Arbitr

Privacy Policy

Last updated: February 23, 2026

1. Introduction

Arbitr ("we," "us," or "our") operates the website arbitr.cc and provides cryptocurrency escrow services. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you use our service.

We are committed to protecting your privacy and complying with applicable data protection laws, including the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

2. Information We Collect

Information You Provide:

  • Deal information (title, description, amount, currency, network)
  • Wallet addresses (for receiving payments)
  • File metadata (filename, size, type) for escrow files
  • Payment transaction hashes

Automatically Collected Information:

  • IP address (stored for fraud prevention and consent logging)
  • Browser type and device information
  • Access timestamps

3. How We Use Your Information

We use your information to:

  • Provide our cryptocurrency escrow services
  • Process transactions and release files upon payment confirmation
  • Communicate with you about your deals
  • Prevent fraud and ensure security
  • Comply with legal obligations
  • Improve our services

4. Legal Basis for Processing (GDPR)

We process your data based on:

  • Contract Performance: To provide escrow services as requested
  • Legitimate Interest: For fraud prevention and security
  • Legal Obligation: To comply with financial regulations

5. Data Retention

We retain personal data only as long as necessary to provide our services and comply with legal obligations:

  • Active Deals: Data retained while deal is active
  • Completed Deals: Retained for 2 years for tax and legal purposes
  • Payment Records: Retained for 7 years per financial regulations
  • Consent Records: Retained for 3 years or until withdrawn

6. Your Rights

GDPR Rights (EEA/UK)

  • Access: Request a copy of your data
  • Rectification: Request correction of inaccurate data
  • Erasure: Request deletion of your data ("right to be forgotten")
  • Portability: Request data in a machine-readable format
  • Objection: Object to processing based on legitimate interest
  • Restriction: Request limitation of processing

CCPA Rights (California)

  • Know: Request to know what personal information we collect
  • Delete: Request deletion of your personal information
  • Opt-Out: Opt-out of the sale of your personal information
  • Non-Discrimination: Right to not be discriminated against for exercising rights

7. International Data Transfers

Your information may be transferred to and processed in countries outside your jurisdiction. We ensure appropriate safeguards are in place, including Standard Contractual Clauses and adequacy decisions where applicable.

8. Security

We implement appropriate technical and organizational measures to protect your data, including encryption, access controls, and secure storage. However, no method of transmission over the Internet is 100% secure.

9. Third-Party Services

We may share data with third parties for specific purposes:

  • Blockchain Networks: Transaction verification (on-chain data is public)
  • Cloud Storage: File hosting services
  • Legal/Financial Advisors: When required by law

10. Cookies & Tracking

We use cookies for essential functionality. For more details, see our Cookie Policy.

11. Children's Privacy

Our service is not intended for children under 13 (US) or 16 (EU). We do not knowingly collect data from children. If you believe we have, please contact us.

12. Changes to This Policy

We may update this policy periodically. We will notify you of material changes by posting the new policy on this page and updating the "Last updated" date.

13. Contact Us

To exercise your rights or ask questions about this policy: