Digitop
Back to Home
Legal Document

Privacy Policy

This Privacy Policy describes how DigiTop collects, uses, and discloses your personal information when you use our services.

Last Updated: February 25, 2026

1. Introduction

DigiTop ("we," "our," or "us") is committed to protecting the privacy and security of your personal data. This Privacy Policy outlines our practices regarding the collection, use, and disclosure of your information when you access our website, use our API, or engage with our payment processing services (collectively, the "Services").

We adhere to applicable data protection laws, including the Personal Information Protection Law (PIPL) of the People's Republic of China, the Data Security Law, and other relevant local financial regulations. By using our Services, you acknowledge that you have read and understood this policy.

2. Information We Collect

We collect several types of information from and about users of our Services, including:

2.1 Information You Provide to Us

  • Identity Data: Full name, date of birth, nationality, and government-issued identification numbers (e.g., passport or tax ID) required for KYC/AML compliance.
  • Contact Data: Email address, mailing address, billing address, and telephone numbers.
  • Financial Data: Bank account details, payment card numbers (PAN), expiration dates, and cardholder names. Note: We do not store sensitive card data (CVV/CVC) except as permitted by PCI DSS standards.
  • Profile Data: Username, password, preferences, feedback, and survey responses.

2.2 Information We Collect Automatically

  • Technical Data: Internet Protocol (IP) address, login data, browser type and version, time zone setting, operating system, and platform.
  • Usage Data: Information about how you use our website, products, and services, including clickstream data and page interaction information.
  • Device Data: Unique device identifiers, hardware model, and mobile network information.

2.3 Information from Third Parties

We may receive data about you from third parties, such as credit reference agencies, fraud prevention agencies, and identity verification partners, to fulfill our legal obligations and prevent fraud.

4. How We Use Data

We use your personal data for the following purposes:

Transaction Processing

To authorize, settle, and clear payment transactions, and to facilitate chargeback and refund management.

Risk Management & Compliance

To verify your identity (KYC), detect and prevent fraud, money laundering, and terrorist financing, and to comply with sanctions lists.

Service Improvement

To analyze usage patterns, troubleshoot technical issues, and improve the functionality and user experience of our platform.

Customer Support

To respond to your inquiries, resolve disputes, and provide technical assistance.

5. Cookies & Tracking Technologies

We use cookies, beacons, tags, and scripts to analyze trends, administer the website, tracking users’ movements around the website, and to gather demographic information about our user base as a whole.

  • Essential Cookies: Necessary for the website to function (e.g., secure login, session management).
  • Performance Cookies: Allow us to count visits and traffic sources to measure and improve performance.
  • Functional Cookies: Enable the website to provide enhanced functionality and personalization.
  • Targeting Cookies: May be set by our advertising partners to build a profile of your interests.

You can control the use of cookies at the individual browser level. If you reject cookies, you may still use our website, but your ability to use some features or areas of our website may be limited.

6. Data Sharing and Disclosure

We do not sell your personal data. We may share your information with:

  • Affiliates and Subsidiaries: Within the DigiTop corporate group for operational purposes.
  • Service Providers: Third-party vendors who perform services on our behalf, such as cloud hosting (AWS/Azure), identity verification (eKYC providers), and customer support tools.
  • Financial Institutions: Banks, card networks (Visa, Mastercard, etc.), and payment method providers necessary to process your transactions.
  • Legal Authorities: Government agencies, law enforcement, or regulators if required by law, court order, or subpoena, or to protect our rights and safety.
  • Business Transfers: In connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business by another company.

7. International Data Transfers

DigiTop operates globally. Your personal data will be primarily stored within the territory of the People's Republic of China. However, for business necessity, your data may be transferred to, stored, and processed in other countries or regions.

When we transfer data across borders, we ensure strict compliance with the Cyberspace Administration of China (CAC) regulations and other applicable laws, including:

  • Security Assessment: Passing the security assessment organized by the CAC where required.
  • Standard Contract: Signing the Standard Contract for Cross-Border Transfer of Personal Information with overseas recipients.
  • Protection Certification: Obtaining personal information protection certification from professional institutions.

8. Data Security

We employ rigorous organizational, technical, and administrative measures to protect your personal data, including:

  • Encryption: Data is encrypted in transit (TLS 1.2+) and at rest (AES-256).
  • Access Controls: Strict role-based access control (RBAC) and Multi-Factor Authentication (MFA) for internal systems.
  • PCI DSS Compliance: We are a PCI DSS Level 1 certified service provider.
  • Regular Audits: Frequent security assessments, penetration testing, and vulnerability scans.

Despite these measures, no transmission over the internet or electronic storage method is completely secure. We cannot guarantee absolute security.

9. Data Retention

We retain your personal data only as long as necessary to fulfill the purposes for which it was collected, including for the purposes of satisfying any legal, accounting, or reporting requirements.

Typically, financial transaction data is retained for a minimum of 5 to 7 years after the termination of our business relationship, as required by anti-money laundering and tax laws. Once the retention period expires, your data is securely deleted or anonymized.

10. Your Privacy Rights

Under the Personal Information Protection Law (PIPL), you have the following rights regarding your personal data:

  • Right to Access: Request a copy of the personal data we hold about you.
  • Right to Rectification: Request correction of inaccurate or incomplete data.
  • Right to Erasure ("Right to be Forgotten"): Request deletion of your data, subject to legal retention obligations.
  • Right to Restrict Processing: Request us to suspend the processing of your data.
  • Right to Data Portability: Request transfer of your data to you or a third party in a structured, commonly used format.
  • Right to Object: Object to processing of your data for direct marketing or where we are relying on a legitimate interest.

To exercise these rights, please contact us at service@digitopglobal.com. We may require specific information to confirm your identity before processing your request.

11. Children's Privacy

Our Services are not intended for individuals under the age of 18. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without verification of parental consent, we will take steps to remove that information from our servers.

12. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of any material changes by posting the new Privacy Policy on this page and updating the "Last Updated" date. We encourage you to review this policy periodically.

13. Contact Us

If you have any questions, concerns, or complaints about this Privacy Policy or our data practices, please contact our Data Protection Officer (DPO):

DigiTop Privacy Team

Email: service@digitopglobal.com