BuyKoinsBack to Home

Privacy Policy

Last updated: February 2025

1. Who We Are

BuyKoins ("we," "us," or "our") operates as a creator agency that facilitates the withdrawal of creator earnings from supported platforms (including TikTok) to creators. This Privacy Policy explains how we collect, use, disclose, and protect your personal data when you use our website, services, and related platforms. We are the data controller in respect of the personal data we process for our agency services.

2. Data We Collect

We may collect and process the following categories of personal data:

  • Identity and contact information: name, email address, phone number, date of birth (where required for verification).
  • Account and authentication data: login credentials, account identifiers, and (where you sign in via a third party such as TikTok) the identifiers and profile information (e.g., display name, avatar) that the platform provides to us with your consent.
  • Financial and payment data: bank account details, payment method information, transaction history, and earnings-related data necessary to process withdrawals and comply with financial regulations.
  • Identity verification and KYC data: government-issued ID details, proof of address, or other information we or our regulated partners require for anti–money laundering (AML), know-your-customer (KYC), or fraud prevention.
  • Technical and usage data: IP address, device information, browser type, log data, and information about how you use our website and services (e.g., pages visited, actions taken).
  • Communications: records of your communications with us (e.g., support tickets, chat logs) and any feedback you provide.

3. How We Use Your Data

We use your personal data for the following purposes:

  • To create and manage your account and to authenticate you (including via third-party sign-in where you choose that option).
  • To verify your identity and eligibility in line with AML, KYC, and platform requirements.
  • To facilitate and process the receipt and withdrawal of your creator earnings, including sharing necessary data with payment partners and supported platforms.
  • To communicate with you about your account, transactions, security, and support requests.
  • To comply with legal and regulatory obligations (e.g., tax, anti-fraud, sanctions screening).
  • To protect the security and integrity of our services and to detect, prevent, and investigate fraud or abuse.
  • To improve our services, carry out analytics (in anonymised or aggregated form where possible), and to personalise your experience where lawful.
  • To send you service-related or marketing communications where you have consented or where we have a legitimate interest and the law allows.

4. Legal Basis for Processing

We process your personal data on the following bases: (a) performance of a contract—to provide our agency and withdrawal services; (b) legal obligation—to meet AML, KYC, tax, and other regulatory requirements; (c)legitimate interests—to operate and secure our services, prevent fraud, and improve our offerings, where not overridden by your rights; and (d) consent—where we have asked for your consent (e.g., for marketing or for linking a third-party account). You may withdraw consent where it applies, without affecting the lawfulness of processing before withdrawal.

5. Sharing and Disclosure

We may share your personal data with:

  • Supported platforms and payment partners—to facilitate earnings and withdrawals and to comply with their and our policies.
  • Service providers—such as hosting, analytics, identity verification, and payment processors, who process data on our instructions and are bound by confidentiality and data protection obligations.
  • Regulators and authorities—when required by law (e.g., tax, AML, court order) or to protect our or others' rights and safety.
  • Professional advisers—e.g., lawyers or auditors, where necessary for our legitimate business purposes.

We do not sell your personal data to third parties for their marketing purposes.

6. Data Retention

We retain your personal data for as long as necessary to provide our services, comply with legal and regulatory obligations (e.g., tax and AML retention periods, which may extend several years), resolve disputes, and enforce our agreements. When data is no longer needed, we securely delete or anonymise it in accordance with our retention policy and applicable law.

7. Your Rights

Depending on your jurisdiction, you may have the right to:

  • Access—request a copy of the personal data we hold about you.
  • Rectification—request correction of inaccurate or incomplete data.
  • Erasure—request deletion of your data, subject to legal and contractual exceptions.
  • Restriction—request that we limit processing in certain circumstances.
  • Data portability—receive your data in a structured, machine-readable format where applicable.
  • Object—object to processing based on legitimate interests or for direct marketing.
  • Withdraw consent—where processing is based on consent.
  • Complain—lodge a complaint with a supervisory authority in your country.

To exercise these rights, please contact us using the support or contact options in your dashboard or on our website. We will respond within the timeframes required by applicable law. In Nigeria, you may have additional rights under the Nigeria Data Protection Regulation (NDPR); we will honour them where they apply.

8. Security

We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, loss, or misuse. These include encryption, access controls, and secure processing by our partners. No method of transmission or storage is completely secure; we encourage you to use strong credentials and to protect your account information.

9. Cookies and Similar Technologies

We use cookies and similar technologies to operate our website, authenticate users, remember preferences, and analyse usage. You can manage cookie preferences through your browser settings or our cookie banner where provided. Disabling certain cookies may affect the functionality of our website.

10. International Transfers

Your data may be processed in or transferred to countries outside your residence, including for hosting and service providers. We ensure that such transfers are subject to appropriate safeguards (e.g., standard contractual clauses or adequacy decisions) as required by applicable data protection law.

11. Children

Our services are not directed at individuals under the age of 18. We do not knowingly collect personal data from children. If you believe we have collected data from a child, please contact us and we will take steps to delete it.

12. Changes to This Policy

We may update this Privacy Policy from time to time. We will notify you of material changes by posting the updated policy on our website and updating the "Last updated" date, or by email or in-app notice where appropriate. We encourage you to review this policy periodically. Your continued use of our services after the effective date of changes constitutes acceptance of the updated policy.

13. Contact

For questions about this Privacy Policy or to exercise your data protection rights, please contact us via the support or contact options available in your dashboard or on our website.