New features available Trusted by thousands Join the community New features available Trusted by thousands Join the community

Privacy Policy

Effective date: 1 January 2026

Data We Collect

decredit collects personal data required to operate a regulated cryptocurrency exchange. This includes your full name, email address, date of birth, government-issued ID, proof of address, and device/IP information at login.

When you trade, we record transaction data including amounts, timestamps, wallet addresses, and order types. This data is required for regulatory compliance and account security purposes.

How We Use Your Data

Your data is used to verify your identity, process transactions, detect fraud, and comply with AML/KYC regulations. We also use aggregated, anonymized data to monitor platform performance and improve trading features. We do not sell your personal information to third parties.

Cookies

decredit uses essential cookies to maintain your session and remember security preferences. We also use analytics cookies to understand how users interact with the platform — these can be disabled in your browser settings without affecting core trading functionality.

A full cookie inventory is available in your account settings under Privacy Preferences. You can withdraw consent for non-essential cookies at any time. Withdrawing consent does not affect the lawfulness of prior processing.

Data Sharing

We share identity data with our licensed KYC verification provider and, where legally required, with financial regulators and law enforcement. Payment processors receive only the transaction data they need to complete your request. All third parties are contractually bound to handle your data securely.

Data Security

All personal data at decredit is encrypted at rest using AES-256 and in transit using TLS 1.3. Access to personal data is restricted to authorized staff on a need-to-know basis, with all access events logged and audited.

We conduct independent third-party security audits annually. Our infrastructure is hosted in ISO 27001-certified data centers. In the event of a data breach affecting your personal information, decredit will notify you within 72 hours as required by applicable law.

Your Rights

You have the right to access, correct, or request deletion of your personal data. You can also request a portable copy of your data in machine-readable format. Submit requests to info@decredit.io — we respond within 30 days. Note that some data must be retained for regulatory compl info@decredit.io iance even after account closure.

Third-Party Links

The decredit platform may contain links to external websites or services. We are not responsible for the privacy practices of those sites. Review their policies independently before sharing personal information.

Data Retention

Account and transaction data is retained for a minimum of 5 years after account closure to meet AML record-keeping requirements. Analytics data is anonymized after 24 months. You may request earlier deletion of non-regulatory data by contacting our privacy team.

Policy Updates

When material changes are made to this Privacy Policy, decredit will notify you by email at least 14 days before the changes take effect. The current version is always accessible at decredit/privacy, with the effective date clearly stated at the top.