  • Deposit and withdrawal records
  • Trading history (spot, margin, futures, P2P)
  • Fiat payment details (card last 4 digits, bank account info—never full card numbers)
  • ORBRUS Earn activity (staking, lending, dual investment)

c) Technical & Usage Data

  • IP address, device type, operating system, browser type
  • App usage patterns, session duration, feature interactions
  • Cookies and similar tracking technologies (see Section 6)
  • Geolocation (with consent, for regional compliance and fraud prevention)

d) Communications

  • Support tickets, emails, chat logs
  • Feedback, survey responses, and community forum posts
90
UI/UX Design
85
Development
77
SEO & Marketing
Your Gateway to Crypto Mastery

5. Data Security & Storage

Your security is non-negotiable. We implement industry-leading safeguards:

  • Encryption: AES-256 encryption at rest and in transit (TLS 1.3)
  • Cold Storage: 98% of user crypto assets held offline in multi-sig cold wallets
  • Access Controls: Role-based permissions, biometric authentication, and hardware security modules (HSMs)
  • Audits: Regular penetration testing and third-party security audits (SOC 2 Type II compliant)
  • Insurance: $500 million in custodial asset insurance

Data Retention:
We retain personal data only as long as necessary:

  • Active accounts: During use + up to 5 years post-closure (for legal/regulatory compliance)
  • KYC documents: 5–7 years (as required by financial regulations)
  • Log data: Up to 12 months (unless needed for investigations)

6. Cookies & Tracking Technologies

We use cookies and similar tools to:

  • Maintain secure sessions
  • Analyze site traffic (via anonymized Google Analytics)
  • Prevent bot attacks and abuse
  • Remember preferences (e.g., language, theme)

You can manage cookie preferences via your browser settings. Disabling essential cookies may limit platform functionality.

7. Your Privacy Rights

Depending on your location (e.g., under GDPR, CCPA, or other privacy laws), you may have the right to:

  • Access your personal data
  • Correct inaccurate or incomplete information
  • Delete your account and data (subject to legal retention requirements)
  • Restrict or object to certain processing
  • Data portability (receive your data in a structured, machine-readable format)
  • Withdraw consent for marketing or optional data uses

To exercise these rights, contact us at Support@orbrus.com with “Privacy Request” in the subject line. We respond within 30 days.

8. Children’s Privacy

ORBRUS does not knowingly collect data from individuals under 18 years of age. If we become aware of such data, we will promptly delete it.

9. International Data Transfers

ORBRUS operates globally, with data centers in Switzerland, Singapore, and the United States. We ensure all international transfers comply with applicable data protection laws (e.g., EU Standard Contractual Clauses) and maintain equivalent security standards worldwide.

10. Changes to This Policy

We may update this Privacy Policy to reflect changes in our practices or legal requirements. The “Last Updated” date at the top will be revised accordingly. Continued use of ORBRUS after changes constitutes acceptance.

11. Contact Us

For questions, requests, or concerns about this Privacy Policy or your data:

📧 Email: Support@orbrus.com
📍 Data Protection Officer (DPO): dpo@orbrus.com
🏢 Registered Address:
ORBRUS AG
Bahnhofstrasse 32
6300 Zug, Switzerland

You also have the right to lodge a complaint with your local data protection authority.

Your trust powers our innovation. At ORBRUS, privacy isn’t a feature—it’s our promise.

© 2025 ORBRUS.COM — All Rights Reserved.

90
UI/UX Design
85
Development
77
SEO & Marketing